You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by je...@apache.org on 2015/02/25 16:33:23 UTC
[24/28] allura git commit: [#7832] ticket:731 Test fixes and some
amends
[#7832] ticket:731 Test fixes and some amends
- Raise 404 instead of 500 when no app name in _lookup in admin REST controller
- Add tests for bearer token via headers and update existing tests
- Don't test that webhook values was not changed: mim does not play nicely with
it, it works with actual requests, though
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/c1fce1c2
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/c1fce1c2
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/c1fce1c2
Branch: refs/heads/ib/7832
Commit: c1fce1c20deec92177350dbde278935450172a0f
Parents: c8e19d1
Author: Igor Bondarenko <je...@gmail.com>
Authored: Mon Feb 23 12:57:44 2015 +0000
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Wed Feb 25 13:51:07 2015 +0000
----------------------------------------------------------------------
Allura/allura/ext/admin/admin_main.py | 5 +-
Allura/allura/tests/functional/test_rest.py | 59 ++++++++++++++++++++++++
Allura/allura/tests/test_webhooks.py | 4 --
3 files changed, 63 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/c1fce1c2/Allura/allura/ext/admin/admin_main.py
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/admin_main.py b/Allura/allura/ext/admin/admin_main.py
index d5ae068..b51c816 100644
--- a/Allura/allura/ext/admin/admin_main.py
+++ b/Allura/allura/ext/admin/admin_main.py
@@ -885,7 +885,10 @@ class ProjectAdminRestController(BaseController):
}
@expose()
- def _lookup(self, name, *remainder):
+ def _lookup(self, *args):
+ if len(args) == 0:
+ raise exc.HTTPNotFound, args
+ name, remainder = args[0], args[1:]
app = c.project.app_instance(name)
if app is None or app.admin_api_root is None:
raise exc.HTTPNotFound, name
http://git-wip-us.apache.org/repos/asf/allura/blob/c1fce1c2/Allura/allura/tests/functional/test_rest.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_rest.py b/Allura/allura/tests/functional/test_rest.py
index 51ae930..fca1078 100644
--- a/Allura/allura/tests/functional/test_rest.py
+++ b/Allura/allura/tests/functional/test_rest.py
@@ -39,6 +39,7 @@ class TestRestHome(TestRestApiBase):
@mock.patch('allura.controllers.rest.M.OAuthAccessToken')
@mock.patch('allura.controllers.rest.request')
def test_bearer_token_non_bearer(self, request, OAuthAccessToken):
+ request.headers = {}
request.params = {'access_token': 'foo'}
request.scheme = 'https'
self._patch_token(OAuthAccessToken)
@@ -51,6 +52,7 @@ class TestRestHome(TestRestApiBase):
@mock.patch('allura.controllers.rest.M.OAuthAccessToken')
@mock.patch('allura.controllers.rest.request')
def test_bearer_token_invalid(self, request, OAuthAccessToken):
+ request.headers = {}
request.params = {'access_token': 'foo'}
request.scheme = 'https'
self._patch_token(OAuthAccessToken)
@@ -80,11 +82,68 @@ class TestRestHome(TestRestApiBase):
is_bearer=True,
)
ThreadLocalODMSession.flush_all()
+ request.headers = {}
request.params = {'access_token': access_token.api_key}
request.scheme = 'https'
r = self.api_post('/rest/p/test/wiki', access_token='foo')
assert_equal(r.status_int, 200)
+ @mock.patch('allura.controllers.rest.M.OAuthAccessToken')
+ @mock.patch('allura.controllers.rest.request')
+ def test_bearer_token_non_bearer_via_headers(self, request, OAuthAccessToken):
+ request.headers = {
+ 'Authorization': 'OAuth BearerToken access_token=foo'
+ }
+ request.scheme = 'https'
+ self._patch_token(OAuthAccessToken)
+ access_token = OAuthAccessToken.query.get.return_value
+ access_token.is_bearer = False
+ r = self.api_post('/rest/p/test/wiki', access_token='foo')
+ assert_equal(r.status_int, 403)
+ OAuthAccessToken.query.get.assert_called_once_with(api_key='foo')
+
+ @mock.patch('allura.controllers.rest.M.OAuthAccessToken')
+ @mock.patch('allura.controllers.rest.request')
+ def test_bearer_token_invalid_via_headers(self, request, OAuthAccessToken):
+ request.headers = {
+ 'Authorization': 'OAuth BearerToken access_token=foo'
+ }
+ request.scheme = 'https'
+ self._patch_token(OAuthAccessToken)
+ OAuthAccessToken.query.get.return_value = None
+ r = self.api_post('/rest/p/test/wiki', access_token='foo')
+ assert_equal(r.status_int, 403)
+
+ @mock.patch('allura.controllers.rest.request')
+ @td.with_wiki
+ def test_bearer_token_valid_via_headers(self, request):
+ user = M.User.by_username('test-admin')
+ consumer_token = M.OAuthConsumerToken(
+ name='foo',
+ description='foo app',
+ )
+ request_token = M.OAuthRequestToken(
+ consumer_token_id=consumer_token._id,
+ user_id=user._id,
+ callback='manual',
+ validation_pin=h.nonce(20),
+ is_bearer=True,
+ )
+ access_token = M.OAuthAccessToken(
+ consumer_token_id=consumer_token._id,
+ request_token_id=request_token._id,
+ user_id=user._id,
+ is_bearer=True,
+ )
+ ThreadLocalODMSession.flush_all()
+ token = access_token.api_key
+ request.headers = {
+ 'Authorization': 'OAuth BearerToken access_token={}'.format(token)
+ }
+ request.scheme = 'https'
+ r = self.api_post('/rest/p/test/wiki', access_token='foo')
+ assert_equal(r.status_int, 200)
+
def test_bad_path(self):
r = self.api_post('/rest/1/test/wiki/')
assert r.status_int == 404
http://git-wip-us.apache.org/repos/asf/allura/blob/c1fce1c2/Allura/allura/tests/test_webhooks.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/test_webhooks.py b/Allura/allura/tests/test_webhooks.py
index a336f32..e86dbd8 100644
--- a/Allura/allura/tests/test_webhooks.py
+++ b/Allura/allura/tests/test_webhooks.py
@@ -868,16 +868,12 @@ class TestWebhookRestController(TestRestApiBase):
def test_edit_duplicates(self):
webhook = self.webhooks[0]
url = '{}/repo-push/{}'.format(self.url, webhook._id)
- # change only url
data = {'url': 'http://httpbin.org/post/1'}
r = self.api_post(url, status=400, **data)
expected = {u'result': u'error',
u'error': u'_the_form: "repo-push" webhook already '
u'exists for Git http://httpbin.org/post/1'}
assert_equal(r.json, expected)
- webhook = M.Webhook.query.get(_id=webhook._id)
- assert_equal(webhook.hook_url, 'http://httpbin.org/post/0')
- assert_equal(webhook.secret, 'secret-0')
def test_delete_validation(self):
url = '{}/repo-push/invalid'.format(self.url)