~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/webapp/base/test.py

ivle.webapp.testing: Add, with fake request and user.
ivle.webapp.base.test: Add! Test the JSONRESTView, using the new mocks.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
import urllib
2
 
 
3
 
from nose.tools import assert_equal
4
 
 
5
 
from ivle.webapp.base.rest import (JSONRESTView, read_operation,
6
 
                                   require_permission, write_operation)
7
 
from ivle.webapp.errors import BadRequest, MethodNotAllowed, Unauthorized
 
1
from ivle.webapp.base.views import RESTView, JSONRESTView
 
2
from ivle.webapp.errors import BadRequest
8
3
from ivle.webapp.testing import FakeUser, FakeRequest
9
4
 
10
 
class JSONRESTViewTestWithoutPUT(JSONRESTView):
11
 
    '''A small JSON REST view for testing purposes, without a PUT method.'''
12
 
    def get_permissions(self, user, config):
13
 
        if user.login == u'fakeuser':
14
 
            return set(['view', 'edit'])
15
 
        if user.login == u'otheruser':
16
 
            return set(['view'])
17
 
        return set()
18
 
 
19
 
    @require_permission('view')
 
5
class JSONRESTViewTest(JSONRESTView):
 
6
    '''A small JSON REST view for testing purposes.'''
20
7
    def GET(self, req):
21
8
        return {'method': 'get'}
22
9
 
23
 
    @require_permission('edit')
 
10
    def PUT(self, req, data):
 
11
        return {'method': 'put',
 
12
                'result': data['result'], 'test': data['test']}
 
13
 
24
14
    def PATCH(self, req, data):
25
15
        return {'method': 'patch',
26
16
                'result': data['result'], 'test': data['test']}
27
17
 
28
 
    @write_operation('view')
29
 
    def do_stuff(self, req, what):
30
 
        return {'result': 'Did %s!' % what}
31
 
 
32
 
    @read_operation('edit')
33
 
    def say_something(self, req, thing='nothing'):
34
 
        return {'result': 'Said %s!' % thing}
35
 
 
36
 
    @write_operation('edit')
37
 
    def do_say_something(self, req, what, thing='nothing'):
38
 
        return {'result': 'Said %s and %s!' % (what, thing)}
39
 
 
40
 
    @read_operation('view')
41
 
    def get_req_method(self, req):
42
 
        return {'method': req.method}
43
 
 
44
 
class JSONRESTViewTest(JSONRESTViewTestWithoutPUT):
45
 
    '''A small JSON REST view for testing purposes.'''
46
 
    @require_permission('edit')
47
 
    def PUT(self, req, data):
48
 
        return {'method': 'put',
49
 
                'result': data['result'], 'test': data['test']}
50
 
 
51
18
class TestJSONRESTView:
52
19
    def testGET(self):
53
20
        req = FakeRequest()
54
 
        view = JSONRESTViewTest(req, None)
 
21
        view = JSONRESTViewTest(req)
55
22
        view.render(req)
56
23
        assert req.content_type == 'application/json'
57
24
        assert req.response_body == '{"method": "get"}\n'
60
27
        req = FakeRequest()
61
28
        req.method = 'PUT'
62
29
        req.request_body = '{"test": "FAI\\uA746ED", "result": 1}'
63
 
        view = JSONRESTViewTest(req, None)
 
30
        view = JSONRESTViewTest(req)
64
31
        view.render(req)
65
32
        assert req.content_type == 'application/json'
66
33
        assert req.response_body == \
70
37
        req = FakeRequest()
71
38
        req.method = 'PATCH'
72
39
        req.request_body = '{"test": "FAI\\uA746ED", "result": 1}'
73
 
        view = JSONRESTViewTest(req, None)
 
40
        view = JSONRESTViewTest(req)
74
41
        view.render(req)
75
42
        assert req.content_type == 'application/json'
76
43
        assert req.response_body == \
81
48
        req.method = 'PUT'
82
49
        req.headers_in['X-IVLE-Patch-Semantics'] = 'yes'
83
50
        req.request_body = '{"test": "FAI\\uA746ED", "result": 1}'
84
 
        view = JSONRESTViewTest(req, None)
 
51
        view = JSONRESTViewTest(req)
85
52
        view.render(req)
86
53
        assert req.content_type == 'application/json'
87
54
        assert req.response_body == \
90
57
    def testInvalidMethod(self):
91
58
        req = FakeRequest()
92
59
        req.method = 'FAKEANDBOGUS'
93
 
        view = JSONRESTViewTest(req, None)
94
 
        try:
95
 
            view.render(req)
96
 
        except MethodNotAllowed, e:
97
 
            assert e.allowed == ['GET', 'PUT', 'PATCH', 'POST']
98
 
        else:
99
 
            raise AssertionError("did not raise MethodNotAllowed")
100
 
 
101
 
    def testNoPUTMethod(self):
102
 
        req = FakeRequest()
103
 
        req.method = 'PUT'
104
 
        view = JSONRESTViewTestWithoutPUT(req, None)
105
 
        try:
106
 
            view.render(req)
107
 
        except MethodNotAllowed, e:
108
 
            assert e.allowed == ['GET', 'PATCH', 'POST']
109
 
        else:
110
 
            raise AssertionError("did not raise MethodNotAllowed")
 
60
        view = JSONRESTViewTest(req)
 
61
        try:
 
62
            view.render(req)
 
63
        except BadRequest:
 
64
            pass
 
65
        else:
 
66
            raise AssertionError("did not raise BadRequest")
111
67
 
112
68
    def testInvalidMethodWithPATCHEmulation(self):
113
69
        req = FakeRequest()
114
70
        req.method = 'FAKEANDBOGUS'
115
71
        req.headers_in['X-IVLE-Patch-Semantics'] = 'yes'
116
 
        view = JSONRESTViewTest(req, None)
117
 
        try:
118
 
            view.render(req)
119
 
        except MethodNotAllowed:
120
 
            pass
121
 
        else:
122
 
            raise AssertionError("did not raise MethodNotAllowed")
123
 
 
124
 
    def testNamedOperation(self):
125
 
        req = FakeRequest()
126
 
        req.method = 'POST'
127
 
        req.request_body = urllib.urlencode({'ivle.op': 'do_stuff',
128
 
                                             'what': 'blah'})
129
 
        view = JSONRESTViewTest(req, None)
130
 
        view.render(req)
131
 
        assert req.content_type == 'application/json'
132
 
        assert req.response_body == '{"result": "Did blah!"}\n'
133
 
 
134
 
    def testPOSTWithoutName(self):
135
 
        req = FakeRequest()
136
 
        req.method = 'POST'
137
 
        req.request_body = urllib.urlencode({'what': 'blah'})
138
 
        view = JSONRESTViewTest(req, None)
139
 
        try:
140
 
            view.render(req)
141
 
        except BadRequest, e:
142
 
            assert e.message == 'No named operation specified.'
143
 
        else:
144
 
            raise AssertionError("did not raise BadRequest")
145
 
 
146
 
    def testNonexistentNamedOperation(self):
147
 
        req = FakeRequest()
148
 
        req.method = 'POST'
149
 
        req.request_body = urllib.urlencode({'ivle.op': 'enoent'})
150
 
        view = JSONRESTViewTest(req, None)
151
 
        try:
152
 
            view.render(req)
153
 
        except BadRequest, e:
154
 
            assert e.message == 'Invalid named operation.'
155
 
        else:
156
 
            raise AssertionError("did not raise BadRequest")
157
 
 
158
 
    def testDisallowedNamedOperation(self):
159
 
        req = FakeRequest()
160
 
        req.method = 'POST'
161
 
        req.request_body = urllib.urlencode({'ivle.op': 'GET'})
162
 
        view = JSONRESTViewTest(req, None)
163
 
        try:
164
 
            view.render(req)
165
 
        except BadRequest, e:
166
 
            assert e.message == 'Invalid named operation.'
167
 
        else:
168
 
            raise AssertionError("did not raise BadRequest")
169
 
 
170
 
    def testNamedOperationWithMissingArgs(self):
171
 
        req = FakeRequest()
172
 
        req.method = 'POST'
173
 
        req.request_body = urllib.urlencode({'ivle.op': 'do_stuff',
174
 
                                             'nothing': 'wrong'})
175
 
        view = JSONRESTViewTest(req, None)
176
 
        try:
177
 
            view.render(req)
178
 
        except BadRequest, e:
179
 
            assert e.message == 'Missing arguments: what'
180
 
        else:
181
 
            raise AssertionError("did not raise BadRequest")
182
 
 
183
 
    def testNamedOperationWithExtraArgs(self):
184
 
        req = FakeRequest()
185
 
        req.method = 'POST'
186
 
        req.request_body = urllib.urlencode({'ivle.op': 'do_stuff',
187
 
                                             'what': 'blah',
188
 
                                             'toomany': 'args'})
189
 
        view = JSONRESTViewTest(req, None)
190
 
        try:
191
 
            view.render(req)
192
 
        except BadRequest, e:
193
 
            assert e.message == 'Extra arguments: toomany'
194
 
        else:
195
 
            raise AssertionError("did not raise BadRequest")
196
 
 
197
 
    def testNamedOperationWithDefaultArgs(self):
198
 
        req = FakeRequest()
199
 
        req.method = 'POST'
200
 
        req.request_body = urllib.urlencode({'ivle.op': 'say_something'})
201
 
        view = JSONRESTViewTest(req, None)
202
 
        view.render(req)
203
 
        assert req.content_type == 'application/json'
204
 
        assert req.response_body == '{"result": "Said nothing!"}\n'
205
 
 
206
 
    def testNamedOperationWithOverriddenDefaultArgs(self):
207
 
        req = FakeRequest()
208
 
        req.method = 'POST'
209
 
        req.request_body = urllib.urlencode({'ivle.op': 'say_something',
210
 
                                             'thing': 'something'})
211
 
        view = JSONRESTViewTest(req, None)
212
 
        view.render(req)
213
 
        assert req.content_type == 'application/json'
214
 
        assert req.response_body == '{"result": "Said something!"}\n'
215
 
 
216
 
    def testNamedOperationWithDefaultAndMissingArgs(self):
217
 
        req = FakeRequest()
218
 
        req.method = 'POST'
219
 
        req.request_body = urllib.urlencode({'ivle.op': 'do_say_something',
220
 
                                             'thing': 'something'})
221
 
        view = JSONRESTViewTest(req, None)
222
 
        try:
223
 
            view.render(req)
224
 
        except BadRequest, e:
225
 
            assert e.message == 'Missing arguments: what'
226
 
        else:
227
 
            raise AssertionError("did not raise BadRequest")
228
 
 
229
 
    def testNamedOperationUsingRequest(self):
230
 
        req = FakeRequest()
231
 
        req.method = 'POST'
232
 
        req.request_body = urllib.urlencode({'ivle.op': 'get_req_method'})
233
 
        view = JSONRESTViewTest(req, None)
234
 
        view.render(req)
235
 
        assert req.content_type == 'application/json'
236
 
        assert req.response_body == '{"method": "POST"}\n'
237
 
 
238
 
    def testGETNamedOperation(self):
239
 
        req = FakeRequest()
240
 
        req.method = 'GET'
241
 
        req.unparsed_uri = '/?' + urllib.urlencode(
242
 
            {'ivle.op': 'say_something'})
243
 
        view = JSONRESTViewTest(req, None)
244
 
        view.render(req)
245
 
        assert req.content_type == 'application/json'
246
 
        assert req.response_body == '{"result": "Said nothing!"}\n'
247
 
 
248
 
    def testGETNamedOperationDoesNotFindWriteOperation(self):
249
 
        req = FakeRequest()
250
 
        req.method = 'GET'
251
 
        req.unparsed_uri = '/?' + urllib.urlencode(
252
 
            {'ivle.op': 'do_stuff', 'what': 'something'})
253
 
        view = JSONRESTViewTest(req, None)
254
 
        try:
255
 
            view.render(req)
256
 
        except BadRequest, e:
257
 
            assert e.message == 'POST required for write operation.'
258
 
        else:
259
 
            raise AssertionError("did not raise BadRequest")
260
 
 
261
 
    def testInvalidPOSTData(self):
262
 
        req = FakeRequest()
263
 
        req.method = 'POST'
264
 
        req.request_body = 'I am invalid&&&&'
265
 
        view = JSONRESTViewTest(req, None)
266
 
        try:
267
 
            view.render(req)
268
 
        except BadRequest, e:
269
 
            print e.message
270
 
            assert e.message == 'No named operation specified.'
271
 
        else:
272
 
            raise AssertionError("did not raise BadRequest")
273
 
 
274
 
    def testInvalidPATCHData(self):
275
 
        req = FakeRequest()
276
 
        req.method = 'PATCH'
277
 
        req.request_body = 'I am invalid'
278
 
        view = JSONRESTViewTest(req, None)
279
 
        try:
280
 
            view.render(req)
281
 
        except BadRequest, e:
282
 
            assert e.message == 'Invalid JSON data'
283
 
        else:
284
 
            raise AssertionError("did not raise BadRequest")
285
 
 
286
 
    def testInvalidPUTData(self):
287
 
        req = FakeRequest()
288
 
        req.method = 'PUT'
289
 
        req.request_body = 'I am invalid'
290
 
        view = JSONRESTViewTest(req, None)
291
 
        try:
292
 
            view.render(req)
293
 
        except BadRequest, e:
294
 
            assert e.message == 'Invalid JSON data'
295
 
        else:
296
 
            raise AssertionError("did not raise BadRequest")
297
 
 
298
 
class TestJSONRESTSecurity:
299
 
    def testGoodMethod(self):
300
 
        req = FakeRequest()
301
 
        req.user.login = u'otheruser'
302
 
        req.method = 'GET'
303
 
        view = JSONRESTViewTest(req, None)
304
 
        view.render(req)
305
 
        assert req.content_type == 'application/json'
306
 
        assert req.response_body == '{"method": "get"}\n'
307
 
 
308
 
    def testBadMethod(self):
309
 
        req = FakeRequest()
310
 
        req.user.login = u'otheruser'
311
 
        req.method = 'PUT'
312
 
        view = JSONRESTViewTest(req, None)
313
 
        try:
314
 
            view.render(req)
315
 
        except Unauthorized, e:
316
 
            pass
317
 
        else:
318
 
            raise AssertionError("did not raise Unauthorized")
319
 
 
320
 
    def testGoodNamedOperation(self):
321
 
        req = FakeRequest()
322
 
        req.user.login = u'otheruser'
323
 
        req.method = 'POST'
324
 
        req.request_body = urllib.urlencode({'ivle.op': 'do_stuff',
325
 
                                             'what': 'blah'})
326
 
        view = JSONRESTViewTest(req, None)
327
 
        view.render(req)
328
 
        assert req.content_type == 'application/json'
329
 
        assert req.response_body == '{"result": "Did blah!"}\n'
330
 
 
331
 
    def testBadNamedOperation(self):
332
 
        req = FakeRequest()
333
 
        req.user.login = u'otheruser'
334
 
        req.method = 'POST'
335
 
        req.request_body = urllib.urlencode({'ivle.op': 'say_something'})
336
 
        view = JSONRESTViewTest(req, None)
337
 
        try:
338
 
            view.render(req)
339
 
        except Unauthorized, e:
340
 
            pass
341
 
        else:
342
 
            raise AssertionError("did not raise Unauthorized")
343
 
 
 
72
        view = JSONRESTViewTest(req)
 
73
        try:
 
74
            view.render(req)
 
75
        except BadRequest:
 
76
            pass
 
77
        else:
 
78
            raise AssertionError("did not raise BadRequest")