Merge pull request #91 from Protospace/kb-fun
First handful of API tests
This commit is contained in:
		
							
								
								
									
										63
									
								
								apiserver/apiserver/api/test_api.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										63
									
								
								apiserver/apiserver/api/test_api.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,63 @@ | |||||||
|  | from django.urls import reverse | ||||||
|  | from rest_framework import status | ||||||
|  | from rest_framework.test import APITestCase | ||||||
|  | from apiserver.api.models import Member, User | ||||||
|  | import json | ||||||
|  | from parameterized import parameterized | ||||||
|  |  | ||||||
|  | data = { | ||||||
|  |                 "username": "registrationtc",  | ||||||
|  |                 "email": "unittest@email.com", | ||||||
|  |                 "password1": "unittest", | ||||||
|  |                 "password2": "unittest", | ||||||
|  |                 "first_name": "John", | ||||||
|  |                 "last_name": "Doe", | ||||||
|  |  | ||||||
|  |                 # need to fake this for updating progress | ||||||
|  |                 "request_id": "lol" | ||||||
|  |         } | ||||||
|  |  | ||||||
|  |  | ||||||
|  | class RegistrationTests(APITestCase): | ||||||
|  |     def setUp(self): | ||||||
|  |         self.url = reverse('rest_name_register') | ||||||
|  |         # TODO: expose data to be used for E2E testing from a webclient | ||||||
|  |         self.data = data | ||||||
|  |         # TODO: match with config | ||||||
|  |         self.allowed_ip = '24.66.110.96' | ||||||
|  |  | ||||||
|  |     def test_success(self): | ||||||
|  |         """Ensure we can create a new account object.""" | ||||||
|  |         response = self.client.post( | ||||||
|  |                 self.url,  | ||||||
|  |                 self.data,  | ||||||
|  |                 format='json',  | ||||||
|  |                 HTTP_X_REAL_IP=self.allowed_ip | ||||||
|  |         ) | ||||||
|  |         self.assertEqual(response.status_code, status.HTTP_201_CREATED) | ||||||
|  |         user = User.objects.get(username=self.data['username']) | ||||||
|  |         assert user is not None | ||||||
|  |         assert Member.objects.get(user=user) is not None | ||||||
|  |  | ||||||
|  |     def test_allowed_ip_wrong(self): | ||||||
|  |         """Ensure creation only allowed when HTTP_X_REAL_IP header matched IP in whitelist""" | ||||||
|  |         response = self.client.post( | ||||||
|  |                 self.url,  | ||||||
|  |                 self.data,  | ||||||
|  |                 format='json',  | ||||||
|  |                 HTTP_X_REAL_IP="0.0.0.0" | ||||||
|  |         ) | ||||||
|  |         self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) | ||||||
|  |  | ||||||
|  |     @parameterized.expand([(f"{key} is missing", key, status.HTTP_400_BAD_REQUEST) for key in data.keys() if key is not 'request_id']) | ||||||
|  |     def test_malformed_data(self, name, inp, expected): | ||||||
|  |         """Delete specific properties from data and confirm it is not accepted by API""" | ||||||
|  |         copy = self.data.copy() | ||||||
|  |         del copy[inp] | ||||||
|  |         response = self.client.post( | ||||||
|  |                 self.url,  | ||||||
|  |                 copy,  | ||||||
|  |                 format='json',  | ||||||
|  |                 HTTP_X_REAL_IP=self.allowed_ip | ||||||
|  |         ) | ||||||
|  |         self.assertEqual(response.status_code, expected) | ||||||
| @@ -26,7 +26,10 @@ class LoggingThrottle(throttling.BaseThrottle): | |||||||
|             return True |             return True | ||||||
|  |  | ||||||
|         if request.data: |         if request.data: | ||||||
|             data = request.data.dict() |             if type(request.data) is not dict: | ||||||
|  |                 data = request.data.dict() | ||||||
|  |             else: | ||||||
|  |                 data = request.data | ||||||
|             for key in ['password', 'password1', 'password2', 'old_password', 'new_password1', 'new_password2']: |             for key in ['password', 'password1', 'password2', 'old_password', 'new_password1', 'new_password2']: | ||||||
|                 if key in data: |                 if key in data: | ||||||
|                     data[key] = '[CENSORED]' |                     data[key] = '[CENSORED]' | ||||||
|   | |||||||
| @@ -294,6 +294,7 @@ clean = Cleaner(tags=ALLOWED_TAGS).clean | |||||||
|  |  | ||||||
|  |  | ||||||
| def is_request_from_protospace(request): | def is_request_from_protospace(request): | ||||||
|  |     # TODO: pull to config | ||||||
|     whitelist = ['24.66.110.96', '205.233.15.76', '205.233.15.69'] |     whitelist = ['24.66.110.96', '205.233.15.76', '205.233.15.69'] | ||||||
|  |  | ||||||
|     if settings.DEBUG: |     if settings.DEBUG: | ||||||
| @@ -346,6 +347,8 @@ def register_user(data, user): | |||||||
|     data['first_name'] = data['first_name'].title().strip() |     data['first_name'] = data['first_name'].title().strip() | ||||||
|     data['last_name'] = data['last_name'].title().strip() |     data['last_name'] = data['last_name'].title().strip() | ||||||
|  |  | ||||||
|  |     # Sometimes during demos, a user makes a fake account then then has to be cleaned out | ||||||
|  |     # Notify me that this has happened so I can go clean out the database | ||||||
|     if 'test' in data['username']: |     if 'test' in data['username']: | ||||||
|         msg = 'Someone created a test account: {} {} {} {}'.format( |         msg = 'Someone created a test account: {} {} {} {}'.format( | ||||||
|             data['username'], |             data['username'], | ||||||
|   | |||||||
| @@ -31,6 +31,7 @@ MarkupSafe==1.1.1 | |||||||
| matplotlib-inline==0.1.3 | matplotlib-inline==0.1.3 | ||||||
| oauthlib==3.1.0 | oauthlib==3.1.0 | ||||||
| packaging==20.0 | packaging==20.0 | ||||||
|  | parameterized==0.8.1 | ||||||
| parso==0.8.3 | parso==0.8.3 | ||||||
| pexpect==4.8.0 | pexpect==4.8.0 | ||||||
| pickleshare==0.7.5 | pickleshare==0.7.5 | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user