sachet/sachet-server
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
ee6c7d4fa5
sachet-server/tests/test_userinfo.py

95 lines
2.5 KiB
Python
Raw Normal View History

tests/test_userinfo.py: Split off authentication tests
2023-03-10 18:38:41 -05:00
import pytest
/users/<id>: added PATCH endpoint
2023-03-28 21:48:09 -04:00
from bitmask import Bitmask
from sachet.server.models import Permissions
tests/test_userinfo.py: Split off authentication tests
2023-03-10 18:38:41 -05:00
/users/<id>: added PATCH endpoint
2023-03-28 21:48:09 -04:00
def test_get(client, tokens, validate_info):
tests/test_userinfo.py: Split off authentication tests
2023-03-10 18:38:41 -05:00
"""Test accessing the user information endpoint as a normal user."""
# access user info endpoint
resp = client.get(
"/users/jeff",
headers={
"Authorization": f"bearer {tokens['jeff']}"
}
)
assert resp.status_code == 200
validate_info("jeff", resp.get_json())
# access other user's info endpoint
resp = client.get(
"/users/administrator",
headers={
"Authorization": f"bearer {tokens['jeff']}"
}
)
assert resp.status_code == 403
def test_userinfo_admin(client, tokens, validate_info):
"""Test accessing other user's information as an admin."""
# first test that admin can access its own info
resp = client.get(
"/users/administrator",
headers={
"Authorization": f"bearer {tokens['administrator']}"
}
)
assert resp.status_code == 200
validate_info("administrator", resp.get_json())
# now test accessing other user's info
resp = client.get(
"/users/jeff",
headers={
"Authorization": f"bearer {tokens['administrator']}"
}
)
assert resp.status_code == 200
validate_info("jeff", resp.get_json())
/users/<id>: added PATCH endpoint
2023-03-28 21:48:09 -04:00
def test_patch(client, users, tokens, validate_info):
"""Test modifying user information as an administrator."""
# try with regular user to make sure it doesn't work
resp = client.patch(
"/users/jeff",
json = { "permissions": ["ADMIN"] },
headers={
"Authorization": f"bearer {tokens['jeff']}"
}
)
assert resp.status_code == 403
# test malformed patch
resp = client.patch(
"/users/jeff",
json = "hurr durr",
headers={
"Authorization": f"bearer {tokens['administrator']}"
}
)
assert resp.status_code == 400
resp = client.patch(
"/users/jeff",
json = { "permissions": ["ADMIN"] },
headers={
"Authorization": f"bearer {tokens['administrator']}"
}
)
assert resp.status_code == 200
# modify the expected values
users["jeff"]["permissions"] = Bitmask(Permissions.ADMIN)
# request new info
resp = client.get(
"/users/jeff",
headers={
"Authorization": f"bearer {tokens['jeff']}"
}
)
assert resp.status_code == 200
validate_info("jeff", resp.get_json())
Reference in New Issue Copy Permalink