From 9daaa36f38c9d40905748be8ccc5f405d052262c Mon Sep 17 00:00:00 2001 From: nigelb Date: Tue, 17 Jun 2014 15:45:00 +0530 Subject: [PATCH] Test the action and auth functions thoroughly --- ckan/new_tests/logic/action/test_update.py | 24 +++++++++-- ckan/new_tests/logic/auth/test_update.py | 46 +++++++++++++++++++++- 2 files changed, 65 insertions(+), 5 deletions(-) diff --git a/ckan/new_tests/logic/action/test_update.py b/ckan/new_tests/logic/action/test_update.py index 280e34650ab..250ac7bbffb 100644 --- a/ckan/new_tests/logic/action/test_update.py +++ b/ckan/new_tests/logic/action/test_update.py @@ -80,19 +80,35 @@ def test_user_update_name(self): ## END-BEFORE def test_user_generate_apikey(self): - '''Test that updating a user's name works successfully.''' - user = factories.User() - # Required because you can only cycle your own API key context = {'user': user['name']} result = helpers.call_action('user_generate_apikey', context=context, - id=user['name']) + id=user['id']) updated_user = helpers.call_action('user_show', context=context, id=user['id']) assert updated_user['apikey'] != user['apikey'] assert result['apikey'] == updated_user['apikey'] + def test_user_generate_apikey_sysadmin_user(self): + user = factories.User() + sysadmin = factories.Sysadmin() + context = {'user': sysadmin['name'], 'ignore_auth': False} + result = helpers.call_action('user_generate_apikey', context=context, + id=user['id']) + updated_user = helpers.call_action('user_show', context=context, + id=user['id']) + + assert updated_user['apikey'] != user['apikey'] + assert result['apikey'] == updated_user['apikey'] + + def test_user_generate_apikey_nonexistent_user(self): + user = {'id': 'nonexistent', 'name': 'nonexistent', 'email': + 'does@notexist.com'} + context = {'user': user['name']} + nose.tools.assert_raises(logic.NotFound, helpers.call_action, + 'user_generate_apikey', context=context, id=user['id']) + def test_user_update_with_id_that_does_not_exist(self): user_dict = factories.User.attributes() user_dict['id'] = "there's no user with this id" diff --git a/ckan/new_tests/logic/auth/test_update.py b/ckan/new_tests/logic/auth/test_update.py index 0afa028be39..678c8fbbe08 100644 --- a/ckan/new_tests/logic/auth/test_update.py +++ b/ckan/new_tests/logic/auth/test_update.py @@ -131,4 +131,48 @@ def test_user_update_with_no_user_in_context(self): nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth, 'user_update', context=context, **params) - # TODO: Tests for user_update's reset_key behavior. + def test_user_generate_own_apikey(self): + fred = factories.MockUser(name='fred') + mock_model = mock.MagicMock() + mock_model.User.get.return_value = fred + # auth_user_obj shows user as logged in for non-anonymous auth + # functions + context = {'model': mock_model, 'auth_user_obj': fred} + context['user'] = fred.name + params = { + 'id': fred.id, + } + + result = helpers.call_auth('user_generate_apikey', context=context, + **params) + assert result is True + + def test_user_generate_apikey_without_logged_in_user(self): + fred = factories.MockUser(name='fred') + mock_model = mock.MagicMock() + mock_model.User.get.return_value = fred + context = {'model': mock_model} + context['user'] = None + params = { + 'id': fred.id, + } + + nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth, + 'user_generate_apikey', context=context, **params) + + def test_user_generate_apikey_for_another_user(self): + fred = factories.MockUser(name='fred') + bob = factories.MockUser(name='bob') + mock_model = mock.MagicMock() + mock_model.User.get.return_value = fred + # auth_user_obj shows user as logged in for non-anonymous auth + # functions + context = {'model': mock_model, 'auth_user_obj': bob} + context['user'] = bob.name + params = { + 'id': fred.id, + } + + nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth, + 'user_generate_apikey', context=context, **params) +