6b40f95033
Co-authored-by: Eve832 <eve.meelan@grafana.com>
Co-authored-by: Francisco Montes de Oca <nevermind89x@gmail.com>
Co-authored-by: Ildar Iskhakov <ildar.iskhakov@grafana.com>
Co-authored-by: Innokentii Konstantinov <innokenty.konstantinov@grafana.com>
Co-authored-by: Julia <ferril.darkdiver@gmail.com>
Co-authored-by: maskin25 <kengurek@gmail.com>
Co-authored-by: Matias Bordese <mbordese@gmail.com>
Co-authored-by: Matvey Kukuy <motakuk@gmail.com>
Co-authored-by: Michael Derynck <michael.derynck@grafana.com>
Co-authored-by: Richard Hartmann <richih@richih.org>
Co-authored-by: Robby Milo <robbymilo@fastmail.com>
Co-authored-by: Timur Olzhabayev <timur.olzhabayev@grafana.com>
Co-authored-by: Vadim Stepanov <vadimkerr@gmail.com>
Co-authored-by: Yulia Shanyrova <yulia.shanyrova@grafana.com>
230 lines
6.4 KiB
Python
230 lines
6.4 KiB
Python
import pytest
|
|
from django.urls import reverse
|
|
from rest_framework import status
|
|
from rest_framework.test import APIClient
|
|
|
|
from apps.auth_token.models import UserScheduleExportAuthToken
|
|
from common.constants.role import Role
|
|
|
|
ICAL_URL = "https://calendar.google.com/calendar/ical/amixr.io_37gttuakhrtr75ano72p69rt78%40group.calendar.google.com/private-1d00a680ba5be7426c3eb3ef1616e26d/basic.ics" # noqa
|
|
|
|
|
|
@pytest.mark.django_db
|
|
@pytest.mark.parametrize(
|
|
"role,expected_status",
|
|
[
|
|
(Role.ADMIN, status.HTTP_200_OK),
|
|
(Role.EDITOR, status.HTTP_200_OK),
|
|
(Role.VIEWER, status.HTTP_403_FORBIDDEN),
|
|
],
|
|
)
|
|
def test_get_user_schedule_export_token(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
role,
|
|
expected_status,
|
|
):
|
|
|
|
organization, user, token = make_organization_and_user_with_plugin_token(role=role)
|
|
|
|
UserScheduleExportAuthToken.create_auth_token(
|
|
user=user,
|
|
organization=organization,
|
|
)
|
|
|
|
client = APIClient()
|
|
|
|
url = reverse("api-internal:user-export-token", kwargs={"pk": user.public_primary_key})
|
|
|
|
response = client.get(url, format="json", **make_user_auth_headers(user, token))
|
|
|
|
assert response.status_code == expected_status
|
|
|
|
|
|
@pytest.mark.django_db
|
|
@pytest.mark.parametrize(
|
|
"role,expected_status",
|
|
[
|
|
(Role.ADMIN, status.HTTP_404_NOT_FOUND),
|
|
(Role.EDITOR, status.HTTP_404_NOT_FOUND),
|
|
(Role.VIEWER, status.HTTP_403_FORBIDDEN),
|
|
],
|
|
)
|
|
def test_user_schedule_export_token_not_found(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
role,
|
|
expected_status,
|
|
):
|
|
|
|
_, user, token = make_organization_and_user_with_plugin_token(role=role)
|
|
|
|
url = reverse("api-internal:user-export-token", kwargs={"pk": user.public_primary_key})
|
|
|
|
client = APIClient()
|
|
|
|
response = client.get(url, format="json", **make_user_auth_headers(user, token))
|
|
|
|
assert response.status_code == expected_status
|
|
|
|
|
|
@pytest.mark.django_db
|
|
@pytest.mark.parametrize(
|
|
"role,expected_status",
|
|
[
|
|
(Role.ADMIN, status.HTTP_201_CREATED),
|
|
(Role.EDITOR, status.HTTP_201_CREATED),
|
|
(Role.VIEWER, status.HTTP_403_FORBIDDEN),
|
|
],
|
|
)
|
|
def test_user_schedule_create_export_token(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
role,
|
|
expected_status,
|
|
):
|
|
|
|
_, user, token = make_organization_and_user_with_plugin_token(role=role)
|
|
|
|
url = reverse("api-internal:user-export-token", kwargs={"pk": user.public_primary_key})
|
|
|
|
client = APIClient()
|
|
|
|
response = client.post(url, format="json", **make_user_auth_headers(user, token))
|
|
|
|
assert expected_status == response.status_code
|
|
|
|
|
|
@pytest.mark.django_db
|
|
@pytest.mark.parametrize(
|
|
"role,expected_status",
|
|
[
|
|
(Role.ADMIN, status.HTTP_409_CONFLICT),
|
|
(Role.EDITOR, status.HTTP_409_CONFLICT),
|
|
(Role.VIEWER, status.HTTP_403_FORBIDDEN),
|
|
],
|
|
)
|
|
def test_user_schedule_create_multiple_export_tokens_fails(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
role,
|
|
expected_status,
|
|
):
|
|
|
|
organization, user, token = make_organization_and_user_with_plugin_token(role=role)
|
|
|
|
UserScheduleExportAuthToken.create_auth_token(
|
|
user=user,
|
|
organization=organization,
|
|
)
|
|
|
|
url = reverse("api-internal:user-export-token", kwargs={"pk": user.public_primary_key})
|
|
|
|
client = APIClient()
|
|
|
|
response = client.post(url, format="json", **make_user_auth_headers(user, token))
|
|
|
|
assert expected_status == response.status_code
|
|
|
|
|
|
@pytest.mark.django_db
|
|
@pytest.mark.parametrize(
|
|
"role,expected_status",
|
|
[
|
|
(Role.ADMIN, status.HTTP_204_NO_CONTENT),
|
|
(Role.EDITOR, status.HTTP_204_NO_CONTENT),
|
|
(Role.VIEWER, status.HTTP_403_FORBIDDEN),
|
|
],
|
|
)
|
|
def test_user_schedule_delete_export_token(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
role,
|
|
expected_status,
|
|
):
|
|
|
|
organization, user, token = make_organization_and_user_with_plugin_token(role=role)
|
|
|
|
instance, _ = UserScheduleExportAuthToken.create_auth_token(
|
|
user=user,
|
|
organization=organization,
|
|
)
|
|
|
|
url = reverse("api-internal:user-export-token", kwargs={"pk": user.public_primary_key})
|
|
|
|
client = APIClient()
|
|
|
|
response = client.delete(url, format="json", **make_user_auth_headers(user, token))
|
|
|
|
assert expected_status == response.status_code
|
|
|
|
if response.status_code != 403:
|
|
check_token = UserScheduleExportAuthToken.objects.filter(id=instance.id)
|
|
|
|
assert len(check_token) == 0
|
|
|
|
|
|
@pytest.mark.django_db
|
|
@pytest.mark.parametrize(
|
|
"role,expected_status",
|
|
[
|
|
(Role.ADMIN, status.HTTP_404_NOT_FOUND),
|
|
(Role.EDITOR, status.HTTP_404_NOT_FOUND),
|
|
(Role.VIEWER, status.HTTP_403_FORBIDDEN),
|
|
],
|
|
)
|
|
def test_user_cannot_get_another_users_schedule_token(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
role,
|
|
expected_status,
|
|
):
|
|
|
|
organization1, user1, _ = make_organization_and_user_with_plugin_token(role=role)
|
|
_, user2, token2 = make_organization_and_user_with_plugin_token(role=role)
|
|
|
|
UserScheduleExportAuthToken.create_auth_token(
|
|
user=user1,
|
|
organization=organization1,
|
|
)
|
|
|
|
url = reverse("api-internal:user-export-token", kwargs={"pk": user1.public_primary_key})
|
|
|
|
client = APIClient()
|
|
|
|
response = client.get(url, format="json", **make_user_auth_headers(user2, token2))
|
|
|
|
assert response.status_code == expected_status
|
|
|
|
|
|
@pytest.mark.django_db
|
|
@pytest.mark.parametrize(
|
|
"role,expected_status",
|
|
[
|
|
(Role.ADMIN, status.HTTP_404_NOT_FOUND),
|
|
(Role.EDITOR, status.HTTP_404_NOT_FOUND),
|
|
(Role.VIEWER, status.HTTP_403_FORBIDDEN),
|
|
],
|
|
)
|
|
def test_user_cannot_delete_another_users_schedule_token(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
role,
|
|
expected_status,
|
|
):
|
|
|
|
organization1, user1, _ = make_organization_and_user_with_plugin_token(role=role)
|
|
_, user2, token2 = make_organization_and_user_with_plugin_token(role=role)
|
|
|
|
UserScheduleExportAuthToken.create_auth_token(
|
|
user=user1,
|
|
organization=organization1,
|
|
)
|
|
|
|
url = reverse("api-internal:user-export-token", kwargs={"pk": user1.public_primary_key})
|
|
|
|
client = APIClient()
|
|
|
|
response = client.delete(url, format="json", **make_user_auth_headers(user2, token2))
|
|
|
|
assert response.status_code == expected_status
|