Skip to content

Commit

Permalink
test: validate PersonalApiKey when used in tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@jennifer-richards
jennifer-richards committed Oct 25, 2024
1 parent a8acc17 commit ac17461
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 23 deletions.
44 changes: 22 additions & 22 deletions ietf/api/tests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
from ietf.meeting.models import Session
from ietf.nomcom.models import Volunteer
from ietf.nomcom.factories import NomComFactory, nomcom_kwargs_for_year
from ietf.person.factories import PersonFactory, random_faker, EmailFactory
from ietf.person.factories import PersonFactory, random_faker, EmailFactory, PersonalApiKeyFactory
from ietf.person.models import Email, User
from ietf.person.models import PersonalApiKey
from ietf.stats.models import MeetingRegistration
Expand Down Expand Up @@ -71,15 +71,15 @@ def test_deprecated_api_set_session_video_url(self):
meeting = MeetingFactory(type_id='ietf')
session = SessionFactory(group__type_id='wg', meeting=meeting)
group = session.group
apikey = PersonalApiKey.objects.create(endpoint=url, person=recman)
apikey = PersonalApiKeyFactory(endpoint=url, person=recman)
video = 'https://foo.example.com/bar/beer/'

# error cases
r = self.client.post(url, {})
self.assertContains(r, "Missing apikey parameter", status_code=400)

badrole = RoleFactory(group__type_id='ietf', name_id='ad')
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()
r = self.client.post(url, {'apikey': badapikey.hash()} )
Expand Down Expand Up @@ -151,15 +151,15 @@ def test_api_set_session_video_url(self):
recman = recmanrole.person
meeting = MeetingFactory(type_id="ietf")
session = SessionFactory(group__type_id="wg", meeting=meeting)
apikey = PersonalApiKey.objects.create(endpoint=url, person=recman)
apikey = PersonalApiKeyFactory(endpoint=url, person=recman)
video = "https://foo.example.com/bar/beer/"

# error cases
r = self.client.post(url, {})
self.assertContains(r, "Missing apikey parameter", status_code=400)

badrole = RoleFactory(group__type_id="ietf", name_id="ad")
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()
r = self.client.post(url, {"apikey": badapikey.hash()})
Expand Down Expand Up @@ -228,15 +228,15 @@ def test_api_set_meetecho_recording_name(self):
recman = recmanrole.person
meeting = MeetingFactory(type_id="ietf")
session = SessionFactory(group__type_id="wg", meeting=meeting)
apikey = PersonalApiKey.objects.create(endpoint=url, person=recman)
apikey = PersonalApiKeyFactory(endpoint=url, person=recman)
name = "testname"

# error cases
r = self.client.post(url, {})
self.assertContains(r, "Missing apikey parameter", status_code=400)

badrole = RoleFactory(group__type_id="ietf", name_id="ad")
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()
r = self.client.post(url, {"apikey": badapikey.hash()})
Expand Down Expand Up @@ -295,10 +295,10 @@ def test_api_add_session_attendees_deprecated(self):
recman = recmanrole.person
meeting = MeetingFactory(type_id='ietf')
session = SessionFactory(group__type_id='wg', meeting=meeting)
apikey = PersonalApiKey.objects.create(endpoint=url, person=recman)
apikey = PersonalApiKeyFactory(endpoint=url, person=recman)

badrole = RoleFactory(group__type_id='ietf', name_id='ad')
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()

Expand Down Expand Up @@ -361,10 +361,10 @@ def test_api_add_session_attendees(self):
recman = recmanrole.person
meeting = MeetingFactory(type_id="ietf")
session = SessionFactory(group__type_id="wg", meeting=meeting)
apikey = PersonalApiKey.objects.create(endpoint=url, person=recman)
apikey = PersonalApiKeyFactory(endpoint=url, person=recman)

badrole = RoleFactory(group__type_id="ietf", name_id="ad")
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()

Expand Down Expand Up @@ -517,8 +517,8 @@ def test_api_upload_polls_and_chatlog(self):
),
):
url = urlreverse(f"ietf.meeting.views.api_upload_{type_id}")
apikey = PersonalApiKey.objects.create(endpoint=url, person=recmanrole.person)
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
apikey = PersonalApiKeyFactory(endpoint=url, person=recmanrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)

r = self.client.post(url, {})
self.assertContains(r, "Missing apikey parameter", status_code=400)
Expand Down Expand Up @@ -562,7 +562,7 @@ def test_deprecated_api_upload_bluesheet(self):
meeting = MeetingFactory(type_id='ietf')
session = SessionFactory(group__type_id='wg', meeting=meeting)
group = session.group
apikey = PersonalApiKey.objects.create(endpoint=url, person=recman)
apikey = PersonalApiKeyFactory(endpoint=url, person=recman)

people = [
{"name": "Andrea Andreotti", "affiliation": "Azienda"},
Expand All @@ -579,7 +579,7 @@ def test_deprecated_api_upload_bluesheet(self):
self.assertContains(r, "Missing apikey parameter", status_code=400)

badrole = RoleFactory(group__type_id='ietf', name_id='ad')
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()
r = self.client.post(url, {'apikey': badapikey.hash()})
Expand Down Expand Up @@ -654,7 +654,7 @@ def test_api_upload_bluesheet(self):
meeting = MeetingFactory(type_id="ietf")
session = SessionFactory(group__type_id="wg", meeting=meeting)
group = session.group
apikey = PersonalApiKey.objects.create(endpoint=url, person=recman)
apikey = PersonalApiKeyFactory(endpoint=url, person=recman)

people = [
{"name": "Andrea Andreotti", "affiliation": "Azienda"},
Expand All @@ -671,7 +671,7 @@ def test_api_upload_bluesheet(self):
self.assertContains(r, "Missing apikey parameter", status_code=400)

badrole = RoleFactory(group__type_id="ietf", name_id="ad")
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()
r = self.client.post(url, {"apikey": badapikey.hash()})
Expand Down Expand Up @@ -781,14 +781,14 @@ def test_api_v2_person_export_view(self):
url = urlreverse('ietf.api.views.ApiV2PersonExportView')
robot = PersonFactory(user__is_staff=True)
RoleFactory(name_id='robot', person=robot, email=robot.email(), group__acronym='secretariat')
apikey = PersonalApiKey.objects.create(endpoint=url, person=robot)
apikey = PersonalApiKeyFactory(endpoint=url, person=robot)

# error cases
r = self.client.post(url, {})
self.assertContains(r, "Missing apikey parameter", status_code=400)

badrole = RoleFactory(group__type_id='ietf', name_id='ad')
badapikey = PersonalApiKey.objects.create(endpoint=url, person=badrole.person)
badapikey = PersonalApiKeyFactory(endpoint=url, person=badrole.person)
badrole.person.user.last_login = timezone.now()
badrole.person.user.save()
r = self.client.post(url, {'apikey': badapikey.hash()})
Expand Down Expand Up @@ -827,7 +827,7 @@ def test_api_new_meeting_registration(self):
oidcp = PersonFactory(user__is_staff=True)
# Make sure 'oidcp' has an acceptable role
RoleFactory(name_id='robot', person=oidcp, email=oidcp.email(), group__acronym='secretariat')
key = PersonalApiKey.objects.create(person=oidcp, endpoint=url)
key = PersonalApiKeyFactory(person=oidcp, endpoint=url)
reg['apikey'] = key.hash()
#
# Test valid POST
Expand Down Expand Up @@ -911,7 +911,7 @@ def test_api_new_meeting_registration_nomcom_volunteer(self):
oidcp = PersonFactory(user__is_staff=True)
# Make sure 'oidcp' has an acceptable role
RoleFactory(name_id='robot', person=oidcp, email=oidcp.email(), group__acronym='secretariat')
key = PersonalApiKey.objects.create(person=oidcp, endpoint=url)
key = PersonalApiKeyFactory(person=oidcp, endpoint=url)
reg['apikey'] = key.hash()

# first test is_nomcom_volunteer False
Expand Down Expand Up @@ -947,7 +947,7 @@ def test_api_version(self):
def test_api_appauth(self):
url = urlreverse('ietf.api.views.app_auth')
person = PersonFactory()
apikey = PersonalApiKey.objects.create(endpoint=url, person=person)
apikey = PersonalApiKeyFactory(endpoint=url, person=person)

self.client.login(username=person.user.username,password=f'{person.user.username}+password')
self.client.logout()
Expand Down
10 changes: 9 additions & 1 deletion ietf/person/factories.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,9 +159,17 @@ class Meta:
class PersonalApiKeyFactory(factory.django.DjangoModelFactory):
person = factory.SubFactory(PersonFactory)
endpoint = FuzzyChoice(PERSON_API_KEY_ENDPOINTS)

class Meta:
model = PersonalApiKey
skip_postgeneration_save = True

@factory.post_generation
def do_full_clean(obj, create, extracted, **kwargs):
do_clean = True if extracted is None else extracted
if do_clean:
obj.full_clean()


class PersonApiKeyEventFactory(factory.django.DjangoModelFactory):
key = factory.SubFactory(PersonalApiKeyFactory)
Expand Down

0 comments on commit ac17461

Please sign in to comment.