2015-07-08 17:59:07 +00:00
|
|
|
from flask import request
|
2014-03-02 13:41:38 +00:00
|
|
|
from mock import patch
|
2015-07-08 17:59:07 +00:00
|
|
|
import time
|
2014-03-02 13:41:38 +00:00
|
|
|
from tests import BaseTestCase
|
2014-09-21 07:11:03 +00:00
|
|
|
from redash import models
|
|
|
|
|
from redash.google_oauth import create_and_login_user
|
2015-07-08 17:59:07 +00:00
|
|
|
from redash.authentication import api_key_load_user_from_request, hmac_load_user_from_request, sign
|
2015-03-10 15:51:17 +00:00
|
|
|
from tests.factories import user_factory, query_factory
|
|
|
|
|
from redash.wsgi import app
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestApiKeyAuthentication(BaseTestCase):
|
|
|
|
|
#
|
|
|
|
|
# This is a bad way to write these tests, but the way Flask works doesn't make it easy to write them properly...
|
|
|
|
|
#
|
|
|
|
|
def setUp(self):
|
|
|
|
|
super(TestApiKeyAuthentication, self).setUp()
|
|
|
|
|
self.api_key = 10
|
|
|
|
|
self.query = query_factory.create(api_key=self.api_key)
|
|
|
|
|
|
|
|
|
|
def test_no_api_key(self):
|
|
|
|
|
with app.test_client() as c:
|
2015-03-10 16:21:51 +00:00
|
|
|
rv = c.get('/api/queries/{0}'.format(self.query.id))
|
2015-07-08 17:59:07 +00:00
|
|
|
self.assertIsNone(api_key_load_user_from_request(request))
|
2015-03-10 15:51:17 +00:00
|
|
|
|
|
|
|
|
def test_wrong_api_key(self):
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get('/api/queries/{0}'.format(self.query.id), query_string={'api_key': 'whatever'})
|
2015-07-08 17:59:07 +00:00
|
|
|
self.assertIsNone(api_key_load_user_from_request(request))
|
2015-03-10 15:51:17 +00:00
|
|
|
|
|
|
|
|
def test_correct_api_key(self):
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get('/api/queries/{0}'.format(self.query.id), query_string={'api_key': self.api_key})
|
2015-07-08 17:59:07 +00:00
|
|
|
self.assertIsNotNone(api_key_load_user_from_request(request))
|
2015-03-10 15:51:17 +00:00
|
|
|
|
|
|
|
|
def test_no_query_id(self):
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get('/api/queries', query_string={'api_key': self.api_key})
|
2015-07-08 17:59:07 +00:00
|
|
|
self.assertIsNone(api_key_load_user_from_request(request))
|
2014-03-02 13:41:38 +00:00
|
|
|
|
2015-07-08 17:59:07 +00:00
|
|
|
def test_user_api_key(self):
|
|
|
|
|
user = user_factory.create(api_key="user_key")
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get('/api/queries/', query_string={'api_key': user.api_key})
|
|
|
|
|
self.assertEqual(user.id, api_key_load_user_from_request(request).id)
|
|
|
|
|
|
|
|
|
|
class TestHMACAuthentication(BaseTestCase):
|
|
|
|
|
#
|
|
|
|
|
# This is a bad way to write these tests, but the way Flask works doesn't make it easy to write them properly...
|
|
|
|
|
#
|
|
|
|
|
def setUp(self):
|
|
|
|
|
super(TestHMACAuthentication, self).setUp()
|
|
|
|
|
self.api_key = 10
|
|
|
|
|
self.query = query_factory.create(api_key=self.api_key)
|
|
|
|
|
self.path = '/api/queries/{0}'.format(self.query.id)
|
|
|
|
|
self.expires = time.time() + 1800
|
|
|
|
|
|
|
|
|
|
def signature(self, expires):
|
|
|
|
|
return sign(self.query.api_key, self.path, expires)
|
|
|
|
|
|
|
|
|
|
def test_no_signature(self):
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get(self.path)
|
|
|
|
|
self.assertIsNone(hmac_load_user_from_request(request))
|
|
|
|
|
|
|
|
|
|
def test_wrong_signature(self):
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get(self.path, query_string={'signature': 'whatever', 'expires': self.expires})
|
|
|
|
|
self.assertIsNone(hmac_load_user_from_request(request))
|
|
|
|
|
|
|
|
|
|
def test_correct_signature(self):
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get('/api/queries/{0}'.format(self.query.id), query_string={'signature': self.signature(self.expires), 'expires': self.expires})
|
|
|
|
|
self.assertIsNotNone(hmac_load_user_from_request(request))
|
|
|
|
|
|
|
|
|
|
def test_no_query_id(self):
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
rv = c.get('/api/queries', query_string={'api_key': self.api_key})
|
|
|
|
|
self.assertIsNone(hmac_load_user_from_request(request))
|
|
|
|
|
|
|
|
|
|
def test_user_api_key(self):
|
|
|
|
|
user = user_factory.create(api_key="user_key")
|
|
|
|
|
path = '/api/queries/'
|
|
|
|
|
with app.test_client() as c:
|
|
|
|
|
signature = sign(user.api_key, path, self.expires)
|
|
|
|
|
rv = c.get(path, query_string={'signature': signature, 'expires': self.expires, 'user_id': user.id})
|
|
|
|
|
self.assertEqual(user.id, hmac_load_user_from_request(request).id)
|
2014-03-02 13:41:38 +00:00
|
|
|
|
|
|
|
|
class TestCreateAndLoginUser(BaseTestCase):
|
|
|
|
|
def test_logins_valid_user(self):
|
|
|
|
|
user = user_factory.create(email='test@example.com')
|
|
|
|
|
|
2014-09-21 07:11:03 +00:00
|
|
|
with patch('redash.google_oauth.login_user') as login_user_mock:
|
|
|
|
|
create_and_login_user(user.name, user.email)
|
2014-03-02 13:41:38 +00:00
|
|
|
login_user_mock.assert_called_once_with(user, remember=True)
|
|
|
|
|
|
|
|
|
|
def test_creates_vaild_new_user(self):
|
2014-09-21 07:11:03 +00:00
|
|
|
email = 'test@example.com'
|
|
|
|
|
name = 'Test User'
|
2014-03-02 13:41:38 +00:00
|
|
|
|
2014-09-21 07:11:03 +00:00
|
|
|
with patch('redash.google_oauth.login_user') as login_user_mock:
|
2014-03-03 09:53:49 +00:00
|
|
|
|
2014-09-21 07:11:03 +00:00
|
|
|
create_and_login_user(name, email)
|
2014-03-03 09:53:49 +00:00
|
|
|
|
|
|
|
|
self.assertTrue(login_user_mock.called)
|
2014-09-21 07:11:03 +00:00
|
|
|
user = models.User.get(models.User.email == email)
|
