salt/tests/integration/netapi/rest_cherrypy/app_test.py

# coding: utf-8

# Import salttesting libs
from salttesting.unit import skipIf
from salttesting.helpers import ensure_in_syspath
ensure_in_syspath('../../../')

from tests.utils import BaseRestCherryPyTest

# Import 3rd-party libs
# pylint: disable=import-error,unused-import
from salt.ext.six.moves.urllib.parse import urlencode  # pylint: disable=no-name-in-module
try:
    import cherrypy
    HAS_CHERRYPY = True
except ImportError:
    HAS_CHERRYPY = False
# pylint: enable=import-error,unused-import


@skipIf(HAS_CHERRYPY is False, 'CherryPy not installed')
class TestAuth(BaseRestCherryPyTest):
    def test_get_root_noauth(self):
        '''
        GET requests to the root URL should not require auth
        '''
        request, response = self.request('/')
        self.assertEqual(response.status, '200 OK')

    def test_post_root_auth(self):
        '''
        POST requests to the root URL redirect to login
        '''
        request, response = self.request('/', method='POST', data={})
        self.assertEqual(response.status, '401 Unauthorized')

    def test_login_noauth(self):
        '''
        GET requests to the login URL should not require auth
        '''
        request, response = self.request('/login')
        self.assertEqual(response.status, '200 OK')

    def test_webhook_auth(self):
        '''
        Requests to the webhook URL require auth by default
        '''
        request, response = self.request('/hook', method='POST', data={})
        self.assertEqual(response.status, '401 Unauthorized')


class TestLogin(BaseRestCherryPyTest):
    auth_creds = (
            ('username', 'saltdev'),
            ('password', 'saltdev'),
            ('eauth', 'auto'))

    def test_good_login(self):
        '''
        Test logging in
        '''
        body = urlencode(self.auth_creds)
        request, response = self.request('/login', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '200 OK')
        return response

    def test_bad_login(self):
        '''
        Test logging in
        '''
        body = urlencode({'totally': 'invalid_creds'})
        request, response = self.request('/login', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '401 Unauthorized')

    def test_logout(self):
        ret = self.test_good_login()
        token = ret.headers['X-Auth-Token']

        body = urlencode({})
        request, response = self.request('/logout', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded',
                'X-Auth-Token': token,
        })
        self.assertEqual(response.status, '200 OK')


class TestRun(BaseRestCherryPyTest):
    auth_creds = (
        ('username', 'saltdev_auto'),
        ('password', 'saltdev'),
        ('eauth', 'auto'))

    low = (
        ('client', 'local'),
        ('tgt', '*'),
        ('fun', 'test.ping'),
    )

    def test_run_good_login(self):
        '''
        Test the run URL with good auth credentials
        '''
        cmd = dict(self.low, **dict(self.auth_creds))
        body = urlencode(cmd)

        request, response = self.request('/run', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '200 OK')

    def test_run_bad_login(self):
        '''
        Test the run URL with bad auth credentials
        '''
        cmd = dict(self.low, **{'totally': 'invalid_creds'})
        body = urlencode(cmd)

        request, response = self.request('/run', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '401 Unauthorized')


class TestWebhookDisableAuth(BaseRestCherryPyTest):
    __opts__ = {
        'rest_cherrypy': {
            'port': 8000,
            'debug': True,
            'webhook_disable_auth': True,
        },
    }

    def test_webhook_noauth(self):
        '''
        Auth can be disabled for requests to the webhook URL
        '''
        body = urlencode({'foo': 'Foo!'})
        request, response = self.request('/hook', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '200 OK')
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`# coding: utf-8`
Don't add tests in `__init__` 2014-08-24 17:13:45 +00:00
			`# Import salttesting libs`
			`from salttesting.unit import skipIf`
			`from salttesting.helpers import ensure_in_syspath`
			`ensure_in_syspath('../../../')`

First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`from tests.utils import BaseRestCherryPyTest`

Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00			`# Import 3rd-party libs`
Make PyLint ignore unused imports 2014-11-20 01:38:06 +00:00			`# pylint: disable=import-error,unused-import`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`from salt.ext.six.moves.urllib.parse import urlencode # pylint: disable=no-name-in-module`
Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00			`try:`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`import cherrypy`
Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00			`HAS_CHERRYPY = True`
			`except ImportError:`
			`HAS_CHERRYPY = False`
Make PyLint ignore unused imports 2014-11-20 01:38:06 +00:00			`# pylint: enable=import-error,unused-import`
Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00

Don't add tests in `__init__` 2014-08-24 17:13:45 +00:00			`@skipIf(HAS_CHERRYPY is False, 'CherryPy not installed')`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`class TestAuth(BaseRestCherryPyTest):`
			`def test_get_root_noauth(self):`
			`'''`
			`GET requests to the root URL should not require auth`
			`'''`
			`request, response = self.request('/')`
			`self.assertEqual(response.status, '200 OK')`

			`def test_post_root_auth(self):`
			`'''`
			`POST requests to the root URL redirect to login`
			`'''`
Raise a 401 reponse instead of redirecting to the login page Also fixed bad tests that should have caught this. Fixes saltstack/salt-api#155. 2014-06-27 08:07:45 +00:00			`request, response = self.request('/', method='POST', data={})`
			`self.assertEqual(response.status, '401 Unauthorized')`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00
			`def test_login_noauth(self):`
			`'''`
			`GET requests to the login URL should not require auth`
			`'''`
			`request, response = self.request('/login')`
			`self.assertEqual(response.status, '200 OK')`

Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00			`def test_webhook_auth(self):`
			`'''`
			`Requests to the webhook URL require auth by default`
			`'''`
Raise a 401 reponse instead of redirecting to the login page Also fixed bad tests that should have caught this. Fixes saltstack/salt-api#155. 2014-06-27 08:07:45 +00:00			`request, response = self.request('/hook', method='POST', data={})`
			`self.assertEqual(response.status, '401 Unauthorized')`
Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00
Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`class TestLogin(BaseRestCherryPyTest):`
			`auth_creds = (`
			`('username', 'saltdev'),`
			`('password', 'saltdev'),`
			`('eauth', 'auto'))`

			`def test_good_login(self):`
			`'''`
			`Test logging in`
			`'''`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode(self.auth_creds)`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`request, response = self.request('/login', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
			`self.assertEqual(response.status, '200 OK')`
Add integration test for logging out of the rest_cherrypy app 2014-08-15 12:30:48 +00:00			`return response`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00
			`def test_bad_login(self):`
			`'''`
			`Test logging in`
			`'''`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode({'totally': 'invalid_creds'})`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`request, response = self.request('/login', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
			`self.assertEqual(response.status, '401 Unauthorized')`
Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00
Add integration test for logging out of the rest_cherrypy app 2014-08-15 12:30:48 +00:00			`def test_logout(self):`
			`ret = self.test_good_login()`
			`token = ret.headers['X-Auth-Token']`

Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode({})`
Add integration test for logging out of the rest_cherrypy app 2014-08-15 12:30:48 +00:00			`request, response = self.request('/logout', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded',`
			`'X-Auth-Token': token,`
			`})`
			`self.assertEqual(response.status, '200 OK')`

Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`class TestRun(BaseRestCherryPyTest):`
			`auth_creds = (`
Remove mocks from rest_cherrypy integration tests These mocks predated the inclusion of salt-api into Salt core. They are now no longer needed and counter-productive. 2015-09-08 21:33:41 +00:00			`('username', 'saltdev_auto'),`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`('password', 'saltdev'),`
			`('eauth', 'auto'))`

			`low = (`
			`('client', 'local'),`
			`('tgt', '*'),`
			`('fun', 'test.ping'),`
			`)`

			`def test_run_good_login(self):`
			`'''`
			`Test the run URL with good auth credentials`
			`'''`
			`cmd = dict(self.low, **dict(self.auth_creds))`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode(cmd)`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00
Remove mocks from rest_cherrypy integration tests These mocks predated the inclusion of salt-api into Salt core. They are now no longer needed and counter-productive. 2015-09-08 21:33:41 +00:00			`request, response = self.request('/run', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`self.assertEqual(response.status, '200 OK')`

			`def test_run_bad_login(self):`
			`'''`
			`Test the run URL with bad auth credentials`
			`'''`
			`cmd = dict(self.low, **{'totally': 'invalid_creds'})`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode(cmd)`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00
Remove mocks from rest_cherrypy integration tests These mocks predated the inclusion of salt-api into Salt core. They are now no longer needed and counter-productive. 2015-09-08 21:33:41 +00:00			`request, response = self.request('/run', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`self.assertEqual(response.status, '401 Unauthorized')`


Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00			`class TestWebhookDisableAuth(BaseRestCherryPyTest):`
			`__opts__ = {`
			`'rest_cherrypy': {`
			`'port': 8000,`
			`'debug': True,`
			`'webhook_disable_auth': True,`
			`},`
			`}`

			`def test_webhook_noauth(self):`
			`'''`
			`Auth can be disabled for requests to the webhook URL`
			`'''`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode({'foo': 'Foo!'})`
Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00			`request, response = self.request('/hook', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
			`self.assertEqual(response.status, '200 OK')`