salt/tests/integration/netapi/rest_cherrypy/test_app.py

# coding: utf-8

# Import python libs
from __future__ import absolute_import
import json

# Import salt libs
import salt.utils

# Import test support libs
import tests.support.cherrypy_testclasses as cptc

# Import 3rd-party libs
from salt.ext.six.moves.urllib.parse import urlencode  # pylint: disable=no-name-in-module,import-error


class TestAuth(cptc.BaseRestCherryPyTest):
    def test_get_root_noauth(self):
        '''
        GET requests to the root URL should not require auth
        '''
        request, response = self.request('/')
        self.assertEqual(response.status, '200 OK')

    def test_post_root_auth(self):
        '''
        POST requests to the root URL redirect to login
        '''
        request, response = self.request('/', method='POST', data={})
        self.assertEqual(response.status, '401 Unauthorized')

    def test_login_noauth(self):
        '''
        GET requests to the login URL should not require auth
        '''
        request, response = self.request('/login')
        self.assertEqual(response.status, '200 OK')

    def test_webhook_auth(self):
        '''
        Requests to the webhook URL require auth by default
        '''
        request, response = self.request('/hook', method='POST', data={})
        self.assertEqual(response.status, '401 Unauthorized')


class TestLogin(cptc.BaseRestCherryPyTest):
    auth_creds = (
            ('username', 'saltdev'),
            ('password', 'saltdev'),
            ('eauth', 'auto'))

    def test_good_login(self):
        '''
        Test logging in
        '''
        body = urlencode(self.auth_creds)
        request, response = self.request('/login', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '200 OK')
        return response

    def test_bad_login(self):
        '''
        Test logging in
        '''
        body = urlencode({'totally': 'invalid_creds'})
        request, response = self.request('/login', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '401 Unauthorized')

    def test_logout(self):
        ret = self.test_good_login()
        token = ret.headers['X-Auth-Token']

        body = urlencode({})
        request, response = self.request('/logout', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded',
                'X-Auth-Token': token,
        })
        self.assertEqual(response.status, '200 OK')


class TestRun(cptc.BaseRestCherryPyTest):
    auth_creds = (
        ('username', 'saltdev_auto'),
        ('password', 'saltdev'),
        ('eauth', 'auto'))

    low = (
        ('client', 'local'),
        ('tgt', '*'),
        ('fun', 'test.ping'),
    )

    def test_run_good_login(self):
        '''
        Test the run URL with good auth credentials
        '''
        cmd = dict(self.low, **dict(self.auth_creds))
        body = urlencode(cmd)

        request, response = self.request('/run', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '200 OK')

    def test_run_bad_login(self):
        '''
        Test the run URL with bad auth credentials
        '''
        cmd = dict(self.low, **{'totally': 'invalid_creds'})
        body = urlencode(cmd)

        request, response = self.request('/run', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '401 Unauthorized')


class TestWebhookDisableAuth(cptc.BaseRestCherryPyTest):

    def __get_opts__(self):
        return {
            'rest_cherrypy': {
                'port': 8000,
                'debug': True,
                'webhook_disable_auth': True,
            },
        }

    def test_webhook_noauth(self):
        '''
        Auth can be disabled for requests to the webhook URL
        '''
        body = urlencode({'foo': 'Foo!'})
        request, response = self.request('/hook', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '200 OK')


class TestArgKwarg(cptc.BaseRestCherryPyTest):
    auth_creds = (
        ('username', 'saltdev'),
        ('password', 'saltdev'),
        ('eauth', 'auto'))

    low = (
        ('client', 'runner'),
        ('fun', 'test.arg'),
        # use singular form for arg and kwarg
        ('arg', [1234]),
        ('kwarg', {'ext_source': 'redis'}),
    )

    def _token(self):
        '''
        Return the token
        '''
        body = urlencode(self.auth_creds)
        request, response = self.request(
            '/login',
            method='POST',
            body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
            }
        )
        return response.headers['X-Auth-Token']

    def test_accepts_arg_kwarg_keys(self):
        '''
        Ensure that (singular) arg and kwarg keys (for passing parameters)
        are supported by runners.
        '''
        cmd = dict(self.low)
        body = json.dumps(cmd)

        request, response = self.request(
            '/',
            method='POST',
            body=body,
            headers={
                'content-type': 'application/json',
                'X-Auth-Token': self._token(),
                'Accept': 'application/json',
            }
        )
        resp = json.loads(salt.utils.to_str(response.body[0]))
        self.assertEqual(resp['return'][0]['args'], [1234])
        self.assertEqual(resp['return'][0]['kwargs'],
                         {'ext_source': 'redis'})


class TestJobs(cptc.BaseRestCherryPyTest):
    auth_creds = (
        ('username', 'saltdev_auto'),
        ('password', 'saltdev'),
        ('eauth', 'auto'))

    low = (
        ('client', 'local'),
        ('tgt', '*'),
        ('fun', 'test.ping'),
    )

    def _token(self):
        '''
        Return the token
        '''
        body = urlencode(self.auth_creds)
        request, response = self.request(
            '/login',
            method='POST',
            body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
            }
        )
        return response.headers['X-Auth-Token']

    def _add_job(self):
        '''
        Helper function to add a job to the job cache
        '''
        cmd = dict(self.low, **dict(self.auth_creds))
        body = urlencode(cmd)

        request, response = self.request('/run', method='POST', body=body,
            headers={
                'content-type': 'application/x-www-form-urlencoded'
        })
        self.assertEqual(response.status, '200 OK')

    def test_all_jobs(self):
        '''
        test query to /jobs returns job data
        '''
        self._add_job()

        request, response = self.request('/jobs', method='GET',
            headers={
                'Accept': 'application/json',
                'X-Auth-Token': self._token(),
        })

        resp = json.loads(salt.utils.to_str(response.body[0]))
        self.assertIn('test.ping', str(resp['return']))
        self.assertEqual(response.status, '200 OK')
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`# coding: utf-8`
Don't add tests in `__init__` 2014-08-24 17:13:45 +00:00
Add `from __future__ import absolute_import` 2014-11-21 19:05:13 +00:00			`# Import python libs`
			`from __future__ import absolute_import`
Replace args and kwargs (plural) by arg and kwarg (singular) for ``RunnerClient`` (#32938) * Replace args and kwargs (plural) by arg and kwarg (singular) * Add test and deprecation warning * Add deprecation warning 2016-05-05 14:31:08 +00:00			`import json`
Add `from __future__ import absolute_import` 2014-11-21 19:05:13 +00:00
PY3 compatibility fixes to netapi tests 2017-03-22 21:09:56 +00:00			`# Import salt libs`
			`import salt.utils`

Moved some test supporting modules to tests/support Previously they were in tests/utils which also had test case modules. 2017-02-24 18:06:53 +00:00			`# Import test support libs`
			`import tests.support.cherrypy_testclasses as cptc`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00
Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00			`# Import 3rd-party libs`
Moved some test supporting modules to tests/support Previously they were in tests/utils which also had test case modules. 2017-02-24 18:06:53 +00:00			`from salt.ext.six.moves.urllib.parse import urlencode # pylint: disable=no-name-in-module,import-error`


			`class TestAuth(cptc.BaseRestCherryPyTest):`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`def test_get_root_noauth(self):`
			`'''`
			`GET requests to the root URL should not require auth`
			`'''`
			`request, response = self.request('/')`
			`self.assertEqual(response.status, '200 OK')`

			`def test_post_root_auth(self):`
			`'''`
			`POST requests to the root URL redirect to login`
			`'''`
Raise a 401 reponse instead of redirecting to the login page Also fixed bad tests that should have caught this. Fixes saltstack/salt-api#155. 2014-06-27 08:07:45 +00:00			`request, response = self.request('/', method='POST', data={})`
			`self.assertEqual(response.status, '401 Unauthorized')`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00
			`def test_login_noauth(self):`
			`'''`
			`GET requests to the login URL should not require auth`
			`'''`
			`request, response = self.request('/login')`
			`self.assertEqual(response.status, '200 OK')`

Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00			`def test_webhook_auth(self):`
			`'''`
			`Requests to the webhook URL require auth by default`
			`'''`
Raise a 401 reponse instead of redirecting to the login page Also fixed bad tests that should have caught this. Fixes saltstack/salt-api#155. 2014-06-27 08:07:45 +00:00			`request, response = self.request('/hook', method='POST', data={})`
			`self.assertEqual(response.status, '401 Unauthorized')`
Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00
Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00
Moved some test supporting modules to tests/support Previously they were in tests/utils which also had test case modules. 2017-02-24 18:06:53 +00:00			`class TestLogin(cptc.BaseRestCherryPyTest):`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`auth_creds = (`
			`('username', 'saltdev'),`
			`('password', 'saltdev'),`
			`('eauth', 'auto'))`

			`def test_good_login(self):`
			`'''`
			`Test logging in`
			`'''`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode(self.auth_creds)`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`request, response = self.request('/login', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
			`self.assertEqual(response.status, '200 OK')`
Add integration test for logging out of the rest_cherrypy app 2014-08-15 12:30:48 +00:00			`return response`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00
			`def test_bad_login(self):`
			`'''`
			`Test logging in`
			`'''`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode({'totally': 'invalid_creds'})`
First stab at integration tests for the rest_cherrypy netapi module 2013-07-18 20:42:21 +00:00			`request, response = self.request('/login', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
			`self.assertEqual(response.status, '401 Unauthorized')`
Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00
Add integration test for logging out of the rest_cherrypy app 2014-08-15 12:30:48 +00:00			`def test_logout(self):`
			`ret = self.test_good_login()`
			`token = ret.headers['X-Auth-Token']`

Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode({})`
Add integration test for logging out of the rest_cherrypy app 2014-08-15 12:30:48 +00:00			`request, response = self.request('/logout', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded',`
			`'X-Auth-Token': token,`
			`})`
			`self.assertEqual(response.status, '200 OK')`

Don't fail on missing CherryPy 2014-06-19 12:00:38 +00:00
Moved some test supporting modules to tests/support Previously they were in tests/utils which also had test case modules. 2017-02-24 18:06:53 +00:00			`class TestRun(cptc.BaseRestCherryPyTest):`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`auth_creds = (`
Remove mocks from rest_cherrypy integration tests These mocks predated the inclusion of salt-api into Salt core. They are now no longer needed and counter-productive. 2015-09-08 21:33:41 +00:00			`('username', 'saltdev_auto'),`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`('password', 'saltdev'),`
			`('eauth', 'auto'))`

			`low = (`
			`('client', 'local'),`
			`('tgt', '*'),`
			`('fun', 'test.ping'),`
			`)`

			`def test_run_good_login(self):`
			`'''`
			`Test the run URL with good auth credentials`
			`'''`
			`cmd = dict(self.low, **dict(self.auth_creds))`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode(cmd)`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00
Remove mocks from rest_cherrypy integration tests These mocks predated the inclusion of salt-api into Salt core. They are now no longer needed and counter-productive. 2015-09-08 21:33:41 +00:00			`request, response = self.request('/run', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`self.assertEqual(response.status, '200 OK')`

			`def test_run_bad_login(self):`
			`'''`
			`Test the run URL with bad auth credentials`
			`'''`
			`cmd = dict(self.low, **{'totally': 'invalid_creds'})`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode(cmd)`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00
Remove mocks from rest_cherrypy integration tests These mocks predated the inclusion of salt-api into Salt core. They are now no longer needed and counter-productive. 2015-09-08 21:33:41 +00:00			`request, response = self.request('/run', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
Added basic smoke-tests for the rest_cherrypy /run entrypoint 2014-07-14 23:11:08 +00:00			`self.assertEqual(response.status, '401 Unauthorized')`


Moved some test supporting modules to tests/support Previously they were in tests/utils which also had test case modules. 2017-02-24 18:06:53 +00:00			`class TestWebhookDisableAuth(cptc.BaseRestCherryPyTest):`
Fix cherrypy memory leakage * Clean its event/signal bus since our tests don't rely on those. * No test class level dictionaries 2017-04-18 10:16:09 +00:00
			`def __get_opts__(self):`
			`return {`
			`'rest_cherrypy': {`
			`'port': 8000,`
			`'debug': True,`
			`'webhook_disable_auth': True,`
			`},`
			`}`
Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00
			`def test_webhook_noauth(self):`
			`'''`
			`Auth can be disabled for requests to the webhook URL`
			`'''`
Use `urlencode` from six 2014-11-19 22:24:33 +00:00			`body = urlencode({'foo': 'Foo!'})`
Added integration tests for webhook auth enable/disable 2014-04-08 19:48:57 +00:00			`request, response = self.request('/hook', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
			`self.assertEqual(response.status, '200 OK')`
Replace args and kwargs (plural) by arg and kwarg (singular) for ``RunnerClient`` (#32938) * Replace args and kwargs (plural) by arg and kwarg (singular) * Add test and deprecation warning * Add deprecation warning 2016-05-05 14:31:08 +00:00

Moved some test supporting modules to tests/support Previously they were in tests/utils which also had test case modules. 2017-02-24 18:06:53 +00:00			`class TestArgKwarg(cptc.BaseRestCherryPyTest):`
Replace args and kwargs (plural) by arg and kwarg (singular) for ``RunnerClient`` (#32938) * Replace args and kwargs (plural) by arg and kwarg (singular) * Add test and deprecation warning * Add deprecation warning 2016-05-05 14:31:08 +00:00			`auth_creds = (`
			`('username', 'saltdev'),`
			`('password', 'saltdev'),`
			`('eauth', 'auto'))`

			`low = (`
			`('client', 'runner'),`
			`('fun', 'test.arg'),`
			`# use singular form for arg and kwarg`
			`('arg', [1234]),`
			`('kwarg', {'ext_source': 'redis'}),`
			`)`

			`def _token(self):`
			`'''`
			`Return the token`
			`'''`
			`body = urlencode(self.auth_creds)`
			`request, response = self.request(`
			`'/login',`
			`method='POST',`
			`body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`}`
			`)`
			`return response.headers['X-Auth-Token']`

			`def test_accepts_arg_kwarg_keys(self):`
			`'''`
			`Ensure that (singular) arg and kwarg keys (for passing parameters)`
			`are supported by runners.`
			`'''`
			`cmd = dict(self.low)`
			`body = json.dumps(cmd)`

			`request, response = self.request(`
			`'/',`
			`method='POST',`
			`body=body,`
			`headers={`
			`'content-type': 'application/json',`
			`'X-Auth-Token': self._token(),`
			`'Accept': 'application/json',`
			`}`
			`)`
PY3 compatibility fixes to netapi tests 2017-03-22 21:09:56 +00:00			`resp = json.loads(salt.utils.to_str(response.body[0]))`
Replace args and kwargs (plural) by arg and kwarg (singular) for ``RunnerClient`` (#32938) * Replace args and kwargs (plural) by arg and kwarg (singular) * Add test and deprecation warning * Add deprecation warning 2016-05-05 14:31:08 +00:00			`self.assertEqual(resp['return'][0]['args'], [1234])`
			`self.assertEqual(resp['return'][0]['kwargs'],`
			`{'ext_source': 'redis'})`
add test to query results of /jobs call in api 2017-05-05 18:42:36 +00:00

Use cptc.BaseRestCherryPyTest as test class 2017-05-11 15:09:40 +00:00			`class TestJobs(cptc.BaseRestCherryPyTest):`
add test to query results of /jobs call in api 2017-05-05 18:42:36 +00:00			`auth_creds = (`
			`('username', 'saltdev_auto'),`
			`('password', 'saltdev'),`
			`('eauth', 'auto'))`

			`low = (`
			`('client', 'local'),`
			`('tgt', '*'),`
			`('fun', 'test.ping'),`
			`)`

			`def _token(self):`
			`'''`
			`Return the token`
			`'''`
			`body = urlencode(self.auth_creds)`
			`request, response = self.request(`
			`'/login',`
			`method='POST',`
			`body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`}`
			`)`
			`return response.headers['X-Auth-Token']`

			`def _add_job(self):`
			`'''`
			`Helper function to add a job to the job cache`
			`'''`
			`cmd = dict(self.low, **dict(self.auth_creds))`
			`body = urlencode(cmd)`

			`request, response = self.request('/run', method='POST', body=body,`
			`headers={`
			`'content-type': 'application/x-www-form-urlencoded'`
			`})`
			`self.assertEqual(response.status, '200 OK')`

			`def test_all_jobs(self):`
			`'''`
			`test query to /jobs returns job data`
			`'''`
			`self._add_job()`

			`request, response = self.request('/jobs', method='GET',`
			`headers={`
			`'Accept': 'application/json',`
			`'X-Auth-Token': self._token(),`
			`})`

decode to string before trying to load JSON 2017-05-16 19:20:05 +00:00			`resp = json.loads(salt.utils.to_str(response.body[0]))`
add test to query results of /jobs call in api 2017-05-05 18:42:36 +00:00			`self.assertIn('test.ping', str(resp['return']))`
			`self.assertEqual(response.status, '200 OK')`