mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git
synced 2024-11-23 20:41:27 +00:00
7935de0fe1
Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13
354 lines
11 KiB
Python
354 lines
11 KiB
Python
# pylint: disable=redefined-outer-name
|
|
# pylint: disable=unused-argument
|
|
import pytest
|
|
|
|
from tests.common import read_json
|
|
|
|
|
|
class ProcessMock:
|
|
"""Mock subprocess.Popen"""
|
|
|
|
def __init__(self, args, **kwargs):
|
|
self.args = args
|
|
self.kwargs = kwargs
|
|
|
|
def communicate(): # pylint: disable=no-method-argument
|
|
return (b"NEW_HASHED", None)
|
|
|
|
returncode = 0
|
|
|
|
|
|
@pytest.fixture
|
|
def mock_subprocess_popen(mocker):
|
|
mock = mocker.patch("subprocess.Popen", autospec=True, return_value=ProcessMock)
|
|
return mock
|
|
|
|
|
|
@pytest.fixture
|
|
def some_users(mocker, datadir):
|
|
mocker.patch("selfprivacy_api.utils.USERDATA_FILE", new=datadir / "some_users.json")
|
|
assert read_json(datadir / "some_users.json")["users"] == [
|
|
{
|
|
"username": "user1",
|
|
"hashedPassword": "HASHED_PASSWORD_1",
|
|
"sshKeys": ["ssh-rsa KEY user1@pc"],
|
|
},
|
|
{"username": "user2", "hashedPassword": "HASHED_PASSWORD_2", "sshKeys": []},
|
|
{"username": "user3", "hashedPassword": "HASHED_PASSWORD_3"},
|
|
]
|
|
return datadir
|
|
|
|
|
|
# TESTS ########################################################
|
|
|
|
|
|
API_CREATE_SSH_KEY_MUTATION = """
|
|
mutation addSshKey($sshInput: SshMutationInput!) {
|
|
addSshKey(sshInput: $sshInput) {
|
|
success
|
|
message
|
|
code
|
|
user {
|
|
username
|
|
sshKeys
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
|
|
def test_graphql_add_ssh_key_unauthorized(client, some_users, mock_subprocess_popen):
|
|
response = client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is None
|
|
|
|
|
|
def test_graphql_add_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["addSshKey"]["code"] == 201
|
|
assert response.json()["data"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["addSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["addSshKey"]["user"]["username"] == "user1"
|
|
assert response.json()["data"]["addSshKey"]["user"]["sshKeys"] == [
|
|
"ssh-rsa KEY user1@pc",
|
|
"ssh-rsa KEY test_key@pc",
|
|
]
|
|
|
|
|
|
def test_graphql_add_root_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "root",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["addSshKey"]["code"] == 201
|
|
assert response.json()["data"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["addSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["addSshKey"]["user"]["username"] == "root"
|
|
assert response.json()["data"]["addSshKey"]["user"]["sshKeys"] == [
|
|
"ssh-ed25519 KEY test@pc",
|
|
"ssh-rsa KEY test_key@pc",
|
|
]
|
|
|
|
|
|
def test_graphql_add_main_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "tester",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["addSshKey"]["code"] == 201
|
|
assert response.json()["data"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["addSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["addSshKey"]["user"]["username"] == "tester"
|
|
assert response.json()["data"]["addSshKey"]["user"]["sshKeys"] == [
|
|
"ssh-rsa KEY test@pc",
|
|
"ssh-rsa KEY test_key@pc",
|
|
]
|
|
|
|
|
|
def test_graphql_add_bad_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "trust me, this is the ssh key",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["addSshKey"]["code"] == 400
|
|
assert response.json()["data"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["addSshKey"]["success"] is False
|
|
|
|
|
|
def test_graphql_add_ssh_key_nonexistent_user(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user666",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["addSshKey"]["code"] == 404
|
|
assert response.json()["data"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["addSshKey"]["success"] is False
|
|
|
|
|
|
API_REMOVE_SSH_KEY_MUTATION = """
|
|
mutation removeSshKey($sshInput: SshMutationInput!) {
|
|
removeSshKey(sshInput: $sshInput) {
|
|
success
|
|
message
|
|
code
|
|
user {
|
|
username
|
|
sshKeys
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
|
|
def test_graphql_remove_ssh_key_unauthorized(client, some_users, mock_subprocess_popen):
|
|
response = client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is None
|
|
|
|
|
|
def test_graphql_remove_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY user1@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["removeSshKey"]["code"] == 200
|
|
assert response.json()["data"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["removeSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["removeSshKey"]["user"]["username"] == "user1"
|
|
assert response.json()["data"]["removeSshKey"]["user"]["sshKeys"] == []
|
|
|
|
|
|
def test_graphql_remove_root_ssh_key(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "root",
|
|
"sshKey": "ssh-ed25519 KEY test@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["removeSshKey"]["code"] == 200
|
|
assert response.json()["data"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["removeSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["removeSshKey"]["user"]["username"] == "root"
|
|
assert response.json()["data"]["removeSshKey"]["user"]["sshKeys"] == []
|
|
|
|
|
|
def test_graphql_remove_main_ssh_key(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "tester",
|
|
"sshKey": "ssh-rsa KEY test@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["removeSshKey"]["code"] == 200
|
|
assert response.json()["data"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["removeSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["removeSshKey"]["user"]["username"] == "tester"
|
|
assert response.json()["data"]["removeSshKey"]["user"]["sshKeys"] == []
|
|
|
|
|
|
def test_graphql_remove_nonexistent_ssh_key(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["removeSshKey"]["code"] == 404
|
|
assert response.json()["data"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["removeSshKey"]["success"] is False
|
|
|
|
|
|
def test_graphql_remove_ssh_key_nonexistent_user(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user666",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["removeSshKey"]["code"] == 404
|
|
assert response.json()["data"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["removeSshKey"]["success"] is False
|