mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git
synced 2024-11-14 14:43:16 +00:00
c6919293b6
I've learned that there is no problem in grouping mutations like we do with queries. This is a big mistake from my side, now we have legacy not so conveniently placed endpoints. I've grouped all mutations, left the copies of old ones flattened in the root for backwards compatibility. We will migrate to mutation groups on client side, and backups now only use grouped mutations. Tests are updated.
364 lines
11 KiB
Python
364 lines
11 KiB
Python
# pylint: disable=redefined-outer-name
|
|
# pylint: disable=unused-argument
|
|
import pytest
|
|
|
|
from tests.common import read_json
|
|
|
|
|
|
class ProcessMock:
|
|
"""Mock subprocess.Popen"""
|
|
|
|
def __init__(self, args, **kwargs):
|
|
self.args = args
|
|
self.kwargs = kwargs
|
|
|
|
def communicate(): # pylint: disable=no-method-argument
|
|
return (b"NEW_HASHED", None)
|
|
|
|
returncode = 0
|
|
|
|
|
|
@pytest.fixture
|
|
def mock_subprocess_popen(mocker):
|
|
mock = mocker.patch("subprocess.Popen", autospec=True, return_value=ProcessMock)
|
|
return mock
|
|
|
|
|
|
@pytest.fixture
|
|
def some_users(mocker, datadir):
|
|
mocker.patch("selfprivacy_api.utils.USERDATA_FILE", new=datadir / "some_users.json")
|
|
assert read_json(datadir / "some_users.json")["users"] == [
|
|
{
|
|
"username": "user1",
|
|
"hashedPassword": "HASHED_PASSWORD_1",
|
|
"sshKeys": ["ssh-rsa KEY user1@pc"],
|
|
},
|
|
{"username": "user2", "hashedPassword": "HASHED_PASSWORD_2", "sshKeys": []},
|
|
{"username": "user3", "hashedPassword": "HASHED_PASSWORD_3"},
|
|
]
|
|
return datadir
|
|
|
|
|
|
# TESTS ########################################################
|
|
|
|
|
|
API_CREATE_SSH_KEY_MUTATION = """
|
|
mutation addSshKey($sshInput: SshMutationInput!) {
|
|
users {
|
|
addSshKey(sshInput: $sshInput) {
|
|
success
|
|
message
|
|
code
|
|
user {
|
|
username
|
|
sshKeys
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
|
|
def test_graphql_add_ssh_key_unauthorized(client, some_users, mock_subprocess_popen):
|
|
response = client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is None
|
|
|
|
|
|
def test_graphql_add_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["code"] == 201
|
|
assert response.json()["data"]["users"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["addSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["user"]["username"] == "user1"
|
|
assert response.json()["data"]["users"]["addSshKey"]["user"]["sshKeys"] == [
|
|
"ssh-rsa KEY user1@pc",
|
|
"ssh-rsa KEY test_key@pc",
|
|
]
|
|
|
|
|
|
def test_graphql_add_root_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "root",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["code"] == 201
|
|
assert response.json()["data"]["users"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["addSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["user"]["username"] == "root"
|
|
assert response.json()["data"]["users"]["addSshKey"]["user"]["sshKeys"] == [
|
|
"ssh-ed25519 KEY test@pc",
|
|
"ssh-rsa KEY test_key@pc",
|
|
]
|
|
|
|
|
|
def test_graphql_add_main_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "tester",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["code"] == 201
|
|
assert response.json()["data"]["users"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["addSshKey"]["success"] is True
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["user"]["username"] == "tester"
|
|
assert response.json()["data"]["users"]["addSshKey"]["user"]["sshKeys"] == [
|
|
"ssh-rsa KEY test@pc",
|
|
"ssh-rsa KEY test_key@pc",
|
|
]
|
|
|
|
|
|
def test_graphql_add_bad_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "trust me, this is the ssh key",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["code"] == 400
|
|
assert response.json()["data"]["users"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["addSshKey"]["success"] is False
|
|
|
|
|
|
def test_graphql_add_ssh_key_nonexistent_user(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_CREATE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user666",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["addSshKey"]["code"] == 404
|
|
assert response.json()["data"]["users"]["addSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["addSshKey"]["success"] is False
|
|
|
|
|
|
API_REMOVE_SSH_KEY_MUTATION = """
|
|
mutation removeSshKey($sshInput: SshMutationInput!) {
|
|
users {
|
|
removeSshKey(sshInput: $sshInput) {
|
|
success
|
|
message
|
|
code
|
|
user {
|
|
username
|
|
sshKeys
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
|
|
def test_graphql_remove_ssh_key_unauthorized(client, some_users, mock_subprocess_popen):
|
|
response = client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is None
|
|
|
|
|
|
def test_graphql_remove_ssh_key(authorized_client, some_users, mock_subprocess_popen):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY user1@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["removeSshKey"]["code"] == 200
|
|
assert response.json()["data"]["users"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["removeSshKey"]["success"] is True
|
|
|
|
assert (
|
|
response.json()["data"]["users"]["removeSshKey"]["user"]["username"] == "user1"
|
|
)
|
|
assert response.json()["data"]["users"]["removeSshKey"]["user"]["sshKeys"] == []
|
|
|
|
|
|
def test_graphql_remove_root_ssh_key(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "root",
|
|
"sshKey": "ssh-ed25519 KEY test@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["removeSshKey"]["code"] == 200
|
|
assert response.json()["data"]["users"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["removeSshKey"]["success"] is True
|
|
|
|
assert (
|
|
response.json()["data"]["users"]["removeSshKey"]["user"]["username"] == "root"
|
|
)
|
|
assert response.json()["data"]["users"]["removeSshKey"]["user"]["sshKeys"] == []
|
|
|
|
|
|
def test_graphql_remove_main_ssh_key(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "tester",
|
|
"sshKey": "ssh-rsa KEY test@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["removeSshKey"]["code"] == 200
|
|
assert response.json()["data"]["users"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["removeSshKey"]["success"] is True
|
|
|
|
assert (
|
|
response.json()["data"]["users"]["removeSshKey"]["user"]["username"] == "tester"
|
|
)
|
|
assert response.json()["data"]["users"]["removeSshKey"]["user"]["sshKeys"] == []
|
|
|
|
|
|
def test_graphql_remove_nonexistent_ssh_key(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user1",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["removeSshKey"]["code"] == 404
|
|
assert response.json()["data"]["users"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["removeSshKey"]["success"] is False
|
|
|
|
|
|
def test_graphql_remove_ssh_key_nonexistent_user(
|
|
authorized_client, some_users, mock_subprocess_popen
|
|
):
|
|
response = authorized_client.post(
|
|
"/graphql",
|
|
json={
|
|
"query": API_REMOVE_SSH_KEY_MUTATION,
|
|
"variables": {
|
|
"sshInput": {
|
|
"username": "user666",
|
|
"sshKey": "ssh-rsa KEY test_key@pc",
|
|
},
|
|
},
|
|
},
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json().get("data") is not None
|
|
|
|
assert response.json()["data"]["users"]["removeSshKey"]["code"] == 404
|
|
assert response.json()["data"]["users"]["removeSshKey"]["message"] is not None
|
|
assert response.json()["data"]["users"]["removeSshKey"]["success"] is False
|