sintonia/api/libretime_api/tests/test_permissions.py

from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser
from model_bakery import baker
from rest_framework.test import APIRequestFactory, APITestCase

from ..core.models import DJ, GUEST
from ..permissions import IsSystemTokenOrUser


class TestIsSystemTokenOrUser(APITestCase):
    @classmethod
    def setUpTestData(cls):
        cls.path = "/api/v2/files/"

    def test_unauthorized(self):
        response = self.client.get(self.path.format("files"))
        self.assertEqual(response.status_code, 403)

    def test_token_incorrect(self):
        token = "doesnotexist"
        request = APIRequestFactory().get(self.path)
        request.user = AnonymousUser()
        request.META["Authorization"] = f"Api-Key {token}"
        allowed = IsSystemTokenOrUser().has_permission(request, None)
        self.assertFalse(allowed)

    def test_token_correct(self):
        token = settings.CONFIG.general.api_key
        request = APIRequestFactory().get(self.path)
        request.user = AnonymousUser()
        request.META["Authorization"] = f"Api-Key {token}"
        allowed = IsSystemTokenOrUser().has_permission(request, None)
        self.assertTrue(allowed)


class TestPermissions(APITestCase):
    URLS = [
        "schedule",
        "shows",
        "show-days",
        "show-hosts",
        "show-instances",
        "show-rebroadcasts",
        "files",
        "playlists",
        "playlist-contents",
        "smart-blocks",
        "smart-block-contents",
        "smart-block-criteria",
        "webstreams",
    ]

    def logged_in_test_model(self, model, name, user_type, fn):
        path = self.path.format(model)
        if not get_user_model().objects.filter(username=name):
            get_user_model().objects.create_user(
                name,
                email="test@example.com",
                password="test",
                type=user_type,
                first_name="test",
                last_name="user",
            )
        self.client.login(username=name, password="test")
        return fn(path)

    @classmethod
    def setUpTestData(cls):
        cls.path = "/api/v2/{}/"

    def test_guest_permissions_success(self):
        for model in self.URLS:
            response = self.logged_in_test_model(model, "guest", GUEST, self.client.get)
            self.assertEqual(
                response.status_code, 200, msg=f"Invalid for model {model}"
            )

    def test_guest_permissions_failure(self):
        for model in self.URLS:
            response = self.logged_in_test_model(
                model, "guest", GUEST, self.client.post
            )
            self.assertEqual(
                response.status_code, 403, msg=f"Invalid for model {model}"
            )

    def test_dj_get_permissions(self):
        for model in self.URLS:
            response = self.logged_in_test_model(model, "dj", DJ, self.client.get)
            self.assertEqual(
                response.status_code, 200, msg=f"Invalid for model {model}"
            )

    def test_dj_post_permissions(self):
        user = get_user_model().objects.create_user(
            "test-dj",
            email="test@example.com",
            password="test",
            type=DJ,
            first_name="test",
            last_name="user",
        )
        file = baker.make("storage.File", owner=user)
        model = f"files/{file.id}"
        path = self.path.format(model)
        self.client.login(username="test-dj", password="test")
        response = self.client.patch(path, {"name": "newFilename"})
        self.assertEqual(response.status_code, 200)

    def test_dj_post_permissions_failure(self):
        get_user_model().objects.create_user(
            "test-dj",
            email="test@example.com",
            password="test",
            type=DJ,
            first_name="test",
            last_name="user",
        )
        file = baker.make("storage.File")
        model = f"files/{file.id}"
        path = self.path.format(model)
        self.client.login(username="test-dj", password="test")
        response = self.client.patch(path, {"name": "newFilename"})
        self.assertEqual(response.status_code, 403)
Add isort pre-commit hook Sort import statement in python files See https://github.com/PyCQA/isort 2021-06-03 15:20:39 +02:00			`from django.conf import settings`
add API v2 2020-01-30 14:47:36 +01:00			`from django.contrib.auth import get_user_model`
			`from django.contrib.auth.models import AnonymousUser`
Better format enforcing (#1391) * Add shared python format-check target * Add .format-check to api lint target * Format api code with makefile format target * Add .format-check to tools lint target * Add .format-check to analyzer lint target * Format analyzer code with makefile format target * Add .format-check to celery lint target * Add .format-check to api_client lint target * Format api_client code with makefile format target * Add .format-check to playout lint target * Run CI linting in parallel * Disable isort in pre-commit 2021-10-17 16:24:37 +02:00			`from model_bakery import baker`
			`from rest_framework.test import APIRequestFactory, APITestCase`

refactor(api): fix pylint errors 2022-04-01 17:29:11 +02:00			`from ..core.models import DJ, GUEST`
feat(api): split api into multiple apps (#1626) Fixes #1622 - split the api into 4 apps: core, history, schedule, storage - exploded the settings into testing/prod 2022-04-04 14:38:50 +02:00			`from ..permissions import IsSystemTokenOrUser`
add API v2 2020-01-30 14:47:36 +01:00

			`class TestIsSystemTokenOrUser(APITestCase):`
			`@classmethod`
			`def setUpTestData(cls):`
			`cls.path = "/api/v2/files/"`

			`def test_unauthorized(self):`
Format code using black 2021-05-27 16:23:02 +02:00			`response = self.client.get(self.path.format("files"))`
add API v2 2020-01-30 14:47:36 +01:00			`self.assertEqual(response.status_code, 403)`

			`def test_token_incorrect(self):`
Format code using black 2021-05-27 16:23:02 +02:00			`token = "doesnotexist"`
add API v2 2020-01-30 14:47:36 +01:00			`request = APIRequestFactory().get(self.path)`
			`request.user = AnonymousUser()`
chore: add pyupgrade pre-commit hook - add --py3-plus flag to pyupgrade hook - add --py36-plus flag to pyupgrade hook 2022-01-25 23:45:00 +01:00			`request.META["Authorization"] = f"Api-Key {token}"`
add API v2 2020-01-30 14:47:36 +01:00			`allowed = IsSystemTokenOrUser().has_permission(request, None)`
			`self.assertFalse(allowed)`

			`def test_token_correct(self):`
feat(api): load config using shared helpers - add django settings module documentation - use default for previously required fields BREAKING CHANGE: The API command line interface require the configuration file to be present. The default configuration file path is `/etc/airtime/airtime.conf` 2022-03-01 13:22:24 +01:00			`token = settings.CONFIG.general.api_key`
add API v2 2020-01-30 14:47:36 +01:00			`request = APIRequestFactory().get(self.path)`
			`request.user = AnonymousUser()`
chore: add pyupgrade pre-commit hook - add --py3-plus flag to pyupgrade hook - add --py36-plus flag to pyupgrade hook 2022-01-25 23:45:00 +01:00			`request.META["Authorization"] = f"Api-Key {token}"`
add API v2 2020-01-30 14:47:36 +01:00			`allowed = IsSystemTokenOrUser().has_permission(request, None)`
			`self.assertTrue(allowed)`


			`class TestPermissions(APITestCase):`
			`URLS = [`
Format code using black 2021-05-27 16:23:02 +02:00			`"schedule",`
			`"shows",`
			`"show-days",`
			`"show-hosts",`
			`"show-instances",`
			`"show-rebroadcasts",`
			`"files",`
			`"playlists",`
			`"playlist-contents",`
			`"smart-blocks",`
			`"smart-block-contents",`
			`"smart-block-criteria",`
			`"webstreams",`
add API v2 2020-01-30 14:47:36 +01:00			`]`

			`def logged_in_test_model(self, model, name, user_type, fn):`
			`path = self.path.format(model)`
refactor(api): fix pylint errors 2022-04-01 17:29:11 +02:00			`if not get_user_model().objects.filter(username=name):`
			`get_user_model().objects.create_user(`
Format code using black 2021-05-27 16:23:02 +02:00			`name,`
			`email="test@example.com",`
			`password="test",`
			`type=user_type,`
			`first_name="test",`
			`last_name="user",`
			`)`
			`self.client.login(username=name, password="test")`
add API v2 2020-01-30 14:47:36 +01:00			`return fn(path)`

			`@classmethod`
			`def setUpTestData(cls):`
			`cls.path = "/api/v2/{}/"`

			`def test_guest_permissions_success(self):`
			`for model in self.URLS:`
Format code using black 2021-05-27 16:23:02 +02:00			`response = self.logged_in_test_model(model, "guest", GUEST, self.client.get)`
			`self.assertEqual(`
chore: add pyupgrade pre-commit hook - add --py3-plus flag to pyupgrade hook - add --py36-plus flag to pyupgrade hook 2022-01-25 23:45:00 +01:00			`response.status_code, 200, msg=f"Invalid for model {model}"`
Format code using black 2021-05-27 16:23:02 +02:00			`)`
add API v2 2020-01-30 14:47:36 +01:00
			`def test_guest_permissions_failure(self):`
			`for model in self.URLS:`
Format code using black 2021-05-27 16:23:02 +02:00			`response = self.logged_in_test_model(`
			`model, "guest", GUEST, self.client.post`
			`)`
			`self.assertEqual(`
chore: add pyupgrade pre-commit hook - add --py3-plus flag to pyupgrade hook - add --py36-plus flag to pyupgrade hook 2022-01-25 23:45:00 +01:00			`response.status_code, 403, msg=f"Invalid for model {model}"`
Format code using black 2021-05-27 16:23:02 +02:00			`)`
add API v2 2020-01-30 14:47:36 +01:00
			`def test_dj_get_permissions(self):`
			`for model in self.URLS:`
Format code using black 2021-05-27 16:23:02 +02:00			`response = self.logged_in_test_model(model, "dj", DJ, self.client.get)`
			`self.assertEqual(`
chore: add pyupgrade pre-commit hook - add --py3-plus flag to pyupgrade hook - add --py36-plus flag to pyupgrade hook 2022-01-25 23:45:00 +01:00			`response.status_code, 200, msg=f"Invalid for model {model}"`
Format code using black 2021-05-27 16:23:02 +02:00			`)`
add API v2 2020-01-30 14:47:36 +01:00
			`def test_dj_post_permissions(self):`
Format code using black 2021-05-27 16:23:02 +02:00			`user = get_user_model().objects.create_user(`
			`"test-dj",`
			`email="test@example.com",`
			`password="test",`
			`type=DJ,`
			`first_name="test",`
			`last_name="user",`
			`)`
refactor(api): fix pylint errors 2022-04-01 17:29:11 +02:00			`file = baker.make("storage.File", owner=user)`
			`model = f"files/{file.id}"`
add API v2 2020-01-30 14:47:36 +01:00			`path = self.path.format(model)`
Format code using black 2021-05-27 16:23:02 +02:00			`self.client.login(username="test-dj", password="test")`
			`response = self.client.patch(path, {"name": "newFilename"})`
add API v2 2020-01-30 14:47:36 +01:00			`self.assertEqual(response.status_code, 200)`

			`def test_dj_post_permissions_failure(self):`
refactor(api): fix pylint errors 2022-04-01 17:29:11 +02:00			`get_user_model().objects.create_user(`
Format code using black 2021-05-27 16:23:02 +02:00			`"test-dj",`
			`email="test@example.com",`
			`password="test",`
			`type=DJ,`
			`first_name="test",`
			`last_name="user",`
			`)`
refactor(api): fix pylint errors 2022-04-01 17:29:11 +02:00			`file = baker.make("storage.File")`
			`model = f"files/{file.id}"`
add API v2 2020-01-30 14:47:36 +01:00			`path = self.path.format(model)`
Format code using black 2021-05-27 16:23:02 +02:00			`self.client.login(username="test-dj", password="test")`
			`response = self.client.patch(path, {"name": "newFilename"})`
add API v2 2020-01-30 14:47:36 +01:00			`self.assertEqual(response.status_code, 403)`