mirror of
https://github.com/simple-login/app.git
synced 2024-11-16 17:08:30 +01:00
35 lines
940 B
Python
35 lines
940 B
Python
|
from random import random
|
||
|
|
||
|
from flask import url_for
|
||
|
|
||
|
from app.api.base import check_sudo_mode_is_active
|
||
|
from app.db import Session
|
||
|
from app.models import ApiKey
|
||
|
from tests.api.utils import get_new_user_and_api_key
|
||
|
|
||
|
|
||
|
def test_enter_sudo_mode(flask_client):
|
||
|
user, api_key = get_new_user_and_api_key()
|
||
|
password = f"passwd-{random()}"
|
||
|
user.set_password(password)
|
||
|
Session.commit()
|
||
|
|
||
|
r = flask_client.patch(
|
||
|
url_for("api.enter_sudo"),
|
||
|
headers={"Authentication": api_key.code},
|
||
|
json={"password": "invalid"},
|
||
|
)
|
||
|
|
||
|
assert r.status_code == 403
|
||
|
assert not check_sudo_mode_is_active(ApiKey.get(id=api_key.id))
|
||
|
|
||
|
r = flask_client.patch(
|
||
|
url_for("api.enter_sudo"),
|
||
|
headers={"Authentication": api_key.code},
|
||
|
json={"password": password},
|
||
|
)
|
||
|
|
||
|
assert r.status_code == 200
|
||
|
assert r.json == {"ok": True}
|
||
|
assert check_sudo_mode_is_active(ApiKey.get(id=api_key.id))
|