app-MAIL-temp/tests/dashboard/test_api_keys.py

from time import time

from flask import url_for

from app.db import Session
from app.models import User, ApiKey
from tests.utils import login


def test_api_key_page_requires_password(flask_client):
    r = flask_client.get(
        url_for("dashboard.api_key"),
    )

    assert r.status_code == 302


def test_create_delete_api_key(flask_client):
    user = login(flask_client)
    nb_api_key = ApiKey.count()

    # to bypass sudo mode
    with flask_client.session_transaction() as session:
        session["sudo_time"] = int(time())

    # create api_key
    create_r = flask_client.post(
        url_for("dashboard.api_key"),
        data={"form-name": "create", "name": "for test"},
        follow_redirects=True,
    )
    assert create_r.status_code == 200
    api_key = ApiKey.get_by(user_id=user.id)
    assert ApiKey.filter(ApiKey.user_id == user.id).count() == 1
    assert api_key.name == "for test"

    # delete api_key
    delete_r = flask_client.post(
        url_for("dashboard.api_key"),
        data={"form-name": "delete", "api-key-id": api_key.id},
        follow_redirects=True,
    )
    assert delete_r.status_code == 200
    assert ApiKey.count() == nb_api_key


def test_delete_all_api_keys(flask_client):
    nb_api_keys = ApiKey.count()

    # create two test users
    user_1 = login(flask_client)
    user_2 = User.create(
        email="a2@b.c", password="password", name="Test User 2", activated=True
    )
    Session.commit()

    # create api_key for both users
    ApiKey.create(user_1.id, "for test")
    ApiKey.create(user_1.id, "for test 2")
    ApiKey.create(user_2.id, "for test")
    Session.commit()

    assert (
        ApiKey.count() == nb_api_keys + 3
    )  # assert that the total number of API keys for all users is 3.
    # assert that each user has the API keys created
    assert ApiKey.filter(ApiKey.user_id == user_1.id).count() == 2
    assert ApiKey.filter(ApiKey.user_id == user_2.id).count() == 1

    # to bypass sudo mode
    with flask_client.session_transaction() as session:
        session["sudo_time"] = int(time())

    # delete all of user 1's API keys
    r = flask_client.post(
        url_for("dashboard.api_key"),
        data={"form-name": "delete-all"},
        follow_redirects=True,
    )
    assert r.status_code == 200
    assert (
        ApiKey.count() == nb_api_keys + 1
    )  # assert that the total number of API keys for all users is now 1.
    assert (
        ApiKey.filter(ApiKey.user_id == user_1.id).count() == 0
    )  # assert that user 1 now has 0 API keys
    assert (
        ApiKey.filter(ApiKey.user_id == user_2.id).count() == 1
    )  # assert that user 2 still has 1 API key
require password to use the api key page 2022-03-21 14:40:47 +01:00			`from time import time`

remove unused import 2022-03-21 14:43:27 +01:00			`from flask import url_for`
Test the dashboard POST request instead of directly testing the API. 2022-02-03 20:30:10 +01:00
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`from app.db import Session`
			`from app.models import User, ApiKey`
Login using the test utils method. 2022-02-03 20:20:39 +01:00			`from tests.utils import login`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00

require password to use the api key page 2022-03-21 14:40:47 +01:00			`def test_api_key_page_requires_password(flask_client):`
			`r = flask_client.get(`
			`url_for("dashboard.api_key"),`
			`)`

			`assert r.status_code == 302`


Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`def test_create_delete_api_key(flask_client):`
Login using the test utils method. 2022-02-03 20:20:39 +01:00			`user = login(flask_client)`
Improve test: disable rate limit during test and avoid conflicts between tests (#1349) * disable rate limit during test, avoid conflict between tests * fix test 2022-10-14 16:37:49 +02:00			`nb_api_key = ApiKey.count()`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00
require password to use the api key page 2022-03-21 14:40:47 +01:00			`# to bypass sudo mode`
			`with flask_client.session_transaction() as session:`
			`session["sudo_time"] = int(time())`

Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`# create api_key`
Use POST requests to create and delete through the dashboard. 2022-02-03 20:47:41 +01:00			`create_r = flask_client.post(`
			`url_for("dashboard.api_key"),`
			`data={"form-name": "create", "name": "for test"},`
			`follow_redirects=True,`
			`)`
			`assert create_r.status_code == 200`
Just get the API key by user ID. 2022-02-03 20:49:29 +01:00			`api_key = ApiKey.get_by(user_id=user.id)`
Improve test: disable rate limit during test and avoid conflicts between tests (#1349) * disable rate limit during test, avoid conflict between tests * fix test 2022-10-14 16:37:49 +02:00			`assert ApiKey.filter(ApiKey.user_id == user.id).count() == 1`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`assert api_key.name == "for test"`

Fix typo. 2022-02-03 22:44:27 +01:00			`# delete api_key`
Use POST requests to create and delete through the dashboard. 2022-02-03 20:47:41 +01:00			`delete_r = flask_client.post(`
			`url_for("dashboard.api_key"),`
			`data={"form-name": "delete", "api-key-id": api_key.id},`
			`follow_redirects=True,`
			`)`
			`assert delete_r.status_code == 200`
Improve test: disable rate limit during test and avoid conflicts between tests (#1349) * disable rate limit during test, avoid conflict between tests * fix test 2022-10-14 16:37:49 +02:00			`assert ApiKey.count() == nb_api_key`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00

Use POST requests to create and delete through the dashboard. 2022-02-03 20:47:41 +01:00			`def test_delete_all_api_keys(flask_client):`
Improve test: disable rate limit during test and avoid conflicts between tests (#1349) * disable rate limit during test, avoid conflict between tests * fix test 2022-10-14 16:37:49 +02:00			`nb_api_keys = ApiKey.count()`

Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`# create two test users`
Test the dashboard POST request instead of directly testing the API. 2022-02-03 20:30:10 +01:00			`user_1 = login(flask_client)`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`user_2 = User.create(`
			`email="a2@b.c", password="password", name="Test User 2", activated=True`
			`)`
			`Session.commit()`

			`# create api_key for both users`
			`ApiKey.create(user_1.id, "for test")`
Add multiple API keys for test user 1. 2022-02-03 16:05:46 +01:00			`ApiKey.create(user_1.id, "for test 2")`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`ApiKey.create(user_2.id, "for test")`
			`Session.commit()`

			`assert (`
Improve test: disable rate limit during test and avoid conflicts between tests (#1349) * disable rate limit during test, avoid conflict between tests * fix test 2022-10-14 16:37:49 +02:00			`ApiKey.count() == nb_api_keys + 3`
Add multiple API keys for test user 1. 2022-02-03 16:05:46 +01:00			`) # assert that the total number of API keys for all users is 3.`
			`# assert that each user has the API keys created`
			`assert ApiKey.filter(ApiKey.user_id == user_1.id).count() == 2`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`assert ApiKey.filter(ApiKey.user_id == user_2.id).count() == 1`

require password to use the api key page 2022-03-21 14:40:47 +01:00			`# to bypass sudo mode`
			`with flask_client.session_transaction() as session:`
			`session["sudo_time"] = int(time())`

Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`# delete all of user 1's API keys`
Test the dashboard POST request instead of directly testing the API. 2022-02-03 20:30:10 +01:00			`r = flask_client.post(`
			`url_for("dashboard.api_key"),`
			`data={"form-name": "delete-all"},`
			`follow_redirects=True,`
			`)`
			`assert r.status_code == 200`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`assert (`
Improve test: disable rate limit during test and avoid conflicts between tests (#1349) * disable rate limit during test, avoid conflict between tests * fix test 2022-10-14 16:37:49 +02:00			`ApiKey.count() == nb_api_keys + 1`
Add unit tests for API keys. 2022-02-03 16:02:32 +01:00			`) # assert that the total number of API keys for all users is now 1.`
			`assert (`
			`ApiKey.filter(ApiKey.user_id == user_1.id).count() == 0`
			`) # assert that user 1 now has 0 API keys`
			`assert (`
			`ApiKey.filter(ApiKey.user_id == user_2.id).count() == 1`
			`) # assert that user 2 still has 1 API key`