mirror of
https://github.com/simple-login/app.git
synced 2024-11-18 01:40:38 +01:00
de31e6d072
* Allow to set sudo mode for api requests * Rebase migration on top of master * PR comments * Added missing migration * Removed unused import * Apply suggestions from code review Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
34 lines
940 B
Python
34 lines
940 B
Python
from random import random
|
|
|
|
from flask import url_for
|
|
|
|
from app.api.base import check_sudo_mode_is_active
|
|
from app.db import Session
|
|
from app.models import ApiKey
|
|
from tests.api.utils import get_new_user_and_api_key
|
|
|
|
|
|
def test_enter_sudo_mode(flask_client):
|
|
user, api_key = get_new_user_and_api_key()
|
|
password = f"passwd-{random()}"
|
|
user.set_password(password)
|
|
Session.commit()
|
|
|
|
r = flask_client.patch(
|
|
url_for("api.enter_sudo"),
|
|
headers={"Authentication": api_key.code},
|
|
json={"password": "invalid"},
|
|
)
|
|
|
|
assert r.status_code == 403
|
|
assert not check_sudo_mode_is_active(ApiKey.get(id=api_key.id))
|
|
|
|
r = flask_client.patch(
|
|
url_for("api.enter_sudo"),
|
|
headers={"Authentication": api_key.code},
|
|
json={"password": password},
|
|
)
|
|
|
|
assert r.status_code == 200
|
|
assert r.json == {"ok": True}
|
|
assert check_sudo_mode_is_active(ApiKey.get(id=api_key.id))
|