mirror of
https://github.com/peeringdb/peeringdb.git
synced 2024-05-11 05:55:09 +00:00
8cc0f13ec1
* install django-grainy * nsp to grainy first iteration * nsp to grainy second iteration * grainy and django-grainy pinned to latest releases * Fix typo * Update djangorestframework, peeringdb, django-ratelimit * Rewrite login view ratelimit decorator * Relock pipfile * add list() to make copy of dictionaries before iterating * relock pipfile with python3.9 change docker to use python3.9 * add ordering to admin search queryset for deskproticket and email * add org api key and begin to write tests * additional key tests * add drf-api-keys to pipfile * Wire orgapikey to modelviewsetpermissions * Update api key helper functions * add put test * Add Org API key tab to frontend * Add user api key model * Update user key handling and tests * Update APIPermissionsApplicator to make it work w requests * Add org api key perm panel * add org key permissions * Add user api key views * Add templates for handling user api key (adding, not revoking) * relock pipfile * assorted fixes and tweaks * Add general user group permissions and org user group perms * refactor org api key perms * Add tests for api keys * Add docstrings to permissions helpers * Add api key examples * squash migrations * remove custom api key header config * Change api key test setup * Update permissions for grainy change * Bump up pipfile and pipfile.lock * Add API Key to Verification Queue Item * Delete travis * Add workaround to Dockerfile * update pipfile and sort out migrations * Add comment to Dockerfile * Re-add API Key migrations * Add locale to .gitignore * remove suggest functionality from ix * Update test to recognize that IX api no longer has suggest function * Add test to outlaw POSTing an IX w its org equal to the suggest entity org * Add meta information geowarning * Add alert to demonstrate UI * Add error to fac update * Add template warning for geovalidation * Add geowarning meta js * cover absent meta_response test case * Update styles for geowarning * refactor geotag warning implementation * null lat and long on unsuccessful geo locate * modify geovalidation frontend update * Add deskproticket model email field * Add missing span * add email to org keys * Add email to org key tests * update serializer with rdap validation wrapper * update admin for api keys * Enable writing an email as part of org key creation * Add email validation to org api key form * fix css style on perm row * Add suggested info to api response * display suggested address on frontend * add needs geocode to serializer * save lat long on forward geonormalization * add address suggestion submit button * Add suggested address popin to ADD facility form * Fix css * add lat and long rounding to geocodenabled model clean method * add migration and regression test for lat long decimal db constraint * Add another regression test for model decimal places * Get deskpro functions passing isort and flake * Update ticket_queue_deletion_prevented * update ticket_queue_deletion_prevented for use with org api key * add template for org key dpt from asnauto skipvq * Update deskproticket for rdap error * add facility aka * add aka to serializer and views * black and isort test api keys * fix typo in org key deskpro template * skip or rewrite unapplicable org key tests, and add as_set tests * adjust api key test comments * Add vqi_notify to signals * Add reversion comments for api keys and helper function * update how org keys are added to verification queue items * rename verification queue item fk from api_key to org_key * fix group id error * update key tests with correct http header info * check both user and key, not just user * templates fiex * adapt deskpro integration to work with email only * make org api keys editable for desc and email * pipfile relock * edit test setupdata settings for groups * Change comment to signify we don't need to remove code * address untranslated accept button * Add docstrings to the serializer functions * Add loading shim * Add migration for all longname and aka * Add aka and long name to views and serializers * delete migration w decimals * standardize serializer lat and long fields * Add clean rounding for lat and long * fix serializer error * api key admin improvements * fix linebreak in user api key form * remove debug prints * Add rounding util * Add rounding to lat and long fields * remove 'clean' from geocode method (logic now in admin form) * remove erroneous tests * revert serializer changes * Fix migrations * Add long name and aka to admin models * Update API key docs * Add documentation for api keys * fix typo * fix org api key revoke broken by editable api keys * doc tweaks * doc tweaks * doc tweaks * black format * fix migration hierarchy * docs * docs * api key permissions screenshot * formatting * formatting * padding fixed * remove one image * fix get_user_from_request type checking take out POST only valdiator for entity suggest * didnt mean to commit the django-peeringdb mount * fix suggest on PUT net fix tests * black formatting * update org key permission template * install rust for cryptography * pipfile relock (django-peeringdb to 2.6) Co-authored-by: Stefan Pratter <stefan@20c.com> Co-authored-by: Elliot Frank <elliot@20c.com>
194 lines
6.0 KiB
Python
194 lines
6.0 KiB
Python
import pytest
|
|
import json
|
|
import uuid
|
|
|
|
from django.test import Client, TestCase, RequestFactory
|
|
from django.conf import settings
|
|
from django.contrib.auth.models import Group, AnonymousUser
|
|
from django.contrib.auth import get_user
|
|
|
|
from .util import ClientCase
|
|
|
|
from django_grainy.models import UserPermission, GroupPermission
|
|
|
|
import peeringdb_server.views as views
|
|
import peeringdb_server.models as models
|
|
|
|
|
|
class ViewTestCase(ClientCase):
|
|
|
|
entities = ["ix", "net", "fac"]
|
|
|
|
@classmethod
|
|
def setUpTestData(cls):
|
|
super(ViewTestCase, cls).setUpTestData()
|
|
|
|
# create test users
|
|
for name in [
|
|
"org_admin",
|
|
"user_a",
|
|
"user_b",
|
|
"user_c",
|
|
"user_d",
|
|
"user_e",
|
|
"user_f",
|
|
]:
|
|
setattr(
|
|
cls,
|
|
name,
|
|
models.User.objects.create_user(name, "%s@localhost" % name, name),
|
|
)
|
|
getattr(cls, name).set_password(name)
|
|
cls.user_group.user_set.add(getattr(cls, name))
|
|
|
|
# create test org
|
|
cls.org = models.Organization.objects.create(name="Test org", status="ok")
|
|
cls.org_other = models.Organization.objects.create(
|
|
name="Test org other", status="ok"
|
|
)
|
|
|
|
# create test entities
|
|
for tag in cls.entities:
|
|
kwargs = {"name": "Test %s" % tag, "status": "ok", "org": cls.org}
|
|
if tag == "net":
|
|
kwargs.update(asn=1)
|
|
setattr(cls, tag, models.REFTAG_MAP[tag].objects.create(**kwargs))
|
|
|
|
# add org_admin user to org as admin
|
|
cls.org.admin_usergroup.user_set.add(cls.org_admin)
|
|
|
|
# add user_a user to org as member
|
|
cls.org.usergroup.user_set.add(cls.user_a)
|
|
cls.org_other.usergroup.user_set.add(cls.user_b)
|
|
|
|
def setUp(self):
|
|
self.factory = RequestFactory()
|
|
|
|
def run_view_test(self, reftag):
|
|
id = getattr(self, reftag).id
|
|
# test #1 - not logged in
|
|
c = Client()
|
|
resp = c.get("/%s/%d" % (reftag, id), follow=True)
|
|
self.assertEqual(resp.status_code, 200)
|
|
|
|
# test #2 - guest logged in (not affiliated to any org)
|
|
c = Client()
|
|
c.login(username="guest", password="guest")
|
|
resp = c.get("/%s/%d" % (reftag, id), follow=True)
|
|
self.assertEqual(resp.status_code, 200)
|
|
|
|
# test #3 - user logged in
|
|
c = Client()
|
|
c.login(username="user_a", password="user_a")
|
|
resp = c.get("/%s/%d" % (reftag, id), follow=True)
|
|
self.assertEqual(resp.status_code, 200)
|
|
|
|
|
|
class TestExchangeView(ViewTestCase):
|
|
def test_view(self):
|
|
self.run_view_test("ix")
|
|
|
|
|
|
class TestFacilityView(ViewTestCase):
|
|
def test_view(self):
|
|
self.run_view_test("fac")
|
|
|
|
|
|
class TestOrgView(ViewTestCase):
|
|
def test_view(self):
|
|
self.run_view_test("org")
|
|
|
|
|
|
class TestNetworkView(ViewTestCase):
|
|
@classmethod
|
|
def setUpTestData(cls):
|
|
ViewTestCase.setUpTestData()
|
|
# Create PoCs
|
|
models.NetworkContact.objects.create(
|
|
network=cls.net,
|
|
visible="Users",
|
|
name="Contact Users",
|
|
phone="12345",
|
|
email="a@a.a",
|
|
status="ok",
|
|
)
|
|
models.NetworkContact.objects.create(
|
|
network=cls.net,
|
|
visible="Public",
|
|
name="Contact Public",
|
|
phone="12345",
|
|
email="a@a.a",
|
|
status="ok",
|
|
)
|
|
models.NetworkContact.objects.create(
|
|
network=cls.net,
|
|
visible="Private",
|
|
name="Contact Private",
|
|
phone="12345",
|
|
email="a@a.a",
|
|
status="ok",
|
|
)
|
|
|
|
def test_view(self):
|
|
self.run_view_test("net")
|
|
|
|
def test_poc_notify(self):
|
|
"""
|
|
Test that viewers are notified if PoCs are hidden from them
|
|
"""
|
|
|
|
TEXT_NOT_LOGGED_IN = "Some of this network's contacts are hidden because they are only visible to authenticated users and you are currently not logged in."
|
|
TEXT_NOT_VERIFIED = "Some of this network's contacts are hidden because your user account is not affiliated with any organization."
|
|
|
|
self.assertEqual(models.NetworkContact.objects.all().count(), 3)
|
|
|
|
# test #1 - not logged in
|
|
c = Client()
|
|
resp = c.get("/net/%d" % self.net.id, follow=True)
|
|
content = resp.content.decode("utf-8")
|
|
self.assertEqual(resp.status_code, 200)
|
|
assert resp.status_code == 200
|
|
assert TEXT_NOT_LOGGED_IN in content
|
|
assert "Contact Public" in content
|
|
assert "Contact Private" not in content
|
|
assert "Contact Users" not in content
|
|
|
|
# test #2 - guest logged in (not affiliated to any org)
|
|
c = Client()
|
|
c.login(username="guest", password="guest")
|
|
resp = c.get("/net/%d" % self.net.id)
|
|
content = resp.content.decode("utf-8")
|
|
assert resp.status_code == 200
|
|
assert TEXT_NOT_VERIFIED in content
|
|
assert "Contact Public" in content
|
|
assert "Contact Private" not in content
|
|
assert "Contact Users" not in content
|
|
|
|
# test #3 - user logged in
|
|
c = Client()
|
|
c.login(username="user_a", password="user_a")
|
|
resp = c.get("/net/%d" % self.net.id)
|
|
content = resp.content.decode("utf-8")
|
|
assert resp.status_code == 200
|
|
assert TEXT_NOT_LOGGED_IN not in content
|
|
assert TEXT_NOT_VERIFIED not in content
|
|
|
|
assert "Contact Public" in content
|
|
assert "Contact Private" in content
|
|
assert "Contact Users" in content
|
|
|
|
def test_search_asn_redirect(self):
|
|
"""
|
|
When the user types AS*** or ASN*** and hits enter, if
|
|
a result is found it should redirect directly to the result
|
|
"""
|
|
|
|
c = Client()
|
|
|
|
for q in ["as1", "asn1", "AS1", "ASN1"]:
|
|
resp = c.get(f"/search?q={q}", follow=True)
|
|
self.assertEqual(resp.status_code, 200)
|
|
self.assertEqual(
|
|
resp.redirect_chain, [("/net/{}".format(self.net.id), 302)]
|
|
)
|