From ba7ea75fd5e8883dbd412482e08ee7e51667b441 Mon Sep 17 00:00:00 2001 From: def Date: Mon, 25 Jul 2022 01:59:43 +0200 Subject: [PATCH] add some get_users tests --- selfprivacy_api/graphql/common_types/user.py | 1 + .../graphql/mutations/ssh_mutations.py | 8 +- .../graphql/mutations/users_mutations.py | 6 +- selfprivacy_api/graphql/queries/users.py | 8 +- selfprivacy_api/graphql/schema.py | 1 + selfprivacy_api/utils/__init__.py | 2 - tests/test_graphql/test_users.py | 182 ++++++++++++++++-- 7 files changed, 187 insertions(+), 21 deletions(-) diff --git a/selfprivacy_api/graphql/common_types/user.py b/selfprivacy_api/graphql/common_types/user.py index fcca7ba..2135be2 100644 --- a/selfprivacy_api/graphql/common_types/user.py +++ b/selfprivacy_api/graphql/common_types/user.py @@ -31,6 +31,7 @@ class UserMutationReturn(MutationReturnInterface): user: typing.Optional[User] + def get_user_by_username(username: str) -> typing.Optional[User]: with ReadUserData() as data: diff --git a/selfprivacy_api/graphql/mutations/ssh_mutations.py b/selfprivacy_api/graphql/mutations/ssh_mutations.py index 748d59f..8303ddd 100644 --- a/selfprivacy_api/graphql/mutations/ssh_mutations.py +++ b/selfprivacy_api/graphql/mutations/ssh_mutations.py @@ -5,12 +5,16 @@ import strawberry from selfprivacy_api.graphql import IsAuthenticated -from selfprivacy_api.graphql.common_types.user import User, UserMutationReturn, UserType +from selfprivacy_api.graphql.common_types.user import ( + User, + UserMutationReturn, + UserType, + get_user_by_username, +) from selfprivacy_api.utils import ( WriteUserData, ReadUserData, - get_user_by_username, validate_ssh_public_key, ) diff --git a/selfprivacy_api/graphql/mutations/users_mutations.py b/selfprivacy_api/graphql/mutations/users_mutations.py index 43c720a..d145cda 100644 --- a/selfprivacy_api/graphql/mutations/users_mutations.py +++ b/selfprivacy_api/graphql/mutations/users_mutations.py @@ -6,7 +6,11 @@ import subprocess import typing import strawberry from selfprivacy_api.graphql import IsAuthenticated -from selfprivacy_api.graphql.common_types.user import User, UserMutationReturn, get_user_by_username +from selfprivacy_api.graphql.common_types.user import ( + User, + UserMutationReturn, + get_user_by_username, +) from selfprivacy_api.graphql.mutations.mutation_interface import ( MutationReturnInterface, ) diff --git a/selfprivacy_api/graphql/queries/users.py b/selfprivacy_api/graphql/queries/users.py index 70edabc..ecfa5ac 100644 --- a/selfprivacy_api/graphql/queries/users.py +++ b/selfprivacy_api/graphql/queries/users.py @@ -5,6 +5,7 @@ import strawberry from selfprivacy_api.graphql.common_types.user import User, get_user_by_username from selfprivacy_api.utils import ReadUserData +from selfprivacy_api.graphql import IsAuthenticated def get_users() -> typing.List[User]: @@ -19,12 +20,13 @@ def get_users() -> typing.List[User]: return user_list - @strawberry.type class Users: - @strawberry.field + @strawberry.field(permission_classes=[IsAuthenticated]) def get_user(self, username: str) -> typing.Optional[User]: """Get users""" return get_user_by_username(username) - all_users: typing.List[User] = strawberry.field(resolver=get_users) + all_users: typing.List[User] = strawberry.field( + permission_classes=[IsAuthenticated], resolver=get_users + ) diff --git a/selfprivacy_api/graphql/schema.py b/selfprivacy_api/graphql/schema.py index de2ca98..c0f2858 100644 --- a/selfprivacy_api/graphql/schema.py +++ b/selfprivacy_api/graphql/schema.py @@ -12,6 +12,7 @@ from selfprivacy_api.graphql.queries.system import System from selfprivacy_api.graphql.mutations.users_mutations import UserMutations from selfprivacy_api.graphql.queries.users import Users + @strawberry.type class Query: """Root schema for queries""" diff --git a/selfprivacy_api/utils/__init__.py b/selfprivacy_api/utils/__init__.py index 054e52c..cc93622 100644 --- a/selfprivacy_api/utils/__init__.py +++ b/selfprivacy_api/utils/__init__.py @@ -173,5 +173,3 @@ def hash_password(password): hashed_password = hashed_password.decode("ascii") hashed_password = hashed_password.rstrip() return hashed_password - - diff --git a/tests/test_graphql/test_users.py b/tests/test_graphql/test_users.py index 76dd961..4490f2b 100644 --- a/tests/test_graphql/test_users.py +++ b/tests/test_graphql/test_users.py @@ -3,13 +3,12 @@ import json import pytest -from tests.common import generate_system_query, generate_users_query, read_json, write_json - - -def read_json(file_path): - with open(file_path, "r", encoding="utf-8") as file: - return json.load(file) - +from tests.common import ( + generate_system_query, + generate_users_query, + read_json, + write_json, +) invalid_usernames = [ "root", @@ -115,11 +114,9 @@ def mock_subprocess_popen(mocker): ## TESTS ###################################################### API_USERS_INFO = """ -users { - allUsers { +allUsers { username sshKeys - } } """ @@ -145,7 +142,166 @@ def test_graphql_get_some_users(authorized_client, some_users, mock_subprocess_p ) assert response.status_code == 200 assert response.json.get("data") is not None - # assert response.json == ["user1", "user2", "user3"] + assert len(response.json["data"]["users"]["allUsers"]) == 4 + assert response.json["data"]["users"]["allUsers"][0]["username"] == "user1" + assert response.json["data"]["users"]["allUsers"][0]["sshKeys"] == [ + "ssh-rsa KEY user1@pc" + ] - assert response.json["data"]["users"]["success"] is True - assert response.json["data"]["users"]["code"] == 200 + assert response.json["data"]["users"]["allUsers"][1]["username"] == "user2" + assert response.json["data"]["users"]["allUsers"][1]["sshKeys"] == [] + + assert response.json["data"]["users"]["allUsers"][3]["username"] == "tester" + assert response.json["data"]["users"]["allUsers"][3]["sshKeys"] == [ + "ssh-rsa KEY test@pc" + ] + + +def test_graphql_get_no_users(authorized_client, no_users, mock_subprocess_popen): + response = authorized_client.get( + "/graphql", + json={ + "query": generate_users_query([API_USERS_INFO]), + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert len(response.json["data"]["users"]["allUsers"]) == 1 + assert response.json["data"]["users"]["allUsers"][0]["username"] == "tester" + assert response.json["data"]["users"]["allUsers"][0]["sshKeys"] == [ + "ssh-rsa KEY test@pc" + ] + + +API_GET_USERS = """ +getUser($username: String) { + getUser(username: $username) { + user + } +} +""" + + +def test_graphql_get_one_user_unauthorized(client, one_user, mock_subprocess_popen): + response = client.post( + "/graphql", + json={ + "query": generate_users_query([API_GET_USERS]), + "variables": { + "username": "user1", + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is None + + +def test_graphql_get_one_user(authorized_client, one_user, mock_subprocess_popen): + response = authorized_client.get( + "/graphql", + json={ + "query": generate_users_query([API_GET_USERS]), + "variables": { + "username": "user1", + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + # assert len(response.json["data"]["users"]["getUser"]) == 1 + # assert response.json["data"]["users"]["getUser"][0]["username"] == "user1" + # assert response.json["data"]["users"]["getUser"][0]["sshKeys"] == ["ssh-rsa KEY user1@pc"] + + +def test_graphql_get_some_user(authorized_client, some_user, mock_subprocess_popen): + response = authorized_client.get( + "/graphql", + json={ + "query": generate_users_query([API_GET_USERS]), + "variables": { + "username": "user2", + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + # assert len(response.json["data"]["users"]["getUser"]) == 1 + # assert response.json["data"]["users"]["getUser"][0]["username"] == "user1" + # assert response.json["data"]["users"]["getUser"][0]["sshKeys"] == ["ssh-rsa KEY user1@pc"] + + +def test_graphql_get_root_user(authorized_client, one_user, mock_subprocess_popen): + response = authorized_client.get( + "/graphql", + json={ + "query": generate_users_query([API_GET_USERS]), + "variables": { + "username": "root", + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + +def test_graphql_get_main_user(authorized_client, one_user, mock_subprocess_popen): + response = authorized_client.get( + "/graphql", + json={ + "query": generate_users_query([API_GET_USERS]), + "variables": { + "username": "tester", # ssh-rsa KEY test@pc + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + +API_CHANGE_USERS_MUTATION = """ +mutation createUser($username: String, $password: String) { + createUser(username: $username, password: $password) { + success + message + code + user + } +} +""" + + +def test_graphql_add_user_unauthorize(client, one_user, mock_subprocess_popen): + response = client.post( + "/graphql", + json={ + "query": API_CHANGE_USERS_MUTATION, + "variables": { + "username": "user1", + "password": "12345678", + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is None + + +def test_graphql_add_usere(authorized_client, one_user, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_CHANGE_USERS_MUTATION, + "variables": { + "username": "user1", + "password": "12345678", + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + # assert response.json["data"][""]["message"] is not None + # assert response.json["data"][""]["code"] == 200 + # assert response.json["data"][""]["success"] is True