summaryrefslogtreecommitdiff
path: root/tests/helpers/bonafide_helper.rb
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-05-10 14:48:26 -0400
committerMicah <micah@leap.se>2016-05-10 14:48:26 -0400
commit86c85582065c391aa13c0b9b397dfd1aa2e2ac7b (patch)
tree7c027409a517d862864bf3650f4a8a66f615162d /tests/helpers/bonafide_helper.rb
parent70b1c648b94e6c007b9241a4661f33881e74485f (diff)
parent66b4c6b5ec6fe2f242020845fe92715ae2cdcc1e (diff)
Merge tag '0.8.0'
Release 0.8.0
Diffstat (limited to 'tests/helpers/bonafide_helper.rb')
-rw-r--r--tests/helpers/bonafide_helper.rb204
1 files changed, 170 insertions, 34 deletions
diff --git a/tests/helpers/bonafide_helper.rb b/tests/helpers/bonafide_helper.rb
index 9b26eaaf..5b886228 100644
--- a/tests/helpers/bonafide_helper.rb
+++ b/tests/helpers/bonafide_helper.rb
@@ -17,45 +17,53 @@ class LeapTest
raise exc
end
- def api_url(path)
- api = property('api')
- "https://%{domain}:%{port}#{path}" % {
- :domain => api['domain'],
- :port => api['port']
- }
- end
-
#
# attempts to create a user account via the API,
# returning the user object if successful.
#
- def assert_create_user
- user = SRP::User.new
- url = api_url("/1/users.json")
- assert_post(url, user.to_params) do |body|
+ def assert_create_user(username=nil, auth=nil)
+ user = SRP::User.new(username)
+ url = api_url("/users.json")
+ params = user.to_params
+ if auth
+ options = api_options(:auth => auth)
+ else
+ options = api_options
+ if property('webapp.invite_required')
+ @invite_code = generate_invite_code
+ params['user[invite_code]'] = @invite_code
+ end
+ end
+
+ assert_post(url, params, options) do |body|
assert response = JSON.parse(body), 'response should be JSON'
assert response['ok'], "Creating a user should be successful, got #{response.inspect} instead."
+ user.ok = true
+ user.id = response['id']
end
- user.ok = true
return user
end
+ # TODO: use the api for this instead.
+ def generate_invite_code
+ `cd /srv/leap/webapp/ && sudo -u leap-webapp RAILS_ENV=production bundle exec rake generate_invites[1]`.gsub(/\n/, "")
+ end
+
#
# attempts to authenticate user. if successful,
# user object is updated with id and session token.
#
def assert_authenticate_user(user)
- url = api_url("/1/sessions.json")
+ url = api_url("/sessions.json")
session = SRP::Session.new(user)
params = {'login' => user.username, 'A' => session.aa}
- assert_post(url, params) do |response, body|
+ assert_post(url, params, api_options) do |body, response|
cookie = response['Set-Cookie'].split(';').first
assert(response = JSON.parse(body), 'response should be JSON')
assert(session.bb = response["B"], 'response should include "B"')
- url = api_url("/1/sessions/login.json")
+ url = api_url("/sessions/login.json")
params = {'client_auth' => session.m, 'A' => session.aa}
- options = {:headers => {'Cookie' => cookie}}
- assert_put(url, params, options) do |body|
+ assert_put(url, params, api_options('Cookie' => cookie)) do |body|
assert(response = JSON.parse(body), 'response should be JSON')
assert(response['M2'], 'response should include M2')
user.session_token = response['token']
@@ -70,30 +78,158 @@ class LeapTest
# attempts to destroy a user account via the API.
#
def assert_delete_user(user)
- if user && user.ok && user.id && user.session_token && !user.deleted
- url = api_url("/1/users/#{user.id}.json")
- options = {:headers => {
- "Authorization" => "Token token=\"#{user.session_token}\""
- }}
- params = {
- :identities => 'destroy'
+ if user.is_a? String
+ assert_delete_user_by_login(user)
+ elsif user.is_a? SRP::User
+ assert_delete_srp_user(user)
+ end
+ end
+
+ #
+ # returns true if the identity exists, uses monitor token auth
+ #
+ def identity_exists?(address)
+ url = api_url("/identities/#{URI.encode(address)}.json")
+ options = {:ok_codes => [200, 404]}.merge(
+ api_options(:auth => :monitor)
+ )
+ assert_get(url, nil, options) do |body, response|
+ return response.code == "200"
+ end
+ end
+
+ def upload_public_key(user_id, public_key)
+ url = api_url("/users/#{user_id}.json")
+ params = {"user[public_key]" => public_key}
+ assert_put(url, params, api_options(:auth => :monitor))
+ end
+
+ #
+ # return user document as a Hash. uses monitor token auth
+ #
+ def find_user_by_id(user_id)
+ url = api_url("/users/#{user_id}.json")
+ assert_get(url, nil, api_options(:auth => :monitor)) do |body|
+ return JSON.parse(body)
+ end
+ end
+
+ #
+ # return user document as a Hash. uses monitor token auth
+ # NOTE: this relies on deprecated behavior of the API
+ # and will not work when multi-domain support is added.
+ #
+ def find_user_by_login(login)
+ url = api_url("/users/0.json?login=#{login}")
+ options = {:ok_codes => [200, 404]}.merge(
+ api_options(:auth => :monitor)
+ )
+ assert_get(url, nil, options) do |body, response|
+ if response.code == "200"
+ return JSON.parse(body)
+ else
+ return nil
+ end
+ end
+ end
+
+ private
+
+ def api_url(path)
+ unless path =~ /^\//
+ path = '/' + path
+ end
+ if property('testing.api_uri')
+ return property('testing.api_uri') + path
+ elsif property('api')
+ api = property('api')
+ return "https://%{domain}:%{port}/%{version}#{path}" % {
+ :domain => api['domain'],
+ :port => api['port'],
+ :version => api['version'] || 1
+ }
+ else
+ fail 'This node needs to have either testing.api_url or api.{domain,port} configured.'
+ end
+ end
+
+ #
+ # produces an options hash used for api http requests.
+ #
+ # argument options hash gets added to "headers"
+ # of the http request.
+ #
+ # special :auth key in argument will expand to
+ # add api_token_auth header.
+ #
+ # if you want to try manually:
+ #
+ # export API_URI=`grep api_uri /etc/leap/hiera.yaml | cut -d\" -f2`
+ # export TOKEN=`grep monitor_auth_token /etc/leap/hiera.yaml | awk '{print $2}'`
+ # curl -H "Accept: application/json" -H "Token: $TOKEN" $API_URI
+ #
+ def api_options(options={})
+ # note: must be :headers, not "headers"
+ hsh = {
+ :headers => {
+ "Accept" => "application/json"
}
+ }
+ if options[:auth]
+ hsh[:headers].merge!(api_token_auth(options.delete(:auth)))
+ end
+ hsh[:headers].merge!(options)
+ return hsh
+ end
+
+ #
+ # add token authentication to a http request.
+ #
+ # returns a hash suitable for adding to the 'headers' option
+ # of an http function.
+ #
+ def api_token_auth(token)
+ if token.is_a?(Symbol) && property('testing')
+ if token == :monitor
+ token_str = property('testing.monitor_auth_token')
+ else
+ raise ArgumentError.new 'no such token'
+ end
+ else
+ token_str = token
+ end
+ {"Authorization" => "Token token=\"#{token_str}\""}
+ end
+
+ #
+ # not actually used in any test, but useful when
+ # writing new tests.
+ #
+ def assert_delete_user_by_login(login_name)
+ user = find_user_by_login(login_name)
+ url = api_url("/users/#{user['id']}.json")
+ params = {:identities => 'destroy'}
+ delete(url, params, api_options(:auth => :monitor)) do |body, response, error|
+ assert error.nil?, "Error deleting user: #{error}"
+ assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}"
+ assert(response = JSON.parse(body), 'Delete response should be JSON')
+ assert(response["success"], 'Deleting user should be a success')
+ end
+ end
+
+ def assert_delete_srp_user(user)
+ if user && user.ok && user.id && user.session_token && !user.deleted
+ url = api_url("users/#{user.id}.json")
+ params = {:identities => 'destroy'}
user.deleted = true
- delete(url, params, options) do |body, response, error|
+ delete(url, params, api_options(:auth => user.session_token)) do |body, response, error|
assert error.nil?, "Error deleting user: #{error}"
assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}"
assert(response = JSON.parse(body), 'Delete response should be JSON')
assert(response["success"], 'Deleting user should be a success')
end
- domain = property('domain.full_suffix')
- identities_url = couchdb_url("/identities/_design/Identity/_view/by_address?key=%22#{user.username}@#{domain}%22")
- get(identities_url) do |body, response, error|
- assert error.nil?, "Error checking identities db: #{error}"
- assert response.code.to_i == 200, "Unable to check that user identity was deleted: HTTP response from API should have code 200, was #{response.code} #{error} #{body}"
- assert(response = JSON.parse(body), 'Couch response should be JSON')
- assert response['rows'].empty?, "Identity should have been deleted for test user #{user.username} (id #{user.id}), but was not! Response was: #{body}."
- end
end
end
+
end