summaryrefslogtreecommitdiff
path: root/service/test/support/integration
diff options
context:
space:
mode:
authorRoald de Vries <rdevries@thoughtworks.com>2016-12-01 15:56:57 +0100
committerRoald de Vries <rdevries@thoughtworks.com>2016-12-01 15:56:57 +0100
commitf0880aff32bbb30c6a8a0d4e078e563d24b97909 (patch)
tree76e92c88e1ef5a9f63e49eb5489ec18fb1c35823 /service/test/support/integration
parent875249af34fc5a53b727fe8b8296a5d4206c11c7 (diff)
fix csrf for some integration tests
Diffstat (limited to 'service/test/support/integration')
-rw-r--r--service/test/support/integration/app_test_client.py19
-rw-r--r--service/test/support/integration/multi_user_client.py21
2 files changed, 22 insertions, 18 deletions
diff --git a/service/test/support/integration/app_test_client.py b/service/test/support/integration/app_test_client.py
index ee5a1df2..9ab74261 100644
--- a/service/test/support/integration/app_test_client.py
+++ b/service/test/support/integration/app_test_client.py
@@ -49,6 +49,7 @@ from pixelated.adapter.search import SearchEngine
from pixelated.adapter.services.draft_service import DraftService
from pixelated.adapter.services.mail_service import MailService
from pixelated.resources.root_resource import RootResource
+from pixelated.resources.session import IPixelatedSession
from test.support.integration.model import MailBuilder
from test.support.test_helper import request_mock
from test.support.integration.model import ResponseMail
@@ -278,17 +279,21 @@ class AppTestClient(object):
request.args = get_args
return self._render(request, as_json)
- def post(self, path, body='', headers=None, ajax=True, csrf='token'):
+ def post(self, path, body='', headers=None, ajax=True, csrf='token', session=None):
headers = headers or {'Content-Type': 'application/json'}
request = request_mock(path=path, method="POST", body=body, headers=headers, ajax=ajax, csrf=csrf)
+ if session:
+ request.session = session
return self._render(request)
def put(self, path, body, ajax=True, csrf='token'):
request = request_mock(path=path, method="PUT", body=body, headers={'Content-Type': ['application/json']}, ajax=ajax, csrf=csrf)
return self._render(request)
- def delete(self, path, body="", ajax=True, csrf='token'):
+ def delete(self, path, body="", ajax=True, csrf='token', session=None):
request = request_mock(path=path, body=body, headers={'Content-Type': ['application/json']}, method="DELETE", ajax=ajax, csrf=csrf)
+ if session:
+ request.session = session
return self._render(request)
@defer.inlineCallbacks
@@ -387,12 +392,14 @@ class AppTestClient(object):
return res
# TODO: remove
- def delete_mail(self, mail_ident, csrf='token'):
- res, req = self.delete("/mail/%s" % mail_ident, csrf=csrf)
+ def delete_mail(self, mail_ident, session):
+ csrf = IPixelatedSession(session).get_csrf_token()
+ res, req = self.delete("/mail/%s" % mail_ident, csrf=csrf, session=session)
return res
- def delete_mails(self, idents):
- res, req = self.post("/mails/delete", json.dumps({'idents': idents}))
+ def delete_mails(self, idents, session):
+ csrf = IPixelatedSession(session).get_csrf_token()
+ res, req = self.post("/mails/delete", json.dumps({'idents': idents}), csrf=csrf, session=session)
return res
def mark_many_as_unread(self, idents):
diff --git a/service/test/support/integration/multi_user_client.py b/service/test/support/integration/multi_user_client.py
index fe8595fb..4b9b2864 100644
--- a/service/test/support/integration/multi_user_client.py
+++ b/service/test/support/integration/multi_user_client.py
@@ -58,44 +58,41 @@ class MultiUserClient(AppTestClient):
else:
when(Authenticator)._bonafide_auth(username, password).thenRaise(SRPAuthError)
- def login(self, username='username', password='password', from_request=None):
- session = Authentication(username, 'some_user_token', 'some_user_uuid', 'session_id', {'is_admin': False})
+ def login(self, username='username', password='password', session=None):
+ auth_session = Authentication(username, 'some_user_token', 'some_user_uuid', 'session_id', {'is_admin': False})
leap_session = self._test_account.leap_session
- leap_session.user_auth = session
+ leap_session.user_auth = auth_session
config = mock()
config.leap_home = 'some_folder'
leap_session.config = config
leap_session.fresh_account = False
self.leap_session = leap_session
self.services = self._test_account.services
- self.user_auth = session
+ self.user_auth = auth_session
self._mock_bonafide_auth(username, password)
- when(LeapSessionFactory).create(username, password, session).thenReturn(leap_session)
+ when(LeapSessionFactory).create(username, password, auth_session).thenReturn(leap_session)
with patch('mockito.invocation.AnswerSelector', AnswerSelector):
when(leap_session).initial_sync().thenAnswer(lambda: defer.succeed(None))
when(pixelated.config.services).Services(ANY()).thenReturn(self.services)
- session = from_request.getSession()
csrftoken = IPixelatedSession(session).get_csrf_token()
request = request_mock(path='/login', method="POST", body={'username': username, 'password': password, 'csrftoken': csrftoken}, ajax=False)
request.session = session
return self._render(request, as_json=False)
- def get(self, path, get_args='', as_json=True, from_request=None):
+ def get(self, path, get_args='', as_json=True, session=None):
request = request_mock(path)
request.args = get_args
- if from_request:
- session = from_request.getSession()
+ if session:
request.session = session
return self._render(request, as_json)
- def post(self, path, body='', headers=None, ajax=True, csrf='token', as_json=True, from_request=None):
+ def post(self, path, body='', headers=None, ajax=True, csrf='token', as_json=True, session=None):
headers = headers or {'Content-Type': 'application/json'}
request = request_mock(path=path, method="POST", body=body, headers=headers, ajax=ajax, csrf=csrf)
- if from_request:
- session = from_request.getSession()
+ if session:
request.session = session
return self._render(request, as_json)