summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--testing/tests/server/test_server.py180
1 files changed, 79 insertions, 101 deletions
diff --git a/testing/tests/server/test_server.py b/testing/tests/server/test_server.py
index 39d8e8c3..da69c423 100644
--- a/testing/tests/server/test_server.py
+++ b/testing/tests/server/test_server.py
@@ -36,7 +36,6 @@ from test_soledad.util import (
make_token_soledad_app,
make_soledad_document_for_test,
soledad_sync_target,
- BaseSoledadTest,
)
from leap.soledad.client import _crypto
@@ -46,133 +45,112 @@ from leap.soledad.server.config import CONFIG_DEFAULTS
from leap.soledad.server.url_mapper import URLMapper
-class ServerAuthorizationTestCase(BaseSoledadTest):
-
+class URLMapperTestCase(unittest.TestCase):
"""
- Tests related to Soledad server authorization.
+ Test if the URLMapper behaves as expected.
+
+ The following table lists the authorized actions among all possible
+ u1db remote actions:
+
+ URL path | Authorized actions
+ --------------------------------------------------
+ / | GET
+ /shared-db | GET
+ /shared-db/docs | -
+ /shared-db/doc/{id} | -
+ /shared-db/sync-from/{source} | -
+ /user-db | -
+ /user-db/docs | -
+ /user-db/doc/{id} | -
+ /user-db/sync-from/{source} | GET, PUT, POST
"""
def setUp(self):
- pass
-
- def tearDown(self):
- pass
-
- def test_verify_action_with_correct_dbnames(self):
- """
- Test encrypting and decrypting documents.
-
- The following table lists the authorized actions among all possible
- u1db remote actions:
-
- URL path | Authorized actions
- --------------------------------------------------
- / | GET
- /shared-db | GET
- /shared-db/docs | -
- /shared-db/doc/{id} | GET, PUT, DELETE
- /shared-db/sync-from/{source} | -
- /user-db | -
- /user-db/docs | -
- /user-db/doc/{id} | -
- /user-db/sync-from/{source} | GET, PUT, POST
- """
- uuid = uuid4().hex
- urlmap = URLMapper()
- dbname = 'user-%s' % uuid
-
- # test global auth
- match = urlmap.match('/', 'GET')
- self.assertIsNotNone(match)
+ self._uuid = uuid4().hex
+ self._urlmap = URLMapper()
+ self._dbname = 'user-%s' % self._uuid
- # test shared-db database resource auth
- match = urlmap.match('/shared', 'GET')
+ def test_root_authorized(self):
+ match = self._urlmap.match('/', 'GET')
self.assertIsNotNone(match)
- match = urlmap.match('/shared', 'PUT')
- self.assertIsNone(match)
+ def test_shared_authorized(self):
+ self.assertIsNotNone(self._urlmap.match('/shared', 'GET'))
- match = urlmap.match('/shared', 'DELETE')
- self.assertIsNone(match)
+ def test_shared_unauthorized(self):
+ self.assertIsNone(self._urlmap.match('/shared', 'PUT'))
+ self.assertIsNone(self._urlmap.match('/shared', 'DELETE'))
+ self.assertIsNone(self._urlmap.match('/shared', 'POST'))
- match = urlmap.match('/shared', 'POST')
- self.assertIsNone(match)
+ def test_shared_docs_unauthorized(self):
+ self.assertIsNone(self._urlmap.match('/shared/docs', 'GET'))
+ self.assertIsNone(self._urlmap.match('/shared/docs', 'PUT'))
+ self.assertIsNone(self._urlmap.match('/shared/docs', 'DELETE'))
+ self.assertIsNone(self._urlmap.match('/shared/docs', 'POST'))
- # test shared-db docs resource auth
- self.assertIsNone(urlmap.match('/shared/docs', 'GET'))
-
- self.assertIsNone(urlmap.match('/shared/docs', 'PUT'))
-
- self.assertIsNone(urlmap.match('/shared/docs', 'DELETE'))
-
- self.assertIsNone(urlmap.match('/shared/docs', 'POST'))
-
- # test shared-db doc resource auth
- match = urlmap.match('/shared/doc/x', 'GET')
+ def test_shared_doc_authorized(self):
+ match = self._urlmap.match('/shared/doc/x', 'GET')
self.assertIsNotNone(match)
self.assertEqual('x', match.get('id'))
- match = urlmap.match('/shared/doc/x', 'PUT')
+ match = self._urlmap.match('/shared/doc/x', 'PUT')
self.assertIsNotNone(match)
self.assertEqual('x', match.get('id'))
- match = urlmap.match('/shared/doc/x', 'DELETE')
+ match = self._urlmap.match('/shared/doc/x', 'DELETE')
+ self.assertIsNotNone(match)
self.assertEqual('x', match.get('id'))
- self.assertIsNone(urlmap.match('/shared/doc/x', 'POST'))
-
- # test shared-db sync resource auth
- self.assertIsNone(urlmap.match('/shared/sync-from/x', 'GET'))
-
- self.assertIsNone(urlmap.match('/shared/sync-from/x', 'PUT'))
-
- self.assertIsNone(urlmap.match('/shared/sync-from/x', 'DELETE'))
-
- self.assertIsNone(urlmap.match('/shared/sync-from/x', 'POST'))
-
- # test user-db database resource auth
- self.assertIsNone(urlmap.match('/%s' % dbname, 'GET'))
-
- self.assertIsNone(urlmap.match('/%s' % dbname, 'PUT'))
-
- self.assertIsNone(urlmap.match('/%s' % dbname, 'DELETE'))
-
- self.assertIsNone(urlmap.match('/%s' % dbname, 'POST'))
-
- # test user-db docs resource auth
- self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'GET'))
-
- self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'PUT'))
-
- self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'DELETE'))
-
- self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'POST'))
-
- # test user-db doc resource auth
- self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'GET'))
-
- self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'PUT'))
-
- self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'DELETE'))
-
- self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'POST'))
-
- # test user-db sync resource auth
- match = urlmap.match('/%s/sync-from/x' % dbname, 'GET')
+ def test_shared_doc_unauthorized(self):
+ self.assertIsNone(self._urlmap.match('/shared/doc/x', 'POST'))
+
+ def test_shared_sync_unauthorized(self):
+ self.assertIsNone(self._urlmap.match('/shared/sync-from/x', 'GET'))
+ self.assertIsNone(self._urlmap.match('/shared/sync-from/x', 'PUT'))
+ self.assertIsNone(self._urlmap.match('/shared/sync-from/x', 'DELETE'))
+ self.assertIsNone(self._urlmap.match('/shared/sync-from/x', 'POST'))
+
+ def test_user_db_unauthorized(self):
+ dbname = self._dbname
+ self.assertIsNone(self._urlmap.match('/%s' % dbname, 'GET'))
+ self.assertIsNone(self._urlmap.match('/%s' % dbname, 'PUT'))
+ self.assertIsNone(self._urlmap.match('/%s' % dbname, 'DELETE'))
+ self.assertIsNone(self._urlmap.match('/%s' % dbname, 'POST'))
+
+ def test_user_db_docs_unauthorized(self):
+ dbname = self._dbname
+ self.assertIsNone(self._urlmap.match('/%s/docs' % dbname, 'GET'))
+ self.assertIsNone(self._urlmap.match('/%s/docs' % dbname, 'PUT'))
+ self.assertIsNone(self._urlmap.match('/%s/docs' % dbname, 'DELETE'))
+ self.assertIsNone(self._urlmap.match('/%s/docs' % dbname, 'POST'))
+
+ def test_user_db_doc_unauthorized(self):
+ dbname = self._dbname
+ self.assertIsNone(self._urlmap.match('/%s/doc/x' % dbname, 'GET'))
+ self.assertIsNone(self._urlmap.match('/%s/doc/x' % dbname, 'PUT'))
+ self.assertIsNone(self._urlmap.match('/%s/doc/x' % dbname, 'DELETE'))
+ self.assertIsNone(self._urlmap.match('/%s/doc/x' % dbname, 'POST'))
+
+ def test_user_db_sync_authorized(self):
+ uuid = self._uuid
+ dbname = self._dbname
+ match = self._urlmap.match('/%s/sync-from/x' % dbname, 'GET')
self.assertEqual(uuid, match.get('uuid'))
self.assertEqual('x', match.get('source_replica_uid'))
- match = urlmap.match('/%s/sync-from/x' % dbname, 'PUT')
+ match = self._urlmap.match('/%s/sync-from/x' % dbname, 'PUT')
self.assertEqual(uuid, match.get('uuid'))
self.assertEqual('x', match.get('source_replica_uid'))
- match = urlmap.match('/%s/sync-from/x' % dbname, 'DELETE')
- self.assertIsNone(match)
-
- match = urlmap.match('/%s/sync-from/x' % dbname, 'POST')
+ match = self._urlmap.match('/%s/sync-from/x' % dbname, 'POST')
self.assertEqual(uuid, match.get('uuid'))
self.assertEqual('x', match.get('source_replica_uid'))
+ def test_user_db_sync_unauthorized(self):
+ dbname = self._dbname
+ self.assertIsNone(
+ self._urlmap.match('/%s/sync-from/x' % dbname, 'DELETE'))
+
@pytest.mark.usefixtures("method_tmpdir")
class EncryptedSyncTestCase(