-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathtest_app.py
More file actions
333 lines (302 loc) · 15.4 KB
/
test_app.py
File metadata and controls
333 lines (302 loc) · 15.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
"""
Unit tests for the Deis api app.
Run the tests with "./manage.py test api"
"""
from __future__ import unicode_literals
import json
import mock
import os.path
import requests
from django.conf import settings
from django.contrib.auth.models import User
from django.test import TestCase
from rest_framework.authtoken.models import Token
from api.models import App
def mock_import_repository_task(*args, **kwargs):
resp = requests.Response()
resp.status_code = 200
resp._content_consumed = True
return resp
class AppTest(TestCase):
"""Tests creation of applications"""
fixtures = ['tests.json']
def setUp(self):
self.user = User.objects.get(username='autotest')
self.token = Token.objects.get(user=self.user).key
# provide mock authentication used for run commands
settings.SSH_PRIVATE_KEY = '<some-ssh-private-key>'
def tearDown(self):
# reset global vars for other tests
settings.SSH_PRIVATE_KEY = ''
def test_app(self):
"""
Test that a user can create, read, update and delete an application
"""
url = '/v1/apps'
response = self.client.post(url, HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 201)
app_id = response.data['id'] # noqa
self.assertIn('id', response.data)
response = self.client.get('/v1/apps',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data['results']), 1)
url = '/v1/apps/{app_id}'.format(**locals())
response = self.client.get(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 200)
body = {'id': 'new'}
response = self.client.patch(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 405)
response = self.client.delete(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 204)
def test_response_data(self):
"""Test that the serialized response contains only relevant data."""
body = {'id': 'test'}
response = self.client.post('/v1/apps', json.dumps(body),
content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
for key in response.data:
self.assertIn(key, ['uuid', 'created', 'updated', 'id', 'owner', 'url', 'structure'])
expected = {
'id': 'test',
'owner': self.user.username,
'url': 'test.deisapp.local',
'structure': {}
}
self.assertDictContainsSubset(expected, response.data)
def test_app_override_id(self):
body = {'id': 'myid'}
response = self.client.post('/v1/apps', json.dumps(body),
content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 201)
body = {'id': response.data['id']}
response = self.client.post('/v1/apps', json.dumps(body),
content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertContains(response, 'This field must be unique.', status_code=400)
return response
def test_app_actions(self):
url = '/v1/apps'
body = {'id': 'autotest'}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 201)
app_id = response.data['id'] # noqa
# test logs
if not os.path.exists(settings.DEIS_LOG_DIR):
os.mkdir(settings.DEIS_LOG_DIR)
path = os.path.join(settings.DEIS_LOG_DIR, app_id + '.log')
# HACK: remove app lifecycle logs
if os.path.exists(path):
os.remove(path)
url = '/v1/apps/{app_id}/logs'.format(**locals())
response = self.client.get(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 204)
self.assertEqual(response.data, 'No logs for {}'.format(app_id))
# write out some fake log data and try again
with open(path, 'a') as f:
f.write(FAKE_LOG_DATA)
response = self.client.get(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, FAKE_LOG_DATA)
# test with log_lines
response = self.client.get(url + "?log_lines=1",
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, FAKE_LOG_DATA.splitlines(True)[4])
os.remove(path)
# TODO: test run needs an initial build
def test_app_release_notes_in_logs(self):
"""Verifies that an app's release summary is dumped into the logs."""
url = '/v1/apps'
body = {'id': 'autotest'}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 201)
app_id = response.data['id'] # noqa
path = os.path.join(settings.DEIS_LOG_DIR, app_id + '.log')
url = '/v1/apps/{app_id}/logs'.format(**locals())
response = self.client.get(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertIn('autotest created initial release', response.data)
self.assertEqual(response.status_code, 200)
# delete file for future runs
os.remove(path)
def test_app_errors(self):
app_id = 'autotest-errors'
url = '/v1/apps'
body = {'id': 'camelCase'}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertContains(response, 'App IDs can only contain [a-z0-9-]', status_code=400)
url = '/v1/apps'
body = {'id': app_id}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 201)
app_id = response.data['id'] # noqa
url = '/v1/apps/{app_id}'.format(**locals())
response = self.client.delete(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEquals(response.status_code, 204)
for endpoint in ('containers', 'config', 'releases', 'builds'):
url = '/v1/apps/{app_id}/{endpoint}'.format(**locals())
response = self.client.get(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEquals(response.status_code, 404)
def test_app_reserved_names(self):
"""Nobody should be able to create applications with names which are reserved."""
url = '/v1/apps'
reserved_names = ['foo', 'bar']
with self.settings(DEIS_RESERVED_NAMES=reserved_names):
for name in reserved_names:
body = {'id': name}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertContains(
response,
'{} is a reserved name.'.format(name),
status_code=400)
def test_app_structure_is_valid_json(self):
"""Application structures should be valid JSON objects."""
url = '/v1/apps'
response = self.client.post(url, HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 201)
app_id = response.data['id']
self.assertIn('structure', response.data)
self.assertEqual(response.data['structure'], {})
app = App.objects.get(id=app_id)
app.structure = {'web': 1}
app.save()
url = '/v1/apps/{}'.format(app_id)
response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertIn('structure', response.data)
self.assertEqual(response.data['structure'], {"web": 1})
@mock.patch('requests.post', mock_import_repository_task)
def test_admin_can_manage_other_apps(self):
"""Administrators of Deis should be able to manage all applications.
"""
# log in as non-admin user and create an app
user = User.objects.get(username='autotest2')
token = Token.objects.get(user=user)
app_id = 'autotest'
url = '/v1/apps'
body = {'id': app_id}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(token))
app = App.objects.get(id=app_id)
# log in as admin, check to see if they have access
url = '/v1/apps/{}'.format(app_id)
response = self.client.get(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 200)
# check app logs
url = '/v1/apps/{app_id}/logs'.format(**locals())
response = self.client.get(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 200)
self.assertIn('autotest2 created initial release', response.data)
# TODO: test run needs an initial build
# delete the app
url = '/v1/apps/{}'.format(app_id)
response = self.client.delete(url,
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 204)
def test_admin_can_see_other_apps(self):
"""If a user creates an application, the administrator should be able
to see it.
"""
# log in as non-admin user and create an app
user = User.objects.get(username='autotest2')
token = Token.objects.get(user=user)
app_id = 'autotest'
url = '/v1/apps'
body = {'id': app_id}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(token))
# log in as admin
response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.data['count'], 1)
def test_run_without_auth(self):
"""If the administrator has not provided SSH private key for run commands,
make sure a friendly error message is provided on run"""
settings.SSH_PRIVATE_KEY = ''
url = '/v1/apps'
body = {'id': 'autotest'}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 201)
app_id = response.data['id'] # noqa
# test run
url = '/v1/apps/{app_id}/run'.format(**locals())
body = {'command': 'ls -al'}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEquals(response.status_code, 400)
self.assertEquals(response.data, {'detail': 'Support for admin commands '
'is not configured'})
def test_run_without_release_should_error(self):
"""
A user should not be able to run a one-off command unless a release
is present.
"""
app_id = 'autotest'
url = '/v1/apps'
body = {'id': app_id}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
url = '/v1/apps/{}/run'.format(app_id)
body = {'command': 'ls -al'}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 400)
self.assertEqual(response.data, {'detail': 'No build associated with this '
'release to run this command'})
def test_unauthorized_user_cannot_see_app(self):
"""
An unauthorized user should not be able to access an app's resources.
Since an unauthorized user can't access the application, these
tests should return a 403, but currently return a 404. FIXME!
"""
app_id = 'autotest'
base_url = '/v1/apps'
body = {'id': app_id}
response = self.client.post(base_url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
unauthorized_user = User.objects.get(username='autotest2')
unauthorized_token = Token.objects.get(user=unauthorized_user).key
url = '{}/{}/run'.format(base_url, app_id)
body = {'command': 'foo'}
response = self.client.post(url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(unauthorized_token))
self.assertEqual(response.status_code, 403)
url = '{}/{}/logs'.format(base_url, app_id)
response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(unauthorized_token))
self.assertEqual(response.status_code, 403)
url = '{}/{}'.format(base_url, app_id)
response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(unauthorized_token))
self.assertEqual(response.status_code, 403)
response = self.client.delete(url,
HTTP_AUTHORIZATION='token {}'.format(unauthorized_token))
self.assertEqual(response.status_code, 403)
def test_app_info_not_showing_wrong_app(self):
app_id = 'autotest'
base_url = '/v1/apps'
body = {'id': app_id}
response = self.client.post(base_url, json.dumps(body), content_type='application/json',
HTTP_AUTHORIZATION='token {}'.format(self.token))
url = '{}/foo'.format(base_url)
response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(self.token))
self.assertEqual(response.status_code, 404)
FAKE_LOG_DATA = """
2013-08-15 12:41:25 [33454] [INFO] Starting gunicorn 17.5
2013-08-15 12:41:25 [33454] [INFO] Listening at: http://0.0.0.0:5000 (33454)
2013-08-15 12:41:25 [33454] [INFO] Using worker: sync
2013-08-15 12:41:25 [33457] [INFO] Booting worker with pid 33457
"""