Add tests

ibazulic · Nov 15, 2024 · 369fe78 · 369fe78
1 parent 7c6a909
commit 369fe78
Show file tree

Hide file tree

Showing 2 changed files with 89 additions and 5 deletions.
diff --git a/endpoints/api/test/test_organization.py b/endpoints/api/test/test_organization.py
@@ -1,12 +1,18 @@
-from test.fixtures import *
-
 import pytest
+from mock import patch
 
+from app import app as realapp
 from data import model
 from endpoints.api import api
-from endpoints.api.organization import Organization, OrganizationCollaboratorList
+from endpoints.api.organization import (
+    Organization,
+    OrganizationCollaboratorList,
+    OrganizationList,
+)
 from endpoints.api.test.shared import conduct_api_call
 from endpoints.test.shared import client_with_identity
+from features import FeatureNameValue
+from test.fixtures import *
 
 
 @pytest.mark.parametrize(
@@ -44,3 +50,36 @@ def test_get_organization_collaborators(app):
         if collaborator["name"] == "outsideorg":
             assert "orgrepo" in collaborator["repositories"]
             assert "anotherorgrepo" not in collaborator["repositories"]
+
+
+def test_create_org_as_superuser_with_restricted_users_set(app):
+    body = {
+        "name": "buyandlarge",
+        "email": "[email protected]",
+    }
+
+    # check if super users can create organizations regardles of restricted users set
+    with patch("features.RESTRICTED_USERS", FeatureNameValue("RESTRICTED_USERS", True)):
+        with client_with_identity("devtable", app) as cl:
+            resp = conduct_api_call(
+                cl, OrganizationList, "POST", None, body=body, expected_code=201
+            )
+
+    # unset all super users temporarily
+    superuser_list = realapp.config.get("SUPER_USERS")
+    realapp.config["SUPER_USERS"] = []
+
+    body = {
+        "name": "buyandlargetimes2",
+        "email": "[email protected]",
+    }
+
+    # check if users who are not super users can create organizations when restricted users is set
+    with patch("features.RESTRICTED_USERS", FeatureNameValue("RESTRICTED_USERS", True)):
+        with client_with_identity("devtable", app) as cl:
+            resp = conduct_api_call(
+                cl, OrganizationList, "POST", None, body=body, expected_code=403
+            )
+
+    # reset superuser list to previous value
+    realapp.config["SUPER_USERS"] = superuser_list
diff --git a/endpoints/api/test/test_repository.py b/endpoints/api/test/test_repository.py
@@ -1,13 +1,15 @@
-from test.fixtures import *
-
 import pytest
 from mock import ANY, MagicMock, patch
 
+from app import app as realapp
+from app import authentication, usermanager
 from data import database, model
+from data.users import UserAuthentication, UserManager
 from endpoints.api.repository import Repository, RepositoryList, RepositoryTrust
 from endpoints.api.test.shared import conduct_api_call
 from endpoints.test.shared import client_with_identity
 from features import FeatureNameValue
+from test.fixtures import *
 
 
 @pytest.mark.parametrize(
@@ -208,3 +210,46 @@ def test_delete_repo(initialized_db, app):
         marker = database.DeletedRepository.get()
         assert marker.original_name == "simple"
         assert marker.queue_id
+
+
+@pytest.mark.parametrize(
+    "namespace, expected_status",
+    [
+        ("devtable", 201),
+        ("buynlarge", 201),
+    ],
+)
+def test_create_repo_with_restricted_users_enabled_as_superuser(namespace, expected_status, app):
+    with patch("features.RESTRICTED_USERS", FeatureNameValue("RESTRICTED_USERS", True)):
+        with client_with_identity("devtable", app) as cl:
+            body = {
+                "namespace": namespace,
+                "repository": "somerepo",
+                "visibility": "public",
+                "description": "foobar",
+            }
+
+            resp = conduct_api_call(
+                cl, RepositoryList, "POST", None, body, expected_code=expected_status
+            ).json
+            if expected_status == 201:
+                assert resp["name"] == "somerepo"
+                assert model.repository.get_repository(namespace, "somerepo").name == "somerepo"
+
+
+def test_create_repo_with_restricted_users_enabled_as_normal_user(app):
+    # reset super user list
+    super_users = realapp.config.get("SUPER_USERS")
+    realapp.config["SUPER_USERS"] = []
+
+    # try creating a repo with a random user
+    with patch("features.RESTRICTED_USERS", FeatureNameValue("RESTRICTED_USERS", True)):
+        with client_with_identity("devtable", app) as cl:
+            body = {
+                "namespace": "devtable",
+                "repository": "somerepo2",
+                "visibility": "public",
+                "description": "foobarbaz",
+            }
+
+            resp = conduct_api_call(cl, RepositoryList, "POST", None, body, expected_code=403)