nsupdate.info/nsupdate/api/_tests/test_api.py

"""
Tests for api package.
"""

import pytest

from django.core.urlresolvers import reverse

from nsupdate.main.dnstools import query_ns


TEST_HOST = "test.nsupdate.info"
TEST_HOST2 = "test2.nsupdate.info"
TEST_SECRET = "secret"

USERNAME = 'test'
PASSWORD = 'pass'

BASEDOMAIN = "nsupdate.info"
HOSTNAME = 'nsupdate-ddns-client-unittest.' + BASEDOMAIN


def test_myip(client):
    response = client.get(reverse('myip'))
    assert response.status_code == 200
    assert response.content in [b'127.0.0.1', b'::1']


def test_nic_update_noauth(client):
    response = client.get(reverse('nic_update'))
    assert response.status_code == 401
    assert response.content == b'badauth'


def make_basic_auth_header(username, password):
    import base64
    return b'Basic ' + base64.b64encode((username + ':' + password).encode('utf-8'))


def test_nic_update_badauth(client):
    response = client.get(reverse('nic_update'),
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, "wrong"))
    assert response.status_code == 401
    assert response.content == b'badauth'


def test_nic_update_authorized_nonexistent_host(client):
    response = client.get(reverse('nic_update') + '?hostname=nonexistent.nsupdate.info',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # we must not get this updated, it doesn't exist in the database:
    assert response.content == b'nohost'


def test_nic_update_authorized_foreign_host(client):
    response = client.get(reverse('nic_update') + '?hostname=%s' % TEST_HOST2,
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # we must not get this updated, this is a host of some other user!
    assert response.content == b'nohost'


def test_nic_update_authorized_not_fqdn_hostname(client):
    response = client.get(reverse('nic_update') + '?hostname=test',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    assert response.content == b'notfqdn'


def test_nic_update_authorized_not_fqdn_username(client):
    response = client.get(reverse('nic_update'),
                          HTTP_AUTHORIZATION=make_basic_auth_header('test', TEST_SECRET))
    assert response.status_code == 200
    assert response.content == b'notfqdn'


def test_nic_update_authorized(client):
    response = client.get(reverse('nic_update'),
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # we don't care whether it is nochg or good, but should be one of them:
    content = response.content.decode('utf-8')
    assert content.startswith('good ') or content.startswith('nochg ')


def test_nic_update_authorized_myip(client):
    response = client.get(reverse('nic_update') + '?myip=4.3.2.1',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # we don't care whether it is nochg or good, but should be the ip from myip=...:
    assert response.content in [b'good 4.3.2.1', b'nochg 4.3.2.1']
    response = client.get(reverse('nic_update') + '?myip=1.2.3.4',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # must be good (was different IP)
    assert response.content == b'good 1.2.3.4'
    response = client.get(reverse('nic_update') + '?myip=1.2.3.4',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # must be nochg (was same IP)
    assert response.content == b'nochg 1.2.3.4'


def test_nic_update_authorized_update_other_services(client):
    response = client.get(reverse('nic_update') + '?myip=4.3.2.1',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # we don't care whether it is nochg or good, but should be the ip from myip=...:
    assert response.content in [b'good 4.3.2.1', b'nochg 4.3.2.1']
    response = client.get(reverse('nic_update') + '?myip=1.2.3.4',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # must be good (was different IP)
    assert response.content == b'good 1.2.3.4'
    # now check if it updated the other service also:
    assert query_ns(HOSTNAME, 'A') == '1.2.3.4'
    response = client.get(reverse('nic_update') + '?myip=2.3.4.5',
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
    assert response.status_code == 200
    # must be good (was different IP)
    assert response.content == b'good 2.3.4.5'
    # now check if it updated the other service also:
    assert query_ns(HOSTNAME, 'A') == '2.3.4.5'


def test_nic_update_authorized_badagent(client, settings):
    settings.BAD_AGENTS = ['foo', 'bad_agent', 'bar', ]
    response = client.get(reverse('nic_update'),
                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET),
                          HTTP_USER_AGENT='bad_agent')
    assert response.status_code == 200
    assert response.content == b'badagent'


def test_nic_update_session_nosession(client):
    response = client.get(reverse('nic_update_authorized'))
    assert response.status_code == 302  # redirects to login view


def test_nic_update_session_no_hostname(client):
    client.login(username=USERNAME, password=PASSWORD)
    response = client.get(reverse('nic_update_authorized'))
    assert response.status_code == 200
    assert response.content == b'nohost'  # we did not tell which host


def test_nic_update_session(client):
    client.login(username=USERNAME, password=PASSWORD)
    response = client.get(reverse('nic_update_authorized') + '?hostname=%s' % (TEST_HOST, ))
    assert response.status_code == 200
    content = response.content.decode('utf-8')
    assert content.startswith('good ') or content.startswith('nochg ')


def test_nic_update_session_myip(client):
    client.login(username=USERNAME, password=PASSWORD)
    response = client.get(reverse('nic_update_authorized') + '?hostname=%s&myip=%s' % (TEST_HOST, '1.2.3.4'))
    assert response.status_code == 200
    content = response.content.decode('utf-8')
    assert content.startswith('good 1.2.3.4') or content.startswith('nochg 1.2.3.4')


def test_nic_update_session_foreign_host(client):
    client.login(username=USERNAME, password=PASSWORD)
    response = client.get(reverse('nic_update_authorized') + '?hostname=%s' % TEST_HOST2)
    assert response.status_code == 200
    # we must not get this updated, this is a host of some other user!
    assert response.content == b'nohost'


def test_detect_ip_invalid_session(client):
    response = client.get(reverse('detectip', args=('invalid_session_id', )))
    assert response.status_code == 204


def test_ajax_get_ips(client):
    response = client.get(reverse('ajax_get_ips'))
    assert response.status_code == 200
adding nic api tests 2013-10-03 21:52:35 +02:00			`"""`
			`Tests for api package.`
			`"""`

			`import pytest`

name api views, use reverse() in unit tests 2013-11-15 12:14:36 +01:00			`from django.core.urlresolvers import reverse`

implement "update other services", with tests, no ui yet (can be used when adding the records via django admin) 2013-11-26 08:10:05 +01:00			`from nsupdate.main.dnstools import query_ns`

adding nic api tests 2013-10-03 21:52:35 +02:00
a real nic update api test, using basic auth generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database add a User and a Host to the test db 2013-11-16 01:25:05 +01:00			`TEST_HOST = "test.nsupdate.info"`
more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00			`TEST_HOST2 = "test2.nsupdate.info"`
a real nic update api test, using basic auth generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database add a User and a Host to the test db 2013-11-16 01:25:05 +01:00			`TEST_SECRET = "secret"`

added test for nic_update_session 2013-11-16 07:23:44 +01:00			`USERNAME = 'test'`
			`PASSWORD = 'pass'`

implement "update other services", with tests, no ui yet (can be used when adding the records via django admin) 2013-11-26 08:10:05 +01:00			`BASEDOMAIN = "nsupdate.info"`
			`HOSTNAME = 'nsupdate-ddns-client-unittest.' + BASEDOMAIN`

a real nic update api test, using basic auth generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database add a User and a Host to the test db 2013-11-16 01:25:05 +01:00
adding nic api tests 2013-10-03 21:52:35 +02:00			`def test_myip(client):`
name api views, use reverse() in unit tests 2013-11-15 12:14:36 +01:00			`response = client.get(reverse('myip'))`
adding nic api tests 2013-10-03 21:52:35 +02:00			`assert response.status_code == 200`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content in [b'127.0.0.1', b'::1']`
adding nic api tests 2013-10-03 21:52:35 +02:00

update api: there is no "noauth" return value, it must be "badauth" 2013-11-16 06:09:56 +01:00			`def test_nic_update_noauth(client):`
more api tests (mostly triggering execution of some code) it's hard to test anything without a user / http auth / login / session. 2013-11-15 13:00:57 +01:00			`response = client.get(reverse('nic_update'))`
adding nic api tests 2013-10-03 21:52:35 +02:00			`assert response.status_code == 401`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'badauth'`
more api tests (mostly triggering execution of some code) it's hard to test anything without a user / http auth / login / session. 2013-11-15 13:00:57 +01:00

a real nic update api test, using basic auth generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database add a User and a Host to the test db 2013-11-16 01:25:05 +01:00			`def make_basic_auth_header(username, password):`
			`import base64`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`return b'Basic ' + base64.b64encode((username + ':' + password).encode('utf-8'))`
a real nic update api test, using basic auth generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database add a User and a Host to the test db 2013-11-16 01:25:05 +01:00

update api: there is no "noauth" return value, it must be "badauth" 2013-11-16 06:09:56 +01:00			`def test_nic_update_badauth(client):`
			`response = client.get(reverse('nic_update'),`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, "wrong"))`
			`assert response.status_code == 401`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'badauth'`
update api: there is no "noauth" return value, it must be "badauth" 2013-11-16 06:09:56 +01:00

more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00			`def test_nic_update_authorized_nonexistent_host(client):`
			`response = client.get(reverse('nic_update') + '?hostname=nonexistent.nsupdate.info',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# we must not get this updated, it doesn't exist in the database:`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'nohost'`
more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00

			`def test_nic_update_authorized_foreign_host(client):`
			`response = client.get(reverse('nic_update') + '?hostname=%s' % TEST_HOST2,`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# we must not get this updated, this is a host of some other user!`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'nohost'`
more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00

support notfqdn api result code we do not really need it as far as the service is concerned (we would give some other valid failure result code), but it might help to user to more quickly find the mistake in his client configuration. 2013-11-24 06:42:55 +01:00			`def test_nic_update_authorized_not_fqdn_hostname(client):`
			`response = client.get(reverse('nic_update') + '?hostname=test',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'notfqdn'`
support notfqdn api result code we do not really need it as far as the service is concerned (we would give some other valid failure result code), but it might help to user to more quickly find the mistake in his client configuration. 2013-11-24 06:42:55 +01:00

			`def test_nic_update_authorized_not_fqdn_username(client):`
			`response = client.get(reverse('nic_update'),`
			`HTTP_AUTHORIZATION=make_basic_auth_header('test', TEST_SECRET))`
			`assert response.status_code == 200`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'notfqdn'`
support notfqdn api result code we do not really need it as far as the service is concerned (we would give some other valid failure result code), but it might help to user to more quickly find the mistake in his client configuration. 2013-11-24 06:42:55 +01:00

a real nic update api test, using basic auth generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database add a User and a Host to the test db 2013-11-16 01:25:05 +01:00			`def test_nic_update_authorized(client):`
			`response = client.get(reverse('nic_update'),`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# we don't care whether it is nochg or good, but should be one of them:`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`content = response.content.decode('utf-8')`
			`assert content.startswith('good ') or content.startswith('nochg ')`
a real nic update api test, using basic auth generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database add a User and a Host to the test db 2013-11-16 01:25:05 +01:00

more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00			`def test_nic_update_authorized_myip(client):`
			`response = client.get(reverse('nic_update') + '?myip=4.3.2.1',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# we don't care whether it is nochg or good, but should be the ip from myip=...:`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content in [b'good 4.3.2.1', b'nochg 4.3.2.1']`
more tests, better coverage 2013-11-21 04:02:16 +01:00			`response = client.get(reverse('nic_update') + '?myip=1.2.3.4',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# must be good (was different IP)`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'good 1.2.3.4'`
more tests, better coverage 2013-11-21 04:02:16 +01:00			`response = client.get(reverse('nic_update') + '?myip=1.2.3.4',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# must be nochg (was same IP)`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'nochg 1.2.3.4'`
more tests, better coverage 2013-11-21 04:02:16 +01:00

implement "update other services", with tests, no ui yet (can be used when adding the records via django admin) 2013-11-26 08:10:05 +01:00			`def test_nic_update_authorized_update_other_services(client):`
			`response = client.get(reverse('nic_update') + '?myip=4.3.2.1',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# we don't care whether it is nochg or good, but should be the ip from myip=...:`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content in [b'good 4.3.2.1', b'nochg 4.3.2.1']`
implement "update other services", with tests, no ui yet (can be used when adding the records via django admin) 2013-11-26 08:10:05 +01:00			`response = client.get(reverse('nic_update') + '?myip=1.2.3.4',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# must be good (was different IP)`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'good 1.2.3.4'`
implement "update other services", with tests, no ui yet (can be used when adding the records via django admin) 2013-11-26 08:10:05 +01:00			`# now check if it updated the other service also:`
			`assert query_ns(HOSTNAME, 'A') == '1.2.3.4'`
			`response = client.get(reverse('nic_update') + '?myip=2.3.4.5',`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))`
			`assert response.status_code == 200`
			`# must be good (was different IP)`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'good 2.3.4.5'`
implement "update other services", with tests, no ui yet (can be used when adding the records via django admin) 2013-11-26 08:10:05 +01:00			`# now check if it updated the other service also:`
			`assert query_ns(HOSTNAME, 'A') == '2.3.4.5'`


more tests, better coverage 2013-11-21 04:02:16 +01:00			`def test_nic_update_authorized_badagent(client, settings):`
			`settings.BAD_AGENTS = ['foo', 'bad_agent', 'bar', ]`
			`response = client.get(reverse('nic_update'),`
			`HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET),`
			`HTTP_USER_AGENT='bad_agent')`
			`assert response.status_code == 200`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'badagent'`
more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00

added test for nic_update_session 2013-11-16 07:23:44 +01:00			`def test_nic_update_session_nosession(client):`
more api tests (mostly triggering execution of some code) it's hard to test anything without a user / http auth / login / session. 2013-11-15 13:00:57 +01:00			`response = client.get(reverse('nic_update_authorized'))`
			`assert response.status_code == 302 # redirects to login view`


more tests, better coverage 2013-11-21 04:02:16 +01:00			`def test_nic_update_session_no_hostname(client):`
added test for nic_update_session 2013-11-16 07:23:44 +01:00			`client.login(username=USERNAME, password=PASSWORD)`
			`response = client.get(reverse('nic_update_authorized'))`
			`assert response.status_code == 200`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'nohost' # we did not tell which host`
more tests, better coverage 2013-11-21 04:02:16 +01:00

			`def test_nic_update_session(client):`
			`client.login(username=USERNAME, password=PASSWORD)`
			`response = client.get(reverse('nic_update_authorized') + '?hostname=%s' % (TEST_HOST, ))`
added test for nic_update_session 2013-11-16 07:23:44 +01:00			`assert response.status_code == 200`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`content = response.content.decode('utf-8')`
			`assert content.startswith('good ') or content.startswith('nochg ')`
added test for nic_update_session 2013-11-16 07:23:44 +01:00

more tests, better coverage 2013-11-21 04:02:16 +01:00			`def test_nic_update_session_myip(client):`
			`client.login(username=USERNAME, password=PASSWORD)`
			`response = client.get(reverse('nic_update_authorized') + '?hostname=%s&myip=%s' % (TEST_HOST, '1.2.3.4'))`
			`assert response.status_code == 200`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`content = response.content.decode('utf-8')`
			`assert content.startswith('good 1.2.3.4') or content.startswith('nochg 1.2.3.4')`
more tests, better coverage 2013-11-21 04:02:16 +01:00

more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00			`def test_nic_update_session_foreign_host(client):`
			`client.login(username=USERNAME, password=PASSWORD)`
			`response = client.get(reverse('nic_update_authorized') + '?hostname=%s' % TEST_HOST2)`
			`assert response.status_code == 200`
			`# we must not get this updated, this is a host of some other user!`
python 3.3 port not much tested yet, be careful 2013-12-14 00:35:29 +01:00			`assert response.content == b'nohost'`
more api tests, add another user and another host so we can test separation 2013-11-16 07:51:04 +01:00

			`def test_detect_ip_invalid_session(client):`
more api tests (mostly triggering execution of some code) it's hard to test anything without a user / http auth / login / session. 2013-11-15 13:00:57 +01:00			`response = client.get(reverse('detectip', args=('invalid_session_id', )))`
			`assert response.status_code == 204`


			`def test_ajax_get_ips(client):`
			`response = client.get(reverse('ajax_get_ips'))`
			`assert response.status_code == 200`