User.objects.all().delete()
def test_create_token(self):
- base_query = ("oauth_consumer_key=client&oauth_nonce=123&"
+ base_query = ("oauth_consumer_key=client&oauth_nonce=12345678&"
"oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&"
"oauth_version=1.0".format(int(time())))
raw = '&'.join([
key=request_token['oauth_token'][0], token_type=Token.REQUEST
).update(user=self.user, is_approved=True)
- base_query = ("oauth_consumer_key=client&oauth_nonce=123&"
+ base_query = ("oauth_consumer_key=client&oauth_nonce=12345678&"
"oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&"
"oauth_token={}&oauth_version=1.0".format(
int(time()), request_token['oauth_token'][0]))
cls.consumer.delete()
super(AuthorizedTests, cls).tearDownClass()
- def signed(self, url, method='GET', params=None):
+ def signed(self, url, method='GET', params=None, data=None):
auth_params = {
"oauth_consumer_key": self.consumer.key,
- "oauth_nonce": "%f" % time(),
+ "oauth_nonce": ("%f" % time()).replace('.', ''),
"oauth_signature_method": "HMAC-SHA1",
"oauth_timestamp": int(time()),
"oauth_token": self.token.key,
sign_params = {}
if params:
sign_params.update(params)
+ if data:
+ sign_params.update(data)
sign_params.update(auth_params)
raw = "&".join([
method.upper(),
quote('http://testserver' + url, safe=''),
quote("&".join(
- quote(str(k)) + "=" + quote(str(v))
+ quote(str(k), safe='') + "=" + quote(str(v), safe='')
for (k, v) in sorted(sign_params.items())))
])
auth_params["oauth_signature"] = quote(b64encode(hmac.new(
if params:
url = url + '?' + urlencode(params)
return getattr(self.client, method.lower())(
- url,
- HTTP_AUTHORIZATION=auth
- )
+ url,
+ data=urlencode(data) if data else None,
+ content_type='application/x-www-form-urlencoded',
+ HTTP_AUTHORIZATION=auth,
+ )
- def signed_json(self, url, method='GET', params=None):
- return json.loads(self.signed(url, method, params).content)
+ def signed_json(self, url, method='GET', params=None, data=None):
+ return json.loads(self.signed(url, method, params, data).content)
def test_books(self):
self.assertEqual(
[b['liked'] for b in self.signed_json('/api/books/')],
[False, False, False]
)
- # This one fails in the legacy implementation
- # data = self.signed_json('/api/books/child/')
- # self.assertFalse(data['parent']['liked'])
- # self.assertFalse(data['children'][0]['liked'])
+ data = self.signed_json('/api/books/child/')
+ self.assertFalse(data['parent']['liked'])
+ self.assertFalse(data['children'][0]['liked'])
self.assertEqual(
self.signed_json('/api/like/parent/'),
self.assertTrue(self.signed_json(
'/api/filter-books/', params={"search": "parent"})[0]['liked'])
- # This one fails in the legacy implementation.
- #self.assertTrue(self.signed_json(
- # '/api/books/child/')['parent']['liked'])
+ self.assertTrue(self.signed_json(
+ '/api/books/child/')['parent']['liked'])
# Liked books go on shelf.
self.assertEqual(
[x['slug'] for x in self.signed_json('/api/shelf/likes/')],
self.assertEqual(
self.signed('/api/epub/grandchild/').content,
"<epub>")
+
+ def test_publish(self):
+ response = self.signed('/api/books/',
+ method='POST',
+ data={"data": json.dumps({})})
+ self.assertEqual(response.status_code, 403)
+
+ response = self.signed('/api/pictures/',
+ method='POST',
+ data={"data": json.dumps({})})
+ self.assertEqual(response.status_code, 403)
+
+ self.user.is_superuser = True
+ self.user.save()
+
+ with patch('catalogue.models.Book.from_xml_file') as mock:
+ response = self.signed('/api/books/',
+ method='POST',
+ data={"data": json.dumps({
+ "book_xml": "<utwor/>"
+ })})
+ self.assertTrue(mock.called)
+ self.assertEqual(response.status_code, 201)
+
+ with patch('picture.models.Picture.from_xml_file') as mock:
+ response = self.signed('/api/pictures/',
+ method='POST',
+ data={"data": json.dumps({
+ "picture_xml": "<utwor/>",
+ "picture_image_data": "Kg==",
+ })})
+ self.assertTrue(mock.called)
+ self.assertEqual(response.status_code, 201)
+
+ self.user.is_superuser = False
+ self.user.save()
fnp / wolnelektury.git / blobdiff