1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-22 08:15:18 +00:00

tests: Lease and attribute API call fixes

This commit is contained in:
Lauri Võsandi 2017-05-04 10:02:14 +00:00
parent 8c8a3a9930
commit a75fb58cb5
2 changed files with 19 additions and 2 deletions

View File

@ -15,6 +15,7 @@ class AttributeResource(object):
Return extended attributes stored on the server.
This not only contains tags and lease information,
but might also contain some other sensitive information.
Results made available only to lease IP address.
"""
try:
path, buf, cert = authority.get_signed(cn)

View File

@ -245,6 +245,9 @@ def test_cli_setup_authority():
r = client().simulate_delete("/api/request/test/",
headers={"Authorization":admintoken})
assert r.status_code == 200, r.text
r = client().simulate_delete("/api/request/nonexistant/",
headers={"Authorization":admintoken})
assert r.status_code == 404, r.text
# Test request submission corner cases
r = client().simulate_post("/api/request/",
@ -376,6 +379,8 @@ def test_cli_setup_authority():
# Test attribute fetching API call
r = client().simulate_get("/api/signed/test/attr/")
assert r.status_code == 403, r.text
r = client().simulate_get("/api/signed/nonexistant/attr/")
assert r.status_code == 404, r.text
r = client().simulate_get("/api/signed/test/lease/", headers={"Authorization":admintoken})
assert r.status_code == 404, r.text
@ -383,9 +388,20 @@ def test_cli_setup_authority():
r = client().simulate_post("/api/lease/",
query_string = "client=test&address=127.0.0.1",
headers={"Authorization":admintoken})
assert r.status_code == 200, r.text
assert r.status_code == 200, r.text # lease update ok
r = client().simulate_post("/api/lease/",
query_string = "client=test&address=127.0.0.1&serial=0",
headers={"Authorization":admintoken})
assert r.status_code == 403, r.text # invalid serial number supplied
r = client().simulate_get("/api/signed/test/attr/")
assert r.status_code == 200, r.text
assert r.status_code == 200, r.text # read okay from own address
r = client().simulate_post("/api/lease/",
query_string = "client=test&address=1.2.3.4",
headers={"Authorization":admintoken})
assert r.status_code == 200, r.text # lease update ok
r = client().simulate_get("/api/signed/test/attr/")
assert r.status_code == 403, r.text # read failed from other address
# Test lease retrieval
r = client().simulate_get("/api/signed/test/lease/")