tests for deleting and deactivating tokens

This commit is contained in:
Simon Pirkelmann 2022-01-31 22:27:38 +01:00
parent 8d02e669f8
commit 3bbf60b42f
2 changed files with 110 additions and 34 deletions

View File

@ -411,7 +411,10 @@ def delete_token(token):
""" """
tokens = current_app.door.get_tokens() tokens = current_app.door.get_tokens()
if token in tokens: if token not in tokens:
flash(f'Ungültiger Token {token} für Löschung.')
return redirect('/tokens')
token_to_delete = tokens[token] token_to_delete = tokens[token]
# set up form for confirming deletion # set up form for confirming deletion
@ -426,7 +429,8 @@ def delete_token(token):
tokens.pop(token) tokens.pop(token)
try: try:
current_app.door.store_tokens(tokens) current_app.door.store_tokens(tokens)
current_app.logger.info(f"Token {token} was deleted from database by admin user {current_user.username}") current_app.logger.info(f"Token {token} was deleted from database "
f"by admin user {current_user.username}")
except Exception as e: except Exception as e:
flash(f"Error during store_tokens. Exception: {e}") flash(f"Error during store_tokens. Exception: {e}")
flash(f"Token {token} wurde gelöscht!") flash(f"Token {token} wurde gelöscht!")
@ -434,10 +438,10 @@ def delete_token(token):
else: else:
# form validation failed -> return to token overview and flash message # form validation failed -> return to token overview and flash message
flash( flash(
f"Der eingegebene Name stimmt nicht überein. Der Token {token} von {token_to_delete['name']} wurde nicht gelöscht.") f"Der eingegebene Name stimmt nicht überein. Error: {form.errors}"
return redirect('/tokens') f"Der Token {token} von {token_to_delete['name']} wurde nicht "
else: "gelöscht."
flash(f'Ungültiger Token {token} für Löschung.') )
return redirect('/tokens') return redirect('/tokens')
@ -452,7 +456,11 @@ def deactivate_token(token):
The token to deactivate. The token to deactivate.
""" """
tokens = current_app.door.get_tokens() tokens = current_app.door.get_tokens()
if token in tokens:
if token not in tokens:
flash(f'Ungültiger Token {token} für Deaktivierung.')
return redirect('/tokens')
tokens[token]['inactive'] = True tokens[token]['inactive'] = True
try: try:
current_app.door.store_tokens(tokens) current_app.door.store_tokens(tokens)

View File

@ -6,6 +6,7 @@ from flask_security.utils import find_user
from imaginaerraum_door_admin.door_handle import DoorHandle from imaginaerraum_door_admin.door_handle import DoorHandle
import re import re
import secrets import secrets
import pathlib
def test_login(browser, live_server): def test_login(browser, live_server):
@ -336,6 +337,11 @@ def test_register_token(client_authenticated, mocker):
assert 'Elves' in page_src assert 'Elves' in page_src
assert 'legolas@mirkwood.me' in page_src assert 'legolas@mirkwood.me' in page_src
# check that the token is created in the token file
token_data = pathlib.Path(client_authenticated.application.config['TOKEN_FILE']).read_text()
assert '042979fa181280' in token_data
assert 'Legolas' in token_data
def test_edit_token(client_authenticated): def test_edit_token(client_authenticated):
# test with invalid token # test with invalid token
@ -373,4 +379,66 @@ def test_edit_token(client_authenticated):
assert 'Dwarves' in page_src assert 'Dwarves' in page_src
assert 'balin@erebor.me' in page_src assert 'balin@erebor.me' in page_src
pass # check that the token is changed in the token file
token_data = pathlib.Path(client_authenticated.application.config['TOKEN_FILE']).read_text()
assert '04538cfa186280' in token_data
assert 'Balin' in token_data
def test_delete_token(client_authenticated):
token_data = pathlib.Path(
client_authenticated.application.config['TOKEN_FILE']).read_text()
assert '04538cfa186280' in token_data
# test with invalid token
response = client_authenticated.get(f"/delete-token/nosuchtoken",
follow_redirects=True)
page_src = response.data.decode()
assert 'Ungültiger Token' in page_src
# test using a valid token from the token file
response = client_authenticated.get(f"/delete-token/043a81fa186280",
follow_redirects=True)
csrf_token = extract_csrf_token(response)
# try deleting without form data
response = client_authenticated.post(f"/delete-token/043a81fa186280",
follow_redirects=True)
page_src = response.data.decode()
assert "wurde nicht gelöscht" in page_src
payload = {
'name': 'Bilbo',
'csrf_token': csrf_token
}
response = client_authenticated.post(f"/delete-token/043a81fa186280",
data=payload,
follow_redirects=True)
page_src = response.data.decode()
print(page_src)
assert "wurde gelöscht" in page_src
# check that the token is now gone from the token file
token_data = pathlib.Path(client_authenticated.application.config['TOKEN_FILE']).read_text()
assert '043a81fa186280' not in token_data
def test_deactivate_token(client_authenticated):
token_data = pathlib.Path(
client_authenticated.application.config['TOKEN_FILE']).read_text()
assert '04387cfa186280' in token_data
# test with invalid token
response = client_authenticated.get(f"/deactivate-token/nosuchtoken",
follow_redirects=True)
page_src = response.data.decode()
assert 'Ungültiger Token' in page_src
# deactivate token
response = client_authenticated.get(f"/deactivate-token/04387cfa186280",
follow_redirects=True)
# check that the token is now gone from the token file
token_data = pathlib.Path(
client_authenticated.application.config['TOKEN_FILE']).read_text()
assert '#04387cfa186280' in token_data