Gitiles
Code Review Sign In
gerrit.avm99963.com / monorail-avm99963 / 0ae79a7eff83d52080fbcfd788be860cc25cfd11 / . / framework / test / jsonfeed_test.py
blob: 7c9a6b603f5aa6120e6ba318a4e7544047717e99 [file] [log] [blame]
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]1# Copyright 2016 The Chromium Authors
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]4
5"""Unit tests for jsonfeed module."""
6from __future__ import print_function
7from __future__ import division
8from __future__ import absolute_import
9
Adrià Vilanova Martínezde942802022-07-15 14:06:55 +0200[diff] [blame]10from six.moves import http_client
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]11import unittest
12
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]13import flask
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]14from google.appengine.api import app_identity
15
16from framework import jsonfeed
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]17from framework import xsrf
18from services import service_manager
19from testing import testing_helpers
20
21
22class JsonFeedTest(unittest.TestCase):
23
24 def setUp(self):
25 self.cnxn = 'fake cnxn'
26
27 def testGet(self):
28 """Tests handling of GET requests."""
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]29 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]30
31 # all expected args are present + a bonus arg that should be ignored
32 feed.mr = testing_helpers.MakeMonorailRequest(
33 path='/foo/bar/wee?sna=foo', method='POST',
34 params={'a': '123', 'z': 'zebra'})
35 feed.get()
36
37 self.assertEqual(True, feed.handle_request_called)
38 self.assertEqual(1, len(feed.json_data))
39
40 def testPost(self):
41 """Tests handling of POST requests."""
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]42 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]43 feed.mr = testing_helpers.MakeMonorailRequest(
44 path='/foo/bar/wee?sna=foo', method='POST',
45 params={'a': '123', 'z': 'zebra'})
46
47 feed.post()
48
49 self.assertEqual(True, feed.handle_request_called)
50 self.assertEqual(1, len(feed.json_data))
51
52 def testSecurityTokenChecked_BadToken(self):
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]53 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]54 feed.mr = testing_helpers.MakeMonorailRequest(
55 user_info={'user_id': 555})
56 # Note that feed.mr has no token set.
57 self.assertRaises(xsrf.TokenIncorrect, feed.get)
58 self.assertRaises(xsrf.TokenIncorrect, feed.post)
59
60 feed.mr.token = 'bad token'
61 self.assertRaises(xsrf.TokenIncorrect, feed.get)
62 self.assertRaises(xsrf.TokenIncorrect, feed.post)
63
64 def testSecurityTokenChecked_HandlerDoesNotNeedToken(self):
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]65 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]66 feed.mr = testing_helpers.MakeMonorailRequest(
67 user_info={'user_id': 555})
68 # Note that feed.mr has no token set.
69 feed.CHECK_SECURITY_TOKEN = False
70 feed.get()
71 feed.post()
72
73 def testSecurityTokenChecked_AnonUserDoesNotNeedToken(self):
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]74 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]75 feed.mr = testing_helpers.MakeMonorailRequest()
76 # Note that feed.mr has no token set, but also no auth.user_id.
77 feed.get()
78 feed.post()
79
80 def testSameAppOnly_ExternallyAccessible(self):
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]81 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]82 feed.mr = testing_helpers.MakeMonorailRequest()
83 # Note that request has no X-Appengine-Inbound-Appid set.
84 feed.get()
85 feed.post()
86
87 def testSameAppOnly_InternalOnlyCalledFromSameApp(self):
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]88 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]89 feed.CHECK_SAME_APP = True
90 feed.mr = testing_helpers.MakeMonorailRequest()
91 app_id = app_identity.get_application_id()
92 feed.mr.request.headers['X-Appengine-Inbound-Appid'] = app_id
93 feed.get()
94 feed.post()
95
96 def testSameAppOnly_InternalOnlyCalledExternally(self):
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]97 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]98 feed.CHECK_SAME_APP = True
99 feed.mr = testing_helpers.MakeMonorailRequest()
100 # Note that request has no X-Appengine-Inbound-Appid set.
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]101 feed.response = flask.Response()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]102 self.assertIsNone(feed.get())
103 self.assertFalse(feed.handle_request_called)
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]104 self.assertEqual(http_client.FORBIDDEN, feed.response.status_code)
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]105 self.assertIsNone(feed.post())
106 self.assertFalse(feed.handle_request_called)
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]107 self.assertEqual(http_client.FORBIDDEN, feed.response.status_code)
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]108
109 def testSameAppOnly_InternalOnlyCalledFromWrongApp(self):
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]110 feed = _TestableJsonFeed()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]111 feed.CHECK_SAME_APP = True
112 feed.mr = testing_helpers.MakeMonorailRequest()
113 feed.mr.request.headers['X-Appengine-Inbound-Appid'] = 'wrong'
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]114 feed.response = flask.Response()
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]115 self.assertIsNone(feed.get())
116 self.assertFalse(feed.handle_request_called)
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]117 self.assertEqual(http_client.FORBIDDEN, feed.response.status_code)
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]118 self.assertIsNone(feed.post())
119 self.assertFalse(feed.handle_request_called)
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]120 self.assertEqual(http_client.FORBIDDEN, feed.response.status_code)
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]121
122
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]123class _TestableJsonFeed(jsonfeed.JsonFeed):
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]124
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100[diff] [blame]125 def __init__(self):
126 super(_TestableJsonFeed, self).__init__(services=service_manager.Services())
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]127
128 self.response_data = None
129 self.handle_request_called = False
130 self.json_data = None
131
132 def HandleRequest(self, mr):
133 self.handle_request_called = True
134 return {'a': mr.GetParam('a')}
135
136 # The output chain is hard to double so we pass on that phase,
137 # but save the response data for inspection
138 def _RenderJsonResponse(self, json_data):
139 self.json_data = json_data