From de087a3af121a08c462271bfe0edf8699470d766 Mon Sep 17 00:00:00 2001 From: "robin.keunen" Date: Fri, 3 Apr 2020 14:37:28 +0200 Subject: [PATCH] [ADD] emc_api: user authentification --- easy_my_coop_api/controllers/__init__.py | 2 +- .../{ping_controller.py => controllers.py} | 9 ++++---- easy_my_coop_api/services/ping_service.py | 9 ++++---- easy_my_coop_api/tests/common.py | 21 +++++++++++++++++++ easy_my_coop_api/tests/test_ping.py | 7 ++++--- easy_my_coop_api/tests/test_registry.py | 8 +++---- .../tests/test_subscription_requests.py | 6 ++++++ 7 files changed, 45 insertions(+), 17 deletions(-) rename easy_my_coop_api/controllers/{ping_controller.py => controllers.py} (69%) diff --git a/easy_my_coop_api/controllers/__init__.py b/easy_my_coop_api/controllers/__init__.py index e505936..e046e49 100644 --- a/easy_my_coop_api/controllers/__init__.py +++ b/easy_my_coop_api/controllers/__init__.py @@ -1 +1 @@ -from . import ping_controller +from . import controllers diff --git a/easy_my_coop_api/controllers/ping_controller.py b/easy_my_coop_api/controllers/controllers.py similarity index 69% rename from easy_my_coop_api/controllers/ping_controller.py rename to easy_my_coop_api/controllers/controllers.py index 90e8d06..58b7dba 100644 --- a/easy_my_coop_api/controllers/ping_controller.py +++ b/easy_my_coop_api/controllers/controllers.py @@ -7,17 +7,18 @@ from odoo.addons.base_rest.controllers import main from odoo.http import route -class PingController(main.RestController): +class UserController(main.RestController): _root_path = "/api/" _collection_name = "emc.services" - _default_auth = "public" + _default_auth = "user" @route( - _root_path + "/ping", + _root_path + "/test", methods=["GET"], + auth="public", csrf=False, ) def test(self, _service_name, _id=None, **params): return self._process_method( - _service_name, "ping", _id=_id, params=params + _service_name, "test", _id=_id, params=params ) diff --git a/easy_my_coop_api/services/ping_service.py b/easy_my_coop_api/services/ping_service.py index 823033e..738722b 100644 --- a/easy_my_coop_api/services/ping_service.py +++ b/easy_my_coop_api/services/ping_service.py @@ -10,23 +10,22 @@ from odoo import _ class PingService(Component): _inherit = "base.rest.service" _name = "emc.services" - # _name = "ping.services" _usage = "ping" # service_name _collection = "emc.services" _description = """ - Ping services (test the api) + Ping services (test the api) """ - def ping(self): + def test(self): return {"message": _("Called ping on ping API")} def search(self): return {"message": _("Called search on ping API")} - def _validator_ping(self): + def _validator_test(self): return {} - def _validator_return_ping(self): + def _validator_return_test(self): return {"message": {"type": "string"}} def _validator_search(self): diff --git a/easy_my_coop_api/tests/common.py b/easy_my_coop_api/tests/common.py index ebbbb74..188e018 100644 --- a/easy_my_coop_api/tests/common.py +++ b/easy_my_coop_api/tests/common.py @@ -6,6 +6,7 @@ import requests import json import odoo +from lxml import html from odoo.addons.base_rest.tests.common import BaseRestCase @@ -54,3 +55,23 @@ class BaseEMCRestCase(BaseRestCase): if url.startswith("/"): url = "http://%s:%s%s" % (HOST, PORT, url) return self.session.post(url, data=data) + + @staticmethod + def html_doc(response): + """Get an HTML LXML document.""" + return html.fromstring(response.content) + + def login(self, login, password): + url = "/web/login" + response = self.http_get(url) + self.assertEquals(response.status_code, 200) + + doc = self.html_doc(response) + token = doc.xpath("//input[@name='csrf_token']")[0].get("value") + + response = self.http_post( + url=url, + data={"login": login, "password": password, "csrf_token": token}, + ) + self.assertEquals(response.status_code, 200) + return response diff --git a/easy_my_coop_api/tests/test_ping.py b/easy_my_coop_api/tests/test_ping.py index 2389d22..0638e8c 100644 --- a/easy_my_coop_api/tests/test_ping.py +++ b/easy_my_coop_api/tests/test_ping.py @@ -12,25 +12,26 @@ from .common import BaseEMCRestCase class TestPing(BaseEMCRestCase): - def test_ping_service(self): + def test_public_service(self): collection = _PseudoCollection("emc.services", self.env) emc_services_env = WorkContext( model_name="rest.service.registration", collection=collection ) service = emc_services_env.component(usage="ping") - result = service.ping() + result = service.test() self.assertTrue("message" in result) def test_ping_route(self): - response = self.http_get("/api/ping/ping") + response = self.http_get("/api/ping/test") self.assertEquals(response.status_code, 200) content = json.loads(response.content) self.assertTrue("message" in content) def test_search_route(self): + self.login("manager-emc", "demo") response = self.http_get("/api/ping") self.assertEquals(response.status_code, 200) diff --git a/easy_my_coop_api/tests/test_registry.py b/easy_my_coop_api/tests/test_registry.py index c31df1a..eb2e0b7 100644 --- a/easy_my_coop_api/tests/test_registry.py +++ b/easy_my_coop_api/tests/test_registry.py @@ -8,7 +8,7 @@ import odoo from odoo.http import controllers_per_module from odoo.addons.base_rest.tests.common import BaseRestCase -from ..controllers.ping_controller import PingController +from ..controllers.controllers import UserController HOST = "127.0.0.1" PORT = odoo.tools.config["http_port"] @@ -18,11 +18,11 @@ class TestControllerRegistry(BaseRestCase): def test_controller_registry(self): controllers = controllers_per_module["easy_my_coop_api"] self.assertEqual(len(controllers), 1) - self.assertIn( ( - "odoo.addons.easy_my_coop_api.controllers.ping_controller.PingController", - PingController, + "odoo.addons.easy_my_coop_api" + ".controllers.controllers.UserController", + UserController, ), controllers, ) diff --git a/easy_my_coop_api/tests/test_subscription_requests.py b/easy_my_coop_api/tests/test_subscription_requests.py index c2cf699..9e92565 100644 --- a/easy_my_coop_api/tests/test_subscription_requests.py +++ b/easy_my_coop_api/tests/test_subscription_requests.py @@ -42,6 +42,7 @@ class TestSRController(BaseEMCRestCase): self.assertTrue(date_sr) def test_route_get(self): + self.login("manager-emc", "demo") id_ = self.demo_request_1.id route = "/api/subscription_request/%s" % id_ content = self.http_get_content(route) @@ -49,21 +50,25 @@ class TestSRController(BaseEMCRestCase): @odoo.tools.mute_logger("odoo.addons.base_rest.http") def test_route_get_returns_not_found(self): + self.login("manager-emc", "demo") route = "/api/subscription_request/%s" % "99999" response = self.http_get(route) self.assertEquals(response.status_code, 404) def test_route_get_string_returns_method_not_allowed(self): + self.login("manager-emc", "demo") route = "/api/subscription_request/%s" % "abc" response = self.http_get(route) self.assertEquals(response.status_code, 405) def test_route_search_all(self): + self.login("manager-emc", "demo") route = "/api/subscription_request" content = self.http_get_content(route) self.assertIn(self.demo_request_1_dict, content["rows"]) def test_route_search_by_date(self): + self.login("manager-emc", "demo") sr_date = self.demo_request_1.date date_from = Date.to_string(sr_date - timedelta(days=1)) date_to = Date.to_string(sr_date + timedelta(days=1)) @@ -93,6 +98,7 @@ class TestSRController(BaseEMCRestCase): @odoo.tools.mute_logger("odoo.addons.base_rest.http") def test_route_search_acd_date_returns_bad_request(self): + self.login("manager-emc", "demo") route = "/api/subscription_request?date_from=%s" % "20200101" response = self.http_get(route) self.assertEquals(response.status_code, 400)