Changeset - 35120990752f
Parent rev.
Child rev.
[Not reviewed]
default
0 2 0
Christian Oyarzun - 10 years ago 2015-05-21 21:52:30
oyarzun@gmail.com
admin: use POST in routing for adding API keys for users - match template change in 6f6aab7ca754
2 files changed with 3 insertions and 3 deletions:
kallithea/config/routing.py
1
1
kallithea/tests/functional/test_admin_users.py
2
2
0 comments (0 inline, 0 general)
kallithea/config/routing.py
Show inline comments
 
@@ -197,25 +197,25 @@ def make_map(config):
 
        m.connect("user", "/users/{id}",
 
                  action="show", conditions=dict(method=["GET"]))
 

			




	
	
	
		
 
        #EXTRAS USER ROUTES

			




	
	
	
		
 
        m.connect("edit_user_advanced", "/users/{id}/edit/advanced",

			




	
	
	
		
 
                  action="edit_advanced", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_advanced", "/users/{id}/edit/advanced",

			




	
	
	
		
 
                  action="update_advanced", conditions=dict(method=["PUT"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="edit_api_keys", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="add_api_key", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
                  action="add_api_key", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="delete_api_key", conditions=dict(method=["DELETE"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

			




	
	
	
		
 
                  action="edit_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

			




	
	
	
		
 
                  action="update_perms", conditions=dict(method=["PUT"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_emails", "/users/{id}/edit/emails",

			




	
	
	
		
 
                  action="edit_emails", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_emails", "/users/{id}/edit/emails",

			




	
	
	
		
 
                  action="add_email", conditions=dict(method=["PUT"]))

			




        

    


    
    

    

        

                

                    kallithea/tests/functional/test_admin_users.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -442,43 +442,43 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 

			




	
	
	
		
 
    @parameterized.expand([

			




	
	
	
		
 
        ('forever', -1),

			




	
	
	
		
 
        ('5mins', 60*5),

			




	
	
	
		
 
        ('30days', 60*60*24*30),

			




	
	
	
		
 
    ])

			




	
	
	
		
 
    def test_add_api_keys(self, desc, lifetime):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        user = User.get_by_username(TEST_USER_REGULAR_LOGIN)

			




	
	
	
		
 
        user_id = user.user_id

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys', id=user_id),

			




	
	
	
		
 
                 {'_method': 'put', 'description': desc, 'lifetime': lifetime, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
                 {'description': desc, 'lifetime': lifetime, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'API key successfully created')

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            response = response.follow()

			




	
	
	
		
 
            user = User.get(user_id)

			




	
	
	
		
 
            for api_key in user.api_keys:

			




	
	
	
		
 
                response.mustcontain(api_key)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            for api_key in UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all():

			




	
	
	
		
 
                Session().delete(api_key)

			




	
	
	
		
 
                Session().commit()

			




	
	
	
		
 

			




	
	
	
		
 
    def test_remove_api_key(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        user = User.get_by_username(TEST_USER_REGULAR_LOGIN)

			




	
	
	
		
 
        user_id = user.user_id

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys', id=user_id),

			




	
	
	
		
 
                {'_method': 'put', 'description': 'desc', 'lifetime': -1, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
                {'description': 'desc', 'lifetime': -1, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'API key successfully created')

			




	
	
	
		
 
        response = response.follow()

			




	
	
	
		
 

			




	
	
	
		
 
        #now delete our key

			




	
	
	
		
 
        keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()

			




	
	
	
		
 
        self.assertEqual(1, len(keys))

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys', id=user_id),

			




	
	
	
		
 
                 {'_method': 'delete', 'del_api_key': keys[0].api_key, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'API key successfully deleted')

			




	
	
	
		
 
        keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()

			




	
	
	
		
 
        self.assertEqual(0, len(keys))

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.