1
0
mirror of https://github.com/spl0k/supysonic.git synced 2024-12-22 08:56:17 +00:00
supysonic/tests/api/test_user.py

281 lines
10 KiB
Python
Raw Normal View History

2017-11-01 19:55:35 +00:00
# This file is part of Supysonic.
# Supysonic is a Python implementation of the Subsonic server API.
#
# Copyright (C) 2017-2020 Alban 'spl0k' Féron
# 2017 Óscar García Amor
2017-11-01 19:55:35 +00:00
#
# Distributed under terms of the GNU AGPLv3 license.
import unittest
from ..utils import hexlify
2017-11-01 19:55:35 +00:00
from .apitestbase import ApiTestBase
2019-06-29 15:25:44 +00:00
2017-11-01 19:55:35 +00:00
class UserTestCase(ApiTestBase):
def test_get_user(self):
# missing username
2019-06-29 15:25:44 +00:00
self._make_request("getUser", error=10)
2017-11-01 19:55:35 +00:00
# non-existent user
2019-06-29 15:25:44 +00:00
self._make_request("getUser", {"username": "non existent"}, error=70)
2017-11-01 19:55:35 +00:00
# self
2019-06-29 15:25:44 +00:00
rv, child = self._make_request("getUser", {"username": "alice"}, tag="user")
self.assertEqual(child.get("username"), "alice")
self.assertEqual(child.get("adminRole"), "true")
2017-11-01 19:55:35 +00:00
# other
2019-06-29 15:25:44 +00:00
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("username"), "bob")
self.assertEqual(child.get("adminRole"), "false")
2017-11-01 19:55:35 +00:00
# self from non-admin
2019-06-29 15:25:44 +00:00
rv, child = self._make_request(
"getUser", {"u": "bob", "p": "B0b", "username": "bob"}, tag="user"
)
self.assertEqual(child.get("username"), "bob")
self.assertEqual(child.get("adminRole"), "false")
2017-11-01 19:55:35 +00:00
# other from non-admin
2019-06-29 15:25:44 +00:00
self._make_request(
"getUser", {"u": "bob", "p": "B0b", "username": "alice"}, error=50
)
2017-11-01 19:55:35 +00:00
def test_get_users(self):
# non-admin
2019-06-29 15:25:44 +00:00
self._make_request("getUsers", {"u": "bob", "p": "B0b"}, error=50)
2017-11-01 19:55:35 +00:00
# admin
2019-06-29 15:25:44 +00:00
rv, child = self._make_request("getUsers", tag="users")
2017-11-01 19:55:35 +00:00
self.assertEqual(len(child), 2)
self.assertIsNotNone(self._find(child, "./user[@username='alice']"))
self.assertIsNotNone(self._find(child, "./user[@username='bob']"))
def test_create_user(self):
# non admin
2019-06-29 15:25:44 +00:00
self._make_request("createUser", {"u": "bob", "p": "B0b"}, error=50)
2017-11-01 19:55:35 +00:00
# missing params, testing every combination, maybe overkill
2019-06-29 15:25:44 +00:00
self._make_request("createUser", error=10)
self._make_request("createUser", {"username": "user"}, error=10)
self._make_request("createUser", {"password": "pass"}, error=10)
self._make_request("createUser", {"email": "email@example.com"}, error=10)
self._make_request(
"createUser", {"username": "user", "password": "pass"}, error=10
)
self._make_request(
"createUser", {"username": "user", "email": "email@example.com"}, error=10
)
self._make_request(
"createUser", {"password": "pass", "email": "email@example.com"}, error=10
)
2017-11-01 19:55:35 +00:00
# duplicate
2019-06-29 15:25:44 +00:00
self._make_request(
"createUser",
{"username": "bob", "password": "pass", "email": "me@bob.com"},
error=0,
)
2017-11-01 19:55:35 +00:00
# test we only got our two initial users
2019-06-29 15:25:44 +00:00
rv, child = self._make_request("getUsers", tag="users")
2017-11-01 19:55:35 +00:00
self.assertEqual(len(child), 2)
# create users
2019-06-29 15:25:44 +00:00
self._make_request(
"createUser",
{
"username": "charlie",
"password": "Ch4rl1e",
"email": "unicorn@example.com",
"adminRole": True,
},
skip_post=True,
)
rv, child = self._make_request("getUser", {"username": "charlie"}, tag="user")
self.assertEqual(child.get("username"), "charlie")
self.assertEqual(child.get("email"), "unicorn@example.com")
self.assertEqual(child.get("adminRole"), "true")
self.assertEqual(child.get("jukeboxRole"), "true") # admin gives full control
2019-06-29 15:25:44 +00:00
self._make_request(
"createUser",
{
"username": "dave",
"password": "Dav3",
"email": "dave@example.com",
"jukeboxRole": True,
},
2019-06-29 15:25:44 +00:00
skip_post=True,
)
rv, child = self._make_request("getUser", {"username": "dave"}, tag="user")
self.assertEqual(child.get("username"), "dave")
self.assertEqual(child.get("email"), "dave@example.com")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request(
"createUser",
{"username": "eve", "password": "3ve", "email": "eve@example.com"},
skip_post=True,
)
rv, child = self._make_request("getUser", {"username": "eve"}, tag="user")
self.assertEqual(child.get("username"), "eve")
self.assertEqual(child.get("email"), "eve@example.com")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "false")
2019-06-29 15:25:44 +00:00
rv, child = self._make_request("getUsers", tag="users")
self.assertEqual(len(child), 5)
2017-11-01 19:55:35 +00:00
def test_delete_user(self):
# non admin
2019-06-29 15:25:44 +00:00
self._make_request(
"deleteUser", {"u": "bob", "p": "B0b", "username": "alice"}, error=50
)
2017-11-01 19:55:35 +00:00
# missing param
2019-06-29 15:25:44 +00:00
self._make_request("deleteUser", error=10)
2017-11-01 19:55:35 +00:00
# non existing
2019-06-29 15:25:44 +00:00
self._make_request("deleteUser", {"username": "charlie"}, error=70)
2017-11-01 19:55:35 +00:00
# test we still got our two initial users
2019-06-29 15:25:44 +00:00
rv, child = self._make_request("getUsers", tag="users")
2017-11-01 19:55:35 +00:00
self.assertEqual(len(child), 2)
# delete user
2019-06-29 15:25:44 +00:00
self._make_request("deleteUser", {"username": "bob"}, skip_post=True)
rv, child = self._make_request("getUsers", tag="users")
2017-11-01 19:55:35 +00:00
self.assertEqual(len(child), 1)
def test_change_password(self):
# missing parameter
2019-06-29 15:25:44 +00:00
self._make_request("changePassword", error=10)
self._make_request("changePassword", {"username": "alice"}, error=10)
self._make_request("changePassword", {"password": "newpass"}, error=10)
2017-11-01 19:55:35 +00:00
# admin change self
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword",
{"username": "alice", "password": "newpass"},
skip_post=True,
)
self._make_request("ping", error=40)
self._make_request("ping", {"u": "alice", "p": "newpass"})
self._make_request(
"changePassword",
{"u": "alice", "p": "newpass", "username": "alice", "password": "Alic3"},
skip_post=True,
)
2017-11-01 19:55:35 +00:00
# admin change other
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword", {"username": "bob", "password": "newbob"}, skip_post=True
)
self._make_request("ping", {"u": "bob", "p": "B0b"}, error=40)
self._make_request("ping", {"u": "bob", "p": "newbob"})
2017-11-01 19:55:35 +00:00
# non-admin change self
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword",
{"u": "bob", "p": "newbob", "username": "bob", "password": "B0b"},
skip_post=True,
)
self._make_request("ping", {"u": "bob", "p": "newbob"}, error=40)
self._make_request("ping", {"u": "bob", "p": "B0b"})
2017-11-01 19:55:35 +00:00
# non-admin change other
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword",
{"u": "bob", "p": "B0b", "username": "alice", "password": "newpass"},
skip_post=True,
error=50,
)
self._make_request("ping", {"u": "alice", "p": "newpass"}, error=40)
self._make_request("ping")
2017-11-01 19:55:35 +00:00
# change non existing
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword", {"username": "nonexsistent", "password": "pass"}, error=70
)
2017-11-01 19:55:35 +00:00
# non ASCII chars
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword",
{"username": "alice", "password": "новыйпароль"},
skip_post=True,
)
self._make_request("ping", {"u": "alice", "p": "новыйпароль"})
self._make_request(
"changePassword",
{
"username": "alice",
"password": "Alic3",
"u": "alice",
"p": "новыйпароль",
},
skip_post=True,
)
2017-11-01 19:55:35 +00:00
# non ASCII in hex encoded password
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword",
2020-11-10 15:56:49 +00:00
{"username": "alice", "password": "enc:" + hexlify("новыйпароль")},
2019-06-29 15:25:44 +00:00
skip_post=True,
)
self._make_request("ping", {"u": "alice", "p": "новыйпароль"})
2017-11-01 19:55:35 +00:00
# new password starting with 'enc:' followed by non hex chars
2019-06-29 15:25:44 +00:00
self._make_request(
"changePassword",
{
"username": "alice",
"password": "enc:randomstring",
"u": "alice",
"p": "новыйпароль",
},
skip_post=True,
)
self._make_request("ping", {"u": "alice", "p": "enc:randomstring"})
2020-11-10 15:56:49 +00:00
def test_update_user(self):
# non admin
self._make_request(
"updateUser", {"u": "bob", "p": "B0b", "username": "alice"}, error=50
)
# missing param
self._make_request("updateUser", error=10)
# non existing
self._make_request("updateUser", {"username": "charlie"}, error=70)
self._make_request(
"updateUser",
{"username": "bob", "email": "email@email.em", "jukeboxRole": True},
)
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "email@email.em")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request(
"updateUser", {"username": "bob", "email": "example@email.com"}
)
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "example@email.com")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request("updateUser", {"username": "bob", "adminRole": True})
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "example@email.com")
self.assertEqual(child.get("adminRole"), "true")
self.assertEqual(child.get("jukeboxRole"), "true")
2019-06-29 15:25:44 +00:00
if __name__ == "__main__":
2017-11-01 19:55:35 +00:00
unittest.main()