#!/usr/bin/env python # coding: utf-8 # # This file is part of Supysonic. # Supysonic is a Python implementation of the Subsonic server API. # # Copyright (C) 2017-2018 Alban 'spl0k' Féron # 2017 Óscar García Amor # # Distributed under terms of the GNU AGPLv3 license. from ..utils import hexlify from .apitestbase import ApiTestBase class UserTestCase(ApiTestBase): def test_get_user(self): # missing username self._make_request('getUser', error = 10) # non-existent user self._make_request('getUser', { 'username': 'non existent' }, error = 70) # self rv, child = self._make_request('getUser', { 'username': 'alice' }, tag = 'user') self.assertEqual(child.get('username'), 'alice') self.assertEqual(child.get('adminRole'), 'true') # other rv, child = self._make_request('getUser', { 'username': 'bob' }, tag = 'user') self.assertEqual(child.get('username'), 'bob') self.assertEqual(child.get('adminRole'), 'false') # self from non-admin rv, child = self._make_request('getUser', { 'u': 'bob', 'p': 'B0b', 'username': 'bob' }, tag = 'user') self.assertEqual(child.get('username'), 'bob') self.assertEqual(child.get('adminRole'), 'false') # other from non-admin self._make_request('getUser', { 'u': 'bob', 'p': 'B0b', 'username': 'alice' }, error = 50) def test_get_users(self): # non-admin self._make_request('getUsers', { 'u': 'bob', 'p': 'B0b' }, error = 50) # admin rv, child = self._make_request('getUsers', tag = 'users') self.assertEqual(len(child), 2) self.assertIsNotNone(self._find(child, "./user[@username='alice']")) self.assertIsNotNone(self._find(child, "./user[@username='bob']")) def test_create_user(self): # non admin self._make_request('createUser', { 'u': 'bob', 'p': 'B0b' }, error = 50) # missing params, testing every combination, maybe overkill self._make_request('createUser', error = 10) self._make_request('createUser', { 'username': 'user' }, error = 10) self._make_request('createUser', { 'password': 'pass' }, error = 10) self._make_request('createUser', { 'email': 'email@example.com' }, error = 10) self._make_request('createUser', { 'username': 'user', 'password': 'pass' }, error = 10) self._make_request('createUser', { 'username': 'user', 'email': 'email@example.com' }, error = 10) self._make_request('createUser', { 'password': 'pass', 'email': 'email@example.com' }, error = 10) # duplicate self._make_request('createUser', { 'username': 'bob', 'password': 'pass', 'email': 'me@bob.com' }, error = 0) # test we only got our two initial users rv, child = self._make_request('getUsers', tag = 'users') self.assertEqual(len(child), 2) # create users self._make_request('createUser', { 'username': 'charlie', 'password': 'Ch4rl1e', 'email': 'unicorn@example.com', 'adminRole': True }, skip_post = True) rv, child = self._make_request('getUser', { 'username': 'charlie' }, tag = 'user') self.assertEqual(child.get('username'), 'charlie') self.assertEqual(child.get('email'), 'unicorn@example.com') self.assertEqual(child.get('adminRole'), 'true') self._make_request('createUser', { 'username': 'dave', 'password': 'Dav3', 'email': 'dave@example.com' }, skip_post = True) rv, child = self._make_request('getUser', { 'username': 'dave' }, tag = 'user') self.assertEqual(child.get('username'), 'dave') self.assertEqual(child.get('email'), 'dave@example.com') self.assertEqual(child.get('adminRole'), 'false') rv, child = self._make_request('getUsers', tag = 'users') self.assertEqual(len(child), 4) def test_delete_user(self): # non admin self._make_request('deleteUser', { 'u': 'bob', 'p': 'B0b', 'username': 'alice' }, error = 50) # missing param self._make_request('deleteUser', error = 10) # non existing self._make_request('deleteUser', { 'username': 'charlie' }, error = 70) # test we still got our two initial users rv, child = self._make_request('getUsers', tag = 'users') self.assertEqual(len(child), 2) # delete user self._make_request('deleteUser', { 'username': 'bob' }, skip_post = True) rv, child = self._make_request('getUsers', tag = 'users') self.assertEqual(len(child), 1) def test_change_password(self): # missing parameter self._make_request('changePassword', error = 10) self._make_request('changePassword', { 'username': 'alice' }, error = 10) self._make_request('changePassword', { 'password': 'newpass' }, error = 10) # admin change self self._make_request('changePassword', { 'username': 'alice', 'password': 'newpass' }, skip_post = True) self._make_request('ping', error = 40) self._make_request('ping', { 'u': 'alice', 'p': 'newpass' }) self._make_request('changePassword', { 'u': 'alice', 'p': 'newpass', 'username': 'alice', 'password': 'Alic3' }, skip_post = True) # admin change other self._make_request('changePassword', { 'username': 'bob', 'password': 'newbob' }, skip_post = True) self._make_request('ping', { 'u': 'bob', 'p': 'B0b' }, error = 40) self._make_request('ping', { 'u': 'bob', 'p': 'newbob' }) # non-admin change self self._make_request('changePassword', { 'u': 'bob', 'p': 'newbob', 'username': 'bob', 'password': 'B0b' }, skip_post = True) self._make_request('ping', { 'u': 'bob', 'p': 'newbob' }, error = 40) self._make_request('ping', { 'u': 'bob', 'p': 'B0b' }) # non-admin change other self._make_request('changePassword', { 'u': 'bob', 'p': 'B0b', 'username': 'alice', 'password': 'newpass' }, skip_post = True, error = 50) self._make_request('ping', { 'u': 'alice', 'p': 'newpass' }, error = 40) self._make_request('ping') # change non existing self._make_request('changePassword', { 'username': 'nonexsistent', 'password': 'pass' }, error = 70) # non ASCII chars self._make_request('changePassword', { 'username': 'alice', 'password': 'новыйпароль' }, skip_post = True) self._make_request('ping', { 'u': 'alice', 'p': 'новыйпароль' }) self._make_request('changePassword', { 'username': 'alice', 'password': 'Alic3', 'u': 'alice', 'p': 'новыйпароль' }, skip_post = True) # non ASCII in hex encoded password self._make_request('changePassword', { 'username': 'alice', 'password': 'enc:' + hexlify(u'новыйпароль') }, skip_post = True) self._make_request('ping', { 'u': 'alice', 'p': 'новыйпароль' }) # new password starting with 'enc:' followed by non hex chars self._make_request('changePassword', { 'username': 'alice', 'password': 'enc:randomstring', 'u': 'alice', 'p': 'новыйпароль' }, skip_post = True) self._make_request('ping', { 'u': 'alice', 'p': 'enc:randomstring' }) if __name__ == '__main__': unittest.main()