1
0
mirror of https://github.com/spl0k/supysonic.git synced 2024-12-23 01:16:18 +00:00
supysonic/tests/api/test_user.py

279 lines
10 KiB
Python

# This file is part of Supysonic.
# Supysonic is a Python implementation of the Subsonic server API.
#
# Copyright (C) 2017-2020 Alban 'spl0k' Féron
# 2017 Óscar García Amor
#
# Distributed under terms of the GNU AGPLv3 license.
from ..utils import hexlify
from .apitestbase import ApiTestBase
class UserTestCase(ApiTestBase):
def test_get_user(self):
# missing username
self._make_request("getUser", error=10)
# non-existent user
self._make_request("getUser", {"username": "non existent"}, error=70)
# self
rv, child = self._make_request("getUser", {"username": "alice"}, tag="user")
self.assertEqual(child.get("username"), "alice")
self.assertEqual(child.get("adminRole"), "true")
# other
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("username"), "bob")
self.assertEqual(child.get("adminRole"), "false")
# self from non-admin
rv, child = self._make_request(
"getUser", {"u": "bob", "p": "B0b", "username": "bob"}, tag="user"
)
self.assertEqual(child.get("username"), "bob")
self.assertEqual(child.get("adminRole"), "false")
# other from non-admin
self._make_request(
"getUser", {"u": "bob", "p": "B0b", "username": "alice"}, error=50
)
def test_get_users(self):
# non-admin
self._make_request("getUsers", {"u": "bob", "p": "B0b"}, error=50)
# admin
rv, child = self._make_request("getUsers", tag="users")
self.assertEqual(len(child), 2)
self.assertIsNotNone(self._find(child, "./user[@username='alice']"))
self.assertIsNotNone(self._find(child, "./user[@username='bob']"))
def test_create_user(self):
# non admin
self._make_request("createUser", {"u": "bob", "p": "B0b"}, error=50)
# missing params, testing every combination, maybe overkill
self._make_request("createUser", error=10)
self._make_request("createUser", {"username": "user"}, error=10)
self._make_request("createUser", {"password": "pass"}, error=10)
self._make_request("createUser", {"email": "email@example.com"}, error=10)
self._make_request(
"createUser", {"username": "user", "password": "pass"}, error=10
)
self._make_request(
"createUser", {"username": "user", "email": "email@example.com"}, error=10
)
self._make_request(
"createUser", {"password": "pass", "email": "email@example.com"}, error=10
)
# duplicate
self._make_request(
"createUser",
{"username": "bob", "password": "pass", "email": "me@bob.com"},
error=0,
)
# test we only got our two initial users
rv, child = self._make_request("getUsers", tag="users")
self.assertEqual(len(child), 2)
# create users
self._make_request(
"createUser",
{
"username": "charlie",
"password": "Ch4rl1e",
"email": "unicorn@example.com",
"adminRole": True,
},
skip_post=True,
)
rv, child = self._make_request("getUser", {"username": "charlie"}, tag="user")
self.assertEqual(child.get("username"), "charlie")
self.assertEqual(child.get("email"), "unicorn@example.com")
self.assertEqual(child.get("adminRole"), "true")
self.assertEqual(child.get("jukeboxRole"), "true") # admin gives full control
self._make_request(
"createUser",
{
"username": "dave",
"password": "Dav3",
"email": "dave@example.com",
"jukeboxRole": True,
},
skip_post=True,
)
rv, child = self._make_request("getUser", {"username": "dave"}, tag="user")
self.assertEqual(child.get("username"), "dave")
self.assertEqual(child.get("email"), "dave@example.com")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request(
"createUser",
{"username": "eve", "password": "3ve", "email": "eve@example.com"},
skip_post=True,
)
rv, child = self._make_request("getUser", {"username": "eve"}, tag="user")
self.assertEqual(child.get("username"), "eve")
self.assertEqual(child.get("email"), "eve@example.com")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "false")
rv, child = self._make_request("getUsers", tag="users")
self.assertEqual(len(child), 5)
def test_delete_user(self):
# non admin
self._make_request(
"deleteUser", {"u": "bob", "p": "B0b", "username": "alice"}, error=50
)
# missing param
self._make_request("deleteUser", error=10)
# non existing
self._make_request("deleteUser", {"username": "charlie"}, error=70)
# test we still got our two initial users
rv, child = self._make_request("getUsers", tag="users")
self.assertEqual(len(child), 2)
# delete user
self._make_request("deleteUser", {"username": "bob"}, skip_post=True)
rv, child = self._make_request("getUsers", tag="users")
self.assertEqual(len(child), 1)
def test_change_password(self):
# missing parameter
self._make_request("changePassword", error=10)
self._make_request("changePassword", {"username": "alice"}, error=10)
self._make_request("changePassword", {"password": "newpass"}, error=10)
# admin change self
self._make_request(
"changePassword",
{"username": "alice", "password": "newpass"},
skip_post=True,
)
self._make_request("ping", error=40)
self._make_request("ping", {"u": "alice", "p": "newpass"})
self._make_request(
"changePassword",
{"u": "alice", "p": "newpass", "username": "alice", "password": "Alic3"},
skip_post=True,
)
# admin change other
self._make_request(
"changePassword", {"username": "bob", "password": "newbob"}, skip_post=True
)
self._make_request("ping", {"u": "bob", "p": "B0b"}, error=40)
self._make_request("ping", {"u": "bob", "p": "newbob"})
# non-admin change self
self._make_request(
"changePassword",
{"u": "bob", "p": "newbob", "username": "bob", "password": "B0b"},
skip_post=True,
)
self._make_request("ping", {"u": "bob", "p": "newbob"}, error=40)
self._make_request("ping", {"u": "bob", "p": "B0b"})
# non-admin change other
self._make_request(
"changePassword",
{"u": "bob", "p": "B0b", "username": "alice", "password": "newpass"},
skip_post=True,
error=50,
)
self._make_request("ping", {"u": "alice", "p": "newpass"}, error=40)
self._make_request("ping")
# change non existing
self._make_request(
"changePassword", {"username": "nonexsistent", "password": "pass"}, error=70
)
# non ASCII chars
self._make_request(
"changePassword",
{"username": "alice", "password": "новыйпароль"},
skip_post=True,
)
self._make_request("ping", {"u": "alice", "p": "новыйпароль"})
self._make_request(
"changePassword",
{
"username": "alice",
"password": "Alic3",
"u": "alice",
"p": "новыйпароль",
},
skip_post=True,
)
# non ASCII in hex encoded password
self._make_request(
"changePassword",
{"username": "alice", "password": "enc:" + hexlify("новыйпароль")},
skip_post=True,
)
self._make_request("ping", {"u": "alice", "p": "новыйпароль"})
# new password starting with 'enc:' followed by non hex chars
self._make_request(
"changePassword",
{
"username": "alice",
"password": "enc:randomstring",
"u": "alice",
"p": "новыйпароль",
},
skip_post=True,
)
self._make_request("ping", {"u": "alice", "p": "enc:randomstring"})
def test_update_user(self):
# non admin
self._make_request(
"updateUser", {"u": "bob", "p": "B0b", "username": "alice"}, error=50
)
# missing param
self._make_request("updateUser", error=10)
# non existing
self._make_request("updateUser", {"username": "charlie"}, error=70)
self._make_request(
"updateUser",
{"username": "bob", "email": "email@email.em", "jukeboxRole": True},
)
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "email@email.em")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request(
"updateUser", {"username": "bob", "email": "example@email.com"}
)
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "example@email.com")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request("updateUser", {"username": "bob", "adminRole": True})
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "example@email.com")
self.assertEqual(child.get("adminRole"), "true")
self.assertEqual(child.get("jukeboxRole"), "true")
if __name__ == "__main__":
unittest.main()