paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-30 11:33:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
17f34bdfbf9caaa274da782bf51e92d8857032c6
zulip/tools/test-api
Mateusz Mandera 160cc5120a api: Require can_create_users permission to create users via API. 
Allowing any admins to create arbitrary users is not ideal because it
can lead to abuse issues.  We should require something stronger that
requires the server operator's approval and thus we add a new
can_create_users permission.
2020-12-21 13:20:21 -08:00

102 lines
2.8 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/env python3
import argparse
import os
import sys
os.environ["RUNNING_OPENAPI_CURL_TEST"] = "1"
# check for the venv
from lib import sanity_check
sanity_check.check_venv(__file__)
ZULIP_PATH = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
sys.path.insert(0, ZULIP_PATH)
os.chdir(ZULIP_PATH)
from zulip import Client
from tools.lib.test_script import assert_provisioning_status_ok
from tools.lib.test_server import test_server_running
usage = """test-api [options]"""
parser = argparse.ArgumentParser(usage)
parser.add_argument('--force',
action="store_true",
help='Run tests despite possible provisioning problems.')
options = parser.parse_args()
assert_provisioning_status_ok(options.force)
with test_server_running(force=options.force, external_host='zulipdev.com:9981'):
# Zerver imports should happen after `django.setup()` is run
# by the test_server_running decorator.
from zerver.lib.actions import do_create_user
from zerver.lib.test_helpers import reset_emails_in_zulip_realm
from zerver.lib.users import get_api_key
from zerver.models import get_realm, get_user
from zerver.openapi.javascript_examples import test_js_bindings
from zerver.openapi.python_examples import test_invalid_api_key, test_the_api
from zerver.openapi.test_curl_examples import test_generated_curl_examples_for_success
print("Running API tests...")
reset_emails_in_zulip_realm()
# Prepare the admin client
email = 'iago@zulip.com' # Iago is an admin
realm = get_realm('zulip')
user = get_user(email, realm)
# Required to test can_create_users endpoints.
user.can_create_users = True
user.save(update_fields=["can_create_users"])
api_key = get_api_key(user)
site = 'http://zulip.zulipdev.com:9981'
client = Client(
email=email,
api_key=api_key,
site=site,
)
# Prepare a generic bot client for curl testing
email = 'default-bot@zulip.com'
realm = get_realm("zulip")
bot_user = get_user(email, realm)
api_key = get_api_key(bot_user)
bot_client = Client(
email=email,
api_key=api_key,
site=site,
)
# Prepare the non-admin client
email = 'guest@zulip.com' # guest is not an admin
guest_user = do_create_user(
'guest@zulip.com',
'secret',
get_realm('zulip'),
'Mr. Guest',
)
api_key = get_api_key(guest_user)
nonadmin_client = Client(
email=email,
api_key=api_key,
site=site,
)
test_the_api(client, nonadmin_client)
test_generated_curl_examples_for_success(client)
test_js_bindings(client)
# Test error payloads
client = Client(
email=email,
api_key='X'*32,
site=site,
)
test_invalid_api_key(client)
print("API tests passed!")
Reference in New Issue View Git Blame Copy Permalink