Skip to content
Snippets Groups Projects
Commit 88f48cfd authored by Christian Boettcher's avatar Christian Boettcher
Browse files

test with different accept headers, test with unauthorized secrets access

parent 48cd35e6
No related branches found
No related tags found
No related merge requests found
Pipeline #82629 passed
......@@ -53,3 +53,34 @@ class NonAuthTests(unittest.TestCase):
j = rsp.json()
self.assertTrue('detail' in j, f"{j} should contain message")
def test_accept_headers(self):
header_accept_json = {'Accept' : "application/json"}
header_accept_html = {'Accept' : "text/html"}
header_accept_none = {'Accept' : ""}
rsp = self.client.get("/", headers=header_accept_json)
self.assertEqual(rsp.json(), [{element.value: "/" + element.value} for element in storage.LocationDataType])
rsp = self.client.get("/", headers=header_accept_html, allow_redirects=False)
self.assertEqual(rsp.status_code, 307)
rsp = self.client.get("/", headers=header_accept_html, allow_redirects=True)
self.assertEqual(rsp.status_code, 422) # forwarded to /index.html which does not exist on the apiserver
rsp = self.client.get("/", headers=header_accept_none)
self.assertEqual(rsp.json(), [{element.value: "/" + element.value} for element in storage.LocationDataType])
def test_secrets_access(self):
# check if access for all secrets endpoints failed with 401 Auth required
# list secrets, add secret, get secret, delete secret
rsp = self.client.get(f'/dataset/{proper_uuid}/secrets')
self.assertEqual(401, rsp.status_code)
rsp = self.client.get(f'/dataset/{proper_uuid}/secrets/somespecificsecret')
self.assertEqual(401, rsp.status_code)
rsp = self.client.post(f'/dataset/{proper_uuid}/secrets', json={'key' : "somekey", "secret" : "somesecret"})
self.assertEqual(401, rsp.status_code)
rsp = self.client.delete(f'/dataset/{proper_uuid}/secrets/somespecificsecret')
self.assertEqual(401, rsp.status_code)
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment