blob: 2b986da2571711eb10e97c111635095b16f9a819 [file] [log] [blame]
#!/usr/bin/env vpython
# Copyright 2014 The LUCI Authors. All rights reserved.
# Use of this source code is governed under the Apache License, Version 2.0
# that can be found in the LICENSE file.
import logging
import sys
import unittest
from test_support import test_env
test_env.setup_test_env()
from test_support import test_case
from components import auth
from components.config import common
from components.config import endpoint
from components.config import validation
class EndpointTestCase(test_case.EndpointsTestCase):
api_service_cls = endpoint.ConfigApi
def test_metadata(self):
rule_set = validation.RuleSet()
self.mock(validation, 'DEFAULT_RULE_SET', rule_set)
validation.rule('projects/foo', 'bar.cfg', rule_set=rule_set)
validation.rule('services/foo', 'foo.cfg', rule_set=rule_set)
self.mock(auth, 'is_admin', lambda: True)
resp = self.call_api('get_metadata', {}).json_body
self.assertEqual(
resp,
{
'version': '1.0',
'validation': {
'url': 'https://localhost:80/_ah/api/config/v1/validate',
'patterns': [
{'config_set': 'projects/foo', 'path': 'bar.cfg'},
{'config_set': 'services/foo', 'path': 'foo.cfg'},
],
},
}
)
def test_metadata_without_permissions(self):
with self.call_should_fail(403):
self.call_api('get_metadata', {})
def test_config_service_is_trusted_requester(self):
self.mock(auth, 'is_admin', lambda: False)
config_identity = auth.Identity(
'user', 'luci-config@appspot.gserviceaccount.com')
self.mock(auth, 'get_current_identity', lambda: config_identity)
self.assertFalse(endpoint.is_trusted_requester())
common.ConfigSettings().modify(
updated_by='unit-test',
service_hostname='luci-config.appspot.com',
trusted_config_account=auth.Identity(
'user', 'luci-config@appspot.gserviceaccount.com'),
)
common.ConfigSettings.clear_cache()
self.assertTrue(endpoint.is_trusted_requester())
# now use the new LUCI Config service account to call.
config_identity = auth.Identity(
'user', 'config-service@luci-config.iam.gserviceaccount.com')
self.mock(auth, 'get_current_identity', lambda: config_identity)
self.mock(auth, 'is_group_member', lambda _group, _id: True)
self.assertTrue(endpoint.is_trusted_requester())
config_identity = auth.Identity(
'user', 'config-service@luci-config-dev.iam.gserviceaccount.com')
self.mock(auth, 'is_group_member', lambda _group, _id: False)
self.assertFalse(endpoint.is_trusted_requester())
def test_bad_message_text_characters(self):
rule_set = validation.RuleSet()
self.mock(validation, 'DEFAULT_RULE_SET', rule_set)
@validation.rule('projects/foo', 'bar.cfg', rule_set=rule_set)
def _validate(cfg, ctx):
ctx.error('a\x80b')
self.mock(auth, 'is_admin', lambda: True)
req = {
'config_set': 'projects/foo',
'path': 'bar.cfg',
'content': '',
}
resp = self.call_api('validate', req).json_body
self.assertEqual(resp, {
'messages': [
{'path': 'bar.cfg', 'severity': 'ERROR', 'text': u'a\ufffdb'},
],
})
if __name__ == '__main__':
if '-v' in sys.argv:
unittest.TestCase.maxDiff = None
logging.basicConfig(level=logging.DEBUG)
else:
logging.basicConfig(level=logging.FATAL)
unittest.main()