2022-02-24 13:09:41 -05:00
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
|
|
# or more contributor license agreements. See the NOTICE file
|
|
|
|
# distributed with this work for additional information
|
|
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
|
|
# to you under the Apache License, Version 2.0 (the
|
|
|
|
# "License"); you may not use this file except in compliance
|
|
|
|
# with the License. You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing,
|
|
|
|
# software distributed under the License is distributed on an
|
|
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
|
|
# KIND, either express or implied. See the License for the
|
|
|
|
# specific language governing permissions and limitations
|
|
|
|
# under the License.
|
|
|
|
# type: ignore
|
|
|
|
"""Unit tests for Superset"""
|
2024-04-24 20:19:53 -04:00
|
|
|
|
2022-02-24 13:09:41 -05:00
|
|
|
import json
|
|
|
|
from unittest.mock import patch
|
|
|
|
|
|
|
|
from superset import security_manager
|
2024-04-24 20:19:53 -04:00
|
|
|
from superset.utils import slack # noqa: F401
|
2022-02-24 13:09:41 -05:00
|
|
|
from tests.integration_tests.base_tests import SupersetTestCase
|
2024-04-16 11:40:27 -04:00
|
|
|
from tests.integration_tests.conftest import with_config
|
2024-04-09 12:52:02 -04:00
|
|
|
from tests.integration_tests.constants import ADMIN_USERNAME
|
2022-02-24 13:09:41 -05:00
|
|
|
|
|
|
|
meUri = "/api/v1/me/"
|
2024-04-16 11:40:27 -04:00
|
|
|
AVATAR_URL = "/internal/avatar.png"
|
2022-02-24 13:09:41 -05:00
|
|
|
|
|
|
|
|
|
|
|
class TestCurrentUserApi(SupersetTestCase):
|
|
|
|
def test_get_me_logged_in(self):
|
2024-04-09 12:52:02 -04:00
|
|
|
self.login(ADMIN_USERNAME)
|
2022-02-24 13:09:41 -05:00
|
|
|
|
|
|
|
rv = self.client.get(meUri)
|
|
|
|
|
|
|
|
self.assertEqual(200, rv.status_code)
|
|
|
|
response = json.loads(rv.data.decode("utf-8"))
|
|
|
|
self.assertEqual("admin", response["result"]["username"])
|
|
|
|
self.assertEqual(True, response["result"]["is_active"])
|
|
|
|
self.assertEqual(False, response["result"]["is_anonymous"])
|
|
|
|
|
2022-05-03 15:58:06 -04:00
|
|
|
def test_get_me_with_roles(self):
|
2024-04-09 12:52:02 -04:00
|
|
|
self.login(ADMIN_USERNAME)
|
2022-05-03 15:58:06 -04:00
|
|
|
|
|
|
|
rv = self.client.get(meUri + "roles/")
|
|
|
|
self.assertEqual(200, rv.status_code)
|
|
|
|
response = json.loads(rv.data.decode("utf-8"))
|
|
|
|
roles = list(response["result"]["roles"].keys())
|
|
|
|
self.assertEqual("Admin", roles.pop())
|
|
|
|
|
|
|
|
@patch("superset.security.manager.g")
|
|
|
|
def test_get_my_roles_anonymous(self, mock_g):
|
|
|
|
mock_g.user = security_manager.get_anonymous_user
|
|
|
|
rv = self.client.get(meUri + "roles/")
|
|
|
|
self.assertEqual(401, rv.status_code)
|
|
|
|
|
2022-02-24 13:09:41 -05:00
|
|
|
def test_get_me_unauthorized(self):
|
|
|
|
rv = self.client.get(meUri)
|
|
|
|
self.assertEqual(401, rv.status_code)
|
|
|
|
|
|
|
|
@patch("superset.security.manager.g")
|
|
|
|
def test_get_me_anonymous(self, mock_g):
|
|
|
|
mock_g.user = security_manager.get_anonymous_user
|
|
|
|
rv = self.client.get(meUri)
|
|
|
|
self.assertEqual(401, rv.status_code)
|
2024-04-16 11:40:27 -04:00
|
|
|
|
|
|
|
|
|
|
|
class TestUserApi(SupersetTestCase):
|
|
|
|
def test_avatar_with_invalid_user(self):
|
|
|
|
self.login(ADMIN_USERNAME)
|
|
|
|
response = self.client.get("/api/v1/user/NOT_A_USER/avatar.png")
|
|
|
|
assert response.status_code == 404 # Assuming no user found leads to 404
|
|
|
|
response = self.client.get("/api/v1/user/999/avatar.png")
|
|
|
|
assert response.status_code == 404 # Assuming no user found leads to 404
|
|
|
|
|
|
|
|
def test_avatar_valid_user_no_avatar(self):
|
|
|
|
self.login(ADMIN_USERNAME)
|
|
|
|
|
|
|
|
response = self.client.get("/api/v1/user/1/avatar.png", follow_redirects=False)
|
|
|
|
assert response.status_code == 204
|
|
|
|
|
|
|
|
@with_config({"SLACK_API_TOKEN": "dummy", "SLACK_ENABLE_AVATARS": True})
|
|
|
|
@patch("superset.views.users.api.get_user_avatar", return_value=AVATAR_URL)
|
|
|
|
def test_avatar_with_valid_user(self, mock):
|
|
|
|
self.login(ADMIN_USERNAME)
|
|
|
|
response = self.client.get("/api/v1/user/1/avatar.png", follow_redirects=False)
|
|
|
|
mock.assert_called_once_with("admin@fab.org")
|
|
|
|
assert response.status_code == 301
|
|
|
|
assert response.headers["Location"] == AVATAR_URL
|