[feat] access control lists (with access tokens) (#2864)

This commit is contained in:
Vlad Stan 2025-01-16 17:25:27 +02:00 committed by GitHub
parent f415a92914
commit b164317121
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
25 changed files with 2131 additions and 67 deletions

View file

@ -4,20 +4,20 @@ import pytest
@pytest.mark.anyio
async def test_create___bad_body(client, adminkey_headers_from):
async def test_create___bad_body(client, user_headers_from):
response = await client.post(
"/api/v1/webpush",
headers=adminkey_headers_from,
headers=user_headers_from,
json={"subscription": "bad_json"},
)
assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
@pytest.mark.anyio
async def test_create___missing_fields(client, adminkey_headers_from):
async def test_create___missing_fields(client, user_headers_from):
response = await client.post(
"/api/v1/webpush",
headers=adminkey_headers_from,
headers=user_headers_from,
json={"subscription": """{"a": "x"}"""},
)
assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
@ -34,30 +34,30 @@ async def test_create___bad_access_key(client, inkey_headers_from):
@pytest.mark.anyio
async def test_delete__bad_endpoint_format(client, adminkey_headers_from):
async def test_delete__bad_endpoint_format(client, user_headers_from):
response = await client.delete(
"/api/v1/webpush",
params={"endpoint": "https://this.should.be.base64.com"},
headers=adminkey_headers_from,
headers=user_headers_from,
)
assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
@pytest.mark.anyio
async def test_delete__no_endpoint_param(client, adminkey_headers_from):
async def test_delete__no_endpoint_param(client, user_headers_from):
response = await client.delete(
"/api/v1/webpush",
headers=adminkey_headers_from,
headers=user_headers_from,
)
assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
@pytest.mark.anyio
async def test_delete__no_endpoint_found(client, adminkey_headers_from):
async def test_delete__no_endpoint_found(client, user_headers_from):
response = await client.delete(
"/api/v1/webpush",
params={"endpoint": "aHR0cHM6Ly9kZW1vLmxuYml0cy5jb20="},
headers=adminkey_headers_from,
headers=user_headers_from,
)
assert response.status_code == HTTPStatus.OK
assert response.json()["count"] == 0
@ -73,17 +73,17 @@ async def test_delete__bad_access_key(client, inkey_headers_from):
@pytest.mark.anyio
async def test_create_and_delete(client, adminkey_headers_from):
async def test_create_and_delete(client, user_headers_from):
response = await client.post(
"/api/v1/webpush",
headers=adminkey_headers_from,
headers=user_headers_from,
json={"subscription": """{"endpoint": "https://demo.lnbits.com"}"""},
)
assert response.status_code == HTTPStatus.CREATED
response = await client.delete(
"/api/v1/webpush",
params={"endpoint": "aHR0cHM6Ly9kZW1vLmxuYml0cy5jb20="},
headers=adminkey_headers_from,
headers=user_headers_from,
)
assert response.status_code == HTTPStatus.OK
assert response.json()["count"] == 1