healthchecks/hc/front/tests/test_add_linenotify_complete.py

from unittest.mock import patch

from django.test.utils import override_settings
from hc.api.models import Channel
from hc.test import BaseTestCase


@override_settings(LINENOTIFY_CLIENT_ID="t1", LINENOTIFY_CLIENT_SECRET="s1")
class AddLineNotifyCompleteTestCase(BaseTestCase):
    url = "/integrations/add_linenotify/"

    @patch("hc.front.views.requests")
    def test_it_handles_oauth_response(self, mock_requests):
        session = self.client.session
        session["add_linenotify"] = ("foo", str(self.project.code))
        session.save()

        mock_requests.post.return_value.json.return_value = {
            "status": 200,
            "access_token": "test-token",
        }

        mock_requests.get.return_value.json.return_value = {"target": "Alice"}

        url = self.url + "?code=12345678&state=foo"

        self.client.login(username="[email protected]", password="password")
        r = self.client.get(url, follow=True)
        self.assertRedirects(r, self.channels_url)
        self.assertContains(r, "The LINE Notify integration has been added!")

        ch = Channel.objects.get()
        self.assertEqual(ch.value, "test-token")
        self.assertEqual(ch.name, "Alice")
        self.assertEqual(ch.project, self.project)

        # Session should now be clean
        self.assertFalse("add_linenotify" in self.client.session)

    def test_it_avoids_csrf(self):
        session = self.client.session
        session["add_linenotify"] = ("foo", str(self.project.code))
        session.save()

        url = self.url + "?code=12345678&state=bar"

        self.client.login(username="[email protected]", password="password")
        r = self.client.get(url)
        self.assertEqual(r.status_code, 403)

    def test_it_handles_denial(self):
        session = self.client.session
        session["add_linenotify"] = ("foo", str(self.project.code))
        session.save()

        self.client.login(username="[email protected]", password="password")
        r = self.client.get(self.url + "?error=access_denied&state=foo", follow=True)
        self.assertRedirects(r, self.channels_url)
        self.assertContains(r, "LINE Notify setup was cancelled")

        self.assertEqual(Channel.objects.count(), 0)

        # Session should now be clean
        self.assertFalse("add_linenotify" in self.client.session)

    @override_settings(LINENOTIFY_CLIENT_ID=None)
    def test_it_requires_client_id(self):
        url = self.url + "?code=12345678&state=bar"

        self.client.login(username="[email protected]", password="password")
        r = self.client.get(url)
        self.assertEqual(r.status_code, 404)

    def test_it_requires_rw_access(self):
        session = self.client.session
        session["add_linenotify"] = ("foo", str(self.project.code))
        session.save()

        self.bobs_membership.role = "r"
        self.bobs_membership.save()

        url = self.url + "?code=12345678&state=foo"
        self.client.login(username="[email protected]", password="password")
        r = self.client.get(url)
        self.assertEqual(r.status_code, 403)