Improve tests to cover @csrf_exempt usage

3 years ago · d48b95c902
--- a/hc/api/tests/test_badge.py
+++ b/hc/api/tests/test_badge.py
@ -28,6 +28,7 @@ class BadgeTestCase(BaseTestCase):
    def test_it_returns_svg(self):
        r = self.client.get(self.svg_url)
        self.assertEqual(r["Access-Control-Allow-Origin"], "*")
        self.assertIn("no-cache", r["Cache-Control"])
        self.assertContains(r, "#4c1")

    def test_it_rejects_bad_format(self):
--- a/hc/api/tests/test_create_check.py
+++ b/hc/api/tests/test_create_check.py
@ -12,7 +12,7 @@ class CreateCheckTestCase(BaseTestCase):
        if "api_key" not in data:
            data["api_key"] = "X" * 32

        r = self.client.post(self.URL, data, content_type="application/json")
        r = self.csrf_client.post(self.URL, data, content_type="application/json")
        if expect_fragment:
            self.assertEqual(r.status_code, 400)
            self.assertIn(expect_fragment, r.json()["error"])
--- a/hc/api/tests/test_get_check.py
+++ b/hc/api/tests/test_get_check.py
@ -74,6 +74,10 @@ class GetCheckTestCase(BaseTestCase):
        self.assertEqual(doc["channels"], str(self.c1.code))
        self.assertEqual(doc["desc"], "This is description")

    def test_it_rejects_post_unique_key(self):
        r = self.csrf_client.post(f"/api/v1/checks/{self.a1.unique_key}")
        self.assertEqual(r.status_code, 405)

    def test_readonly_key_works(self):
        self.project.api_key_readonly = "R" * 32
        self.project.save()
--- a/hc/api/tests/test_get_pings.py
+++ b/hc/api/tests/test_get_pings.py
@ -20,7 +20,7 @@ class GetPingsTestCase(BaseTestCase):
        self.url = "/api/v1/checks/%s/pings/" % self.a1.code

    def get(self, api_key="X" * 32):
        return self.client.get(self.url, HTTP_X_API_KEY=api_key)
        return self.csrf_client.get(self.url, HTTP_X_API_KEY=api_key)

    def test_it_works(self):
        self.a1.ping(
--- a/hc/api/tests/test_notification_status.py
+++ b/hc/api/tests/test_notification_status.py
@ -22,7 +22,7 @@ class NotificationStatusTestCase(BaseTestCase):
        self.url = "/api/v1/notifications/%s/status" % self.n.code

    def test_it_handles_twilio_failed_status(self):
        r = self.client.post(self.url, {"MessageStatus": "failed"})
        r = self.csrf_client.post(self.url, {"MessageStatus": "failed"})
        self.assertEqual(r.status_code, 200)

        self.n.refresh_from_db()
@ -33,7 +33,7 @@ class NotificationStatusTestCase(BaseTestCase):
        self.assertTrue(self.channel.email_verified)

    def test_it_handles_twilio_undelivered_status(self):
        r = self.client.post(self.url, {"MessageStatus": "undelivered"})
        r = self.csrf_client.post(self.url, {"MessageStatus": "undelivered"})
        self.assertEqual(r.status_code, 200)

        self.n.refresh_from_db()
@ -43,7 +43,7 @@ class NotificationStatusTestCase(BaseTestCase):
        self.assertIn("status=undelivered", self.channel.last_error)

    def test_it_handles_twilio_delivered_status(self):
        r = self.client.post(self.url, {"MessageStatus": "delivered"})
        r = self.csrf_client.post(self.url, {"MessageStatus": "delivered"})
        self.assertEqual(r.status_code, 200)

        self.n.refresh_from_db()
@ -56,7 +56,7 @@ class NotificationStatusTestCase(BaseTestCase):
        self.n.created = self.n.created - timedelta(minutes=61)
        self.n.save()

        r = self.client.post(self.url, {"MessageStatus": "failed"})
        r = self.csrf_client.post(self.url, {"MessageStatus": "failed"})
        self.assertEqual(r.status_code, 200)

        # The notification should not have the error field set:
@ -66,15 +66,15 @@ class NotificationStatusTestCase(BaseTestCase):
    def test_it_handles_missing_notification(self):
        fake_code = "07c2f548-9850-4b27-af5d-6c9dc157ec02"
        url = f"/api/v1/notifications/{fake_code}/status"
        r = self.client.post(url, {"MessageStatus": "failed"})
        r = self.csrf_client.post(url, {"MessageStatus": "failed"})
        self.assertEqual(r.status_code, 200)

    def test_it_requires_post(self):
        r = self.client.get(self.url)
        r = self.csrf_client.get(self.url)
        self.assertEqual(r.status_code, 405)

    def test_it_handles_error_key(self):
        r = self.client.post(self.url, {"error": "Something went wrong."})
        r = self.csrf_client.post(self.url, {"error": "Something went wrong."})
        self.assertEqual(r.status_code, 200)

        self.n.refresh_from_db()
@ -87,7 +87,7 @@ class NotificationStatusTestCase(BaseTestCase):
    def test_it_handles_mark_not_verified_key(self):
        payload = {"error": "Received complaint.", "mark_not_verified": "1"}

        r = self.client.post(self.url, payload)
        r = self.csrf_client.post(self.url, payload)
        self.assertEqual(r.status_code, 200)

        self.channel.refresh_from_db()
@ -95,7 +95,7 @@ class NotificationStatusTestCase(BaseTestCase):
        self.assertFalse(self.channel.email_verified)

    def test_it_handles_twilio_call_status_failed(self):
        r = self.client.post(self.url, {"CallStatus": "failed"})
        r = self.csrf_client.post(self.url, {"CallStatus": "failed"})
        self.assertEqual(r.status_code, 200)

        self.n.refresh_from_db()
--- a/hc/api/tests/test_pause.py
+++ b/hc/api/tests/test_pause.py
@ -1,4 +1,5 @@
 from datetime import timedelta as td
 import json

 from django.utils.timezone import now
 from hc.api.models import Check
@ -13,7 +14,7 @@ class PauseTestCase(BaseTestCase):
        self.url = f"/api/v1/checks/{self.check.code}/pause"

    def test_it_works(self):
        r = self.client.post(
        r = self.csrf_client.post(
            self.url, "", content_type="application/json", HTTP_X_API_KEY="X" * 32
        )

@ -23,6 +24,14 @@ class PauseTestCase(BaseTestCase):
        self.check.refresh_from_db()
        self.assertEqual(self.check.status, "paused")

    def test_it_accepts_api_key_in_post_body(self):
        payload = json.dumps({"api_key": "X" * 32})
        r = self.csrf_client.post(self.url, payload, content_type="application/json")
        self.assertEqual(r.status_code, 200)

        self.check.refresh_from_db()
        self.assertEqual(self.check.status, "paused")

    def test_it_handles_options(self):
        r = self.client.options(self.url)
        self.assertEqual(r.status_code, 204)
--- a/hc/api/tests/test_update_check.py
+++ b/hc/api/tests/test_update_check.py
@ -13,7 +13,7 @@ class UpdateCheckTestCase(BaseTestCase):

    def post(self, code, data):
        url = "/api/v1/checks/%s" % code
        return self.client.post(url, data, content_type="application/json")
        return self.csrf_client.post(url, data, content_type="application/json")

    def test_it_works(self):
        self.check.last_ping = now()