anoopmb
/
frappe
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
37432 Commits
1 Branch
314 MiB
 
 
 
 
 
 
Tree: d5627f5994
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd5627f5994'
${ noResults }
frappe/frappe/tests/test_api.py

264 lines
9.2 KiB
Raw Blame History 

  1. import sys

  2. import unittest

  3. from contextlib import contextmanager

  4. from random import choice

  5. from threading import Thread

  6. from typing import Dict, Optional, Tuple

  7. from unittest.mock import patch

  8. 

  9. import requests

  10. from semantic_version import Version

  11. from werkzeug.test import TestResponse

  12. 

  13. import frappe

  14. from frappe.utils import get_site_url, get_test_client

  15. 

  16. try:

  17. 	_site = frappe.local.site

  18. except Exception:

  19. 	_site = None

  20. 

  21. authorization_token = None

  22. 

  23. @contextmanager

  24. def suppress_stdout():

  25. 	"""Supress stdout for tests which expectedly make noise

  26. 	but that you don't need in tests"""

  27. 	sys.stdout = None

  28. 	try:

  29. 		yield

  30. 	finally:

  31. 		sys.stdout = sys.__stdout__

  32. 

  33. 

  34. def make_request(target: str, args: Optional[Tuple] = None, kwargs: Optional[Dict] = None) -> TestResponse:

  35. 	t = ThreadWithReturnValue(target=target, args=args, kwargs=kwargs)

  36. 	t.start()

  37. 	t.join()

  38. 	return t._return

  39. 

  40. 

  41. def patch_request_header(key, *args, **kwargs):

  42. 	if key == "Authorization":

  43. 		return f"token {authorization_token}"

  44. 

  45. 

  46. class ThreadWithReturnValue(Thread):

  47. 	def __init__(self, group=None, target=None, name=None, args=(), kwargs={}):

  48. 		Thread.__init__(self, group, target, name, args, kwargs)

  49. 		self._return = None

  50. 

  51. 	def run(self):

  52. 		if self._target is not None:

  53. 			with patch("frappe.app.get_site_name", return_value=_site):

  54. 				header_patch = patch("frappe.get_request_header", new=patch_request_header)

  55. 				if authorization_token:

  56. 					header_patch.start()

  57. 				self._return = self._target(*self._args, **self._kwargs)

  58. 				if authorization_token:

  59. 					header_patch.stop()

  60. 

  61. 	def join(self, *args):

  62. 		Thread.join(self, *args)

  63. 		return self._return

  64. 

  65. 

  66. class FrappeAPITestCase(unittest.TestCase):

  67. 	SITE = frappe.local.site

  68. 	SITE_URL = get_site_url(SITE)

  69. 	RESOURCE_URL = f"{SITE_URL}/api/resource"

  70. 	TEST_CLIENT = get_test_client()

  71. 

  72. 	@property

  73. 	def sid(self) -> str:

  74. 		if not getattr(self, "_sid", None):

  75. 			from frappe.auth import CookieManager, LoginManager

  76. 			from frappe.utils import set_request

  77. 

  78. 			set_request(path="/")

  79. 			frappe.local.cookie_manager = CookieManager()

  80. 			frappe.local.login_manager = LoginManager()

  81. 			frappe.local.login_manager.login_as('Administrator')

  82. 			self._sid = frappe.session.sid

  83. 

  84. 		return self._sid

  85. 

  86. 	def get(self, path: str, params: Optional[Dict] = None, **kwargs) -> TestResponse:

  87. 		return make_request(target=self.TEST_CLIENT.get, args=(path, ), kwargs={"data": params, **kwargs})

  88. 

  89. 	def post(self, path, data, **kwargs) -> TestResponse:

  90. 		return make_request(target=self.TEST_CLIENT.post, args=(path, ), kwargs={"data": data, **kwargs})

  91. 

  92. 	def put(self, path, data, **kwargs) -> TestResponse:

  93. 		return make_request(target=self.TEST_CLIENT.put, args=(path, ), kwargs={"data": data, **kwargs})

  94. 

  95. 	def delete(self, path, **kwargs) -> TestResponse:

  96. 		return make_request(target=self.TEST_CLIENT.delete, args=(path, ), kwargs=kwargs)

  97. 

  98. 

  99. class TestResourceAPI(FrappeAPITestCase):

  100. 	DOCTYPE = "ToDo"

  101. 	GENERATED_DOCUMENTS = []

  102. 

  103. 	@classmethod

  104. 	def setUpClass(cls):

  105. 		for _ in range(10):

  106. 			doc = frappe.get_doc(

  107. 				{"doctype": "ToDo", "description": frappe.mock("paragraph")}

  108. 			).insert()

  109. 			cls.GENERATED_DOCUMENTS.append(doc.name)

  110. 		frappe.db.commit()

  111. 

  112. 	@classmethod

  113. 	def tearDownClass(cls):

  114. 		for name in cls.GENERATED_DOCUMENTS:

  115. 			frappe.delete_doc_if_exists(cls.DOCTYPE, name)

  116. 		frappe.db.commit()

  117. 

  118. 	def test_unauthorized_call(self):

  119. 		# test 1: fetch documents without auth

  120. 		response = requests.get(f"{self.RESOURCE_URL}/{self.DOCTYPE}")

  121. 		self.assertEqual(response.status_code, 403)

  122. 

  123. 	def test_get_list(self):

  124. 		# test 2: fetch documents without params

  125. 		response = self.get(f"/api/resource/{self.DOCTYPE}", {"sid": self.sid})

  126. 		self.assertEqual(response.status_code, 200)

  127. 		self.assertIsInstance(response.json, dict)

  128. 		self.assertIn("data", response.json)

  129. 

  130. 	def test_get_list_limit(self):

  131. 		# test 3: fetch data with limit

  132. 		response = self.get(f"/api/resource/{self.DOCTYPE}", {"sid": self.sid, "limit": 2})

  133. 		self.assertEqual(response.status_code, 200)

  134. 		self.assertEqual(len(response.json["data"]), 2)

  135. 

  136. 	def test_get_list_dict(self):

  137. 		# test 4: fetch response as (not) dict

  138. 		response = self.get(f"/api/resource/{self.DOCTYPE}", {"sid": self.sid, "as_dict": True})

  139. 		json = frappe._dict(response.json)

  140. 		self.assertEqual(response.status_code, 200)

  141. 		self.assertIsInstance(json.data, list)

  142. 		self.assertIsInstance(json.data[0], dict)

  143. 

  144. 		response = self.get(f"/api/resource/{self.DOCTYPE}", {"sid": self.sid, "as_dict": False})

  145. 		json = frappe._dict(response.json)

  146. 		self.assertEqual(response.status_code, 200)

  147. 		self.assertIsInstance(json.data, list)

  148. 		self.assertIsInstance(json.data[0], list)

  149. 

  150. 	def test_get_list_debug(self):

  151. 		# test 5: fetch response with debug

  152. 		response = self.get(f"/api/resource/{self.DOCTYPE}", {"sid": self.sid, "debug": True})

  153. 		self.assertEqual(response.status_code, 200)

  154. 		self.assertIn("exc", response.json)

  155. 		self.assertIsInstance(response.json["exc"], str)

  156. 		self.assertIsInstance(eval(response.json["exc"]), list)

  157. 

  158. 	def test_get_list_fields(self):

  159. 		# test 6: fetch response with fields

  160. 		response = self.get(f"/api/resource/{self.DOCTYPE}", {"sid": self.sid, "fields": '["description"]'})

  161. 		self.assertEqual(response.status_code, 200)

  162. 		json = frappe._dict(response.json)

  163. 		self.assertIn("description", json.data[0])

  164. 

  165. 	def test_create_document(self):

  166. 		# test 7: POST method on /api/resource to create doc

  167. 		data = {"description": frappe.mock("paragraph"), "sid": self.sid}

  168. 		response = self.post(f"/api/resource/{self.DOCTYPE}", data)

  169. 		self.assertEqual(response.status_code, 200)

  170. 		docname = response.json["data"]["name"]

  171. 		self.assertIsInstance(docname, str)

  172. 		self.GENERATED_DOCUMENTS.append(docname)

  173. 

  174. 	def test_update_document(self):

  175. 		# test 8: PUT method on /api/resource to update doc

  176. 		generated_desc = frappe.mock("paragraph")

  177. 		data = {"description": generated_desc, "sid": self.sid}

  178. 		random_doc = choice(self.GENERATED_DOCUMENTS)

  179. 		desc_before_update = frappe.db.get_value(self.DOCTYPE, random_doc, "description")

  180. 

  181. 		response = self.put(f"/api/resource/{self.DOCTYPE}/{random_doc}", data=data)

  182. 		self.assertEqual(response.status_code, 200)

  183. 		self.assertNotEqual(response.json["data"]["description"], desc_before_update)

  184. 		self.assertEqual(response.json["data"]["description"], generated_desc)

  185. 

  186. 	def test_delete_document(self):

  187. 		# test 9: DELETE method on /api/resource

  188. 		doc_to_delete = choice(self.GENERATED_DOCUMENTS)

  189. 		response = self.delete(f"/api/resource/{self.DOCTYPE}/{doc_to_delete}")

  190. 		self.assertEqual(response.status_code, 202)

  191. 		self.assertDictEqual(response.json, {"message": "ok"})

  192. 		self.GENERATED_DOCUMENTS.remove(doc_to_delete)

  193. 

  194. 		non_existent_doc = frappe.generate_hash(length=12)

  195. 		with suppress_stdout():

  196. 			response = self.delete(f"/api/resource/{self.DOCTYPE}/{non_existent_doc}")

  197. 		self.assertEqual(response.status_code, 404)

  198. 		self.assertDictEqual(response.json, {})

  199. 

  200. 	def test_run_doc_method(self):

  201. 		# test 10: Run whitelisted method on doc via /api/resource

  202. 		# status_code is 403 if no other tests are run before this - it's not logged in

  203. 		self.post("/api/resource/Website Theme/Standard", {"run_method": "get_apps"})

  204. 		response = self.get("/api/resource/Website Theme/Standard", {"run_method": "get_apps"})

  205. 		self.assertIn(response.status_code, (403, 200))

  206. 

  207. 		if response.status_code == 403:

  208. 			self.assertTrue(set(response.json.keys()) == {'exc_type', 'exception', 'exc', '_server_messages'})

  209. 			self.assertEqual(response.json.get('exc_type'), 'PermissionError')

  210. 			self.assertEqual(response.json.get('exception'), 'frappe.exceptions.PermissionError: Not permitted')

  211. 			self.assertIsInstance(response.json.get('exc'), str)

  212. 

  213. 		elif response.status_code == 200:

  214. 			data = response.json.get("data")

  215. 			self.assertIsInstance(data, list)

  216. 			self.assertIsInstance(data[0], dict)

  217. 

  218. 

  219. class TestMethodAPI(FrappeAPITestCase):

  220. 	METHOD_PATH = "/api/method"

  221. 

  222. 	def setUp(self):

  223. 		if self._testMethodName == "test_auth_cycle":

  224. 			from frappe.core.doctype.user.user import generate_keys

  225. 			generate_keys("Administrator")

  226. 			frappe.db.commit()

  227. 

  228. 	def test_version(self):

  229. 		# test 1: test for /api/method/version

  230. 		response = self.get(f"{self.METHOD_PATH}/version")

  231. 		json = frappe._dict(response.json)

  232. 

  233. 		self.assertEqual(response.status_code, 200)

  234. 		self.assertIsInstance(json, dict)

  235. 		self.assertIsInstance(json.message, str)

  236. 		self.assertEqual(Version(json.message), Version(frappe.__version__))

  237. 

  238. 	def test_ping(self):

  239. 		# test 2: test for /api/method/ping

  240. 		response = self.get(f"{self.METHOD_PATH}/ping")

  241. 		self.assertEqual(response.status_code, 200)

  242. 		self.assertIsInstance(response.json, dict)

  243. 		self.assertEqual(response.json["message"], "pong")

  244. 

  245. 	def test_get_user_info(self):

  246. 		# test 3: test for /api/method/frappe.realtime.get_user_info

  247. 		response = self.get(f"{self.METHOD_PATH}/frappe.realtime.get_user_info")

  248. 		self.assertEqual(response.status_code, 200)

  249. 		self.assertIsInstance(response.json, dict)

  250. 		self.assertIn(response.json.get("message").get("user"), ("Administrator", "Guest"))

  251. 

  252. 	def test_auth_cycle(self):

  253. 		# test 4: Pass authorization token in request

  254. 		global authorization_token

  255. 		user = frappe.get_doc("User", "Administrator")

  256. 		api_key, api_secret = user.api_key, user.get_password("api_secret")

  257. 		authorization_token = f"{api_key}:{api_secret}"

  258. 		response = self.get("/api/method/frappe.auth.get_logged_user")

  259. 

  260. 		self.assertEqual(response.status_code, 200)

  261. 		self.assertEqual(response.json["message"], "Administrator")

  262. 

  263. 		authorization_token = None