| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # isort:skip_file |
| # pylint: disable=too-many-public-methods, no-self-use, invalid-name, too-many-arguments |
| """Unit tests for Superset""" |
| import json |
| |
| from tests.base_tests import SupersetTestCase |
| from flask_wtf.csrf import generate_csrf |
| |
| |
| class TestSecurityApi(SupersetTestCase): |
| resource_name = "security" |
| |
| def _assert_get_csrf_token(self): |
| uri = f"api/v1/{self.resource_name}/csrf_token/" |
| response = self.client.get(uri) |
| assert response.status_code == 200 |
| data = json.loads(response.data.decode("utf-8")) |
| assert data["result"] == generate_csrf() |
| |
| def test_get_csrf_token(self): |
| """ |
| Security API: Test get CSRF token |
| """ |
| self.login(username="admin") |
| self._assert_get_csrf_token() |
| |
| def test_get_csrf_token_gamma(self): |
| """ |
| Security API: Test get CSRF token by gamma |
| """ |
| self.login(username="gamma") |
| self._assert_get_csrf_token() |
| |
| def test_get_csrf_unauthorized(self): |
| """ |
| Security API: Test get CSRF no login |
| """ |
| self.logout() |
| uri = f"api/v1/{self.resource_name}/csrf_token/" |
| response = self.client.get(uri) |
| self.assertEqual(response.status_code, 401) |