tests: remove dependency to invenio-oauth2server

* Replaces token-based authentication in tests with the `UserFixture` and test client login.
inveniosoftware · Dec 10, 2024 · 0c7cf6d · 0c7cf6d
1 parent c74c3a0
commit 0c7cf6d
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 53 deletions.
diff --git a/setup.cfg b/setup.cfg
@@ -44,7 +44,6 @@ tests =
     invenio-app>=2.0.0,<3.0.0
     invenio-db>=2.0.0,<3.0.0
     invenio-files-rest>=3.0.0,<4.0.0
-    invenio-oauth2server>=3.0.0,<4.0.0
     invenio-records>=3.0.0,<4.0.0
     invenio-records-ui>=2.0.0,<3.0.0
     pytest-invenio>=3.0.0,<4.0.0

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -10,7 +10,6 @@
 """Pytest configuration."""
 
 import datetime
-import os
 import shutil
 import tempfile
 import uuid
@@ -23,11 +22,9 @@
 from flask import appcontext_pushed, g
 from flask.cli import ScriptInfo
 from helpers import mock_date
-from invenio_accounts.testutils import create_test_user
 from invenio_app.factory import create_api as _create_api
 from invenio_db import db as db_
 from invenio_files_rest.models import Bucket, Location, ObjectVersion
-from invenio_oauth2server.models import Token
 from invenio_pidstore.minters import recid_minter
 from invenio_queues.proxies import current_queues
 from invenio_records.api import Record
@@ -442,17 +439,14 @@ def aggregated_events(app, search_clear, mock_user_ctx, request):
 
 
 @pytest.fixture()
-def users(app, db):
+def users(UserFixture, app, db):
     """Create users."""
-    user1 = create_test_user(email="[email protected]", password="tester")
-    user2 = create_test_user(email="[email protected]", password="tester2")
-
-    user1.allowed_token = Token.create_personal(
-        name="allowed_token", user_id=user1.id, scopes=[]
-    ).access_token
-    user2.allowed_token = Token.create_personal(
-        name="allowed_token", user_id=user2.id, scopes=[]
-    ).access_token
+    user1 = UserFixture(email="[email protected]", password="tester")
+    user1.create(app, db)
+
+    user2 = UserFixture(email="[email protected]", password="tester2")
+    user2.create(app, db)
+
     return {"authorized": user1, "unauthorized": user2}
 
 
@@ -516,7 +510,10 @@ def permission_factory(query_name, params, *args, **kwargs):
         permission_factory.params = params
         from flask_login import current_user
 
-        if current_user.is_authenticated and current_user.id == users["authorized"].id:
+        if (
+            current_user.is_authenticated
+            and current_user.get_id() == users["authorized"].id
+        ):
             return type("Allow", (), {"can": lambda self: True})()
         return type("Deny", (), {"can": lambda self: False})()
 

diff --git a/tests/test_views.py b/tests/test_views.py
@@ -7,6 +7,7 @@
 # under the terms of the MIT License; see LICENSE file for more details.
 
 """Test view functions."""
+
 import json
 
 import pytest
@@ -15,32 +16,28 @@
 from invenio_stats import current_stats
 
 
-def test_post_request(app, db, users, queries_config, sample_histogram_query_data):
+def test_post_request(
+    app, db, client, users, queries_config, sample_histogram_query_data
+):
     """Test post request to stats API."""
-    with app.test_client() as client:
-        headers = [("Content-Type", "application/json"), ("Accept", "application/json")]
-        sample_histogram_query_data["mystat"]["stat"] = "test-query"
-        resp = client.post(
-            url_for(
-                "invenio_stats.stat_query",
-                access_token=users["authorized"].allowed_token,
-            ),
-            headers=headers,
-            data=json.dumps(sample_histogram_query_data),
-        )
-        resp_json = json.loads(resp.data.decode("utf-8"))
-        assert resp_json["mystat"]["value"] == 100
+    headers = [("Content-Type", "application/json"), ("Accept", "application/json")]
+    sample_histogram_query_data["mystat"]["stat"] = "test-query"
+    users["authorized"].login(client)
+    resp = client.post(
+        url_for("invenio_stats.stat_query"),
+        headers=headers,
+        data=json.dumps(sample_histogram_query_data),
+    )
+    resp_json = json.loads(resp.data.decode("utf-8"))
+    assert resp_json["mystat"]["value"] == 100
 
-        sample_histogram_query_data["mystat"]["stat"] = "unknown-query"
-        resp = client.post(
-            url_for(
-                "invenio_stats.stat_query",
-                access_token=users["authorized"].allowed_token,
-            ),
-            headers=headers,
-            data=json.dumps(sample_histogram_query_data),
-        )
-        assert resp.status_code == 400
+    sample_histogram_query_data["mystat"]["stat"] = "unknown-query"
+    resp = client.post(
+        url_for("invenio_stats.stat_query"),
+        headers=headers,
+        data=json.dumps(sample_histogram_query_data),
+    )
+    assert resp.status_code == 400
 
 
 @pytest.mark.parametrize(
@@ -50,6 +47,7 @@ def test_post_request(app, db, users, queries_config, sample_histogram_query_dat
 def test_unauthorized_request(
     app,
     sample_histogram_query_data,
+    client,
     users,
     queries_config,
     custom_permission_factory,
@@ -59,20 +57,18 @@ def test_unauthorized_request(
     """Test rejecting unauthorized requests."""
 
     def client_req(user):
-        with app.test_client() as client:
-            headers = [
-                ("Content-Type", "application/json"),
-                ("Accept", "application/json"),
-            ]
-            resp = client.post(
-                url_for(
-                    "invenio_stats.stat_query",
-                    access_token=user.allowed_token if user else None,
-                ),
-                headers=headers,
-                data=json.dumps(sample_histogram_query_data),
-            )
-            return resp.status_code
+        if user:
+            user.login(client)
+        headers = [
+            ("Content-Type", "application/json"),
+            ("Accept", "application/json"),
+        ]
+        resp = client.post(
+            url_for("invenio_stats.stat_query"),
+            headers=headers,
+            data=json.dumps(sample_histogram_query_data),
+        )
+        return resp.status_code
 
     sample_histogram_query_data["mystat"]["stat"] = "test-query"
     user = users[which_user] if which_user else None