archive/blender-cloud
0
1
Fork 1
Code Issues 24 Pull Requests Projects Releases Wiki Activity

Implemented Blender ID webhook for user change notifications

Browse Source 
Handles changes in:

 - roles
 - full name
 - email address
This commit is contained in:
Sybren A. Stüvel
2017-12-01 19:06:16 +01:00
parent 532bf60041
commit f7ce8d74a7
3 changed files with 268 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
tests/test_webhooks.py Normal file
View File

@@ -0,0 +1,168 @@
import hashlib
import hmac
import json
from abstract_cloud_test import AbstractCloudTest
class UserModifiedTest(AbstractCloudTest):
def setUp(self, **kwargs):
super().setUp(**kwargs)
self.enter_app_context()
self.hmac_secret = b'1234 je moeder'
self.app.config['BLENDER_ID_WEBHOOK_USER_CHANGED_SECRET'] = self.hmac_secret.decode()
self.uid = self.create_user(24 * 'a',
roles={'subscriber'},
email='old@email.address')
def test_change_full_name(self):
payload = {'id': 1112333,
'old_email': 'old@email.address',
'full_name': 'ကြယ်ဆွတ်',
'email': 'old@email.address',
'roles': ['cloud_subscriber']}
as_json = json.dumps(payload).encode()
mac = hmac.new(self.hmac_secret,
as_json, hashlib.sha256)
self.post('/api/webhooks/user-modified',
data=as_json,
content_type='application/json',
headers={'X-Webhook-HMAC': mac.hexdigest()},
expected_status=204)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('old@email.address', db_user['email'])
self.assertEqual('ကြယ်ဆွတ်', db_user['full_name'])
self.assertEqual(['subscriber'], db_user['roles'])
def test_change_email(self):
payload = {'id': 1112333,
'old_email': 'old@email.address',
'full_name': 'ကြယ်ဆွတ်',
'email': 'new.address+here-there@email.address',
'roles': ['cloud_subscriber']}
as_json = json.dumps(payload).encode()
mac = hmac.new(self.hmac_secret,
as_json, hashlib.sha256)
self.post('/api/webhooks/user-modified',
data=as_json,
content_type='application/json',
headers={'X-Webhook-HMAC': mac.hexdigest()},
expected_status=204)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('new.address+here-there@email.address', db_user['email'])
self.assertEqual('ကြယ်ဆွတ်', db_user['full_name'])
self.assertEqual(['subscriber'], db_user['roles'])
def test_change_roles(self):
payload = {'id': 1112333,
'old_email': 'old@email.address',
'full_name': 'ကြယ်ဆွတ်',
'email': 'old@email.address',
'roles': ['cloud_demo']}
as_json = json.dumps(payload).encode()
mac = hmac.new(self.hmac_secret,
as_json, hashlib.sha256)
self.post('/api/webhooks/user-modified',
data=as_json,
content_type='application/json',
headers={'X-Webhook-HMAC': mac.hexdigest()},
expected_status=204)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('old@email.address', db_user['email'])
self.assertEqual('ကြယ်ဆွတ်', db_user['full_name'])
self.assertEqual({'flamenco-user', 'attract-user', 'demo'}, set(db_user['roles']))
def test_bad_hmac(self):
payload = {'id': 1112333,
'old_email': 'old@email.address',
'full_name': 'ကြယ်ဆွတ်',
'email': 'new@email.address',
'roles': ['cloud_demo']}
as_json = json.dumps(payload).encode()
mac = hmac.new(self.hmac_secret,
as_json, hashlib.sha256)
self.post('/api/webhooks/user-modified',
data=as_json,
content_type='application/json',
headers={'X-Webhook-HMAC': mac.hexdigest()[:-2]},
expected_status=400)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('old@email.address', db_user['email'])
self.assertEqual('คนรักของผัดไทย', db_user['full_name'])
self.assertEqual({'subscriber'}, set(db_user['roles']))
def test_no_hmac(self):
payload = {'id': 1112333,
'old_email': 'old@email.address',
'full_name': 'ကြယ်ဆွတ်',
'email': 'new@email.address',
'roles': ['cloud_demo']}
as_json = json.dumps(payload).encode()
self.post('/api/webhooks/user-modified',
data=as_json,
content_type='application/json',
expected_status=400)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('old@email.address', db_user['email'])
self.assertEqual('คนรักของผัดไทย', db_user['full_name'])
self.assertEqual({'subscriber'}, set(db_user['roles']))
def test_unknown_email(self):
payload = {'id': 1112333,
'old_email': 'unknown@email.address',
'full_name': 'ကြယ်ဆွတ်',
'email': 'new@email.address',
'roles': ['cloud_demo']}
as_json = json.dumps(payload).encode()
mac = hmac.new(self.hmac_secret,
as_json, hashlib.sha256)
self.post('/api/webhooks/user-modified',
data=as_json,
content_type='application/json',
headers={'X-Webhook-HMAC': mac.hexdigest()},
expected_status=204)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('old@email.address', db_user['email'])
self.assertEqual('คนรักของผัดไทย', db_user['full_name'])
self.assertEqual({'subscriber'}, set(db_user['roles']))
def test_huge_request(self):
payload = b'a' * 1024 * 100
mac = hmac.new(self.hmac_secret, payload, hashlib.sha256)
self.post('/api/webhooks/user-modified',
data=payload,
content_type='application/json',
headers={'X-Webhook-HMAC': mac.hexdigest()},
expected_status=400)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('old@email.address', db_user['email'])
self.assertEqual('คนรักของผัดไทย', db_user['full_name'])
self.assertEqual({'subscriber'}, set(db_user['roles']))
def test_invalid_json(self):
payload = b'\x00' * 1024 * 5
mac = hmac.new(self.hmac_secret, payload, hashlib.sha256)
self.post('/api/webhooks/user-modified',
data=payload,
content_type='application/json',
headers={'X-Webhook-HMAC': mac.hexdigest()},
expected_status=400)
# Check the effect on the user
db_user = self.fetch_user_from_db(self.uid)
self.assertEqual('old@email.address', db_user['email'])
self.assertEqual('คนรักของผัดไทย', db_user['full_name'])
self.assertEqual({'subscriber'}, set(db_user['roles']))