Merge branch 'tests' into publicapi-tests

Disable VM creation check for the moment
Fix botched merge
2021-07-17 13:37:43 +02:00 · 2021-07-17 13:37:28 +02:00 · 2021-07-17 13:32:54 +02:00 · 2021-07-17 13:29:16 +02:00 · 2021-07-17 13:28:50 +02:00 · 2021-07-17 13:23:43 +02:00
20 changed files with 478 additions and 265 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -1,14 +0,0 @@
---
-kind: pipeline
-name: publish docker image
-steps:
-  - name: build and publish
-    image: plugins/docker
-    settings:
-      username:
-        from_secret: docker_reg_username_3wc
-      password:
-        from_secret: docker_reg_passwd_3wc
-      repo: 3wordchant/capsul-flask
-      tags: latest
-
--- a/32
+++ b/32
@ -1,32 +0,0 @@
-FROM python:3.8-alpine as build
-
-RUN apk add gettext git gcc python3-dev musl-dev \
-    libffi-dev zlib-dev jpeg-dev libjpeg postgresql-dev build-base \
-    --virtual .build-dependencies
-
-RUN mkdir -p /app/{code,venv}
-WORKDIR /app/code
-COPY Pipfile Pipfile.lock /app/code/
-
-RUN python3 -m venv /app/venv
-RUN pip install pipenv setuptools
-ENV PATH="/app/venv/bin:$PATH" VIRTUAL_ENV="/app/venv"
-RUN pip install wheel cppy
-# Install dependencies into the virtual environment with Pipenv
-RUN pipenv install --deploy --verbose
-
-FROM python:3.8-alpine
-
-RUN apk add --no-cache libpq libstdc++ libjpeg libvirt-client
-
-COPY . /app/code/
-WORKDIR /app/code
-
-COPY --from=build /app/venv /app/venv
-ENV PATH="/app/venv/bin:$PATH" VIRTUAL_ENV="/app/venv"
-
-CMD ["gunicorn", "--bind", "0.0.0.0:5000", "-k", "gevent", "--worker-connections", "1000", "app:app"]
-
-VOLUME /app/code
-
-EXPOSE 5000
--- a/1
+++ b/1
@ -9,6 +9,7 @@ blinker = "==1.4"
 click = "==7.1.2"
 Flask = "==1.1.2"
 Flask-Mail = "==0.9.1"
+Flask-Testing = "==0.8.1"
 gunicorn = "==20.0.4"
 isort = "==4.3.21"
 itsdangerous = "==1.1.0"
--- a/app.py
+++ b/app.py
@ -1,2 +1,4 @@

-from capsulflask import app
+from capsulflask import create_app
+
+create_app()
--- a/capsulflask/init.py
+++ b/capsulflask/init.py
@ -8,7 +8,7 @@ import requests
 import sys

 import stripe
-from dotenv import load_dotenv, find_dotenv
+from dotenv import find_dotenv, dotenv_values
 from flask import Flask
 from flask_mail import Mail, Message
 from flask import render_template
@ -22,62 +22,68 @@ from capsulflask import hub_model, spoke_model, cli
 from capsulflask.btcpay import client as btcpay
 from capsulflask.http_client import MyHTTPClient

+
 class StdoutMockFlaskMail:
    def send(self, message: Message):
      current_app.logger.info(f"Email would have been sent if configured:\n\nto: {','.join(message.recipients)}\nsubject: {message.subject}\nbody:\n\n{message.body}\n\n")

-load_dotenv(find_dotenv())
+def create_app():

-app = Flask(__name__)
+  config = {
+      **dotenv_values(find_dotenv()),
+      **os.environ,  # override loaded values with environment variables
+  }

-app.config.from_mapping(
+  app = Flask(__name__)

-  BASE_URL=os.environ.get("BASE_URL", default="http://localhost:5000"),
-  SECRET_KEY=os.environ.get("SECRET_KEY", default="dev"),
-  HUB_MODE_ENABLED=os.environ.get("HUB_MODE_ENABLED", default="True").lower() in ['true', '1', 't', 'y', 'yes'],
-  SPOKE_MODE_ENABLED=os.environ.get("SPOKE_MODE_ENABLED", default="True").lower() in ['true', '1', 't', 'y', 'yes'],
-  INTERNAL_HTTP_TIMEOUT_SECONDS=os.environ.get("INTERNAL_HTTP_TIMEOUT_SECONDS", default="300"),
-  HUB_MODEL=os.environ.get("HUB_MODEL", default="capsul-flask"),
-  SPOKE_MODEL=os.environ.get("SPOKE_MODEL", default="mock"),
-  LOG_LEVEL=os.environ.get("LOG_LEVEL", default="INFO"),
-  SPOKE_HOST_ID=os.environ.get("SPOKE_HOST_ID", default="baikal"),
-  SPOKE_HOST_TOKEN=os.environ.get("SPOKE_HOST_TOKEN", default="changeme"),
-  HUB_TOKEN=os.environ.get("HUB_TOKEN", default="changeme"),
+  app.config.from_mapping(
+    TESTING=config.get("TESTING", False),
+    BASE_URL=config.get("BASE_URL", "http://localhost:5000"),
+    SECRET_KEY=config.get("SECRET_KEY", "dev"),
+    HUB_MODE_ENABLED=config.get("HUB_MODE_ENABLED", "True").lower() in ['true', '1', 't', 'y', 'yes'],
+    SPOKE_MODE_ENABLED=config.get("SPOKE_MODE_ENABLED", "True").lower() in ['true', '1', 't', 'y', 'yes'],
+    INTERNAL_HTTP_TIMEOUT_SECONDS=config.get("INTERNAL_HTTP_TIMEOUT_SECONDS", "300"),
+    HUB_MODEL=config.get("HUB_MODEL", "capsul-flask"),
+    SPOKE_MODEL=config.get("SPOKE_MODEL", "mock"),
+    LOG_LEVEL=config.get("LOG_LEVEL", "INFO"),
+    SPOKE_HOST_ID=config.get("SPOKE_HOST_ID", "baikal"),
+    SPOKE_HOST_TOKEN=config.get("SPOKE_HOST_TOKEN", "changeme"),
+    HUB_TOKEN=config.get("HUB_TOKEN", "changeme"),

    # https://www.postgresql.org/docs/9.1/libpq-ssl.html#LIBPQ-SSL-SSLMODE-STATEMENTS
    # https://stackoverflow.com/questions/56332906/where-to-put-ssl-certificates-when-trying-to-connect-to-a-remote-database-using
    # TLS example: sslmode=verify-full sslrootcert=letsencrypt-root-ca.crt host=db.example.com port=5432 user=postgres password=dev dbname=postgres
-  POSTGRES_CONNECTION_PARAMETERS=os.environ.get(
+    POSTGRES_CONNECTION_PARAMETERS=config.get(
      "POSTGRES_CONNECTION_PARAMETERS", 
-    default="host=localhost port=5432 user=postgres password=dev dbname=postgres"
+      "host=localhost port=5432 user=postgres password=dev dbname=postgres"
    ),

-  DATABASE_SCHEMA=os.environ.get("DATABASE_SCHEMA", default="public"),
+    DATABASE_SCHEMA=config.get("DATABASE_SCHEMA", "public"),

-  MAIL_SERVER=os.environ.get("MAIL_SERVER", default=""),
-  MAIL_PORT=os.environ.get("MAIL_PORT", default="465"),
-  MAIL_USE_TLS=os.environ.get("MAIL_USE_TLS", default="False").lower() in ['true', '1', 't', 'y', 'yes'],
-  MAIL_USE_SSL=os.environ.get("MAIL_USE_SSL", default="True").lower() in ['true', '1', 't', 'y', 'yes'],
-  MAIL_USERNAME=os.environ.get("MAIL_USERNAME", default=""),
-  MAIL_PASSWORD=os.environ.get("MAIL_PASSWORD", default=""),
-  MAIL_DEFAULT_SENDER=os.environ.get("MAIL_DEFAULT_SENDER", default="no-reply@capsul.org"),
-  ADMIN_EMAIL_ADDRESSES=os.environ.get("ADMIN_EMAIL_ADDRESSES", default="ops@cyberia.club"),
-  ADMIN_PANEL_ALLOW_EMAIL_ADDRESSES=os.environ.get("ADMIN_PANEL_ALLOW_EMAIL_ADDRESSES", default="forest.n.johnson@gmail.com,capsul@cyberia.club"),
+    MAIL_SERVER=config.get("MAIL_SERVER", ""),
+    MAIL_PORT=config.get("MAIL_PORT", "465"),
+    MAIL_USE_TLS=config.get("MAIL_USE_TLS", "False").lower() in ['true', '1', 't', 'y', 'yes'],
+    MAIL_USE_SSL=config.get("MAIL_USE_SSL", "True").lower() in ['true', '1', 't', 'y', 'yes'],
+    MAIL_USERNAME=config.get("MAIL_USERNAME", ""),
+    MAIL_PASSWORD=config.get("MAIL_PASSWORD", ""),
+    MAIL_DEFAULT_SENDER=config.get("MAIL_DEFAULT_SENDER", "no-reply@capsul.org"),
+    ADMIN_EMAIL_ADDRESSES=config.get("ADMIN_EMAIL_ADDRESSES", "ops@cyberia.club"),
+    ADMIN_PANEL_ALLOW_EMAIL_ADDRESSES=config.get("ADMIN_PANEL_ALLOW_EMAIL_ADDRESSES", "forest.n.johnson@gmail.com,capsul@cyberia.club"),

-  PROMETHEUS_URL=os.environ.get("PROMETHEUS_URL", default="https://prometheus.cyberia.club"),
+    PROMETHEUS_URL=config.get("PROMETHEUS_URL", "https://prometheus.cyberia.club"),

-  STRIPE_API_VERSION=os.environ.get("STRIPE_API_VERSION", default="2020-03-02"),
-  STRIPE_SECRET_KEY=os.environ.get("STRIPE_SECRET_KEY", default=""),
-  STRIPE_PUBLISHABLE_KEY=os.environ.get("STRIPE_PUBLISHABLE_KEY", default=""),
-  #STRIPE_WEBHOOK_SECRET=os.environ.get("STRIPE_WEBHOOK_SECRET", default="")
+    STRIPE_API_VERSION=config.get("STRIPE_API_VERSION", "2020-03-02"),
+    STRIPE_SECRET_KEY=config.get("STRIPE_SECRET_KEY", ""),
+    STRIPE_PUBLISHABLE_KEY=config.get("STRIPE_PUBLISHABLE_KEY", ""),
+    #STRIPE_WEBHOOK_SECRET=config.get("STRIPE_WEBHOOK_SECRET", "")

-  BTCPAY_PRIVATE_KEY=os.environ.get("BTCPAY_PRIVATE_KEY", default="").replace("\\n", "\n"),
-  BTCPAY_URL=os.environ.get("BTCPAY_URL", default="https://btcpay.cyberia.club")
-)
+    BTCPAY_PRIVATE_KEY=config.get("BTCPAY_PRIVATE_KEY", "").replace("\\n", "\n"),
+    BTCPAY_URL=config.get("BTCPAY_URL", "https://btcpay.cyberia.club")
+  )

-app.config['HUB_URL'] = os.environ.get("HUB_URL", default=app.config['BASE_URL'])
+  app.config['HUB_URL'] = config.get("HUB_URL", app.config['BASE_URL'])

-class SetLogLevelToDebugForHeartbeatRelatedMessagesFilter(logging.Filter):
+  class SetLogLevelToDebugForHeartbeatRelatedMessagesFilter(logging.Filter):
    def isHeartbeatRelatedString(self, thing):
      # thing_string = "<error>"
      is_in_string = False
@ -101,7 +107,7 @@ class SetLogLevelToDebugForHeartbeatRelatedMessagesFilter(logging.Filter):

      return True

-logging_dict_config({
+  logging_dict_config({
    'version': 1,
    'formatters': {'default': {
      'format': '[%(asctime)s] %(levelname)s in %(module)s: %(message)s',
@ -121,7 +127,7 @@ logging_dict_config({
      'level': app.config['LOG_LEVEL'],
      'handlers': ['wsgi']
    }
-})
+  })

 # app.logger.critical("critical")
 # app.logger.error("error")
@ -129,36 +135,40 @@ logging_dict_config({
 # app.logger.info("info")
 # app.logger.debug("debug")

-stripe.api_key = app.config['STRIPE_SECRET_KEY']
-stripe.api_version = app.config['STRIPE_API_VERSION']
+  stripe.api_key = app.config['STRIPE_SECRET_KEY']
+  stripe.api_version = app.config['STRIPE_API_VERSION']

-if app.config['MAIL_SERVER'] != "":
+  if app.config['MAIL_SERVER'] != "":
    app.config['FLASK_MAIL_INSTANCE'] = Mail(app)
-else:
+  else:
    app.logger.warning("No MAIL_SERVER configured. capsul will simply print emails to stdout.")
    app.config['FLASK_MAIL_INSTANCE'] = StdoutMockFlaskMail()

-app.config['HTTP_CLIENT'] = MyHTTPClient(timeout_seconds=int(app.config['INTERNAL_HTTP_TIMEOUT_SECONDS']))
+  app.config['HTTP_CLIENT'] = MyHTTPClient(timeout_seconds=int(app.config['INTERNAL_HTTP_TIMEOUT_SECONDS']))

-try:
+  try:
    app.config['BTCPAY_CLIENT'] = btcpay.Client(api_uri=app.config['BTCPAY_URL'], pem=app.config['BTCPAY_PRIVATE_KEY'])
-except:
+  except:
    app.logger.warning("unable to create btcpay client. Capsul will work fine except cryptocurrency payments will not work. The error was: " + my_exec_info_message(sys.exc_info()))

 # only start the scheduler and attempt to migrate the database if we are running the app.
 # otherwise we are running a CLI command.
-command_line = ' '.join(sys.argv)
-is_running_server = ('flask run' in command_line) or ('gunicorn' in command_line)
+  command_line = ' '.join(sys.argv)
+  is_running_server = (
+    ('flask run' in command_line) or
+    ('gunicorn' in command_line) or
+    ('test' in command_line)
+  )

-app.logger.info(f"is_running_server: {is_running_server}")
+  app.logger.info(f"is_running_server: {is_running_server}")

-if app.config['HUB_MODE_ENABLED']:
+  if app.config['HUB_MODE_ENABLED']:
    if app.config['HUB_MODEL'] == "capsul-flask":
      app.config['HUB_MODEL'] = hub_model.CapsulFlaskHub()

      # debug mode (flask reloader) runs two copies of the app. When running in debug mode,
      # we only want to start the scheduler one time.
-    if is_running_server and (not app.debug or os.environ.get('WERKZEUG_RUN_MAIN') == 'true'):
+      if is_running_server and (not app.debug or config.get('WERKZEUG_RUN_MAIN') == 'true'):
        scheduler = BackgroundScheduler()
        heartbeat_task_url = f"{app.config['HUB_URL']}/hub/heartbeat-task"
        heartbeat_task_headers = {'Authorization': f"Bearer {app.config['HUB_TOKEN']}"}
@ -178,8 +188,8 @@ if app.config['HUB_MODE_ENABLED']:
    auth, landing, console, payment, metrics, cli, hub_api, publicapi, admin
  )

-  app.register_blueprint(landing.bp)
  app.register_blueprint(auth.bp)
+  app.register_blueprint(landing.bp)
  app.register_blueprint(console.bp)
  app.register_blueprint(payment.bp)
  app.register_blueprint(metrics.bp)
@ -190,9 +200,7 @@ if app.config['HUB_MODE_ENABLED']:

  app.add_url_rule("/", endpoint="index")

-
-
-if app.config['SPOKE_MODE_ENABLED']:
+  if app.config['SPOKE_MODE_ENABLED']:
    if app.config['SPOKE_MODEL'] == "shell-scripts":
      app.config['SPOKE_MODEL'] = spoke_model.ShellScriptSpoke()
    else:
@ -202,8 +210,8 @@ if app.config['SPOKE_MODE_ENABLED']:

    app.register_blueprint(spoke_api.bp)

-@app.after_request
-def security_headers(response):
+  @app.after_request
+  def security_headers(response):
    response.headers['X-Frame-Options'] = 'SAMEORIGIN'
    if 'Content-Security-Policy' not in response.headers:
      response.headers['Content-Security-Policy'] = "default-src 'self'"
@ -211,8 +219,8 @@ def security_headers(response):
    return response


-@app.context_processor
-def override_url_for():
+  @app.context_processor
+  def override_url_for():
    """
    override the url_for function built into flask 
    with our own custom implementation that busts the cache correctly when files change 
@ -220,7 +228,7 @@ def override_url_for():
    return dict(url_for=url_for_with_cache_bust)


-def url_for_with_cache_bust(endpoint, **values):
+  def url_for_with_cache_bust(endpoint, **values):
    """
    Add a query parameter based on the hash of the file, this acts as a cache bust
    """
@ -244,3 +252,5 @@ def url_for_with_cache_bust(endpoint, **values):
        values['q'] = current_app.config['STATIC_FILE_HASH_CACHE'][filename]

    return url_for(endpoint, **values)
+
+  return app
--- a/capsulflask/auth.py
+++ b/capsulflask/auth.py
@ -41,7 +41,6 @@ def account_required(view):

    return wrapped_view

-
 def admin_account_required(view):
    """View decorator that redirects non-admin users to the login page."""

--- a/capsulflask/console.py
+++ b/capsulflask/console.py
@ -237,16 +237,11 @@ def _create(vm_sizes, operating_systems, public_keys_for_account, server_data):

  if len(errors) == 0:
    id = make_capsul_id()
-    get_model().create_vm(
-      email=session["account"], 
-      id=id, 
-      size=size, 
-      os=os,
-      ssh_authorized_keys=list(map(lambda x: x["name"], posted_keys))
-    )
    current_app.config["HUB_MODEL"].create(
      email = session["account"],
      id=id,
+      os=os,
+      size=size,
      template_image_file_name=operating_systems[os]['template_image_file_name'],
      vcpus=vm_sizes[size]['vcpus'],
      memory_mb=vm_sizes[size]['memory_mb'],
@ -264,6 +259,7 @@ def create():
  public_keys_for_account = get_model().list_ssh_public_keys_for_account(session["account"])
  account_balance = get_account_balance(get_vms(), get_payments(), datetime.utcnow())
  capacity_avaliable = current_app.config["HUB_MODEL"].capacity_avaliable(512*1024*1024)
+  errors = list()

  if request.method == "POST":
    if "csrf-token" not in request.form or request.form['csrf-token'] != session['csrf-token']:
@ -274,8 +270,6 @@ def create():
      public_keys_for_account,
      request.form)
    if len(errors) == 0: 
-      for error in errors:
-        flash(error)
      return redirect(f"{url_for('console.index')}?created={id}")
  
  affordable_vm_sizes = dict()
@ -286,6 +280,9 @@ def create():
    if vm_size["dollars_per_month"] <= account_balance+0.25:
      affordable_vm_sizes[key] = vm_size

+  for error in errors:
+    flash(error)
+
  if not capacity_avaliable:
    current_app.logger.warning(f"when capsul capacity is restored, send an email to {session['account']}")

--- a/capsulflask/db.py
+++ b/capsulflask/db.py
@ -43,7 +43,7 @@ def init_app(app, is_running_server):
  hasSchemaVersionTable = False
  actionWasTaken = False
  schemaVersion = 0
-  desiredSchemaVersion = 18
+  desiredSchemaVersion = 19

  cursor = connection.cursor()

--- a/capsulflask/hub_api.py
+++ b/capsulflask/hub_api.py
@ -160,7 +160,10 @@ def can_claim_create(payload, host_id) -> (str, str):
  if allocated_network_name is None or allocated_ipv4_address is None:
    return "", f"host \"{host_id}\" does not have any avaliable IP addresses on any of its networks."

-  payload["network_name"] = allocated_network_name
+  # payload["network_name"] = allocated_network_name
+  # hard-code the network name for now until we can fix the phantom dhcp lease issues.
+
+  payload["network_name"] = 'public3'
  payload["public_ipv4"] = allocated_ipv4_address

  return payload, ""
--- a/capsulflask/schema_migrations/17_down_api_tokens.py
+++ b/capsulflask/schema_migrations/17_down_api_tokens.py
@ -1,2 +0,0 @@
-DROP TABLE api_keys;
-UPDATE schemaversion SET version = 16;
--- a/capsulflask/schema_migrations/17_up_api_tokens.py
+++ b/capsulflask/schema_migrations/17_up_api_tokens.py
@ -1,9 +0,0 @@
-CREATE TABLE api_tokens (
-  id                 SERIAL PRIMARY KEY,
-  email              TEXT REFERENCES accounts(email) ON DELETE RESTRICT,
-  name               TEXT NOT NULL,
-  created            TIMESTAMP NOT NULL DEFAULT NOW(),
-  token              TEXT NOT NULL
-);
-
-UPDATE schemaversion SET version = 17;
--- a/capsulflask/schema_migrations/19_down_api_tokens.py
+++ b/capsulflask/schema_migrations/19_down_api_tokens.py
@ -1,2 +1,2 @@
 DROP TABLE api_keys;
-UPDATE schemaversion SET version = 16;
+UPDATE schemaversion SET version = 18;
--- a/capsulflask/schema_migrations/19_up_api_tokens.py
+++ b/capsulflask/schema_migrations/19_up_api_tokens.py
@ -6,4 +6,4 @@ CREATE TABLE api_tokens (
  token              TEXT NOT NULL
 );

-UPDATE schemaversion SET version = 17;
+UPDATE schemaversion SET version = 19;
--- a/capsulflask/tests/init.py
+++ b/capsulflask/tests/init.py
--- a/capsulflask/tests/test_auth.py
+++ b/capsulflask/tests/test_auth.py
@ -0,0 +1,23 @@
+from flask import url_for, session
+
+from capsulflask.db import get_model
+from capsulflask.tests_base import BaseTestCase
+
+
+class LoginTests(BaseTestCase):
+    render_templates = False
+
+    def test_login_request(self):
+        with self.client as client:
+            response = client.get(url_for("auth.login"))
+            self.assert_200(response)
+
+            # FIXME test generated login link
+
+    def test_login_magiclink(self):
+        token, ignoreCaseMatches = get_model().login('test@example.com')
+
+        with self.client as client:
+            response = client.get(url_for("auth.magiclink", token=token))
+            self.assertRedirects(response, url_for("console.index"))
+            self.assertEqual(session['account'], 'test@example.com')
--- a/capsulflask/tests/test_console.py
+++ b/capsulflask/tests/test_console.py
@ -0,0 +1,170 @@
+from unittest.mock import patch
+
+from flask import url_for
+
+from capsulflask.hub_model import MockHub
+from capsulflask.db import get_model
+from capsulflask.tests_base import BaseTestCase
+
+
+class ConsoleTests(BaseTestCase):
+    capsul_data = {
+        "size": "f1-xs",
+        "os": "debian10",
+        "ssh_authorized_key_count": 1,
+        "ssh_key_0": "key"
+    }
+
+    ssh_key_data = {
+        "name": "key2",
+        "action": "upload_ssh_key",
+        "content": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDntq1t8Ddsa2q4p+PM7W4CLYYmxakokRRVLlf7AQlsTJFPsgBe9u0zuoOaKDMkBr0dlnuLm4Eub1Mj+BrdqAokto0YDiAnxUKRuYQKuHySKK8bLkisi2k47jGBDikx/jihgiuFTawo1mYsJJepC7PPwZGsoCImJEgq1L+ug0p3Zrj3QkUx4h25MpCSs2yvfgWjDyN8hEC76O42P+4ETezYrzrd1Kj26hdzHRnrxygvIUOtfau+5ydlaz8xQBEPrEY6/+pKDuwtXg1pBL7GmoUxBXVfHQSgq5s9jIJH+G0CR0ZoHMB25Ln4X/bsCQbLOu21+IGYKSDVM5TIMLtkKUkERQMVWvnpOp1LZKir4dC0m7SW74wpA8+2b1IsURIr9ARYGJpCEv1Q1Wz/X3yTf6Mfey7992MjUc9HcgjgU01/+kYomoXHprzolk+22Gjfgo3a4dRIoTY82GO8kkUKiaWHvDkkVURCY5dpteLA05sk3Z9aRMYsNXPLeOOPfzTlDA0="
+    }
+
+    def test_index(self):
+        self._login('test@example.com')
+        with self.client as client:
+            response = client.get(url_for("console.index"))
+            self.assert_200(response)
+
+    def test_create_loads(self):
+        self._login('test@example.com')
+        with self.client as client:
+            response = client.get(url_for("console.create"))
+            self.assert_200(response)
+
+    def test_create_fails_capacity(self):
+        with self.client as client:
+            client.get(url_for("console.create"))
+            csrf_token = self.get_context_variable('csrf_token')
+
+            data = self.capsul_data
+            data['csrf-token'] = csrf_token
+
+            # Override MockHub.capacity_avaliable to always return False
+            with patch.object(MockHub, 'capacity_avaliable', return_value=False) as mock_method:
+                self.app.config["HUB_MODEL"] = MockHub()
+
+                client.post(url_for("console.create"), data=data)
+                capacity_message = \
+                    '\n      host(s) at capacity. no capsuls can be created at this time. sorry. \n    '
+                self.assert_message_flashed(capacity_message, category='message')
+
+                self.assertEqual(
+                    len(get_model().list_vms_for_account('test@example.com')),
+                    0
+                )
+            mock_method.assert_called_with(512 * 1024 * 1024)
+
+    def test_create_fails_invalid(self):
+        with self.client as client:
+            client.get(url_for("console.create"))
+            csrf_token = self.get_context_variable('csrf_token')
+
+            data = self.capsul_data
+            data['csrf-token'] = csrf_token
+            data['os'] = ''
+            client.post(url_for("console.create"), data=data)
+
+            self.assert_message_flashed(
+                'OS is required', 
+                category='message'
+            )
+
+            self.assertEqual(
+                len(get_model().list_vms_for_account('test@example.com')),
+                0
+            )
+
+    def test_create_succeeds(self):
+        with self.client as client:
+            client.get(url_for("console.create"))
+            csrf_token = self.get_context_variable('csrf_token')
+
+            data = self.capsul_data
+            data['csrf-token'] = csrf_token
+            response = client.post(url_for("console.create"), data=data)
+
+            # FIXME: mock create doesn't create, see #83
+            # vms = get_model().list_vms_for_account('test@example.com')
+            # self.assertEqual(
+            #     len(vms),
+            #     1 
+            # )
+            #
+            # vm_id = vms[0].id
+            #
+            # self.assertRedirects(
+            #     response, 
+            #     url_for("console.index") + f'?{vm_id}'
+            # )
+
+    def test_keys_loads(self):
+        self._login('test@example.com')
+        with self.client as client:
+            response = client.get(url_for("console.ssh_api_keys"))
+            self.assert_200(response)
+            keys = self.get_context_variable('ssh_public_keys')
+            self.assertEqual(keys[0]['name'], 'key')
+
+    def test_keys_add_ssh_fails_invalid(self):
+        self._login('test@example.com')
+        with self.client as client:
+            client.get(url_for("console.ssh_api_keys"))
+            csrf_token = self.get_context_variable('csrf_token')
+
+            data = self.ssh_key_data
+            data['csrf-token'] = csrf_token
+
+            data_invalid_content = data
+            data_invalid_content['content'] = 'foo'
+            client.post(
+                url_for("console.ssh_api_keys"),
+                data=data_invalid_content
+            )
+
+            self.assert_message_flashed(
+                'Content must match "^(ssh|ecdsa)-[0-9A-Za-z+/_=@:. -]+$"',
+                category='message'
+            )
+
+            data_missing_content = data
+            data_missing_content['content'] = ''
+            client.post(url_for("console.ssh_api_keys"), data=data_missing_content)
+
+            self.assert_message_flashed(
+                'Content is required', category='message'
+            )
+
+    def test_keys_add_ssh_fails_duplicate(self):
+        self._login('test@example.com')
+        with self.client as client:
+            client.get(url_for("console.ssh_api_keys"))
+            csrf_token = self.get_context_variable('csrf_token')
+
+            data = self.ssh_key_data
+            data['csrf-token'] = csrf_token
+            data['name'] = 'key'
+            client.post(url_for("console.ssh_api_keys"), data=data)
+
+            self.assert_message_flashed(
+                'A key with that name already exists',
+                category='message'
+            )
+
+            data = self.ssh_key_data
+            data['csrf-token'] = csrf_token
+            data['name'] = 'key'
+            client.post(url_for("console.ssh_api_keys"), data=data)
+
+            self.assert_message_flashed(
+                'A key with that name already exists',
+                category='message'
+            )
+
+    def setUp(self):
+        self._login('test@example.com')
+        get_model().create_ssh_public_key('test@example.com', 'key', 'foo') 
+
+    def tearDown(self):
+        get_model().delete_ssh_public_key('test@example.com', 'key') 
--- a/capsulflask/tests/test_landing.py
+++ b/capsulflask/tests/test_landing.py
@ -0,0 +1,14 @@
+from capsulflask.tests_base import BaseTestCase
+
+
+class LandingTests(BaseTestCase):
+    #: Do not render templates, we're only testing logic here.
+    render_templates = False
+
+    def test_landing(self):
+        pages = ['/', 'pricing', 'faq', 'about-ssh', 'changelog', 'support']
+
+        with self.client as client:
+            for page in pages:
+                response = client.get(page)
+                self.assert_200(response)
--- a/capsulflask/tests/test_publicapi.py
+++ b/capsulflask/tests/test_publicapi.py
@ -0,0 +1,45 @@
+from base64 import b64encode
+import requests
+
+from flask import url_for
+
+from capsulflask.db import get_model
+from capsulflask.tests_base import BaseLiveServerTestCase
+
+
+class PublicAPITests(BaseLiveServerTestCase):
+    def test_server_is_up_and_running(self):
+        response = requests.get(self.get_server_url())
+        self.assertEqual(response.status_code, 200)
+
+    def test_capsul_create_succeeds(self):
+        response = requests.post(
+            self.get_server_url() +
+            url_for('publicapi.capsul_create'),
+            headers={'Authorization': self.token},
+            json={
+                'size': 'f1-xs',
+                'os': 'openbsd68',
+                'ssh_key_0': 'key'
+            }
+        )
+
+        self.assertEqual(response.status_code, 200)
+
+        # FIXME: mock create doesn't create, see #83
+        # vms = get_model().list_vms_for_account('test@example.com')
+        # 
+        # self.assertEqual(
+        #     len(vms),
+        #     1
+        # )
+
+    def setUp(self):
+        get_model().create_ssh_public_key('test@example.com', 'key', 'foo') 
+        self.token = b64encode(
+            get_model().generate_api_token('test@example.com', 'apikey').encode('utf-8')
+        ).decode('utf-8')
+
+    def tearDown(self):
+        get_model().delete_ssh_public_key('test@example.com', 'key') 
+        get_model().delete_api_token('test@example.com', 1)
--- a/capsulflask/tests_base.py
+++ b/capsulflask/tests_base.py
@ -0,0 +1,35 @@
+import os
+from nanoid import generate
+
+from flask_testing import TestCase, LiveServerTestCase
+
+from capsulflask import create_app
+from capsulflask.db import get_model
+
+
+class BaseSharedTestCase(object):
+    def create_app(self):
+        # Use default connection paramaters
+        os.environ['POSTGRES_CONNECTION_PARAMETERS'] = "host=localhost port=5432 user=postgres password=dev dbname=capsulflask_test"
+        os.environ['TESTING'] = '1'
+        os.environ['SPOKE_MODEL'] = 'mock'
+        os.environ['HUB_MODEL'] = 'mock'
+        return create_app()
+
+    def setUp(self):
+        pass
+
+    def tearDown(self):
+        pass
+
+
+class BaseTestCase(BaseSharedTestCase, TestCase):
+    def _login(self, user_email):
+        get_model().login(user_email)
+        with self.client.session_transaction() as session:
+            session['account'] = user_email
+            session['csrf-token'] = generate()
+
+
+class BaseLiveServerTestCase(BaseSharedTestCase, LiveServerTestCase):
+    pass
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,29 +0,0 @@
---
-version: "3.8"
-
-services:
-  app:
-    image: 3wordchant/capsul-flask:latest
-    build: .
-    volumes:
-      - "./:/app/code"
-    depends_on:
-      - db
-    ports:
-      - "5000:5000"
-    environment:
-      - "POSTGRES_CONNECTION_PARAMETERS=host=db port=5432 user=capsul password=capsul dbname=capsul"
-    # The image uses gunicorn by default, let's override it with Flask's
-    # built-in development server
-    command: ["flask", "run", "-h", "0.0.0.0", "-p", "5000"]
-  db:
-    image: "postgres:9.6.5"
-    volumes:
-      - "postgres:/var/lib/postgresql/data"
-    environment:
-      POSTGRES_USER: capsul
-      POSTGRES_PASSWORD: capsul
-      POSTGRES_DB: capsul
-
-volumes:
-  postgres:
Author	SHA1	Message	Date
3wc	e1f2318273	Merge branch 'tests' into publicapi-tests	2021-07-17 13:37:43 +02:00
3wc	7b9e9debab	Disable VM creation check for the moment	2021-07-17 13:37:28 +02:00
3wc	bef379273f	Fix botched merge	2021-07-17 13:32:54 +02:00
3wc	82c0c63ff4	Add tests for public API	2021-07-17 13:29:16 +02:00
3wc	d5e0e069d1	Merge branch 'tests' into publicapi-tests	2021-07-17 13:28:50 +02:00
3wc	b8d149e862	Updates for upstream IP handling	2021-07-17 13:23:43 +02:00
3wc	cf42ac5e4d	Add basic "create" API.. .. using server-side API tokens	2021-07-17 12:18:16 +02:00
3wc	9823bda4a2	Add SSH key tests	2021-07-17 12:10:28 +02:00
3wc	4c7caa1a38	Initial console tests NB capsul create isn't working properly, see #83	2021-07-17 11:54:15 +02:00
3wc	665e087bd4	Basic testing using flask-testing This commit makes it possible to override settings during tests, by switching capsulflask/__init__.py to a "create_app" pattern, and using `dotenv_values` instead of `load_dotenv`. The create_app() method returns a Flask app instance, to give more control over when to initialise the app. This allows setting environment variables in test files. Then, use dotenv_values to override loaded .env variables with ones from the environment, so that tests can set `POSTGRES_CONNECTION_PARAMETERS` and `SPOKE_MODEL` (possibly others in future..). Inital tests for the "landing" pages, and login / activation, are included.	2021-07-17 10:38:04 +02:00
forest	908d02803f	move hardcoding public3 to the right place	2021-07-12 16:10:28 -05:00
forest	6e6bd2b143	fix syntax error	2021-07-12 16:00:37 -05:00
forest	47fbaab403	hardcode network_name=public3 to sidestep phantom dhcp lease issues	2021-07-12 15:59:20 -05:00