diff --git a/tests/test_auth.py b/tests/test_auth.py index 08d16cef..c6bb7025 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -135,9 +135,14 @@ def test_warning_banner( warning_banner = ( '' ) + if warning_banner not in r.text: + print(warning_banner) + print(" === VS. === ") + print(r.text) + assert 'other-error' in r.text assert warning_banner in r.text assert r.status_code == 200 @@ -156,22 +161,7 @@ def test_no_warning_banner( assert "other-error" not in r.text assert r.status_code == 200 - def test_new_waiver_banner( - self, - oidc_token, - session, - client, - ): - headers = {'Authorization': 'Bearer foobar'} - r = client.get('/api/v1.0/waivers/new?new_waiver_id=123', headers=headers) - banner = ( - '' - ) - assert banner in r.text - assert r.status_code == 200 - + # tests only redirect of deprecated resource def test_create_new_waiver( self, verify_authorization, @@ -189,45 +179,14 @@ def test_create_new_waiver( headers=headers, follow_redirects=True, ) - assert 'New waiver created.' in r.text - assert r.status_code == 200 - assert r.request.base_url.endswith('/api/v1.0/waivers/new') - expected_args = { - k: v - for k, v in WAIVER_DATA.items() - if isinstance(v, str) - } - expected_args['new_waiver_id'] = '1' - assert dict(r.request.args) == expected_args - - def test_create_new_waiver_unauthorized( - self, - verify_authorization, - permissions, - oidc_token, - session, - client, - ): - verify_authorization.side_effect = Unauthorized("Unauthorized") - permissions.return_value = [{"testcases": ["a.b.c"], "groups": []}] - headers = {'Authorization': 'Bearer foobar'} - url = f'/api/v1.0/waivers/create?{WAIVER_PARAMS}' - r = client.get( - url, - headers=headers, - follow_redirects=True, - ) - assert '401 Unauthorized: Unauthorized' in r.text - assert 'New waiver created.' not in r.text - assert r.status_code == 200 assert r.request.base_url.endswith('/api/v1.0/waivers/new') expected_args = { k: v for k, v in WAIVER_DATA.items() if isinstance(v, str) } - expected_args['error'] = mock.ANY assert dict(r.request.args) == expected_args + assert 'new_waiver_id' not in dict(r.request.args) @pytest.mark.usefixtures('enable_ssl') diff --git a/waiverdb/api_v1.py b/waiverdb/api_v1.py index 4785996f..2568b0a8 100644 --- a/waiverdb/api_v1.py +++ b/waiverdb/api_v1.py @@ -386,45 +386,22 @@ def get(self): :statuscode 200: The HTML with the form is returned. """ warning = request.args.get("error") or _authorization_warning(request) - new_waiver_id = request.args.get("new_waiver_id") - new_waiver_url = None - if new_waiver_id is not None: - new_waiver_url = url_for('api_v1.waiver_resource', waiver_id=new_waiver_id) html = render_template( 'new_waiver.html', warning=warning, error=request.args.get("error"), - new_waiver_url=new_waiver_url, request_args=request.args, ) return Response(html, mimetype='text/html') class WaiversCreateResource(WaiversResource): + """ + Deprecated, kept as a redirect for a backward compatibility + """ @oidc.require_login - @validate() - def get(self, query: CreateWaiver): - user = oidc.user_getfield(current_app.config["OIDC_USERNAME_FIELD"]) - try: - result = self._create_waiver(query, user) - except Unauthorized as e: - error = _authorization_warning_from_exception(e, query.testcase) - url = url_for( - "api_v1.waivers_new_resource", - error=error, - **request.args, - ) - return redirect(url) - - db.session.add(result) - db.session.commit() - - url = url_for( - "api_v1.waivers_new_resource", - new_waiver_id=result.id, - **request.args, - ) - return redirect(url) + def get(self): + return redirect(url_for("api_v1.waivers_new_resource", **request.args)) class WaiverResource(Resource): diff --git a/waiverdb/templates/layout.html b/waiverdb/templates/layout.html index dcbc1bd4..785661a1 100644 --- a/waiverdb/templates/layout.html +++ b/waiverdb/templates/layout.html @@ -19,7 +19,7 @@