tests fixes

tests/test_auth.py

@@ -135,9 +135,14 @@ def test_warning_banner(
         warning_banner = (
             '<div class="alert alert-danger" role="alert" id="other-error">'
             '401 Unauthorized: Unauthorized<br />'
-            '<a href=/api/v1.0/permissions?testcase=a.b.c>'
+            '<a href="/api/v1.0/permissions?testcase=a.b.c&html=on">'
             'See who has permission to waive a.b.c test case.</a></div>'
         )
+        if warning_banner not in r.text:
+            print(warning_banner)
+            print(" === VS. === ")
+            print(r.text)
+        assert 'other-error' in r.text
         assert warning_banner in r.text
         assert r.status_code == 200
 
@@ -156,22 +161,7 @@ def test_no_warning_banner(
         assert "other-error" not in r.text
         assert r.status_code == 200
 
-    def test_new_waiver_banner(
-        self,
-        oidc_token,
-        session,
-        client,
-    ):
-        headers = {'Authorization': 'Bearer foobar'}
-        r = client.get('/api/v1.0/waivers/new?new_waiver_id=123', headers=headers)
-        banner = (
-            '<div class="alert alert-success" role="alert">'
-            '<a href="/api/v1.0/waivers/123">New waiver created.</a>'
-            '</div>'
-        )
-        assert banner in r.text
-        assert r.status_code == 200
-
+    # tests only redirect of deprecated resource
     def test_create_new_waiver(
         self,
         verify_authorization,
@@ -189,45 +179,14 @@ def test_create_new_waiver(
             headers=headers,
             follow_redirects=True,
         )
-        assert 'New waiver created.' in r.text
-        assert r.status_code == 200
-        assert r.request.base_url.endswith('/api/v1.0/waivers/new')
-        expected_args = {
-            k: v
-            for k, v in WAIVER_DATA.items()
-            if isinstance(v, str)
-        }
-        expected_args['new_waiver_id'] = '1'
-        assert dict(r.request.args) == expected_args
-
-    def test_create_new_waiver_unauthorized(
-        self,
-        verify_authorization,
-        permissions,
-        oidc_token,
-        session,
-        client,
-    ):
-        verify_authorization.side_effect = Unauthorized("Unauthorized")
-        permissions.return_value = [{"testcases": ["a.b.c"], "groups": []}]
-        headers = {'Authorization': 'Bearer foobar'}
-        url = f'/api/v1.0/waivers/create?{WAIVER_PARAMS}'
-        r = client.get(
-            url,
-            headers=headers,
-            follow_redirects=True,
-        )
-        assert '401 Unauthorized: Unauthorized' in r.text
-        assert 'New waiver created.' not in r.text
-        assert r.status_code == 200
         assert r.request.base_url.endswith('/api/v1.0/waivers/new')
         expected_args = {
             k: v
             for k, v in WAIVER_DATA.items()
             if isinstance(v, str)
         }
-        expected_args['error'] = mock.ANY
         assert dict(r.request.args) == expected_args
+        assert 'new_waiver_id' not in dict(r.request.args)
 
 
 @pytest.mark.usefixtures('enable_ssl')

waiverdb/api_v1.py

@@ -386,45 +386,22 @@ def get(self):
         :statuscode 200: The HTML with the form is returned.
         """
         warning = request.args.get("error") or _authorization_warning(request)
-        new_waiver_id = request.args.get("new_waiver_id")
-        new_waiver_url = None
-        if new_waiver_id is not None:
-            new_waiver_url = url_for('api_v1.waiver_resource', waiver_id=new_waiver_id)
         html = render_template(
             'new_waiver.html',
             warning=warning,
             error=request.args.get("error"),
-            new_waiver_url=new_waiver_url,
             request_args=request.args,
         )
         return Response(html, mimetype='text/html')
 
 
 class WaiversCreateResource(WaiversResource):
+    """
+    Deprecated, kept as a redirect for a backward compatibility
+    """
     @oidc.require_login
-    @validate()
-    def get(self, query: CreateWaiver):
-        user = oidc.user_getfield(current_app.config["OIDC_USERNAME_FIELD"])
-        try:
-            result = self._create_waiver(query, user)
-        except Unauthorized as e:
-            error = _authorization_warning_from_exception(e, query.testcase)
-            url = url_for(
-                "api_v1.waivers_new_resource",
-                error=error,
-                **request.args,
-            )
-            return redirect(url)
-
-        db.session.add(result)
-        db.session.commit()
-
-        url = url_for(
-            "api_v1.waivers_new_resource",
-            new_waiver_id=result.id,
-            **request.args,
-        )
-        return redirect(url)
+    def get(self):
+        return redirect(url_for("api_v1.waivers_new_resource", **request.args))
 
 
 class WaiverResource(Resource):

waiverdb/templates/layout.html

@@ -19,7 +19,7 @@
         <script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-OERcA2EqjJCMA+/3y+gxIOqMEjwtxJY7qPCqsdltbNJuaOe923+mo//f6V8Qbsw3" crossorigin="anonymous"></script>
         <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha384-1H217gwSVyLSIfaLxHbE7dRb3v4mYCKbpQvzx0cegeju1MVsGrX5xXxAvs/HgeFs" crossorigin="anonymous"></script>
         <script>
-const WAIVERS_URL = "/api/v1.0/waivers/";
+const WAIVERS_URL = "{{ url_for('api_v1.waivers_resource') }}";
 
 $(document).ready(function () {
     $("form").on("submit", function(ev) {