allura-commits mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	kentontay...@apache.org
Subject	[1/2] allura git commit: Better bearer token https check; Unauthorized instead of Forbidden. Details:
Date	Tue, 30 Jan 2018 14:57:59 GMT
Repository: allura Updated Branches: refs/heads/master 9a30fec1a -> 8666cbb17 Better bearer token https check; Unauthorized instead of Forbidden. Details: * widen the https check logic, in case app is running behind a reverse proxy * change various auth responses from 403 -> 401 to reflect unauth'd better * stricter status check in test helper (and update a lot of tests to match) Project: http://git-wip-us.apache.org/repos/asf/allura/repo Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/4a5d2002 Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/4a5d2002 Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/4a5d2002 Branch: refs/heads/master Commit: 4a5d2002607b6c13cfe466c082295a96aacd88d9 Parents: f5443b8 Author: Dave Brondsema <dave@brondsema.net> Authored: Fri Jan 26 14:24:00 2018 -0500 Committer: Dave Brondsema <dave@brondsema.net> Committed: Fri Jan 26 14:45:26 2018 -0500 ---------------------------------------------------------------------- Allura/allura/controllers/rest.py \| 35 ++++++++--------- Allura/allura/tests/functional/test_admin.py \| 28 +++++--------- Allura/allura/tests/functional/test_auth.py \| 14 +++---- Allura/allura/tests/functional/test_home.py \| 5 +-- Allura/allura/tests/functional/test_rest.py \| 40 +++++++++----------- Allura/allura/tests/test_webhooks.py \| 3 +- AlluraTest/alluratest/controller.py \| 2 +- .../forgeblog/tests/functional/test_rest.py \| 6 +-- .../forgeblog/tests/functional/test_root.py \| 1 - .../tests/functional/test_import.py \| 4 +- .../tests/functional/test_controllers.py \| 2 - .../forgewiki/tests/functional/test_rest.py \| 3 +- 12 files changed, 61 insertions(+), 82 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/Allura/allura/controllers/rest.py ---------------------------------------------------------------------- diff --git a/Allura/allura/controllers/rest.py b/Allura/allura/controllers/rest.py index 915517c..2913bee 100644 --- a/Allura/allura/controllers/rest.py +++ b/Allura/allura/controllers/rest.py @@ -135,13 +135,17 @@ class OAuthNegotiator(object): # skip https check if auth invoked from tests testing = request.environ.get('paste.testing', False) debug = asbool(config.get('debug', False)) - if not testing and request.scheme != 'https' and not debug: + if not any((testing, + request.scheme == 'https', + request.environ.get('HTTP_X_FORWARDED_SSL') == 'on', + request.environ.get('HTTP_X_FORWARDED_PROTO') == 'https', + debug)): request.environ['pylons.status_code_redirect'] = True - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized('HTTPS is required to use bearer tokens %s' % request.environ) access_token = M.OAuthAccessToken.query.get(api_key=access_token) if not (access_token and access_token.is_bearer): request.environ['pylons.status_code_redirect'] = True - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized return access_token req = oauth.Request.from_request( request.method, @@ -150,23 +154,20 @@ class OAuthNegotiator(object): parameters=dict(request.params), query_string=request.query_string ) - consumer_token = M.OAuthConsumerToken.query.get( - api_key=req['oauth_consumer_key']) - access_token = M.OAuthAccessToken.query.get( - api_key=req['oauth_token']) + consumer_token = M.OAuthConsumerToken.query.get(api_key=req['oauth_consumer_key']) + access_token = M.OAuthAccessToken.query.get(api_key=req['oauth_token']) if consumer_token is None: log.error('Invalid consumer token') return None - raise exc.HTTPForbidden if access_token is None: log.error('Invalid access token') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized consumer = consumer_token.consumer try: self.server.verify_request(req, consumer, access_token.as_token()) except: log.error('Invalid signature') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized return access_token @expose() @@ -182,13 +183,13 @@ class OAuthNegotiator(object): api_key=req['oauth_consumer_key']) if consumer_token is None: log.error('Invalid consumer token') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized consumer = consumer_token.consumer try: self.server.verify_request(req, consumer, None) except: log.error('Invalid signature') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized req_token = M.OAuthRequestToken( consumer_token_id=consumer_token._id, callback=req.get('oauth_callback', 'oob') @@ -203,7 +204,7 @@ class OAuthNegotiator(object): rtok = M.OAuthRequestToken.query.get(api_key=oauth_token) if rtok is None: log.error('Invalid token %s', oauth_token) - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized rtok.user_id = c.user._id return dict( oauth_token=oauth_token, @@ -245,14 +246,14 @@ class OAuthNegotiator(object): api_key=req['oauth_token']) if consumer_token is None: log.error('Invalid consumer token') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized if request_token is None: log.error('Invalid request token') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized pin = req['oauth_verifier'] if pin != request_token.validation_pin: log.error('Invalid verifier') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized rtok = request_token.as_token() rtok.set_verifier(pin) consumer = consumer_token.consumer @@ -260,7 +261,7 @@ class OAuthNegotiator(object): self.server.verify_request(req, consumer, rtok) except: log.error('Invalid signature') - raise exc.HTTPForbidden + raise exc.HTTPUnauthorized acc_token = M.OAuthAccessToken( consumer_token_id=consumer_token._id, request_token_id=request_token._id, http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/Allura/allura/tests/functional/test_admin.py ---------------------------------------------------------------------- diff --git a/Allura/allura/tests/functional/test_admin.py b/Allura/allura/tests/functional/test_admin.py index c7136ae..4fc0023 100644 --- a/Allura/allura/tests/functional/test_admin.py +++ b/Allura/allura/tests/functional/test_admin.py @@ -1338,32 +1338,27 @@ class TestRestInstallTool(TestRestApiBase): class TestRestAdminOptions(TestRestApiBase): def test_no_mount_point(self): - r = self.api_get('/rest/p/test/admin/admin_options/') - assert_equals(r.status, '400 Bad Request') + r = self.api_get('/rest/p/test/admin/admin_options/', status=400) assert_in('Must provide a mount point', r.body) def test_invalid_mount_point(self): - r = self.api_get('/rest/p/test/admin/admin_options/?mount_point=asdf') - assert_equals(r.status, '400 Bad Request') + r = self.api_get('/rest/p/test/admin/admin_options/?mount_point=asdf', status=400) assert_in('The mount point you provided was invalid', r.body) @td.with_tool('test', 'Git', 'git') def test_valid_mount_point(self): - r = self.api_get('/rest/p/test/admin/admin_options/?mount_point=git') - assert_equals(r.status, '200 OK') + r = self.api_get('/rest/p/test/admin/admin_options/?mount_point=git', status=200) assert_is_not_none(r.json['options']) class TestRestMountOrder(TestRestApiBase): def test_no_kw(self): - r = self.api_post('/rest/p/test/admin/mount_order/') - assert_equals(r.status, '400 Bad Request') + r = self.api_post('/rest/p/test/admin/mount_order/', status=400) assert_in('Expected kw params in the form of "ordinal: mount_point"', r.body) def test_invalid_kw(self): data = {'1': 'git', 'two': 'admin'} - r = self.api_post('/rest/p/test/admin/mount_order/', data) - assert_equals(r.status, '400 Bad Request') + r = self.api_post('/rest/p/test/admin/mount_order/', status=400, data) assert_in('Invalid kw: expected "ordinal: mount_point"', r.body) @td.with_wiki @@ -1408,8 +1403,8 @@ class TestRestMountOrder(TestRestApiBase): class TestRestToolGrouping(TestRestApiBase): def test_invalid_grouping_threshold(self): for invalid_value in ('100', 'asdf'): - r = self.api_post('/rest/p/test/admin/configure_tool_grouping/', grouping_threshold=invalid_value) - assert_equals(r.status, '400 Bad Request') + r = self.api_post('/rest/p/test/admin/configure_tool_grouping/', grouping_threshold=invalid_value, + status=400) assert_in('Invalid threshold. Expected a value between 1 and 10', r.body) @td.with_wiki @@ -1417,16 +1412,14 @@ class TestRestToolGrouping(TestRestApiBase): @td.with_tool('test', 'Wiki', 'wiki3') def test_valid_grouping_threshold(self): # Set threshold to 2 - r = self.api_post('/rest/p/test/admin/configure_tool_grouping/', grouping_threshold='2') - assert_equals(r.status, '200 OK') + r = self.api_post('/rest/p/test/admin/configure_tool_grouping/', grouping_threshold='2', status=200) # The 'wiki' mount_point should not exist at the top level result1 = self.app.get('/p/test/_nav.json') assert_not_in('wiki', [tool['mount_point'] for tool in result1.json['menu']]) # Set threshold to 3 - r = self.api_post('/rest/p/test/admin/configure_tool_grouping/', grouping_threshold='3') - assert_equals(r.status, '200 OK') + r = self.api_post('/rest/p/test/admin/configure_tool_grouping/', grouping_threshold='3', status=200) # The wiki mount_point should now be at the top level of the menu result2 = self.app.get('/p/test/_nav.json') @@ -1435,6 +1428,5 @@ class TestRestToolGrouping(TestRestApiBase): class TestInstallableTools(TestRestApiBase): def test_installable_tools_response(self): - r = self.api_get('/rest/p/test/admin/installable_tools') - assert_equals(r.status, '200 OK') + r = self.api_get('/rest/p/test/admin/installable_tools', status=200) assert_in('External Link', [tool['tool_label'] for tool in r.json['tools']]) http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/Allura/allura/tests/functional/test_auth.py ---------------------------------------------------------------------- diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py index 780e1cf..54e2dff 100644 --- a/Allura/allura/tests/functional/test_auth.py +++ b/Allura/allura/tests/functional/test_auth.py @@ -1597,7 +1597,7 @@ class TestOAuth(TestController): Request.from_request.return_value = { 'oauth_consumer_key': 'api_key'} self.app.post('/rest/oauth/request_token', - params={'key': 'value'}, status=403) + params={'key': 'value'}, status=401) @mock.patch('allura.controllers.rest.oauth.Server') @mock.patch('allura.controllers.rest.oauth.Request') @@ -1611,7 +1611,7 @@ class TestOAuth(TestController): ) ThreadLocalORMSession.flush_all() Request.from_request.return_value = {'oauth_consumer_key': 'api_key'} - self.app.post('/rest/oauth/request_token', params={'key': 'value'}, status=403) + self.app.post('/rest/oauth/request_token', params={'key': 'value'}, status=401) def test_authorize_ok(self): user = M.User.by_username('test-admin') @@ -1632,7 +1632,7 @@ class TestOAuth(TestController): assert_in('api_key', r.body) def test_authorize_invalid(self): - self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key'}, status=403) + self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key'}, status=401) def test_do_authorize_no(self): user = M.User.by_username('test-admin') @@ -1710,7 +1710,7 @@ class TestOAuth(TestController): 'oauth_token': 'api_key', 'oauth_verifier': 'good', } - self.app.get('/rest/oauth/access_token', status=403) + self.app.get('/rest/oauth/access_token', status=401) @mock.patch('allura.controllers.rest.oauth.Request') def test_access_token_no_request(self, Request): @@ -1726,7 +1726,7 @@ class TestOAuth(TestController): description='ctok_desc', ) ThreadLocalORMSession.flush_all() - self.app.get('/rest/oauth/access_token', status=403) + self.app.get('/rest/oauth/access_token', status=401) @mock.patch('allura.controllers.rest.oauth.Request') def test_access_token_bad_pin(self, Request): @@ -1749,7 +1749,7 @@ class TestOAuth(TestController): validation_pin='good', ) ThreadLocalORMSession.flush_all() - self.app.get('/rest/oauth/access_token', status=403) + self.app.get('/rest/oauth/access_token', status=401) @mock.patch('allura.controllers.rest.oauth.Server') @mock.patch('allura.controllers.rest.oauth.Request') @@ -1774,7 +1774,7 @@ class TestOAuth(TestController): ) ThreadLocalORMSession.flush_all() Server().verify_request.side_effect = ValueError - self.app.get('/rest/oauth/access_token', status=403) + self.app.get('/rest/oauth/access_token', status=401) @mock.patch('allura.controllers.rest.oauth.Server') @mock.patch('allura.controllers.rest.oauth.Request') http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/Allura/allura/tests/functional/test_home.py ---------------------------------------------------------------------- diff --git a/Allura/allura/tests/functional/test_home.py b/Allura/allura/tests/functional/test_home.py index f3d2197..e8eb577 100644 --- a/Allura/allura/tests/functional/test_home.py +++ b/Allura/allura/tests/functional/test_home.py @@ -258,10 +258,7 @@ class TestProjectHome(TestController): }) # Try to access the installed tool as anon. - r = self.app.get('/p/test/test-mount/test-sub/', - extra_environ = dict(username='anonymous'), - status=404) - assert (r.status_int == 403 or r.status_int == 404) + r = self.app.get('/p/test/test-mount/test-sub/', extra_environ=dict(username='anonymous'), status=404) # Try to access the installed tool as Admin. r = self.app.get('/p/test/test-mount/test-sub/').follow() http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/Allura/allura/tests/functional/test_rest.py ---------------------------------------------------------------------- diff --git a/Allura/allura/tests/functional/test_rest.py b/Allura/allura/tests/functional/test_rest.py index 6a54972..306cdbc 100644 --- a/Allura/allura/tests/functional/test_rest.py +++ b/Allura/allura/tests/functional/test_rest.py @@ -21,6 +21,7 @@ from pylons import app_globals as g import mock from nose.tools import assert_equal, assert_in, assert_not_in from ming.odm import ThreadLocalODMSession +from tg import config from allura.tests import decorators as td from alluratest.controller import TestRestApiBase @@ -45,8 +46,7 @@ class TestRestHome(TestRestApiBase): self._patch_token(OAuthAccessToken) access_token = OAuthAccessToken.query.get.return_value access_token.is_bearer = False - r = self.api_post('/rest/p/test/wiki', access_token='foo') - assert_equal(r.status_int, 403) + r = self.api_post('/rest/p/test/wiki', access_token='foo', status=401) OAuthAccessToken.query.get.assert_called_once_with(api_key='foo') @mock.patch('allura.controllers.rest.M.OAuthAccessToken') @@ -57,8 +57,7 @@ class TestRestHome(TestRestApiBase): request.scheme = 'https' self._patch_token(OAuthAccessToken) OAuthAccessToken.query.get.return_value = None - r = self.api_post('/rest/p/test/wiki', access_token='foo') - assert_equal(r.status_int, 403) + r = self.api_post('/rest/p/test/wiki', access_token='foo', status=401) @mock.patch('allura.controllers.rest.request') @td.with_wiki @@ -98,8 +97,7 @@ class TestRestHome(TestRestApiBase): self._patch_token(OAuthAccessToken) access_token = OAuthAccessToken.query.get.return_value access_token.is_bearer = False - r = self.api_post('/rest/p/test/wiki', access_token='foo') - assert_equal(r.status_int, 403) + r = self.api_post('/rest/p/test/wiki', access_token='foo', status=401) OAuthAccessToken.query.get.assert_called_once_with(api_key='foo') @mock.patch('allura.controllers.rest.M.OAuthAccessToken') @@ -111,11 +109,11 @@ class TestRestHome(TestRestApiBase): request.scheme = 'https' self._patch_token(OAuthAccessToken) OAuthAccessToken.query.get.return_value = None - r = self.api_post('/rest/p/test/wiki', access_token='foo') - assert_equal(r.status_int, 403) + r = self.api_post('/rest/p/test/wiki', access_token='foo', status=401) @mock.patch('allura.controllers.rest.request') @td.with_wiki + @mock.patch.dict(config, debug=False) def test_bearer_token_valid_via_headers(self, request): user = M.User.by_username('test-admin') consumer_token = M.OAuthConsumerToken( @@ -141,20 +139,20 @@ class TestRestHome(TestRestApiBase): 'Authorization': 'Bearer {}'.format(token) } request.scheme = 'https' - r = self.api_post('/rest/p/test/wiki', access_token='foo') - assert_equal(r.status_int, 200) + r = self.api_post('/rest/p/test/wiki', access_token='foo', status=200) + # reverse proxy situation + request.scheme = 'http' + request.environ['paste.testing'] = False + request.environ['HTTP_X_FORWARDED_PROTOx'] = 'https' + r = self.api_post('/rest/p/test/wiki', access_token='foo', status=200) def test_bad_path(self): - r = self.api_post('/rest/1/test/wiki/') - assert r.status_int == 404 - r = self.api_post('/rest/p/1223/wiki/') - assert r.status_int == 404 - r = self.api_post('/rest/p/test/12wiki/') - assert r.status_int == 404 + r = self.api_post('/rest/1/test/wiki/', status=404) + r = self.api_post('/rest/p/1223/wiki/', status=404) + r = self.api_post('/rest/p/test/12wiki/', status=404) def test_no_api(self): - r = self.api_post('/rest/p/test/admin/') - assert r.status_int == 404 + r = self.api_post('/rest/p/test/admin/', status=404) @td.with_wiki def test_project_ping(self): @@ -256,8 +254,7 @@ class TestRestHome(TestRestApiBase): assert_equal(r.status_int, 200) assert_equal(r.json['title'], 'Home') - r = self.api_get('/rest/p/admin/installable_tools') - assert_equal(r.status_int, 403) + r = self.api_get('/rest/p/admin/installable_tools', status=403) r = self.api_get('/rest/p/admin/installable_tools', user='root') assert_equal(r.status_int, 200) @@ -365,8 +362,7 @@ class TestRestHome(TestRestApiBase): with mock.patch('allura.lib.plugin.ProjectRegistrationProvider') as Provider: Provider.get().shortname_validator.to_python.side_effect = Invalid( 'name', 'value', {}) - r = self.api_get('/rest/p/test/') - assert r.status_int == 404 + r = self.api_get('/rest/p/test/', status=404) @td.with_wiki def test_cors_POST_req_blocked_by_csrf(self): http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/Allura/allura/tests/test_webhooks.py ---------------------------------------------------------------------- diff --git a/Allura/allura/tests/test_webhooks.py b/Allura/allura/tests/test_webhooks.py index d7fb75c..5b8df07 100644 --- a/Allura/allura/tests/test_webhooks.py +++ b/Allura/allura/tests/test_webhooks.py @@ -714,8 +714,7 @@ class TestWebhookRestController(TestRestApiBase): dd.assert_equal(r.json, expected) def test_webhook_GET_404(self): - r = self.api_get(self.url + '/repo-push/invalid') - assert_equal(r.status_int, 404) + r = self.api_get(self.url + '/repo-push/invalid', status=404) def test_webhook_GET(self): webhook = self.webhooks[0] http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/AlluraTest/alluratest/controller.py ---------------------------------------------------------------------- diff --git a/AlluraTest/alluratest/controller.py b/AlluraTest/alluratest/controller.py index 1f9ade5..b28af46 100644 --- a/AlluraTest/alluratest/controller.py +++ b/AlluraTest/alluratest/controller.py @@ -253,7 +253,7 @@ class TestRestApiBase(TestController): if wrap_args: params = {wrap_args: params} if status is None: - status = [200, 201, 301, 302, 400, 403, 404] + status = [200, 201, 301, 302] params = variabledecode.variable_encode(params, add_repetitions=False) token = self.token(user).api_key http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/ForgeBlog/forgeblog/tests/functional/test_rest.py ---------------------------------------------------------------------- diff --git a/ForgeBlog/forgeblog/tests/functional/test_rest.py b/ForgeBlog/forgeblog/tests/functional/test_rest.py index 8acdd87..157b387 100644 --- a/ForgeBlog/forgeblog/tests/functional/test_rest.py +++ b/ForgeBlog/forgeblog/tests/functional/test_rest.py @@ -95,12 +95,10 @@ class TestBlogApi(TestRestApiBase): assert_equal(r.status_int, 201) url = '/rest' + BM.BlogPost.query.find().first().url() self.api_post(url, delete='') - r = self.api_get(url) - assert_equal(r.status_int, 404) + r = self.api_get(url, status=404) def test_post_does_not_exist(self): - r = self.api_get('/rest/p/test/blog/2013/07/fake/') - assert_equal(r.status_int, 404) + r = self.api_get('/rest/p/test/blog/2013/07/fake/', status=404) def test_read_permissons(self): self.api_post('/rest/p/test/blog/', title='test', http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/ForgeBlog/forgeblog/tests/functional/test_root.py ---------------------------------------------------------------------- diff --git a/ForgeBlog/forgeblog/tests/functional/test_root.py b/ForgeBlog/forgeblog/tests/functional/test_root.py index 500b835..22a8fa3 100644 --- a/ForgeBlog/forgeblog/tests/functional/test_root.py +++ b/ForgeBlog/forgeblog/tests/functional/test_root.py @@ -193,7 +193,6 @@ class Test(TestController): def test_invalid_lookup(self): r = self.app.get('/blog/favicon.ico', status=404) - assert_equal(r.status_int, 404) def test_index_bad_url_params(self): self.app.get('/blog/?limit=blah&page=2x', status=200) http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/ForgeDiscussion/forgediscussion/tests/functional/test_import.py ---------------------------------------------------------------------- diff --git a/ForgeDiscussion/forgediscussion/tests/functional/test_import.py b/ForgeDiscussion/forgediscussion/tests/functional/test_import.py index 73b0a8f..38290e8 100644 --- a/ForgeDiscussion/forgediscussion/tests/functional/test_import.py +++ b/ForgeDiscussion/forgediscussion/tests/functional/test_import.py @@ -40,8 +40,8 @@ class TestImportController(TestRestApiBase): # TestController): def test_no_capability(self): with h.push_config(config, {'oauth.can_import_forum': 'some,fake,tokens'}): resp = self.api_post('/rest/p/test/discussion/perform_import', - doc=self.json_text) - assert resp.status_int == 403 + doc=self.json_text, + status=403) with h.push_config(config, {'oauth.can_import_forum': self.token('test-admin').api_key}): resp = self.api_post('/rest/p/test/discussion/perform_import', http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/ForgeGit/forgegit/tests/functional/test_controllers.py ---------------------------------------------------------------------- diff --git a/ForgeGit/forgegit/tests/functional/test_controllers.py b/ForgeGit/forgegit/tests/functional/test_controllers.py index dc888ff..b4b6f9b 100644 --- a/ForgeGit/forgegit/tests/functional/test_controllers.py +++ b/ForgeGit/forgegit/tests/functional/test_controllers.py @@ -255,9 +255,7 @@ class TestRootController(_TestCase): def test_tree_invalid(self): ci = self._get_ci() resp = self.app.get(ci + 'tree/foo', status=404) - assert_equal(resp.status_int, 404) resp = self.app.get(ci + 'tree/foo/bar', status=404) - assert_equal(resp.status_int, 404) def test_file(self): ci = self._get_ci() http://git-wip-us.apache.org/repos/asf/allura/blob/4a5d2002/ForgeWiki/forgewiki/tests/functional/test_rest.py ---------------------------------------------------------------------- diff --git a/ForgeWiki/forgewiki/tests/functional/test_rest.py b/ForgeWiki/forgewiki/tests/functional/test_rest.py index 85602c7..053d2a4 100644 --- a/ForgeWiki/forgewiki/tests/functional/test_rest.py +++ b/ForgeWiki/forgewiki/tests/functional/test_rest.py @@ -61,8 +61,7 @@ class TestWikiApi(TestRestApiBase): assert_equal(len(r['attachments']), 2) def test_page_does_not_exist(self): - r = self.api_get('/rest/p/test/wiki/fake/') - assert_equal(r.status_int, 404) + r = self.api_get('/rest/p/test/wiki/fake/', status=404) def test_update_page(self): data = {
Mime	Unnamed text/plain (inline, 7-Bit, 26581 bytes)
	View raw message