Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Four days ago, bottle released version 0.13.0 and
v0.13.1
two days afterwards. Unfortunately, these versions are incompatible with pretenders, which we use intest_access
to mock a local http server which we can target with access-related requests.Pretenders hasn't been updated in two years, so I think it's unlikely we'll receive a patch here. For clarification, I've still opened pretenders/pretenders#153, though.
To replace pretenders, I thought about using
monkeypatch
to patch the result ofself._backend.get_auth()
inPlatform.check_access()
, but that would probably miss the point since we want to test this authentication-getting function, I think.I've considered responses (as suggested here) but couldn't quite get it to work. Maybe the information I'm missing is not in their docs or maybe it's just too awkward to configure a mock server response for the authentication code, which seems to be baked into the old java code.
Next, I've tried pytest-httpserver, which just needs to be installed with
pip
and is then immediately available as a pytest fixture. I got a little further here, did at least manage to get the login request sent to the mock server, but still couldn't make it work because I was apparently missing something about json-deserialization, strings and lists in java:Lastly, I considered migrating the code from pretenders into our code base (the essential part at least) and using bottle directly. However, this seems unwise in terms of maintenance. So for now, this PR pins the bottle version to the latest working one. In an ideal world, we put a bit more focus on developing ixmp4 and begin the migration still this year, so that we don't have to worry about this for too long.
Alternatively, we might have to revisit this and fix our mocking approach when the pinned bottle version doesn't support the latest python version or some such.
How to review
Please jump in here if you have a good idea for a sustainable solution. Otherwise, just note the CI checks all pass ... for now.
@khaeru Please let me know if we should also put this pin in
pyproject.toml
. If we don't, new installations will probably end up with not-working dependencies.PR checklist
[ ] Add or expand tests; coverage checks both ✅Just CI.[ ] Add, expand, or update documentation.Just CI.