def test_user_on_delete_is_admin_delete_ok(client, superuser):
create_user("test-user", "test-password")
resp = client.simulate_delete(
"/api/test/users/test-user",
headers={"Authorization": f"Token {superuser}"})
assert resp.status_code == 200
assert resp.json["status"] == "Success"
def test_user_on_put_not_admin_bad(client):
create_user("test-user", "test-password")
u = create_user("-another-test-user", "another-test-password")
json = {"password": "******"}
resp = client.simulate_put("/api/test/users/test-user",
headers={"Authorization": f"Token {u}"},
json=json)
assert resp.status_code == 403
def test_user_on_put_is_admin(client, superuser):
create_user("test-user", "test-password")
json = {
"password": "******",
"is_admin": True,
"is_manager": True,
"is_active": False,
}
resp = client.simulate_put(
"/api/test/users/test-user",
headers={"Authorization": f"Token {superuser}"},
json=json,
)
assert resp.status_code == 200
assert resp.json["status"] == "Success"
def test_user_on_put_not_admin_bad_own_attributes(client):
u = create_user("test-user", "test-password")
json = {"is_admin": True}
resp = client.simulate_put("/api/test/users/test-user",
headers={"Authorization": f"Token {u}"},
json=json)
assert resp.status_code == 403
def on_post(self,
req: falcon.Request,
resp: falcon.Response,
username: str = None):
username = req.media.get("username", None)
password = req.media.get("password", None)
is_admin = req.media.get("is_admin", False)
is_manager = req.media.get("is_manager", False)
is_active = req.media.get("is_active", True)
try:
create_user(username, password, is_admin, is_manager, is_active)
resp.status = falcon.HTTP_201
resp.media = {"status": "Success", "message": "New user created."}
except IntegrityError:
raise falcon.HTTPBadRequest("Bad Request",
"Username already exists.")
def test_user_on_post_is_admin_username_exists(client, superuser):
u = create_user("test-user", "test-password")
json = {"username": "******", "password": "******"}
resp = client.simulate_post(
"/api/test/users",
headers={"Authorization": f"Token {superuser}"},
json=json)
assert resp.status_code == 400
def on_post(self, req: falcon.Request, resp: falcon.Response):
if User.select().where(User.is_admin).count() > 0:
raise falcon.HTTPBadRequest("Bad Request",
"App already initialized.")
token = create_user(
username=req.media.get("username"),
password=req.media.get("password"),
is_admin=True,
)
resp.status = falcon.HTTP_201
resp.media = {
"status": "Success",
"token": token,
"message": "First admin user created.",
}
def superuser(client):
u = create_user(username="******", password="******", is_admin=True)
return u
def test_user_on_get_list_is_admin(client, superuser):
u = create_user("test-user", "test-password")
resp = client.simulate_get("/api/test/users",
headers={"Authorization": f"Token {superuser}"})
assert resp.status_code == 200
assert "users" in resp.json
def test_user_on_get_found_not_admin_bad(client, superuser):
u = create_user("test-user", "test-password")
resp = client.simulate_get("/api/test/users/superuser",
headers={"Authorization": f"Token {u}"})
assert resp.status_code == 403
def test_token_on_get_found_is_not_admin_ok(client, superuser):
u = create_user("test-user", "test-user")
resp = client.simulate_get("/api/test/tokens/test-user",
headers={"Authorization": f"Token {u}"})
assert resp.status_code == 200
assert "token" in resp.json
def test_token_on_put_is_not_admin_bad(client, superuser):
u = create_user("test-user", "test-user")
resp = client.simulate_put("/api/test/tokens/superuser",
headers={"Authorization": f"Token {u}"})
assert resp.status_code == 403
