Beispiel #1
0
    def test_list_users(self):
        #only authenticated admin user should be able to see the user listing
        factory = APIRequestFactory()
        view = AccountList.as_view()

        #unauthenticated
        unauth_req = factory.get('/api/v1/users/')
        response = view(unauth_req)
        self.assertEquals(response.status_code, status.HTTP_401_UNAUTHORIZED)

        #authenticated but not admin
        user = self.normal_user
        auth_request = factory.get('/api/v1/users/')
        force_authenticate(auth_request, user=user, token=self.normal_token)
        response = view(auth_request)
        self.assertEquals(response.status_code, 403)

        #authenticated admin -> OK
        user = self.super_user
        auth_request = factory.get('/api/v1/users/')
        force_authenticate(auth_request, user=user, token=self.super_token)
        response = view(auth_request)
        #check that the id of the list's first item if 1
        self.assertTrue(response.data[0]['id']==1)
        self.assertEquals(response.status_code, 200)

        #check that you are able to get only certain accouts using pks
        auth_request = factory.get('/api/v1/users/?ids=1,3')
        force_authenticate(auth_request, user=user, token=self.super_token)
        response = view(auth_request)
        self.assertEqual(len(response.data), 2)
        self.assertEqual(sorted([e['id'] for e in response.data]), [1, 3])
Beispiel #2
0
    def test_add_user(self):
        """
        everyone can create a new user
        """
        factory = APIRequestFactory()
        view = AccountList.as_view()
        dob = datetime.datetime.now() - datetime.timedelta(days=365)
        #datetime.datetime.strftime(dob, "%c")
        #dob = datetime.date.isoformat(dob)
        data = {'email': "*****@*****.**", 'username': "******",
                'password': '******', 'date_of_birth': datetime.date(2015, 1, 1)}
        ok_request = factory.post('/api/v1/users/', data)
        response = view(ok_request)
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
        self.assertEqual(response.data['date_of_birth'], datetime.date(2015, 1, 1))

        #now incomplete data
        bad_request = factory.post('/api/v1/users/', {'email': "*****@*****.**", 'password': '******'})
        response = view(bad_request)
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

        #now wrong email
        bad_email_request = factory.post('/api/v1/users/', {'email': "newkehko.com",
                                                  'username': "******", 'password': '******'})
        response = view(bad_email_request)
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
Beispiel #3
0
from django.conf.urls import patterns, include, url
from django.contrib import admin

from kehko.views import IndexView
from actions.views import CompanyActions
from authentication.views import AccountList, AccountDetail, RestrictedView, UserCauses
from causes.views import CauseList, CauseDetail, CauseMemberCreate, CauseMemberUpdate
from companies.views import CompanyFollowingCompanies, CompanyList, CompanyDetail, ProductList, ProductDetail
from images.views import ImageList
from news.views import NewsList
from values.views import ValueList, ValueDetail

account_urls = patterns('',
    url(r'^/(?P<username>[0-9a-zA-Z_-]+)/causes/$', UserCauses.as_view(), name='account-causes'),
    url(r'^/(?P<username>[0-9a-zA-Z_-]+)/$', AccountDetail.as_view(), name='account-detail'),
    url(r'^/$', AccountList.as_view(), name='account-list')
)

cause_urls = patterns('',
    url(r'^/$', CauseList.as_view(), name='campaign-list'),
    url(r'^/(?P<slug>[0-9a-zA-Z_-]+)/$', CauseDetail.as_view(), name='campaign-detail'),
)

cause_member_urls = patterns('',
    url(r'^/(?P<pk>[0-9]+)/$', CauseMemberUpdate.as_view(), name='causemember-update'),
    url(r'^/$', CauseMemberCreate.as_view(), name='causemember-create'),
)

company_urls = patterns('',
    url(r'^/$', CompanyList.as_view(), name='company-list'),
    url(r'^/(?P<slug>[0-9a-zA-Z_-]+)/actions/$', CompanyActions.as_view(),