Beispiel #1
0
    def test_delete_page(self, mock_delete):
        """Test API Pagepost delete post (DEL)."""
        mock_delete.return_value = True
        admin, owner, user = UserFactory.create_batch(3)
        project = ProjectFactory.create(owner=owner)
        file_info = {'file_name': 'name.jpg', 'container': 'user_3'}
        page = PageFactory.create(project_id=project.id, info=file_info)
        page2 = PageFactory.create(project_id=project.id)

        # As anon
        url = '/api/page/%s' % page.id
        res = self.app.delete(url)
        assert res.status_code == 401, res.status_code

        # As user
        url = '/api/page/%s?api_key=%s' % (page.id, user.api_key)
        res = self.app.delete(url)
        assert res.status_code == 403, res.status_code

        # As owner
        url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key)
        res = self.app.delete(url)
        assert res.status_code == 204, res.status_code
        mock_delete.assert_called_with(file_info['file_name'],
                                       file_info['container'])

        # As admin
        url = '/api/page/%s?api_key=%s' % (page2.id, admin.api_key)
        res = self.app.delete(url)
        assert res.status_code == 204, res.status_code
Beispiel #2
0
    def test_get_by_returns_none_if_no_page(self):
        """Test get_by returns None if no page matches the query"""

        PageFactory.create()

        page = self.page_repo.get_by(project_id=10000)

        assert page is None, page
Beispiel #3
0
    def test_filter_by_no_matches(self):
        """Test filter_by returns an empty list if no pages match the query"""

        PageFactory.create()

        retrieved_pages = self.page_repo.filter_by(project_id=100)

        assert isinstance(retrieved_pages, list)
        assert len(retrieved_pages) == 0, retrieved_pages
Beispiel #4
0
    def test_filter_by_multiple_conditions(self):
        """Test filter_by supports multiple-condition queries"""

        h1 = PageFactory.create(slug='url')
        h2 = PageFactory.create(slug='url')

        retrieved_pages = self.page_repo.filter_by(project_id=h2.project_id,
                                                   slug='url')

        assert len(retrieved_pages) == 1, retrieved_pages
        assert h2 in retrieved_pages, retrieved_pages
Beispiel #5
0
    def test_anonymous_user_delete_page(self):
        """Test anonymous users cannot delete pages"""

        project = ProjectFactory.create(published=True)
        page = PageFactory.create(project_id=project.id)

        assert_raises(Unauthorized, ensure_authorized_to, 'delete', page)
Beispiel #6
0
    def test_anonymous_user_read_given_page(self):
        """Test anonymous users can read a given page"""

        project = ProjectFactory.create(published=True)
        page = PageFactory.create(project_id=project.id)

        assert_not_raises(Exception, ensure_authorized_to, 'read', page)
Beispiel #7
0
    def test_get_by(self):
        """Test get_by returns a page with the specified attribute"""

        page = PageFactory.create(slug="algo")

        retrieved_page = self.page_repo.get_by(slug="algo")

        assert page == retrieved_page, retrieved_page
Beispiel #8
0
    def test_get_returns_page(self):
        """Test get method returns a page if exists"""

        page = PageFactory.create()

        retrieved_page = self.page_repo.get(page.id)

        assert page == retrieved_page, retrieved_page
Beispiel #9
0
    def test_update_fails_if_integrity_error(self):
        """Test update raises a DBIntegrityError if the instance to be updated
        lacks a required value"""

        page = PageFactory.create()
        page.project_id = None

        assert_raises(DBIntegrityError, self.page_repo.update, page)
Beispiel #10
0
    def test_anonymous_user_read_given_page_draft_project(self):
        """Test anonymous users cannot read a given page of
        a draft project"""

        project = ProjectFactory.create(published=False)
        page = PageFactory.create(project_id=project.id)

        assert_raises(Unauthorized, ensure_authorized_to, 'read', page)
Beispiel #11
0
    def test_delete(self):
        """Test delete removes the page instance"""

        page = PageFactory.create()

        self.page_repo.delete(page)
        deleted = self.page_repo.get(page.id)

        assert deleted is None, deleted
Beispiel #12
0
    def test_non_owner_authenticated_user_read_given_page_draft_project(self):
        """Test authenticated user cannot read a given page of a
        draft project if is not the project owner"""

        project = ProjectFactory.create(published=False)
        page = PageFactory.create(project_id=project.id)

        assert self.mock_authenticated.id != project.owner.id
        assert_raises(Forbidden, ensure_authorized_to, 'read', page)
Beispiel #13
0
    def test_owner_update_page(self):
        """Test authenticated user can update page
        if it's the project's page owner"""

        owner = UserFactory.create(id=2)
        project = ProjectFactory.create(owner=owner)
        page = PageFactory.create(project_id=project.id)

        assert_not_raises(Exception, ensure_authorized_to, 'update', page)
Beispiel #14
0
    def test_admin_update_page(self):
        """Test admins can update page
        even if it's not the post owner"""

        owner = UserFactory.create(id=5)
        project = ProjectFactory.create(owner=owner)
        page = PageFactory.create(project_id=project.id)

        assert_not_raises(Exception, ensure_authorized_to, 'update', page)
Beispiel #15
0
    def test_admin_read_given_page_draft_project(self):
        """Test admin can read a given page of a draft project"""

        owner = UserFactory.create(id=5)
        project = ProjectFactory.create(owner=owner, published=False)
        page = PageFactory.create(project_id=project.id)

        assert self.mock_admin.id != project.owner.id
        assert_not_raises(Exception, ensure_authorized_to, 'read', page)
Beispiel #16
0
    def test_non_owner_authenticated_user_read_given_page(self):
        """Test authenticated user can read a given page
        if is not the project owner"""

        project = ProjectFactory.create(published=True)
        page = PageFactory.create(project_id=project.id)

        assert self.mock_authenticated.id != project.owner.id
        assert_not_raises(Exception, ensure_authorized_to, 'read', page)
Beispiel #17
0
    def test_admin_authenticated_user_delete_page(self):
        """Test authenticated user can delete any page if
        it's admin"""

        owner = UserFactory.create(id=5)
        project = ProjectFactory.create(owner=owner)
        page = PageFactory.create(project_id=project.id)

        assert self.mock_admin.id != owner.id
        assert_not_raises(Exception, ensure_authorized_to, 'delete', page)
Beispiel #18
0
    def test_owner_delete_page(self):
        """Test authenticated user can delete a page if is the page
        owner"""

        owner = UserFactory.create(id=2)
        project = ProjectFactory.create(owner=owner)
        page = PageFactory.create(project_id=project.id)

        assert self.mock_authenticated.id == owner.id
        assert_not_raises(Exception, ensure_authorized_to, 'delete', page)
Beispiel #19
0
    def test_owner_read_given_page_draft_project(self):
        """Test authenticated user can read a given page
        of a draft project if it's the project owner"""

        owner = UserFactory.create(id=2)
        project = ProjectFactory.create(owner=owner, published=False)
        page = PageFactory.create(project_id=project.id)

        assert self.mock_authenticated.id == project.owner.id
        assert_not_raises(Exception, ensure_authorized_to, 'read', page)
Beispiel #20
0
    def test_non_owner_authenticated_user_delete_page(self):
        """Test authenticated user cannot delete a page if is not the page's
        owner and is not admin"""

        owner = UserFactory.create(id=5)
        project = ProjectFactory.create(owner=owner, published=True)
        page = PageFactory.create(project_id=project.id)

        assert self.mock_authenticated.id != owner.id
        assert not self.mock_authenticated.admin
        assert_raises(Forbidden, ensure_authorized_to, 'delete', page)
Beispiel #21
0
    def test_filter_by_one_condition(self):
        """Test filter_by returns a list of pages that meet the filtering
        condition"""

        PageFactory.create_batch(3, slug="algo")
        should_be_missing = PageFactory.create(slug="new")

        retrieved_pages = self.page_repo.filter_by(slug="algo")

        assert len(retrieved_pages) == 3, retrieved_pages
        assert should_be_missing not in retrieved_pages, retrieved_pages
Beispiel #22
0
    def test_update(self):
        """Test update persists the changes made to the page"""

        info = {'key': 'val'}
        page = PageFactory.create(info=info)
        info_new = {'f': 'v'}
        page.info = info_new

        self.page_repo.update(page)
        updated_page = self.page_repo.get(page.id)

        assert updated_page.info == info_new, updated_page
Beispiel #23
0
    def test_update_page(self):
        """Test API Pagepost update post (PUT)."""
        admin, user, owner = UserFactory.create_batch(3)
        project = ProjectFactory.create(owner=owner)
        page = PageFactory.create(project_id=project.id)

        # As anon
        page.slug = 'new'
        url = '/api/page/%s' % page.id
        res = self.app.put(url, data=json.dumps(page.dictize()))
        data = json.loads(res.data)
        assert res.status_code == 401, res.status_code

        # As user
        url = '/api/page/%s?api_key=%s' % (page.id, user.api_key)
        res = self.app.put(url, data=json.dumps(page.dictize()))
        data = json.loads(res.data)
        assert res.status_code == 403, res.status_code

        # As owner
        url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key)
        payload = page.dictize()
        del payload['created']
        del payload['id']
        res = self.app.put(url, data=json.dumps(payload))
        data = json.loads(res.data)
        assert res.status_code == 200, res.status_code
        assert data['slug'] == 'new', data

        # as owner with reserved key
        page.slug = 'new'
        page.created = 'today'
        url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key)
        payload = page.dictize()
        del payload['id']
        res = self.app.put(url, data=json.dumps(payload))
        data = json.loads(res.data)
        assert res.status_code == 400, res.status_code
        assert data['exception_msg'] == 'Reserved keys in payload', data

        # as owner with wrong key
        page.slug = 'new-slug'
        url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key)
        payload = page.dictize()
        del payload['created']
        del payload['id']
        payload['foo'] = 'bar'
        res = self.app.put(url, data=json.dumps(payload))
        data = json.loads(res.data)
        assert res.status_code == 415, res.status_code
        assert 'foo' in data['exception_msg'], data
Beispiel #24
0
    def test_max_three_items_per_page(self):

        user = UserFactory()
        album = AlbumFactory.create(owner=user)
        page = PageFactory.create(album=album)

        PageItemFactory.create(page=page)
        PageItemFactory.create(page=page)
        PageItemFactory.create(page=page)
        PageItemFactory.create(page=page)

        self.assertEquals(3,
                          page.page_items.all().count(),
                          'Test that a page has at maximum three items')
Beispiel #25
0
    def test_position_unique(self):
        user = UserFactory()
        album = AlbumFactory.create(owner=user)
        page = PageFactory.create(album=album)

        item1 = PageItemFactory.create(
            page=page, value='item1')  #initialized with position 0
        item2 = PageItemFactory.create(
            page=page, value='item2')  #initialized with position 0
        item3 = PageItemFactory.create(
            page=page, position=0, value='item3')  #initialized with position 0
        item4 = PageItemFactory.create(
            page=page, value='item4')  #initialized with position 0

        self.assertNotEqual(item1.position, item2.position,
                            "Test that no two items have the same position")
Beispiel #26
0
 def test_page_public_attributes(self):
     """Test public attributes works."""
     page = PageFactory.create()
     public_attributes = ['created', 'id', 'info', 'media_url', 'slug']
     assert sorted(page.public_attributes()) == sorted(public_attributes)
Beispiel #27
0
    def test_query_page(self):
        """Test API query for page endpoint works"""
        owner = UserFactory.create()
        user = UserFactory.create()
        project = ProjectFactory(owner=owner)
        pages = PageFactory.create_batch(9, project_id=project.id)
        page = PageFactory.create()

        # As anon
        url = '/api/page'
        res = self.app.get(url)
        data = json.loads(res.data)
        assert len(data) == 10, data

        # As user
        res = self.app.get(url + '?api_key=' + user.api_key)
        data = json.loads(res.data)
        assert len(data) == 0, data

        # As owner
        res = self.app.get(url + '?api_key=' + owner.api_key)
        data = json.loads(res.data)
        assert len(data) == 9, data

        # Valid field but wrong value
        res = self.app.get(url + "?media_url=wrongvalue")
        data = json.loads(res.data)
        assert len(data) == 0, data

        # Multiple fields
        res = self.app.get(url + '?info=container::' +
                           pages[0].info['container'] + '&project_id=' +
                           str(project.id))
        data = json.loads(res.data)
        # One result
        assert len(data) == 9, data
        # Correct result
        assert data[0]['project_id'] == pages[0].project_id, data
        assert data[0]['media_url'] == pages[0].media_url, data

        # Limits
        res = self.app.get(url + "?limit=1")
        data = json.loads(res.data)
        for item in data:
            assert item['media_url'] == page.media_url, item
        assert len(data) == 1, data

        # Keyset pagination
        res = self.app.get(url + '?limit=1&last_id=' + str(pages[8].id))
        data = json.loads(res.data)
        assert len(data) == 1, len(data)
        assert data[0]['id'] == page.id

        # Errors
        res = self.app.get(url + "?something")
        err = json.loads(res.data)
        err_msg = "AttributeError exception should be raised"
        res.status_code == 415, err_msg
        assert res.status_code == 415, err_msg
        assert err['action'] == 'GET', err_msg
        assert err['status'] == 'failed', err_msg
        assert err['exception_cls'] == 'AttributeError', err_msg

        # Desc filter
        url = "/api/page?orderby=wrongattribute"
        res = self.app.get(url)
        data = json.loads(res.data)
        err_msg = "It should be 415."
        assert data['status'] == 'failed', data
        assert data['status_code'] == 415, data
        assert 'has no attribute' in data['exception_msg'], data

        # Desc filter
        url = "/api/page?orderby=id"
        res = self.app.get(url)
        data = json.loads(res.data)
        err_msg = "It should get the last item first."
        pages.append(page)
        pages_by_id = sorted(pages, key=lambda x: x.id, reverse=False)
        for i in range(len(pages)):
            assert pages_by_id[i].id == data[i]['id']

        # Desc filter
        url = "/api/page?orderby=id&desc=true"
        res = self.app.get(url)
        data = json.loads(res.data)
        err_msg = "It should get the last item first."
        pages_by_id = sorted(pages, key=lambda x: x.id, reverse=True)
        for i in range(len(pages)):
            assert pages_by_id[i].id == data[i]['id']
Beispiel #28
0
    def test_page_put_file(self):
        """Test API Pagepost file put upload works."""
        admin, owner, user = UserFactory.create_batch(3)
        project = ProjectFactory.create(owner=owner)
        project2 = ProjectFactory.create(owner=user)
        hp = PageFactory.create(project_id=project.id)

        img = (io.BytesIO(b'test'), 'test_file.jpg')

        payload = dict(project_id=project.id, slug="admin", file=img)

        # As anon
        url = '/api/page/%s' % hp.id
        res = self.app.put(url,
                           data=payload,
                           content_type="multipart/form-data")
        data = json.loads(res.data)
        assert res.status_code == 401, data
        assert data['status_code'] == 401, data

        # As a user
        img = (io.BytesIO(b'test'), 'test_file.jpg')

        payload = dict(project_id=project.id, slug="admin", file=img)

        url = '/api/page/%s?api_key=%s' % (hp.id, user.api_key)
        res = self.app.put(url,
                           data=payload,
                           content_type="multipart/form-data")
        data = json.loads(res.data)
        assert res.status_code == 403, data
        assert data['status_code'] == 403, data

        # As owner
        img = (io.BytesIO(b'test'), 'test_file.jpg')

        payload = dict(project_id=project.id, slug="admin", file=img)

        url = '/api/page/%s?api_key=%s' % (hp.id, project.owner.api_key)
        res = self.app.put(url,
                           data=payload,
                           content_type="multipart/form-data")
        data = json.loads(res.data)
        assert res.status_code == 200, data
        container = "user_%s" % owner.id
        assert data['info']['container'] == container, data
        assert data['info']['file_name'] == 'test_file.jpg', data
        assert 'test_file.jpg' in data['media_url'], data

        # As owner wrong 404 project_id
        img = (io.BytesIO(b'test'), 'test_file.jpg')

        payload = dict(project_id=project.id, slug="admin", file=img)

        url = '/api/page/%s?api_key=%s' % (hp.id, owner.api_key)
        payload['project_id'] = -1
        res = self.app.put(url,
                           data=payload,
                           content_type="multipart/form-data")
        data = json.loads(res.data)
        assert res.status_code == 415, data

        # As owner using wrong project_id
        img = (io.BytesIO(b'test'), 'test_file.jpg')

        payload = dict(project_id=project.id, file=img)

        url = '/api/page/%s?api_key=%s' % (hp.id, owner.api_key)
        payload['project_id'] = project2.id
        res = self.app.put(url,
                           data=payload,
                           content_type="multipart/form-data")
        data = json.loads(res.data)
        assert res.status_code == 403, data

        # As owner using wrong attribute
        img = (io.BytesIO(b'test'), 'test_file.jpg')

        payload = dict(project_id=project.id, wrong=img)

        url = '/api/page/%s?api_key=%s' % (hp.id, owner.api_key)
        res = self.app.put(url,
                           data=payload,
                           content_type="multipart/form-data")
        data = json.loads(res.data)
        assert res.status_code == 415, data

        # As owner using reserved key
        img = (io.BytesIO(b'test'), 'test_file.jpg')

        payload = dict(project_id=project.id, file=img)

        url = '/api/page/%s?api_key=%s' % (hp.id, owner.api_key)
        payload['project_id'] = project.id
        payload['id'] = 3
        res = self.app.put(url,
                           data=payload,
                           content_type="multipart/form-data")
        data = json.loads(res.data)
        assert res.status_code == 400, data
        assert data['exception_msg'] == 'Reserved keys in payload', data
Beispiel #29
0
 def test_page_public_attributes(self):
     """Test public attributes works."""
     page = PageFactory.create()
     assert page.public_attributes().sort() == page.dictize().keys().sort()