def post(self):
parser = reqparse.RequestParser()
# define the input parameters need and its type
parser.add_argument('name',
type=str,
required=True,
help="This field cannot be left blank")
parser.add_argument('lastname',
type=str,
required=True,
help="This field cannot be left blank")
parser.add_argument('email',
type=str,
required=True,
help="This field cannot be left blank")
parser.add_argument('password',
required=True,
type=str,
help="This field cannot be left blank")
data = parser.parse_args()
if AccountModel.find_by_email(data['email']):
return {
"message": "Account already registered for that email address"
}, 409
account = AccountModel(data['email'], data['name'], data['lastname'],
data['password'])
account.save_to_db()
return {"message": "Account saved correctly"}, 200
def test_invalid_token_validity(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
response = self.login('*****@*****.**', 'america16')
acc = AccountModel.find_by_email('*****@*****.**')
self.assertEqual(None, AccountModel.verify_auth_token('askldjaofhsah'))
def test_model_delete_from_db(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
acc = AccountModel.find_by_email('*****@*****.**')
acc.delete_from_db()
self.assertEqual(None, AccountModel.find_by_email('*****@*****.**'))
def test_expired_token_validity(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
acc = AccountModel.find_by_email('*****@*****.**')
self.assertEqual(
None,
AccountModel.verify_auth_token(
acc.generate_auth_token(expiration=-1)))
def test_valid_token_validity(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
response = self.login('*****@*****.**', 'america16')
acc = AccountModel.find_by_email('*****@*****.**')
self.assertEqual(
acc.id,
AccountModel.verify_auth_token(json.loads(
response.data)['token']).id)
def put(self, idd):
account = AccountModel.find_by_id(idd)
if account:
if g.user != account:
return {
"error: ":
"You cannot modify an account which you are not log with"
}, 401
parser = reqparse.RequestParser()
# define the input parameters need and its type
parser.add_argument('old_password',
type=str,
required=True,
help="This field cannot be left blank")
parser.add_argument('new_password',
type=str,
required=True,
help="This field cannot be left blank")
data = parser.parse_args()
if account.verify_password(data["old_password"]):
account.hash_password(data['new_password'])
account.save_to_db()
return {"message": "Password changed correctly"}, 200
return {'message': "Incorrect password"}, 406
def put(self, idd):
data = self.__parse_request__()
review = ReviewModel.find_by_id(idd)
if not review:
return {
'message': "There is no review with ['id': {}]".format(idd)
}, 404
review.delete_from_db()
user = AccountModel.find_by_id(data.get('user_id'))
book = BookModel.find_by_id(data.get('book_id'))
if not user or not book:
if not user:
return {
'message':
"There is no account with ['id': {}]".format(
data.get('user_id'))
}, 404
if not book:
return {
'message':
"There is no book with ['id': {}]".format(
data.get('book_id'))
}, 404
new_review = ReviewModel(data.get('title'), data.get('user_id'),
data.get('book_id'), data.get('date'),
data.get('valuation'), data.get('comment'))
new_review.save_to_db()
user.reviews.append(new_review)
book.reviews.append(new_review)
return new_review.json(), 200
def test_put_order(self):
acc = AccountModel.find_by_email("*****@*****.**")
acc.type = 2
acc.save_to_db()
resp_account_admin = self.login('*****@*****.**', 'sm22')
self.add_order(self.order_info)
info_put = {"state": 1}
response = self.app.put(
'api/order/1',
data=info_put,
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" +
json.loads(resp_account_admin.data)['token'],
'ascii')).decode('ascii')
},
follow_redirects=True)
resp = self.app.put(
'api/order/1000',
data=info_put,
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" +
json.loads(resp_account_admin.data)['token'],
'ascii')).decode('ascii')
},
follow_redirects=True)
self.assertEqual(response.status_code, 200)
self.assertEqual(resp.status_code, 400)
def test_delete_address_order(self):
acc = AccountModel.find_by_email("*****@*****.**")
acc.type = 2
acc.save_to_db()
resp_account_admin = self.login('*****@*****.**', 'sm22')
self.create_account(self.account_info)
self.add_card(self.card_info)
self.add_order(self.order_info)
self.add_address_order(self.address_order_info)
response = self.app.delete(
'api/address-order/1/1',
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" +
json.loads(resp_account_admin.data)['token'],
'ascii')).decode('ascii')
},
follow_redirects=True)
resp = self.app.delete(
'api/address-order/1000/1',
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" +
json.loads(resp_account_admin.data)['token'],
'ascii')).decode('ascii')
},
follow_redirects=True)
self.assertEqual(response.status_code, 201)
self.assertEqual(resp.status_code, 409)
def test_verify_account(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
acc = AccountModel.find_by_email('*****@*****.**')
self.assertEqual(acc.id,
verify_account(acc.id, acc.generate_auth_token()).id)
def test_get_article(self):
self.register(self.account_admin_info)
acc = AccountModel.find_by_email("*****@*****.**")
acc.type = 2
acc.save_to_db()
resp_account_admin = self.login('*****@*****.**', 'sm22')
self.add_article(self.article_info)
response = self.app.get(
'api/article/1',
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" +
json.loads(resp_account_admin.data)['token'],
'ascii')).decode('ascii')
},
follow_redirects=True)
resp = self.app.get(
'api/article/1000',
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" +
json.loads(resp_account_admin.data)['token'],
'ascii')).decode('ascii')
},
follow_redirects=True)
self.assertEqual(response.status_code, 200)
self.assertEqual(resp.status_code, 404)
def post(self):
parser = reqparse.RequestParser(
) # create parameters parser from request
# define the input parameters need and its type
parser.add_argument('email',
type=str,
required=True,
help="This field cannot be left blanck")
parser.add_argument('password',
required=True,
type=str,
help="This field cannot be left blanck")
data = parser.parse_args()
account = AccountModel.find_by_email(data["email"])
if account:
if account.verify_password(data["password"]):
token = account.generate_auth_token()
log = LogModel(account.id).save_to_db()
return {
'token': token.decode('ascii'),
'type': account.type,
'id': account.id
}, 200
return {'message': "Password is invalid"}, 400
return {
'message':
"Account with email [{}] Not found".format(data["email"])
}, 404
def test_create_article_order(self):
acc = AccountModel.find_by_email("*****@*****.**")
acc.type = 2
acc.save_to_db()
resp_account_admin = self.login('*****@*****.**', 'sm22')
response = self.add_article_order(self.article_order_info)
resp = self.add_article_order(self.article_order_2_info)
resp_order = self.app.post(
'api/article-order/1000',
data=self.article_order_info,
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" +
json.loads(resp_account_admin.data)['token'],
'ascii')).decode('ascii')
},
follow_redirects=True)
resp_book = self.add_article_order(self.article_order_3_info)
self.assertEqual(response.status_code, 200)
self.assertEqual(resp.status_code, 404)
self.assertEqual(resp_order.status_code, 404)
self.assertEqual(resp_book.status_code, 404)
def post(self, ):
parser = reqparse.RequestParser()
# define the input parameters need and its type
parser.add_argument('account_id',
type=int,
required=True,
help="This field cannot be left blank")
parser.add_argument('order_id',
type=str,
required=True,
help="This field cannot be left blank")
data = parser.parse_args()
account_id, order_id = data['account_id'], data['order_id']
account = AccountModel.find_by_id(account_id)
order = OrdersModel.find_by_id(order_id)
if account and order:
try:
MailSender.send_ticket_order_mail(account.email, account.name,
order)
return {"message": "Email sended correctly"}, 200
except (FileNotFoundError, smtplib.SMTPException) as e:
print(e)
return {'message': 'Something went wrong'}, 500
else:
return {"message": "Account or Order not found"}, 404
def post(self, id_account, id_book):
acc = AccountModel.find_by_id(id_account)
if not acc:
return {
'message':
"Account with ['id': {}] not found".format(id_account)
}, 404
book = BookModel.find_by_id(id_book)
if not book:
return {
'message': "Book with ['id': {}] not found".format(id_book)
}, 404
wl = WishlistModel.find_by_account(id_account)
if book in wl.books:
return {
'message':
"Book with ['id': {}] is already is this wish list".format(
id_book)
}, 400
wl.books.append(book)
wl.save_to_db()
return {
'message':
"Book with ['id': {}] added to wish list".format(id_book),
'wl': wl.json()
}, 200
def test_put_change_email_already_registered_email(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
acc = AccountModel.find_by_email('*****@*****.**')
response = self.login('*****@*****.**', 'america16')
response = self.app.put(
'api/account/2',
follow_redirects=True,
data={
"name": "CEp",
"lastname": "asdas",
"email": "*****@*****.**"
},
headers={
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(acc.id) + ":" + json.loads(response.data)['token'],
'ascii')).decode('ascii')
})
self.assertEqual(409, response.status_code)
def test_model_find_non_existent_address_id(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
self.assertEqual(
None,
AccountModel.find_by_email('*****@*****.**').find_address_by_id(
1))
def test_model_rollback_function(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
acc = AccountModel.find_by_email('*****@*****.**')
accMod = acc
accMod.email = '*****@*****.**'
accMod.db_rollback()
self.assertEqual(accMod.email, acc.email)
def setUp(self):
self.app = setupApp(True).test_client()
db.drop_all()
db.create_all()
self.register(self.account_dev_info)
self.acc = AccountModel.find_by_email("*****@*****.**")
self.acc.type = 1
self.acc.save_to_db()
self.resp_account_dev = self.login('*****@*****.**', 'sm22')
def get(self, user_id):
user = AccountModel.find_by_id(user_id)
if not user:
return {
'message': "User with ['id': {}] not found".format(user_id)
}, 404
return {
'reviews':
[i.json()['review'] for i in ReviewModel.find_by_user(user_id)]
}, 200
def post(self, idd):
parser = reqparse.RequestParser(
) # create parameters parser from request
parser.add_argument('date',
type=str,
required=True,
help="This field cannot be left blanck")
parser.add_argument('total',
type=float,
required=True,
help="This field cannot be left blanck")
parser.add_argument('shipping',
type=float,
required=True,
help="This field cannot be left blanck")
parser.add_argument('taxes',
type=float,
required=True,
help="This field cannot be left blanck")
parser.add_argument('state',
type=int,
required=True,
help="This field cannot be left blanck")
parser.add_argument('send_type',
type=int,
required=True,
help="This field cannot be left blanck")
parser.add_argument('card_id',
type=int,
required=True,
help="This field cannot be left blanck")
parser.add_argument('address_id',
type=int,
required=True,
help="This field cannot be left blanck")
data = parser.parse_args()
acc = AccountModel.find_by_id(idd)
if not acc:
return {'message': "There isn't a user with this id"}, 409
new_order = OrdersModel(idd, data.date, data.total, data.shipping,
data.taxes, data.state, data.send_type,
data.card_id, data.address_id)
acc.orders.append(new_order)
db.session.add(new_order)
db.session.commit()
return new_order.id, 200
def put(self, idd):
account = AccountModel.find_by_id(idd)
if account:
if g.user != account:
return {
"error: ":
"You cannot modify an account which you are not log with"
}, 401
else:
return {"error: ": "Account not found"}, 404
parser = reqparse.RequestParser()
# define the input parameters need and its type
parser.add_argument('name',
type=str,
required=True,
help="This field cannot be left blank")
parser.add_argument('lastname',
type=str,
required=True,
help="This field cannot be left blank")
parser.add_argument('email',
type=str,
required=True,
help="This field cannot be left blank")
data = parser.parse_args()
if AccountModel.find_by_email(
data['email']) and account.email != data['email']:
return {
"message": "Account already registered for that email address"
}, 409
account.name, account.lastname, account.email = data['name'], data[
'lastname'], data['email']
account.save_to_db()
return {"token": account.generate_auth_token().decode('ascii')}, 200
def test_model_account_json(self):
response = self.register('Cristobal', 'Colon', '*****@*****.**',
'america16')
self.assertEqual(response.status_code, 200)
acc = AccountModel.find_by_email('*****@*****.**')
self.assertEqual(
acc.json(), {
'id': 1,
'name': 'Cristobal',
'lastname': 'Colon',
'email': '*****@*****.**',
'available_money': 0,
'type': 0
})
def get(self, account_id, idd):
account = AccountModel.find_by_id(account_id)
card = CardModel.find_by_id(idd)
if card is not None and account is not None:
if card in account.cards:
return {'card': card.json()}, 200
return {
'message':
"This account doesn't have a card with id [{}] ".format(idd)
}, 409
elif card is None:
return {'message': "Card with id [{}] Not found".format(idd)}, 404
return {'message': "Account with id [{}] Not found".format(idd)}, 404
def json(self):
account = AccountModel.find_by_id(self.user_id)
return {
"review": {
"name": "" + account.name + " " + account.lastname[0] + ".",
"id": self.id,
"title": self.title,
"user_id": self.user_id,
"book_id": self.book_id,
"date": self.date,
"valuation": self.valuation,
"comment": self.comment
}
}
def get(self, account_id, idd):
account = AccountModel.find_by_id(account_id)
address = AddressModel.find_by_id(idd)
if address is not None and account is not None:
if address in account.addresses:
return {'address': address.json()}, 200
return {
'message':
"This account doesn't have an address with id [{}] ".format(
idd)
}, 409
return {'message': "Address with id [{}] Not found".format(idd)}, 404
def delete(self, account_id, idd):
account = AccountModel.find_by_id(account_id)
address = AddressModel.find_by_id(idd)
if address is not None and account is not None:
if address in account.addresses:
address.delete_from_db()
return {"Message": "Address deleted correctly"}, 200
return {
'message':
"This account doesn't have an address with id [{}] ".format(id)
}, 409
elif address is None:
return {
'message': "Address with id [{}] Not found".format(id)
}, 404
def delete(self, idd):
exists = ReviewModel.find_by_id(idd)
if not exists:
return {
'message':
"There is no review with ['id': {}], therefore it cannot be deleted"
.format(idd)
}, 404
user = AccountModel.find_by_id(exists.user_id)
book = BookModel.find_by_id(exists.book_id)
exists.delete_from_db()
return {
'message':
"Review with ['id': {}] has successfully been deleted".format(idd)
}, 200
def delete(self, account_id, idd):
account = AccountModel.find_by_id(account_id)
card = CardModel.find_by_id(idd)
if card is not None and account is not None:
if card in account.cards:
card.delete_from_db()
return {"Message": "Card deleted correctly"}, 200
return {
'message':
"This account doesn't have an card with id [{}] ".format(idd)
}, 409
elif card is None:
return {'message': "Card with id [{}] Not found".format(idd)}, 404
return {'message': "Account with id [{}] Not found".format(idd)}, 404
def setUp(self):
self.app = setupApp(True).test_client()
db.drop_all()
db.create_all()
self.register(self.account_admin_info)
self.acc = AccountModel.find_by_email("*****@*****.**")
self.acc.type = 2
self.acc.save_to_db()
self.resp_account_admin = self.login('*****@*****.**', 'sm22')
self.authorization = {
'Authorization':
'Basic ' + base64.b64encode(
bytes(
str(self.acc.id) + ":" +
json.loads(self.resp_account_admin.data)['token'],
'ascii')).decode('ascii')
}
