def when_api_key_is_provided_and_rights_and_regular_offer(self, app):
# Given
user = create_user(email="*****@*****.**", public_name="John Doe")
user2 = create_user(email="*****@*****.**", public_name="Jane Doe")
offerer = create_offerer()
user_offerer = create_user_offerer(user2, offerer)
venue = create_venue(offerer)
offer = create_offer_with_event_product(venue, event_name="Event Name", event_type=EventType.CINEMA)
event_occurrence = create_event_occurrence(offer)
stock = create_stock_from_event_occurrence(event_occurrence, price=0)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(user_offerer, booking)
offererApiKey = create_api_key(offerer_id=offerer.id)
repository.save(offererApiKey)
user2ApiKey = f"Bearer {offererApiKey.value}"
booking_token = booking.token.lower()
url = f"/v2/bookings/token/{booking_token}"
# When
response = TestClient(app.test_client()).get(
url, headers={"Authorization": user2ApiKey, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 200
def when_api_key_given_not_related_to_booking_offerer(self, app):
# Given
user = create_user(email="*****@*****.**")
pro_user = create_user(email="*****@*****.**")
offerer = create_offerer()
offerer2 = create_offerer(siren="987654321")
user_offerer = create_user_offerer(pro_user, offerer)
venue = create_venue(offerer)
stock = create_stock_with_event_offer(offerer, venue, price=0, event_type=EventType.CINEMA)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(pro_user, booking, user_offerer, offerer2)
offerer_api_key = create_api_key(offerer_id=offerer2.id)
repository.save(offerer_api_key)
user2ApiKey = "Bearer " + offerer_api_key.value
# When
url = "/v2/bookings/use/token/{}".format(booking.token)
response = TestClient(app.test_client()).patch(
url, headers={"Authorization": user2ApiKey, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 403
assert response.json["user"] == ["Vous n'avez pas les droits suffisants pour valider cette contremarque."]
def when_given_api_key_not_related_to_booking_offerer(self, app):
# Given
user = create_user(email="*****@*****.**")
admin_user = create_user(email="*****@*****.**")
offerer = create_offerer()
offerer2 = create_offerer(siren="987654321")
user_offerer = create_user_offerer(admin_user, offerer)
venue = create_venue(offerer)
offer = create_offer_with_event_product(venue, event_name="Event Name")
event_occurrence = create_event_occurrence(offer)
stock = create_stock_from_event_occurrence(event_occurrence, price=0)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(admin_user, booking, user_offerer, offerer2)
offerer2ApiKey = create_api_key(offerer_id=offerer2.id)
repository.save(offerer2ApiKey)
user2ApiKey = f"Bearer {offerer2ApiKey.value}"
url = f"/v2/bookings/token/{booking.token}"
# When
response = TestClient(app.test_client()).get(
url, headers={"Authorization": user2ApiKey, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 403
assert response.json["user"] == ["Vous n'avez pas les droits suffisants pour valider cette contremarque."]
def when_user_has_api_key_but_token_not_found(self, app):
# Given
user = create_user(email="*****@*****.**")
admin_user = create_user(email="*****@*****.**")
offerer = create_offerer()
user_offerer = create_user_offerer(admin_user, offerer)
venue = create_venue(offerer)
offer = create_offer_with_event_product(venue, event_name="Event Name")
event_occurrence = create_event_occurrence(offer)
stock = create_stock_from_event_occurrence(event_occurrence, price=0)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(admin_user, booking, user_offerer)
offererApiKey = create_api_key(offerer_id=offerer.id)
repository.save(offererApiKey)
user2ApiKey = f"Bearer {offererApiKey.value}"
url = "/v2/bookings/token/12345"
# When
response = TestClient(app.test_client()).get(
url, headers={"Authorization": user2ApiKey, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 404
assert response.json["global"] == ["Cette contremarque n'a pas été trouvée"]
def when_booking_is_already_validated(self, app):
# Given
user = create_user(email="*****@*****.**")
admin_user = create_user(email="*****@*****.**")
offerer = create_offerer()
user_offerer = create_user_offerer(admin_user, offerer)
venue = create_venue(offerer)
stock = create_stock_with_thing_offer(offerer,
venue,
offer=None,
price=0)
booking = create_booking(user=user,
stock=stock,
is_used=True,
venue=venue)
repository.save(admin_user, booking, user_offerer)
offererApiKey = create_api_key(offerer_id=offerer.id)
repository.save(offererApiKey)
user2ApiKey = f"Bearer {offererApiKey.value}"
url = f"/v2/bookings/token/{booking.token}"
# When
response = TestClient(app.test_client()).get(url,
headers={
"Authorization":
user2ApiKey,
"Origin":
"http://localhost"
})
# Then
assert response.status_code == 410
assert response.json["booking"] == [
"Cette réservation a déjà été validée"
]
def when_api_key_is_provided_and_booking_payment_exists(self, app):
# Given
user = create_user()
pro_user = create_user(email="*****@*****.**")
offerer = create_offerer()
user_offerer = create_user_offerer(pro_user, offerer)
venue = create_venue(offerer)
stock = create_stock_with_event_offer(offerer, venue, price=0)
booking = create_booking(user=user, stock=stock, venue=venue, is_used=True)
payment = create_payment(booking, offerer, Decimal(10), iban="CF13QSDFGH456789", bic="QSDFGH8Z555")
repository.save(booking, user_offerer, payment)
offererApiKey = create_api_key(offerer_id=offerer.id)
repository.save(offererApiKey)
# When
url = "/v2/bookings/keep/token/{}".format(booking.token)
user2_api_key = "Bearer " + offererApiKey.value
response = TestClient(app.test_client()).patch(
url, headers={"Authorization": user2_api_key, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 410
assert response.json["payment"] == ["Le remboursement est en cours de traitement"]
assert Booking.query.get(booking.id).isUsed is True
def when_api_key_is_provided_and_booking_has_not_been_validated_already(self, app):
# Given
user = create_user()
pro_user = create_user(email="*****@*****.**")
offerer = create_offerer()
user_offerer = create_user_offerer(pro_user, offerer)
venue = create_venue(offerer)
stock = create_stock_with_event_offer(offerer, venue, price=0)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(booking, user_offerer)
offererApiKey = create_api_key(offerer_id=offerer.id)
repository.save(offererApiKey)
# When
url = "/v2/bookings/keep/token/{}".format(booking.token)
user2_api_key = "Bearer " + offererApiKey.value
response = TestClient(app.test_client()).patch(
url, headers={"Authorization": user2_api_key, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 410
assert response.json["booking"] == ["Cette réservation n'a pas encore été validée"]
assert Booking.query.get(booking.id).isUsed is False
def when_booking_is_not_provided_at_all(self, app):
# Given
user = create_user(email="*****@*****.**")
offerer = create_offerer()
venue = create_venue(offerer)
offer = create_offer_with_event_product(venue, event_name="Event Name")
event_occurrence = create_event_occurrence(offer)
stock = create_stock_from_event_occurrence(event_occurrence, price=0)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(booking)
offererApiKey = create_api_key(offerer_id=offerer.id)
repository.save(offererApiKey)
# When
url = "/v2/bookings/keep/token/"
user2_api_key = "Bearer " + offererApiKey.value
response = TestClient(app.test_client()).patch(
url, headers={"Authorization": user2_api_key, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 404
def when_the_api_key_is_not_linked_to_the_right_offerer(self, app):
# Given
user = create_user(email="*****@*****.**")
pro_user = create_user(email="*****@*****.**")
offerer = create_offerer()
offerer2 = create_offerer(siren="987654321")
user_offerer = create_user_offerer(pro_user, offerer)
venue = create_venue(offerer)
offer = create_offer_with_event_product(venue, event_name="Event Name")
event_occurrence = create_event_occurrence(offer)
stock = create_stock_from_event_occurrence(event_occurrence, price=0)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(pro_user, booking, user_offerer, offerer2)
offererApiKey = create_api_key(offerer_id=offerer2.id)
repository.save(offererApiKey)
# When
user2_api_key = "Bearer " + offererApiKey.value
url = "/v2/bookings/keep/token/{}".format(booking.token)
response = TestClient(app.test_client()).patch(
url, headers={"Authorization": user2_api_key, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 403
assert response.json["user"] == ["Vous n'avez pas les droits suffisants pour valider cette contremarque."]
def create_industrial_pro_users_api_keys(offerers_by_name):
logger.info("create_industrial_pro_users_api_keys")
api_key = {}
counter = 0
for offerer in offerers_by_name.items():
api_key[counter] = create_api_key(offerer_id=offerer[1].id,
value=API_KEYS_VALUES[counter])
counter += 1
repository.save(*api_key.values())
logger.info("created %d offerers with api key", len(offerers_by_name))
def when_user_not_logged_in_and_existing_api_key_given_with_no_bearer_prefix(self, app):
# Given
pro = create_user(email="*****@*****.**")
offerer = create_offerer()
user_offerer = create_user_offerer(pro, offerer)
repository.save(user_offerer)
offerer_api_key = create_api_key(offerer_id=offerer.id)
repository.save(offerer_api_key)
url = "/v2/bookings/token/FAKETOKEN"
# When
response = TestClient(app.test_client()).get(
url, headers={"Authorization": API_KEY_VALUE, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 401
def when_api_key_is_provided_and_booking_does_not_exist(self, app):
# Given
user = create_user()
offerer = create_offerer()
venue = create_venue(offerer)
stock = create_stock_with_event_offer(offerer, venue, price=0)
booking = create_booking(user=user, stock=stock, venue=venue)
repository.save(booking)
offerer_api_key = create_api_key(offerer_id=offerer.id)
repository.save(offerer_api_key)
user2ApiKey = "Bearer " + offerer_api_key.value
# When
url = "/v2/bookings/use/token/{}".format("456789")
response = TestClient(app.test_client()).patch(
url, headers={"Authorization": user2ApiKey, "Origin": "http://localhost"}
)
# Then
assert response.status_code == 404
assert response.json["global"] == ["Cette contremarque n'a pas été trouvée"]