def test_update_user_id_by_user(self):
with app.app_context():
BaseCase.add_user(self)
user_id = BaseCase.get_user_id(self, 'user')
BaseCase.add_user_manager(self)
manager_id = BaseCase.get_user_id(self, 'manager')
payload = json.dumps({"username": "******", "password": "******"})
response = self.app.post(
'/api/auth',
headers={"Content-Type": "application/json"},
data=payload)
self.assertEqual(201, response.status_code)
self.assertIsNotNone(response.json['access_token'])
authorization = "Bearer " + response.json['access_token']
payload = json.dumps({"username": "******"})
response = self.app.put('/api/users/%d' % manager_id,
headers={
"Content-Type": "application/json",
"Authorization": authorization
},
data=payload)
self.assertEqual(403, response.status_code)
def test_pagination_read_all_filtered_users_by_admin(self):
with app.app_context():
BaseCase.add_user(self)
user_id = BaseCase.get_user_id(self, 'user')
payload = json.dumps({
"username": "******",
"password": "******",
"email": "*****@*****.**"
})
response = self.app.post(
'/api/users',
headers={"Content-Type": "application/json"},
data=payload)
self.assertEqual(201, response.status_code)
BaseCase.add_user_manager(self)
manager_id = BaseCase.get_user_id(self, 'manager')
BaseCase.add_admin(self)
payload = json.dumps({"username": "******", "password": "******"})
response = self.app.post(
'/api/auth',
headers={"Content-Type": "application/json"},
data=payload)
self.assertEqual(201, response.status_code)
self.assertIsNotNone(response.json['access_token'])
authorization = "Bearer " + response.json['access_token']
response = self.app.get('/api/users/all?page=1',
headers={"Authorization": authorization})
self.assertEqual(200, response.status_code)
self.assertEqual(2, response.json['_meta']['total_items'])
self.assertEqual('admin', response.json['items'][0]['username'])
self.assertEqual('manager', response.json['items'][1]['username'])
self.assertTrue('next_page' in response.json)
self.assertTrue('prev_page' not in response.json)
q = "role!=2"
response = self.app.get('/api/users/all?page=2&filter=%s' % q,
headers={"Authorization": authorization})
self.assertEqual(200, response.status_code)
self.assertEqual(1, response.json['_meta']['total_items'])
self.assertEqual('user', response.json['items'][0]['username'])
self.assertTrue('next_page' not in response.json)
self.assertTrue('prev_page' in response.json)
self.assertEqual(1, response.json['prev_page'])
page = 3
response = self.app.get('/api/users/all?page=%d&filter=%s' %
(page, q),
headers={"Authorization": authorization})
self.assertEqual(200, response.status_code)
self.assertEqual(0, response.json['_meta']['total_items'])
def test_unsubscribe_by_non_subscriber(self):
with app.app_context():
BaseCase.add_user(self)
user_id = BaseCase.get_user_id(self, 'user')
payload = json.dumps({"username": "******", "password": "******"})
response = self.app.post(
'/api/auth',
headers={"Content-Type": "application/json"},
data=payload)
self.assertEqual(201, response.status_code)
self.assertIsNotNone(response.json['access_token'])
authorization = "Bearer " + response.json['access_token']
response = self.app.post('/api/unsubscribe',
headers={"Authorization": authorization})
self.assertEqual(201, response.status_code)
self.assertEqual('Unsubscribed successfully',
response.json['message'])
response = self.app.post('/api/unsubscribe',
headers={"Authorization": authorization})
self.assertEqual(201, response.status_code)
self.assertEqual('Not a subscriber', response.json['message'])
def test_update_wrong_user_id_of_record_by_admin(self):
with app.app_context():
BaseCase.add_admin(self)
admin_id = BaseCase.get_user_id(self, 'admin')
payload = json.dumps({"username": "******", "password": "******"})
response = self.app.post(
'/api/auth',
headers={"Content-Type": "application/json"},
data=payload)
self.assertEqual(201, response.status_code)
self.assertIsNotNone(response.json['access_token'])
authorization = "Bearer " + response.json['access_token']
payload = json.dumps({
"date": "2020-01-01",
"distance": 1000,
"time": 3600,
"latitude": 51.5,
"longitude": 0.127
})
response = self.app.post('/api/records',
headers={
"Content-Type": "application/json",
"Authorization": authorization
},
data=payload)
self.assertEqual(201, response.status_code)
self.assertIsNotNone(response.json['id'])
record_id = int(response.json['id'])
payload = json.dumps({"user_id": admin_id + 1})
response = self.app.put('/api/records/%d' % record_id,
headers={
"Content-Type": "application/json",
"Authorization": authorization
},
data=payload)
self.assertEqual(404, response.status_code)
def test_read_user_id_self_by_user(self):
with app.app_context():
BaseCase.add_user(self)
user_id = BaseCase.get_user_id(self, 'user')
payload = json.dumps({"username": "******", "password": "******"})
response = self.app.post(
'/api/auth',
headers={"Content-Type": "application/json"},
data=payload)
self.assertEqual(201, response.status_code)
self.assertIsNotNone(response.json['access_token'])
authorization = "Bearer " + response.json['access_token']
response = self.app.get('/api/users/%d' % user_id,
headers={"Authorization": authorization})
self.assertEqual(200, response.status_code)
self.assertEqual(user_id, response.json['id'])
self.assertEqual('user', response.json['username'])