def test_create_cart_items(
client,
db,
customer,
all_headers,
_items_data):
cart_items_url = url_for("api.cart_items")
resp = client.post(
cart_items_url,
json={"items": "bar"},
headers=all_headers["no_auth_headers"])
assert resp.status_code == 401
resp = client.post(
cart_items_url,
json={"items": None},
headers=all_headers["customer_headers"])
assert resp.status_code == 400
save_to_db(db, customer)
resp = client.post(
cart_items_url,
json={"items": _items_data},
headers=all_headers["customer_headers"])
assert resp.status_code == 201
def customer(db):
user = UserFactory()
save_to_db(db, user)
customer = CustomerFactory(name='John Doe', user_id=user.id)
save_to_db(db, customer)
return customer
def customer_user(db):
user_ = User(username="******",
email="*****@*****.**",
password="******",
role=ROLE_CUSTOMER,
active=True)
save_to_db(db, user_)
return user_
def admin_user(db):
user = User(username="******",
email="*****@*****.**",
password="******",
role=ROLE_ADMIN,
active=True)
save_to_db(db, user)
return user
def test_delete_user(client, db, user, admin_headers):
user_url = url_for('api.user_by_id', user_id="100000")
rep = client.delete(user_url, headers=admin_headers)
assert rep.status_code == 404
save_to_db(db, user)
user_url = url_for('api.user_by_id', user_id=user.id)
rep = client.delete(user_url, headers=admin_headers)
assert rep.status_code == 200
assert db.session.query(User).filter_by(id=user.id).first() is None
def customer_headers(db, customer_user, client, customer):
data = {"username": customer_user.username, "password": '******'}
resp = client.post("/auth/login",
data=json.dumps(data),
headers={"content-type": "application/json"})
customer.user_id = customer_user.id
save_to_db(db, customer)
tokens = json.loads(resp.get_data(as_text=True))
return {
"content-type": "application/json",
"authorization": f"Bearer {tokens['access_token']}"
}
def init():
"""Create a new admin user"""
from api.extensions import db
from api.models import User
from api.utils.models import save_to_db
click.echo("create user")
admin_user = User(username="******",
email="*****@*****.**",
password="******",
role=ROLE_ADMIN,
active=True)
save_to_db(db, admin_user)
click.echo("created user admin")
def test_get_book_cost(db, book):
fiction_book_price = 3
book.genre = "Fiction"
save_to_db(db, book)
today = datetime.now(pytz.utc)
due_at = datetime.now(pytz.utc) + timedelta(days=3)
cost = CartOrderPrice.get_book_cost(book.id, today, due_at)
assert cost == (due_at - today).days or 1 * \
fiction_book_price
due_at = datetime.now(pytz.utc) + timedelta(days=1)
cost = CartOrderPrice.get_book_cost(book.id, today, due_at)
assert cost == (due_at - today).days or 1 * \
fiction_book_price
def test_get_user(client, db, user, admin_headers):
# test 404
user_url = url_for('api.user_by_id', user_id="100000")
resp = client.get(user_url, headers=admin_headers)
assert resp.status_code == 404
save_to_db(db, user)
user_url = url_for('api.user_by_id', user_id=user.id)
resp = client.get(user_url, headers=admin_headers)
assert resp.status_code == 200
data = resp.get_json()["user"]
assert data["username"] == user.username
assert data["email"] == user.email
assert data["active"] == user.active
def _rental(db, book, customer, rental, user):
save_to_db(db, book)
save_to_db(db, user)
customer.user_id = user.id
save_to_db(db, customer)
rental.customer_id = customer.id
rental.book_id = book.id
save_to_db(db, rental)
return rental
def test_put_user(client, db, user, admin_headers):
user_url = url_for('api.user_by_id', user_id="100000")
rep = client.put(user_url, headers=admin_headers)
assert rep.status_code == 404
save_to_db(db, user)
data = {"username": "******", "password": "******"}
user_url = url_for('api.user_by_id', user_id=user.id)
resp = client.put(user_url, json=data, headers=admin_headers)
assert resp.status_code == 200
data = resp.get_json()["user"]
assert data["username"] == "updated"
assert data["email"] == user.email
assert data["active"] == user.active
db.session.refresh(user)
assert pwd_context.verify("new_password", user.password)
def register_user():
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
if not request.json.get("username"):
return jsonify({"msg": "JSON missing username"}), 400
username = request.json.get("username")
user = User.query.filter_by(username=username).first()
if user:
return jsonify({"msg": "Username already taken"}), 400
request.json["active"] = True
user_schema = UserSchema()
user = user_schema.load(request.json)
user.role = ROLE_CUSTOMER
save_to_db(db, user)
user_claims_ = {"id": user.id, "role": ROLE_CUSTOMER}
access_token = create_access_token(
identity=user.id,
user_claims=user_claims_)
refresh_token = create_refresh_token(
identity=user.id,
user_claims=user_claims_)
# create a customer, only for simple auth purposes
customer = Customer(
name=username,
email=user.email,
user_id=user.id)
save_to_db(db, customer)
resp = {
"user": user_schema.dump(user),
"customer_id": customer.id,
"access_token": access_token,
"refresh_token": refresh_token}
return jsonify(resp), 201
def _cart(db, cart, customer, user):
save_to_db(db, user)
customer.user_id = user.id
save_to_db(db, customer)
cart.customer_id = customer.id
save_to_db(db, cart)
return cart
def customer_user(db):
customer_user = UserFactory(username='******', role=ROLE_CUSTOMER)
save_to_db(db, customer_user)
return customer_user
def _cart_item(db, book, cart, customer, user):
save_to_db(db, user)
customer.user_id = user.id
save_to_db(db, customer)
cart.customer_id = customer.id
save_to_db(db, cart)
save_to_db(db, book)
cart_item = CartItemFactory(book_id=book.id, cart_id=cart.id)
save_to_db(db, cart_item)
cart.cart_items.append(cart_item)
save_to_db(db, cart)
save_to_db(db, cart_item)
return cart_item
