def test_update_email_by_user(self):
user = User(
username='******',
password='******',
email='*****@*****.**'
)
user_r = Roles({
'username': user.username,
'roles': user.is_admin
})
save_user(user)
save_user(user_r)
with self.client:
res_login = self.client.post(
'/v1/login',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
})
)
data_login = json.loads(res_login.data.decode())
response = self.client.put(
f'/v1/users/{user.username}',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {}'.format(data_login['access_token'])
},
data=json.dumps({
'username': '******',
'email': '*****@*****.**'
})
)
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Updated successfully')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_post_non_admin_user_with_admin_role(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
user_r = Roles({'username': user.username, 'roles': 'admin'})
save_user(user)
save_user(user_r)
with self.client:
res_login = self.client.post('/v1/login',
headers={
'Content-Type':
'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
}))
data_login = json.loads(res_login.data.decode())
response = self.client.post('/v1/users',
headers={
'Content-Type':
'application/json',
'Accept':
'application/json',
'Authorization':
'Bearer {}'.format(
data_login['access_token'])
},
data=json.dumps({
'username':
'******',
'password':
'******',
'email':
'*****@*****.**',
}))
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Registered successfully')
self.assertTrue(response.content_type == 'application/json')
self.assertTrue(response.status_code == 201)
def test_login(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
with self.client:
response = self.client.post('/v1/login',
data=json.dumps({
'username': '******',
'password': '******'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Logged in.')
self.assertTrue(data['access_token'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_login_with_wrong_pwd(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
with self.client:
response = self.client.post('/v1/login',
data=json.dumps({
'username': '******',
'password': '******'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(
data['msg'] ==
'Incorrect username or password. Please try again.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 400)
def test_login_with_unactive_user(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
update_user(user_obj=user, data={'is_active': False})
with self.client:
response = self.client.post('/v1/login',
data=json.dumps({
'username': '******',
'password': '******'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(
data['msg'] == 'User is currently banned! Please recover.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 403)
def test_get_user_with_own_jwt(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
role = Roles({'username': user.username, 'roles': user.is_admin})
save_user(user)
save_user(role)
with self.client:
res_login = self.client.post('/v1/login',
headers={
'Content-Type':
'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
}))
data_login = json.loads(res_login.data.decode())
response = self.client.get('/v1/users/{}'.format(user.username),
headers={
'Content-Type':
'application/json',
'Accept':
'application/json',
'Authorization':
'Bearer {}'.format(
data_login['access_token'])
})
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Accessed to my page.')
self.assertTrue(data['is_user'] == True)
self.assertTrue(data['data'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_get_all_users_with_authorized_jwt(self):
admin = User(
username='******',
password='******',
email='*****@*****.**',
)
admin_r = Roles({'username': admin.username, 'roles': admin.is_admin})
save_user(admin)
save_user(admin_r)
with self.client:
res_login = self.client.post('/v1/login',
headers={
'Content-Type':
'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
}))
data_login = json.loads(res_login.data.decode())
response = self.client.get('/v1/users',
headers={
'Content-Type':
'application/json',
'Accept':
'application/json',
'Authorization':
'Bearer {}'.format(
data_login['access_token'])
})
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Accessed to admin page.')
self.assertTrue(data['data'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_get_admin_users_with_no_jwt(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
role = Roles({'username': user.username, 'roles': user.is_admin})
save_user(user)
save_user(role)
with self.client:
response = self.client.get('/v1/users/admin',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
})
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'] == 'Sorry, page not found.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 404)
def test_register_with_duplicated_email(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
with self.client:
response = self.client.post('/v1/register',
data=json.dumps({
'username':
'******',
'password':
'******',
'email':
'*****@*****.**'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'] == 'User has existed already')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 400)
def test_get_admin_user_with_unauthorized_jwt(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
role = Roles({'username': user.username, 'roles': user.is_admin})
admin = User(
username='******',
password='******',
email='*****@*****.**',
)
admin_r = Roles({'username': admin.username, 'roles': admin.is_admin})
save_user(user)
save_user(role)
save_user(admin)
save_user(admin_r)
with self.client:
res_login = self.client.post('/v1/login',
headers={
'Content-Type':
'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
}))
data_login = json.loads(res_login.data.decode())
response = self.client.get('/v1/users/admin',
headers={
'Content-Type':
'application/json',
'Accept':
'application/json',
'Authorization':
'Bearer {}'.format(
data_login['access_token'])
})
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'] == 'Sorry, page not found.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 404)
def test_update_invalid_fields_by_admin(self):
admin = User(
username='******',
password='******',
email='*****@*****.**'
)
admin_r = Roles({
'username': admin.username,
'roles': admin.is_admin
})
save_user(admin)
save_user(admin_r)
with self.client:
res_login = self.client.post(
'/v1/login',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
})
)
data_login = json.loads(res_login.data.decode())
res_test = self.client.post(
'/v1/users',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {}'.format(data_login['access_token'])
},
data=json.dumps({
'username': '******',
'password': '******',
'email': '*****@*****.**'
})
)
data_test = json.loads(res_test.data.decode())
response = self.client.put(
'/v1/users/test',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {}'.format(data_login['access_token'])
},
data=json.dumps({
'username': '******',
'email': '*****@*****.**',
'is_admin': True
})
)
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 400)
