def test_get_user_by_email(client, db):
    set_up(db)
    password = "******"
    user = User(name="Anakin Skywalker",
                email="*****@*****.**",
                password=generate_password_hash(password),
                roles=[
                    UserRole(category=RoleCategory.SUPER_USER),
                    UserRole(category=RoleCategory.ADMIN)
                ])

    db.session.add(user)
    db.session.commit()

    response = client.post('/api/auth/user/token',
                           json=dict(email="*****@*****.**",
                                     password="******"),
                           follow_redirects=True)

    assert response.status_code == 200
    assert response.json['access_token'] is not None

    access_token = response.json['access_token']
    headers = build_header(access_token)

    response = client.get(f'/api/user/email/{user.email}',
                          headers=headers,
                          follow_redirects=True)

    assert response.status_code == 200
    assert response.json['id'] == user.id
    assert response.json['name'] == user.name
    assert response.json['email'] == user.email
    assert user.verify_password(password)
def test_get_all_user(client, db):
    set_up(db)
    user_1_password = "******"
    user_2_password = "******"
    user_1 = User(name='Leia Organa',
                  email='*****@*****.**',
                  password=generate_password_hash(user_1_password),
                  roles=[
                      UserRole(category=RoleCategory.SUPER_USER),
                      UserRole(category=RoleCategory.ADMIN)
                  ])
    user_2 = User(name="Han Solo",
                  email="*****@*****.**",
                  password=generate_password_hash(user_2_password))

    db.session.add(user_1)
    db.session.add(user_2)
    db.session.commit()

    response = client.post('/api/auth/user/token',
                           json=dict(email="*****@*****.**",
                                     password="******"),
                           follow_redirects=True)

    assert response.status_code == 200
    assert response.json['access_token'] is not None

    access_token = response.json['access_token']
    headers = build_header(access_token)

    response = client.get(f'/api/user/',
                          headers=headers,
                          follow_redirects=True)
    assert response.status_code == 200
    assert len(response.json) == 3

    users = db.session.query(User).all()

    for index, customer in enumerate(response.json, start=0):
        user_db = users[index]
        assert user_db.id == customer['id']
        assert user_db.name == customer['name']
        assert user_db.email == customer['email']

    response = client.get(f'/api/user/1/1',
                          headers=headers,
                          follow_redirects=True)
    assert response.status_code == 200
    assert len(response.json) == 1

    users = db.session.query(User).all()
    user_db = users[0]
    user = response.json[0]

    assert user_db.id == user['id']
    assert user_db.name == user['name']
    assert user_db.email == user['email']
Ejemplo n.º 3
0
def find_or_create_user(name, email, password):
    """ Find existing user or create new user """
    user = User.query.filter(User.email == email).one_or_none()
    if not user:
        user = User(name=name, email=email,
                    password=generate_password_hash(password))

        db.session.add(user)
    return user
def test_update_customer_by_id(client, db):
    set_up(db)
    user_password = "******"
    customer_password = "******"
    user = User(name='Leia Organa',
                email='*****@*****.**',
                password=generate_password_hash(user_password),
                roles=[
                    UserRole(category=RoleCategory.SUPER_USER),
                    UserRole(category=RoleCategory.ADMIN)
                ])
    customer = Customer(name="Anakin Skywalker",
                        email="*****@*****.**",
                        password=generate_password_hash(customer_password))
    db.session.add(user)
    db.session.add(customer)
    db.session.commit()

    response = client.post('/api/auth/user/token',
                           json=dict(email=user.email, password=user_password),
                           follow_redirects=True)

    assert response.status_code == 200
    assert response.json['access_token'] is not None

    access_token = response.json['access_token']

    name = "Darth Vader"
    email = "*****@*****.**"
    headers = build_header(access_token)

    response = client.put(f'/api/customer/{customer.id}',
                          json=dict(name=name, email=email),
                          headers=headers,
                          follow_redirects=True)

    assert response.status_code == 200
    assert response.json['id']
    assert response.json['name'] == name
    assert response.json['email'] == email
    assert response.json['created_date']
    assert response.json['updated_date']

    customer_db = db.session.query(Customer).filter_by(
        id=response.json['id']).one_or_none()

    assert customer_db
    assert customer_db.id == response.json['id']
    assert customer_db.name == response.json['name']
    assert customer_db.email == response.json['email']
    assert customer_db.created_date.strftime(
        DATE_FORMAT) == response.json['created_date']
    assert customer_db.updated_date.strftime(
        DATE_FORMAT) == response.json['updated_date']
    assert customer_db.verify_password(customer_password)
    def update(self, user_updated, roles):

        user = self.__repository.find_by_id(id=user_updated['id'])
        if user is None:
            raise NOT_FOUND_EXCEPTION

        user_exists = self.__repository.find_by_email(user_updated['email'])
        if user_exists and user_exists.id != user_updated['id']:
            raise RESOURCE_ALREADY_EXISTS_EXCEPTION

        roles = list(map(lambda category: UserRole(category=RoleCategory.get_value(category)), roles))
        user.change_roles(roles)

        self.__repository.update_from_model(user, User(name=user_updated['name'], email=user_updated['email']))

        return user.to_dict()
Ejemplo n.º 6
0
def change_user_password():
    current_user = get_jwt_identity()
    change_password_schema = UserChangePasswordUpdateInputSchema()
    data = request.get_json()

    errors = change_password_schema.validate(data)
    if errors:
        raise BadRequestException(message="Invalid Data", payload=errors)

    password = request.json.get('password', '')
    new_password = generate_password_hash(request.json.get('new_password', ''))

    user_service.change_password(User(id=current_user['id'],
                                      password=new_password),
                                 password=password)

    return {}, 200
def test_delete_user(client, db):
    set_up(db)
    password = "******"
    user = User(name="Anakin Skywalker",
                email="*****@*****.**",
                password=generate_password_hash(password),
                roles=[
                    UserRole(category=RoleCategory.SUPER_USER),
                    UserRole(category=RoleCategory.ADMIN)
                ])
    db.session.add(user)
    db.session.commit()

    response = client.post('/api/auth/user/token',
                           json=dict(email=user.email, password=password),
                           follow_redirects=True)

    assert response.status_code == 200
    assert response.json['access_token'] is not None

    access_token = response.json['access_token']
    headers = build_header(access_token)

    response = client.delete('/api/user',
                             headers=headers,
                             follow_redirects=True)

    assert response.status_code == 200

    user_db = db.session.query(User).filter_by(id=user.id).one_or_none()

    assert user_db
    assert user_db.id == user.id
    assert user_db.name == user.name
    assert user_db.email == user.email
    assert user_db.verify_password(password)
    assert user_db.created_date.strftime(
        DATE_FORMAT) == user.created_date.strftime(DATE_FORMAT)
    assert user_db.updated_date.strftime(
        DATE_FORMAT) == user.updated_date.strftime(DATE_FORMAT)
    assert user_db.deleted_date
Ejemplo n.º 8
0
def add_user():
    user_schema = UserInputSchema()
    data = request.get_json()

    errors = user_schema.validate(data)
    if errors:
        raise BadRequestException(message="Invalid User Data", payload=errors)

    name = request.json.get('name', None)
    email = request.json.get('email', None)
    password = request.json.get('password', None)
    roles = list(
        map(lambda category: UserRole(category=category),
            request.json.get('roles', [])))

    user = user_service.add(
        User(name=name,
             email=email,
             password=generate_password_hash(password),
             roles=roles))

    return jsonify(user)
def test_get_customer_by_email(client, db):
    set_up(db)
    user_password = "******"
    customer_password = "******"
    user = User(name='Leia Organa',
                email='*****@*****.**',
                password=generate_password_hash(user_password),
                roles=[
                    UserRole(category=RoleCategory.SUPER_USER),
                    UserRole(category=RoleCategory.ADMIN)
                ])
    customer = Customer(name="Anakin Skywalker",
                        email="*****@*****.**",
                        password=generate_password_hash(customer_password))
    db.session.add(user)
    db.session.add(customer)
    db.session.commit()

    response = client.post('/api/auth/user/token',
                           json=dict(email=user.email, password=user_password),
                           follow_redirects=True)

    assert response.status_code == 200
    assert response.json['access_token'] is not None

    access_token = response.json['access_token']
    headers = build_header(access_token)

    response = client.get(f'/api/customer/email/{customer.email}',
                          headers=headers,
                          follow_redirects=True)

    assert response.status_code == 200
    assert response.json['id'] == customer.id
    assert response.json['name'] == customer.name
    assert response.json['email'] == customer.email
    assert customer.verify_password(customer_password)
def test_change_customer_password(client, db):
    set_up(db)
    password = "******"
    user = User(name="Anakin Skywalker",
                email="*****@*****.**",
                password=generate_password_hash(password),
                roles=[
                    UserRole(category=RoleCategory.SUPER_USER),
                    UserRole(category=RoleCategory.ADMIN)
                ])

    db.session.add(user)
    db.session.commit()

    response = client.post('/api/auth/user/token',
                           json=dict(email=user.email, password=password),
                           follow_redirects=True)

    assert response.status_code == 200
    assert response.json['access_token'] is not None

    access_token = response.json['access_token']
    new_password = "******"
    headers = build_header(access_token)

    response = client.put('/api/user/password',
                          json=dict(password=password,
                                    new_password=new_password),
                          headers=headers,
                          follow_redirects=True)

    assert response.status_code == 200

    user_db = db.session.query(User).filter_by(id=user.id).one_or_none()

    assert user_db.verify_password(new_password)