def test_search(user_service):
true_users, true_cnt = [gen_user(True) for i in range(5)], len(range(5))
user_service.search.return_value = true_users, true_cnt
user = gen_user()
client = TestClient(app(user_service))
payload = {"sub": user.id, "scp": [UserRoleEnum.admin]}
cookies = {security_container.jwt_cookie_key: jwt_helper.encode(payload)}
response = client.post(f"v1/user/search", json={}, cookies=cookies)
assert response.status_code == 200
data = response.json()
assert data["count"] == true_cnt
ids = [u["id"] for u in data["rows"]]
assert ids == [u.id for u in true_users]
def test_user_me_wrong_jwt(user_service):
user = gen_user()
user_service.get_by_id.side_effect = [user, user, user]
client = TestClient(app(user_service))
# Wrong jwt
payload = {"sub": user.id}
jwt_helper2 = JwtHelper("OTHER_SECRET")
token = jwt_helper2.encode(payload)
cookies = {security_container.jwt_cookie_key: token}
response = client.get(f"v1/user/me", cookies=cookies)
assert response.status_code == 400
# Expired jwt
payload = {"sub": user.id, "exp": now().int_timestamp - 10}
token = jwt_helper2.encode(payload)
cookies = {security_container.jwt_cookie_key: token}
response = client.get(f"v1/user/me", cookies=cookies)
assert response.status_code == 400
cookies = {security_container.jwt_cookie_key: f"blah blah"}
response = client.get(f"v1/user/me", cookies=cookies)
assert response.status_code == 400
# Refresh token in auth
payload = {"sub": user.id, "scp": ["refresh"]}
token = jwt_helper.encode(payload)
cookies = {security_container.jwt_cookie_key: token}
response = client.get(f"v1/user/me", cookies=cookies)
assert response.status_code == 403
async def test_search_user(db):
store = PostgreSQLUserStore(db)
users, cnt = await store.search()
async with db.engine.acquire() as conn:
correct_count = await conn.scalar("select count(*) from users")
assert len(users) == correct_count
assert cnt == correct_count
# Filter
user = await store.add(gen_user())
assert user.id
usr_filter = UserFilter(**{"email": user.email})
users, cnt = await store.search(usr_filter)
assert cnt == 1
assert len(users) == 1
assert users[0] == user
# Sorting
users, cnt = await store.search(sort=UserSort(email=1))
async with db.engine.acquire() as conn:
correct_sorted_users_res = await conn.execute("select email from users order by email")
correct_sorted_users = [u.email async for u in correct_sorted_users_res]
assert correct_sorted_users == [u.email for u in users]
# Pagination
users, cnt = await store.search(sort=UserSort(email=1), paginator=Paginator(page=1, per_page=2))
assert len(users) == 2
assert [u.email for u in users] == correct_sorted_users[:2]
async def test_update(db):
store = PostgreSQLUserStore(db)
user = await store.add(gen_user())
assert user.id
user.password = "******"
await store.update(user)
updated_user = await store.find_by_id(user.id)
assert updated_user.password == user.password
async def test_search_user(user_store, user_service):
user_store = Mock(user_store)
true_users, true_cnt = [gen_user() for i in range(5)], len(range(5))
user_store.search.return_value = true_users, true_cnt
user_service.user_store = user_store
user_service = UserService(Settings(), user_store, Mock(PostgresPubSub), Mock(Templater))
users, cnt = await user_service.search()
assert true_users == users
assert true_cnt == cnt
def test_get_by_id_failed(user_service):
user = gen_user(True)
user_service.get_by_id.side_effect = [user, UserNotExistError]
client = TestClient(app(user_service))
payload = {"sub": user.id, "scp": [UserRoleEnum.admin]}
token = jwt_helper.encode(payload)
cookies = {security_container.jwt_cookie_key: token}
response = client.get(f"v1/user/u/wrong_id", cookies=cookies)
assert response.status_code == 404, response.text
async def test_reset_password(user_store, user_service):
user = gen_user()
user_store = Mock(user_store)
def side_effect_check(u):
assert bcrypt_verify("password", u.password)
user_store.update.side_effect = side_effect_check
user_service.user_store = user_store
await user_service.reset_password(user, "password")
async def test_exist_by_email(db):
store = PostgreSQLUserStore(db)
user = await store.add(gen_user())
assert user.id
n = await store.exist_by_email(user.email)
assert n
assert await store.exist_by_email(fake.sha256(raw_output=False)) is False
async def test_find_by_id(db):
store = PostgreSQLUserStore(db)
user = await store.add(gen_user())
assert user.id
find_user = await store.find_by_id(user.id)
assert user.email == find_user.email
with pytest.raises(DoesNotExistException):
await store.find_by_id(-5)
async def test_get_by_id(user_store, user_service):
user = gen_user()
user_store = Mock(user_store)
user_store.find_by_id.side_effect = [user, DoesNotExistException]
user_service.user_store = user_store
u = await user_service.get_by_id(user.id)
assert user == u
with pytest.raises(UserNotExistError):
await user_service.get_by_id(user.id)
async def test_find_by_email(db):
store = PostgreSQLUserStore(db)
user = await store.add(gen_user())
assert user.id
find_user = await store.find_by_email(user.email)
assert user.email == find_user.email
with pytest.raises(DoesNotExistException):
await store.find_by_email(fake.sha256(raw_output=False))
def test_refresh(user_service, scope, status_code):
user = gen_user()
user_service.get_by_id.return_value = user
client = TestClient(app(user_service))
payload = {"sub": user.id, "scp": [scope]}
token = jwt_helper.encode(payload)
response = client.post(
"/v1/user/refresh",
cookies={security_container.jwt_cookie_refresh_key: token})
assert response.status_code == status_code
async def test_find_by_activation_code(db):
store = PostgreSQLUserStore(db)
u = gen_user()
u.activation_code = fake.sha256(raw_output=False)
user = await store.add(u)
assert user.id
assert user.activation_code == u.activation_code
find_user = await store.find_by_activation_code(user.activation_code)
assert user.activation_code == find_user.activation_code
with pytest.raises(DoesNotExistException):
await store.find_by_activation_code(fake.sha256(raw_output=False))
async def test_get_by_reset_password_code(user_service):
with patch.object(
PostgreSQLUserStore, "find_by_reset_password_code", side_effect=DoesNotExistException
):
with pytest.raises(UserNotExistError):
await user_service.get_by_reset_password_code("token")
with patch.object(PostgreSQLUserStore, "find_by_reset_password_code") as p:
user = gen_user()
p.return_value = user
u = await user_service.get_by_reset_password_code("token")
assert u == user
def test_user_me(user_service):
user = gen_user(True)
user_service.get_by_id.side_effect = [user, user, user, user, user]
client = TestClient(app(user_service))
payload = {"sub": user.id}
token = jwt_helper.encode(payload)
cookies = {security_container.jwt_cookie_key: token}
response = client.get(f"v1/user/me", cookies=cookies)
assert response.status_code == 200
data = response.json()
assert user.id == data["id"]
assert user.status == data["status"]
assert user.type == data["type"]
async def test_change_type(user_store, user_service):
user_store = Mock(user_store)
user = gen_user()
user.updated_at = 0
def side_effect_check(u):
assert u.type == user_type
assert u.updated_at != 0
user_store.update.side_effect = side_effect_check
user_service.user_store = user_store
user_type = UserTypeEnum.gdpr_removed
await user_service.change_type(user, user_type)
async def test_change_status(user_store, user_service):
user = gen_user()
user.updated_at = 0
user_store = Mock(user_store)
def side_effect_check(u):
assert u.status == status
assert u.updated_at != 0
user_store.update.side_effect = side_effect_check
user_service.user_store = user_store
status = UserStatusEnum.inactive
await user_service.change_status(user, status)
async def test_auth(user_store, user_service):
user_service.user_store = user_store
user = gen_user()
user.password = bcrypt_hash("hello_password")
schema = LoginSchema(email=user.email, password="******")
with patch.object(PostgreSQLUserStore, "find_by_email", return_value=user):
u = await user_service.auth(schema)
assert user == u
wrong_pass_schema = LoginSchema(email=user.email, password="******")
with pytest.raises(UserNotExistError):
await user_service.auth(wrong_pass_schema)
with patch.object(PostgreSQLUserStore, "find_by_email", side_effect=DoesNotExistException):
with pytest.raises(UserNotExistError):
await user_service.auth(schema)
def test_refresh_wrong_token(user_service):
user = gen_user()
user_service.get_by_id.return_value = user
client = TestClient(app(user_service))
payload = {"sub": user.id, "scp": [SystemScopes.refresh], "exp": 0}
token = jwt_helper.encode(payload)
response = client.post(
"/v1/user/refresh",
cookies={security_container.jwt_cookie_refresh_key: token})
assert response.status_code == 403
payload = {"sub": user.id, "scp": [SystemScopes.refresh]}
jwt_helper2 = JwtHelper("OTHER_SECRET")
token = jwt_helper2.encode(payload)
response = client.post(
"/v1/user/refresh",
cookies={security_container.jwt_cookie_refresh_key: token})
assert response.status_code == 403
async def test_activate(user_service):
with patch.object(
PostgreSQLUserStore, "find_by_activation_code", side_effect=DoesNotExistException
):
with pytest.raises(UserNotExistError):
schema = ActivationSchema(token="token")
await user_service.activate(schema)
with patch.object(PostgreSQLUserStore, "find_by_activation_code") as p:
user = gen_user()
user.activation_code = "token"
p.return_value = user
with patch.object(PostgreSQLUserStore, "update") as add:
def side_effect_check(u):
assert u.activation_code is None
add.side_effect = side_effect_check
await user_service.activate("token")
async def test_reset_password_request(user_service):
with patch.object(PostgreSQLUserStore, "find_by_email", side_effect=DoesNotExistException):
with pytest.raises(UserNotExistError):
schema = ResetPasswordRequestSchema(email="*****@*****.**")
await user_service.reset_password_request(schema)
with patch.object(PostgreSQLUserStore, "find_by_email") as p:
schema = ResetPasswordRequestSchema(email="*****@*****.**")
user = gen_user()
user.email = schema.email
p.return_value = user
with patch.object(PostgreSQLUserStore, "update") as add:
def side_effect_check(u):
assert u.reset_password_code
assert u.email == user.email
return user
add.side_effect = side_effect_check
await user_service.reset_password_request(schema)
router.mount("/v1", user_routers.init())
router.export()
return starlette
@pytest.fixture
def user_service():
templater = Mock(Templater(""))
templater.load.return_value = "blah"
return Mock(UserService(Settings(), Mock(), Mock(), templater))
@pytest.mark.parametrize(
"status_code, key, side_effect",
[(200, "success", lambda x: gen_user()), (409, "error", UserExistError)],
)
def test_register(user_service, status_code, key, side_effect):
user_service.register.side_effect = side_effect
client = TestClient(app(user_service))
data = {
"email": "*****@*****.**",
"password": "******",
"captcha": "blah"
}
response = client.post("v1/user/register", json=data)
assert response.status_code == status_code
res = response.json()
assert res.get(key)
async def test_add(db):
store = PostgreSQLUserStore(db)
user = await store.add(gen_user())
assert user.id
