def test_list_order_endpoint(self):
# Create Three Dummy Vendors
OrderFactory.create_batch(3)
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='view_orders', role_id=role.id)
UserRoleFactory.create(user_id=user_id, role_id=role.id)
response = self.client().get(self.make_url('/orders/'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(len(payload['orders']), 3)
self.assertJSONKeysPresent(payload['orders'][0], 'userId', 'channel', 'dateBookedFor')
def test_create_permission_without_right_permission(self):
permission = PermissionFactory.build()
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='wrong_keyword', role_id=role.id)
UserRoleFactory.create(user_id=user_id, role_id=role.id)
data = {'name': permission.name, 'keyword': permission.keyword, 'role_id': role.id}
response = self.client().post(self.make_url('/roles/permissions'),
data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Access Error - Permission Denied')
def test_update_menu_endpoint(self):
"""Test update of a menu"""
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='update_menu', role_id=role.id)
UserRoleFactory.create(user_id=user_id, role_id=role.id)
meal_item_repo = MealItemRepo()
main_meal_item = meal_item_repo.new_meal_item(name="main1",
image="image1",
meal_type="main",
location_id=1)
side_meal_item = meal_item_repo.new_meal_item(name="side1",
image="image11",
meal_type="side",
location_id=1)
protein_meal_item = meal_item_repo.new_meal_item(name="protein1",
image="image12",
meal_type="protein",
location_id=1)
vendor = VendorFactory.build()
vendor_engagement = VendorEngagementFactory.build(vendor_id=vendor.id)
menu = MenuFactory.create(main_meal_id=main_meal_item.id,
side_items=side_meal_item.id,
protein_items=protein_meal_item.id)
data = {
'date': menu.date.strftime('%Y-%m-%d'),
'mealPeriod': menu.meal_period,
'mainMealId': main_meal_item.id,
'allowedSide': 2,
'allowedProtein': 2,
'sideItems': [side_meal_item.id],
'proteinItems': [protein_meal_item.id],
'vendorEngagementId': vendor_engagement.id
}
response = self.client().put(self.make_url('/admin/menus/{}'.format(
menu.id)),
data=self.encode_to_json_string(data),
headers=self.headers())
response_json = self.decode_from_json_string(
response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(payload['menu']['allowedProtein'],
data['allowedProtein'])
self.assertEqual(payload['menu']['allowedSide'], data['allowedSide'])
def test_delete_vendor_endpoint_without_right_permission(self):
user = UserFactory.create()
user.save()
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='wrong_permission', role_id=100)
UserRoleFactory.create(user_id=user_id, role=role)
response = self.client().delete(self.make_url(f'/users/{user.id}/'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert401(response)
self.assertEqual(response_json['msg'], 'Access Error - No Permission Granted')
def test_list_permissions_without_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
for i in range(1,4):
permission_repo.new_permission(role1.id, f'name-{i}', f'keyword-{i}')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='view_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=100)
response = self.client().get(self.make_url('/roles/permissions'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Access Error - No Permission Granted')
def test_update_permissions_without_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission = permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='create_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=100)
data = {'name': 'New name1', 'role_id': role1.id, 'keyword': 'New eky'}
response = self.client().put(self.make_url('/roles/permissions/{}'.format(permission.id)), data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Access Error - No Permission Granted')
def test_get_order_handles_exception(self, mock_get_user):
mock_get_user.side_effect = Exception('exception occured')
order = OrderFactory.create()
order.save()
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='view_orders', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
response = self.client().get(self.make_url(f'/orders/{order.id}'),
headers=self.headers())
self.assert200(response)
def test_collect_order_already_collected(self):
order = OrderFactory.create()
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
order.meal_period, order.user_id = 'lunch', user_id
PermissionFactory.create(keyword='view_orders', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
data = {'userId': user_id, 'orderType': order.meal_period, 'orderDate': order.date_booked_for.strftime('%Y-%m-%d')}
response = self.client().post(self.make_url('/orders/collect'), data=self.encode_to_json_string(data) , headers=self.headers())
self.assert200(response)
response1 = self.client().post(self.make_url('/orders/collect'), data=self.encode_to_json_string(data) , headers=self.headers())
self.assertEqual(response1.status_code, 400)
def test_delete_already_deleted_user_with_right_permission(self):
user = UserFactory.create(is_deleted=True)
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='delete_user', role_id=role.id)
UserRoleFactory.create(user_id=user_id, role_id=role.id)
response = self.client().delete(self.make_url(f'/users/{user.id}/'),
headers=self.headers())
response_json = self.decode_from_json_string(
response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(400, response.status_code)
self.assertEqual(response_json['msg'], 'User has already been deleted')
def test_create_menu_endpoint_with_existing_main_meal_item(self):
"""Multiple menus with same same main meal id should not exist on the same day"""
location = LocationFactory.create()
main_meal_item = MealItemFactory.create(location=location)
side_meal_item = MealItemFactory.create(location=location)
protein_meal_item = MealItemFactory.create(location=location)
headers = self.headers()
headers.update({'X-Location': location.id})
menu = MenuFactory.build(location=location)
menu.save()
vendor = VendorFactory.build(location=location)
vendor_engagement = VendorEngagementFactory.build(vendor=vendor,
location=location)
vendor_engagement.save()
data = {
'date': menu.date.strftime('%Y-%m-%d'),
'mealPeriod': menu.meal_period,
'mainMealId': main_meal_item.id,
'allowedSide': menu.allowed_side,
'allowedProtein': menu.allowed_protein,
'sideItems': [side_meal_item.id],
'proteinItems': [protein_meal_item.id],
'vendorEngagementId': vendor_engagement.id,
'location_id': location.id
}
existing_menu = MenuRepo().new_menu(
menu.date.strftime('%Y-%m-%d'), menu.meal_period,
main_meal_item.id, menu.allowed_side, menu.allowed_protein,
[side_meal_item.id], [protein_meal_item.id], vendor_engagement.id,
location.id)
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='create_menu', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
response = self.client().post(self.make_url('/admin/menus/'), \
data=self.encode_to_json_string(data), headers=headers)
response_json = self.decode_from_json_string(
response.data.decode('utf-8'))
self.assertEqual(response.status_code, 400)
self.assertEqual(
response_json['msg'],
'You can\'t create multiple menus with same main item on the same day'
)
def test_delete_engagement_endpoint_with_right_permission(self):
engagement = VendorEngagementFactory.create()
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='delete_engagement', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
response = self.client().delete(self.make_url(f'/engagements/{engagement.id}'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(payload['status'], 'success')
self.assertEqual(response_json['msg'], 'Engagement deleted')
def test_delete_skill_category_endpoint_without_right_permission(self):
role = RoleFactory.create()
user_id = BaseTestCase.user_id()
UserRoleFactory.create(user_id=user_id, role=role)
response = self.client().delete(
self.make_url(f"/skills_categories/{role.id}"),
headers=self.headers())
response_json = self.decode_from_json_string(
response.data.decode("utf-8"))
self.assert401(response)
self.assertEqual(response_json["msg"],
"Access Error - No Permission Granted")
def test_update_user_endpoint_with_invalid_role_fails(self):
create_user_role('update_user')
role = RoleFactory()
user_role = UserRoleFactory(role=role)
user = UserFactory(user_type=user_role)
user.save()
user_data = dict(firstName="Andela", lastName="Eats", roleId=100)
response = self.client().patch(self.make_url(f'/users/{user.id}'), headers=self.headers(),
data=self.encode_to_json_string(user_data))
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assertEqual(response.status_code, 400)
self.assertEqual(response_json['msg'], 'Role with id 100 doesnot exist')
def test_new_meal_service_method_returns_new_meal_service_object(self):
role = RoleFactory.create()
location = LocationFactory.create()
user_role = UserRoleFactory.build(role_id=role.id, location=location)
user = UserFactory.create(user_type=user_role)
meal_session = MealSessionFactory(location=location)
meal_service = MealServiceFactory(user=user, session=meal_session)
new_meal_service = self.repo.new_meal_service(
user_id=meal_service.user.id,
session_id=meal_service.session.id,
date=meal_service.date)
self.assertIsInstance(new_meal_service, MealService)
self.assertEqual(new_meal_service.user_id, meal_service.user_id)
self.assertEqual(new_meal_service.session_id, meal_service.session_id)
self.assertEqual(new_meal_service.date, meal_service.date)
def test_get_single_rating_without_permission(self):
'''Test that users without the right permission cannot see details of a single rating vendor rating'''
rating = VendorRatingFactory.create()
rating_id = rating.id
role = RoleFactory.create(name='Admin')
permission = PermissionFactory.create(keyword='view_ratings',
role_id=100)
user_role = UserRoleFactory.create(user_id=rating.user_id,
role_id=role.id)
response = self.client().get(self.make_url(f'/ratings/{rating_id}'),
headers=self.headers())
self.assert400(response)
def test_update_with_wrong_permission_id(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission = permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='create_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=role1.id)
data = {'name': 'New name1', 'role_id': role1.id, 'keyword': 'New eky'}
response = self.client().put(self.make_url(f'/roles/permissions/1000'), data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Invalid or incorrect permission id provided')
def test_list_order_by_date_endpoint(self):
OrderFactory.create_batch(3)
book_date = (date.today() + timedelta(days=1)).strftime('%Y-%m-%d')
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='view_orders', role_id=role.id)
UserRoleFactory.create(user_id=user_id, role_id=role.id)
response = self.client().get(self.make_url('/orders/2008-11-20'), headers=self.headers())
self.assert200(response)
self.assertEqual(len(loads(response.data, encoding='utf-8')['payload']['orders']), 0)
response1 = self.client().get(self.make_url('/orders/{}'.format(book_date)), headers=self.headers())
self.assert200(response1)
self.assertEqual(len(loads(response1.data, encoding='utf-8')['payload']['orders']), 3)
def test_delete_permission_endpoint_with_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission = permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='delete_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=role1.id)
response = self.client().delete(self.make_url(f'/roles/permissions/{permission.id}'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(payload['status'], 'success')
self.assertEqual(response_json['msg'], 'permission deleted')
def test_delete_vendor_endpoint_with_right_permission(self):
vendor = VendorFactory.create()
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
permission = PermissionFactory.create(keyword='delete_vendor', role_id=role.id)
user_role = UserRoleFactory.create(user_id=user_id, role_id=role.id)
response = self.client().delete(self.make_url(f'/vendors/{vendor.id}'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(payload['status'], 'success')
self.assertEqual(response_json['msg'], 'Vendor deleted')
def test_invalid_update(self):
role1 = RoleFactory.create(name="admin")
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword="create_roles", role=role1)
UserRoleFactory.create(user_id=user_id, role=role1)
data = {"name": "Super Admin"}
response = self.client().put(
self.make_url("/roles/1000"),
data=self.encode_to_json_string(data),
headers=self.headers(),
)
self.assert400(response)
def test_delete_permission_endpoint_with_wrong_permission_id(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='delete_permissions', role=role1)
UserRoleFactory.create(user_id=user_id, role=role1)
response = self.client().delete(
self.make_url(f'/roles/permissions/576'), headers=self.headers())
response_json = self.decode_from_json_string(
response.data.decode('utf-8'))
self.assert404(response)
self.assertEqual(response_json['msg'],
'Invalid or incorrect permission id provided')
def test_delete_role_endpoint_with_right_permission(self):
role = RoleFactory.create()
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword="delete_roles", role=role)
UserRoleFactory.create(user_id=user_id, role=role)
response = self.client().delete(
self.make_url(f"/roles/{role.id}"), headers=self.headers()
)
response_json = self.decode_from_json_string(response.data.decode("utf-8"))
payload = response_json["payload"]
self.assert200(response)
self.assertEqual(payload["status"], "success")
self.assertEqual(response_json["msg"], "role deleted")
def test_delete_role_endpoint_with_wrong_role_id(self):
role1 = RoleFactory.create(name="admin")
user_id = BaseTestCase.user_id()
PermissionFactory.create(
keyword="delete_roles", name="delete_roles", role=role1
)
UserRoleFactory.create(user_id=user_id, role=role1)
response = self.client().delete(
self.make_url("/roles/1576"), headers=self.headers()
)
response_json = self.decode_from_json_string(response.data.decode("utf-8"))
self.assert404(response)
self.assertEqual(response_json["msg"], "Invalid or incorrect role_id provided")
def test_update_meal_item_endpoint_invalid_id(self):
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='update_meal_item', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
meal_item = MealItemFactory.create()
data = {'mealName': 'Jollof Rice','mealType': 'protein',
'image': 'iamge.com'}
response = self.client().put(self.make_url('/meal-items/100'), data=self.encode_to_json_string(data),
headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Invalid or incorrect meal_id provided')
def test_update_deleted_meal_item(self):
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='update_meal_item', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
meal_item = MealItemFactory.create(is_deleted=True)
data = {'mealName': 'Jollof Rice','mealType': 'protein',
'image': 'image.com'}
response = self.client().put(self.make_url('/meal-items/{}'.format(meal_item.id)),
data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Bad Request. This meal item is deleted')
def test_update_meal_item_endpoint_wrong_permission(self):
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='wrong_permission', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
meal_item = MealItemFactory.create()
data = {'mealName': 'Jollof Rice', 'mealType': 'protein',
'image': 'iamge.com'}
response = self.client().put(self.make_url('/meal-items/{}'.format(meal_item.id)),
data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert401(response)
self.assertEqual(response_json['msg'], 'Access Error - Permission Denied')
def test_create_meal_item_endpoint_without_right_permission(self):
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='wrong_permission', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
meal_item = MealItemFactory.build()
data = {'mealName': meal_item.name,'image': meal_item.image,
'mealType': meal_item.meal_type}
response = self.client().post(self.make_url('/meal-items/'), data=self.encode_to_json_string(data),
headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert401(response)
self.assertEqual(response_json['msg'], 'Access Error - Permission Denied')
def test_create_meal_item_endpoint_with_invalid_meal_type(self):
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='create_meal_item', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
meal_item = MealItemFactory.build(meal_type='wrong_type')
data = {'mealName': meal_item.name, 'image': meal_item.image,
'mealType': meal_item.meal_type}
response = self.client().post(self.make_url('/meal-items/'), data=self.encode_to_json_string(data),
headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], "Bad Request - 'wrong_type' is not a valid value for key 'mealType'. values must be any of the following ['main', 'side', 'protein']")
def test_update_meal_item_endpoint_to_existing_name(self):
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='update_meal_item', role=role)
UserRoleFactory.create(user_id=user_id, role=role)
meal_item1 = MealItemFactory.create(name='sweet item')
meal_item = MealItemFactory.create()
data = {'mealName': meal_item1.name, 'image': meal_item.image,
'mealType': meal_item.meal_type}
response = self.client().put(self.make_url('/meal-items/{}'.format(meal_item.id)),
data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Meal item with this name already exists')
def test_list_meal_item_endpoint_right_permission(self):
# Create Three Dummy Vendors
meals = MealItemFactory.create_batch(3)
role = RoleFactory.create(name='admin')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='view_meal_item', role_id=role.id)
UserRoleFactory.create(user_id=user_id, role_id=role.id)
response = self.client().get(self.make_url('/meal-items/'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(len(payload['mealItems']), 3)
self.assertJSONKeysPresent(payload['mealItems'][0], 'name', 'mealType', 'image')
