def test_get_user_info(self):
# hold own token to access own profile
user = User.query.get(1)
response = self.client.get('/api/v1/users/1', headers={'token': generate_token(1)})
json_data = response.get_json()
self.assertEqual(user.serialize(), json_data)
# hold own token to access other's profile
response = self.client.get('/api/v1/users/1', headers={'token': generate_token(2)})
json_data = response.get_json()
self.assertEqual(1002, json_data['error_code'])
self.assertEqual('No permission.', json_data['description'])
def register():
name = request.json.get('name')
username = request.json.get('username')
password = request.json.get('password')
gender = request.json.get('gender')
faculty = request.json.get('faculty')
department = request.json.get('department')
following = request.json.get('following')
if username is None or password is None:
raise e.MissingData()
if User.query.filter_by(username=username).first():
raise e.ExistingUsername()
user = User(name=name,
username=username,
gender=gender,
admin=False,
faculty=faculty,
department=department,
following=following)
user.set_password(password)
db.session.add(user)
db.session.commit()
user = User.query.filter_by(username=username).first()
return jsonify(id=user.id, token=generate_token(user.id)), 201
def test_verify_token(self):
# token is valid
token = generate_token(1)
self.assertEqual(User.query.get(1), verify_token(token))
# token is 'admin'
token = 'admin'
self.assertEqual('admin', verify_token(token))
# token is None
with self.assertRaises(e.LoginRequired):
verify_token(None)
# token is expired
token = generate_token(1, 1)
time.sleep(2)
with self.assertRaises(e.ExpiredToken):
verify_token(token)
# token is invalid
with self.assertRaises(e.InvalidToken):
verify_token('wrong token')
def login():
username = request.json.get('username')
password = request.json.get('password')
if username is None or password is None:
raise e.MissingData()
user = User.query.filter_by(username=username).first()
if user is None or not user.verify_password(password):
raise e.AuthenticationFailure()
return jsonify(id=user.id, token=generate_token(user.id))
def test_get_user_list(self):
# as admin, success
response = self.client.get('/api/v1/users', headers={'token': 'admin'})
json_data = response.get_json()
user_list = User.query.all()
users = User.serialize_list(user_list)
self.assertEqual(users, json_data['user_list'])
# not as admin, fail
response = self.client.get('/api/v1/users', headers={'token': generate_token(1)})
json_data = response.get_json()
user_list = User.query.all()
users = User.serialize_list(user_list)
self.assertEqual(1002, json_data['error_code'])
self.assertEqual('No permission.', json_data['description'])
def test_get_news(self):
# user_id = None
response = self.client.get('/api/v1/news')
news_list = News.query.order_by(News.date.desc()).all()
json_data = response.get_json()
news = News.serialize_list(news_list)
# because the format of date is not the same, but value is same, ignore it is fine
for item in json_data['news']:
item.pop('date')
for item in news:
item.pop('date')
self.assertEqual(news,json_data['news'])
# user_id = user.id, has following
response = self.client.get('/api/v1/news', headers={'token': generate_token(1)})
news_list = News.query.filter(or_(News.source_id == 1, News.source_id == 2)).order_by(News.date.desc())
json_data = response.get_json()
news = News.serialize_list(news_list)
# because the format of date is not the same, but value is same, ignore it is fine
for item in json_data['news']:
item.pop('date')
for item in news:
item.pop('date')
self.assertEqual(json_data['news'], news)
# user_id = user.id, no following
response = self.client.get('/api/v1/news', headers={'token': generate_token(2)})
news_list = News.query.order_by(News.date.desc()).all()
json_data = response.get_json()
news = News.serialize_list(news_list)
# because the format of date is not the same, but value is same, ignore it is fine
for item in json_data['news']:
item.pop('date')
for item in news:
item.pop('date')
self.assertEqual(news, json_data['news'])
def test_update_user_info(self):
# change password
# old password is wrong
response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)},
json={'old_password': '******', 'new_password': '******'})
json_data = response.get_json()
self.assertEqual(1004, json_data['error_code'])
self.assertEqual('Authentication failure.', json_data['description'])
# new password is None
response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)},
json={'old_password': '******'})
json_data = response.get_json()
self.assertEqual(1006, json_data['error_code'])
# change password success
response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)},
json={'old_password': '******', 'new_password': '******'})
user = User.query.get(1)
self.assertTrue(user.verify_password('222'))
# change username
# new username is existed
response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)},
json={'username': '******'})
json_data = response.get_json()
self.assertEqual(1005, json_data['error_code'])
# change username success
response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)},
json={'username': '******'})
user = User.query.get(1)
self.assertEqual(user.username, 'new_username')
# change ['name', 'gender', 'faculty', 'department', 'following']
response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)},
json={'gender': 0, 'faculty': 'Arts', 'department': 'Communication Arts',
'following': '1, 2, 3'})
user = User.query.get(1)
self.assertEqual(user.faculty, 'Arts')
self.assertEqual(user.department, 'Communication Arts')
self.assertEqual(user.following, '1, 2, 3')