def test_users_strid(self):
u2 = models.User(loginname='bono', passwordhash='1234')
models.User(loginname='test5', passwordhash='1234').save()
u2.save()
self.assertEqual(models.by_id(models.User, [str(u2.id)]), [u2])
def test_users_one_many_exist(self):
models.User(loginname='test', passwordhash='1234').save()
models.User(loginname='test2', passwordhash='1234').save()
u = models.User(loginname='test3', passwordhash='1234')
models.User(loginname='test4', passwordhash='1234').save()
models.User(loginname='test5', passwordhash='1234').save()
u.save()
self.assertEqual(models.by_id(models.User, [u.id]), [u])
def test_admin_post_only_must_be_logged_in_to_get(self):
route = '/tests/admin_only_post_all_get'
@streetsign_server.app.route(route, methods=['GET','POST'])
@admin_only('POST')
@registered_users_only('GET')
def admin_only_post_all_get():
return jsonify({'test':'success'})
# without logging in:
self.validate(route, code=403)
self.validate(route, req='POST', code=403)
# create a user:
u = models.User(loginname='test', emailaddress='*****@*****.**', is_admin=False)
u.set_password('123')
u.save()
# log in:
a = self.login('test', '123')
self.validate(route, lang='json')
self.validate(route, req='POST', code=403)
# now upgrade to admin level:
u.is_admin = True
u.save()
self.validate(route, lang='json')
self.validate(route, req='POST', lang='json')
def test_new_only_admins_get_only(self):
@streetsign_server.app.route('/tests/admin_only_get')
@admin_only('GET')
def admin_only_get():
return jsonify({'test':'success'})
# without logging in:
self.validate('/tests/admin_only_get', code=403)
# create a user:
u = models.User(loginname='test', emailaddress='*****@*****.**', is_admin=False)
u.set_password('123')
u.save()
# log in:
a = self.login('test', '123')
# should still fail:
self.validate('/tests/admin_only_get', code=403)
# now upgrade to admin level:
u.is_admin = True
u.save()
self.validate('/tests/admin_only_get', lang='json')
def test_users_some_invalid_ids(self):
models.User(loginname='test', passwordhash='1234').save()
models.User(loginname='test2', passwordhash='1234').save()
u = models.User(loginname='test3', passwordhash='1234')
u2 = models.User(loginname='bono', passwordhash='1234')
models.User(loginname='test5', passwordhash='1234').save()
u.save()
u2.save()
with self.assertRaises(models.User.DoesNotExist):
models.User.get(id=42)
with self.assertRaises(models.User.DoesNotExist):
models.User.get(id=314)
self.assertEqual(models.by_id(models.User, [42, u.id, 314]), [u])
def setUp(self):
super(TestLogin, self).setUp()
self.user = models.User(loginname='test',
emailaddress='*****@*****.**',
is_admin=False)
self.user.set_password('123')
self.user.save()
def test_user_info_not_logged_in(self):
''' user info should be private! '''
self.validate('/users/0', code=403)
u = models.User(loginname='test', emailaddress='*****@*****.**')
u.set_password('123')
u.save()
self.validate('/users/' + str(u.id), code=403)
def test_logged_in_valid(self):
u = models.User(loginname='test', emailaddress='*****@*****.**')
u.set_password('123')
u.save()
self.login('test', '123')
with self.ctx():
self.validate('/screens/')
self.validate('/screens-edit/0', follow_redirects=True)
self.validate('/user_files/')
self.validate('/user_files/thing.jpg')
self.validate('/users_and_groups')
self.validate('/users/' + str(u.id))
self.validate('/group/0', follow_redirects=True)
self.validate('/aliases', lang='json')
self.validate('/posts/')
self.validate('/feeds/')
def test_users_one(self):
u = models.User(loginname='test', passwordhash='1234')
u.save()
self.assertEqual(models.by_id(models.User, [u.id]), [u])
def test_users_none_but_some_exist(self):
models.User(loginname='test', passwordhash='1234').save()
models.User(loginname='test2', passwordhash='1234').save()
self.assertEqual(models.by_id(models.User, []), [])
