Ejemplo n.º 1
0
def test_delete_widget_no_admin_token(client, db, admin, user):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token)
    assert response.status_code == HTTPStatus.CREATED

    response = login_user(client, email=EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = delete_widget(client, access_token, widget_name=DEFAULT_NAME)
    assert response.status_code == HTTPStatus.FORBIDDEN
    assert "message" in response.json and response.json["message"] == FORBIDDEN
Ejemplo n.º 2
0
def test_create_widget_no_admin_token(client, db, user):
    response = login_user(client, email=EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token)
    assert response.status_code == HTTPStatus.FORBIDDEN
    assert "message" in response.json and response.json["message"] == FORBIDDEN
def test_update_widget(client, db, admin):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token)
    assert response.status_code == HTTPStatus.CREATED

    response = update_widget(
        client,
        access_token,
        widget_name=DEFAULT_NAME,
        info_url=UPDATED_URL,
        deadline_str=UPDATED_DEADLINE,
    )
    assert response.status_code == HTTPStatus.OK
    response = retrieve_widget(client, access_token, widget_name=DEFAULT_NAME)
    assert response.status_code == HTTPStatus.OK

    assert "name" in response.json and response.json["name"] == DEFAULT_NAME
    assert "info_url" in response.json and response.json[
        "info_url"] == UPDATED_URL
    assert "deadline" in response.json and UPDATED_DEADLINE in response.json[
        "deadline"]
    assert "owner" in response.json and "email" in response.json["owner"]
    assert response.json["owner"]["email"] == ADMIN_EMAIL
Ejemplo n.º 4
0
def test_update_octocat(client, db, admin):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json

    access_token = response.json["access_token"]
    response = create_octocat(client, access_token)
    assert response.status_code == HTTPStatus.CREATED

    response = update_octocat(
        client,
        access_token,
        octocat_name=DEFAULT_CAT_NAME,
        url=UPDATED_URL,
        age=UPDATED_AGE,
    )
    print(f"---------------{response.json}")
    assert response.status_code == HTTPStatus.OK

    response = retrieve_octocat(client,
                                access_token,
                                octocat_name=DEFAULT_CAT_NAME)
    assert response.status_code == HTTPStatus.OK
    assert "name" in response.json and response.json["name"] == DEFAULT_CAT_NAME
    assert "age" in response.json and response.json["age"] == UPDATED_AGE
    assert "url" in response.json and response.json["url"] == UPDATED_URL
def test_login_email_does_not_exist(client, db):
    response = login_user(client)
    assert response.status_code == HTTPStatus.UNAUTHORIZED
    assert "status" in response.json and response.json["status"] == "fail"
    assert "message" in response.json and response.json[
        "message"] == UNAUTHORIZED
    assert "access_token" not in response.json
def test_create_widget_invalid_deadline(client, db, admin, deadline_str):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token, deadline_str=deadline_str)
    assert response.status_code == HTTPStatus.BAD_REQUEST
    assert "message" in response.json and response.json["message"] == BAD_REQUEST
    assert "errors" in response.json and "deadline" in response.json["errors"]
Ejemplo n.º 7
0
def test_retrieve_widget_does_not_exist(client, db, user):
    response = login_user(client, email=EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = retrieve_widget(client, access_token, widget_name=DEFAULT_NAME)
    assert response.status_code == HTTPStatus.NOT_FOUND
    assert ("message" in response.json
            and f"{DEFAULT_NAME} not found in database"
            in response.json["message"])
Ejemplo n.º 8
0
def test_auth_user(client, db):
    register_user(client)
    response = login_user(client)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = get_user(client, access_token)
    assert response.status_code == HTTPStatus.OK
    assert "email" in response.json and response.json["email"] == EMAIL
    assert "admin" in response.json and not response.json["admin"]
def test_create_widget_already_exists(client, db, admin):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token)
    assert response.status_code == HTTPStatus.CREATED
    response = create_widget(client, access_token)
    assert response.status_code == HTTPStatus.CONFLICT
    name_conflict = f"Widget name: {DEFAULT_NAME} already exists, must be unique."
    assert "message" in response.json and response.json["message"] == name_conflict
Ejemplo n.º 10
0
def test_delete_widget(client, db, admin):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token)
    assert response.status_code == HTTPStatus.CREATED
    response = delete_widget(client, access_token, widget_name=DEFAULT_NAME)
    assert response.status_code == HTTPStatus.NO_CONTENT
    response = retrieve_widget(client, access_token, widget_name=DEFAULT_NAME)
    assert response.status_code == HTTPStatus.NOT_FOUND
Ejemplo n.º 11
0
def test_retrieve_octocat_non_admin_user(client, db, admin, user):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json

    access_token = response.json["access_token"]
    response = create_octocat(client, access_token)
    assert response.status_code == HTTPStatus.CREATED

    response = login_user(client, email=EMAIL)
    assert "access_token" in response.json

    access_token = response.json["access_token"]
    response = retrieve_octocat(client,
                                access_token,
                                octocat_name=DEFAULT_CAT_NAME)
    assert response.status_code == HTTPStatus.OK

    assert "name" in response.json and response.json["name"] == DEFAULT_CAT_NAME
    assert "url" in response.json and response.json["url"] == DEFAULT_URL
    assert "age" in response.json and response.json["age"] == DEFAULT_AGE
Ejemplo n.º 12
0
def test_create_widget_invalid_name(client, db, admin, widget_name):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token, widget_name=widget_name)
    assert response.status_code == HTTPStatus.BAD_REQUEST
    assert "message" in response.json and response.json[
        "message"] == BAD_REQUEST
    assert "errors" in response.json and "name" in response.json["errors"]
    name_error = f"'{widget_name}' contains one or more invalid characters."
    assert name_error in response.json["errors"]["name"]
Ejemplo n.º 13
0
def test_create_widget_invalid_url(client, db, admin, info_url):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token, info_url=info_url)
    assert response.status_code == HTTPStatus.BAD_REQUEST
    assert "message" in response.json and response.json[
        "message"] == BAD_REQUEST
    assert "errors" in response.json and "info_url" in response.json["errors"]
    assert f"{info_url} is not a valid URL." in response.json["errors"][
        "info_url"]
def test_logout_auth_token_expired(client, db):
    register_user(client)
    response = login_user(client)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    time.sleep(6)
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.UNAUTHORIZED
    assert "message" in response.json and response.json["message"] == TOKEN_EXPIRED
    assert "WWW-Authenticate" in response.headers
    assert response.headers["WWW-Authenticate"] == WWW_AUTH_EXPIRED_TOKEN
def test_create_widget_valid_deadline(client, db, admin, deadline_str):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(client, access_token, deadline_str=deadline_str)
    assert response.status_code == HTTPStatus.CREATED
    assert "status" in response.json and response.json["status"] == "success"
    success = f"New widget added: {DEFAULT_NAME}."
    assert "message" in response.json and response.json["message"] == success
    location = f"http://localhost/api/v1/widgets/{DEFAULT_NAME}"
    assert "Location" in response.headers and response.headers["Location"] == location
def test_logout_token_blacklisted(client, db):
    register_user(client)
    response = login_user(client)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.OK
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.UNAUTHORIZED
    assert "message" in response.json and response.json["message"] == TOKEN_BLACKLISTED
    assert "WWW-Authenticate" in response.headers
    assert response.headers["WWW-Authenticate"] == WWW_AUTH_BLACKLISTED_TOKEN
def test_login(client, db):
    register_user(client)
    response = login_user(client)
    assert response.status_code == HTTPStatus.OK
    assert "status" in response.json and response.json["status"] == "success"
    assert "message" in response.json and response.json["message"] == SUCCESS
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    result = User.decode_access_token(access_token)
    assert result.success
    user_dict = result.value
    assert not user_dict["admin"]
    user = User.find_by_public_id(user_dict["public_id"])
    assert user and user.email == EMAIL
Ejemplo n.º 18
0
def test_create_octocat_valid_name(client, db, admin, octocat_name):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json

    access_token = response.json["access_token"]
    response = create_octocat(client, access_token, octocat_name=octocat_name)
    assert response.status_code == HTTPStatus.CREATED
    assert "status" in response.json and response.json["status"] == "success"

    success = f"New octocat added: {octocat_name}."
    assert "message" in response.json and response.json["message"] == success

    location = f"http://localhost/api/v1/octocats/{octocat_name}"
    assert "Location" in response.headers and response.headers["Location"] == location
def test_logout(client, db):
    register_user(client)
    response = login_user(client)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    blacklist = BlacklistedToken.query.all()
    assert len(blacklist) == 0
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.OK
    assert "status" in response.json and response.json["status"] == "success"
    assert "message" in response.json and response.json["message"] == SUCCESS
    blacklist = BlacklistedToken.query.all()
    assert len(blacklist) == 1
    assert access_token == blacklist[0].token
Ejemplo n.º 20
0
    def test_authuser_status_valid_user_expired_token(self, client, db):
        """ AuthUserStatus endpoint should return 401 and message for expired token.  """
        user = dict(user_name="great_user",
                    email="*****@*****.**",
                    password="******")
        register_user(client, **user)
        response = login_user(client, **user)

        assert "access_token" in response.json
        access_token = response.json["access_token"]

        sleep(6)

        response = get_user(client, access_token)
        assert response.status_code == 401
def test_update_widget_does_not_exist_invalid_name(client, db, admin):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    widget_name = "abc!23"

    response = update_widget(
        client,
        access_token,
        widget_name=widget_name,
        info_url=UPDATED_URL,
        deadline_str=UPDATED_DEADLINE,
    )
    assert response.status_code == HTTPStatus.BAD_REQUEST
    name_error = f"'{widget_name}' contains one or more invalid characters."
    assert name_error in response.json["message"]
Ejemplo n.º 22
0
    def test_authuser_status_valid_user(self, client, db):
        """ AuthUserStatus endpoint should return 200 and user data for logged in user.  """
        user = dict(user_name="great_user",
                    email="*****@*****.**",
                    password="******")
        register_user(client, **user)
        response = login_user(client, **user)

        assert "access_token" in response.json
        access_token = response.json["access_token"]

        response = get_user(client, access_token)
        assert response.status_code == 200
        assert "email" in response.json and response.json["email"] == user[
            "email"]
        assert "is_admin" in response.json and not response.json["is_admin"]
Ejemplo n.º 23
0
    def test_authlogout_valid_user(self, client, db):
        """ AuthLogout endpoint should return 200 and message for user with valid token.  """
        user = dict(user_name="great_user",
                    email="*****@*****.**",
                    password="******")
        register_user(client, **user)
        response = login_user(client, **user)

        assert "access_token" in response.json
        access_token = response.json["access_token"]

        response = logout_user(client, access_token, **user)

        assert response.status_code == 200
        blacklist = BlacklistedTokens.query.all()
        assert len(blacklist) == 1
        assert access_token == blacklist[0].token
Ejemplo n.º 24
0
def test_create_widget_bundle_errors(client, db, admin):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = create_widget(
        client,
        access_token,
        widget_name="widget name",
        info_url="www.widget.info",
        deadline_str="1/1/1970",
    )
    assert response.status_code == HTTPStatus.BAD_REQUEST
    assert "message" in response.json and response.json[
        "message"] == BAD_REQUEST
    assert "errors" in response.json and "name" in response.json["errors"]
    assert ("info_url" in response.json["errors"]
            and "deadline" in response.json["errors"])
Ejemplo n.º 25
0
def test_retrieve_paginated_octocat_list(client, db, admin):
    response = login_user(client, email=ADMIN_EMAIL)
    assert "access_token" in response.json
    access_token = response.json["access_token"]

    # ADD SEVEN octocat INSTANCES TO DATABASE
    for i in range(0, len(NAMES)):
        response = create_octocat(
            client,
            access_token,
            octocat_name=NAMES[i],
            url=URLS[i],
            age=AGES[i],
        )
        assert response.status_code == HTTPStatus.CREATED

    # REQUEST PAGINATED LIST OF OCTOCATS: 5 PER PAGE, PAGE #1
    response = retrieve_octocat_list(client, access_token, page=1, per_page=5)
    assert response.status_code == HTTPStatus.OK

    # VERIFY PAGINATION ATTRIBUTES FOR PAGE #1
    assert "has_prev" in response.json and not response.json["has_prev"]
    assert "has_next" in response.json and response.json["has_next"]
    assert "page" in response.json and response.json["page"] == 1
    assert "total_pages" in response.json and response.json["total_pages"] == 2
    assert "items_per_page" in response.json and response.json[
        "items_per_page"] == 5
    assert "total_items" in response.json and response.json["total_items"] == 7
    assert "items" in response.json and len(response.json["items"]) == 5

    # VERIFY ATTRIBUTES OF OCTOCATS #1-5
    for i in range(0, len(response.json["items"])):
        item = response.json["items"][i]
        assert "name" in item and item["name"] == NAMES[i]
        assert "url" in item and item["url"] == URLS[i]
        assert "age" in item and item["age"] == AGES[i]

    # REQUEST PAGINATED LIST OF OCTOCATS: 5 PER PAGE, PAGE #2
    response = retrieve_octocat_list(client, access_token, page=2, per_page=5)
    assert response.status_code == HTTPStatus.OK

    # VERIFY PAGINATION ATTRIBUTES FOR PAGE #2
    assert "has_prev" in response.json and response.json["has_prev"]
    assert "has_next" in response.json and not response.json["has_next"]
    assert "page" in response.json and response.json["page"] == 2
    assert "total_pages" in response.json and response.json["total_pages"] == 2
    assert "items_per_page" in response.json and response.json[
        "items_per_page"] == 5
    assert "total_items" in response.json and response.json["total_items"] == 7
    assert "items" in response.json and len(response.json["items"]) == 2

    # VERIFY ATTRIBUTES OF OCTOCATS #6-7
    for i in range(5, response.json["total_items"]):
        item = response.json["items"][i - 5]
        assert "name" in item and item["name"] == NAMES[i]
        assert "url" in item and item["url"] == URLS[i]
        assert "age" in item and item["age"] == AGES[i]

    # REQUEST PAGINATED LIST OF OCTOCATS: 10 PER PAGE, PAGE #1
    response = retrieve_octocat_list(client, access_token, page=1, per_page=10)
    assert response.status_code == HTTPStatus.OK

    # VERIFY PAGINATION ATTRIBUTES FOR PAGE #1
    assert "has_prev" in response.json and not response.json["has_prev"]
    assert "has_next" in response.json and not response.json["has_next"]
    assert "page" in response.json and response.json["page"] == 1
    assert "total_pages" in response.json and response.json["total_pages"] == 1
    assert "items_per_page" in response.json and response.json[
        "items_per_page"] == 10
    assert "total_items" in response.json and response.json["total_items"] == 7
    assert "items" in response.json and len(response.json["items"]) == 7

    # VERIFY ATTRIBUTES OF OCTOCATS #1-7
    for i in range(0, len(response.json["items"])):
        item = response.json["items"][i]
        assert "name" in item and item["name"] == NAMES[i]
        assert "url" in item and item["url"] == URLS[i]
        assert "age" in item and item["age"] == AGES[i]

    # REQUEST PAGINATED LIST OF OCTOCATS: DEFAULT PARAMETERS
    response = retrieve_octocat_list(client, access_token)
    assert response.status_code == HTTPStatus.OK

    # VERIFY PAGINATION ATTRIBUTES FOR PAGE #1
    assert "has_prev" in response.json and not response.json["has_prev"]
    assert "has_next" in response.json and not response.json["has_next"]
    assert "page" in response.json and response.json["page"] == 1
    assert "total_pages" in response.json and response.json["total_pages"] == 1
    assert "items_per_page" in response.json and response.json[
        "items_per_page"] == 10
    assert "total_items" in response.json and response.json["total_items"] == 7
    assert "items" in response.json and len(response.json["items"]) == 7

    # VERIFY ATTRIBUTES OF OCTOCATS #1-7
    for i in range(0, len(response.json["items"])):
        item = response.json["items"][i]
        assert "name" in item and item["name"] == NAMES[i]
        assert "url" in item and item["url"] == URLS[i]
        assert "age" in item and item["age"] == AGES[i]