def test_non_admin_can_not_activate_a_user(self):
non_active_user = create_new_user(
"New", "User", "*****@*****.**", "0831247362", "testPass123!", active=False
)
user = create_new_user()
token = authenticate_user(user)
with self.client:
res = self.client.post(
f"/api/users/{non_active_user.uuid}/activate",
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
self.assert403(res)
def test_admin_user_can_view_a_list_of_users(self):
create_new_user("New", "User", "*****@*****.**", "0831247362", "testPass123!")
create_new_user("Old", "User", "*****@*****.**", "0831258762", "testPass123!!")
admin = create_admin_user()
token = authenticate_user(admin)
with self.client:
res = self.client.get(
"/api/users", headers={"Authorization": f"Bearer {token}"}
)
data = json.loads(res.data.decode())
self.assert200(res)
self.assertEqual("New", data[0]["first_name"])
self.assertEqual("User", data[0]["last_name"])
def test_admin_can_update_user(self):
user = create_new_user(
"New", "User", "*****@*****.**", "0831247362", "testPass123!"
)
admin = create_admin_user()
token = authenticate_user(admin)
with self.client:
res = self.client.put(
f"/api/users/{user.uuid}",
data=json.dumps(
{
"first_name": "Updated",
"last_name": "User",
"email": "*****@*****.**",
"phone": user.phone,
"active": user.active,
"rank": user.rank,
"first_aid": "EFR",
"app_role": user.app_role,
}
),
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
self.assertEqual(202, res.status_code)
def test_user_can_login(self):
create_new_user("Test", "User", "*****@*****.**", "0831221362",
"testPass123")
with self.client:
res = self.client.post(
"/api/auth/login",
data=json.dumps({
"email": "*****@*****.**",
"password": "******",
}),
content_type="application/json",
)
data = json.loads(res.data.decode())
self.assert200(res)
self.assertIn("*****@*****.**", data["email"])
self.assertIn("token", data)
def test_user_can_not_login_with_incorrect_password(self):
create_new_user("Test", "User", "*****@*****.**", "0831221362",
"testPass123")
with self.client:
res = self.client.post(
"/api/auth/login",
data=json.dumps({
"email": "*****@*****.**",
"password": "******",
}),
content_type="application/json",
)
data = json.loads(res.data.decode())
self.assert400(res)
self.assertIn("Email address or password incorrect",
data["message"])
self.assertNotIn("token", data)
def test_user_can_not_register_with_email_that_already_exists(self):
create_new_user("Test", "User", "*****@*****.**", "0831221362",
"testPass123")
with self.client:
res = self.client.post(
"/api/auth/register",
data=json.dumps({
"first_name": "Test",
"last_name": "User",
"email": "*****@*****.**",
"phone": "+353831224458",
"password": "******",
}),
content_type="application/json",
)
data = json.loads(res.data.decode())
self.assertEqual(400, res.status_code)
self.assertIn("Email address already in use", data["message"])
def test_guest_can_not_view_details_for_a_user(self):
user = create_new_user("New", "User", "*****@*****.**", "0831247362",
"testPass123!")
with self.client:
res = self.client.get(
f"/api/users/{user.uuid}",
content_type="application/json",
)
self.assert401(res)
def test_inactive_user_can_not_login(self):
create_new_user("Test", "User", "*****@*****.**", "0831221362",
"testPass123", False)
with self.client:
res = self.client.post(
"/api/auth/login",
data=json.dumps({
"email": "*****@*****.**",
"password": "******",
}),
content_type="application/json",
)
data = json.loads(res.data.decode())
self.assert400(res)
self.assertIn(
"This account is not active, please speak to your unit commander.",
data["message"],
)
def test_non_admin_user_can_not_view_list_of_users(self):
user = create_new_user()
token = authenticate_user(user)
with self.client:
res = self.client.get(
"/api/users",
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
self.assert403(res)
def test_admin_can_activate_a_user(self):
user = create_new_user(
"New", "User", "*****@*****.**", "0831247362", "testPass123!"
)
admin = create_admin_user()
token = authenticate_user(admin)
with self.client:
res = self.client.post(
f"/api/users/{user.uuid}/activate",
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
self.assertEqual(202, res.status_code)
def test_user_can_view_details_for_a_specific_user(self):
user = create_new_user("New", "User", "*****@*****.**", "0831247362",
"testPass123!")
admin = create_admin_user()
token = authenticate_user(admin)
with self.client:
res = self.client.get(
f"/api/users/{user.uuid}",
content_type="application/json",
headers={"Authorization": f"Bearer {token}"},
)
data = json.loads(res.data.decode())
self.assert200(res)
self.assertEqual("New", data["first_name"])
self.assertEqual("User", data["last_name"])
self.assertEqual("*****@*****.**", data["email"])