def test_fail_delete_detail_user(sample_user):
"""DELETE method should not be allowed."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
response = client.delete(reverse("user-detail"), format="json")
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
def test_change_password_fail_get(sample_user):
"""GET method should not be allowed."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
response = client.get(reverse("user-change-password"), format="json")
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
def test_fail_put_detail_user(sample_user):
"""PUT method should not be allowed."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
user_data = {"email": "*****@*****.**", "password": "******"}
response = client.put(reverse("user-detail"), user_data, format="json")
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
def test_get_user(sample_user):
"""Request should return proper event data."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
response = client.get(reverse("user-detail"), format="json")
assert response.status_code == status.HTTP_200_OK
assert json.dumps(response.data) == json.dumps(
{"id": sample_user.pk, "email": sample_user.email}
)
def test_delete_user_fail_get(sample_user):
"""GET method should not be allowed."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
assert User.objects.all().count() == 1
response = client.get(reverse("user-delete-user"), format="json")
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
assert User.objects.all().count() == 1
def test_register_user_fail_while_logged(sample_user):
"""Access should be forbidden for logged user."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
assert User.objects.filter(email="*****@*****.**").count() == 0
user_data = {"email": "*****@*****.**", "password": "******"}
response = client.post(reverse("user-register"), user_data, format="json")
assert response.status_code == status.HTTP_403_FORBIDDEN
def test_change_password_fail_wrong_data(sample_user):
"""Passing wrong data (eg. email instead of password) should return HTTP_400."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
password_data = {"email": "*****@*****.**"}
response = client.post(reverse("user-change-password"),
password_data,
format="json")
assert response.status_code == status.HTTP_400_BAD_REQUEST
def test_change_password_fail_patch(sample_user):
"""PUT method should not be allowed."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
password_data = {"email": "*****@*****.**", "password": "******"}
response = client.patch(reverse("user-change-password"),
password_data,
format="json")
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
def test_change_password(sample_user):
"""User object password should be changed."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
password_data = {
"password": "******",
"new_password": "******"
}
response = client.post(reverse("user-change-password"),
password_data,
format="json")
assert response.status_code == status.HTTP_200_OK
def test_delete_user_fail_wrong_data(sample_user):
"""Passing wrong data (eg. email instead of password) should return HTTP_400."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
assert User.objects.all().count() == 1
password_data = {"email": "*****@*****.**"}
response = client.post(reverse("user-delete-user"),
password_data,
format="json")
assert response.status_code == status.HTTP_400_BAD_REQUEST
assert User.objects.all().count() == 1
def test_delete_user_fail_short_password(sample_user):
"""Sample_user object should not be deleted with too short password provided."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
assert User.objects.filter(email=sample_user.email).count() == 1
password_data = {"password": "******"}
response = client.post(reverse("user-delete-user"),
password_data,
format="json")
assert response.status_code == status.HTTP_400_BAD_REQUEST
assert User.objects.filter(email=sample_user.email).count() == 1
def test_delete_user(sample_user):
"""Sample_user object should be deleted."""
client = auth_client(APIClient(), sample_user.email, "testpassword")
assert User.objects.filter(email=sample_user.email).count() == 1
password_data = {"password": "******"}
response = client.post(reverse("user-delete-user"),
password_data,
format="json")
assert response.status_code == status.HTTP_200_OK
assert User.objects.filter(email=sample_user.email).count() == 0
def test_change_password_fail_short_password(sample_user):
"""
User object password should not be changed
with too short password provided.
"""
client = auth_client(APIClient(), sample_user.email, "testpassword")
password_data = {"password": "******", "new_password": "******"}
response = client.post(reverse("user-change-password"),
password_data,
format="json")
assert response.status_code == status.HTTP_400_BAD_REQUEST
