def setUp(self): self.factory = APIRequestFactory() self.view = views.ReviewerDetailView.as_view() self.user = factories.UserFactory(username='******') self.user2 = factories.UserFactory(username='******') self.token, _ = Token.objects.get_or_create(user=self.user) self.token2, _ = Token.objects.get_or_create(user=self.user2)
def seed(self): # create user for authentication self.user = factories.UserFactory() for i in range(0, 14): user = factories.UserFactory() # store the id for testing self.userId = user.id
def test__get_request_user_no_reviewer(self, mock_req): user = factories.UserFactory(username='******', reviewer=None) mock_req.user = user s = ReviewSerializer(context={'request': mock_req}) with self.assertRaises(ValidationError): s._get_request_user()
def test_to_internal_value_adds_ip_and_reviewer( self, mock_req): user = factories.UserFactory(username='******') mock_req.META = { 'HTTP_X_FORWARDED_FOR': '192.0.0.1', 'REMOTE_ADDR': '142.0.0.1' } mock_req.user = user mock_req.versionong_scheme.get_versioned_viewname.return_value = '' s = ReviewSerializer(context={'request': mock_req}, partial=True) data = { "rating": 5, "title": "test title", "summary": "test summary", } expected_ret = { "rating": 5, "title": "test title", "summary": "test summary", "ip_address": "192.0.0.1", "reviewer": user.reviewer } ret = s.to_internal_value(data) self.assertEqual(ret, expected_ret)
def test_cant_delete_other_password(self): not_my_password = factories.PasswordFactory( user=factories.UserFactory()) self.assertEqual(1, models.Password.objects.all().count()) request = self.client.delete('/api/passwords/%s/' % not_my_password.id) self.assertEqual(404, request.status_code) self.assertEqual(1, models.Password.objects.all().count())
def test__get_request_user_known_user(self, mock_req): user = factories.UserFactory(username='******') reviewer = user.reviewer mock_req.user = user s = ReviewSerializer(context={'request': mock_req}) expected_ret = reviewer ret = s._get_request_user() self.assertEqual(ret, expected_ret)
def test_login_bad_password(self): user = factories.UserFactory(email="*****@*****.**", password="******") data = { "email": "*****@*****.**", "password": "******", } request = self.client.post("/api/tokens/auth/", data) self.assertEqual(request.status_code, 401)
def test_cant_delete_other_password_profiles(self): not_my_password_profile = factories.EncryptedPasswordProfileFactory( user=factories.UserFactory()) self.assertEqual(1, models.EncryptedPasswordProfile.objects.all().count()) request = self.client.delete("/api/encrypted_password_profiles/%s/" % not_my_password_profile.id) self.assertEqual(404, request.status_code) self.assertEqual(1, models.EncryptedPasswordProfile.objects.all().count())
def test_login(self): user = factories.UserFactory(email="*****@*****.**", password="******") data = { "email": "*****@*****.**", "password": "******", } request = self.client.post("/api/tokens/auth/", data) self.assertEqual(request.status_code, 200) self.assertIsNotNone(request.data["token"])
def test_cant_update_other_password(self): not_my_password = factories.PasswordFactory( user=factories.UserFactory()) self.assertEqual('lesspass.com', not_my_password.site) new_password = { "site": "facebook", } request = self.client.put('/api/passwords/%s/' % not_my_password.id, new_password) self.assertEqual(404, request.status_code) self.assertEqual(1, models.Password.objects.all().count())
def test__get_request_user_anon_user(self, mock_req): # set the property, then reset when done user = factories.UserFactory(username='******', reviewer=None) type(user).is_anonymous = mock.PropertyMock(return_value=True) mock_req.user = user s = ReviewSerializer(context={'request': mock_req}) with self.assertRaises(ValidationError): s._get_request_user() type(user).is_anonymous = mock.PropertyMock(return_value=False)
def test_filter_queryset(self, mock_req): mock_view = mock.Mock() user1 = factories.UserFactory(username='******') user2 = factories.UserFactory(username='******') user3 = factories.UserFactory(username='******') user4 = factories.UserFactory(username='******', reviewer=None) queryset = Reviewer.objects.all() f = IsUserFilterBackend() for u in [user1, user2, user3]: mock_req.user = u ret = f.filter_queryset(mock_req, queryset, mock_view) self.assertEqual(len(ret), 1) self.assertTrue(u.reviewer in ret) # user without a reviewer mock_req.user = user4 ret = f.filter_queryset(mock_req, queryset, mock_view) self.assertEqual(len(ret), 0)
def test_filter_queryset(self, mock_req): """ Assert that reviewers can only see their own reviews :param mock_req: :return: """ mock_view = mock.Mock() company = factories.CompanyFactory(name='company1') company2 = factories.CompanyFactory(name='company2') user1 = factories.UserFactory(username='******') user2 = factories.UserFactory(username='******') user3 = factories.UserFactory(username='******') user4 = factories.UserFactory(username='******', reviewer=None) r1 = factories.ReviewFactory(reviewer=user1.reviewer, company=company) r2 = factories.ReviewFactory(reviewer=user2.reviewer, company=company) r3 = factories.ReviewFactory(reviewer=user2.reviewer, company=company2) r4 = factories.ReviewFactory(reviewer=user3.reviewer, company=company) r5 = factories.ReviewFactory(reviewer=user3.reviewer, company=company) r6 = factories.ReviewFactory(reviewer=user3.reviewer, company=company2) queryset = Review.objects.all() f = IsReviewerFilterBackend() for i, u in enumerate([user1, user2, user3]): mock_req.user = u expected_ret = Review.objects.filter(reviewer=u.reviewer) ret = f.filter_queryset(mock_req, queryset, mock_view) self.assertEqual(set(expected_ret), set(ret)) # user without a reviewer mock_req.user = user4 ret = f.filter_queryset(mock_req, queryset, mock_view) self.assertEqual(len(ret), 0)
def test_can_post_good_credentials(self, mock_validate): user = factories.UserFactory(username='******') mock_validate.return_value = { 'username': '******', 'password': '******', 'user': user } data = {'username': '******', 'password': '******'} request = self.factory.post('/api/token-auth/', data, format='json') response = self.view(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertIsNotNone(response.data['token'])
def test_nrt_get_passwords_with_bearer(self): user = factories.UserFactory(email="*****@*****.**", password="******") password = factories.PasswordFactory(user=user) data = { "email": "*****@*****.**", "password": "******", } request = self.client.post("/api/auth/jwt/create/", data) headers = { "HTTP_AUTHORIZATION": "Bearer {token}".format(token=request.data["access"]) } request = self.client.get("/api/passwords/", **headers) self.assertEqual(request.status_code, 200) self.assertEqual(request.data["results"][0]["login"], password.login)
def test_cant_update_other_password(self): not_my_password_profile = factories.EncryptedPasswordProfileFactory( user=factories.UserFactory(), password_profile="test_cant_update_other_password", ) self.assertEqual("test_cant_update_other_password", not_my_password_profile.password_profile) request = self.client.put( "/api/encrypted_password_profiles/%s/" % not_my_password_profile.id, {"password_profile": "not_my_password_profile"}, ) self.assertEqual(404, request.status_code) self.assertEqual( "test_cant_update_other_password", models.EncryptedPasswordProfile.objects.first().password_profile, )
def test_update_user_data(self): user = factories.UserFactory( username='******', first_name='only_fn', last_name='only_ln' ) user.reviewer.bio = 'test bio' user.save() data = { "first_name": "only_fn", "last_name": "only_ln", } s = ReviewerSerializer() ret = s.update(user, data) self.assertEqual(ret.username, 'test_update_user_only') self.assertEqual(ret.first_name, 'only_fn') self.assertEqual(ret.last_name, 'only_ln') self.assertEqual(ret.reviewer.bio, "test bio")
def test_update_user_and_reviewer_data_and_password(self): user = factories.UserFactory( username='******', first_name='update_fn', last_name='update_ln' ) user.reviewer.bio = 'test bio' user.save() data = { "first_name": "update_fn", "last_name": "update_ln", "password": "******", "reviewer": {"bio": "update bio"} } s = ReviewerSerializer() ret = s.update(user, data) self.assertEqual(ret.username, 'test_update_user') self.assertEqual(ret.first_name, 'update_fn') self.assertEqual(ret.last_name, 'update_ln') self.assertEqual(ret.reviewer.bio, "update bio")
def test_delete_auth_user_me(self): nb_of_users = models.LessPassUser.objects.all().count() user = factories.UserFactory( email="*****@*****.**", password="******", ) self.assertEqual(nb_of_users + 1, models.LessPassUser.objects.all().count()) client = APIClient() client.force_authenticate(user=user) credentials = { "email": "*****@*****.**", "password": "******", } request = client.post("/api/auth/jwt/create/", credentials) self.assertEqual(request.status_code, 200) request = client.delete( "/api/auth/users/me/", {"current_password": "******"} ) self.assertEqual(request.status_code, 204) request = client.post("/api/auth/jwt/create/", credentials) self.assertEqual(request.status_code, 401) self.assertEqual(nb_of_users, models.LessPassUser.objects.all().count())
def setUp(self): self.user = factories.UserFactory() self.client = APIClient() self.client.force_authenticate(user=self.user)
def setUp(self): self.factory = APIRequestFactory() self.view = views.AuthenticateUserView.as_view() self.user = factories.UserFactory(username='******')
def setUp(self): factories.UserFactory( email="*****@*****.**", password="******", )
def test_cant_retrieve_other_password_profiles(self): not_my_password_profile = factories.EncryptedPasswordProfileFactory( user=factories.UserFactory()) request = self.client.get("/api/encrypted_password_profiles/%s/" % not_my_password_profile.id) self.assertEqual(404, request.status_code)
def end_user(): return f.UserFactory(email="*****@*****.**", password="******", role="end_user").save()
def test_cant_retrieve_other_passwords(self): not_my_password = factories.PasswordFactory( user=factories.UserFactory()) request = self.client.get('/api/passwords/%s/' % not_my_password.id) self.assertEqual(404, request.status_code)
def setUp(self): self.factory = APIRequestFactory() self.view = views.CompanyDetailView.as_view() self.user = factories.UserFactory(username='******') self.token, _ = Token.objects.get_or_create(user=self.user) self.company = factories.CompanyFactory(name="company_api")
def admin(): return f.UserFactory(email="*****@*****.**", password="******", role="admin").save()