def test_list_users(self):
#only authenticated admin user should be able to see the user listing
factory = APIRequestFactory()
view = AccountList.as_view()
#unauthenticated
unauth_req = factory.get('/api/v1/users/')
response = view(unauth_req)
self.assertEquals(response.status_code, status.HTTP_401_UNAUTHORIZED)
#authenticated but not admin
user = self.normal_user
auth_request = factory.get('/api/v1/users/')
force_authenticate(auth_request, user=user, token=self.normal_token)
response = view(auth_request)
self.assertEquals(response.status_code, 403)
#authenticated admin -> OK
user = self.super_user
auth_request = factory.get('/api/v1/users/')
force_authenticate(auth_request, user=user, token=self.super_token)
response = view(auth_request)
#check that the id of the list's first item if 1
self.assertTrue(response.data[0]['id']==1)
self.assertEquals(response.status_code, 200)
#check that you are able to get only certain accouts using pks
auth_request = factory.get('/api/v1/users/?ids=1,3')
force_authenticate(auth_request, user=user, token=self.super_token)
response = view(auth_request)
self.assertEqual(len(response.data), 2)
self.assertEqual(sorted([e['id'] for e in response.data]), [1, 3])
def test_add_user(self):
"""
everyone can create a new user
"""
factory = APIRequestFactory()
view = AccountList.as_view()
dob = datetime.datetime.now() - datetime.timedelta(days=365)
#datetime.datetime.strftime(dob, "%c")
#dob = datetime.date.isoformat(dob)
data = {'email': "*****@*****.**", 'username': "******",
'password': '******', 'date_of_birth': datetime.date(2015, 1, 1)}
ok_request = factory.post('/api/v1/users/', data)
response = view(ok_request)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(response.data['date_of_birth'], datetime.date(2015, 1, 1))
#now incomplete data
bad_request = factory.post('/api/v1/users/', {'email': "*****@*****.**", 'password': '******'})
response = view(bad_request)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
#now wrong email
bad_email_request = factory.post('/api/v1/users/', {'email': "newkehko.com",
'username': "******", 'password': '******'})
response = view(bad_email_request)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
from django.conf.urls import patterns, include, url
from django.contrib import admin
from kehko.views import IndexView
from actions.views import CompanyActions
from authentication.views import AccountList, AccountDetail, RestrictedView, UserCauses
from causes.views import CauseList, CauseDetail, CauseMemberCreate, CauseMemberUpdate
from companies.views import CompanyFollowingCompanies, CompanyList, CompanyDetail, ProductList, ProductDetail
from images.views import ImageList
from news.views import NewsList
from values.views import ValueList, ValueDetail
account_urls = patterns('',
url(r'^/(?P<username>[0-9a-zA-Z_-]+)/causes/$', UserCauses.as_view(), name='account-causes'),
url(r'^/(?P<username>[0-9a-zA-Z_-]+)/$', AccountDetail.as_view(), name='account-detail'),
url(r'^/$', AccountList.as_view(), name='account-list')
)
cause_urls = patterns('',
url(r'^/$', CauseList.as_view(), name='campaign-list'),
url(r'^/(?P<slug>[0-9a-zA-Z_-]+)/$', CauseDetail.as_view(), name='campaign-detail'),
)
cause_member_urls = patterns('',
url(r'^/(?P<pk>[0-9]+)/$', CauseMemberUpdate.as_view(), name='causemember-update'),
url(r'^/$', CauseMemberCreate.as_view(), name='causemember-create'),
)
company_urls = patterns('',
url(r'^/$', CompanyList.as_view(), name='company-list'),
url(r'^/(?P<slug>[0-9a-zA-Z_-]+)/actions/$', CompanyActions.as_view(),
