def register():
validate_form(request.form,
['email', 'password', 'first_name', 'last_name'])
user = User(request.form['email'], request.form['password'],
request.form['first_name'], request.form['last_name'])
user.persist()
return_val = user.to_json()
return return_val, 201
def create_test_users():
for x in range(ord('a'), ord('a') + 26):
x = chr(x)
email = "test_" + str(x) + "@example.com"
new_user = User(email, "test-pass", x + "_first", x + "_last")
new_user.registered = new_user.registered_on - datetime.timedelta(hours=30-(ord(x)-ord('a')))
db.session.add(new_user)
db.session.flush()
db.session.commit()
def test_persist_and_destroy(self):
self.assertFalse(self.new_user.exists())
self.new_user.persist()
self.assertTrue(self.new_user.exists())
test_user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(test_user, self.new_user)
test_user = User.pull_by_email(self.new_user.email)
self.assertEqual(test_user, self.new_user)
self.new_user.destroy()
self.assertFalse(self.new_user.exists())
def test_persist_and_destroy(self):
self.assertFalse(self.new_user.exists())
self.new_user.persist()
self.assertTrue(self.new_user.exists())
test_user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(test_user, self.new_user)
test_user = User.pull_by_email(self.new_user.email)
self.assertEqual(test_user, self.new_user)
self.new_user.destroy()
self.assertFalse(self.new_user.exists())
def test_update_email(self):
with self.assertRaises(goly.errors.UnauthorizedError):
self.new_user.update_email("*****@*****.**", "not-my-password")
self.new_user.update_email("*****@*****.**", "test-pass")
self.assertEqual(self.new_user.email, "*****@*****.**")
self.assertFalse(self.new_user.exists())
self.new_user.persist()
self.new_user.update_email("*****@*****.**", "test-pass")
self.assertTrue(self.new_user.exists())
self.assertEqual(self.new_user.email, "*****@*****.**")
self.assertIsNotNone(User.pull_by_email("*****@*****.**"))
user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(user.email, "*****@*****.**")
def index():
validate_sort(request.args,
['first_name', 'last_name', 'id', 'email', 'registered_on'])
## We return an object rather than a list because of this obscure security issue: http://flask.pocoo.org/docs/0.10/security/#json-security
return jsonify({"users": [x.to_dict()
for x in User.pull(request.args)]}), HTTP_200_OK
def test_update_email(self):
with self.assertRaises(goly.errors.UnauthorizedError):
self.new_user.update_email("*****@*****.**",
"not-my-password")
self.new_user.update_email("*****@*****.**", "test-pass")
self.assertEqual(self.new_user.email, "*****@*****.**")
self.assertFalse(self.new_user.exists())
self.new_user.persist()
self.new_user.update_email("*****@*****.**", "test-pass")
self.assertTrue(self.new_user.exists())
self.assertEqual(self.new_user.email, "*****@*****.**")
self.assertIsNotNone(User.pull_by_email("*****@*****.**"))
user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(user.email, "*****@*****.**")
def update_email():
validate_form(request.form, ['old_email', 'new_email', 'password'])
user = User.pull_by_email(request.form['old_email'])
if (not user):
raise UnauthorizedError
user.update_email(request.form['new_email'], request.form['password'])
return empty_ok()
def delete_user():
validate_form(request.form, ['email', 'password'])
user = User.pull_by_email(request.form['email'])
if (not user):
raise UnauthorizedError()
user.delete(request.form['password'])
return empty_ok(204)
def get_goals_by_user(id):
"""Show all public goals for a given user"""
user = User.pull_by_id(id)
if (not user):
raise NotFoundError()
validate_sort(request.args, ["id", "created", "name", "frequency"])
goals = Goal.pull_by_user(id, request.args, True)
return jsonify({"goals": [x.to_dict() for x in goals]}), HTTP_200_OK
def test_update(self):
self.assertFalse(self.new_user.exists())
self.new_user.update({"not-a-real-key": "anything"}) ## This whould actually run but not do anything.
self.assertFalse(self.new_user.exists())
self.new_user.update({"first_name": "new-first-name"})
self.assertEqual(self.new_user.first_name, "new-first-name")
self.assertFalse(self.new_user.exists())
self.new_user.persist()
user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(user.first_name, "new-first-name")
self.new_user.update({"first_name": "first"})
user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(user.first_name, "first")
self.new_user.update({"email": "this-shouldnt-work"})
self.assertIsNone(User.pull_by_email("this-shouldnt-work"))
self.assertEqual(self.new_user.email, "*****@*****.**")
def get_goals_by_user(id):
"""Show all public goals for a given user"""
user = User.pull_by_id(id)
if (not user):
raise NotFoundError()
validate_sort(request.args, ["id", "created", "name", "frequency"])
goals = Goal.pull_by_user(id, request.args, True)
return jsonify({"goals": [x.to_dict() for x in goals]}), HTTP_200_OK
def update():
validate_form(request.form, ['email', 'password'])
user = User.pull_by_email(request.form['email'])
if (not user):
raise UnauthorizedError
if (not user.check_password(request.form['password'])):
raise UnauthorizedError
user.update(request.form)
return empty_ok()
def test_update(self):
self.assertFalse(self.new_user.exists())
self.new_user.update(
{"not-a-real-key":
"anything"}) ## This whould actually run but not do anything.
self.assertFalse(self.new_user.exists())
self.new_user.update({"first_name": "new-first-name"})
self.assertEqual(self.new_user.first_name, "new-first-name")
self.assertFalse(self.new_user.exists())
self.new_user.persist()
user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(user.first_name, "new-first-name")
self.new_user.update({"first_name": "first"})
user = User.pull_by_id(self.new_user.get_id())
self.assertEqual(user.first_name, "first")
self.new_user.update({"email": "this-shouldnt-work"})
self.assertIsNone(User.pull_by_email("this-shouldnt-work"))
self.assertEqual(self.new_user.email, "*****@*****.**")
def test_update_password(self):
self.new_user.update_password("test-pass", "new-test-pass")
self.assertTrue(self.new_user.check_password("new-test-pass"))
self.new_user.update_password("new-test-pass", "test-pass")
with self.assertRaises(goly.errors.UnauthorizedError):
self.new_user.update_password("not-my-password", "new-test-pass")
self.new_user.persist()
self.new_user.update_password("test-pass", "new-test-pass")
self.assertFalse(self.new_user.check_password("test-pass"))
self.assertTrue(self.new_user.check_password("new-test-pass"))
self.assertTrue(self.new_user.exists())
user = User.pull_by_id(self.new_user.get_id())
self.assertTrue(user.check_password("new-test-pass"))
def test_update_password(self):
self.new_user.update_password("test-pass", "new-test-pass")
self.assertTrue(self.new_user.check_password("new-test-pass"))
self.new_user.update_password("new-test-pass", "test-pass")
with self.assertRaises(goly.errors.UnauthorizedError):
self.new_user.update_password("not-my-password", "new-test-pass")
self.new_user.persist()
self.new_user.update_password("test-pass", "new-test-pass")
self.assertFalse(self.new_user.check_password("test-pass"))
self.assertTrue(self.new_user.check_password("new-test-pass"))
self.assertTrue(self.new_user.exists())
user = User.pull_by_id(self.new_user.get_id())
self.assertTrue(user.check_password("new-test-pass"))
def test_destroy(self):
user = User(self.new_user['email'], self.new_user['password'], self.new_user['first_name'], self.new_user['last_name'])
user.persist()
self.assertTrue(user.exists()) ## I don't understand why but this is necessary or else line 45 fails
tc = self.test_client
res = tc.post("/users/delete/", data={"email": "fake email"})
setup.assertInvalid(self, res, 'password')
res = tc.post("/users/delete/", data={"email": "fake email", "password": "******"})
data = json.loads(res.data)
setup.assertInvalidCredentials(self, res)
self.assertTrue(user.exists())
tc = self.test_client
res = tc.post("/users/delete/", data={"email": user.email, "password": "******"})
data = json.loads(res.data)
setup.assertInvalidCredentials(self, res)
self.assertTrue(user.exists())
res = tc.post("/users/delete/", data={"email": user.email, "password": "******"})
setup.assertOk(self, res, 204)
self.assertFalse(user.exists())
def test_init(self):
## Test that all of the validators work!
fake_user = User("notreal", "notreal", "notreal", "notreal")
with self.assertRaisesRegexp(AssertionError, "user does not exist"):
goal = Goal(fake_user, "test name", "test prompt", "weekly", 10,
"binary", "daily")
with self.assertRaisesRegexp(AssertionError, "user must be a User"):
goal = Goal("Jimmy", "test", "test prompt", "weekly", 10, "binary",
"daily")
with self.assertRaisesRegexp(AssertionError,
"Name must be between 0 and 50"):
goal = Goal(self.test_user, " ", "test prompt", "weekly", 10,
"binary", "daily")
with self.assertRaisesRegexp(AssertionError,
"Name must be between 0 and 50"):
goal = Goal(self.test_user, "a" * 51, "test prompt", "weekly", 10,
"binary", "daily")
with self.assertRaisesRegexp(AssertionError,
"Prompt must be between 0 and 255"):
goal = Goal(self.test_user, "test", " ", "weekly", 10, "binary",
"daily")
with self.assertRaisesRegexp(AssertionError,
"Prompt must be between 0 and 255"):
goal = Goal(self.test_user, "test", "a" * 256, "weekly", 10,
"binary", "daily")
with self.assertRaisesRegexp(AssertionError,
"frequency must be one of "):
goal = Goal(self.test_user, "test", "test prompt", "not-an-option",
10, "binary", "daily")
with self.assertRaisesRegexp(AssertionError,
"Target must be an integer"):
goal = Goal(self.test_user, "test", "test prompt", "weekly",
"banana", "binary", "daily")
with self.assertRaisesRegexp(AssertionError,
"Input type must be binary or numeric"):
goal = Goal(self.test_user, "test", "test prompt", "weekly", 10,
"banana", "daily")
with self.assertRaisesRegexp(AssertionError,
"check_in_frequency must be one of"):
goal = Goal(self.test_user, "test", "test prompt", "weekly", 10,
"numeric", "only on fudge sundaes")
with self.assertRaisesRegexp(
AssertionError,
"Check-in frequency must conform to frequency"):
goal = Goal(self.test_user, "test", "test prompt", "weekly", 10,
"numeric", "monthly")
goal = Goal(self.test_user, "test", "test prompt", "weekly", "10",
"binary", "daily")
self.assertIsInstance(goal, Goal)
self.assertTrue(goal.active)
self.assertFalse(goal.public)
with self.assertRaisesRegexp(AssertionError,
"Active must be a boolean"):
goal.active = "fish"
with self.assertRaisesRegexp(AssertionError,
"Public must be a boolean"):
goal.public = "filet"
import sys
import os
sys.path.append(os.path.dirname(os.path.dirname(os.path.realpath(__file__))))
import datetime
from goly import app, db
from goly.models.user import User
from goly.models.goal import Goal
import copy
import json
test_client = app.test_client()
test_user_pass = "******"
test_user_name = "*****@*****.**"
test_user = User(test_user_name, test_user_pass, "first", "last")
other_user_name = "*****@*****.**"
other_user_pass = "******"
other_user = User(other_user_name, other_user_pass, "other", "user")
def login_test_user():
create_test_user()
res = test_client.post("/login/", data={"email": test_user_name, "password": test_user_pass})
return res
def logout():
res = test_client.post("/logout/")
return res
def login_other_user():
create_other_user()
def get_user(id):
user = User.pull_by_id(id)
if (not user):
raise NotFoundError()
return user.to_json(), HTTP_200_OK