def test_edit(self): with helper.clear_tables(self.conn, self.cursor, ['responses', 'response_histories']),\ helper.user_with_token(self.conn, self.cursor, ['responses']) as (user_id, token): r = requests.post(f'{HOST}/responses', headers={'authorization': f'bearer {token}'}, json={ 'name': 'foobar', 'body': 'my body', 'desc': 'my desc' }) r.raise_for_status() self.assertEqual(r.status_code, 200) r = requests.post(f'{HOST}/responses/foobar', headers={'authorization': f'bearer {token}'}, json={ 'body': 'new body', 'desc': 'new desc', 'edit_reason': 'new edit reason' }) r.raise_for_status() self.assertEqual(r.status_code, 200) r = requests.get(f'{HOST}/responses/foobar', headers={'authorization': f'bearer {token}'}) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertEqual(body['body'], 'new body') self.assertEqual(body['desc'], 'new desc')
def test_logs_search(self): r = requests.get(HOST + '/test_log') r.raise_for_status() self.assertEqual(r.status_code, 200) with helper.user_with_token(self.conn, self.cursor, ['logs']) as (user_id, token): r = requests.get( HOST + '/logs', headers={'Authorization': f'bearer {token}'}, params={'search': '%test%'} ) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict, f'body={body}') self.assertIsInstance(body.get('logs'), list, f'body={body}') for event in body['logs']: self.assertIsInstance(event, dict, f'event={event}') self.assertIsInstance(event.get('id'), int, f'event={event}') self.assertIsInstance(event.get('app_id'), int, f'event={event}') self.assertIsInstance(event.get('identifier'), str, f'event={event}') self.assertIsInstance(event.get('level'), int, f'event={event}') self.assertIsInstance(event.get('message'), str, f'event={event}') self.assertIsInstance(event.get('created_at'), int, f'created_at={event}')
def test_index(self): with helper.clear_tables(self.conn, self.cursor, ['responses']): responses = Table('responses') self.cursor.execute( Query.into(responses).columns( responses.name, responses.response_body, responses.description).insert( *[Parameter('%s') for _ in range(3)]).get_sql(), ('foobar', 'body', 'desc')) with helper.user_with_token(self.conn, self.cursor, ['responses']) as (user_id, token): r = requests.get(HOST + '/responses', headers={'Authorization': f'bearer {token}'}) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertIsInstance(body.get('responses'), list) self.assertEqual(len(body), 1) res_arr = body['responses'] self.assertEqual(len(res_arr), 1) self.assertIsInstance(res_arr[0], str) self.assertEqual(res_arr[0], 'foobar')
def test_paginate_empty_queue_with_perm(self): with helper.user_with_token(self.conn, self.cursor, add_perms=['view-trust-queue' ]) as (user_id, token): r = requests.get(HOST + '/trusts/queue?after_review_at=5', headers={'authorization': f'bearer {token}'}) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body['queue'], []) self.assertIsNone(body.get('after_review_at')) self.assertIsNone(body.get('before_review_at')) r = requests.get(HOST + '/trusts/queue?before_review_at=5.1', headers={'authorization': f'bearer {token}'}) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body['queue'], []) self.assertIsNone(body.get('after_review_at')) self.assertIsNone(body.get('before_review_at'))
def test_create(self): with helper.clear_tables(self.conn, self.cursor, ['responses', 'response_histories']),\ helper.user_with_token(self.conn, self.cursor, ['responses']) as (user_id, token): r = requests.post(f'{HOST}/responses', headers={'authorization': f'bearer {token}'}, json={ 'name': 'foobar', 'body': 'my body', 'desc': 'my desc' }) r.raise_for_status() self.assertEqual(r.status_code, 200) responses = Table('responses') self.cursor.execute( Query.from_(responses).select( responses.id, responses.response_body, responses.description).where( responses.name == Parameter('%s')).get_sql(), ('foobar', )) row = self.cursor.fetchone() self.assertIsNotNone(row) (respid, body, desc) = row self.assertEqual(body, 'my body') self.assertEqual(desc, 'my desc') resp_hists = Table('response_histories') self.cursor.execute( Query.from_(resp_hists).select(1).where( resp_hists.response_id == Parameter('%s')).limit( 1).get_sql(), (respid, )) row = self.cursor.fetchone() self.assertIsNotNone(row)
def test_applications(self): r = requests.get(HOST + '/test_log') r.raise_for_status() self.assertEqual(r.status_code, 200) with helper.user_with_token(self.conn, self.cursor, ['logs']) as (user_id, token): r = requests.get( HOST + '/logs/applications', headers={'Authorization': f'bearer {token}'} ) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertIsInstance(body.get('applications'), dict, f'body={body}') self.assertGreaterEqual(len(body), 1) for k, v in body['applications'].items(): self.assertIsInstance(k, str) try: int(k) except ValueError: self.assertFalse(True, f'key is not a str\'d int: {k} (body={body})') self.assertIsInstance(v, dict) self.assertIsInstance(v.get('name'), str)
def test_logs_valid_auth_but_wrong_perm(self): with helper.user_with_token(self.conn, self.cursor, ['wrong']) as (user_id, token): r = requests.get( HOST + '/logs', headers={'Authorization': f'bearer {token}'} ) self.assertEqual(r.status_code, 403)
def test_show(self): with helper.clear_tables(self.conn, self.cursor, ['responses']): responses = Table('responses') self.cursor.execute( Query.into(responses).columns( responses.name, responses.response_body, responses.description).insert( *[Parameter('%s') for _ in range(3)]).get_sql(), ('foobar', 'body', 'desc')) self.conn.commit() with helper.user_with_token(self.conn, self.cursor, ['responses']) as (user_id, token): r = requests.get(HOST + '/responses/foobar', headers={'Authorization': f'bearer {token}'}) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertIsInstance(body.get('id'), int) self.assertIsInstance(body.get('name'), str) self.assertIsInstance(body.get('body'), str) self.assertIsInstance(body.get('desc'), str) self.assertIsInstance(body.get('created_at'), int) self.assertIsInstance(body.get('updated_at'), int) self.assertEqual(body['name'], 'foobar') self.assertEqual(body['body'], 'body') self.assertEqual(body['desc'], 'desc')
def test_logs(self): # Test log isn't the best name for an endpoint which does this but it # avoids coupling this test with where logs are stored in the backend r = requests.get(HOST + '/test_log') r.raise_for_status() self.assertEqual(r.status_code, 200) with helper.user_with_token(self.conn, self.cursor, ['logs']) as (user_id, token): r = requests.get( HOST + '/logs', headers={'Authorization': f'bearer {token}'} ) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict, f'body={body}') self.assertIsInstance(body.get('logs'), list, f'body={body}') for event in body['logs']: self.assertIsInstance(event, dict, f'event={event}') self.assertIsInstance(event.get('id'), int, f'event={event}') self.assertIsInstance(event.get('app_id'), int, f'event={event}') self.assertIsInstance(event.get('identifier'), str, f'event={event}') self.assertIsInstance(event.get('level'), int, f'event={event}') self.assertIsInstance(event.get('message'), str, f'event={event}') self.assertIsInstance(event.get('created_at'), int, f'created_at={event}')
def test_add_queue_item_403(self): with helper.user_with_token(self.conn, self.cursor) as (user_id, token): r = requests.post(HOST + '/trusts/queue', json={ 'username': '******', 'review_at': time.time() }, headers={'authorization': f'bearer {token}'}) self.assertEqual(r.status_code, 403)
def test_show_trust_status_403(self): with helper.user_with_token(self.conn, self.cursor, username='******', add_perms=[]) as (user_id, token): headers = { 'authorization': f'bearer {token}', 'cache-control': 'no-cache' } r = requests.get(f'{HOST}/trusts/{user_id}', headers=headers) self.assertEqual(r.status_code, 403)
def test_create_unstripped(self): with helper.clear_tables(self.conn, self.cursor, ['responses', 'response_histories']),\ helper.user_with_token(self.conn, self.cursor, ['responses']) as (user_id, token): r = requests.post(f'{HOST}/responses', headers={'authorization': f'bearer {token}'}, json={ 'name': ' foobar', 'body': 'my body', 'desc': 'my desc' }) self.assertEqual(r.status_code, 422)
def test_autodelete_loan_delay_on_queue_add(self): with helper.user_with_token(self.conn, self.cursor, username='******', add_perms=[ 'view-trust-queue', 'add-trust-queue', 'edit-trust-queue', 'remove-trust-queue' ]) as (user_id, token): headers = { 'authorization': f'bearer {token}', 'cache-control': 'no-cache' } og_loans_completed = 7 og_review_no_earlier_than = time.time() r = requests.put(HOST + '/trusts/loan_delays', json={ 'username': '******', 'loans_completed_as_lender': og_loans_completed, 'review_no_earlier_than': og_review_no_earlier_than }, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) r = requests.get(HOST + f'/trusts/loan_delays/{user_id}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body.get('loans_completed_as_lender'), og_loans_completed) self.assertAlmostEqual(body.get('review_no_earlier_than'), og_review_no_earlier_than, delta=1) new_review_at = time.time() + 30 r = requests.post(HOST + f'/trusts/queue', json={ 'username': '******', 'review_at': new_review_at }, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) r = requests.get(HOST + f'/trusts/loan_delays/{user_id}', headers=headers) self.assertEqual(r.status_code, 404)
def test_index_no_perm(self): with helper.clear_tables(self.conn, self.cursor, ['responses']): responses = Table('responses') self.cursor.execute( Query.into(responses).columns( responses.name, responses.response_body, responses.description).insert( *[Parameter('%s') for _ in range(3)]).get_sql(), ('foobar', 'body', 'desc')) with helper.user_with_token(self.conn, self.cursor, []) as (user_id, token): r = requests.get(HOST + '/responses', headers={'Authorization': f'bearer {token}'}) self.assertEqual(r.status_code, 403)
def insert_existing_user_loan_delay_200(self): with helper.user_with_token( self.conn, self.cursor, username='******', add_perms=['add-trust-queue', 'edit-trust-queue']) as (user_id, token): headers = {'authorization': f'bearer {token}'} r = requests.put(HOST + '/trusts/loan_delays', json={ 'username': '******', 'loans_completed_as_lender': 14, 'review_no_earlier_than': time.time() }, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200)
def test_show_trust_status_self_unknown_200(self): with helper.user_with_token(self.conn, self.cursor, username='******', add_perms=['view-self-trust']) as (user_id, token): headers = { 'authorization': f'bearer {token}', 'cache-control': 'no-cache' } r = requests.get(f'{HOST}/trusts/{user_id}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body.get('user_id'), user_id) self.assertEqual(body.get('status'), 'unknown') self.assertIsNone(body.get('reason'))
def test_add_queue_item_existing_user_200(self): with helper.user_with_token(self.conn, self.cursor, username='******', add_perms=['add-trust-queue']) as (user_id, token): r = requests.post(HOST + '/trusts/queue', json={ 'username': '******', 'review_at': time.time() }, headers={'authorization': f'bearer {token}'}) r.raise_for_status() self.assertEqual(r.status_code, 200) self.cursor.execute('SELECT 1 FROM users WHERE username=%s', ('Foobar', )) row = self.cursor.fetchone() self.assertIsNone(row)
def test_upsert_bad_status_422(self): with helper.user_with_token(self.conn, self.cursor, username='******', add_perms=[ 'view-self-trust', 'view-others-trust', 'upsert-trusts' ]) as (user_id, token): headers = { 'authorization': f'bearer {token}', 'cache-control': 'no-cache', 'pragma': 'no-cache' } r = requests.put(f'{HOST}/trusts', json={ 'user_id': user_id, 'status': 'weird', 'reason': 'test' }, headers=headers) self.assertEqual(r.status_code, 422)
def test_upsert_trust_status_200(self): with helper.user_with_token(self.conn, self.cursor, username='******', add_perms=[ 'view-self-trust', 'view-others-trust', 'upsert-trusts' ]) as (user_id, token): headers = { 'authorization': f'bearer {token}', 'cache-control': 'no-cache', 'pragma': 'no-cache' } other_user_id = None self.cursor.execute( 'INSERT INTO users (username) VALUES (%s) RETURNING id', ('test_user', )) (other_user_id, ) = self.cursor.fetchone() self.conn.commit() r = requests.put(f'{HOST}/trusts', json={ 'user_id': other_user_id, 'status': 'good', 'reason': 'test' }, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) r = requests.get(f'{HOST}/trusts/{other_user_id}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body.get('user_id'), other_user_id) self.assertEqual(body.get('status'), 'good') self.assertIsNone(body.get('reason'))
def test_insert_new_user_loan_delay_200(self): with helper.user_with_token( self.conn, self.cursor, username='******', add_perms=['add-trust-queue', 'edit-trust-queue']) as (user_id, token): headers = {'authorization': f'bearer {token}'} r = requests.put(HOST + '/trusts/loan_delays', json={ 'username': '******', 'loans_completed_as_lender': 14, 'review_no_earlier_than': time.time() }, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) self.cursor.execute('SELECT 1 FROM users WHERE username=%s', ('foobar', )) row = self.cursor.fetchone() self.assertIsNotNone(row)
def test_add_set_delete_queue_item_200(self): with helper.user_with_token(self.conn, self.cursor, username='******', add_perms=[ 'view-trust-queue', 'add-trust-queue', 'edit-trust-queue', 'remove-trust-queue' ]) as (user_id, token): headers = { 'authorization': f'bearer {token}', 'cache-control': 'no-store' } og_review_at = time.time() r = requests.post(HOST + '/trusts/queue', json={ 'username': '******', 'review_at': og_review_at }, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body.get('username'), 'foo') self.assertAlmostEqual(body.get('review_at'), og_review_at, delta=1) self.assertIsInstance(body.get('uuid'), str) uuid = body.get('uuid') r = requests.get(HOST + '/trusts/queue', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertIsInstance(body.get('queue'), list) self.assertEqual(len(body['queue']), 1) self.assertEqual(body['queue'][0]['uuid'], uuid) new_review_at = og_review_at + 30 r = requests.put(HOST + f'/trusts/queue/{uuid}', json={'review_at': new_review_at}, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) r = requests.get(HOST + f'/trusts/queue/{uuid}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body.get('uuid'), uuid) self.assertEqual(body.get('username'), 'foo') self.assertAlmostEqual(body.get('review_at'), new_review_at, delta=1) r = requests.delete(HOST + f'/trusts/queue/{uuid}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) r = requests.get(HOST + f'/trusts/queue/{uuid}', headers=headers) self.assertEqual(r.status_code, 404)
def test_add_edit_index_trust_comment(self): with helper.user_with_token( self.conn, self.cursor, username='******', add_perms=['view-trust-comments', 'create-trust-comments']) as (user_id, token): headers = { 'authorization': f'bearer {token}', 'cache-control': 'no-cache' } r = requests.get(HOST + f'/trusts/comments?target_user_id={user_id}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body.get('comments'), []) self.assertIsNone(body.get('after_created_at')) self.assertIsNone(body.get('before_created_at')) r = requests.post(HOST + f'/trusts/comments?target_user_id={user_id}', json={'comment': 'test'}, headers=headers) r.raise_for_status() self.assertIn(r.status_code, [200, 201]) body = r.json() self.assertIsInstance(body, dict) self.assertIsInstance(body.get('id'), int) self.assertEqual(body.get('author_id'), user_id) self.assertEqual(body.get('target_id'), user_id) self.assertEqual(body.get('comment'), 'test') self.assertTrue(body.get('editable')) self.assertIsInstance(body.get('created_at'), float) self.assertIsInstance(body.get('updated_at'), float) self.assertAlmostEqual(body['created_at'], body['updated_at'], delta=1) comment_id = body['id'] r = requests.get(HOST + f'/trusts/comments?target_user_id={user_id}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertEqual(body.get('comments'), [comment_id]) self.assertIsNone(body.get('after_created_at')) self.assertIsNone(body.get('before_created_at')) r = requests.get(HOST + f'/trusts/comments/{comment_id}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertEqual(body.get('id'), comment_id) self.assertEqual(body.get('comment'), 'test') r = requests.put(HOST + f'/trusts/comments/{comment_id}', json={'comment': 'edited'}, headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertEqual(body.get('comment'), 'edited') r = requests.get(HOST + f'/trusts/comments/{comment_id}', headers=headers) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertEqual(body.get('id'), comment_id) self.assertEqual(body.get('comment'), 'edited')
def test_queue_no_perm_gives_403(self): with helper.user_with_token(self.conn, self.cursor) as (user_id, token): r = requests.get(HOST + '/trusts/queue', headers={'authorization': f'bearer {token}'}) self.assertEqual(r.status_code, 403)
def test_histories(self): with helper.clear_tables(self.conn, self.cursor, ['responses', 'response_histories']): responses = Table('responses') self.cursor.execute( Query.into(responses).columns( responses.name, responses.response_body, responses.description).insert( *[Parameter('%s') for _ in range(3)]).returning( responses.id).get_sql(), ('foobar', 'body', 'desc')) (respid, ) = self.cursor.fetchone() self.conn.commit() with helper.user_with_token(self.conn, self.cursor, ['responses']) as (user_id, token): resp_hists = Table('response_histories') self.cursor.execute( Query.into(resp_hists).columns( resp_hists.response_id, resp_hists.user_id, resp_hists.old_raw, resp_hists.new_raw, resp_hists.reason, resp_hists.old_desc, resp_hists.new_desc).insert( *[Parameter('%s') for _ in range(7)]).returning( resp_hists.id).get_sql(), (respid, user_id, 'older raw', 'body', 'testing', 'old desc', 'desc')) (hist_id, ) = self.cursor.fetchone() self.conn.commit() r = requests.get(HOST + '/responses/foobar/histories', headers={'Authorization': f'bearer {token}'}) r.raise_for_status() self.assertEqual(r.status_code, 200) body = r.json() self.assertIsInstance(body, dict) self.assertIsInstance(body.get('history'), dict) self.assertIsInstance(body.get('number_truncated'), int) self.assertEqual(len(body), 2) self.assertEqual(body['number_truncated'], 0) history = body['history'] self.assertIsInstance(history.get('items'), list) self.assertEqual(len(history), 1) items = history['items'] self.assertEqual(len(items), 1) self.assertIsInstance(items[0], dict) item = items[0] self.assertIsInstance(item.get('id'), int) self.assertIsInstance(item.get('edited_by'), dict) self.assertIsInstance(item.get('edited_reason'), str) self.assertIsInstance(item.get('old_body'), str) self.assertIsInstance(item.get('new_body'), str) self.assertIsInstance(item.get('old_desc'), str) self.assertIsInstance(item.get('new_desc'), str) self.assertIsInstance(item.get('edited_at'), int) self.assertEqual(item['id'], hist_id) self.assertEqual(item['edited_reason'], 'testing') self.assertEqual(item['old_body'], 'older raw') self.assertEqual(item['new_body'], 'body') self.assertEqual(item['old_desc'], 'old desc') self.assertEqual(item['new_desc'], 'desc') edited_by = item['edited_by'] self.assertIsInstance(edited_by.get('id'), int) self.assertIsInstance(edited_by.get('username'), str) self.assertEqual(edited_by['id'], user_id)