def test_should_be_able_to_create_new_playlist_and_user(self):
new_user = HelperClass.random_word_letters_only(25)
new_playlist = HelperClass.random_word_letters_only(25)
body = PlaylistModel.create_random_playlist()
sut = f'{self.playlist_url}/private/{new_user}/{new_playlist}'
response = self.post_without_auth_header(sut, body)
self.assertEqual(201, response.status_code)
def test_should_be_able_to_update_a_password_and_validate_with_new_credentials(
self):
sut = self.authentication_url + '/Users'
user = HelperClass.random_word_letters_only(25)
email = HelperClass.create_random_email()
password = HelperClass.random_word_special_signs_included(25)
body = {"userName": user, "emailAddress": email, "passWord": password}
headers = {'Content-type': 'application/json'}
response = requests.post(url=sut, json=body, headers=headers).json()
local_id = response['id']
sut = f'{self.authentication_url}/Validate?id={local_id}'
new_password = HelperClass.random_word_special_signs_included(14)
body = {"oldPassWord": password, "newPassWord": new_password}
response = self.put_without_auth_header(sut, body)
self.assertEqual(200, response.status_code)
validate_url = f'{self.authentication_url}/Validate'
body = {
"userName": user,
"emailAddress": email,
"passWord": new_password
}
validation = self.post_without_auth_header(validate_url, body).json()
self.assertTrue(validation)
def test_should_get_a_404_for_a_user_and_playlist_that_does_not_exist(
self):
playlist = HelperClass.random_word_letters_only(25)
user = HelperClass.random_word_letters_only(25)
sut = self.highscore_url + f'{user}/{playlist}/'
resp = self.get_without_auth_header(sut)
self.assertEqual(404, resp.status_code)
def test_should_be_able_to_create_a_new_user(self):
sleep(2)
sut = self.authentication_url + '/Users'
user = HelperClass.random_word_letters_only(25)
email = HelperClass.create_random_email()
password = HelperClass.random_word_special_signs_included(25)
body = {"userName": user, "emailAddress": email, "passWord": password}
response = self.post_without_auth_header(sut, body)
self.assertEqual(201, response.status_code)
def test_should_be_able_to_create_new_playlist_and_retrieve_it(self):
new_user = HelperClass.random_word_letters_only(25)
new_playlist = HelperClass.random_word_letters_only(25)
body = PlaylistModel.create_random_playlist()
sut = f'{self.playlist_url}/private/{new_user}/{new_playlist}'
self.post_without_auth_header(sut, body)
resp = self.get_without_auth_header(sut)
self.assertEqual(200, resp.status_code)
self.assertEqual(resp.json()['result']['user'], new_user.lower())
def create_random_playlist():
result = {}
result["displayName"] = HelperClass.random_word_letters_only(15)
result["imageUrl"] = "http://www.testimage.com/image.png"
beverages = []
for x in range(0, 4):
beverage = HelperClass.random_word_letters_only(5)
beverages.append(beverage)
result["beverages"] = beverages
return result
def post_a_new_user(self):
sut = self.authentication_url + '/Users'
user = HelperClass.random_word_letters_only(25)
email = HelperClass.create_random_email()
password = HelperClass.random_word_special_signs_included(25)
body = {"userName": user, "emailAddress": email, "passWord": password}
headers = {'Content-type': 'application/json'}
response = requests.post(url=sut, json=body, headers=headers).json()
self.scoped_user = AuthenticationModel.from_dict(response)
self.scoped_user.password = password
def test_should_not_be_able_to_post_a_playlist_with_one_drink(self):
new_user = HelperClass.random_word_letters_only(25)
new_playlist = HelperClass.random_word_letters_only(25)
body = PlaylistModel.create_random_playlist()
body['beverages'] = ['beer']
sut = f'{self.playlist_url}/private/{new_user}/{new_playlist}'
response = self.post_without_auth_header(sut, body)
self.assertEqual(400, response.status_code)
error_message = response.json()['Error']
meta_message = response.json()['Meta']
self.assertIsNotNone(error_message)
self.assertEqual(meta_message['beverages'][0], "min length is 2")
def test_should_not_be_able_to_create_a_playlist_twice(self):
new_user = HelperClass.random_word_letters_only(25)
new_playlist = HelperClass.random_word_letters_only(25)
body = PlaylistModel.create_random_playlist()
sut = f'{self.playlist_url}/private/{new_user}/{new_playlist}'
response = self.post_without_auth_header(sut, body)
self.assertEqual(201, response.status_code)
resp = self.post_without_auth_header(sut, body)
self.assertEqual(400, resp.status_code)
error_message = resp.json()['Error']
self.assertIsNotNone(error_message)
self.assertTrue(
self.validate_string_contains(error_message, "already exists"))
def test_should_be_able_to_create_playlist_names_should_be_lowercase(self):
new_user = HelperClass.random_word_letters_only(25)
new_playlist = HelperClass.random_word_letters_only(25)
body = PlaylistModel.create_random_playlist()
sut = f'{self.playlist_url}/private/{new_user}/{new_playlist}'
response = self.post_without_auth_header(sut, body)
self.assertEqual(201, response.status_code)
sut = f'{self.playlist_url}/private/{new_user}'
resp = self.get_without_auth_header(sut)
self.assertEqual(200, resp.status_code)
for x in resp.json()['result']:
self.assertTrue(x['list'].islower())
def test_should_not_be_able_to_create_a_new_user_with_missing_email(self):
sut = self.authentication_url + '/Users'
user = HelperClass.random_word_letters_only(25)
password = HelperClass.random_word_special_signs_included(25)
body = {"userName": user, "passWord": password}
response = self.post_without_auth_header(sut, body)
error_message = response.json()['Error']
meta_message = response.json()['ErrorId']
self.assertEqual(400, response.status_code)
self.assertIsNotNone(error_message)
self.assertIsNotNone(meta_message)
self.assertTrue(
self.validate_string_contains(error_message,
"You have to provide an email"))
def test_should_not_be_able_to_delete_a_user_twice(self):
sut = self.authentication_url + '/Users'
user = HelperClass.random_word_letters_only(25)
email = HelperClass.create_random_email()
password = HelperClass.random_word_special_signs_included(25)
body = {"userName": user, "emailAddress": email, "passWord": password}
headers = {'Content-type': 'application/json'}
response = requests.post(url=sut, json=body, headers=headers).json()
local_id = response['id']
sut = f'{self.authentication_url}/Users?id={local_id}'
response = self.delete_without_auth_header(sut)
self.assertEqual(204, response.status_code)
resp = self.delete_without_auth_header(sut)
self.assertEqual(404, resp.status_code)
def test_should_be_able_to_update_all_fields_at_once(self):
get_url = f'{self.authentication_url}/Users/{self.scoped_user.id}'
body = {
"username": HelperClass.random_word_letters_only(20),
"emailAddress": HelperClass.create_random_email(),
"active": False,
}
sut = f'{self.authentication_url}/Users?id={self.scoped_user.id}'
resp = self.put_without_auth_header(sut, body)
self.assertEqual(204, resp.status_code)
response = self.get_without_auth_header(get_url).json()
updated_user = AuthenticationModel.from_dict(response)
self.assertFalse(updated_user.valid)
self.assertNotEqual(updated_user.username, self.scoped_user.username)
self.assertNotEqual(updated_user.email_address,
self.scoped_user.email_address)
def test_should_not_be_able_to_update_password_using_wrong_password(self):
sut = f'{self.authentication_url}/Validate?id={self.scoped_user.id}'
new_password = HelperClass.random_word_special_signs_included(14)
body = {
"oldPassWord": HelperClass.random_word_special_signs_included(14),
"newPassWord": new_password
}
response = self.put_without_auth_header(sut, body)
self.assertEqual(400, response.status_code)
error_message = response.json()['Error']
meta_message = response.json()['ErrorId']
self.assertIsNotNone(error_message)
self.assertIsNotNone(meta_message)
self.assertTrue(
self.validate_string_contains(error_message,
"Password provided is not valid"))
def test_should_get_a_200_for_getting_all_playlists_for_a_user_that_does_not(
self):
user = HelperClass.random_word_letters_only(25)
sut = f'{self.playlist_url}/private/{user}'
response = self.get_without_auth_header(sut)
self.assertEqual(200, response.status_code)
self.assertIsNotNone(response.json())
def test_should_be_able_to_put_a_created_user(self):
new_user = HelperClass.random_word_letters_only(25)
new_playlist = HelperClass.random_word_letters_only(25)
body = PlaylistModel.create_random_playlist()
sut = f'{self.playlist_url}/private/{new_user}/{new_playlist}'
self.post_without_auth_header(sut, body)
body['beverages'] = ['beer', 'beer', 'beer']
new_display_name = 'newDisplayName'
body['displayName'] = new_display_name
resp = self.put_without_auth_header(sut, body)
self.assertEqual(204, resp.status_code)
response = self.get_without_auth_header(sut)
json_body = response.json()['result']
self.assertEqual(200, response.status_code)
self.assertEqual(new_display_name, json_body['displayName'])
self.assertEqual('beer', json_body['beverages'][0])
def test_should_not_be_able_to_delete_user_that_do_not_exist(self):
user = HelperClass.random_word_letters_only(40)
sut = f'{self.playlist_url}/private/{user}/somerandomlist'
response = self.delete_without_auth_header(sut)
self.assertEqual(404, response.status_code)
error_message = response.json()['Error']
self.assertEqual(error_message, "User could not be found")
def test_should_not_be_able_to_update_list_that_do_not_exist(self):
user = HelperClass.random_word_letters_only(40)
sut = f'{self.playlist_url}/private/{user}/somerandomlist'
body = PlaylistModel.create_random_playlist()
response = self.put_without_auth_header(sut, body)
self.assertEqual(404, response.status_code)
error_message = response.json()['Error']
self.assertEqual(error_message, "List could not be found")
def test_should_be_able_to_validate_a_password_to_false(self):
validate_url = f'{self.authentication_url}/Validate'
body = {
"userName": self.scoped_user.username,
"emailAddress": self.scoped_user.email_address,
"passWord": HelperClass.random_word_special_signs_included(10)
}
validation = self.post_without_auth_header(validate_url, body).json()
self.assertFalse(validation)
def test_should_get_a_404_on_a_playlist_that_does_not_exist(self):
random_playlist = HelperClass.random_word_letters_only(20)
sut = f'{self.playlist_url}/public/{random_playlist}'
response = self.get_without_auth_header(sut)
error_message = response.json()['Error']
self.assertEqual(404, response.status_code)
self.assertIsNotNone(error_message)
self.assertTrue(
self.validate_string_contains(error_message,
"List could not be found"))
def test_should_not_be_able_to_randomize_lists_with_different_payload_iat(
self):
sut = self.proxy_url + self.proxy_endpoints.randomize
front_page_url = self.proxy_url + self.proxy_endpoints.playlist_public
response = self.get_without_auth_header(front_page_url).json()
for pl in response:
playlist = ProxyModel.from_dict(pl)
playlist.iat = HelperClass.random_int_generator(10)
body = ProxyModel.to_dict(playlist)
response = self.post_without_auth_header(sut, body)
self.assertEqual(400, response.status_code)
def test_should_not_be_able_to_post_to_an_invalid_username(self):
new_users = ['%20', 'o']
for new_user in new_users:
new_playlist = HelperClass.random_word_letters_only(25)
body = PlaylistModel.create_random_playlist()
sut = f'{self.playlist_url}/private/{new_user}/{new_playlist}'
response = self.post_without_auth_header(sut, body)
self.assertEqual(400, response.status_code)
error_message = response.json()['Error']
meta_message = response.json()['Meta']
self.assertIsNotNone(error_message)
self.assertEqual(meta_message['user_name'][0], "min length is 3")
def test_should_not_be_able_to_randomize_lists_with_different_payload_jwtheader(
self):
sut = self.proxy_url + self.proxy_endpoints.randomize
front_page_url = self.proxy_url + self.proxy_endpoints.playlist_public
response = self.get_without_auth_header(front_page_url).json()
for pl in response:
playlist = ProxyModel.from_dict(pl)
jwtheader = Jwtheader(HelperClass.random_word_letters_only(4))
playlist.jwtheader = jwtheader
body = ProxyModel.to_dict(playlist)
response = self.post_without_auth_header(sut, body)
self.assertEqual(400, response.status_code)
def test_should_be_able_to_update_a_username(self):
get_url = f'{self.authentication_url}/Users/{self.scoped_user.id}'
user_name_before = self.get_without_auth_header(
get_url).json()['username']
body = {
"username": HelperClass.random_word_letters_only(20),
}
sut = f'{self.authentication_url}/Users?id={self.scoped_user.id}'
resp = self.put_without_auth_header(sut, body)
self.assertEqual(204, resp.status_code)
user_name_after = self.get_without_auth_header(
get_url).json()['username']
self.assertNotEqual(user_name_before, user_name_after)
def test_should_be_able_to_update_an_email(self):
get_url = f'{self.authentication_url}/Users/{self.scoped_user.id}'
user_name_before = self.get_without_auth_header(
get_url).json()['emailAddress']
body = {
"emailAddress": HelperClass.create_random_email(),
}
sut = f'{self.authentication_url}/Users?id={self.scoped_user.id}'
resp = self.put_without_auth_header(sut, body)
self.assertEqual(204, resp.status_code)
user_name_after = self.get_without_auth_header(
get_url).json()['emailAddress']
self.assertNotEqual(user_name_before, user_name_after)
def test_should_not_be_able_to_randomize_lists_with_different_payload_list(
self):
sut = self.proxy_url + self.proxy_endpoints.randomize
front_page_url = self.proxy_url + self.proxy_endpoints.playlist_public
response = self.get_without_auth_header(front_page_url).json()
for pl in response:
playlist = ProxyModel.from_dict(pl)
playlist.playlist = HelperClass.random_word_letters_only(20)
body = ProxyModel.to_dict(playlist)
response = self.post_without_auth_header(sut, body)
self.assertEqual(400, response.status_code)
json_body = response.json()
self.assertTrue(
self.validate_string_contains(json_body['message'],
'does not validate'))
def test_should_not_be_able_to_update_a_password_with_user_endpoints(self):
new_password = HelperClass.random_word_special_signs_included(25)
body = {
"password": new_password,
}
sut = f'{self.authentication_url}/Users?id={self.scoped_user.id}'
resp = self.put_without_auth_header(sut, body)
self.assertEqual(204, resp.status_code)
validate_url = f'{self.authentication_url}/Validate'
body = {
"userName": self.scoped_user.username,
"emailAddress": self.scoped_user.username,
"passWord": new_password
}
validation = self.post_without_auth_header(validate_url, body).json()
self.assertFalse(validation)
def test__should_not_be_able_to_update_an_email_to_an_invalid_mail(self):
get_url = f'{self.authentication_url}/Users/{self.scoped_user.id}'
user_name_before = self.get_without_auth_header(
get_url).json()['emailAddress']
body = {
"emailAddress": HelperClass.random_word_letters_only(15),
}
sut = f'{self.authentication_url}/Users?id={self.scoped_user.id}'
resp = self.put_without_auth_header(sut, body)
error_message = resp.json()['Error']
meta_message = resp.json()['ErrorId']
self.assertEqual(400, resp.status_code)
self.assertIsNotNone(error_message)
self.assertIsNotNone(meta_message)
self.assertTrue(
self.validate_string_contains(error_message,
"was not a valid mailaddress"))
user_name_after = self.get_without_auth_header(
get_url).json()['emailAddress']
self.assertEqual(user_name_before, user_name_after)
class TestFixture(unittest.TestCase):
"""Test fixture used for all apis"""
env = os.environ.get('PYTHON_ENV')
if env == 'Test':
env_setting = config.Test()
else: # If local or other
env_setting = config.Local()
authentication_url = env_setting.authentication_url
highscore_url = env_setting.highscore_url
playlist_url = env_setting.playlist_url
ocr_url = env_setting.ocr_url
proxy_url = env_setting.proxy_url
proxy_endpoints = env_setting.proxy_endpoints
randomizer_url = env_setting.randomize_url
recommendation_url = env_setting.recommendation_url
reserved_keywords = ['global', 'frontpage', 'bevrand', 'bevragerandomizer']
headers = {'Content-type': 'application/json'}
put_headers = {'Content-Type': 'application/json-patch+json'}
reserved_user_error = "is a reserved username and cannot be used for creation or deletion"
attribute_validation_error = "Errors occured when validating"
unknown_id = HelperClass.random_int_generator(40)
data_seeded_user = '******'
email = '*****@*****.**'
password = '******'
token = ''
test_playlist_body = {
"beverages": ["beer", "wine"],
"displayName": "I am so depressed",
"imageUrl": "http://whatever.com"
}
test_randomize_body = {
"beverages": ["beer", "wine", "whiskey"],
"list": "tgif",
"user": "******"
}
@staticmethod
def get_without_auth_header(url):
response = requests.get(url)
return response
def get_with_auth_header(self, url):
self.login_user_and_set_token()
headers = {'x-api-token': self.token}
response = requests.get(url, headers=headers)
return response
def post_without_auth_header(self, url, body):
response = requests.post(url=url, json=body, headers=self.headers)
return response
def put_without_auth_header(self, url, body):
response = requests.put(url=url, json=body, headers=self.put_headers)
return response
@staticmethod
def delete_without_auth_header(url):
response = requests.delete(url=url)
return response
@staticmethod
def validate_string_contains(base_string, assertion_string):
return assertion_string.lower() in base_string.lower()
def create_new_user(self):
new_user = {
"userName": self.data_seeded_user,
"emailAddress": self.email,
"passWord": self.password,
"active": True
}
url = f'{self.authentication_url}/Users'
self.post_without_auth_header(url=url, body=new_user)
def login_user_and_set_token(self):
user = {
'username': self.data_seeded_user,
'enailAddress': self.email,
'password': self.password
}
url = self.proxy_url + self.proxy_endpoints.login
response = self.post_without_auth_header(url=url, body=user).json()
self.token = response['token']
def test_should_not_be_able_to_retrieve_a_non_existent_user_by_email(self):
email = HelperClass.create_random_email()
sut = f'{self.authentication_url}/Users/by-email/{email}'
response = self.get_without_auth_header(sut)
self.assertEqual(404, response.status_code)