Example #1
0
 def test_get_with_user(self):
     view = ProjectCreate.as_view()
     url = reverse('admin:project_create')
     request = APIRequestFactory().get(url)
     request.user = UserFactory.create()
     response = view(request).render()
     self.assertEqual(response.status_code, 200)
    def test_encoding(self):
        payment_method = PaymentMethodFactory.create()

        factory = APIRequestFactory()
        url = reverse('payment-method-detail',
                      kwargs={'payment_method_id': payment_method.pk,
                              'customer_pk': payment_method.customer.pk})
        request = factory.get(url, format='json')

        serializer = PaymentMethodSerializer(payment_method, context={
            'request': request
        })

        expected_data = OrderedDict([
            ('url', 'http://testserver/customers/{}/payment_methods/{}/'.format(payment_method.customer.pk,
                                                                                payment_method.pk)),
            ('transactions', None),
            ('customer', 'http://testserver/customers/{}/'.format(payment_method.customer.pk)),
            ('payment_processor', 'http://testserver/payment_processors/Manual/'),
            ('added_at', payment_method.added_at),
            ('verified_at', None),
            ('state', 'uninitialized')
        ])

        json = JSONRenderer().render(serializer.data)
        self.assertEqual(json, JSONRenderer().render(expected_data))
Example #3
0
 def test_get_with_unconnected_user(self):
     view = ApplicationDisconnect.as_view()
     url = reverse('admin:app_disconnect', kwargs={'app_id': self.app.id})
     request = APIRequestFactory().get(url)
     request.user = UserFactory.create()
     response = view(request, app_id=self.app.id)
     self.assertTrue(isinstance(response, HttpResponseRedirect))
Example #4
0
 def test_get_with_anonymous(self):
     view = ProjectCreate.as_view()
     url = reverse('admin:project_create')
     request = APIRequestFactory().get(url)
     request.user = AnonymousUser()
     response = view(request)
     self.assertTrue(isinstance(response, HttpResponseRedirect))
class CreateProjectTests(APITestCase):
    def setUp(self):
        self.anonymous_user = AnonymousUserFactory()
        self.user = UserFactory.create()
        self.group = GroupFactory.create(name=self.user.username)
        self.project = ProjectFactory.build(owner=self.group)

        self.view = ProjectViewSet.as_view({"post": "create"})
        self.factory = APIRequestFactory()
        self.url = reverse("api:v2:project-list")
        self.request = self.factory.post(self.url, {"name": self.project.name, "description": self.project.description})

    def test_anonymous_user_cannot_create_project(self):
        force_authenticate(self.request, user=self.anonymous_user)
        response = self.view(self.request)
        self.assertEquals(response.status_code, 403)

    def test_required_fields(self):
        bad_request = self.factory.post(self.url)
        force_authenticate(bad_request, user=self.user)
        response = self.view(bad_request)
        data = response.data

        self.assertEquals(response.status_code, 400)
        self.assertEquals(len(data), 1)
        self.assertIn("name", data)

    def test_authenticated_user_can_create_project(self):
        self.assertEquals(Project.objects.count(), 0)
        force_authenticate(self.request, user=self.user)
        response = self.view(self.request)
        self.assertEquals(response.status_code, 201)
        self.assertEquals(Project.objects.count(), 1)
        project = Project.objects.first()
        self.assertEquals(project.owner, self.group)
Example #6
0
 def test_get_with_anonymous(self):
     view = ApplicationDelete.as_view()
     url = reverse('admin:app_delete', kwargs={'app_id': self.app.id})
     request = APIRequestFactory().get(url)
     request.user = AnonymousUser()
     response = view(request, app_id=self.app.id)
     self.assertTrue(isinstance(response, HttpResponseRedirect))
Example #7
0
 def test_get_with_anonymous(self):
     view = ApplicationConnected.as_view()
     url = reverse('admin:app_connected')
     request = APIRequestFactory().get(url)
     request.user = AnonymousUser()
     response = view(request)
     self.assertTrue(isinstance(response, HttpResponseRedirect))
Example #8
0
    def test_post_with_user(self):
        data = {
            'name': 'test app',
            'description': '',
            'download_url': 'http://example.com/download',
            'redirect_uris': 'http://example.com/redirect',
            'authorization_grant_type': 'password'
        }

        view = ApplicationSettings.as_view()
        url = reverse('admin:app_settings', kwargs={'app_id': self.app.id})
        request = APIRequestFactory().post(url, data)
        request.user = UserFactory.create()
        response = view(request, app_id=self.app.id).render()
        self.assertEqual(response.status_code, 200)
        self.assertContains(
            response,
            'You are not the owner of this application and therefore not '
            'allowed to access this app.'
        )

        ref = Application.objects.get(pk=self.app.id)
        self.assertNotEqual(ref.name, data.get('name'))
        self.assertNotEqual(ref.description, data.get('description'))
        self.assertNotEqual(ref.download_url, data.get('download_url'))
        self.assertNotEqual(ref.redirect_uris, data.get('redirect_uris'))
        self.assertNotEqual(
            ref.authorization_grant_type,
            data.get('authorization_grant_type')
        )
Example #9
0
    def test_post_with_anonymous(self):
        data = {
            'name': 'test app',
            'description': '',
            'download_url': 'http://example.com/download',
            'redirect_uris': 'http://example.com/redirect',
            'authorization_grant_type': 'password'
        }

        view = ApplicationSettings.as_view()
        url = reverse('admin:app_settings', kwargs={'app_id': self.app.id})
        request = APIRequestFactory().post(url, data)
        request.user = AnonymousUser()
        response = view(request, app_id=self.app.id)
        self.assertTrue(isinstance(response, HttpResponseRedirect))

        ref = Application.objects.get(pk=self.app.id)
        self.assertNotEqual(ref.name, data.get('name'))
        self.assertNotEqual(ref.description, data.get('description'))
        self.assertNotEqual(ref.download_url, data.get('download_url'))
        self.assertNotEqual(ref.redirect_uris, data.get('redirect_uris'))
        self.assertNotEqual(
            ref.authorization_grant_type,
            data.get('authorization_grant_type')
        )
Example #10
0
    def test_post_with_creator(self):
        data = {
            'name': 'test app',
            'description': '',
            'download_url': 'http://example.com',
            'redirect_uris': 'http://example.com',
            'authorization_grant_type': 'password'
        }
        view = ApplicationSettings.as_view()
        url = reverse('admin:app_settings', kwargs={'app_id': self.app.id})
        request = APIRequestFactory().post(url, data)
        request.user = self.creator

        from django.contrib.messages.storage.fallback import FallbackStorage
        setattr(request, 'session', 'session')
        messages = FallbackStorage(request)
        setattr(request, '_messages', messages)

        response = view(request, app_id=self.app.id).render()
        self.assertEqual(response.status_code, 200)
        self.assertNotContains(
            response,
            'You are not the owner of this application and therefore not'
            'allowed to access this app.'
        )

        ref = Application.objects.get(pk=self.app.id)
        self.assertEqual(ref.name, data.get('name'))
        self.assertEqual(ref.description, data.get('description'))
        self.assertEqual(ref.download_url, data.get('download_url'))
        self.assertEqual(ref.redirect_uris, data.get('redirect_uris'))
        self.assertEqual(
            ref.authorization_grant_type,
            data.get('authorization_grant_type')
        )
Example #11
0
 def test_get_with_user(self):
     view = ApplicationOverview.as_view()
     url = reverse('admin:app_overview')
     request = APIRequestFactory().get(url)
     request.user = UserFactory.create()
     response = view(request).render()
     self.assertEqual(response.status_code, 200)
Example #12
0
 def test_VersatileImageFieldSerializer_output(self):
     """Ensures VersatileImageFieldSerializer serializes correctly"""
     factory = APIRequestFactory()
     request = factory.get('/admin/')
     serializer = VersatileImageTestModelSerializer(
         self.jpg,
         context={'request': request}
     )
     self.assertEqual(
         serializer.data.get('image'),
         {
             'test_crop': (
                 'http://testserver/media/__sized__/python-logo-crop'
                 '-c0-25__0-25-100x100.jpg'
             ),
             'test_invert_crop': (
                 'http://testserver/media/__sized__/__filtered__/'
                 'python-logo__invert__-crop-c0-25__0-25-100x100.jpg'
             ),
             'test_invert_thumb': (
                 'http://testserver/media/__sized__/__filtered__/'
                 'python-logo__invert__-thumbnail-100x100.jpg'
             ),
             'test_invert': (
                 'http://testserver/media/__filtered__/'
                 'python-logo__invert__.jpg'
             ),
             'test_thumb': (
                 'http://testserver/media/__sized__/python-logo-thumbnail'
                 '-100x100.jpg'
             )
         }
     )
Example #13
0
    def test_post_with_superuser_when_updating(self):
        """Test POST with superuser."""
        data = {"client_id": "xxxxxxxxxxxxxxxxxx", "secret": "xxxxxxxxxxxxxxxxxx", "key": ""}
        view = ProviderOverview.as_view()
        request = APIRequestFactory().post(self.url, data)
        request.user = UserFactory.create(**{"is_superuser": True})

        social_app = SocialApp.objects.create(
            provider="google", name="Google", client_id="yyyyyyyyyyyyyyyyyy", secret="yyyyyyyyyyyyyyyyyy", key=""
        )
        social_app.sites.add(get_current_site(request))

        setattr(request, "session", "session")
        messages = FallbackStorage(request)
        setattr(request, "_messages", messages)

        response = view(request, provider_id="google").render()
        self.assertEqual(response.status_code, 200)
        self.assertContains(response, "Provider has been updated.")
        self.assertEqual(SocialApp.objects.latest("id"), social_app)

        reference = SocialApp.objects.get(pk=social_app.id)
        self.assertEqual(reference.client_id, data.get("client_id"))
        self.assertEqual(reference.secret, data.get("secret"))
        self.assertEqual(reference.key, data.get("key"))
class TestPOSTAccessed(TestCase):
    def setUp(self):
        self.factory = APIRequestFactory()

    def test_post_accessed_in_post_method(self):
        django_request = self.factory.post('/', {'foo': 'bar'})
        request = Request(django_request, parsers=[FormParser(), MultiPartParser()])
        django_request.POST
        assert request.POST == {'foo': ['bar']}
        assert request.data == {'foo': ['bar']}

    def test_post_accessed_in_post_method_with_json_parser(self):
        django_request = self.factory.post('/', {'foo': 'bar'})
        request = Request(django_request, parsers=[JSONParser()])
        django_request.POST
        assert request.POST == {}
        assert request.data == {}

    def test_post_accessed_in_put_method(self):
        django_request = self.factory.put('/', {'foo': 'bar'})
        request = Request(django_request, parsers=[FormParser(), MultiPartParser()])
        django_request.POST
        assert request.POST == {'foo': ['bar']}
        assert request.data == {'foo': ['bar']}

    def test_request_read_before_parsing(self):
        django_request = self.factory.put('/', {'foo': 'bar'})
        request = Request(django_request, parsers=[FormParser(), MultiPartParser()])
        django_request.read()
        with pytest.raises(RawPostDataException):
            request.POST
        with pytest.raises(RawPostDataException):
            request.POST
            request.data
Example #15
0
    def test_actions(self):
        class ExampleView(views.APIView):
            """Example view."""

            def post(self, request):
                pass  # pragma: nocover

            def get_serializer(self):
                return PersonSerializer()

        def _choices(response, key):
            """Helper method for unpacking response JSON."""
            return response.data["actions"]["POST"][key]["choices"]

        view = ExampleView.as_view()

        factory = APIRequestFactory()
        request = factory.options("/")
        response = view(request=request)
        country_choices = _choices(response, "country")
        fantasy_choices_en = _choices(response, "fantasy_country")
        self.assertEqual(response.status_code, 200)
        self.assertEqual(country_choices, countries_display(countries))
        self.assertEqual(fantasy_choices_en, countries_display(FantasyCountries()))

        with override_settings(LANGUAGE_CODE="fr"):
            response = view(request=request)
            fantasy_choices_fr = _choices(response, "fantasy_country")
            self.assertNotEqual(fantasy_choices_en, fantasy_choices_fr)
Example #16
0
class TestCustomPageNumberPagination(TestCase):
    def setUp(self):
        self.factory = APIRequestFactory()
        self.view = generics.ListAPIView.as_view(
            serializer_class=PassThroughSerializer,
            queryset=range(1, 101),
            pagination_class=CustomPageNumberPagination
        )

    def test_metadata_with_page_size(self):
        request = self.factory.get('/', {'page_size': 10, 'page': 2})
        response = self.view(request)
        assert response.status_code == status.HTTP_200_OK
        assert response.data == {
            'page_size': 10,
            'page_count': 10,
            'results': range(11, 21),
            'previous': 'http://testserver/?page_size=10',
            'next': 'http://testserver/?page=3&page_size=10',
            'count': 100
        }

    def test_metadata_with_default_page_size(self):
        request = self.factory.get('/')
        response = self.view(request)
        assert response.status_code == status.HTTP_200_OK
        assert response.data == {
            'page_size': 25,
            'page_count': 4,
            'results': range(1, 26),
            'previous': None,
            'next': 'http://testserver/?page=2',
            'count': 100
        }
Example #17
0
    def test_builtin_license(self):
        addon = addon_factory()
        self.version = addon.current_version
        license = self.version.license
        license.update(builtin=18)
        assert license._constant == LICENSES_BY_BUILTIN[18]

        result = LicenseSerializer(
            context={'request': self.request}).to_representation(license)
        assert result['id'] == license.pk
        # A request with no ?lang gets you the site default l10n in a dict to
        # match how non-constant values are returned.
        assert result['name'] == {
            'en-US': unicode(LICENSES_BY_BUILTIN[18].name)}

        accept_request = APIRequestFactory().get('/')
        accept_request.LANG = 'de'
        result = LicenseSerializer(
            context={'request': accept_request}).to_representation(license)
        # An Accept-Language should result in a different default though.
        assert result['name'] == {
            'de': unicode(LICENSES_BY_BUILTIN[18].name)}

        # But a requested lang returns a flat string
        lang_request = APIRequestFactory().get('/?lang=fr')
        result = LicenseSerializer(
            context={'request': lang_request}).to_representation(license)
        assert result['name'] == unicode(LICENSES_BY_BUILTIN[18].name)
Example #18
0
    def test_log_ip_remote(self):
        request = APIRequestFactory().get('/logging')
        request.META['REMOTE_ADDR'] = '127.0.0.9'

        MockLoggingView.as_view()(request).render()
        log = APIRequestLog.objects.first()
        self.assertEqual(log.remote_addr, '127.0.0.9')
Example #19
0
    def test_log_ip_xforwarded(self):
        request = APIRequestFactory().get('/logging')
        request.META['HTTP_X_FORWARDED_FOR'] = '127.0.0.8'

        MockLoggingView.as_view()(request).render()
        log = APIRequestLog.objects.first()
        self.assertEqual(log.remote_addr, '127.0.0.8')
class ChoiceDetail(APITestCase):
    def setUp(self):
        self.factory = APIRequestFactory()
        self.client = APIClient()
        self.user = setup_user()
        self.view = views.PollList.as_view()
        self.uri = '/choices/pk/'

    def test_unauthenticated_uri(self):
        """
        If not authorized access not allowed
        """
        request = self.factory.get(self.uri)
        response = self.view(request, pk='2')
        self.assertEqual(response.status_code, 401,
                         'Expected Response Code 401, received {0} instead.'
                         .format(response.status_code))

    def test_authenticated_uri(self):
        """
        GET
        """
        request = self.factory.get(self.uri)
        force_authenticate(request, self.user)
        response = self.view(request, pk='2')
        self.assertEqual(response.status_code, 200,
                         'Expected Response Code 200, received {0} instead.'
                         .format(response.status_code))
    def setUp(self):
        self.view = ViewSet.as_view({'get': 'retrieve'})
        self.anonymous_user = AnonymousUserFactory()
        self.user = UserFactory.create()
        self.group = GroupFactory.create(name=self.user.username)
        self.leadership = LeadershipFactory.create(
            user=self.user,
            group=self.group
            )
        self.staff_user = UserFactory.create(is_staff=True)

        self.provider = ProviderFactory.create()
        self.identity = IdentityFactory.create(
            provider=self.provider,
            created_by=self.user)
        self.quota = QuotaFactory.create()
        self.allocation = AllocationFactory.create()
        IdentityMembershipFactory.create(
            member=self.group,
            identity=self.identity,
            quota=self.quota
        )

        factory = APIRequestFactory()
        url = reverse('api:v2:identity-detail', args=(self.identity.id,))
        self.request = factory.get(url)
        force_authenticate(self.request, user=self.user)
        self.response = self.view(self.request, pk=self.identity.id)
    def test_VersatileImageFieldSerializer_output(self):
        """Ensure VersatileImageFieldSerializer serializes correctly"""
        factory = APIRequestFactory()
        request = factory.get('/admin/')
        serializer = VersatileImageTestModelSerializer(
            self.jpg,
            context={'request': request}
        )

        self.assertEqual(
            serializer.data.get('optional_image'),
            {
                'test_crop': (
                    'http://testserver/media/__sized__/__placeholder__/placeholder-crop'
                    '-c0-5__0-5-100x100.png'
                ),
                'test_invert_crop': (
                    'http://testserver/media/__sized__/__placeholder__/__filtered__/placeholder__invert__'
                    '-crop-c0-5__0-5-100x100.png'
                ),
                'test_invert_thumb': (
                    'http://testserver/media/__sized__/__placeholder__/__filtered__/placeholder__invert__'
                    '-thumbnail-100x100.png'
                ),
                'test_invert': (
                    'http://testserver/media/__placeholder__/__filtered__/placeholder'
                    '__invert__.png'
                ),
                'test_thumb': (
                    'http://testserver/media/__sized__/__placeholder__/placeholder-thumbnail'
                    '-100x100.png'
                )
            }
        )
Example #23
0
    def test_post_first_turn(self):
        """
        Post output of game return back to django.
        Authenticated user on their turn only.
        Same url as get: /play/<session_id>/ag
        """
        test_session = GameSession.objects.get(id=1)
        test_session.set_turn_data(test_json_data_global, "V")

        factory = APIRequestFactory()
        user = User.objects.get(username='******')
        view = GameREST.as_view()
        url = 'play/' + str(test_session.id) + '/ag/'
        request = factory.post(url, {'virus_player': '{"test": 1}',
                                     'health_player': '{"test2": 2}',
                                     'starting_from': 'india',
                                     'testing': True,
                                     'choice_outcome': '{"test3": 3}',
                                     'virus_tech': '{"dog": 1}',
                                     'health_tech': '{"cat": 2}',
                                     'change': '{"frog": "monkey"}'
                                     }, format='json')
        force_authenticate(request, user=user)

        response = view(request, test_session.id)
        
        # for the tests, reload the session from the DB
        test_session = GameSession.objects.get(id=1)
        self.assertNotEqual(response.data, test_json_data_global)
        self.assertEqual(response.data, 'complete')
        self.assertEqual(test_session.turn_data, '{"dog": "india"}')
        self.assertEqual(test_session.next_to_play, 'H')
Example #24
0
    def test_authenticated_or_scoped_permission_allow(self):
        self.access_token.scope = 'scope1'
        self.access_token.save()
        # correct token and correct scope
        auth = self._create_authorization_header(self.access_token.token)
        response = self.client.get("/oauth2-authenticated-or-scoped-test/", HTTP_AUTHORIZATION=auth)
        self.assertEqual(response.status_code, 200)

        auth = self._create_authorization_header("fake-token")
        # incorrect token  but authenticated
        factory = APIRequestFactory()
        request = factory.get("/oauth2-authenticated-or-scoped-test/")
        request.auth = auth
        force_authenticate(request, self.test_user)
        response = AuthenticatedOrScopedView.as_view()(request)
        self.assertEqual(response.status_code, 200)

        # correct token  but not authenticated
        request = factory.get("/oauth2-authenticated-or-scoped-test/")
        request.auth = auth
        self.access_token.scope = 'scope1'
        self.access_token.save()
        force_authenticate(request, token=self.access_token)
        response = AuthenticatedOrScopedView.as_view()(request)
        self.assertEqual(response.status_code, 200)
Example #25
0
    def test_get_game_data_player(self):
        """
        Should return game session data for authenticated user upon GET
        request to /play/<session_id>/ag

        Should only return when its that users turn to play.
        """
        test_session = GameSession.objects.get(id=1)
        test_session.set_turn_data(test_json_data_global, "V")

        factory = APIRequestFactory()
        user = User.objects.get(username='******')
        view = GameREST.as_view()
        url = 'play/' + str(test_session.id) + '/ag/'
        request = factory.get(url)
        force_authenticate(request, user=user)
        response = view(request, test_session.id)

        self.assertEqual(response.data['turn_data'], test_json_data_global)
        
        # This test is not the user that should play next
        user2 = User.objects.get(username='******')
        request2 = factory.get(url)
        force_authenticate(request2, user=user2)
        response2 = view(request2, test_session.id)
        
        self.assertEqual(response2.data['detail'], 
                         'You do not have permission to perform this action.')
Example #26
0
 def test_any_post_view(self):
     factory = APIRequestFactory()
     request = factory.get('/posts/3/', format='json')
     force_authenticate(request, user=User.objects.get_by_natural_key('admin'))
     view = AnyPostDetail.as_view()
     response = view(request, pk=3)
     self.assertEqual(response.data['contents'], 'Cool post!')
    def test_trailing_slash(self):
        factory = APIRequestFactory()
        urlpatterns = format_suffix_patterns([
            url(r'^test/$', dummy_view),
        ])
        resolver = RegexURLResolver(r'^/', urlpatterns)

        test_paths = [
            (URLTestPath('/test.api', (), {'format': 'api'}), True),
            (URLTestPath('/test/.api', (), {'format': 'api'}), False),
            (URLTestPath('/test.api/', (), {'format': 'api'}), True),
        ]

        for test_path, expected_resolved in test_paths:
            request = factory.get(test_path.path)
            try:
                callback, callback_args, callback_kwargs = resolver.resolve(request.path_info)
            except Resolver404:
                callback, callback_args, callback_kwargs = (None, None, None)
            if not expected_resolved:
                assert callback is None
                continue

            assert callback_args == test_path.args
            assert callback_kwargs == test_path.kwargs
Example #28
0
    def test(self):
        admin = UserF.create()
        project = ProjectF(add_admins=[admin])
        observation = ObservationFactory.create(**{
            'project': project
        })
        comment = CommentFactory.create()

        factory = APIRequestFactory()
        request = factory.post(
            '/api/projects/%s/observations/%s/comments/' %
            (project.id, observation.id),
            {
                'text': 'Response to a comment',
                'respondsto': comment.id
            }
        )
        force_authenticate(request, user=admin)
        view = AllContributionsCommentsAPIView.as_view()
        response = view(
            request,
            project_id=project.id,
            observation_id=observation.id
        ).render()

        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
        self.assertEqual(
            json.loads(response.content).get('error'),
            'The comment you try to respond to is not a comment to the '
            'observation.'
        )
Example #29
0
 def test_api_is_correct(self):
     factory = APIRequestFactory()
     request = factory.get('/topics/1/', format='json')
     force_authenticate(request, user=User.objects.get_by_natural_key('admin'))
     view = TopicDetail.as_view()
     response = view(request, pk=1)
     self.assertEqual(response.data['reply_count'], 2)
Example #30
0
 def setUp(self):
     self.tag = TagFactory.create()
     self.view = TagViewSet.as_view({'get': 'retrieve'})
     self.anonymous_user = AnonymousUserFactory()
     factory = APIRequestFactory()
     url = reverse('api:v2:tag-detail', args=(self.tag.id,))
     self.request = factory.get(url)
class BlogTests(APITestCase):
    """
    Tests for Blog.
    """
    factory = APIRequestFactory()

    def register(self, credentials):
        """
        Registers a user given the credentials for test purposes.
        """
        view = RegisterAPI.as_view()
        url = '/api/auth/register'

        request = self.factory.post(url, credentials)
        response = view(request)
        assert status.HTTP_200_OK == response.status_code
        return response

    def create_blog_request(self, create_blog_content):
        """
        Creates a Blog Post.
        """
        credentials = {
            'username': '******',
            'email': '*****@*****.**',
            'password': '******'
        }
        self.register(credentials)
        url = '/api/blog'
        request = self.factory.post(url, create_blog_content)
        return request

    def _create_blog(self):
        create_blog_content = {
            'title': 'Test',
            'description': 'This is a Test Blog.'
        }
        request = self.create_blog_request(create_blog_content)
        user = User.objects.get(username='******')
        view = BlogAPI.as_view({
            'post': 'create'
        })
        force_authenticate(request, user=user)
        response = view(request)

        assert status.HTTP_201_CREATED == response.status_code
        return response

    def test_get_blog_list_authorized(self):
        """
        Tests to get a list of Blog Post, authorized.
        """
        credentials = {
            'username': '******',
            'email': '*****@*****.**',
            'password': '******'
        }
        self.register(credentials)

        view = BlogAPI.as_view({
            'get': 'list'
        })
        url = '/api/blog'
        user = User.objects.get(username='******')
        request = self.factory.get(url)
        force_authenticate(request, user=user)
        response = view(request)

        assert status.HTTP_200_OK == response.status_code

    def test_create_blog(self):
        """
        Tests to create a Blog Post Successfully.
        """
        response = self._create_blog()

        assert status.HTTP_201_CREATED == response.status_code
        assert 1 == Blog.objects.count()
        assert 'Test' == Blog.objects.get().title

    def test_create_blog_failed(self):
        """
        Tests to create a Blog Post Unsuccessfully.
        """
        create_blog_content = {
            'title': 'This is a Test Blog.'
        }
        view = BlogAPI.as_view({
            'post': 'create'
        })
        request = self.create_blog_request(create_blog_content)
        user = User.objects.get(username='******')
        force_authenticate(request, user=user)
        response = view(request)

        assert status.HTTP_400_BAD_REQUEST == response.status_code

    def test_delete_blog(self):
        """
        Tests to delete a Blog Post.
        """
        self._create_blog()
        user = User.objects.get(username='******')

        blog = Blog.objects.get()
        view = BlogAPI.as_view({
            'delete': 'destroy'
        })
        url = '/api/blog'
        request = self.factory.delete(url)
        force_authenticate(request, user=user)
        response = view(request, slug=blog.slug)

        assert status.HTTP_204_NO_CONTENT == response.status_code

    def test_update_blog(self):
        """
        Tests to update a Blog Post Successfully.
        """
        self._create_blog()
        user = User.objects.get(username='******')

        blog = Blog.objects.get()
        update_blog_content = {
            'title': 'Test101',
            'description': 'This is a Test Blog. Amirite! :D'
        }
        url = '/api/blog/'
        request = self.factory.put(url, update_blog_content)
        view = BlogAPI.as_view({
            'put': 'update'
        })
        force_authenticate(request, user=user)
        response = view(request, slug=blog.slug)

        assert status.HTTP_200_OK == response.status_code
        assert 1 == Blog.objects.count()
        assert update_blog_content['title'] == Blog.objects.get().title

    def test_search_blog_list(self):
        """
        Tests to search Blog Posts Successfully.
        """
        self._create_blog()

        keyword = 'Test'
        url = '/api/blog/?keyword=%s' % keyword
        request = self.factory.get(url)
        view = BlogAPI.as_view({
            'get': 'list'
        })
        response = view(request)

        assert status.HTTP_200_OK == response.status_code
        assert 1 == response.data['count']
        assert keyword == response.data['results'][0]['title']

    def test_get_blog_list(self):
        """
        Tests to get Blog Posts Successfully.
        """
        url = '/api/blog/'
        request = self.factory.get(url)
        view = BlogAPI.as_view({
            'get': 'list'
        })
        response = view(request)

        assert status.HTTP_200_OK == response.status_code
        assert 0 == response.data['count']

    def test_blog_upvote(self):
        """
        Tests Upvote functionality.
        """
        self._create_blog()

        user = User.objects.get(username='******')
        blog = Blog.objects.get()
        url = '/api/blog/'
        request = self.factory.get(url)
        force_authenticate(request, user=user)
        view = BlogAPI.as_view({
            'get': 'upvote'
        })
        response = view(request, slug=blog.slug)

        assert status.HTTP_200_OK == response.status_code
        assert 'You have successfully up voted this blog post.' == response.data

        response = view(request, slug=blog.slug)

        assert status.HTTP_200_OK == response.status_code
        assert 'You have already up voted this blog post.' == response.data

    def test_blog_downvote(self):
        """
        Tests Downvote functionality.
        """
        self._create_blog()

        user = User.objects.get(username='******')
        blog = Blog.objects.get()
        url = '/api/blog/'
        request = self.factory.get(url)
        force_authenticate(request, user=user)
        view = BlogAPI.as_view({
            'get': 'downvote'
        })
        response = view(request, slug=blog.slug)

        assert status.HTTP_200_OK == response.status_code
        assert 'You have successfully down voted this blog post.' == response.data

        response = view(request, slug=blog.slug)

        assert status.HTTP_200_OK == response.status_code
        assert 'You have already down voted this blog post.' == response.data

    def test_post_a_comment(self):
        """
        Tests a comment is successfully posted.
        """
        response = self._create_blog()

        user = User.objects.get(username='******')
        blog = response.data['url']
        comment_content = {
            'blog': blog,
            'description': 'This is a Test Comment.'
        }
        url = '/api/comment/'
        request = self.factory.post(url, comment_content)
        force_authenticate(request, user=user)
        view = CommentAPI.as_view({
            'post': 'create'
        })
        response = view(request)

        assert status.HTTP_201_CREATED == response.status_code
        assert comment_content['description'] == response.data['description']
        assert response.data['parent'] is None

        reply_content = {
            'blog': blog,
            'description': 'This is a Test Reply.',
            'parent': response.data['id']
        }
        request = self.factory.post(url, reply_content)
        force_authenticate(request, user=user)
        response = view(request)

        assert status.HTTP_201_CREATED == response.status_code
        assert reply_content['description'] == response.data['description']
        assert reply_content['parent'] == response.data['parent']
Example #32
0
 def get_context(self, url):
     factory = APIRequestFactory()
     request = factory.get(url)
     return {'request': Request(request)}
from rest_framework import (
    HTTP_HEADER_ENCODING, exceptions, permissions, renderers, status
)
from rest_framework.authentication import (
    BaseAuthentication, BasicAuthentication, RemoteUserAuthentication,
    SessionAuthentication, TokenAuthentication
)
from rest_framework.authtoken.models import Token
from rest_framework.authtoken.views import obtain_auth_token
from rest_framework.response import Response
from rest_framework.test import APIClient, APIRequestFactory
from rest_framework.views import APIView

from .models import CustomToken

factory = APIRequestFactory()


class CustomTokenAuthentication(TokenAuthentication):
    model = CustomToken


class CustomKeywordTokenAuthentication(TokenAuthentication):
    keyword = 'Bearer'


class MockView(APIView):
    permission_classes = (permissions.IsAuthenticated,)

    def get(self, request):
        return HttpResponse({'a': 1, 'b': 2, 'c': 3})
 def setUp(self):
     self.request = APIRequestFactory().get('/')
     self.view = Mock(spec=['get_addon_object', 'should_include_flags'])
     self.view.get_addon_object.return_value = None
     self.view.should_include_flags.return_value = False
     self.user = user_factory()
Example #35
0
class DSOApi50Tests(APITestCase):
    """
    Test the error handling responses (API-50).
    """

    maxDiff = None
    factory = APIRequestFactory()

    def assertErrorResponse(self, view, expected_data: dict):
        _view = view.as_view()
        # method doesn't matter since we're using `dispatch`
        request = self.factory.get("/some/irrelevant/url")

        response = _view(request)

        expected_status = expected_data["status"]
        self.assertEqual(response.status_code, expected_status)
        self.assertEqual(response["Content-Type"], "application/problem+json")

        # can't verify UUID...
        self.assertTrue(response.data["instance"].startswith("urn:uuid:"))
        del response.data["instance"]

        exc_class = view.exception.__class__.__name__
        expected_data["type"] = f"http://testserver/ref/fouten/{exc_class}/"
        self.assertEqual(response.data, expected_data)

    def test_400_error(self):
        self.assertErrorResponse(
            views.ValidationErrorView,
            {
                "code":
                "invalid",
                "title":
                "Invalid input.",
                "status":
                400,
                "detail":
                "",
                "invalid_params": [{
                    "name": "foo",
                    "code": "validation-error",
                    "reason": "Invalid data.",
                }],
            },
        )

    def test_401_error(self):
        self.assertErrorResponse(
            views.NotAuthenticatedView,
            {
                "code": "not_authenticated",
                "title": "Authenticatiegegevens zijn niet opgegeven.",
                "status": 401,
                "detail": "Authenticatiegegevens zijn niet opgegeven.",
            },
        )

    def test_403_error(self):
        self.assertErrorResponse(
            views.PermissionDeniedView,
            {
                "code": "permission_denied",
                "title":
                "Je hebt geen toestemming om deze actie uit te voeren.",
                "status": 403,
                "detail": "This action is not allowed",
            },
        )

    def test_404_error(self):
        self.assertErrorResponse(
            views.NotFoundView,
            {
                "code": "not_found",
                "title": "Niet gevonden.",
                "status": 404,
                "detail": "Some detail message",
            },
        )

    def test_405_error(self):
        self.assertErrorResponse(
            views.MethodNotAllowedView,
            {
                "code": "method_not_allowed",
                "title": 'Methode "{method}" niet toegestaan.',
                "status": 405,
                "detail": 'Methode "GET" niet toegestaan.',
            },
        )

    def test_406_error(self):
        self.assertErrorResponse(
            views.NotAcceptableView,
            {
                "code": "not_acceptable",
                "title": "Kan niet voldoen aan de opgegeven Accept header.",
                "status": 406,
                "detail": "Content negotation failed",
            },
        )

    def test_409_error(self):
        self.assertErrorResponse(
            views.ConflictView,
            {
                "code": "conflict",
                "title": "Er is een conflict",
                "status": 409,
                "detail": "The resource was updated, please retrieve it again",
            },
        )

    def test_410_error(self):
        self.assertErrorResponse(
            views.GoneView,
            {
                "code": "gone",
                "title": _("The resource is gone"),
                "status": 410,
                "detail": "The resource was destroyed",
            },
        )

    def test_412_error(self):
        self.assertErrorResponse(
            views.PreconditionFailed,
            {
                "code": "precondition_failed",
                "title": _("Precondition failed"),
                "status": 412,
                "detail": "Something about CRS",
            },
        )

    def test_415_error(self):
        self.assertErrorResponse(
            views.UnsupportedMediaTypeView,
            {
                "code": "unsupported_media_type",
                "title": 'Ongeldige media type "{media_type}" in aanvraag.',
                "status": 415,
                "detail": "This media type is not supported",
            },
        )

    def test_429_error(self):
        self.assertErrorResponse(
            views.ThrottledView,
            {
                "code": "throttled",
                "title": "Aanvraag was verstikt.",
                "status": 429,
                "detail": "Too many requests",
            },
        )

    def test_500_error(self):
        self.assertErrorResponse(
            views.InternalServerErrorView,
            {
                "code": "error",
                "title": "Er is een serverfout opgetreden.",
                "status": 500,
                "detail": "Everything broke",
            },
        )
Example #36
0
 def setUp(self):
     self.factory = APIRequestFactory()
Example #37
0
class ContactSerializerTest(TestCase):
    def setUp(self):
        self.factory = APIRequestFactory()

    def test_contains_expected_fields(self):
        contact = mfactories.Contact()

        request = self.factory.get('/')

        serializer_context = {
            'request': Request(request),
        }

        serializer = ContactSerializer(instance=contact,
                                       context=serializer_context)

        data = serializer.data

        keys = [
            'uuid',
            'id',
            'first_name',
            'last_name',
            'middle_name',
            'addresses',
            'siteprofile_uuids',
            'workflowlevel2_uuids',
            'title',
            'title_display',
            'suffix',
            'url',
            'phones',
            'company',
            'contact_type',
            'organization_uuid',
            'customer_type',
            'notes',
            'workflowlevel1_uuids',
            'emails',
            'customer_id',
        ]
        self.assertEqual(set(data.keys()), set(keys))

    def test_title_display_field(self):
        contact = mfactories.Contact(title='mr')
        request = self.factory.get('/')
        serializer_context = {'request': Request(request)}
        serializer = ContactSerializer(instance=contact,
                                       context=serializer_context)
        self.assertEqual(serializer['title_display'].value, "Mr.")

    def test_unique_customer_id_validate(self):
        organization_uuid = uuid.uuid4()
        mfactories.Contact(organization_uuid=organization_uuid,
                           customer_id="abc")
        data = {
            'organization_uuid': organization_uuid,
            'customer_id': "abcd",
            'workflowlevel1_uuids': [
                str(uuid.uuid4()),
            ]
        }
        request = self.factory.get('/')
        request.user = mfactories.User()
        request.session = {
            'jwt_organization_uuid': organization_uuid,
        }
        serializer_context = {'request': Request(request)}
        serializer = ContactSerializer(data=data, context=serializer_context)
        self.assertTrue(serializer.is_valid(raise_exception=True))
        data['customer_id'] = "abc"
        serializer = ContactSerializer(data=data, context=serializer_context)
        self.assertFalse(serializer.is_valid())
        with self.assertRaisesMessage(
                ValidationError,
                expected_message='customer_id is not unique in organization'):
            serializer.is_valid(raise_exception=True)
Example #38
0
 def setUp(self):
     self.factory = APIRequestFactory()
     self.user = User.objects.create_superuser(username='******')
     Activity.objects.create(name="swimming", calories_burned=600)
     Activity.objects.create(name="cycling", calories_burned=600)
Example #39
0
 def setUp(self):
     self.factory = APIRequestFactory()
     self.view = self.view_class.as_view()
Example #40
0
class ActivityViewSetTest(APITestCase):
    def setUp(self):
        self.factory = APIRequestFactory()
        self.user = User.objects.create_superuser(username='******')
        Activity.objects.create(name="swimming", calories_burned=600)
        Activity.objects.create(name="cycling", calories_burned=600)

    def test_get_all_activities(self):
        request = self.factory.get('/api/v1/activities')
        force_authenticate(request, user=self.user)
        response = ActivityViewSet.as_view({'get': 'list'})(request)
        activities = Activity.objects.all()
        serializer = ActivitySerializer(activities, many=True)
        self.assertEqual(response.data, serializer.data)
        self.assertEqual(response.status_code, status.HTTP_200_OK)

    def test_get_single_activity(self):
        swimming = Activity.objects.first()
        pk = swimming.pk
        request = self.factory.get('/api/v1/activities/{}'.format(pk),
                                   format='json')
        force_authenticate(request, user=self.user)
        view = ActivityViewSet.as_view(actions={'get': 'retrieve'},
                                       detail=True)
        response = view(request, pk=pk)
        serializer = ActivitySerializer(swimming)
        response.render()
        self.assertEqual(json.loads(response.content), serializer.data)
        self.assertEqual(response.status_code, status.HTTP_200_OK)

    def test_not_exisitng_activity(self):
        pks = [obj.pk for obj in Activity.objects.all()]
        not_existing = max(pks) + 1
        request = self.factory.get(
            '/api/v1/activities/{}'.format(not_existing))
        force_authenticate(request, user=self.user)
        view = ActivityViewSet.as_view(actions={'get': 'retrieve'},
                                       detail=True)
        response = view(request, pk=not_existing)
        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)

    def test_post_activity(self):
        data = json.dumps({"name": "running", "calories_burned": 550})
        client = APIClient()
        client.force_authenticate(user=self.user)
        response = client.post('/api/v1/activities/',
                               data=data,
                               content_type='application/json')
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
        apple = Activity.objects.filter(name="running").first()
        self.assertEqual(response.data.get('name'), apple.name)

    def test_wrong_post_activity(self):
        data = json.dumps({"name": "running"})
        client = APIClient()
        client.force_authenticate(user=self.user)
        response = client.post('/api/v1/activities/',
                               data=data,
                               content_type='application/json')
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

    def test_put_activity(self):
        swimming = Activity.objects.first()
        pk = swimming.pk
        data = json.dumps({"name": "swimming", "calories_burned": 700})
        client = APIClient()
        client.force_authenticate(user=self.user)
        response = client.put('/api/v1/activities/{}/'.format(pk),
                              data=data,
                              content_type='application/json')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        swimming = Activity.objects.filter(name="swimming").first()
        self.assertEqual(swimming.calories_burned, 700)

    def test_wrong_put_activity(self):
        swimming = Activity.objects.first()
        pk = swimming.pk
        data = json.dumps({"name": "Banana"})
        client = APIClient()
        client.force_authenticate(user=self.user)
        response = client.put('/api/v1/activities/{}/'.format(pk),
                              data=data,
                              content_type='application/json')
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

    def test_delete_activity(self):
        swimming = Activity.objects.first()
        pk = swimming.pk
        client = APIClient()
        client.force_authenticate(user=self.user)
        response = client.delete('/api/v1/activities/{}/'.format(pk))
        self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
        self.assertRaises(Activity.DoesNotExist, Activity.objects.get, pk=pk)

    def test_wrong_delete_activity(self):
        pks = [obj.pk for obj in Activity.objects.all()]
        not_existing = max(pks) + 1
        client = APIClient()
        client.force_authenticate(user=self.user)
        response = client.delete('/api/v1/activities/{}/'.format(not_existing))
        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
Example #41
0
import json

from django.test import TestCase
from django.urls import reverse
from rest_framework.test import APIClient, APIRequestFactory
from rest_framework.request import Request
from rest_framework.status import HTTP_200_OK, HTTP_404_NOT_FOUND, HTTP_405_METHOD_NOT_ALLOWED

from data_sources.models import Posse, Gateway, GatewayStatus, GatewayTag
from data_sources.serializers import (
    PosseSerializer, GatewaySerializer, GatewayTagSerializer, GatewayStatusSerializer
)


factory = APIRequestFactory()
request = factory.get('/')
serializer_context = {
    'request': Request(request),
}

class GatewayTest(TestCase):
    def setUp(self):
        self.client = APIClient()
        self.posse_list = [
            Posse.objects.create(label="Test Posse"),
            Posse.objects.create(label="Dummy Posse")
        ]
        self.gateway_list = (
            Gateway.objects.create(
                label="Test Gateway",
                posse=self.posse_list[0],
class ProductViewTest(APITestCase):
    def setUp(self):
        self.user = User.objects.create_user(username='******',
                                             email='*****@*****.**',
                                             password='******',
                                             first_name='Gabriel',
                                             last_name='Renó',
                                             is_staff=True)
        self.factory = APIRequestFactory()
        self.view = ProductView.as_view()
        self.category = Category.objects.create(name='Prato')
        self.product = Product.objects.create(name='Product 1',
                                              description='Description 1',
                                              category=self.category)
        self.price = Price.objects.create(price=2.42,
                                          currency='BRL',
                                          product=self.product)

    def test_product_create(self):

        url = reverse('product')
        product_json = {
            "name": "Product Test",
            "description": "Product Description",
            "price": 2.42,
            "unit": "1 Porcao",
            "category": self.category.id
        }
        request = self.factory.post(url, product_json, format='json')
        force_authenticate(request, user=self.user)
        response = self.view(request)
        self.assertEquals(response.status_code, 201)

    def test_product_get(self):
        url = reverse('product-details', kwargs={'pk': self.product.id})

        request = self.factory.get(url)
        force_authenticate(request, user=self.user)
        response = self.view(request, pk=self.product.id)
        expect_response = {
            'id': self.product.id,
            'name': self.product.name,
            'description': self.product.description,
            'highlighted': False,
            'created_at':
            self.product.created_at.strftime('%Y-%m-%dT%H:%M:%S.%fZ'),
            'price': self.product.price,
            'currency': self.product.currency,
            'unit': self.product.unit,
            'category': self.category.id,
            'photo': None
        }
        self.assertEquals(response.status_code, 200)
        self.assertEquals(response.data, expect_response)

    def test_product_patch(self):
        url = reverse('product-details', kwargs={'pk': self.product.id})
        update_json = {
            'name': 'Update Name',
            'description': 'Update Description',
        }
        request = self.factory.patch(url, data=update_json, format='json')
        force_authenticate(request, user=self.user)
        response = self.view(request, pk=self.product.id)

        self.assertEquals(response.status_code, 204)

        request = self.factory.get(url)
        force_authenticate(request, user=self.user)
        response = self.view(request, pk=self.product.id)

        expect_response = {
            'id': self.product.id,
            'name': 'Update Name',
            'description': 'Update Description',
            'highlighted': False,
            'created_at':
            self.product.created_at.strftime('%Y-%m-%dT%H:%M:%S.%fZ'),
            'price': 2.42,
            'currency': 'BRL',
            'unit': '',
            'category': 1,
            'photo': None
        }

        self.assertEquals(response.data, expect_response)

    def test_product_delete(self):
        url = reverse('product-details', kwargs={'pk': self.product.id})

        request = self.factory.delete(url)
        force_authenticate(request, user=self.user)
        response = self.view(request, pk=self.product.id)

        self.assertEquals(response.status_code, 204)
Example #43
0
 def test_no_unauth_access_to_sources(self):
     factory = APIRequestFactory()
     request = factory.get('/sources/')
     view = SourceViewSet.as_view({'get': 'list'})
     response = view(request)
     self.assertEqual(response.status_code, 401)
Example #44
0
def request_factory():
    return APIRequestFactory()
Example #45
0
 def setUp(self):
     self.factory = APIRequestFactory()
     self.url = reverse("latestunitversionview-list")
     self.view = LatestUnitVersionViewSet()
     self.queryset_mock = MagicMock()
Example #46
0
import json

from rest_framework.test import APIRequestFactory

# Using the standard RequestFactory API to create a form POST request
factory = APIRequestFactory()
request = factory.post('/api/posts/creating/',
                       json.dumps({
                           'author': 2,
                           'text': 'test post test'
                       }),
                       content_type='application/json')
Example #47
0
# pylint: disable=missing-docstring
from __future__ import absolute_import, division, print_function, unicode_literals

import itertools

import six

from rest_framework.test import APIRequestFactory, force_authenticate

from resolwe.flow.models import Data, Entity, Process
from resolwe.flow.views import EntityViewSet
from resolwe.test import TestCase

factory = APIRequestFactory()  # pylint: disable=invalid-name


class ProjectionTest(TestCase):
    def setUp(self):
        super(ProjectionTest, self).setUp()

        self.entity = Entity.objects.create(name="Test entity", contributor=self.contributor)
        process = Process.objects.create(
            name="Test process",
            contributor=self.contributor,
            output_schema=[
                {'name': 'foo', 'label': 'Foo', 'group': [
                    {'name': 'bar', 'label': 'Bar', 'type': 'basic:integer:'},
                    {'name': 'hello', 'label': 'Hello', 'type': 'basic:string:'},
                ]},
                {'name': 'another', 'label': 'Another', 'type': 'basic:integer:'},
            ]
 def setUp(self):
     self.factory = APIRequestFactory()
     self.view = MovieView.as_view({'get': 'list'})
     self.uri = '/api/movies/'
Example #49
0
class TemperatureReadingViewsetTests(APITestCase):
    """Tests for TemperatureReading Viewset.

    Methods:
        setUp: Create test data
        tearDown: Clear test database
        test_unauthenticated_user_permissions: Unauthenticated users should not be able to view,
            create, edit, or delete temperature readings
        test_authenticated_get: Users should be able to see their own temperature readings
            Staff should be able to see all temperature readings
        test_authenticated_post: Viewset should not allow post requests
    
    """
    def setUp(self):
        """
        Create test objects
        """
        self.user = get_user_model().objects.create_user(username='******',
                                                         password='******',
                                                         email='*****@*****.**')
        self.thermometer = Thermometer.objects.create(
            display_name='test thermometer')
        self.thermometer.register(self.user)
        with transaction.atomic():
            self.thermometer.save()
        for i in range(10):
            temp = TemperatureReading(degrees_c=i,
                                      thermometer=self.thermometer)
            with transaction.atomic():
                temp.save()
        self.factory = APIRequestFactory()
        self.listview = TemperatureReadingViewset.as_view({
            'get': 'list',
        })
        self.detailview = TemperatureReadingViewset.as_view({
            'get': 'retrieve',
        })

    def tearDown(self):
        """
        Clear test database
        """
        for user in get_user_model().objects.all():
            with transaction.atomic():
                user.delete()

        self.assertEqual(len(TemperatureReading.objects.all()), 0)
        self.assertEqual(len(Thermometer.objects.all()), 0)

    def test_unauthenticated_user_permissions(self):
        """
        Unauthenticated users should not be able to view, create, edit, or delete temperature
        readings
        """
        self.client.logout()

        # list view
        url = reverse('temperaturereading-list')
        request = self.factory.get(url)
        response = self.listview(request)
        self.assertEquals(response.status_code, 403)

        request = self.factory.post(url, {'degrees_c': 23})
        response = self.listview(request)
        self.assertEquals(response.status_code, 403)

        # detail view
        for temp in self.thermometer.temperatures.all():
            url = reverse('temperaturereading-detail', args=[temp.pk])
            request = self.factory.get(url)
            response = self.detailview(request, pk=temp.pk)
            self.assertEquals(response.status_code, 403)

            data = {'degrees_c': 12}
            request = self.factory.put(url, data=data, partial=True)
            response = self.detailview(request)
            self.assertEqual(response.status_code, 403)

            request = self.factory.delete(url)
            response = self.detailview(request)
            self.assertEqual(response.status_code, 403)

    def test_authenticated_get(self):
        """
        Users should be able to see their own temperature readings
        Staff should be able to see all temperature readings
        """
        # owner should see all temps created
        url = reverse('temperaturereading-list')
        request = self.factory.get(url)
        force_authenticate(request, user=self.user)
        response = self.listview(request)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(len(response.data),
                          len(TemperatureReading.objects.all()))

        # new user should see no temps
        user = get_user_model().objects.create_user(username='******',
                                                    password='******',
                                                    email='*****@*****.**')
        request = self.factory.get(url)
        force_authenticate(request, user=user)
        response = self.listview(request)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(len(response.data), 0)

        # giving new user a thermometer with a temp should get 1 temp on get
        therm = Thermometer()
        therm.register(user)
        temp = TemperatureReading(thermometer=therm, degrees_c=1)
        with transaction.atomic():
            temp.save()

        request = self.factory.get(url)
        force_authenticate(request, user=user)
        response = self.listview(request)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(len(response.data), 1)

        superuser = get_user_model().objects.create_superuser(
            username='******', password='******', email='*****@*****.**')

        request = self.factory.get(url)
        force_authenticate(request, user=superuser)
        response = self.listview(request)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(len(response.data), 11)

    def test_authenticated_post(self):
        """
        post to temperature reading viewset should not create new readings.
        """
        url = reverse('temperaturereading-list')
        data = {
            'degrees_c': 1,
        }
        request = self.factory.post(url, data=data, format='json')
        force_authenticate(request, user=self.user)
        response = self.listview(request)
        self.assertEquals(response.status_code, 405)
        self.assertEquals(str(response.data['detail']),
                          'Method "POST" not allowed.')

    def test_authenticated_put(self):
        """
        Put reqeusts should not be allowed
        """
        temp = TemperatureReading(degrees_c=1, thermometer=self.thermometer)
        with transaction.atomic():
            temp.save()
        url = reverse('temperaturereading-detail', args=[temp.pk])
        data = {'degrees_c': 2}

        request = self.factory.put(url, data=data, format='json')
        force_authenticate(request, user=self.user)
        response = self.detailview(request)
        self.assertEquals(response.status_code, 405)
        self.assertEquals(str(response.data['detail']),
                          'Method "PUT" not allowed.')

    def test_authenticated_delete(self):
        """
        Delete requests should not be allowed
        """
        temp = TemperatureReading(degrees_c=1, thermometer=self.thermometer)
        with transaction.atomic():
            temp.save()
        url = reverse('temperaturereading-detail', args=[temp.pk])
        request = self.factory.delete(url, args=[temp.pk])
        force_authenticate(request, self.user)
        response = self.detailview(request, pk=temp.pk)
        self.assertEquals(response.status_code, 405)
        self.assertEquals(str(response.data['detail']),
                          'Method "DELETE" not allowed.')
Example #50
0
class LatestUnitVersionCleanTests(unittest.TestCase):
    """ Tests success cases for units.views.LatestUnitVersionViewSet. """
    def setUp(self):
        self.factory = APIRequestFactory()
        self.url = reverse("latestunitversionview-list")
        self.view = LatestUnitVersionViewSet()
        self.queryset_mock = MagicMock()

    def test_no_query(self):
        """ Test queryset when no query params provided. """
        # Given
        request = self.factory.get(self.url, {})
        self.view.request = request
        self.view.queryset = self.queryset_mock
        expected_result = MagicMock()

        self.queryset_mock.filter.return_value = self.queryset_mock
        self.queryset_mock.exclude.return_value = expected_result

        # When
        result = LatestUnitVersionViewSet.get_queryset(self.view)

        # Then
        self.assertEqual(result, expected_result)
        self.queryset_mock.assert_has_calls([
            call.filter(),
            call.exclude(),
        ])

    def test_includes(self):
        """ Test queryset when only includes are provided. """
        # Given
        request = self.factory.get(self.url, {"q": "gold=5"})
        self.view.request = request
        self.view.queryset = self.queryset_mock
        expected_result = MagicMock()

        self.queryset_mock.filter.return_value = self.queryset_mock
        self.queryset_mock.exclude.return_value = expected_result

        # When
        result = LatestUnitVersionViewSet.get_queryset(self.view)

        # Then
        self.assertEqual(result, expected_result)
        self.queryset_mock.assert_has_calls([
            call.filter(gold=5),
            call.exclude(),
        ])

    def test_excludes(self):
        """ Test queryset when only excludes are provided. """
        # Given
        request = self.factory.get(self.url, {"q": "gold!=5"})
        self.view.request = request
        self.view.queryset = self.queryset_mock
        expected_result = MagicMock()

        self.queryset_mock.filter.return_value = self.queryset_mock
        self.queryset_mock.exclude.return_value = expected_result

        # When
        result = LatestUnitVersionViewSet.get_queryset(self.view)

        # Then
        self.assertEqual(result, expected_result)
        self.queryset_mock.assert_has_calls([
            call.filter(),
            call.exclude(gold=5),
        ])

    def test_both(self):
        """ Test queryset when both includes and excludes are provided. """
        # Given
        request = self.factory.get(self.url, {"q": "gold=5,gold!=5"})
        self.view.request = request
        self.view.queryset = self.queryset_mock
        expected_result = MagicMock()

        self.queryset_mock.filter.return_value = self.queryset_mock
        self.queryset_mock.exclude.return_value = expected_result

        # When
        result = LatestUnitVersionViewSet.get_queryset(self.view)

        # Then
        self.assertEqual(result, expected_result)
        self.queryset_mock.assert_has_calls([
            call.filter(gold=5),
            call.exclude(gold=5),
        ])

    def test_invalid_field(self):
        """
        Test queryset when both includes and excludes are provided,
        and some of the fields are not valid.

        """
        # Given
        request = self.factory.get(
            self.url, {"q": "gold=5,invalid=5,gold!=5,invalid<>5"})
        self.view.request = request
        self.view.queryset = self.queryset_mock
        expected_result = MagicMock()

        self.queryset_mock.filter.return_value = self.queryset_mock
        self.queryset_mock.exclude.return_value = expected_result

        # When
        result = LatestUnitVersionViewSet.get_queryset(self.view)

        # Then
        self.assertEqual(result, expected_result)
        self.queryset_mock.assert_has_calls([
            call.filter(gold=5),
            call.exclude(gold=5),
        ])
Example #51
0
File: tests.py Project: rfb/gwells
class APIPersonTests(AuthenticatedAPITestCase):
    """
    Tests for Person resource endpoint
    """
    def setUp(self):
        self.factory = APIRequestFactory()
        self.initial_data = {'first_name': 'Bobby', 'surname': 'Driller'}
        self.prov, _ = ProvinceStateCode.objects.get_or_create(
            province_state_code='BC', display_order=1)
        super().setUp()

    def test_create_person(self):
        url = reverse('person-list')
        data = {'first_name': 'Bobby', 'surname': 'Driller'}
        count_before = Person.objects.count()

        response = self.client.post(url, data, format='json')
        created_guid = response.data.get('person_guid')

        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
        self.assertEqual(
            data['first_name'],
            Person.objects.get(person_guid=created_guid).first_name)
        self.assertEqual(data['surname'],
                         Person.objects.get(person_guid=created_guid).surname)
        self.assertEqual(Person.objects.count(), count_before + 1)

    def test_list_people(self):
        url = reverse('person-list')
        new_object = self.client.post(url, self.initial_data, format='json')
        created_guid = new_object.data['person_guid']

        response = self.client.get(url, format='json')

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(created_guid), 36)
        self.assertContains(response, created_guid)

    def test_retrieve_person(self):
        create_url = reverse('person-list')
        new_object = self.client.post(create_url,
                                      self.initial_data,
                                      format='json')
        created_guid = new_object.data['person_guid']

        retrieve_url = reverse('person-detail',
                               kwargs={'person_guid': created_guid})
        response = self.client.get(retrieve_url, format='json')

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data['first_name'],
                         self.initial_data['first_name'])
        self.assertEqual(response.data['surname'],
                         self.initial_data['surname'])

    def test_patch_person(self):
        new_data = {'surname': 'Wells'}

        create_url = reverse('person-list')
        new_object = self.client.post(create_url,
                                      self.initial_data,
                                      format='json')
        created_guid = new_object.data['person_guid']

        object_url = reverse('person-detail',
                             kwargs={'person_guid': created_guid})

        # Apply a new city name with PATCH method
        self.client.patch(object_url, new_data, format='json')

        response = self.client.get(object_url, format='json')

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data['first_name'],
                         self.initial_data['first_name'])
        self.assertEqual(response.data['surname'], new_data['surname'])

    def test_update_person_by_put(self):
        initial_data = {'first_name': 'Bobby', 'surname': 'Driller'}
        new_data = {'first_name': 'Betty', 'surname': 'Wells'}

        create_url = reverse('person-list')
        new_object = self.client.post(create_url,
                                      self.initial_data,
                                      format='json')
        created_guid = new_object.data['person_guid']

        object_url = reverse('person-detail',
                             kwargs={'person_guid': created_guid})

        # Apply a new name with PATCH method
        self.client.put(object_url, new_data, format='json')

        response = self.client.get(object_url, format='json')

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data['first_name'], new_data['first_name'])
        self.assertEqual(response.data['surname'], new_data['surname'])

    def test_delete_person(self):
        # setup
        logger = logging.getLogger('django.request')
        previous_level = logger.getEffectiveLevel()
        logger.setLevel(logging.ERROR)

        initial_data = {'first_name': 'Bobby', 'surname': 'Driller'}

        create_url = reverse('person-list')
        new_object = self.client.post(create_url,
                                      self.initial_data,
                                      format='json')
        created_guid = new_object.data['person_guid']

        retrieve_url = reverse('person-detail',
                               kwargs={'person_guid': created_guid})
        retrieve_response = self.client.get(retrieve_url, format='json')

        self.assertEqual(retrieve_response.status_code, status.HTTP_200_OK)
        self.assertEqual(retrieve_response.data['first_name'],
                         self.initial_data['first_name'])
        self.assertEqual(retrieve_response.data['surname'],
                         self.initial_data['surname'])

        delete_response = self.client.delete(retrieve_url, format='json')
        self.assertEqual(delete_response.status_code,
                         status.HTTP_204_NO_CONTENT)

        get_after_delete_response = self.client.get(retrieve_url,
                                                    format='json')
        self.assertEqual(get_after_delete_response.status_code,
                         status.HTTP_404_NOT_FOUND)

        # teardown
        logger.setLevel(previous_level)

    def test_person_audit_fields(self):
        """
        Test that AuditModel fields (create_user, create_date etc.)
        are updated when Person objects are created.
        """
        view = PersonListView.as_view()
        post_url = reverse('person-list')
        request = self.factory.post(post_url, self.initial_data)
        request.user = self.user
        response = view(request)
        created_guid = response.data['person_guid']

        person = Person.objects.get(person_guid=created_guid)

        self.assertEqual(person.create_user, self.user.username)

    def test_person_history(self):
        """
        Test that a version history is created when Person objects are created.
        """
        call_command('createinitialrevisions')
        view = PersonListView.as_view()
        post_url = reverse('person-list')
        request = self.factory.post(post_url, self.initial_data)
        request.user = self.user
        response = view(request)
        created_guid = response.data['person_guid']

        person = Person.objects.get(person_guid=created_guid)

        self.assertEqual(person.history.count(), 1)

    def test_create_person_not_authenticated(self):
        """
        Ensure that users who are not authenticated cannot create Person objects
        """
        self.client.force_authenticate(user=None)
        url = reverse('person-list')
        data = {'first_name': 'Bobby', 'surname': 'Driller'}

        response = self.client.post(url, data, format='json')

        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_create_person_wrong_role(self):
        user, created = User.objects.get_or_create(username='******')
        if created:
            Profile.objects.get_or_create(user=user)

        roles_to_groups(user, [
            REGISTRIES_VIEWER_ROLE,
        ])
        self.client.force_authenticate(user=user)
        url = reverse('person-list')
        data = {'first_name': 'Bobby', 'surname': 'Driller'}

        response = self.client.post(url, data, format='json')

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_unsafe_methods_by_unauthorized_users(self):
        """
        Ensure that users who are not authenticated cannot perform "unsafe" actions
        like UPDATE, PUT, DELETE on an object that is already in database
        """
        self.client.force_authenticate(user=None)
        person_object = Person.objects.create(first_name='Bobby',
                                              surname='Driller')
        object_url = reverse('person-detail',
                             kwargs={'person_guid': person_object.person_guid})

        update_response = self.client.patch(object_url,
                                            {'first_name': 'Billy'},
                                            format='json')
        put_response = self.client.put(object_url, {
            'person_guid': person_object.person_guid,
            'first_name': 'Betty',
            'surname': 'McDrillerson'
        },
                                       format='json')
        delete_response = self.client.delete(object_url, format='json')

        self.assertEqual(update_response.status_code,
                         status.HTTP_401_UNAUTHORIZED)
        self.assertEqual(put_response.status_code,
                         status.HTTP_401_UNAUTHORIZED)
        self.assertEqual(delete_response.status_code,
                         status.HTTP_401_UNAUTHORIZED)
Example #52
0
class ThermometerViewsetTests(APITestCase):
    """Tests for Thermometer Viewset

    Methods:
        setUp: Create test data
        tearDown: Empty test database
        test_unauthenticated_requests: All unauthenticated requests should fail
        test_authenticated_get: Regular users should be able to see only their own thermometers.
            Staff should see all thermometers
        test_authenticated_post_valid: POST requests should create a new thermometer record
            registered to the authenticated user
        test_authenticated_post_invalid_data: POST requests with invalid data should return http
            code 400 bad request
        test_authenticated_put_valid_data: PUT requests should update all fields on an existing
            model
        test_authenticated_put_invalid_data: Invalid data in PUT requests should return 400
        test_authenticated_path_valid_data: PATCH requests should update the correct fields
        test_authenticated_path_invalid_data: PATCH requests with invalid data should return 400
    """
    def setUp(self):
        """
        create test data
        """
        self.normal_user = get_user_model().objects.create_user(
            username='******', password='******', email='*****@*****.**')
        self.super_user = get_user_model().objects.create_superuser(
            username='******', password='******', email='*****@*****.**')
        self.therm = Thermometer(display_name='test thermometer')
        self.therm.register(self.normal_user)
        self.factory = APIRequestFactory()
        self.listview = ThermometerViewset.as_view({
            'get': 'list',
            'post': 'create'
        })
        self.detailview = ThermometerViewset.as_view({
            'get': 'retrieve',
            'put': 'update',
            'patch': 'partial_update',
            'delete': 'destroy'
        })

    def tearDown(self):
        """
        empty test database
        """
        with transaction.atomic():
            for user in get_user_model().objects.all():
                user.delete()

        self.assertEquals(len(get_user_model().objects.all()), 0)
        self.assertEquals(len(Thermometer.objects.all()), 0)
        self.assertEquals(len(TemperatureReading.objects.all()), 0)

    def test_unauthenticated_requests(self):
        """
        This viewset should reject all unauthenticated requests
        """
        self.client.logout()

        # ListView requests
        url = reverse('thermometer-list')
        request = self.factory.get(url)
        response = self.listview(request)
        self.assertEquals(response.status_code, 403)

        data = {'display_name': 'fred'}
        requet = self.factory.post(url, data)
        response = self.listview(request)
        self.assertEquals(response.status_code, 403)

        # DetailView requests
        url = reverse('thermometer-detail', args=[self.therm.pk])
        request = self.factory.get(url)
        response = self.detailview(request, pk=self.therm.pk)
        self.assertEquals(response.status_code, 403)

        data = {'display_name': 'forky'}
        request = self.factory.patch(url, data=data, partial=True)
        response = self.detailview(request)
        self.assertEquals(response.status_code, 403)

        data['therm_id'] = 'sausage'
        request = self.factory.put(url, pk=self.therm.pk, data=data)
        response = self.detailview(request)
        self.assertEquals(response.status_code, 403)

        request = self.factory.delete(url, pk=self.therm.pk)
        response = self.detailview(request)
        self.assertEquals(response.status_code, 403)

    def test_authenticated_get(self):
        """
        Regular users should be able to see their own thermometers
        Staff should be able to see all thermometers
        """
        other_user = get_user_model().objects.create_user(username="******",
                                                          password="******",
                                                          email="*****@*****.**")
        normal_user_therms = []
        for i in range(4):
            therm = Thermometer()
            therm.register(self.normal_user)
            normal_user_therms.append(therm)

        other_user_therms = []
        for i in range(4):
            therm = Thermometer()
            therm.register(other_user)
            other_user_therms = []

        normal_user_therms.append(self.therm)

        # Test list view
        url = reverse('thermometer-list')
        request = self.factory.get(url)
        force_authenticate(request, user=self.normal_user)
        response = self.listview(request)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(len(response.data), 5)
        for therm_data in response.data:
            therm = Thermometer.objects.get(therm_id=therm_data['therm_id'])
            self.assertIn(therm, normal_user_therms)

        request = self.factory.get(url)
        force_authenticate(request, user=self.super_user)
        response = self.listview(request)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(len(response.data), 9)

        # Test detail view
        url = reverse('thermometer-detail', args=[self.therm.pk])
        request = self.factory.get(url)
        force_authenticate(request, self.normal_user)
        response = self.detailview(request, pk=self.therm.pk)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(response.data['owner'][-2], str(self.normal_user.pk))

        request = self.factory.get(url)
        force_authenticate(request, self.super_user)
        response = self.detailview(request, pk=self.therm.pk)
        self.assertEquals(response.status_code, 200)
        self.assertEquals(response.data['owner'][-2], str(self.normal_user.pk))

    def test_authenticated_post_valid(self):
        """
        POST requests should create a new thermometer registered to the current user
        """
        def make_assertions_about_data(data, user):
            url = reverse('thermometer-list')
            request = self.factory.post(url, data=data, format='json')
            force_authenticate(request, user=user)
            response = self.listview(request)
            self.assertEquals(response.status_code, 201)
            self.assertEquals(int(response.data['owner'][-2]), user.pk)
            self.assertEquals(response.data['display_name'],
                              data['display_name'])
            self.assertEquals(response.data['therm_id'], str(data['therm_id']))

        data = {'display_name': 'new thermometer', 'therm_id': uuid.uuid4()}
        make_assertions_about_data(data, self.normal_user)

        data = {'display_name': 'newer thermometer', 'therm_id': uuid.uuid4()}
        make_assertions_about_data(data, self.super_user)

    def test_authenticated_post_invalid_data(self):
        """
        POST requests with invalid data should return error code
        """
        def make_assertions_with_data(data):
            url = reverse('thermometer-list')
            request = self.factory.post(url, data=data, format='json')
            force_authenticate(request, user=self.normal_user)
            response = self.listview(request)
            self.assertEquals(response.status_code, 400)

        data_sets = [{
            'temperatures': [{
                'degrees_c': 91
            }]
        }, {
            'display_name':
            'thisnameiswaytoolongandwonteverbeacceptedbecausethelongestallowedis75characters'
        }, {
            'display_name': 'valid',
            'temperatures': [{
                'degrees_c': 40
            }]
        }]
        for data in data_sets:
            make_assertions_with_data(data)

    def test_authenticated_put_valid_data(self):
        """
        Authenticated put requests with valid data should overwrite existing records with
        new values
        """
        def validate_put_request(data):
            url = reverse('thermometer-detail', args=[self.therm.pk])
            request = self.factory.put(url, data=data, format='json')
            force_authenticate(request, self.normal_user)
            response = self.detailview(request, data=data, pk=self.therm.pk)
            self.therm = Thermometer.objects.get(pk=self.therm.pk)
            self.assertEquals(response.status_code, 200)

            if 'temperatures' in data.keys():
                for temp in data['temperatures']:
                    temp = TemperatureReading.objects.get(
                        degrees_c=temp['degrees_c'])
                    self.assertIsNotNone(temp)
                    self.assertEquals(temp.thermometer.pk, self.therm.pk)
                del data['temperatures']

            for key, value in data.items():
                self.assertEquals(getattr(self.therm, key), value)
                self.assertIn(key, response.data)

        data_sets = [{
            'display_name': 'new display name',
            'therm_id': uuid.uuid4()
        }, {
            'display_name': 'newer display name',
            'therm_id': uuid.uuid4()
        }, {
            'display_name': 'newest display name',
            'therm_id': uuid.uuid4()
        }, {
            'temperatures': [
                {
                    'degrees_c': 1
                },
                {
                    'degrees_c': 2
                },
                {
                    'degrees_c': 4
                },
                {
                    'degrees_c': 5
                },
            ]
        }]

        for data in data_sets:
            validate_put_request(data)

    def test_authenticated_put_invalid_data(self):
        """
        PUT requests with invalid data should return 400
        """
        url = reverse('thermometer-detail', args=[self.therm.pk])
        new_therm = Thermometer(therm_id='1')

        def put_invalid_data(data):
            request = self.factory.put(url, data=data, format='json')
            force_authenticate(request, user=self.normal_user)
            response = self.detailview(request, data=data, pk=self.therm.pk)
            self.assertEquals(response.status_code, 400)

        datasets = [{
            'therm_id':
            'apweoriulsadk falk4;l43aklk jea;lkj34leskrjng lksjn435lka345asdn lksjd'
        }, {
            'display_name':
            'thisnameiswaytoolongandwonteverbeacceptedbecausethelongestallowedis75characters'
        }, {
            'therm_id': '1'
        }, {
            'temperatures': [{
                'degrees_c': 123456789012334567
            }]
        }]

        for data in datasets:
            put_invalid_data(data)

    def test_authenticated_patch_valid_data(self):
        """
        Authenticated patch requests with valid data should overwrite existing records with
        new values
        """
        def validate_patch_request(data):
            url = reverse('thermometer-detail', args=[self.therm.pk])
            request = self.factory.patch(url, data=data, format='json')
            force_authenticate(request, self.normal_user)
            response = self.detailview(request, data=data, pk=self.therm.pk)
            self.therm = Thermometer.objects.get(pk=self.therm.pk)
            self.assertEquals(response.status_code, 200)

            if 'temperatures' in data.keys():
                for temp in data['temperatures']:
                    temp = TemperatureReading.objects.get(
                        degrees_c=temp['degrees_c'])
                    self.assertIsNotNone(temp)
                    self.assertEquals(temp.thermometer.pk, self.therm.pk)
                del data['temperatures']

            for key, value in data.items():
                self.assertEquals(getattr(self.therm, key), value)
                self.assertIn(key, response.data)

        data_sets = [{
            'display_name': 'new display name',
        }, {
            'therm_id': uuid.uuid4()
        }, {
            'display_name': 'newest display name',
            'therm_id': uuid.uuid4()
        }, {
            'temperatures': [
                {
                    'degrees_c': 1
                },
                {
                    'degrees_c': 2
                },
                {
                    'degrees_c': 4
                },
                {
                    'degrees_c': 5
                },
            ]
        }]

        for data in data_sets:
            validate_patch_request(data)

    def test_authenticated_patch_invalid_data(self):
        """
        PATCH requests with invalid data should return 400
        """
        url = reverse('thermometer-detail', args=[self.therm.pk])
        new_therm = Thermometer(therm_id='1')

        def patch_invalid_data(data):
            request = self.factory.patch(url, data=data, format='json')
            force_authenticate(request, user=self.normal_user)
            response = self.detailview(request, data=data, pk=self.therm.pk)
            self.assertEquals(response.status_code, 400)

        datasets = [{
            'therm_id':
            'apweoriulsadk falk4;l43aklk jea;lkj34leskrjng lksjn435lka345asdn lksjd'
        }, {
            'display_name':
            'thisnameiswaytoolongandwonteverbeacceptedbecausethelongestallowedis75characters'
        }, {
            'therm_id': '1'
        }, {
            'temperatures': [{
                'degrees_c': 123456789012334567
            }]
        }]

        for data in datasets:
            patch_invalid_data(data)

    def test_delete(self):
        """
        Normal users should be able to delete their thermometers. Superusers should be able to
        delete anyone's thermometers
        """
        second_therm = Thermometer.objects.create()
        second_therm.register(self.normal_user)

        # normal user delete their own thermometer
        url = reverse('thermometer-detail', args=[second_therm.pk])
        request = self.factory.delete(url)
        force_authenticate(request, self.normal_user)
        response = self.detailview(request, pk=second_therm.pk)
        self.assertEquals(response.status_code, 204)
        try:
            Thermometer.objects.get(pk=second_therm.pk)
            self.fail("Query should fail, as oject should no longer exist")
        except Thermometer.DoesNotExist as dne:
            self.assertEquals(str(dne),
                              "Thermometer matching query does not exist.")

        # normal user delete others thermometer
        second_therm = Thermometer.objects.create()
        second_therm.register(self.super_user)
        url = reverse('thermometer-detail', args=[second_therm.pk])
        request = self.factory.delete(url)
        force_authenticate(request, self.normal_user)
        response = self.detailview(request, pk=second_therm.pk)
        self.assertEquals(response.status_code, 404)
        self.assertEquals(
            Thermometer.objects.get(owner=self.super_user).pk, second_therm.pk)

        # superuser delete other's thermometer
        url = reverse('thermometer-detail', args=[self.therm.pk])
        request = self.factory.delete(url)
        force_authenticate(request, self.super_user)
        response = self.detailview(request, pk=self.therm.pk)
        self.assertEquals(response.status_code, 204)
        try:
            Thermometer.objects.get(pk=self.therm.pk)
            self.fail("Query should fail, as oject should no longer exist")
        except Thermometer.DoesNotExist as dne:
            self.assertEquals(str(dne),
                              "Thermometer matching query does not exist.")

        # superuser delete own thermometer
        url = reverse('thermometer-detail', args=[second_therm.pk])
        request = self.factory.delete(url)
        force_authenticate(request, self.super_user)
        response = self.detailview(request, pk=second_therm.pk)
        self.assertEquals(response.status_code, 204)
        try:
            Thermometer.objects.get(pk=second_therm.pk)
            self.fail("Query should fail, as oject should no longer exist")
        except Thermometer.DoesNotExist as dne:
            self.assertEquals(str(dne),
                              "Thermometer matching query does not exist.")
Example #53
0
def api_factory():
    return APIRequestFactory()
Example #54
0
File: tests.py Project: rfb/gwells
 def setUp(self):
     self.factory = APIRequestFactory()
     self.initial_data = {'first_name': 'Bobby', 'surname': 'Driller'}
     self.prov, _ = ProvinceStateCode.objects.get_or_create(
         province_state_code='BC', display_order=1)
     super().setUp()
Example #55
0
 def setUpClass(cls):
     super(CourseApiTestMixin, cls).setUpClass()
     cls.request_factory = APIRequestFactory()
     CourseOverview.get_all_courses()  # seed the CourseOverview table
Example #56
0
    def test_start_and_cancel_downsample_aniso(self, get_msgs_mock, del_msgs_mock, ret_msgs_mock):
        chans = self.dbsetup.insert_downsample_data()

        job4 = { 'channel_id': 3874 }
        job7 = { 'channel_id': chans[0].id }
        job9 = { 'channel_id': 3999 }

        get_msgs_mock.side_effect = [
            [
                { 'MessageId': 'job4', 'ReceiptHandle': 'handle_job4', 'Body': json.dumps(job4) },
                { 'MessageId': 'job7', 'ReceiptHandle': 'handle_job7', 'Body': json.dumps(job7) },
                { 'MessageId': 'job9', 'ReceiptHandle': 'handle_job9', 'Body': json.dumps(job9) },
            ],
            [],
        ]

        exp_return_to_queue_msgs = [get_msgs_mock.side_effect[0][0], get_msgs_mock.side_effect[0][2]] 
        exp_visibility_change_payload = [
            {
                f'ChangeMessageVisibilityBatchRequestEntry.{ind+1}.Id': m['MessageId'],
                f'ChangeMessageVisibilityBatchRequestEntry.{ind+1}.ReceiptHandle': m['ReceiptHandle'],
                f'ChangeMessageVisibilityBatchRequestEntry.{ind+1}.VisibilityTimeout': 0,
            } for ind, m in enumerate(exp_return_to_queue_msgs)
        ]

        exp_del_handle = get_msgs_mock.side_effect[0][1]['ReceiptHandle']

        factory = APIRequestFactory()
        request = factory.post('/' + version + '/downsample/col1/exp_ds_aniso/channel1/',
                               content_type='application/json')
        # log in user
        force_authenticate(request, user=self.user)

        # Make request
        response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso',
                                        channel='channel1')
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)

        # Make Sure status has changed
        factory = APIRequestFactory()
        request = factory.get('/' + version + '/downsample/col1/exp_ds_aniso/channel1/',
                              content_type='application/json')
        # log in user
        force_authenticate(request, user=self.user)

        # Make request
        response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso',
                                        channel='channel1').render()
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data["num_hierarchy_levels"], 5)
        self.assertEqual(response.data["status"], Channel.DownsampleStatus.QUEUED)

        # Cancel the downsample job
        request = factory.delete('/' + version + '/downsample/col1/exp_ds_aniso/channel1/',
                                 content_type='application/json')
        # log in user
        force_authenticate(request, user=self.user)

        # Make request
        response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso',
                                        channel='channel1')
        get_msgs_mock.assert_called_once_with(ANY)
        del_msgs_mock.assert_called_once_with(ANY, exp_del_handle)
        ret_msgs_mock.assert_called_once_with(ANY, exp_visibility_change_payload)
        self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)

        # Make Sure status has changed
        factory = APIRequestFactory()
        request = factory.get('/' + version + '/downsample/col1/exp_ds_aniso/channel1/',
                              content_type='application/json')
        # log in user
        force_authenticate(request, user=self.user)

        # Make request
        response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso',
                                        channel='channel1').render()
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data["status"], Channel.DownsampleStatus.NOT_DOWNSAMPLED)

        # Try to cancel the downsample job again, but it won't because in NOT_DOWNSAMPLED state
        request = factory.delete('/' + version + '/downsample/col1/exp_ds_aniso/channel1/',
                                 content_type='application/json')
        # log in user
        force_authenticate(request, user=self.user)

        # Make request
        response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso',
                                        channel='channel1')
        self.assertEqual(response.status_code, status.HTTP_409_CONFLICT)
    def setUp(self):
        self.basic_person = Person.objects.create_insoumise(
            email="*****@*****.**",
            first_name="Jean",
            last_name="Georges",
            create_role=True,
        )

        self.viewer_person = Person.objects.create_insoumise(
            email="*****@*****.**", create_role=True
        )

        self.adder_person = Person.objects.create_insoumise(
            email="*****@*****.**", create_role=True
        )

        self.changer_person = Person.objects.create_insoumise(
            email="*****@*****.**", create_role=True
        )

        person_content_type = ContentType.objects.get_for_model(Person)
        view_permission = Permission.objects.get(
            content_type=person_content_type, codename="view_person"
        )
        add_permission = Permission.objects.get(
            content_type=person_content_type, codename="add_person"
        )
        change_permission = Permission.objects.get(
            content_type=person_content_type, codename="change_person"
        )

        self.viewer_person.role.user_permissions.add(view_permission)
        self.adder_person.role.user_permissions.add(add_permission)
        self.changer_person.role.user_permissions.add(
            view_permission, change_permission
        )

        self.event = Event.objects.create(
            name="event",
            start_time=timezone.now(),
            end_time=timezone.now() + timezone.timedelta(hours=2),
        )

        self.rsvp = RSVP.objects.create(person=self.basic_person, event=self.event)

        self.supportgroup = SupportGroup.objects.create(name="Group")

        self.membership = Membership.objects.create(
            person=self.basic_person, supportgroup=self.supportgroup
        )

        self.factory = APIRequestFactory()

        self.detail_view = LegacyPersonViewSet.as_view(
            {
                "get": "retrieve",
                "put": "update",
                "patch": "partial_update",
                "delete": "destroy",
            }
        )

        self.list_view = LegacyPersonViewSet.as_view({"get": "list", "post": "create"})
Example #58
0
 def setUp(self):
     self.factory = APIRequestFactory()
     self.view = PollViewSet.as_view({"get": "list"})
     self.uri = '/polls/'
     self.user = self.setup_user()
     self.client = APIClient()
class LegacyPersonEndpointTestCase(APITestCase):
    def as_viewer(self, request):
        force_authenticate(request, self.viewer_person.role)

    def setUp(self):
        self.basic_person = Person.objects.create_insoumise(
            email="*****@*****.**",
            first_name="Jean",
            last_name="Georges",
            create_role=True,
        )

        self.viewer_person = Person.objects.create_insoumise(
            email="*****@*****.**", create_role=True
        )

        self.adder_person = Person.objects.create_insoumise(
            email="*****@*****.**", create_role=True
        )

        self.changer_person = Person.objects.create_insoumise(
            email="*****@*****.**", create_role=True
        )

        person_content_type = ContentType.objects.get_for_model(Person)
        view_permission = Permission.objects.get(
            content_type=person_content_type, codename="view_person"
        )
        add_permission = Permission.objects.get(
            content_type=person_content_type, codename="add_person"
        )
        change_permission = Permission.objects.get(
            content_type=person_content_type, codename="change_person"
        )

        self.viewer_person.role.user_permissions.add(view_permission)
        self.adder_person.role.user_permissions.add(add_permission)
        self.changer_person.role.user_permissions.add(
            view_permission, change_permission
        )

        self.event = Event.objects.create(
            name="event",
            start_time=timezone.now(),
            end_time=timezone.now() + timezone.timedelta(hours=2),
        )

        self.rsvp = RSVP.objects.create(person=self.basic_person, event=self.event)

        self.supportgroup = SupportGroup.objects.create(name="Group")

        self.membership = Membership.objects.create(
            person=self.basic_person, supportgroup=self.supportgroup
        )

        self.factory = APIRequestFactory()

        self.detail_view = LegacyPersonViewSet.as_view(
            {
                "get": "retrieve",
                "put": "update",
                "patch": "partial_update",
                "delete": "destroy",
            }
        )

        self.list_view = LegacyPersonViewSet.as_view({"get": "list", "post": "create"})

    def test_cannot_list_while_unauthenticated(self):
        request = self.factory.get("")
        response = self.list_view(request)

        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_can_only_view_self_while_unprivileged(self):
        request = self.factory.get("")
        force_authenticate(request, self.basic_person.role)
        response = self.list_view(request)

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response.data["_items"]), 1)
        self.assertEqual(response.data["_items"][0]["_id"], str(self.basic_person.pk))

    def test_can_see_self_while_authenticated(self):
        self.client.force_authenticate(self.basic_person.role)
        response = self.client.get("/legacy/people/me/")

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data["_id"], str(self.basic_person.pk))

    def test_cannot_see_self_while_unauthenticated(self):
        response = self.client.get("/legacy/people/me/")

        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_cannot_view_details_while_unauthenticated(self):
        request = self.factory.get("")
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_can_see_self_while_unprivileged(self):
        request = self.factory.get("")
        force_authenticate(request, self.basic_person.role)
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_200_OK)

    def test_cannot_view_others_details_while_unprivileged(self):
        request = self.factory.get("")
        force_authenticate(request, self.basic_person.role)
        response = self.detail_view(request, pk=self.viewer_person.pk)

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_contain_simple_fields(self):
        request = self.factory.get("")
        self.as_viewer(request)
        response = self.detail_view(request, pk=self.basic_person.pk)

        expected_fields = {
            "_id",
            "id",
            "email",
            "first_name",
            "last_name",
            "bounced",
            "bounced_date",
        }

        assert expected_fields.issubset(set(response.data))

    def test_contains_only_whitelisted_fields_while_unprivileged(self):
        self.client.force_authenticate(self.basic_person.role)
        response = self.client.get("/legacy/people/me/")

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertCountEqual(
            (
                "url",
                "_id",
                "email",
                "first_name",
                "last_name",
                "email_opt_in",
                "location",
            ),
            response.data.keys(),
        )

    def test_return_correct_values(self):
        request = self.factory.get("")
        self.as_viewer(request)
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(self.basic_person.email, response.data["email"])
        self.assertEqual(self.basic_person.first_name, response.data["first_name"])
        self.assertEqual(self.basic_person.last_name, response.data["last_name"])

    def test_cannot_post_new_person_while_unauthenticated(self):
        request = self.factory.post(
            "",
            data={
                "email": "*****@*****.**",
                "first_name": "Jean-Luc",
                "last_name": "Mélenchon",
            },
        )
        response = self.list_view(request)

        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_can_post_new_person(self):
        request = self.factory.post(
            "",
            data={
                "email": "*****@*****.**",
                "first_name": "Jean-Luc",
                "last_name": "Mélenchon",
            },
        )
        force_authenticate(request, self.adder_person.role)
        response = self.list_view(request)

        # assert it worked
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)

        new_person = Person.objects.get(email="*****@*****.**")

        self.assertEqual(new_person.first_name, "Jean-Luc")
        self.assertEqual(new_person.last_name, "Mélenchon")

    def test_cannot_post_new_person_with_existing_email(self):
        request = self.factory.post("", data={"email": self.basic_person.email})
        force_authenticate(request, self.adder_person.role)
        response = self.list_view(request)

        self.assertEqual(response.status_code, status.HTTP_422_UNPROCESSABLE_ENTITY)

    def test_can_update_email_list(self):
        """
        We test at the same time that we can replace the list,
        and that we can set the primary email with the 'email' field
        """
        request = self.factory.patch(
            "",
            data={
                "emails": [
                    {"address": "*****@*****.**", "bounced": True},
                    {"address": "*****@*****.**", "bounced": False},
                    {"address": "*****@*****.**"},
                ],
                "email": "*****@*****.**",
            },
        )
        force_authenticate(request, self.changer_person.role)
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(self.basic_person.email, "*****@*****.**")
        self.assertEqual(self.basic_person.emails.all()[2].address, "*****@*****.**")
        self.assertEqual(self.basic_person.emails.all()[2].bounced, True)

    def test_can_update_bounced_status(self):
        request = self.factory.patch("", data={"bounced": True})
        force_authenticate(request, self.changer_person.role)
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(
            self.basic_person.emails.all()[0].address, "*****@*****.**"
        )
        self.assertEqual(self.basic_person.emails.all()[0].bounced, True)
        self.assertLess(self.basic_person.emails.all()[0].bounced_date, timezone.now())

    def test_cannot_modify_while_unauthenticated(self):
        request = self.factory.patch("", data={"first_name": "Marc"})
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_can_modify_self(self):
        request = self.factory.patch(
            "", data={"email": "*****@*****.**", "first_name": "Marc"}
        )
        force_authenticate(request, self.basic_person.role)
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_200_OK)

        self.basic_person.refresh_from_db()
        self.assertEqual(self.basic_person.first_name, "Marc")
        self.assertTrue(
            self.basic_person.emails.filter(address="*****@*****.**").exists()
        )

    def test_can_modify_with_global_perm(self):
        request = self.factory.patch("", data={"first_name": "Marc"})
        force_authenticate(request, self.changer_person.role)
        response = self.detail_view(request, pk=self.basic_person.pk)

        self.assertEqual(response.status_code, status.HTTP_200_OK)

        self.basic_person.refresh_from_db()
        self.assertEqual(self.basic_person.first_name, "Marc")

    def test_can_list_persons(self):
        request = self.factory.get("")
        self.as_viewer(request)
        response = self.list_view(request)

        self.assertIn("_items", response.data)
        self.assertIn("_meta", response.data)

        self.assertEqual(len(response.data["_items"]), 4)
        self.assertCountEqual(
            [person["email"] for person in response.data["_items"]],
            [
                "*****@*****.**",
                "*****@*****.**",
                "*****@*****.**",
                "*****@*****.**",
            ],
        )

    def test_can_post_users_with_empty_null_and_blank_fields(self):
        request = self.factory.post(
            "",
            data={
                "email": "*****@*****.**",
                "location_address1": "",
                "location_address2": None,
                "country_code": None,
            },
        )
        force_authenticate(request, self.adder_person.role)

        response = self.list_view(request)

        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
class TestRecipesTestCase(APITestCase):
    def setUp(self):
        self.factory = APIRequestFactory()
        self.recipes_view = views.RecipesViewSet.as_view({
            'get': 'list',
            'post': 'create'
        })
        self.single_recipe_view = views.RecipesViewSet.as_view({
            'get':
            'retrieve',
            'delete':
            'destroy'
        })
        self.category_recipes_view = views.CategoryRecipes.as_view()
        self.public_recipes_view = views.PublicRecipes.as_view()
        self.public_recipes_detail = views.PublicRecipesDetail.as_view()
        self.recipe_reviews = views.RecipeReviews.as_view({
            'get': 'list',
            'post': 'create'
        })
        self.category_uri = '/categories/'
        self.recipe_uri = '/recipes/'
        self.public_recipes_uri = '/public-recipes/'
        self.test_user = self.setup_user()
        self.category = self.setup_category()
        self.recipe = self.setup_recipe()
        self.public_recipe = self.setup_public_recipe()
        self.recipe_review = self.setup_recipe_review()

    @staticmethod
    def setup_user():
        User = get_user_model()
        return User.objects.create_user(username='******',
                                        email='*****@*****.**',
                                        password='******')

    @staticmethod
    def setup_category():
        category = Category.objects.create(
            name='test category',
            owner=get_user_model().objects.get(username='******'),
            description='sweet and flavor category')
        category.save()
        return category

    @staticmethod
    def setup_recipe():
        recipe = Recipe.objects.create(
            name='test recipe',
            owner=get_user_model().objects.get(username='******'),
            category=Category.objects.get(name='test category'),
            description='sweet and flavor recipe',
            ingredients='Onions, Tomatoes')
        recipe.save()
        return recipe

    @staticmethod
    def setup_public_recipe():
        recipe = Recipe.objects.create(
            name='test public recipe',
            owner=get_user_model().objects.get(username='******'),
            category=Category.objects.get(name='test category'),
            description='sweet and flavor recipe',
            ingredients='Onions, Tomatoes',
            is_public=True)
        recipe.save()
        return recipe

    @staticmethod
    def setup_recipe_review():
        review = Review.objects.create(
            comment="Awesome recipe",
            recipe=Recipe.objects.get(name='test public recipe'))
        review.save()
        return review

    def test_recipes_list(self):
        '''
        test retrieve all user recipes
        '''
        request = self.factory.get(self.recipe_uri)
        force_authenticate(request, user=self.test_user)
        response = self.recipes_view(request)
        self.assertEqual(
            response.status_code, 200,
            'Expected Response Code 200, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test recipe', str(response.data))

    def test_get_single_recipes(self):
        '''
        test retrieve a single user recipe
        '''
        request = self.factory.get(self.recipe_uri)
        force_authenticate(request, user=self.test_user)
        pk = Recipe.objects.get(name='test recipe').pk
        response = self.single_recipe_view(request, pk=pk)
        self.assertEqual(
            response.status_code, 200,
            'Expected Response Code 200, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test recipe', str(response.data))

    def test_get_single_recipes_not_found(self):
        '''
        test retrieve a single user recipe not found
        '''
        request = self.factory.get(self.category_uri)
        force_authenticate(request, user=self.test_user)
        response = self.single_recipe_view(request, pk=8)
        self.assertEqual(
            response.status_code, 404,
            'Expected Response Code 404, received {0} instead.'.format(
                response.status_code))
        self.assertNotIn('test recipe', str(response.data))

    def test_category_recipes_list(self):
        '''
        test retrieve all user recipes in category
        '''
        request = self.factory.get(self.category_uri)
        force_authenticate(request, user=self.test_user)
        category_pk = Category.objects.get(name='test category').pk
        response = self.category_recipes_view(request, category_pk=category_pk)
        self.assertEqual(
            response.status_code, 200,
            'Expected Response Code 200, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test recipe', str(response.data))

    def test_single_category_recipe(self):
        '''
        test retrieve a single recipe in category
        '''
        request = self.factory.get(self.category_uri)
        force_authenticate(request, user=self.test_user)
        pk = Recipe.objects.get(name='test recipe').pk
        category_pk = Category.objects.get(name='test category').pk
        response = self.single_recipe_view(request,
                                           category_pk=category_pk,
                                           pk=pk)
        self.assertEqual(
            response.status_code, 200,
            'Expected Response Code 200, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test recipe', str(response.data))

    def test_create_recipe(self):
        '''
        test create user recipes
        '''
        params = {
            'name': 'test recipe2',
            'category': Category.objects.get(name='test category').pk,
            'description': 'sweet and flavor recipe',
            'ingredients': 'Onions, Tomatoes'
        }
        request = self.factory.post(self.recipe_uri, params, format='json')
        force_authenticate(request, user=self.test_user)
        response = self.recipes_view(request)
        self.assertEqual(
            response.status_code, 201,
            'Expected Response Code 201, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test recipe2', str(response.data))

    def test_create_category_recipe(self):
        '''
        test create user category recipes
        '''
        params = {
            'name': 'test recipe3',
            'category': Category.objects.get(name='test category').pk,
            'description': 'sweet and flavor recipe',
            'ingredients': 'Onions, Tomatoes'
        }
        request = self.factory.post(self.category_uri, params, format='json')
        force_authenticate(request, user=self.test_user)
        category_pk = Category.objects.get(name='test category').pk
        response = self.category_recipes_view(request, category_pk=category_pk)
        self.assertEqual(
            response.status_code, 201,
            'Expected Response Code 201, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test recipe3', str(response.data))

    def test_public_recipes_list(self):
        '''
        test retrieve all public recipes
        '''
        request = self.factory.get(self.public_recipes_uri)
        response = self.public_recipes_view(request)
        self.assertEqual(
            response.status_code, 200,
            'Expected Response Code 200, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test public recipe', str(response.data))

    def test_get_public_recipe_detail(self):
        '''
        test retrieve a single public recipe
        '''
        request = self.factory.get(self.public_recipes_uri)
        pk = Recipe.objects.filter(is_public=True).first().pk
        response = self.public_recipes_detail(request, pk=pk)
        self.assertEqual(
            response.status_code, 200,
            'Expected Response Code 200, received {0} instead.'.format(
                response.status_code))
        self.assertIn('test public recipe', str(response.data))

    def test_get_recipe_reviews(self):
        '''
        test retrieve recipe reviews
        '''
        request = self.factory.get(self.public_recipes_uri)
        pk = Recipe.objects.filter(is_public=True).first().pk
        response = self.recipe_reviews(request, pk=pk)
        self.assertEqual(
            response.status_code, 200,
            'Expected Response Code 200, received {0} instead.'.format(
                response.status_code))
        self.assertIn('Awesome recipe', str(response.data))