def test_check_if_user_is_superuser_normal_user(db: Session) -> None: username = random_email() password = random_lower_string() user_in = UserCreate(email=username, password=password) user = crud.user.create(db, obj_in=user_in) is_superuser = crud.user.is_superuser(user) assert is_superuser is False
def test_retrieve_users_by_normal_user_is_unauthorized( client: TestClient, normal_user_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() user_in = UserCreate(email=username, password=password) crud.user.create(db, obj_in=user_in) username2 = random_email() password2 = random_lower_string() user_in2 = UserCreate(email=username2, password=password2) crud.user.create(db, obj_in=user_in2) r = client.get(f"{settings.API_V1_STR}/users/", headers=normal_user_token_headers) assert r.status_code == 401
def test_check_if_user_is_active_inactive(db: Session) -> None: email = random_email() password = random_lower_string() user_in = UserCreate(email=email, password=password) user = crud.user.create(db, obj_in=user_in) is_active = crud.user.is_active(user) assert is_active
def test_check_if_user_is_superuser(db: Session) -> None: email = random_email() password = random_lower_string() user_in = UserCreate(email=email, password=password, is_superuser=True) user = crud.user.create(db, obj_in=user_in) is_superuser = crud.user.is_superuser(user) assert is_superuser is True
def test_create_user(db: Session) -> None: email = random_email() password = random_lower_string() user_in = UserCreate(email=email, password=password) user = crud.user.create(db, obj_in=user_in) assert user.email == email assert hasattr(user, "hashed_password")
def test_authenticate_user(db: Session) -> None: email = random_email() password = random_lower_string() user_in = UserCreate(email=email, password=password) user = crud.user.create(db, obj_in=user_in) authenticated_user = crud.user.authenticate(db, email=email, password=password) assert authenticated_user assert user.email == authenticated_user.email
def test_retrieve_users_by_superadmin(client: TestClient, superadmin_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() user_in = UserCreate(email=username, password=password) crud.user.create(db, obj_in=user_in) username2 = random_email() password2 = random_lower_string() user_in2 = UserCreate(email=username2, password=password2) crud.user.create(db, obj_in=user_in2) r = client.get(f"{settings.API_V1_STR}/users/", headers=superadmin_token_headers) all_users = r.json() assert len(all_users) > 1
def test_get_user(db: Session) -> None: password = random_lower_string() username = random_email() user_in = UserCreate(email=username, password=password) user = crud.user.create(db, obj_in=user_in) user_2 = crud.user.get(db, id=user.id) assert user_2 assert user.email == user_2.email assert jsonable_encoder(user) == jsonable_encoder(user_2)
def test_registration(client: TestClient) -> None: username = random_email() password = random_lower_string() data = {"email": username, "password": password} r = client.post( f"{settings.API_V1_STR}/registration", json=data, ) assert r.status_code == 200
def test_create_user_role(db: Session) -> None: email = random_email() password = random_lower_string() user_in = schemas.UserCreate(email=email, password=password) user = crud.user.create(db, obj_in=user_in) role = crud.role.get_by_name(db, name="ACCOUNT_ADMIN") user_role_in = schemas.UserRoleCreate(user_id=user.id, role_id=role.id) user_role = crud.user_role.create(db, obj_in=user_role_in) assert user_role.user_id == user.id assert user_role.role_id == role.id
def test_create_user_by_normal_user( client: TestClient, normal_user_token_headers: Dict[str, str]) -> None: username = random_email() password = random_lower_string() data = {"email": username, "password": password} r = client.post( f"{settings.API_V1_STR}/users/", headers=normal_user_token_headers, json=data, ) assert r.status_code == 400
def test_update_user(db: Session) -> None: password = random_lower_string() email = random_email() user_in = UserCreate(email=email, password=password) user = crud.user.create(db, obj_in=user_in) new_username = random_lower_string() user_in_update = UserUpdate(full_name=new_username) crud.user.update(db, db_obj=user, obj_in=user_in_update) user_2 = crud.user.get(db, id=user.id) assert user_2 assert user.email == user_2.email assert new_username == user_2.full_name
def test_update_password(db: Session) -> None: password = random_lower_string() email = random_email() user_in = UserCreate(email=email, password=password) user = crud.user.create(db, obj_in=user_in) new_password = random_lower_string() user_in_update = UserUpdate(password=new_password) crud.user.update(db, db_obj=user, obj_in=user_in_update) user_2 = crud.user.get(db, id=user.id) assert user_2 assert user.email == user_2.email assert verify_password(password, user_2.hashed_password)
def test_get_existing_user_for_normal_user_is_unauthorized( client: TestClient, normal_user_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() user_in = UserCreate(email=username, password=password) user = crud.user.create(db, obj_in=user_in) user_id = user.id r = client.get( f"{settings.API_V1_STR}/users/{user_id}", headers=normal_user_token_headers, ) assert r.status_code == 401
def test_create_user_by_normal_user_is_unauthorized( client: TestClient, normal_user_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() full_name = random_lower_string() data = {"email": username, "password": password, "full_name": full_name} r = client.post( f"{settings.API_V1_STR}/users", headers=normal_user_token_headers, json=data, ) assert r.status_code == 401
def test_update_user_role(db: Session) -> None: email = random_email() password = random_lower_string() user_in = schemas.UserCreate(email=email, password=password) user = crud.user.create(db, obj_in=user_in) role = crud.role.get_by_name(db, name="ACCOUNT_ADMIN") user_role_in = schemas.UserRoleCreate(user_id=user.id, role_id=role.id) user_role = crud.user_role.create(db, obj_in=user_role_in) new_role = crud.role.get_by_name(db, name="ACCOUNT_MANAGER") new_user_role_in = schemas.UserRoleUpdate(role_id=new_role.id) new_user_role = crud.user_role.update(db, db_obj=user_role, obj_in=new_user_role_in) assert new_user_role.role_id == new_role.id
def test_get_existing_user(client: TestClient, superuser_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() user_in = UserCreate(email=username, password=password) user = crud.user.create(db, obj_in=user_in) user_id = user.id r = client.get( f"{settings.API_V1_STR}/users/{user_id}", headers=superuser_token_headers, ) assert 200 <= r.status_code < 300 api_user = r.json() existing_user = crud.user.get_by_email(db, email=username) assert existing_user assert existing_user.email == api_user["email"]
def test_create_user_open(client: TestClient, normal_user_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() full_name = random_lower_string() data = {"email": username, "password": password, "full_name": full_name} r = client.post( f"{settings.API_V1_STR}/users/open", headers=normal_user_token_headers, json=data, ) assert 200 <= r.status_code < 300 created_user = r.json() user = crud.user.get_by_email(db, email=username) assert user assert user.email == created_user["email"]
def test_create_user_existing_username(client: TestClient, superuser_token_headers: dict, db: Session) -> None: username = random_email() # username = email password = random_lower_string() user_in = UserCreate(email=username, password=password) crud.user.create(db, obj_in=user_in) data = {"email": username, "password": password} r = client.post( f"{settings.API_V1_STR}/users/", headers=superuser_token_headers, json=data, ) created_user = r.json() assert r.status_code == 400 assert "_id" not in created_user
def test_create_user_open_existing_username(client: TestClient, normal_user_token_headers: dict, db: Session) -> None: username = random_email() full_name = random_lower_string() password = random_lower_string() user_in = UserCreate(email=username, password=password, full_name=full_name) crud.user.create(db, obj_in=user_in) data = {"email": username, "password": password, "full_name": full_name} r = client.post( f"{settings.API_V1_STR}/users/open", headers=normal_user_token_headers, json=data, ) created_user = r.json() assert r.status_code == 409 assert "_id" not in created_user
def test_update_user_role_by_unauthorized_user_fails( client: TestClient, normal_user_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() full_name = random_lower_string() user_in = UserCreate(email=username, password=password, full_name=full_name) user = crud.user.create(db, obj_in=user_in) role = crud.role.get_by_name(db, name=Role.ACCOUNT_MANAGER["name"]) user_role_in = UserRoleCreate(user_id=user.id, role_id=role.id) crud.user_role.create(db, obj_in=user_role_in) new_role = crud.role.get_by_name(db, name=Role.ACCOUNT_ADMIN["name"]) data = {"role_id": str(new_role.id)} r = client.put( f"{settings.API_V1_STR}/user-roles/{user.id}", headers=normal_user_token_headers, json=data, ) assert r.status_code == 401
def test_assign_user_role_by_normal_user(client: TestClient, superadmin_token_headers: dict, db: Session) -> None: username = random_email() password = random_lower_string() full_name = random_lower_string() user_in = UserCreate(email=username, password=password, full_name=full_name) user = crud.user.create(db, obj_in=user_in) role = crud.role.get_by_name(db, name=Role.ACCOUNT_MANAGER["name"]) data = {"user_id": str(user.id), "role_id": str(role.id)} r = client.post( f"{settings.API_V1_STR}/user-roles", headers=superadmin_token_headers, json=data, ) assert 200 <= r.status_code < 300 created_user_role = r.json() user_role = crud.user_role.get_by_user_id(db, user_id=user.id) assert user_role assert str(user_role.role_id) == created_user_role["role_id"]
def test_user_not_authenticated(db: Session) -> None: email = random_email() password = random_lower_string() user = crud.user.authenticate(db, email=email, password=password) assert user is None
def create_random_user(db: Session) -> User: email = random_email() password = random_lower_string() user_in = UserCreate(username=email, email=email, password=password) user = crud.user.create(db=db, obj_in=user_in) return user