def test_reserve_book_400_book_already_reserved(client, admin_access_token,
db_populate_books,
db_populate_reservations):
"""
Test the reserve book function.
If book is already reserved:
:assert: response status code is 400.
:assert: reservation is not created.
"""
reservation_before = Reservation.query.filter(
Reservation.status == 'STARTED').first()
assert reservation_before
book = Book.get_or_404(reservation_before.book_id)
user = User.get_or_404(1)
response = client.post(
f'admin/reserveBook/{book.id}/{user.id}',
headers={'Authorization': f'Bearer {admin_access_token}'})
assert response.status_code == 400
#Assert reservations are not changed.
reservation_after = Reservation.query.filter(
Reservation.book_id == book.id, Reservation.status == 'STARTED').one()
assert reservation_before == reservation_after
def schema(self, app):
"""
Create a mock user and pass it to the schema.
Return UpdatePasswordSchema.
"""
user = User(password='******', email='*****@*****.**')
return UpdatePasswordSchema(user=user)
def db_populate(db):
"""Populate the database with mock user data."""
#Create roles
user_role = Role(name='User')
admin_role = Role(name='Admin')
db.session.add(user_role)
db.session.add(admin_role)
db.session.commit()
#Create an admin user.
admin = User(password="******", email="*****@*****.**")
admin.roles.append(admin_role)
db.session.add(admin)
#Create normal users.
users = [
User(password="******", email="*****@*****.**"),
User(password='******', email='*****@*****.**'),
User(password='******', email='*****@*****.**'),
User(password='******', email='*****@*****.**'),
User(password='******', email='*****@*****.**')
]
db.session.add_all(users)
db.session.commit()
def test_email_unique(self, schema, db_populate):
"""Assert schema raises errors if email is not unique."""
user_email = User.get_or_404(1).email
data = {
'email': f'{user_email}',
'password': '******',
'password_confirmation': "password"
}
errors = schema.validate(data)
assert errors
assert errors['email']
def test_login_ok(client):
"""
Test the login function.
:assert: response status code is 200.
:assert: access token is in response.
:assert: refresh token is in response.
"""
payload = {"email": User.get_or_404(2).email, "password": "******"}
response = client.post('/login',
headers={'Content-Type': 'application/json'},
data=json.dumps(payload))
assert response.status_code == 200
assert 'access_token' in response.json
assert 'refresh_token' in response.json
def test_login_400_password_missing(client):
"""
Test the login function.
If password is missing:
:assert: response status code is 400.
:assert: no token is sent in response.
:assert: password error message in sent in response.
"""
payload = {"email": User.get_or_404(2).email}
response = client.post('/login',
headers={'Content-Type': 'application/json'},
data=json.dumps(payload))
assert response.status_code == 400
assert not 'access_token' in response.json
assert not 'refresh_token' in response.json
assert 'password' in response.json
def test_registerUser_400_email_already_exists(client):
"""
Test the register_user function.
:assert: response status code is 400.
:assert: error 'email' is returned in response.
:assert: there is only one user with this email in the database.
"""
payload = {
"email": User.get_or_404(1).email,
"password": '******',
"password_confirmation": 'password'
}
response = client.post('/register',
headers={'Content-Type': 'application/json'},
data=json.dumps(payload))
assert response.status_code == 400
assert 'email' in response.json
assert len(User.query.filter(User.email == payload['email']).all()) == 1
def test_reserve_book_401_unauthorized(client, normal_access_token,
db_populate_books):
"""
Test the reserve_book function.
If user is unauthorized:
:assert: response status code is 401.
:assert: reservation is not created.
"""
book = Book.get_or_404(1)
user = User.get_or_404(1)
response = client.post(
f'admin/reserveBook/{book.id}/{user.id}',
headers={'Authorization': f'Bearer {normal_access_token}'})
assert response.status_code == 401
with pytest.raises(NoResultFound):
reservation = Reservation.query.filter(
Reservation.book_id == book.id, Reservation.reserved_by == user.id,
Reservation.status == 'STARTED').one()
assert not reservation
def test_reserve_book_ok(client, admin_access_token, db_populate_books):
"""
Test the reserve_book function.
:assert: response status code is 204.
:assert: no content is returned.
:assert: reservation was created.
"""
book = Book.get_or_404(1)
user = User.get_or_404(1)
response = client.post(
f'admin/reserveBook/{book.id}/{user.id}',
headers={'Authorization': f'Bearer {admin_access_token}'})
assert response.status_code == 204
assert not response.json
reservation = Reservation.query.filter(
Reservation.book_id == book.id, Reservation.reserved_by == user.id,
Reservation.status == 'STARTED').one()
assert reservation
def test_login_400_invalid_password(client):
"""
Test the login function.
If password is invalid:
:assert: response status code is 400.
:assert: No token is sent in response.
:assert: _schema error message is sent in response.
"""
payload = {
"email": User.get_or_404(2).email,
"password": "******"
}
response = client.post('/login',
headers={'Content-Type': 'application/json'},
data=json.dumps(payload))
assert response.status_code == 400
assert not 'access_token' in response.json
assert not 'refresh_token' in response.json
assert '_schema' in response.json
assert 'Wrong credentials!' in response.json['_schema']