def handle(self, *args, **options):
if not len(args):
user = User.objects(username='******').first() or User(
username='******').save()
user.group = Group.objects(name='Administrator').first()
user.set_password('password')
location = Location.objects(type='district').first() or Location(
name='Kampala', type='district').save()
profile = UserProfile.objects(phone='N/A').first() or UserProfile(
phone='N/A',
name='Admin',
location=location,
email='*****@*****.**').save()
profile.user = user
profile.save()
else:
user = User.objects(username=args[0]).first() or User(
username=args[0]).save()
user.group = Group.objects(name='Administrator').first()
user.set_password(args[1])
location = Location.objects(name=args[4]).first() or Location(
name=args[4], type='district').save()
profile = UserProfile.objects(
phone=args[5]).first() or UserProfile(
phone=args[5],
name=args[3],
location=location,
email=args[2]).save().save()
profile.user = user
profile.save()
self.stdout.write('Successfully created superuser')
def test_updating_profile_with_photo_file(self):
attr = self.mobile_user_to_post.copy()
attr['email'] = '*****@*****.**'
attr['phone'] = '+256775019511'
attr['user'] = User(username='******', password='******').save()
profile = UserProfile(**attr)
user_photo = open(settings.PROJECT_ROOT + '/../dms/tests/test.jpg',
'rb')
profile.photo.put(user_photo, content_type='image/content_type')
profile.save()
with open(settings.PROJECT_ROOT + '/../dms/tests/test2.jpg',
'rb') as test_image:
attr['file'] = test_image
response = self.client.post(
self.API_ENDPOINT + str(profile.id) + '/', attr)
self.assertEqual(200, response.status_code)
retrieved_user = User.objects(username='******').first()
reloaded_profile = UserProfile.objects(user=retrieved_user).first()
self.assertEqual(
reloaded_profile.photo.read(),
open(settings.PROJECT_ROOT + '/../dms/tests/test2.jpg',
'rb').read())
self.assertEqual(reloaded_profile.photo.content_type, 'image/jpeg')
self.assertEqual(reloaded_profile.photo_uri(),
'/api/v1/photo/' + str(reloaded_profile.id))
def setUp(self):
user_attrs = dict(username="******",
first_name="NavaL",
last_name="Andria",
email="*****@*****.**",
password="******")
self.user = User(**user_attrs).save()
def test_get_user_id(self):
user = User(username='******', password='******').save()
user_profile_attr = dict(name='timothy',
phone='+256775019449',
location=self.district,
email=None,
user=user)
profile = UserProfile(**user_profile_attr).save()
self.assertEqual(str(user.id), profile.user_id())
def test_serializing_group_name(self):
mobile_user_attr = self.mobile_user.copy()
group = Group.objects().first()
mobile_user_attr['user'] = User(username='******',
password='******',
group=group).save()
mobile_user = UserProfile(**mobile_user_attr).save()
serialized_object = UserProfileSerializer(mobile_user)
self.assertEqual(str(group.id), serialized_object.data['group'])
def test_only_username_is_serialized_if_user_profile_has_a_user(self):
mobile_user_attr = self.mobile_user.copy()
mobile_user_attr['user'] = User(username='******',
password='******').save()
mobile_user = UserProfile(**mobile_user_attr).save()
serialized_object = UserProfileSerializer(mobile_user)
self.assertDictContainsSubset(self.serialized_mobile_user,
serialized_object.data)
self.assertEqual('cage', serialized_object.data['username'])
self.assertFalse('user' in serialized_object.data.keys())
def test_mapping_user_id_to_user_profile(self):
user = User(username='******').save()
location = Location(name='Kampala', type='district').save()
profile = UserProfile(phone='N/A',
name='Admin',
location=location,
user=user,
email='*****@*****.**').save()
self.assertEqual(profile.id, get_profile_id(user))
def test_raise_403_given_user_is_trying_to_access_some_other_users_profile(
self):
attr = self.mobile_user.copy()
attr['email'] = '*****@*****.**'
attr['phone'] = '+256775029500'
attr['user'] = User(username='******', password='******').save()
profile = UserProfile(**attr).save()
self.assert_permission_required_for_get(self.API_ENDPOINT +
str(profile.id) + '/')
self.assert_permission_required_for_post(self.API_ENDPOINT +
str(profile.id) + '/')
def setup_new_user(self, username, group_id):
user = User(username=username, group=group_id).save()
password = self.set_new_password(user)
message = self._build_new_user_email_message(username, password)
send_email.delay('Your NECOC Account', message,
settings.DEFAULT_FROM_EMAIL, [self.profile.email])
if self.profile.phone and getattr(settings,
'SENDSMS_ON_PASSWORD_RESET', False):
text = 'Your NECOC password for user: %s has been set to %s' % (
username, password)
send_one_sms.delay(None, self.profile.phone, text)
return user
def test_saving_a_system_user(self):
user = User(username='******', password='******').save()
user_profile_attr = dict(name='timothy',
phone='+256775019449',
location=self.district,
email=None,
user=user)
UserProfile(**user_profile_attr).save()
self.assertEqual(user,
UserProfile.objects.get(**user_profile_attr).user)
def login_with_permission(self, permission_codename):
self.client.logout()
ct = ContentType(app_label='dms',
model=str(uuid.uuid4()),
name=str(uuid.uuid4())).save()
permission = Permission(name=permission_codename,
codename=permission_codename,
content_type=ct.id).save()
group = Group(name=str(uuid.uuid4()), permissions=[permission]).save()
user = User(username='******', group=group)
user.set_password('pw')
self.client.login(username='******', password='******')
def handle(self, *args, **options):
if len(args):
user = User.objects(username=args[0], email=args[2]).first() or User(username=args[0], email=args[2])
if len(args) > 3:
ct = ContentType(app_label='dms', model=str(uuid.uuid4()), name=str(uuid.uuid4())).save()
permission = Permission(name=args[3], codename=args[3], content_type=ct.id).save()
group = Group(name=str(uuid.uuid4()), permissions=[permission]).save()
user.group = group
user.set_password(args[1])
self.stdout.write('Successfully created user')
def test_should_get_a_single_user(self):
attr = self.mobile_user.copy()
user = User(username='******', password='******').save()
attr['user'] = user
profile = UserProfile(**attr).save()
response = self.client.get(self.API_ENDPOINT + str(profile.id) + '/')
self.assertEqual(200, response.status_code)
self.assertEqual(self.mobile_user['name'], response.data['name'])
self.assertEqual(self.mobile_user['phone'], response.data['phone'])
self.assertEqual(self.mobile_user['email'], response.data['email'])
self.assertEqual(self.district.name, response.data['location']['name'])
self.assertEqual('cage', response.data['username'])
self.assertEqual(str(user.id), response.data['user_id'])
def test_not_raising_403_if_user_only_wants_access_to_their_profile(self):
self.client.logout()
attr = self.mobile_user.copy()
attr['email'] = '*****@*****.**'
attr['phone'] = '+256775029500'
user = User(username='******', email='*****@*****.**')
user.group = None
user.set_password('hahahah')
attr['user'] = user
profile = UserProfile(**attr).save()
self.client.login(username='******', password='******')
response = self.client.get(self.API_ENDPOINT + str(profile.id) + '/')
self.assertEquals(response.status_code, 200)
response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/')
self.assertEquals(response.status_code, 200)
def test_should_update_a_single_user(self):
attr = self.mobile_user.copy()
attr['email'] = '*****@*****.**'
attr['phone'] = '+256775019500'
attr['user'] = User(username='******', password='******').save()
profile = UserProfile(**attr).save()
response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/',
self.mobile_user_to_post)
profile.reload()
profiles = UserProfile.objects()
self.assertEqual(1, profiles.count())
self.assertEqual(200, response.status_code)
self.assertEqual(self.mobile_user_to_post['name'], profile.name)
self.assertEqual(self.mobile_user_to_post['phone'], profile.phone)
self.assertEqual(self.mobile_user_to_post['email'], profile.email)
def _post_with_basic_auth(api_endpoint, data_dict):
api_url = settings.HOSTNAME + api_endpoint
data = json.dumps(data_dict)
payload = {'username': '******', 'password': settings.API_USER_PASS}
api_user = User.objects.order_by('-id').first()
if api_user is None:
api_user = User(
**dict(username=payload['username'], is_active=True)).save()
api_user.set_password(payload['password'])
basic_auth_key = _basic_auth_header(payload['username'],
payload['password'])
else:
basic_auth_key = _basic_auth_header(api_user.username,
settings.API_USER_PASS)
return requests.post(api_url, data, \
headers={'Authorization': basic_auth_key, 'content-type': 'application/json'})
def _post_with_token_auth(api_endpoint, data_dict):
api_url = settings.HOSTNAME + api_endpoint
payload = {'username': '******', 'password': settings.API_USER_PASS}
api_user = User.objects.order_by('-id').first()
if api_user is None:
api_user = User(
**dict(username=payload['username'], is_active=True)).save()
api_user.set_password(payload['password'])
token, created = Token.objects.get_or_create(user=api_user)
else:
try:
token = Token.objects.get(user=api_user)
except DoesNotExist:
token, created = Token.objects.get_or_create(user=api_user)
return requests.post(api_url, json.dumps(data_dict), \
headers={'Authorization': 'Token %s' % token.key, 'content-type': 'application/json'})
def setUp(self):
self.user = User(username='******')
self.user.set_password('hehe')
self.password_data = dict(old_password='******',
new_password='******',
confirm_password='******')
def login_without_permissions(self):
self.client.logout()
empty_group = Group(name='Empty', permissions=[])
User(username='******', password='******', group=empty_group)
self.client.login(username='******', password='******')
def test_serializer_should_be_invalid_if_username_is_not_unique(self):
User(username='******', password='******').save()
self.serialized_mobile_user['location'] = self.district.id
self.serialized_mobile_user['username'] = '******'
serializer = UserProfileSerializer(data=self.serialized_mobile_user)
self.assertFalse(serializer.is_valid())
