def update_entry(entry, *, commit=True, **kwargs): session = Session() for key, value in kwargs.items(): setattr(entry, key, value) if commit: session.commit() return entry
def test_send_funds_with_wrong_user(self): resp = self.client.post( url_for("api.send_funds", wallet_id=self.wallet_1.uid), json={ "to_wallet": self.wallet_2.uid, "amount": 25 }, headers=self.get_auth_headers(self.user_2_credentials), ) self.assertEqual(resp.status_code, 404) self.assertEqual(resp.json, { 'code': 404, 'type': 'NOT_FOUND', 'message': ANY }) self.assertEqual( Session().query( Wallets.funds).filter_by(uid=self.wallet_1.uid).one().funds, 100, ) self.assertEqual( Session().query( Wallets.funds).filter_by(uid=self.wallet_2.uid).one().funds, 0, )
def test_send_funds(self): resp = self.client.post( url_for("api.send_funds", wallet_id=self.wallet_1.uid), json={ "to_wallet": self.wallet_2.uid, "amount": 25 }, headers=self.get_auth_headers(self.user_1_credentials), ) self.assertEqual(resp.status_code, 200) self.assertEqual( resp.json, { 'uid': ANY, 'from_wallet': self.wallet_1.uid, 'to_wallet': self.wallet_2.uid, 'amount': 25, 'datetime': ANY }) self.assertTrue(Session().query(Transactions).filter_by( uid=resp.json['uid']).one()) self.assertEqual( Session().query( Wallets.funds).filter_by(uid=self.wallet_1.uid).one().funds, 75, ) self.assertEqual( Session().query( Wallets.funds).filter_by(uid=self.wallet_2.uid).one().funds, 25, )
def test_unauthorized(self): resp = self.client.post( url_for("api.send_funds", wallet_id=self.wallet_1.uid), json={ "to_wallet": self.wallet_2.uid, "amount": 25 }, ) self.assertEqual(resp.status_code, 401) self.assertEqual(resp.json, { 'code': 401, 'type': 'NOT_AUTHORIZED', 'message': ANY }) self.assertEqual( Session().query( Wallets.funds).filter_by(uid=self.wallet_1.uid).one().funds, 100, ) self.assertEqual( Session().query( Wallets.funds).filter_by(uid=self.wallet_2.uid).one().funds, 0, )
def list_wallets(*filters): session = Session() return ( session.query(Wallets) .join(Users) .filter(*filters) .all() )
def identity(payload): admin_identity = AdminUserIdentity() if payload['identity'] == admin_identity.id: return admin_identity else: session = Session() return UserModelIdentity( session.query(Users).filter_by(uid=payload['identity']).one())
def list_users(email=None, first_name=None, last_name=None): session = Session() filters = [] if email: filters.append(Users.email.like(email)) if first_name: filters.append(Users.email.like(first_name)) if last_name: filters.append(Users.email.like(last_name)) return session.query(Users).filter(*filters).all()
def authenticate(username, password): from lab6.app import app session = Session() admin_identity = AdminUserIdentity() if username == f'admin-{admin_identity.id}' and password == app.config[ 'SECRET_KEY']: return admin_identity else: user = session.query(Users).filter_by(email=username).one() if user and check_password_hash(user.password, password): return UserModelIdentity(user)
def db_session_context(): session = Session() try: yield session except Exception: session.rollback() raise else: try: session.commit() except Exception: session.rollback() raise
def test_unauthorized(self): resp = self.client.delete( url_for("api.delete_wallet", wallet_id=self.wallet.uid), ) self.assertEqual(resp.status_code, 401) self.assertEqual(resp.json, { 'code': 401, 'type': 'NOT_AUTHORIZED', 'message': ANY }) self.assertTrue(Session().query(Wallets).filter_by( uid=self.wallet.uid).one_or_none())
def test_unauthorized(self): resp = self.client.post(url_for("api.create_user"), json=self.user_1_data) self.assertEqual(resp.status_code, 401) self.assertEqual(resp.json, { 'code': 401, 'type': 'NOT_AUTHORIZED', 'message': ANY }) self.assertFalse(Session().query(Users).filter_by( email=self.user_1_data['email']).one_or_none())
def create_entry(model_class, *, commit=True, **kwargs): session = Session() entry = model_class(**kwargs) session.add(entry) if commit: session.commit() return entry
def test_delete_wallet_by_wrong_user(self): resp = self.client.delete( url_for("api.delete_wallet", wallet_id=self.wallet.uid), headers=self.get_auth_headers(self.user_2_credentials), ) self.assertEqual(resp.status_code, 404) self.assertEqual(resp.json, { 'code': 404, 'type': 'NOT_FOUND', 'message': ANY }) self.assertTrue(Session().query(Wallets).filter_by( uid=self.wallet.uid).one_or_none())
def test_delete_wallet(self): resp = self.client.delete( url_for("api.delete_wallet", wallet_id=self.wallet.uid), headers=self.get_auth_headers(self.user_1_credentials), ) self.assertEqual(resp.status_code, 200) self.assertEqual(resp.json, { 'code': 200, 'type': 'OK', 'message': ANY }) self.assertFalse(Session().query(Wallets).filter_by( uid=self.wallet.uid).one_or_none())
def test_update_another_user(self): resp = self.client.delete( url_for("api.delete_user", user_id=self.user_2.uid), headers=self.get_auth_headers(self.user_1_credentials), ) self.assertEqual(resp.status_code, 401) self.assertEqual(resp.json, { 'code': 401, 'type': 'NOT_AUTHORIZED', 'message': ANY }) self.assertTrue(Session().query(Users).filter_by( uid=self.user_2.uid).one_or_none())
def test_unauthorized(self): resp = self.client.put( url_for("api.update_wallet", wallet_id=self.wallet.uid), json={"name": "Updated Wallet A"}, ) self.assertEqual(resp.status_code, 401) self.assertEqual(resp.json, { 'code': 401, 'type': 'NOT_AUTHORIZED', 'message': ANY }) self.assertFalse(Session().query(Wallets).filter_by( name="Updated Wallet A").one_or_none())
def test_update_wallet_by_wrong_user(self): resp = self.client.put( url_for("api.update_wallet", wallet_id=self.wallet.uid), json={"name": "Updated Wallet A"}, headers=self.get_auth_headers(self.user_2_credentials), ) self.assertEqual(resp.status_code, 404) self.assertEqual(resp.json, { 'code': 404, 'type': 'NOT_FOUND', 'message': ANY }) self.assertFalse(Session().query(Wallets).filter_by( name="Updated Wallet A").one_or_none())
def test_update_wallet(self): resp = self.client.put( url_for("api.update_wallet", wallet_id=self.wallet.uid), json={"name": "Updated Wallet A"}, headers=self.get_auth_headers(self.user_1_credentials), ) self.assertEqual(resp.status_code, 200) self.assertEqual(resp.json, { 'code': 200, 'type': 'OK', 'message': ANY }) self.assertTrue( Session().query(Wallets).filter_by(name="Updated Wallet A").one())
def test_unauthorized(self): resp = self.client.put( url_for("api.update_user", user_id=self.user_1.uid), json={ **self.user_1_data, "first_name": "UpdatedFirst" }, ) self.assertEqual(resp.status_code, 401) self.assertEqual(resp.json, { 'code': 401, 'type': 'NOT_AUTHORIZED', 'message': ANY }) self.assertFalse(Session().query(Users).filter_by( first_name='UpdatedFirst').one_or_none())
def test_not_admin(self): db_utils.create_entry(Users, **self.user_1_data_hashed) resp = self.client.post( url_for("api.create_user"), json=self.user_2_data, headers=self.get_auth_headers(self.user_1_credentials), ) self.assertEqual(resp.status_code, 401) self.assertEqual(resp.json, { 'code': 401, 'type': 'NOT_AUTHORIZED', 'message': ANY }) self.assertFalse(Session().query(Users).filter_by( email=self.user_2_data['email']).one_or_none())
def test_self_update(self): resp = self.client.put( url_for("api.update_user", user_id=self.user_1.uid), json={ **self.user_1_data, "first_name": "UpdatedFirst" }, headers=self.get_auth_headers(self.user_1_credentials), ) self.assertEqual(resp.status_code, 200) self.assertEqual(resp.json, { 'code': 200, 'type': 'OK', 'message': ANY }) self.assertTrue( Session().query(Users).filter_by(first_name='UpdatedFirst').one())
def test_create_user(self): resp = self.client.post( url_for("api.create_user"), json=self.user_1_data, headers=self.get_auth_headers(self.admin_credentials), ) self.assertEqual(resp.status_code, 200) self.assertEqual( resp.json, { 'uid': ANY, 'email': self.user_1_data['email'], 'first_name': self.user_1_data['first_name'], 'last_name': self.user_1_data['last_name'], }) self.assertTrue(Session().query(Users).filter_by( email=self.user_1_data['email']).one())
def list_transactions_for_wallet(user_uid, wallet_id): session = Session() session.query(Wallets).filter_by(uid=wallet_id, owner_uid=user_uid).one() transactions_from = ( session.query(Transactions) .join(Wallets, Transactions.from_wallet_uid == Wallets.uid) .filter( Wallets.owner_uid == user_uid, Transactions.from_wallet_uid == wallet_id ) ) transactions_to = ( session.query(Transactions) .join(Wallets, Transactions.to_wallet_uid == Wallets.uid) .filter( Wallets.owner_uid == user_uid, Transactions.to_wallet_uid == wallet_id ) ) return ( transactions_from.union(transactions_to) .order_by(Transactions.datetime) .all() )
def close_session(self): Session().close()
def delete_entry(model_class, uid, *, commit=True, **kwargs): session = Session() session.query(model_class).filter_by(uid=uid, **kwargs).delete() if commit: session.commit()
def get_entry_by_uid(model_class, uid, **kwargs): session = Session() return session.query(model_class).filter_by(uid=uid, **kwargs).one()