def test_not_admin_failure(client, add_user):
_ = add_user(role=ROLE_USER, log_him_in=True)
resp = client.post(endpoint=endpoint,
data=dict(
name=get_random_str(),
tel=get_random_str(),
comment=get_random_str(),
),
check_status=403)
assert 'errors' in resp
assert len(resp['errors']) == 1
def test_search_mode(client, add_user):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
string = 'common string to find'
strings = [
f'some prefix {string}',
f'{string} some postfix',
f'prefix {string} postfix',
string,
]
# Create devices
ids = set()
for s in strings:
location = add_location(address=s)
ids.add(add_device(location_id=location.id).id)
contact = add_contact(name=s)
ids.add(add_device(contact_id=contact.id).id)
contact = add_contact(tel=s)
ids.add(add_device(contact_id=contact.id).id)
ids.add(add_device(comment=s).id)
# Add some noise
for s in strings:
# We do not search by city_name
location = add_location(city_name=get_random_str())
add_device(location_id=location.id)
location = add_location(address=get_random_str())
add_device(location_id=location.id)
contact = add_contact(name=get_random_str())
add_device(contact_id=contact.id)
contact = add_contact(tel=get_random_str())
add_device(contact_id=contact.id)
add_device(comment=get_random_str())
# Check results
resp = client.get(
endpoint=endpoint,
query=string,
limit=100 # To get all the results on one page
)
assert 'total' in resp
assert resp['total'] == len(ids)
assert 'results' in resp
assert {r['id'] for r in resp['results']} == ids
def test_search_mode_failure(client, add_user):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
common_string = get_random_str(15)
test_cases = [
(add_publisher(**{p: get_random_str() + common_string}), p)
for p in search_fields
]
for publisher, param in test_cases:
resp = client.get(
endpoint=endpoint,
query=common_string,
query_fields=list(set(search_fields) - {param})
)
assert 'results' in resp
assert publisher.id not in {r['id'] for r in resp['results']}
def test_default(client, add_user, role):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
role_is_manager = role == ROLE_MANAGER
name = f'User-{get_random_str()}'
password = get_random_str()
email = f'{get_random_str()}@new.com'
data = dict(
name=name,
password=password,
email=email,
role=role,
)
if role_is_manager:
publisher = add_publisher()
data['publisher_id'] = publisher.id
resp = client.post(
endpoint=endpoint,
data=data,
)
assert 'id' in resp
instance = User.query.get(resp['id'])
assert instance
assert instance.name == name
assert instance.email == email
assert instance.role == role
if role_is_manager:
assert instance.publisher_id == publisher.id
def func(name=None,
email=None,
password=None,
role=ROLE_USER,
publisher_id=None,
log_him_in=False,
**kwargs):
name = name or f'User_{get_random_str()}'
email = email or f'{get_random_str()}@email.com'
password = password or get_random_str()
publisher_id = publisher_id or add_publisher(
).id if role == ROLE_MANAGER else None
user = save_user(name=name,
email=email,
password=password,
role=role,
publisher_id=publisher_id,
**kwargs)
if log_him_in:
client.post(endpoint='users.login_user_view',
data=dict(email=email, password=password))
return user
def test_duplicate_email_failure(client, add_user):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
name = f'User-{get_random_str()}'
password = get_random_str()
email = f'{get_random_str()}@new.com'
resp = client.post(endpoint=endpoint,
data=dict(
name=name,
password=password,
email=email,
))
assert 'id' in resp
instance = User.query.get(resp['id'])
assert instance
assert instance.email == email
resp = client.post(endpoint=endpoint,
data=dict(
name=name,
password=password,
email=email,
),
check_status=400)
assert 'errors' in resp
assert len(resp['errors']) == 1
assert 'email' in resp['errors'][0].lower()
def test_admin_default(client, add_user):
"""
Checks that admin can update other user's files
"""
user = add_user(role=ROLE_MANAGER)
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
file = add_content(created_by=user.id, publisher_id=user.publisher_id)
previous_src = file.src
comment = get_random_str()
resp = client.put(endpoint=endpoint,
content_type='multipart/form-data',
file_id=file.id,
data=dict(
file=open('tests/data/FaceImage.jpg', 'rb'),
comment=comment,
))
assert 'id' in resp
file = File.query.get(resp['id'])
assert file and os.path.isfile(file.src)
assert file.src != previous_src
assert file.status == STATUS_CREATED
assert 'comment' in resp
assert resp['comment'] == file.comment == comment
def add_content(created_by, publisher_id, comment=None, status=None):
return save_content(
file=FileStorage(open('tests/data/FaceImage.jpg', 'rb')),
comment=comment or get_random_str(),
created_by=created_by,
publisher_id=publisher_id,
status=status,
)
def test_not_admin_failure(client, add_user):
_ = add_user(role=ROLE_USER, log_him_in=True)
city = add_city()
resp = client.post(endpoint=endpoint,
data=dict(address=get_random_str(), city_id=city.id),
check_status=403)
assert 'errors' in resp
assert len(resp['errors']) == 1
def test_not_admin_failure(client, add_user):
_ = add_user(role=ROLE_USER, log_him_in=True)
_ = client.post(endpoint=endpoint,
data=dict(
name=f'User-{get_random_str()}',
password=get_random_str(),
email=f'{get_random_str()}@new.com',
),
check_status=403)
def test_not_auth_failure(client):
"""
Checks that anonymous user can not add files
"""
resp = client.post(endpoint=endpoint,
content_type='multipart/form-data',
data=dict(comment=get_random_str(), ),
check_status=403)
assert 'errors' in resp
assert len(resp['errors']) == 1
def test_not_admin_failure(client, add_user):
_ = add_user(role=ROLE_USER, log_him_in=True)
device = add_device()
_ = client.put(endpoint=endpoint,
device_id=device.id,
check_status=403,
data=dict(
status=ACTIVE,
comment=get_random_str(),
))
def test_default(client, add_user):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
contact_id = add_contact().id
resp = client.put(endpoint=endpoint,
contact_id=contact_id,
data=dict(
name=get_random_str(),
tel=get_random_str(),
comment=get_random_str(),
))
assert 'id' in resp
contact = Contact.query.get(resp['id'])
assert contact
assert 'name' in resp
assert resp['name'] == contact.name
assert 'tel' in resp
assert resp['tel'] == contact.tel
assert 'comment' in resp
assert resp['comment'] == contact.comment
def test_not_auth_failure(client, add_user):
"""
Checks that anonymous user can not update files
"""
user = add_user(role=ROLE_MANAGER)
file = add_content(created_by=user.id, publisher_id=user.publisher_id)
resp = client.put(endpoint=endpoint,
content_type='multipart/form-data',
file_id=file.id,
data=dict(comment=get_random_str(), ),
check_status=403)
assert 'errors' in resp
assert len(resp['errors']) == 1
def test_default_role(client, add_user):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
name = f'User-{get_random_str()}'
password = get_random_str()
email = f'{get_random_str()}@new.com'
resp = client.post(endpoint=endpoint,
data=dict(
name=name,
password=password,
email=email,
))
assert 'id' in resp
instance = User.query.get(resp['id'])
assert instance
assert instance.name == name
assert instance.email == email
assert instance.role == ROLE_USER # the default role
def test_file_publisher(client, add_user, role):
"""
Checks that publisher_id is required for admin and shouldn`t be filled for manager
"""
_ = add_user(role=role, log_him_in=True)
data = dict(
file=open('tests/data/FaceImage.jpg', 'rb'),
comment=get_random_str(256),
)
if role == ROLE_MANAGER:
publisher = add_publisher()
data['publisher_id'] = publisher.id
resp = client.post(endpoint=endpoint,
content_type='multipart/form-data',
data=data,
check_status=400)
assert 'errors' in resp
assert len(resp['errors']) == 1
assert 'publisher_id' in resp['errors'][0]
def test_not_admin_failure(client, add_user):
"""
Checks that ordinary user can not update other user's files
"""
user = add_user(role=ROLE_MANAGER)
_ = add_user(role=ROLE_MANAGER, log_him_in=True)
file = add_content(created_by=user.id, publisher_id=user.publisher_id)
comment = get_random_str()
resp = client.put(endpoint=endpoint,
content_type='multipart/form-data',
file_id=file.id,
check_status=403,
data=dict(
file=open('tests/data/FaceImage.jpg', 'rb'),
comment=comment,
))
assert 'errors' in resp
assert len(resp['errors']) == 1
def test_user_publisher_id_field(client, add_user, role):
"""
Checks that user can not add manager without publisher_id and admin with it
"""
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
name = f'User-{get_random_str()}'
password = get_random_str()
email = f'{get_random_str()}@new.com'
data = dict(
name=name,
password=password,
email=email,
role=role,
)
if role == ROLE_ADMIN:
publisher = add_publisher()
data['publisher_id'] = publisher.id
resp = client.post(endpoint=endpoint, data=data, check_status=400)
assert 'errors' in resp
assert len(resp['errors']) == 1
assert 'publisher_id' in resp['errors'][0]
def test_search_mode(client, add_user):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
# Create publishers
test_cases = []
all_ids = set()
common_string = get_random_str(15)
for params in [[f] for f in search_fields] + [search_fields]:
# Add trash publishers to make some noise
add_publisher(**{p: get_random_str() for p in params})
# Add publishers with common string in params
prefixed = common_string + get_random_str()
postfixed = get_random_str() + common_string
middle = get_random_str() + common_string + get_random_str()
prefixed_id = add_publisher(**{p: prefixed for p in params}).id
all_ids.update({
prefixed_id,
add_publisher(**{p: postfixed for p in params}).id,
add_publisher(**{p: middle for p in params}).id,
})
test_cases.append((prefixed[:-1], {prefixed_id}))
# Add common test case
test_cases.append((common_string, all_ids))
# Run test cases
for query, publisher_ids in test_cases:
resp = client.get(
endpoint=endpoint,
query=query,
query_fields=[f for f in search_fields]
)
assert 'total' in resp
assert resp['total'] == len(publisher_ids)
assert 'results' in resp
assert {r['id'] for r in resp['results']} == publisher_ids
import pytest
from lib.utils import get_random_str
from tests.helpers import add_contact, add_location, add_device
from app.users.constants import ROLE_ADMIN, ROLE_USER
from app.devices.models import Device
from app.devices.constants import STATUSES, ACTIVE, INACTIVE, UNAPPROVED
endpoint = 'devices.update_device_view'
@pytest.mark.parametrize("contact,location,comment,status", [
(True, None, None, None),
(None, True, None, None),
(None, None, get_random_str(), None),
(None, None, None, INACTIVE),
(True, True, None, None),
(True, True, get_random_str(), None),
(None, None, get_random_str(), ACTIVE),
(None, True, get_random_str(), ACTIVE),
(True, True, get_random_str(), ACTIVE),
])
def test_default(client, add_user, contact, location, comment, status):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
device = add_device()
contact_id = add_contact().id if contact else None
location_id = add_location().id if location else None
resp = client.put(endpoint=endpoint,
device_id=device.id,
def add_publisher(name=None, comment=None, airtime=None, created_by=None):
return save_publisher(name=name or get_random_str(),
comment=comment,
airtime=airtime,
created_by=created_by)
def add_contact(name=None, tel=None, comment=None):
return save_contact(
name=name or get_random_str(),
tel=tel or get_random_str(),
comment=comment or get_random_str(),
)
def add_device(uid_token=None, **kwargs):
return save_device(uid_token=uid_token or get_random_str(), **kwargs)
def add_location(city_name=None, address=None):
city = add_city(name=city_name)
return save_location(address=address or get_random_str(), city_id=city.id)
def add_city(name=None):
return save_city(name=name or get_random_str())
resp = client.post(endpoint=endpoint,
data=dict(
name=name,
password=password,
email=email,
),
check_status=400)
assert 'errors' in resp
assert len(resp['errors']) == 1
assert 'email' in resp['errors'][0].lower()
@pytest.mark.parametrize("name,password,email", [
(
None,
get_random_str(),
f'{get_random_str()}@new.com',
),
(
f'User-{get_random_str()}',
None,
f'{get_random_str()}@new.com',
),
(
f'User-{get_random_str()}',
get_random_str(),
None,
),
])
def test_no_required_params_failure(client, add_user, name, password, email):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
from app.system.constants import OS
endpoint = 'system.current_version_view'
@pytest.mark.parametrize("os_name", [
*OS,
])
def test_default(client, os_name):
resp = client.get(endpoint=endpoint, os_name=os_name)
assert 'version' in resp
assert 'download_url' in resp
@pytest.mark.parametrize(
"os_name, param_name",
[
# Malformed os_version
(None, 'os_name'),
(get_random_str(255, punctuation=True), 'os_name'),
])
def test_malformed_params_failure(client, os_name, param_name):
resp = client.get(
endpoint=endpoint,
os_name=os_name,
check_status=400,
)
assert 'errors' in resp
assert len(resp['errors']) == 1
assert param_name in resp['errors'][0].lower()
import pytest
from lib.utils import get_random_str
from app.users.constants import ROLE_ADMIN, ROLE_USER
from app.devices.models import Contact
endpoint = 'devices.add_contact_view'
@pytest.mark.parametrize("name,tel,comment", [
('12345', '89152346362', '2323'),
(' ', ' ', ' '),
('\n\n\n\n\n', '\t\t\t\t\t\t\t\t\t\t', '\n'),
('!@#$%^&*', '1234#$%^&*(', None),
(get_random_str(255), get_random_str(255), get_random_str(1024)),
(get_random_str(5), get_random_str(10), ''),
])
def test_default(client, add_user, name, tel, comment):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
resp = client.post(endpoint=endpoint,
data=dict(
name=name,
tel=tel,
comment=comment,
))
assert 'id' in resp
contact = Contact.query.get(resp['id'])
assert contact
import pytest
from lib.utils import get_random_str
from app.publishers.models import Publisher
from app.users.constants import ROLE_ADMIN, ROLE_USER
from tests.helpers import add_publisher
endpoint = 'publishers.update_publisher_view'
@pytest.mark.parametrize("name,comment,airtime", [
(get_random_str(), None, None),
(
get_random_str(),
get_random_str(),
None,
),
(
get_random_str(),
get_random_str(),
10.5,
),
])
def test_default(client, add_user, name, comment, airtime):
_ = add_user(role=ROLE_ADMIN, log_him_in=True)
publisher = add_publisher()
resp = client.put(endpoint=endpoint,
publisher_id=publisher.id,
data=dict(
name=name,
for r in resp['results']
])
assert not any([r['id'] == device_health_past.id for r in resp['results']])
@pytest.mark.parametrize('param,value', [
('page', -1),
('page', -10),
('page', 101),
('page', 0),
('limit', 0),
('limit', 1001),
('limit', -1),
('limit', -10),
('sort_by', 'wrong_field'),
('sort_by', '-wrong_field'),
('sort_by', 'created_by'),
('sort_by', '-created_by'),
('sort_by', '--name'),
('start_date_time', 1),
('start_date_time', get_random_str()),
('end_date_time', 1),
('end_date_time', get_random_str()),
])
def test_malformed_params_failure(client, add_user, param, value):
_ = add_user(log_him_in=True)
resp = client.get(endpoint=endpoint, check_status=400, **{param: value})
assert 'errors' in resp
assert len(resp['errors']) == 1
assert param in resp['errors'][0].lower()
