def test_remove_reserved_item_from_own_list(self):
'''
Confirm ability to remove an item from your own list
which has previously been marked as reserved, and that an
email is sent to the reserver
'''
self.create_lists(self.db.owner, 5)
l = self.db.owner.lists[-1]
count = len(l.items)
item = l.items[0]
iid = item.key().id()
o = self.db.add_owner(User('foo', '*****@*****.**'))
item.reserved_by = o
item.put()
self.rpc.remove_item(iid)
self.assertEqual(count - 1, len(self.db.owner.lists[-1].items))
owner = self.db.owner
subject = 'Wish List Item Deleted'
template_tuple = (
item.reserved_by.nickname,
owner.nickname,
owner.email,
item.name,
l.name,
'Reserved',
owner.nickname,
owner.email,
)
body = self.ae.DELETED_ITEM_TEMPLATE % template_tuple
msg = dict(f=self.ae.FROM_ADDRESS, t=o.email, s=subject, b=body)
self.assertEqual(msg, self.ae.msg)
def Xtest_get_user(self):
"""
Verify that calling get_current_user while logged in provides you
with a logout url and your login info
"""
self.set_user(User(is_admin=True))
# Verify no owner exists before call
self.assertEqual(None, self.db.user_owners.get(self.user, None))
num_owners = len(self.db.owners)
url = 'http://www.domain.com/some/extra/path/'
user = self.rpc.get_current_user(url)
# Verify correct user details are returned
base = get_base_url(url)
goodbye = '{}/#Goodbye:'.format(base)
self.assertEqual(self.ae.create_logout_url(goodbye), user.logout_url)
self.assertEqual(self.user.nickname(), user.nickname)
self.assertEqual(self.user.email(), user.email)
self.assertEqual(None, user.login_url)
# Verify owner was created correctly
owner = self.db.user_owners.get(self.user)
self.assertEqual(num_owners + 1, len(self.db.owners))
self.assertEqual(self.user, owner.user)
self.assertEqual(owner.key().id(), user.owner_id)
self.assertEqual(self.user.nickname(), owner.nickname)
self.assertEqual(self.user.email(), owner.email)
self.assertEqual(extract_name(self.user.email()), owner.name)
def setup_groups(self):
O = self.db.add_owner
self.a1 = O(User('a1', '*****@*****.**', is_admin=True))
self.a2 = O(User('a2', '*****@*****.**', is_admin=True))
self.u1 = O(User('u1', '*****@*****.**'))
self.u2 = O(User('u2', '*****@*****.**'))
self.u3 = O(User('u3', '*****@*****.**'))
self.g1 = self.db.add_group('g1', 'g1desc', self.a1)
self.g2 = self.db.add_group('g2', 'g1desc', self.a2)
self.db.add_group_member(self.g1, self.a1)
self.db.add_group_member(self.g1, self.u1)
self.db.add_group_member(self.g1, self.u3)
self.db.add_group_member(self.g2, self.a2)
self.db.add_group_member(self.g2, self.u2)
self.db.add_group_member(self.g2, self.u3)
def test_add_list_other_owner(self):
'''
Confirm that trying to add a list for another owner raises a
PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
oid = o.key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.add_list(oid, 'Name', 'Desc')
def test_get_lists_invalid_owner(self):
'''
Confirm that trying to get lists for an invalid owner raises
PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
oid = o.key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.get_lists(oid)
def test_add_surprise_item_to_invalid_owner(self):
'''
Confirm that trying to add a surprise item to the list of an invalid
owner raises PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
lid = o.lists[0].key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.add_item(lid, 'item', 'cat', 'desc', 'url', True)
def test_get_list_no_owner(self):
'''
Confirm that trying to get lists with no owner raises a
PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
oid = o.key().id()
self.delete_owner()
with self.assertRaises(PermissionDeniedError):
self.rpc.get_lists(oid)
def test_get(self):
"""Get a request by ID"""
user = User(email='*****@*****.**')
req = self.db.add_req(user)
self.user.is_admin = True
self.resource.get(req.key().id())
js_req = self.resource.get_last_response()
self.assertEqual(js_req.id, req.key().id())
self.assertEqual(js_req.email, req.user.email())
def test_remove_item_from_invalid_list(self):
'''
Confirm that trying to remove an item from someone else's
list raises PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(o, [self.db.owner])
iid = o.lists[2].items[1].key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.remove_item(iid)
def test_deny(self):
"""Deny doesn't create owner"""
self.user.is_admin = True
user = User(email='*****@*****.**')
req = self.db.add_req(user)
self.assertFalse(req.denied)
self.assertEqual({}, self.ae.msg)
self.resource.deny(req.key().id())
self.assertTrue(req.denied)
self.assertEqual(1, len(self.db.request_ids))
self.assertEqual(0, len(self.db.owners))
msg = self.ae.msg
self.assertEqual(self.ae.FROM_ADDRESS, msg['f'])
self.assertEqual(user.email(), msg['t'])
self.assertEqual('Account Not Activated', msg['s'])
body = self.ae.DENY_TEMPLATE % extract_name(user.email())
self.assertEqual(body, msg['b'])
def test_unpurchase_invalid_item(self):
'''
Confirm trying to unpurchase an item you don't have access to raises
PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
item = o.lists[2].items[1]
iid = item.key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.unpurchase_item(iid)
def test_add_item_to_invalid_owner(self):
"""
Confirm that trying to add an item to the list of an invalid owner
raises PermissionDeniedError
"""
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(o, [self.db.owner])
lid = o.lists[0].key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.add_item(lid, 'item', 'cat', 'desc', 'url', False)
def test_get_lists_from_owner_of_group_im_in(self):
'''
Confirm that get_lists works for an owner who is the owner of
a group current owner is in
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(o, [self.db.owner])
oid = o.key().id()
wls = self.rpc.get_lists(oid)
self.compare_all_lists(o.lists, wls)
def test_update_list_no_owner(self):
'''
Confirm that trying to update a list with no owner raises a
PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
l = self.db.add_list(o.key().id(), 'List Name', 'List Desc')
lid = l.key().id()
self.delete_owner()
with self.assertRaises(PermissionDeniedError):
self.rpc.update_list(lid, 'Name', 'Desc')
def test_update_list_invalid_owner(self):
'''
Confirm that trying to add a list for an invalid owner raises a
PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
oid = o.key().id()
l = self.db.add_list(oid, 'New List', 'New Desc')
lid = l.key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.update_list(lid, 'Name', 'Desc')
def test_get_lists_from_member_of_my_group(self):
'''
Confirm that get_lists works for an owner who is a member of
a group owned by current owner
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(self.db.owner, [o])
oid = o.key().id()
wls = self.rpc.get_lists(oid)
self.compare_all_lists(o.lists, wls)
def test_approve_request(self):
'''
Confirm approving a request for access to all i want
'''
self.set_user(User(is_admin=True))
user = User(email='*****@*****.**')
req = self.db.add_req(user)
self.assertEqual({}, self.ae.msg)
self.rpc.approve_request(req.key().id())
self.assertEqual(0, len(self.db.request_ids))
owner = self.db.owners.values()[0]
self.assertEqual(user, owner.user)
msg = self.ae.msg
self.assertEqual(self.ae.FROM_ADDRESS, msg['f'])
self.assertEqual(owner.email, msg['t'])
self.assertEqual('Account Activated', msg['s'])
body = self.ae.APPROVE_TEMPLATE % extract_name(owner.email)
self.assertEqual(body, msg['b'])
def test_update_item_in_invalid_list(self):
''''
Confirm that trying to update an item in someone else's list
raises PermissionDeniedError
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(o, [self.db.owner])
item = o.lists[2].items[1]
iid = item.key().id()
with self.assertRaises(PermissionDeniedError):
self.rpc.update_item(iid, 'item', 'cat', 'desc', 'url')
def _setup_groups(self):
# Create some groups owned by current user
self.db.add_group(name='Avengers', description='Marvel Heroes')
self.db.add_group(name='X-Men', description='Mutant Heroes')
# Create some groups owned by another user
thanos_user = User(nickname='Thanos', email='*****@*****.**')
thanos_owner = self.db.add_owner(thanos_user)
self.db.add_group(name='Sinister Six',
description='Doctor Octopus and Crew',
owner=thanos_owner)
self.db.add_group(name='Brotherhood of Mutants',
description='Magneto and Company',
owner=thanos_owner)
# Create another group that the current user is a member of
stan_lee_user = User(nickname='Stan Lee', email='*****@*****.**')
stan_lee_owner = self.db.add_owner(stan_lee_user)
marvel_universe = self.db.add_group(name='Marvel Universe',
description='Everyone Marvel',
owner=stan_lee_owner)
self.db.add_group_member(marvel_universe)
def test_purchase_item(self):
'''
Confirm ability to purchase an item from list you can access
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(o, [self.db.owner])
item = o.lists[-1].items[-1]
iid = item.key().id()
self.assertEqual(None, item.reserved_by)
self.assertEqual(None, item.purchased_by)
self.rpc.purchase_item(iid)
self.assertEqual(None, item.reserved_by)
self.assertEqual(self.db.owner, item.purchased_by)
def test_update_owner(self):
"""
Make sure user can change name and nickname of list owner
"""
# Make sure the owner exists
self.set_user(User('John Doe', 'Johnny'))
self.db.add_owner(self.user)
owner = self.db.add_owner(self.user)
self.assertFalse(owner.saved())
self.rpc.update_owner(owner.key().id(), 'Joe Smith', 'Joe')
self.assertTrue(owner.saved())
self.assertEqual('Joe Smith', owner.name)
self.assertEqual('Joe', owner.nickname)
def test_unpurchase_item(self):
'''
Confirm ability to unpurchase an item you previously purchased
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(o, [self.db.owner])
item = o.lists[-1].items[-1]
item.purchased_by = self.db.owner
item.put()
iid = item.key().id()
self.assertEqual(None, item.reserved_by)
self.assertEqual(self.db.owner, item.purchased_by)
self.rpc.unpurchase_item(iid)
self.assertEqual(None, item.reserved_by)
self.assertEqual(None, item.purchased_by)
def test_increasing_ids(self):
'''
Make sure that ids are increasing with each object
'''
eq = lambda id, obj: self.assertEquals(id, obj.key().id())
ids = range(1, 100)
classes = (User, Group, Invite, Member, List, Item)
for cls in classes:
objs = [cls() for i in ids]
[eq(id, o) for id, o in zip(ids, objs)]
u = User()
u_classes = (Req, Owner)
for cls in u_classes:
objs = [cls(u) for i in ids]
[eq(id, o) for id, o in zip(ids, objs)]
def test_approve(self):
"""Approve creates Owner"""
self.user.is_admin = True
user = User(email='*****@*****.**')
req = self.db.add_req(user)
self.assertEqual({}, self.ae.msg)
self.resource.approve(req.key().id())
self.assertEqual(0, len(self.db.request_ids))
owner = self.db.owners.values()[0]
self.assertEqual(user, owner.user)
msg = self.ae.msg
self.assertEqual(self.ae.FROM_ADDRESS, msg['f'])
self.assertEqual(owner.email, msg['t'])
self.assertEqual('Account Activated', msg['s'])
body = self.ae.APPROVE_TEMPLATE % extract_name(owner.email)
self.assertEqual(body, msg['b'])
def test_add_surprise_item_for_fellow_group_memeber(self):
'''
Confirm ability to add a surprise item to a list you have access to
'''
o = self.db.add_owner(User('foo', '*****@*****.**'))
self.create_lists(o, 5)
self.create_group(o, [self.db.owner])
l = o.lists[2]
count = len(l.items)
lid = l.key().id()
w_list = self.rpc.add_item(lid, 'item', 'cat', 'desc', 'url', True)
witem = w_list.items[-1]
self.assertEqual(count + 1, len(o.lists[2].items))
self.assertEqual('item', witem.name)
self.assertEqual('cat', witem.category)
self.assertEqual('desc', witem.description)
self.assertEqual('url', witem.url)
self.assertEqual(True, witem.is_surprise)
self.assertEqual(self.db.owner.nickname, witem.reserved_by)
def test_increasing_ids(self):
"""
Make sure that ids are increasing with each object
"""
def eq(id, obj):
msg = 'ID matches for {}'.format(obj.__class__.__name__)
self.assertEqual(id, obj.key().id(), msg)
ids = range(1, 100)
classes = (User, Group, Invite, Member, List, Item)
for cls in classes:
objs = [cls() for i in ids]
[eq(id, o) for id, o in zip(ids, objs)]
u = User()
u_classes = (Req, Owner)
for cls in u_classes:
objs = [cls(u) for i in ids]
[eq(id, o) for id, o in zip(ids, objs)]
def test_get_no_admin(self):
"""Can't get if not admin"""
user = User(email='*****@*****.**')
req = self.db.add_req(user)
with self.assertRaises(PermissionDeniedError):
self.resource.get(req.key().id())
def setUp(self):
self.set_user(User())
def setUp(self):
self.db = MockAccess(User(), add_owner=True)
self.ae = MockWrapper()
self.rpc = ListRpcGroup(self.db, self.ae)
def setUp(self):
self.db = MockAccess(User(), add_owner=True)
self.ae = MockAppEngine()
self.rpc = GroupRpcGroup(self.db, self.ae)
