Exemple #1
0
def test_can_delete(db, monkeypatch):
    db.create_all()

    user = User(email="*****@*****.**")
    user.save()

    def fake_request():
        return {"user": user}

    monkeypatch.setattr("starlette_audit.tables.get_request", fake_request)

    obj = MyModel(name="foo")
    obj.save()

    id = obj.id

    obj.delete()

    logs = AuditLog.query.filter(AuditLog.entity_type == "mymodel",
                                 AuditLog.entity_type_id == id).all()

    # all logs should remain intact after deleting

    assert len(logs) == 2

    assert logs[0].data == {"id": id, "name": "foo"}
    assert logs[0].extra_data == {}
    assert logs[0].operation == "INSERT"
    assert logs[0].created_by_id == user.id

    assert logs[1].data == {"id": id, "name": "foo"}
    assert logs[1].extra_data == {}
    assert logs[1].operation == "DELETE"
    assert logs[1].created_by_id == user.id
Exemple #2
0
def test_can_update(db, monkeypatch):
    db.create_all()

    user = User(email="*****@*****.**")
    user.save()

    def fake_request():
        return {"user": user}

    monkeypatch.setattr("starlette_audit.tables.get_request", fake_request)

    obj = MyModel(name="foo")
    obj.save()

    obj.name = "bar"
    obj.save()

    id = obj.id

    logs = AuditLog.query.filter(AuditLog.entity_type == "mymodel",
                                 AuditLog.entity_type_id == id).all()

    assert len(logs) == 2
    assert logs[1].data == {"id": id, "name": "bar"}
    assert logs[1].extra_data == {}
    assert logs[1].operation == "UPDATE"
    assert logs[1].created_by_id == user.id
Exemple #3
0
def test_model_data():
    user = User(**data)

    assert user.email == "*****@*****.**"
    assert user.first_name == "Me"
    assert user.last_name == "Jones"
    assert user.is_active is True
    assert user.password is None
Exemple #4
0
def user():
    data = {"email": "*****@*****.**", "first_name": "Test", "last_name": "User"}

    try:
        return User.query.filter(User.email == data["email"]).one()
    except:
        usr = User(**data)
        usr.set_password("password")
        usr.save()
        return usr
def user():
    data = {"email": "*****@*****.**", "first_name": "Test", "last_name": "User"}

    try:
        return db_session.query(User).query.filter(User.email == data["email"]).one()
    except:
        usr = User(**data)
        usr.set_password("password")
        db_session.add(usr)
        db_session.commit()
        return usr
def test_scoped_endpoints(session):
    user = User(email="*****@*****.**")
    user.set_password("password")

    read_scope = Scope(code="read")
    write_scope = Scope(code="write")

    session.add_all([user, read_scope, write_scope])
    session.flush()

    app = create_app()

    with TestClient(app) as client:

        assert client.get("/unauthed").status_code == 200
        assert client.get("/authed").status_code == 403
        assert client.get("/read").status_code == 403
        assert client.get("/write").status_code == 403

        login = client.post("/auth/login",
                            data={
                                "email": "*****@*****.**",
                                "password": "******"
                            })

        assert login.status_code == 302

        assert client.get("/unauthed").status_code == 403
        assert client.get("/authed").status_code == 200
        assert client.get("/read").status_code == 403
        assert client.get("/write").status_code == 403

        user.scopes.append(read_scope)
        session.add(user)
        session.flush()

        assert client.get("/unauthed").status_code == 403
        assert client.get("/authed").status_code == 200
        assert client.get("/read").status_code == 200
        assert client.get("/write").status_code == 403

        user.scopes.append(write_scope)
        session.add(user)
        session.flush()

        assert client.get("/unauthed").status_code == 403
        assert client.get("/authed").status_code == 200
        assert client.get("/read").status_code == 200
        assert client.get("/write").status_code == 200
Exemple #7
0
def user():
    from starlette_auth.tables import User  # noqa isort:skip

    data = {
        "email": "*****@*****.**",
        "first_name": "Test",
        "last_name": "User"
    }

    try:
        return User.query.filter(email == data["email"]).one()
    except:
        usr = User(**data)
        usr.set_password("password")
        usr.save()
        return usr
Exemple #8
0
def test_password():
    user = User(**data)

    user.set_password("password")
    assert user.check_password("password")
Exemple #9
0
def test_str():
    user = User(**data)

    assert str(user) == "*****@*****.**"
Exemple #10
0
def test_display_name():
    user = User(**data)

    assert user.display_name == "Me Jones"
def user():
    test_user = User(email="*****@*****.**")
    test_user.set_password("password")
    test_user.save()

    return test_user
 def get_user(self, conn):
     return User(first_name="tom", last_name="jones", is_active=False)