def test_add_membership_span_in_future_and_past_does_not_give_membership(
self):
member_id = self.api.create_member()['member_id']
self.post(
f"/membership/span", {
"member_id": member_id,
"type": "membership",
"startdate": self.date(-40).isoformat(),
"enddate": self.date(-20).isoformat(),
"creation_reason": random_str(),
}).is_ok()
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
)
self.post(
f"/membership/span", {
"member_id": member_id,
"type": "membership",
"startdate": self.date(20).isoformat(),
"enddate": self.date(40).isoformat(),
"creation_reason": random_str(),
}).is_ok()
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__labaccess_active=False,
data__labaccess_end=None,
data__membership_active=False,
data__membership_end=self.date(days=40).isoformat(),
)
def test_add_overlapping_span_does_still_give_labaccess(self):
member_id = self.api.create_member()['member_id']
self.post(
f"/membership/span", {
"member_id": member_id,
"type": "labaccess",
"startdate": self.date(-40).isoformat(),
"enddate": self.date(10).isoformat(),
"creation_reason": random_str(),
}).is_ok()
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__labaccess_active=True,
data__labaccess_end=self.date(days=10).isoformat(),
)
self.post(
f"/membership/span", {
"member_id": member_id,
"type": "labaccess",
"startdate": self.date(-10).isoformat(),
"enddate": self.date(40).isoformat(),
"creation_reason": random_str(),
}).is_ok()
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__labaccess_active=True,
data__labaccess_end=self.date(days=40).isoformat(),
)
def test_spans_before_and_after_today_does_not_give_labacess(self):
member_id = self.api.create_member()['member_id']
self.post(
f"/membership/span", {
"member_id": member_id,
"type": "labaccess",
"startdate": self.date(-40).isoformat(),
"enddate": self.date(-10).isoformat(),
"creation_reason": random_str(),
}).is_ok()
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__labaccess_active=False,
data__labaccess_end=self.date(days=-10).isoformat(),
)
self.post(
f"/membership/span", {
"member_id": member_id,
"type": "labaccess",
"startdate": self.date(10).isoformat(),
"enddate": self.date(40).isoformat(),
"creation_reason": random_str(),
}).is_ok()
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__labaccess_active=False,
data__labaccess_end=self.date(days=40).isoformat(),
)
def test_add_membership_days_to_an_existing_span(self):
member_id = self.api.create_member()['member_id']
self.post(
f"/membership/span", {
"member_id": member_id,
"type": "membership",
"startdate": self.date(0).isoformat(),
"enddate": self.date(1).isoformat(),
"creation_reason": random_str(),
}).is_ok()
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__membership_active=True,
data__membership_end=self.date(1).isoformat())
self.post(f"/membership/member/{member_id}/addMembershipDays", {
"type": "membership",
"days": 1,
"creation_reason": random_str(),
}).expect(200)
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__labaccess_active=False,
data__labaccess_end=None,
data__membership_active=True,
data__membership_end=self.date(2).isoformat(),
)
def test_create_password_using_unhashed_password(self):
pwd = random_str(8)
member = self.api.create_member(password=None, unhashed_password=pwd)
self.post("/oauth/token", {"grant_type": "password",
"username": member["email"],
"password": pwd})\
.expect(code=200)
def test_update_password_using_unhashed_password(self):
pwd = random_str(8)
member = self.db.create_member()
self.put(f"/membership/member/{member.member_id}", dict(unhashed_password=pwd)).expect(200)
self.post("/oauth/token", {"grant_type": "password",
"username": member.email,
"password": pwd})\
.expect(code=200)
def create_permission(self, **kwargs):
obj = dict(
permission=random_str(),
)
obj.update(kwargs)
self.permission = Permission(**obj)
db_session.add(self.permission)
db_session.commit()
return self.permission
def create_message(self, **kwargs):
obj = dict(
subject=random_str(),
body=self.fake.bs(),
recipient=self.fake.email(),
status=Message.QUEUED,
)
obj.update(**kwargs)
self.message = obj
return self.message
def create_span(self, **kwargs):
obj = dict(
startdate=self.test.date(days=-randint(40, 60)),
enddate=self.test.date(days=-randint(10, 30)),
type=choice(
(Span.LABACCESS, Span.MEMBERSHIP, Span.SPECIAL_LABACESS)),
creation_reason=random_str(),
)
obj.update(kwargs)
self.span = obj
return self.span
def create_box(self, **kwargs):
obj = dict(
member_id=self.member.member_id,
box_label_id=randint(1e9, 9e9),
session_token=random_str(),
)
obj.update(kwargs)
self.box = Box(**obj)
db_session.add(self.box)
db_session.commit()
return self.box
def create_password_reset_token(self, member=None, **kwargs):
member = member or self.member
obj = dict(
member_id=member.member_id,
token=random_str(),
)
obj.update(**kwargs)
self.password_reset_token = PasswordResetToken(**obj)
db_session.add(self.password_reset_token)
db_session.commit()
return self.password_reset_token
def create_access_token(self, **kwargs):
obj = dict(
user_id=TEST_SERVICE_USER_ID,
access_token=random_str(),
browser=f'a-browser-{random_str()}',
ip=f'{randint(0, 255)}.{randint(0, 255)}.{randint(0, 255)}.{randint(0, 255)}',
expires=self.test.datetime(days=1),
)
obj.update(kwargs)
self.access_token = AccessToken(**obj)
db_session.add(self.access_token)
db_session.commit()
return self.access_token
def create_message(self, member=None, **kwargs):
member = member or self.member
obj = dict(
member=member,
subject=random_str(),
body=self.fake.bs(),
recipient=member.email if member else self.fake.email(),
status=Message.QUEUED,
)
obj.update(**kwargs)
self.message = Message(**obj)
db_session.add(self.message)
db_session.commit()
return self.member
def test_reset_password_works_for_nice_password(self):
member_id = self.db.create_member().member_id
reset_token = self.db.create_password_reset_token()
unhashed_password = random_str()
e = self.api.post("/oauth/password_reset",
data=dict(reset_token=reset_token.token, unhashed_password=unhashed_password))\
.expect(code=200).get('data__error_message')
self.assertIsNone(e)
member = db_session.query(Member).get(member_id)
self.assertTrue(verify_password(unhashed_password, member.password))
def test_pagination_and_sort(self):
firstname = random_str(12)
entity1 = self.api.create_member(firstname=firstname, lastname="d")
entity2 = self.api.create_member(firstname=firstname, lastname="c")
entity3 = self.api.create_member(firstname=firstname, lastname="a")
entity4 = self.api.create_member(firstname=firstname, lastname="b")
entity1_id = entity1['member_id']
entity2_id = entity2['member_id']
entity3_id = entity3['member_id']
entity4_id = entity4['member_id']
result = self\
.get(f"/membership/member?search={firstname}&sort_by=lastname&sort_order=asc&page_size=2")\
.expect(code=200, page=1, page_size=2, last_page=2, total=4)\
.data
self.assertEqual([entity3_id, entity4_id],
[e['member_id'] for e in result])
result = self\
.get(f"/membership/member?search={firstname}&sort_by=lastname&sort_order=asc&page_size=2&page=2")\
.expect(code=200, page=2, page_size=2, last_page=2, total=4)\
.data
self.assertEqual([entity2_id, entity1_id],
[e['member_id'] for e in result])
result = self\
.get(f"/membership/member?search={firstname}&sort_by=lastname&sort_order=desc&page_size=3&page=1")\
.expect(code=200, page=1, page_size=3, last_page=2, total=4)\
.data
self.assertEqual([entity1_id, entity2_id, entity4_id],
[e['member_id'] for e in result])
result = self\
.get(f"/membership/member?search={firstname}&sort_by=lastname&sort_order=desc&page_size=3&page=2")\
.expect(code=200, page=2, page_size=3, last_page=2, total=4)\
.data
self.assertEqual([entity3_id], [e['member_id'] for e in result])
self.get(f"/membership/member?search={firstname}&sort_by=lastname&sort_order=desc&page_size=3&page=0")\
.expect(code=422)
self.get(f"/membership/member?search={firstname}&sort_by=lastname&sort_order=desc&page_size=3&page=3")\
.expect(code=200, data=[], page=3, page_size=3, last_page=2, total=4)
def test_add_labaccess_days_by_adding_days(self):
member_id = self.api.create_member()['member_id']
self.post(
f"/membership/member/{member_id}/addMembershipDays", {
"type": "labaccess",
"days": 1,
"default_start_date": self.date().isoformat(),
"creation_reason": random_str(),
}).expect(200)
self.get(f"/membership/member/{member_id}/membership")\
.expect(code=200,
status="ok",
data__labaccess_active=True,
data__labaccess_end=self.date(1).isoformat(),
data__membership_active=False,
data__membership_end=None,
)
def test_reset_password_returns_error_if_token_does_not_exist(self):
e = self.api.post("/oauth/password_reset",
data=dict(reset_token=random_str(), unhashed_password=DEFAULT_PASSWORD))\
.expect(code=200).get('data__error_message')
self.assertIn("could not find", e.lower())