def test_update_time_entry_date_time(app, db, user_alice):
time_entry_id = 1
start_datetime = datetime.now(tz=timezone.utc)
end_datetime = datetime.now(tz=timezone.utc) + timedelta(hours=1)
response = app.http.patch(
path=f'{time_entry_resource}/{time_entry_id}',
json={
'startDatetime': timestamptz_to_str(start_datetime),
'endDatetime': timestamptz_to_str(end_datetime)
},
headers={'Authorization': f'Bearer {user_alice.token}'})
assert response.status_code == 200
response_time_entry = response.json_body
assert response_time_entry == {
'timeEntryId': time_entry_id,
'taskId': 1,
'assigneeId': 1,
'startDatetime': timestamptz_to_str(start_datetime),
'endDatetime': timestamptz_to_str(end_datetime)
}
time_entry_in_db = get_time_entry_by_id(db, time_entry_id)
assert time_entry_in_db._asdict() == {
'time_entry_id': time_entry_id,
'task_id': 1,
'assignee_id': 1,
'start_datetime': start_datetime,
'end_datetime': end_datetime
}
def test_some_fields_can_not_be_updated(app, db, user_alice, user_bob):
alice_task_id = 1
alice_task = get_task_by_id(db, alice_task_id)
# check that those fields can not be updated
update = functools.partial(request_task_update, app, user_alice.token,
alice_task_id)
response = update({'taskId': 9999})
assert response.status_code == 422
response = update({'projectId': 2})
assert response.status_code == 422
response = update({'teamId': 2})
assert response.status_code == 422
response = update(
{'createdAt': timestamptz_to_str(datetime.now(timezone.utc))})
assert response.status_code == 422
response = update({'createdBy': user_bob.user_id})
assert response.status_code == 422
# task should remain unchanged
assert get_task_by_id(db, alice_task_id) == alice_task
def test_user_can_update_task_he_created(app, db, user_alice, user_bob):
alice_task_id = 1
update = functools.partial(request_task_update, app, user_alice.token,
alice_task_id)
task_to_update = get_task_by_id(db, alice_task_id)
assert task_to_update is not None
new_due_date = datetime.now(timezone.utc) + timedelta(days=2)
new_estimation = timedelta(days=1)
fields_to_update = {
'name': 'add header & animation',
'status': 'in_progress',
'assigneeId': user_bob.user_id,
'dueDate': timestamptz_to_str(new_due_date),
'estimation': 60 * 60 * 24, # day
'description': 'do it'
}
# try updating each field on its own
assert update({'name': 'add header & animation'}).status_code == 200
assert update({'status': 'in_progress'}).status_code == 200
assert update({'assigneeId': user_bob.user_id}).status_code == 200
assert update({
'dueDate': timestamptz_to_str(new_due_date)
}).status_code == 200
assert update({'estimation': 60 * 60 * 24}).status_code == 200
assert update({'description': 'do it'}).status_code == 200
# expect database to persist the changes made
task_in_db = get_task_by_id(db, alice_task_id)
assert task_in_db.name == fields_to_update['name']
assert task_in_db.status == fields_to_update['status']
assert task_in_db.assignee_id == fields_to_update['assigneeId']
assert task_in_db.due_date == new_due_date
assert task_in_db.estimation == new_estimation
assert task_in_db.description == fields_to_update['description']
def test_create_time_entry(app, db, user_alice):
alice_task_id = 1
start_time = datetime.now(timezone.utc)
response = app.http.post(
path=f'{time_entry_resource}/',
json={
'taskId': alice_task_id,
'startDatetime': timestamptz_to_str(start_time),
'assigneeId': 1
},
headers={'Authorization': f'Bearer {user_alice.token}'})
assert response.status_code == 201
new_time_entry = response.json_body
db_time_entry = get_time_entry_by_id(db, new_time_entry['timeEntryId'])
assert new_time_entry == {
'timeEntryId': db_time_entry.time_entry_id,
'taskId': alice_task_id,
'assigneeId': 1,
'startDatetime': timestamptz_to_str(db_time_entry.start_datetime),
'endDatetime': None,
}
def test_unauthorized_user_can_not_update_time_entry(app, db):
alice_time_entry_id = 1
end_datetime = datetime.now(timezone.utc)
# get time entry to compare
db_previous_time_entry = get_time_entry_by_id(db, alice_time_entry_id)
# try to make a change as anonymous user
response = app.http.patch(
path=f'{time_entry_resource}/{alice_time_entry_id}',
json={'endDatetime': timestamptz_to_str(end_datetime)})
assert response.status_code == 401
# get current time entry after attempted change
db_current_time_entry = get_time_entry_by_id(db, alice_time_entry_id)
# should remain unchanged
assert db_previous_time_entry == db_current_time_entry
def test_unauthorized_user_can_not_create_time_entry(app, db):
# try to create a new time entry as unauthorized user
alice_task_id = 1
start_time = datetime.now(timezone.utc)
response = app.http.post(path=f'{time_entry_resource}/',
json={
'taskId': alice_task_id,
'startDatetime':
timestamptz_to_str(start_time),
'assigneeId': 1
})
assert response.status_code == 401
assert response.json_body == {}
# expect time entry not to be found in db
db_time_entry = get_time_entry_by_start_datetime(db,
start_datetime=start_time)
assert db_time_entry is None
def test_user_can_not_update_time_entries_of_his_team(app, db, user_alice):
bob_time_entry_id = 2
db_previous_time_entry = get_time_entry_by_id(db, bob_time_entry_id)
end_datetime = datetime.now(timezone.utc)
# alice attempts to modify bob's time entry
response = app.http.patch(
path=f'{time_entry_resource}/{bob_time_entry_id}',
json={'endDatetime': timestamptz_to_str(end_datetime)},
headers={'Authorization': f'Bearer {user_alice.token}'})
assert response.status_code == 404
assert response.json_body == {
'detail': None,
'fields': None,
'status': 404
}
# check bob's time entry to be unchanged
db_current_time_entry = get_time_entry_by_id(db, bob_time_entry_id)
assert db_previous_time_entry == db_current_time_entry
def test_user_can_not_update_time_entries_of_other_teams(app, db, user_alice):
dave_time_entry_id = 102
start_datetime = datetime.now(timezone.utc)
original_time_entry = get_time_entry_by_id(db, dave_time_entry_id)
assert original_time_entry is not None
# alice attempts to change dave's time entry
response = app.http.patch(
path=f'{time_entry_resource}/{dave_time_entry_id}',
json={'startDatetime': timestamptz_to_str(start_datetime)},
headers={'Authorization': f'Bearer {user_alice.token}'})
assert response.status_code == 404
assert response.json_body == {
'detail': None,
'fields': None,
'status': 404
}
# time entry remains unchanged
assert get_time_entry_by_id(db, dave_time_entry_id) == original_time_entry
def test_create_task(app, db, user_alice, user_bob):
new_task = {
"name": "buy milk",
"assigneeId": user_bob.user_id,
"status": "todo"
}
response = app.http.post(
path=task_resource,
json=new_task,
headers={'Authorization': f'Bearer {user_alice.token}'})
assert response.status_code == 201
new_task = response.json_body
task_in_db = get_task_by_id(db, new_task['taskId'])
assert new_task == {
'taskId': task_in_db.task_id,
'projectId': None,
'teamId': None,
'name': new_task['name'],
'description': '',
'estimation': None,
'status': new_task['status'],
'createdAt': timestamptz_to_str(task_in_db.created_at),
'dueDate': None,
'creator': {
'userId': user_alice.user_id,
'username': user_alice.username,
'firstName': user_alice.first_name,
'lastName': user_alice.last_name
},
'assignee': {
'userId': user_bob.user_id,
'username': user_bob.username,
'firstName': user_bob.first_name,
'lastName': user_bob.last_name
}
}