def test_update_user_with_user_manager(self): # Arrange u_manager = utils.create_user_manager() u1 = utils.create_and_save_user('u1', 'pu1', 'Us1', 'Er1') u2 = utils.create_and_save_user('u2', 'pu2', 'Us2', 'Er2') token = u_manager.generate_rest_auth_token() headers = {'Authorization': utils.encode_info_token_http_auth(token)} for actual_u in [u1, u2]: new_first_name = 'Mod{}'.format(actual_u.first_name) new_last_name = 'Mod{}'.format(actual_u.last_name) update_data = { 'first_name': new_first_name, 'last_name': new_last_name } # Act response = self.client.put('/api/v1/users/{}/'.format(actual_u.id), data=json.dumps(update_data), content_type='application/json', headers=headers) # Assert self.assertEqual(response.status_code, 204) u_from_db = User.query.get(actual_u.id) self.assertEqual(u_from_db.first_name, new_first_name) self.assertEqual(u_from_db.last_name, new_last_name)
def test_get_one_user_other_user(self): # Arrange u1 = utils.create_and_save_user('u1', 'pass_u1') u2 = utils.create_and_save_user('u2', 'pass_u2') token = u1.generate_rest_auth_token() # Act response = self.client.get('/api/v1/users/{}/'.format(u2.id), headers={ 'Authorization': utils.encode_info_token_http_auth(token) }) # Assert self.assertEqual(response.status_code, 401)
def test_generate_rest_token_happy(self): expected_user = utils.create_and_save_user() user_token = expected_user.generate_rest_auth_token() actual_user = User.get_user_given_rest_token(user_token) self.assertEqual(expected_user.id, actual_user.id)
def test_create_trip_bad_date_format(self, start_date): # Arrange user = utils.create_and_save_user() trip_dict = { 'destination': 'Country1', 'start_date': start_date, 'end_date': '10/12/2017', 'comment': 'Very Nice', 'user_id': user.id } token = user.generate_rest_auth_token() headers = {'Authorization': utils.encode_info_token_http_auth(token)} # Act response = self.client.post('/api/v1/trips/', data=json.dumps(trip_dict), headers=headers, content_type='application/json') data = json.loads(utils.decode_data(response.data)) # Assert self.assertEqual(response.status_code, 400) self.assertIn( f"time data '{start_date}' does not match format '{tp_utils.DATE_FORMAT}'", data['error'])
def test_create_trip(self): # Arrange user = utils.create_and_save_user() trip_dict = { 'destination': 'Country1', 'start_date': '01/01/2017', 'end_date': '01/02/2017', 'comment': 'Very Nice', 'user_id': user.id } token = user.generate_rest_auth_token() headers = {'Authorization': utils.encode_info_token_http_auth(token)} # Act response = self.client.post('/api/v1/trips/', data=json.dumps(trip_dict), headers=headers, content_type='application/json') # Assert self.assertEqual(response.status_code, 201) trip = Trip.query.get( json.loads(utils.decode_data(response.data))['id']) self.assertEqual(trip.start_date, datetime.date(2017, 1, 1)) self.assertEqual(trip.end_date, datetime.date(2017, 2, 1))
def test_generate_rest_token_timeout(self): exp_time = 1 expected_user = utils.create_and_save_user() token = expected_user.generate_rest_auth_token(exp_time) time.sleep(2) self.assertIsNone(User.get_user_given_rest_token(token))
def test_delete_user_with_user_manager(self): # Arrange u_manager = utils.create_user_manager() u1 = utils.create_and_save_user('u1', 'pu1', 'Us1', 'Er1') u2 = utils.create_and_save_user('u2', 'pu2', 'Us2', 'Er2') token = u_manager.generate_rest_auth_token() headers = {'Authorization': utils.encode_info_token_http_auth(token)} for actual_u in [u1, u2]: # Act response = self.client.delete('/api/v1/users/{}/'.format( actual_u.id), headers=headers) # Assert self.assertEqual(response.status_code, 204) self.assertIsNone(User.query.get(actual_u.id))
def test_add_roles_to_user(self): user = utils.create_and_save_user() user.roles.append(Role.admin()) db.session.add(user) db.session.commit() actual_user = User.query.get(user.id) self.assertIn(Role.admin(), actual_user.roles) self.assertIn(Role.regular(), actual_user.roles) # All have this by default self.assertNotIn(Role.manager(), actual_user.roles)
def test_get_auth_token_incorrect_credentials(self): # Arrange user = utils.create_and_save_user() auth_header = utils.encode_info_basic_http_auth( user.username, 'wrongPass') # Act response = self.client.post('/api/v1/token/', headers={'Authorization': auth_header}) # Assert self.assertEqual(response.status_code, 401)
def test_get_auth_token_success(self): # Arrange user = utils.create_and_save_user() auth_header = utils.encode_info_basic_http_auth(user.username, 'pass1') # Act response = self.client.post('/api/v1/token/', headers={'Authorization': auth_header}) decoded_data = utils.decode_data(response.data) # Assert self.assertIn('token', json.loads(decoded_data))
def test_get_all_users_from_admin_success(self): # Arrange admin = utils.create_user_admin() usernames = ['u1', 'u2', 'u3'] for u in usernames: utils.create_and_save_user(u, 'pass{}'.format(u)) usernames.append('admin') token = admin.generate_rest_auth_token() # Act response = self.client.get('/api/v1/users/', headers={ 'Authorization': utils.encode_info_token_http_auth(token) }) # Assert self.assertEqual(response.status_code, 200) users = json.loads(utils.decode_data(response.data)) for u in users: self.assertIn(u['username'], usernames)
def test_create_trip_by_regular_user_on_behalf_of_other_user_fail(self): # Arrange user1 = utils.create_and_save_user('u1', 'pu1') user2 = utils.create_and_save_user('u2', 'pu2') trip_dict = { 'destination': 'Country1', 'start_date': '01/01/2017', 'end_date': '01/02/2017', 'comment': 'Very Nice', 'user_id': user2.id } token = user1.generate_rest_auth_token() headers = {'Authorization': utils.encode_info_token_http_auth(token)} # Act response = self.client.post('/api/v1/trips/', data=json.dumps(trip_dict), headers=headers, content_type='application/json') # Assert self.assertEqual(response.status_code, 401)
def test_get_one_user_correct_id(self): # Arrange u = utils.create_and_save_user('u1', 'pass_u1') token = u.generate_rest_auth_token() # Act response = self.client.get('/api/v1/users/{}/'.format(u.id), headers={ 'Authorization': utils.encode_info_token_http_auth(token) }) # Assert self.assertEqual(response.status_code, 200) u_dict = json.loads(utils.decode_data(response.data)) self.assertEqual(u_dict['username'], u.username)
def test_get_all_users_from_regular_user_error(self): # Arrange usernames = ['u1', 'u2', 'u3'] users = [ utils.create_and_save_user(u, 'pass{}'.format(u)) for u in usernames ] token = users[0].generate_rest_auth_token() # Act response = self.client.get('/api/v1/users/', headers={ 'Authorization': utils.encode_info_token_http_auth(token) }) # Assert self.assertEqual(response.status_code, 401)