def test_delete_accommodation(client, auth):
# 400 if no token
res = client.delete('/api/accommodation/1')
assert res.status_code == 400
# 401 if not logged in / invalid token
invalid_token = 'asdf'
res = client.delete('/api/accommodation/1', data={'token': invalid_token})
msg = res_to_json(res)['msg']
assert res.status_code == 401
assert msg == 'You must be logged in to delete accommodation.'
res = auth.login()
token = res_to_token(res)
# 403 if you try to delete acc you do not own
bad_id = 3
res = client.delete('/api/accommodation/' + str(bad_id), data={'token': token})
msg = res_to_json(res)['msg']
assert res.status_code == 403
assert msg == 'This user does not have permission to delete this accommodation.'
# happy path
res = client.delete('/api/accommodation/1', data={'token': token})
msg = res_to_json(res)['msg']
assert res.status_code == 200
# future reservations for this accommodation should be cancelled
res = client.get('/api/reservation', data={'token': token, 'filter': 'future'})
reservations = res_to_json(res)['msg']
assert len(reservations) == 0
def test_price_high_filter(client):
# max price too low
res = client.get('/api/search', data=copy_update_params(dict(price_high=0)))
msg = res_to_json(res)['msg']
assert len(msg) == 0
# max price OK
res = client.get('/api/search', data=copy_update_params(dict(price_high=100000000000)))
msg = res_to_json(res)['msg']
assert len(msg) == 1
def test_num_guests_filter(client):
# # Test num_guests filter
params = copy_update_params(dict(num_guests=10))
res = client.get('/api/search', data=params)
msg = res_to_json(res)['msg']
assert len(msg) == 0
res = client.get('/api/search', data=query_params)
msg = res_to_json(res)['msg']
assert len(msg) == 1
def test_amenities_filter(client):
# fake amenity should not return results
res = client.get('/api/search', data=copy_update_params(dict(amenities=['Fake amenity'])))
msg = res_to_json(res)['msg']
assert len(msg) == 0
# real amenity should work case insensitively
res = client.get('/api/search', data=copy_update_params(dict(amenities=['KanGaRoo-fRiEndLy', 'tV'])))
msg = res_to_json(res)['msg']
assert len(msg) == 1
def test_num_bathrooms_filter(client):
# num bathrooms too high
res = client.get('/api/search', data=copy_update_params(dict(num_bathrooms=100)))
msg = res_to_json(res)['msg']
assert len(msg) == 0
# num bathrooms OK
res = client.get('/api/search', data=copy_update_params(dict(num_bathrooms=1)))
msg = res_to_json(res)['msg']
assert len(msg) == 1
def test_update_user(client, auth):
# 400 if no token
res = client.put('/api/user/')
assert res.status_code == 400
# 401 if invalid token
invalid_token = 'asdf'
res = client.put('/api/user/', data={'token': invalid_token})
assert res.status_code == 401
res = auth.login()
token = res_to_token(res)
# update with non-dup phone
data = {
'email': '*****@*****.**',
'gender': 'female',
'phone': '222-222-222',
'token': token
}
res = client.put('/api/user/', data=data)
res_json = res_to_json(res)
updated_user = res_json['msg']
is_phone_dup = res_json['is_phone_dup']
assert res.status_code == 200
assert updated_user['email'] == data['email']
assert updated_user['gender'] == data['gender']
assert updated_user['phone'] == data['phone']
assert is_phone_dup == False
# update with dup phone
new_data = {
'phone': '222-222-222',
'token': token
}
res = client.put('/api/user/', data=new_data)
res_json = res_to_json(res)
updated_user = res_json['msg']
is_phone_dup = res_json['is_phone_dup']
assert res.status_code == 200
# all data should remain unchanged since phone was a dup, and other properties were not updated
assert updated_user['phone'] == data['phone']
assert updated_user['email'] == data['email']
assert updated_user['gender'] == data['gender']
assert is_phone_dup == True
def test_dont_return_booked_accommodations(client):
now = datetime.now()
tomorrow = (now + timedelta(days=1)).strftime('%Y-%m-%d')
tomorrow_tomorrow = (now + timedelta(days=2)).strftime('%Y-%m-%d')
res = client.get('/api/search', data=copy_update_params(dict(check_in=tomorrow, check_out=tomorrow_tomorrow)))
msg = res_to_json(res)['msg']
assert len(msg) == 0
def test_location_filter(client):
# Test location not found
params = copy_update_params(dict(location='Canada'))
res = client.get('/api/search', data=params)
msg = res_to_json(res)['msg']
assert len(msg) == 0
# Test valid location
res = client.get('/api/search', data=query_params)
msg = res_to_json(res)['msg']
assert len(msg) == 1
# should work case insensitively
params = copy_update_params(dict(location='sYdNeY'))
res = client.get('/api/search', data=params)
msg = res_to_json(res)['msg']
assert len(msg) == 1
def test_retrieve_user_accommodations(client, auth):
# 400 if no token
res = client.get('/api/user/accommodations')
assert res.status_code == 400
# 401 if not logged in
res = client.get('/api/user/accommodations', data={'token': 'invalid_token'})
msg = res_to_json(res)['msg']
assert res.status_code == 401
assert msg == 'You must be logged in to retrieve your accommodations'
res = auth.login()
token = res_to_token(res)
# happy path, should not return deleted accommodations
res = client.get('/api/user/accommodations', data={'token': token})
accs = res_to_json(res)['msg']
assert res.status_code == 200
assert len(accs) == 1 # if deleted acc was returned, there would be 2 accs
def test_check_out_before_check_in(client):
# 400 if check_out <= check_in
params = copy_update_params(dict(check_out='3019-11-11'))
res = client.get('/api/search', data=params)
msg = res_to_json(res)['msg']
assert res.status_code == 400
assert msg == 'check in date must be before check out date'
params = copy_update_params(dict(check_out='3019-11-10'))
res = client.get('/api/search', data=params)
msg = res_to_json(res)['msg']
assert res.status_code == 400
assert msg == 'check in date must be before check out date'
params = copy_update_params(dict(check_out='3019-11-12'))
res = client.get('/api/search', data=params)
msg = res_to_json(res)['msg']
assert res.status_code == 200
assert len(msg) == 1
def test_pass_all_filters(client):
params = copy_update_params(dict(
amenities=['wifi', 'tv'],
num_bedrooms=1,
num_beds=1,
num_bathrooms=1,
price_low=0,
price_high=100000000
))
res = client.get('/api/search', data=params)
msg = res_to_json(res)['msg']
assert len(msg) == 1
def test_update_password(client, auth):
# 400 if token/new_password/old_password is missing
res = client.put('/api/user/password', data={'token': 'asdf', 'new_password': '******'})
assert res.status_code == 400
res = client.put('/api/user/password', data={'old_password': '******', 'new_password': '******'})
assert res.status_code == 400
res = client.put('/api/user/password', data={'old_password': '******', 'token': 'asdf'})
assert res.status_code == 400
# 401 if not logged in
invalid_token = 'asdf'
res = client.put('/api/user/password', data={'token': invalid_token, 'old_password': '******', 'new_password': '******'})
assert res.status_code == 401
res = auth.login()
token = res_to_token(res)
# 400 if old password is incorrect
res = client.put('/api/user/password', data={'token': token, 'old_password': '******', 'new_password': '******'})
msg = res_to_json(res)['msg']
assert res.status_code == 400
assert msg == 'Wrong old password'
# check that password is updated properly
correct_old_pass = '******'
new_pass = '******'
res = client.put('/api/user/password', data={'token': token, 'old_password': '******', 'new_password': new_pass})
msg = res_to_json(res)['msg']
assert res.status_code == 200
# try logging in with new password to confirm update was successful
res = auth.login('*****@*****.**', new_pass)
assert res.status_code == 200
# login with old pass should fail
res = auth.login('*****@*****.**', correct_old_pass)
assert res.status_code == 401
def test_get_user(client, auth):
# 400 if no token
res = client.get('/api/user/')
assert res.status_code == 400
# 401 if invalid token
invalid_token = 'asdf'
res = client.get('/api/user?token=' + invalid_token)
msg = res_to_json(res)['msg']
assert res.status_code == 401
assert msg == 'You must be logged in to retrieve user details'
# happy path
res = auth.login()
token = res_to_token(res)
res = client.get('/api/user?token=' + token)
user = res_to_json(res)['msg']
assert res.status_code == 200
assert user['id'] == 1
assert user['username'] == 'test'
assert user['email'] == '*****@*****.**'
assert user['gender'] == 'male'
assert user['phone'] == '123123123'
def test_get_accommodation(client):
bad_id = -1
res = client.get('/api/accommodation/' + str(bad_id))
assert res.status_code == 404
# deleted accommodation should not be retrieved
deleted_acc_id = 2
res = client.get('/api/accommodation/' + str(deleted_acc_id))
msg = res_to_json(res)['msg']
assert res.status_code == 404
assert msg == 'Accommodation not found'
good_id = 1
res = client.get('/api/accommodation/' + str(good_id))
msg = eval(res.data.decode('utf-8'))['msg']
assert res.status_code == 200
assert msg['id'] == good_id
assert msg['property_type'] == 'Space ship'
# tomorrow should be unavailable to book as it is already booked
now = datetime.now()
today = now.strftime('%Y-%m-%d')
tomorrow = (now + timedelta(days=1)).strftime('%Y-%m-%d')
assert msg['unavailable_dates'] == [today, tomorrow]
def test_update_accommodation(client, auth):
# 400 if no token
res = client.put('/api/accommodation/1')
assert res.status_code == 400
# 401 if not logged in / invalid token
invalid_token = 'asdf'
res = client.put('/api/accommodation/1', data={'token': invalid_token})
msg = res_to_json(res)['msg']
assert res.status_code == 401
assert msg == 'You must be logged in to update accommodation details.'
res = auth.login()
token = res_to_token(res)
# 404 if id doesnt exist
bad_id = 9999999
res = client.put('/api/accommodation/' + str(bad_id), data={'token': token})
msg = res_to_json(res)['msg']
assert res.status_code == 404
assert msg == 'Accommodation could not be found'
# happy path
update_data = dict(
token=token,
num_guests=5,
num_bedrooms=5,
num_beds=5,
num_bathrooms=5,
price=int(1e5),
description='this accommodation has been updated',
city='New City',
country='New Country',
property_type='new property type',
name='new name',
suburb='new suburb',
state='new state',
amenities='New amenity 1, New amenity 2',
image_urls='New url 1, New url 2'
)
res = client.put('/api/accommodation/1', data=update_data)
msg = res_to_json(res)['msg']
assert res.status_code == 200
# retrieve and make sure data has actually been updated
res = client.get('/api/accommodation/1')
acc = res_to_json(res)['msg']
assert acc['num_guests'] == 5
assert acc['num_bedrooms'] == 5
assert acc['num_beds'] == 5
assert acc['num_bathrooms'] == 5
assert acc['price'] == int(1e5)
assert acc['description'] == 'this accommodation has been updated'
assert acc['city'] == 'New City'
assert acc['country'] == 'New Country'
assert acc['property_type'] == 'new property type'
assert acc['name'] == 'new name'
assert acc['suburb'] == 'new suburb'
assert acc['state'] == 'new state'
assert acc['amenities'] == ['new amenity 1', 'new amenity 2']
assert acc['image_urls'] == ['New url 1', 'New url 2']
def test_create_user(client, auth):
# 400 if no username
res = client.post('/api/user/', data={'email': '*****@*****.**', 'password': '******'})
assert res.status_code == 400
# 400 if no email
res = client.post('/api/user/', data={'username': '******', 'password': '******'})
assert res.status_code == 400
# 400 if no password
res = client.post('/api/user/', data={'username': '******', 'email': '*****@*****.**'})
assert res.status_code == 400
# 400 if duplicate username
dup_username = '******'
res = client.post('/api/user/', data={'username': dup_username, 'email': '*****@*****.**', 'password': '******'})
msg = res_to_json(res)['msg']
assert res.status_code == 400
assert msg == 'username already in use.'
# 400 if duplicate email
dup_email = '*****@*****.**'
res = client.post('/api/user/', data={'email': dup_email, 'username': '******', 'password': '******'})
msg = res_to_json(res)['msg']
assert res.status_code == 400
assert msg == 'email address already in use.'
# happy path w/o gender + phone
data = {
'email': '*****@*****.**',
'username': '******',
'password': '******'
}
res = client.post('/api/user/', data=data)
msg = res_to_json(res)['msg']
assert res.status_code == 201
# log in with new user
res = auth.login(data['email'], data['password'])
token = res_to_token(res)
# retrieve user and check details
res = client.get('/api/user?token=' + token)
user = res_to_json(res)['msg']
assert user['username'] == data['username']
assert user['email'] == data['email']
assert 'gender' not in user
assert 'phone' not in user
# happy path w/ gender + phone
data = {
'email': '*****@*****.**',
'username': '******',
'password': '******',
'gender': 'male',
'phone': '11111111111'
}
res = client.post('/api/user/', data=data)
msg = res_to_json(res)['msg']
assert res.status_code == 201
# log in with new user
res = auth.login(data['email'], data['password'])
token = res_to_token(res)
# retrieve user and check details
res = client.get('/api/user?token=' + token)
user = res_to_json(res)['msg']
assert user['username'] == data['username']
assert user['email'] == data['email']
assert user['gender'] == data['gender']
assert user['phone'] == data['phone']