def test_get_user_by_email(client, db):
set_up(db)
password = "******"
user = User(name="Anakin Skywalker",
email="*****@*****.**",
password=generate_password_hash(password),
roles=[
UserRole(category=RoleCategory.SUPER_USER),
UserRole(category=RoleCategory.ADMIN)
])
db.session.add(user)
db.session.commit()
response = client.post('/api/auth/user/token',
json=dict(email="*****@*****.**",
password="******"),
follow_redirects=True)
assert response.status_code == 200
assert response.json['access_token'] is not None
access_token = response.json['access_token']
headers = build_header(access_token)
response = client.get(f'/api/user/email/{user.email}',
headers=headers,
follow_redirects=True)
assert response.status_code == 200
assert response.json['id'] == user.id
assert response.json['name'] == user.name
assert response.json['email'] == user.email
assert user.verify_password(password)
def test_get_all_user(client, db):
set_up(db)
user_1_password = "******"
user_2_password = "******"
user_1 = User(name='Leia Organa',
email='*****@*****.**',
password=generate_password_hash(user_1_password),
roles=[
UserRole(category=RoleCategory.SUPER_USER),
UserRole(category=RoleCategory.ADMIN)
])
user_2 = User(name="Han Solo",
email="*****@*****.**",
password=generate_password_hash(user_2_password))
db.session.add(user_1)
db.session.add(user_2)
db.session.commit()
response = client.post('/api/auth/user/token',
json=dict(email="*****@*****.**",
password="******"),
follow_redirects=True)
assert response.status_code == 200
assert response.json['access_token'] is not None
access_token = response.json['access_token']
headers = build_header(access_token)
response = client.get(f'/api/user/',
headers=headers,
follow_redirects=True)
assert response.status_code == 200
assert len(response.json) == 3
users = db.session.query(User).all()
for index, customer in enumerate(response.json, start=0):
user_db = users[index]
assert user_db.id == customer['id']
assert user_db.name == customer['name']
assert user_db.email == customer['email']
response = client.get(f'/api/user/1/1',
headers=headers,
follow_redirects=True)
assert response.status_code == 200
assert len(response.json) == 1
users = db.session.query(User).all()
user_db = users[0]
user = response.json[0]
assert user_db.id == user['id']
assert user_db.name == user['name']
assert user_db.email == user['email']
def find_or_create_user(name, email, password):
""" Find existing user or create new user """
user = User.query.filter(User.email == email).one_or_none()
if not user:
user = User(name=name, email=email,
password=generate_password_hash(password))
db.session.add(user)
return user
def test_update_customer_by_id(client, db):
set_up(db)
user_password = "******"
customer_password = "******"
user = User(name='Leia Organa',
email='*****@*****.**',
password=generate_password_hash(user_password),
roles=[
UserRole(category=RoleCategory.SUPER_USER),
UserRole(category=RoleCategory.ADMIN)
])
customer = Customer(name="Anakin Skywalker",
email="*****@*****.**",
password=generate_password_hash(customer_password))
db.session.add(user)
db.session.add(customer)
db.session.commit()
response = client.post('/api/auth/user/token',
json=dict(email=user.email, password=user_password),
follow_redirects=True)
assert response.status_code == 200
assert response.json['access_token'] is not None
access_token = response.json['access_token']
name = "Darth Vader"
email = "*****@*****.**"
headers = build_header(access_token)
response = client.put(f'/api/customer/{customer.id}',
json=dict(name=name, email=email),
headers=headers,
follow_redirects=True)
assert response.status_code == 200
assert response.json['id']
assert response.json['name'] == name
assert response.json['email'] == email
assert response.json['created_date']
assert response.json['updated_date']
customer_db = db.session.query(Customer).filter_by(
id=response.json['id']).one_or_none()
assert customer_db
assert customer_db.id == response.json['id']
assert customer_db.name == response.json['name']
assert customer_db.email == response.json['email']
assert customer_db.created_date.strftime(
DATE_FORMAT) == response.json['created_date']
assert customer_db.updated_date.strftime(
DATE_FORMAT) == response.json['updated_date']
assert customer_db.verify_password(customer_password)
def update(self, user_updated, roles):
user = self.__repository.find_by_id(id=user_updated['id'])
if user is None:
raise NOT_FOUND_EXCEPTION
user_exists = self.__repository.find_by_email(user_updated['email'])
if user_exists and user_exists.id != user_updated['id']:
raise RESOURCE_ALREADY_EXISTS_EXCEPTION
roles = list(map(lambda category: UserRole(category=RoleCategory.get_value(category)), roles))
user.change_roles(roles)
self.__repository.update_from_model(user, User(name=user_updated['name'], email=user_updated['email']))
return user.to_dict()
def change_user_password():
current_user = get_jwt_identity()
change_password_schema = UserChangePasswordUpdateInputSchema()
data = request.get_json()
errors = change_password_schema.validate(data)
if errors:
raise BadRequestException(message="Invalid Data", payload=errors)
password = request.json.get('password', '')
new_password = generate_password_hash(request.json.get('new_password', ''))
user_service.change_password(User(id=current_user['id'],
password=new_password),
password=password)
return {}, 200
def test_delete_user(client, db):
set_up(db)
password = "******"
user = User(name="Anakin Skywalker",
email="*****@*****.**",
password=generate_password_hash(password),
roles=[
UserRole(category=RoleCategory.SUPER_USER),
UserRole(category=RoleCategory.ADMIN)
])
db.session.add(user)
db.session.commit()
response = client.post('/api/auth/user/token',
json=dict(email=user.email, password=password),
follow_redirects=True)
assert response.status_code == 200
assert response.json['access_token'] is not None
access_token = response.json['access_token']
headers = build_header(access_token)
response = client.delete('/api/user',
headers=headers,
follow_redirects=True)
assert response.status_code == 200
user_db = db.session.query(User).filter_by(id=user.id).one_or_none()
assert user_db
assert user_db.id == user.id
assert user_db.name == user.name
assert user_db.email == user.email
assert user_db.verify_password(password)
assert user_db.created_date.strftime(
DATE_FORMAT) == user.created_date.strftime(DATE_FORMAT)
assert user_db.updated_date.strftime(
DATE_FORMAT) == user.updated_date.strftime(DATE_FORMAT)
assert user_db.deleted_date
def add_user():
user_schema = UserInputSchema()
data = request.get_json()
errors = user_schema.validate(data)
if errors:
raise BadRequestException(message="Invalid User Data", payload=errors)
name = request.json.get('name', None)
email = request.json.get('email', None)
password = request.json.get('password', None)
roles = list(
map(lambda category: UserRole(category=category),
request.json.get('roles', [])))
user = user_service.add(
User(name=name,
email=email,
password=generate_password_hash(password),
roles=roles))
return jsonify(user)
def test_get_customer_by_email(client, db):
set_up(db)
user_password = "******"
customer_password = "******"
user = User(name='Leia Organa',
email='*****@*****.**',
password=generate_password_hash(user_password),
roles=[
UserRole(category=RoleCategory.SUPER_USER),
UserRole(category=RoleCategory.ADMIN)
])
customer = Customer(name="Anakin Skywalker",
email="*****@*****.**",
password=generate_password_hash(customer_password))
db.session.add(user)
db.session.add(customer)
db.session.commit()
response = client.post('/api/auth/user/token',
json=dict(email=user.email, password=user_password),
follow_redirects=True)
assert response.status_code == 200
assert response.json['access_token'] is not None
access_token = response.json['access_token']
headers = build_header(access_token)
response = client.get(f'/api/customer/email/{customer.email}',
headers=headers,
follow_redirects=True)
assert response.status_code == 200
assert response.json['id'] == customer.id
assert response.json['name'] == customer.name
assert response.json['email'] == customer.email
assert customer.verify_password(customer_password)
def test_change_customer_password(client, db):
set_up(db)
password = "******"
user = User(name="Anakin Skywalker",
email="*****@*****.**",
password=generate_password_hash(password),
roles=[
UserRole(category=RoleCategory.SUPER_USER),
UserRole(category=RoleCategory.ADMIN)
])
db.session.add(user)
db.session.commit()
response = client.post('/api/auth/user/token',
json=dict(email=user.email, password=password),
follow_redirects=True)
assert response.status_code == 200
assert response.json['access_token'] is not None
access_token = response.json['access_token']
new_password = "******"
headers = build_header(access_token)
response = client.put('/api/user/password',
json=dict(password=password,
new_password=new_password),
headers=headers,
follow_redirects=True)
assert response.status_code == 200
user_db = db.session.query(User).filter_by(id=user.id).one_or_none()
assert user_db.verify_password(new_password)