def test_create_and_confirm_user(_not_logged_in_client):
user_name = "test_register2"
email = "*****@*****.**"
with session_scope() as db_session:
try:
# creates a user
user = User()
user.user = user_name
user.argon_password = "******"
user.email = email
_assert_create_user(db_session, _not_logged_in_client, user)
# confirms the user
confirmation_token = generate_confirmation_token(user.email)
response = _not_logged_in_client.get(
f"/user/confirm/{confirmation_token}")
assert response.status_code == 200
observed_user = db_session.query(User).filter(
User.user == user.user).first()
assert observed_user.user == user.user
assert observed_user.enabled, "Enabled field is not true"
assert observed_user.confirmed, "Confirmed field is not true"
assert observed_user.confirmed_on is not None
finally:
# cleans the database
_clean_test_users(db_session, user_name)
def test_delete_user_itself(_not_logged_in_client):
user_name = "temp_user"
with session_scope() as db_session:
user = User()
user.user = user_name
user.argon_password = "******"
user.email = "*****@*****.**"
_assert_create_user(db_session, _not_logged_in_client, user)
confirmation_token = generate_confirmation_token(user.email)
response = _not_logged_in_client.get(
f"/user/confirm/{confirmation_token}")
assert response.status_code == 200
# login with new user
resp = _not_logged_in_client.post("/login",
json={
"user": f"{user.user}",
"password":
f"{user.argon_password}"
})
assert resp.status_code == 200
assert resp.json == {
"success": "Authenticated",
"username": f"{user.user}"
}
# # try to delete another user
response = _not_logged_in_client.delete(
"/user/demo", content_type="application/json")
assert response.status_code == 403
# user deletes itself
response = _not_logged_in_client.delete(
f"/user/{user_name}", content_type="application/json")
assert response.status_code == 200
def test_create_user(_not_logged_in_client):
payload = {"confirmation_url": "http://phenopolis.org/confirm/"}
response = _not_logged_in_client.post("/user",
json=payload,
content_type="application/json")
assert response.status_code == 400
assert response.json.get("error") == "Missing user name"
payload["user"] = "******"
response = _not_logged_in_client.post("/user",
json=payload,
content_type="application/json")
assert response.status_code == 400
assert response.json.get("error") == "Missing password"
payload["argon_password"] = "******"
response = _not_logged_in_client.post("/user",
json=payload,
content_type="application/json")
assert response.status_code == 400
assert response.json.get("error") == "Missing email"
user_name = "test_register1"
with session_scope() as db_session:
try:
user = User()
user.user = user_name
user.argon_password = "******"
user.email = "*****@*****.**"
_assert_create_user(db_session, _not_logged_in_client, user)
finally:
# cleans the database
_clean_test_users(db_session, user_name)
def test_create_user_without_callbackurl(_not_logged_in_client):
user_name = "demo"
user = User()
user.user = user_name
user.argon_password = "******"
user.email = "*****@*****.**"
payload = user.as_dict()
response = _not_logged_in_client.post("/user",
json=payload,
content_type="application/json")
assert response.status_code == 400
def test_create_user_with_used_username(_not_logged_in_client):
user_name = "demo"
user = User()
user.user = user_name
user.argon_password = "******"
user.email = "*****@*****.**"
payload = user.as_dict()
payload["confirmation_url"] = "http://phenopolis.org/confirm/"
response = _not_logged_in_client.post("/user",
json=payload,
content_type="application/json")
assert response.status_code == 500
def test_create_user_without_email(_not_logged_in_client):
user_name = "test_register4"
with session_scope() as db_session:
try:
user = User()
user.user = user_name
user.argon_password = "******"
response = _not_logged_in_client.post(
"/user", json=user.as_dict(), content_type="application/json")
assert response.status_code == 400
finally:
# cleans the database
_clean_test_users(db_session, user_name)
def test_create_user_with_explicit_enabled_and_confirmed_flags(
_not_logged_in_client):
user_name = "test_register3"
with session_scope() as db_session:
try:
user = User()
user.user = user_name
user.argon_password = "******"
user.email = "*****@*****.**"
user.enabled = True
user.confirmed = True
_assert_create_user(db_session, _not_logged_in_client, user)
finally:
# cleans the database
_clean_test_users(db_session, user_name)
def test_create_user_with_used_email(_not_logged_in_client):
user_name = "test_register5"
with session_scope() as db_session:
try:
user = User()
user.user = user_name
user.argon_password = "******"
user.email = "*****@*****.**"
payload = user.as_dict()
payload["confirmation_url"] = "http://phenopolis.org/confirm/"
response = _not_logged_in_client.post(
"/user", json=payload, content_type="application/json")
assert response.status_code == 500
finally:
# cleans the database
_clean_test_users(db_session, user_name)
def test_delete_user(_admin_client):
user_name = "test_register6"
with session_scope() as db_session:
user = User()
user.user = user_name
user.argon_password = "******"
user.email = "*****@*****.**"
_assert_create_user(db_session, _admin_client, user)
# deletes user
response = _admin_client.delete(f"/user/{user_name}",
content_type="application/json")
assert response.status_code == 200
# confirms it does not exist
o_user = db_session.query(User).filter(User.user == user_name).first()
assert o_user is None, "Deletion was not successful"
# try to delete non-existent user
response = _admin_client.delete("/user/not_me",
content_type="application/json")
assert response.status_code == 404