def test_delete(self): headers = {'Authorization': self.token} t_data = deepcopy(self.test_data) t_data['username'] = '******' t_data['email'] = '*****@*****.**' t_data['password'] = '******' t_user = User(**t_data) t_user.save() user = User.get_by_id(self.id) response = test_app.delete(f'/api/v1/user/{str(t_user.id)}', headers=headers, content_type='application/json') tools.assert_equals(response.status_code, 500) tools.assert_equals(json.loads(response.data)['data'], {'msg': 'user don\'t has authority'}) user.level = 9 user.save() response = test_app.delete(f'/api/v1/user/{str(t_user.id)}', headers=headers, content_type='application/json') json_resp = json.loads(response.data) tools.assert_equals(response.status_code, 200) tools.assert_equals(json_resp.get('data'), {'msg': 'SUCCESS'})
def test_post(self): headers = {'Authorization': self.token} t_data = deepcopy(self.test_data) t_data['username'] = '******' t_data['email'] = '*****@*****.**' data = json.dumps(t_data) user = User.get_by_id(self.id) user.level = 1 user.save() response = test_app.post('/api/v1/user', data=data, headers=headers, content_type='application/json') tools.assert_equals(response.status_code, 500) tools.assert_equals(json.loads(response.data).get('data'), {'msg': "user don't has authority"}) user.level = 9 user.save() response = test_app.post('/api/v1/user', data=data, headers=headers, content_type='application/json') json_resp = json.loads(response.data) tools.assert_equals(response.status_code, 200) tools.assert_is_not_none(json_resp.get('data')) tools.assert_is_not_none(json_resp.get('data').get('id'))
def change_user_level(self, level=9): """ 测试修改用户权限 """ user = User.get_by_id(self.id) user.level = level user.save()
def test_article_put(self): """ 测试edited_article的put接口 1、测试登录认证 2、测试权限问题,普通用户不能提交 """ user = User.get_by_id(self.user_id) user.level = 1 user.save() headers = {'Authorization': self.token} t_data = deepcopy(self.test_data2) t_user_data = deepcopy(self.test_data1) t_article = Article.get_by_id(str(self.article_id_list[0])) t_user_data['username'] = '******' t_user_data['email'] = '*****@*****.**' t_user = User(**t_user_data) t_user.save() t_data['author'] = str(t_user.id) t_data.pop('added') data = json.dumps(t_data) response = test_app.put(f'/api/v1/article/{str(t_article.id)}', data=data, headers=headers, content_type='application/json') tools.assert_equals(response.status_code, 500) tools.assert_equals(json.loads(response.data)['data'], {'msg': 'user don\'t has authority'}) user = User.get_by_id(self.user_id) user.level = 9 user.save() response = test_app.put(f'/api/v1/article/{str(t_article.id)}', data=data, headers=headers, content_type='application/json') json_resp = json.loads(response.data) tools.assert_equals(response.status_code, 200) tools.assert_is_not_none(json_resp.get('data')) tools.assert_is_not_none(json_resp.get('data').get('id')) t_user.delete()
def test_put(self): headers = {'Authorization': self.token} t_data = deepcopy(self.test_data) t_data['username'] = '******' t_data['email'] = '*****@*****.**' t_data['password'] = '******' t_user = User(**t_data) t_user.save() data = json.dumps(t_data) user = User.get_by_id(self.id) user.level = 1 user.save() response = test_app.put(f'/api/v1/user/{str(t_user.id)}', data=data, headers=headers, content_type='application/json') json_resp = json.loads(response.data) tools.assert_equals(response.status_code, 403) tools.assert_equals(json.loads(response.data)['data'], {'msg': 'Don\'t have authority'}) user.level = 9 user.save() t_data['username'] = '******' data = json.dumps(t_data) response = test_app.put(f'/api/v1/user/{str(t_user.id)}', data=data, headers=headers, content_type='application/json') tools.assert_equals(response.status_code, 403) tools.assert_equals(json.loads(response.data)['data'], {'msg': 'Can\'t modify username'}) t_data['password'] = '******' t_data['username'] = '******' data = json.dumps(t_data) response = test_app.put(f'/api/v1/user/{str(t_user.id)}', data=data, headers=headers, content_type='application/json') json_resp = json.loads(response.data) tools.assert_equals(response.status_code, 200) tools.assert_is_not_none(json_resp.get('data')) self.username = t_data.get('username') self.password = t_data.get('password') self.__test_login()
def test_me(self): headers = {'Authorization': self.token} response = test_app.get('/api/v1/user/me', headers=headers) tools.assert_equals(response.status_code, 200) json_resp = json.loads(response.data) user_data = json_resp.get('data') user = User.get_by_id(self.id) tools.assert_equals(user_data, user.api_response()) tools.assert_is_none(user_data.get('password')) headers = {'Authorization': self.token + 'aaaa'} response = test_app.get('/api/v1/user/me') tools.assert_equals(response.status_code, 401) response = test_app.get('/api/v1/user/me', headers=headers) tools.assert_equals(response.status_code, 401)
def test_article_post(self): """ 测试edited_article的post接口 1、测试登录认证 2、测试权限问题,普通用户不能提交 """ headers = {'Authorization': self.token + 'aaaa'} response = test_app.post('/api/v1/article') tools.assert_equals(response.status_code, 401) response = test_app.post('/api/v1/article', headers=headers) tools.assert_equals(response.status_code, 401) headers = {'Authorization': self.token} t_data = deepcopy(self.test_data2) t_data.pop('added') data = json.dumps(t_data) user = User.get_by_id(self.user_id) user.level = 1 user.save() response = test_app.post('/api/v1/article', data=data, headers=headers, content_type='application/json') tools.assert_equals(response.status_code, 500) tools.assert_equals(json.loads(response.data)['data'], {'msg': "user don't has authority"}) user.level = 9 user.save() response = test_app.post('/api/v1/article', data=data, headers=headers, content_type='application/json') json_resp = json.loads(response.data) tools.assert_equals(response.status_code, 200) tools.assert_is_not_none(json_resp.get('data')) tools.assert_is_not_none(json_resp.get('data').get('id'))