def test_delete_page(self, mock_delete): """Test API Pagepost delete post (DEL).""" mock_delete.return_value = True admin, owner, user = UserFactory.create_batch(3) project = ProjectFactory.create(owner=owner) file_info = {'file_name': 'name.jpg', 'container': 'user_3'} page = PageFactory.create(project_id=project.id, info=file_info) page2 = PageFactory.create(project_id=project.id) # As anon url = '/api/page/%s' % page.id res = self.app.delete(url) assert res.status_code == 401, res.status_code # As user url = '/api/page/%s?api_key=%s' % (page.id, user.api_key) res = self.app.delete(url) assert res.status_code == 403, res.status_code # As owner url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key) res = self.app.delete(url) assert res.status_code == 204, res.status_code mock_delete.assert_called_with(file_info['file_name'], file_info['container']) # As admin url = '/api/page/%s?api_key=%s' % (page2.id, admin.api_key) res = self.app.delete(url) assert res.status_code == 204, res.status_code
def test_get_by_returns_none_if_no_page(self): """Test get_by returns None if no page matches the query""" PageFactory.create() page = self.page_repo.get_by(project_id=10000) assert page is None, page
def test_filter_by_no_matches(self): """Test filter_by returns an empty list if no pages match the query""" PageFactory.create() retrieved_pages = self.page_repo.filter_by(project_id=100) assert isinstance(retrieved_pages, list) assert len(retrieved_pages) == 0, retrieved_pages
def test_filter_by_multiple_conditions(self): """Test filter_by supports multiple-condition queries""" h1 = PageFactory.create(slug='url') h2 = PageFactory.create(slug='url') retrieved_pages = self.page_repo.filter_by(project_id=h2.project_id, slug='url') assert len(retrieved_pages) == 1, retrieved_pages assert h2 in retrieved_pages, retrieved_pages
def test_filter_by_one_condition(self): """Test filter_by returns a list of pages that meet the filtering condition""" PageFactory.create_batch(3, slug="algo") should_be_missing = PageFactory.create(slug="new") retrieved_pages = self.page_repo.filter_by(slug="algo") assert len(retrieved_pages) == 3, retrieved_pages assert should_be_missing not in retrieved_pages, retrieved_pages
def test_filter_by_limit_offset(self): """Test that filter_by supports limit and offset options""" PageFactory.create_batch(4) all_pages = self.page_repo.filter_by() first_two = self.page_repo.filter_by(limit=2) last_two = self.page_repo.filter_by(limit=2, offset=2) assert len(first_two) == 2, first_two assert len(last_two) == 2, last_two assert first_two == all_pages[:2] assert last_two == all_pages[2:]
def test_anonymous_user_create_given_page(self): """Test anonymous users cannot create pages for a project""" project = ProjectFactory.create() page = PageFactory.build(project_id=project.id) assert_raises(Unauthorized, ensure_authorized_to, 'create', page)
def test_anonymous_user_read_given_page(self): """Test anonymous users can read a given page""" project = ProjectFactory.create(published=True) page = PageFactory.create(project_id=project.id) assert_not_raises(Exception, ensure_authorized_to, 'read', page)
def test_get_nr_of_questions_with_3_questions(self): nrq = 3 # number of questions to be created questionnaire = QuestionnaireFactory() page = PageFactory(questionnaire=questionnaire) for _ in range(nrq): QuestionFactory(page=page) self.assertEqual(questionnaire.get_nr_of_questions(), nrq)
def test_save_fails_if_integrity_error(self): """Test save raises a DBIntegrityError if the instance to be saved lacks a required value""" page = PageFactory.build(project_id=None) assert_raises(DBIntegrityError, self.page_repo.save, page)
def test_anonymous_user_delete_page(self): """Test anonymous users cannot delete pages""" project = ProjectFactory.create(published=True) page = PageFactory.create(project_id=project.id) assert_raises(Unauthorized, ensure_authorized_to, 'delete', page)
def test_anonymous_user_read_given_page_draft_project(self): """Test anonymous users cannot read a given page of a draft project""" project = ProjectFactory.create(published=False) page = PageFactory.create(project_id=project.id) assert_raises(Unauthorized, ensure_authorized_to, 'read', page)
def test_get_by(self): """Test get_by returns a page with the specified attribute""" page = PageFactory.create(slug="algo") retrieved_page = self.page_repo.get_by(slug="algo") assert page == retrieved_page, retrieved_page
def test_get_returns_page(self): """Test get method returns a page if exists""" page = PageFactory.create() retrieved_page = self.page_repo.get(page.id) assert page == retrieved_page, retrieved_page
def test_update_fails_if_integrity_error(self): """Test update raises a DBIntegrityError if the instance to be updated lacks a required value""" page = PageFactory.create() page.project_id = None assert_raises(DBIntegrityError, self.page_repo.update, page)
def test_owner_update_page(self): """Test authenticated user can update page if it's the project's page owner""" owner = UserFactory.create(id=2) project = ProjectFactory.create(owner=owner) page = PageFactory.create(project_id=project.id) assert_not_raises(Exception, ensure_authorized_to, 'update', page)
def test_admin_read_given_page_draft_project(self): """Test admin can read a given page of a draft project""" owner = UserFactory.create(id=5) project = ProjectFactory.create(owner=owner, published=False) page = PageFactory.create(project_id=project.id) assert self.mock_admin.id != project.owner.id assert_not_raises(Exception, ensure_authorized_to, 'read', page)
def test_delete(self): """Test delete removes the page instance""" page = PageFactory.create() self.page_repo.delete(page) deleted = self.page_repo.get(page.id) assert deleted is None, deleted
def test_non_owner_authenticated_user_read_given_page_draft_project(self): """Test authenticated user cannot read a given page of a draft project if is not the project owner""" project = ProjectFactory.create(published=False) page = PageFactory.create(project_id=project.id) assert self.mock_authenticated.id != project.owner.id assert_raises(Forbidden, ensure_authorized_to, 'read', page)
def test_admin_update_page(self): """Test admins can update page even if it's not the post owner""" owner = UserFactory.create(id=5) project = ProjectFactory.create(owner=owner) page = PageFactory.create(project_id=project.id) assert_not_raises(Exception, ensure_authorized_to, 'update', page)
def test_non_owner_authenticated_user_read_given_page(self): """Test authenticated user can read a given page if is not the project owner""" project = ProjectFactory.create(published=True) page = PageFactory.create(project_id=project.id) assert self.mock_authenticated.id != project.owner.id assert_not_raises(Exception, ensure_authorized_to, 'read', page)
def test_non_owner_authenticated_user_create_given_page(self): """Test authenticated user cannot create a given page if is not the project owner""" project = ProjectFactory.create() page = PageFactory.build(project_id=project.id) assert self.mock_authenticated.id != project.owner_id assert_raises(Forbidden, ensure_authorized_to, 'create', page)
def test_owner_read_given_page_draft_project(self): """Test authenticated user can read a given page of a draft project if it's the project owner""" owner = UserFactory.create(id=2) project = ProjectFactory.create(owner=owner, published=False) page = PageFactory.create(project_id=project.id) assert self.mock_authenticated.id == project.owner.id assert_not_raises(Exception, ensure_authorized_to, 'read', page)
def test_owner_create_given_page(self): """Test authenticated user can create a given page if it's project owner""" owner = UserFactory.create(id=2) project = ProjectFactory.create(owner=owner) page = PageFactory.build(project_id=project.id) assert self.mock_authenticated.id == project.owner_id assert_not_raises(Exception, ensure_authorized_to, 'create', page)
def test_admin_authenticated_user_delete_page(self): """Test authenticated user can delete any page if it's admin""" owner = UserFactory.create(id=5) project = ProjectFactory.create(owner=owner) page = PageFactory.create(project_id=project.id) assert self.mock_admin.id != owner.id assert_not_raises(Exception, ensure_authorized_to, 'delete', page)
def test_owner_delete_page(self): """Test authenticated user can delete a page if is the page owner""" owner = UserFactory.create(id=2) project = ProjectFactory.create(owner=owner) page = PageFactory.create(project_id=project.id) assert self.mock_authenticated.id == owner.id assert_not_raises(Exception, ensure_authorized_to, 'delete', page)
def test_non_owner_authenticated_user_delete_page(self): """Test authenticated user cannot delete a page if is not the page's owner and is not admin""" owner = UserFactory.create(id=5) project = ProjectFactory.create(owner=owner, published=True) page = PageFactory.create(project_id=project.id) assert self.mock_authenticated.id != owner.id assert not self.mock_authenticated.admin assert_raises(Forbidden, ensure_authorized_to, 'delete', page)
def test_update(self): """Test update persists the changes made to the page""" info = {'key': 'val'} page = PageFactory.create(info=info) info_new = {'f': 'v'} page.info = info_new self.page_repo.update(page) updated_page = self.page_repo.get(page.id) assert updated_page.info == info_new, updated_page
def test_save(self): """Test save persist the page""" page = PageFactory.build() project = ProjectFactory.create() page.project_id = project.id assert self.page_repo.get(page.id) is None self.page_repo.save(page) assert self.page_repo.get( page.id) == page, "Helping material not saved"
def test_update_page(self): """Test API Pagepost update post (PUT).""" admin, user, owner = UserFactory.create_batch(3) project = ProjectFactory.create(owner=owner) page = PageFactory.create(project_id=project.id) # As anon page.slug = 'new' url = '/api/page/%s' % page.id res = self.app.put(url, data=json.dumps(page.dictize())) data = json.loads(res.data) assert res.status_code == 401, res.status_code # As user url = '/api/page/%s?api_key=%s' % (page.id, user.api_key) res = self.app.put(url, data=json.dumps(page.dictize())) data = json.loads(res.data) assert res.status_code == 403, res.status_code # As owner url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key) payload = page.dictize() del payload['created'] del payload['id'] res = self.app.put(url, data=json.dumps(payload)) data = json.loads(res.data) assert res.status_code == 200, res.status_code assert data['slug'] == 'new', data # as owner with reserved key page.slug = 'new' page.created = 'today' url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key) payload = page.dictize() del payload['id'] res = self.app.put(url, data=json.dumps(payload)) data = json.loads(res.data) assert res.status_code == 400, res.status_code assert data['exception_msg'] == 'Reserved keys in payload', data # as owner with wrong key page.slug = 'new-slug' url = '/api/page/%s?api_key=%s' % (page.id, owner.api_key) payload = page.dictize() del payload['created'] del payload['id'] payload['foo'] = 'bar' res = self.app.put(url, data=json.dumps(payload)) data = json.loads(res.data) assert res.status_code == 415, res.status_code assert 'foo' in data['exception_msg'], data