def test_crag_confirmation(): """ Tests confirmation functionality and associated deletion permissions of the crag endpoint. """ login_jwts = confirmation_fixture() # Create Area area_d = dict(name="Nahetal") area_rv = test_app.post('%sareas/' % api_prefix, data=area_d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(area_rv.headers) eq_(area_rv.status_code, 201) area_resp = json.loads(area_rv.data)['data'] # Try to POST confirmed not being admin or mod d = dict(name="Alter Steinbruch", area_id='%s' % area_resp['id'], confirmed=True) rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, "056") # POST d = dict(name="Alter Steinbruch", area_id='%s' % area_resp['id']) rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) resp = json.loads(rv.data)['data'] # GET (empty) collection rv = test_app.get(endpoint) check_content_type(rv.headers) eq_(rv.status_code, 200) eq_(len(json.loads(rv.data)['data']), 0) # GET (empty) single rv = test_app.get('%s%s' % (endpoint, resp['id'])) check_content_type(rv.headers) eq_(rv.status_code, 404) check_error_code(rv.data, "034") # Try to DELETE by user rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_user'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '047') # DELETE by admin rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 204) # POST again d = dict(name="Alter Steinbruch", area_id='%s' % area_resp['id']) rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) resp = json.loads(rv.data)['data'] # Try to confirm by author d = dict(name="Alter Steinbruch", area_id='%s' % area_resp['id'], confirmed=True) rv = test_app.put('%s%s' % (endpoint, resp['id']), data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '048') # Confirm by admin d = dict(name="Alter Steinbruch", area_id='%s' % area_resp['id'], confirmed=True) rv = test_app.put('%s%s' % (endpoint, resp['id']), data=d, headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) # GET one element collection rv = test_app.get(endpoint) check_content_type(rv.headers) eq_(rv.status_code, 200) eq_(len(json.loads(rv.data)['data']), 1) # GET single rv = test_app.get('%s%s' % (endpoint, resp['id'])) check_content_type(rv.headers) eq_(rv.status_code, 200) # Try to DELETE by author rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '046') # DELETE by admin rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 204)
def test_unconfirmed_endpoint(): """ Tests functionality of the unconfirmed endpoint. """ login_jwts = confirmation_fixture() h = [('loginJWT', login_jwts['login_jwt_author'])] # Create Area area_d = dict(name="Eifel") area_rv = test_app.post('%sareas/' % api_prefix, data=area_d, headers=h) check_content_type(area_rv.headers) eq_(area_rv.status_code, 201) area_resp = json.loads(area_rv.data)['data'] # Create Crag crag_d = dict(name="Glees", area_id='%s' % area_resp['id']) crag_rv = test_app.post('%scrags/' % api_prefix, data=crag_d, headers=h) check_content_type(crag_rv.headers) eq_(crag_rv.status_code, 201) crag_resp = json.loads(crag_rv.data)['data'] # Create Block block_d = dict(name="Bleausard", crag_id='%s' % crag_resp['id']) block_rv = test_app.post('%sblocks/' % api_prefix, data=block_d, headers=h) check_content_type(block_rv.headers) eq_(block_rv.status_code, 201) block_resp = json.loads(block_rv.data)['data'] # Create Boulder boulder_d = dict(name="Es", grade="7b+", block_id='%s' % block_resp['id']) boulder_rv = test_app.post('%sboulders/' % api_prefix, data=boulder_d, headers=h) check_content_type(boulder_rv.headers) eq_(boulder_rv.status_code, 201) # GET collection as author rv = test_app.get('%sunconfirmed/' % api_prefix, headers=h) check_content_type(rv.headers) resp = json.loads(rv.data)['data'] eq_(rv.status_code, 200) eq_(len(resp), 4) # GET collection as admin rv = test_app.get('%sunconfirmed/' % api_prefix, headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) resp = json.loads(rv.data)['data'] eq_(rv.status_code, 200) eq_(len(resp), 4) # GET collection as normal user rv = test_app.get('%sunconfirmed/' % api_prefix, headers=[('loginJWT', login_jwts['login_jwt_user'])]) check_content_type(rv.headers) resp = json.loads(rv.data)['data'] eq_(rv.status_code, 200) eq_(len(resp), 0) # Create Area as user area_d = dict(name="Nahetal") area_rv = test_app.post('%sareas/' % api_prefix, data=area_d, headers=[('loginJWT', login_jwts['login_jwt_user'])]) check_content_type(area_rv.headers) eq_(area_rv.status_code, 201) # Confirm area by admin d = dict(name="Eifel", confirmed=True) rv = test_app.put('%sareas/%s' % (api_prefix, area_resp['id']), data=d, headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) # GET collection as author rv = test_app.get('%sunconfirmed/' % api_prefix, headers=h) check_content_type(rv.headers) resp = json.loads(rv.data)['data'] eq_(rv.status_code, 200) eq_(len(resp), 3) # GET collection as admin rv = test_app.get('%sunconfirmed/' % api_prefix, headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) resp = json.loads(rv.data)['data'] eq_(rv.status_code, 200) eq_(len(resp), 4) # GET collection as normal user rv = test_app.get('%sunconfirmed/' % api_prefix, headers=[('loginJWT', login_jwts['login_jwt_user'])]) check_content_type(rv.headers) resp = json.loads(rv.data)['data'] eq_(rv.status_code, 200) eq_(len(resp), 1)
def test_boulder_confirmation(): """ Tests confirmation functionality and associated deletion permissions of the boulder endpoint. """ login_jwts = confirmation_fixture() # Create Area area_d = dict(name="Eifel") area_rv = test_app.post('%sareas/' % api_prefix, data=area_d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(area_rv.headers) eq_(area_rv.status_code, 201) area_resp = json.loads(area_rv.data)['data'] # Create Crag crag_d = dict(name="Glees", area_id='%s' % area_resp['id']) crag_rv = test_app.post('%scrags/' % api_prefix, data=crag_d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(crag_rv.headers) eq_(crag_rv.status_code, 201) crag_resp = json.loads(crag_rv.data)['data'] # Create Block block_d = dict(name="Bleausard", crag_id='%s' % crag_resp['id']) block_rv = test_app.post('%sblocks/' % api_prefix, data=block_d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(block_rv.headers) eq_(block_rv.status_code, 201) block_resp = json.loads(block_rv.data)['data'] # Try to POST confirmed not being admin or mod d = dict(name="Es", grade="7b+", block_id='%s' % block_resp['id'], confirmed=True) rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, "058") # POST d = dict(name="Es", grade="7b+", block_id='%s' % block_resp['id']) rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) resp = json.loads(rv.data)['data'] # GET (empty) collection rv = test_app.get(endpoint) check_content_type(rv.headers) eq_(rv.status_code, 200) eq_(len(json.loads(rv.data)['data']), 0) # GET (empty) single rv = test_app.get('%s%s' % (endpoint, resp['id'])) check_content_type(rv.headers) eq_(rv.status_code, 404) check_error_code(rv.data, "032") # Try to DELETE by user rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_user'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '053') # DELETE by admin rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 204) # POST again d = dict(name="Es", grade="7b+", block_id='%s' % block_resp['id']) rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) resp = json.loads(rv.data)['data'] # Try to confirm by author d = dict(name="Es", grade="7b+", block_id='%s' % block_resp['id'], confirmed=True) rv = test_app.put('%s%s' % (endpoint, resp['id']), data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '054') # Confirm by admin d = dict(name="Es", grade="7b+", block_id='%s' % block_resp['id'], confirmed=True) rv = test_app.put('%s%s' % (endpoint, resp['id']), data=d, headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) # GET one element collection rv = test_app.get(endpoint) check_content_type(rv.headers) eq_(rv.status_code, 200) eq_(len(json.loads(rv.data)['data']), 1) # GET single rv = test_app.get('%s%s' % (endpoint, resp['id'])) check_content_type(rv.headers) eq_(rv.status_code, 200) # Try to DELETE by author rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '052') # DELETE by admin rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 204)
def test_area_confirmation(): """ Tests confirmation functionality and associated deletion permissions of the area endpoint. """ login_jwts = confirmation_fixture() # Try to POST confirmed not being admin or mod d = dict(name="Nahetal", confirmed=True) rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, "055") # POST d = dict(name="Nahetal") rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) resp = json.loads(rv.data)['data'] # GET (empty) collection rv = test_app.get(endpoint) check_content_type(rv.headers) eq_(rv.status_code, 200) eq_(len(json.loads(rv.data)['data']), 0) # GET (empty) single rv = test_app.get('%s%s' % (endpoint, resp['id'])) check_content_type(rv.headers) eq_(rv.status_code, 404) check_error_code(rv.data, "028") # Try to DELETE by user rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_user'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '044') # DELETE by admin rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 204) # POST again d = dict(name="Nahetal") rv = test_app.post(endpoint, data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) resp = json.loads(rv.data)['data'] # Try to confirm by author d = dict(name="Nahetal", confirmed=True) rv = test_app.put('%s%s' % (endpoint, resp['id']), data=d, headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '045') # Confirm by admin d = dict(name="Nahetal", confirmed=True) rv = test_app.put('%s%s' % (endpoint, resp['id']), data=d, headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 201) # GET one element collection rv = test_app.get(endpoint) check_content_type(rv.headers) eq_(rv.status_code, 200) eq_(len(json.loads(rv.data)['data']), 1) # GET single rv = test_app.get('%s%s' % (endpoint, resp['id'])) check_content_type(rv.headers) eq_(rv.status_code, 200) # Try to DELETE by author rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_author'])]) check_content_type(rv.headers) eq_(rv.status_code, 401) check_error_code(rv.data, '043') # DELETE by admin rv = test_app.delete('%s%s' % (endpoint, resp['id']), headers=[('loginJWT', login_jwts['login_jwt_admin'])]) check_content_type(rv.headers) eq_(rv.status_code, 204)