def test_reachable_manager(self): # profile types profile_normal = ProfileFactory() profile_superuser = ProfileFactory() profile_superuser.user.is_superuser = True profile_superuser.user.save() profile_inactive = ProfileFactory() profile_inactive.user.is_active = False profile_inactive.user.save() profile_bot = ProfileFactory() profile_bot.user.username = settings.ZDS_MEMBER["bot_account"] profile_bot.user.save() profile_anonymous = ProfileFactory() profile_anonymous.user.username = settings.ZDS_MEMBER["anonymous_account"] profile_anonymous.user.save() profile_external = ProfileFactory() profile_external.user.username = settings.ZDS_MEMBER["external_account"] profile_external.user.save() profile_ban_def = ProfileFactory() profile_ban_def.can_read = False profile_ban_def.can_write = False profile_ban_def.save() profile_ban_temp = ProfileFactory() profile_ban_temp.can_read = False profile_ban_temp.can_write = False profile_ban_temp.end_ban_read = datetime.now() + timedelta(days=1) profile_ban_temp.save() profile_unban = ProfileFactory() profile_unban.can_read = False profile_unban.can_write = False profile_unban.end_ban_read = datetime.now() - timedelta(days=1) profile_unban.save() profile_ls_def = ProfileFactory() profile_ls_def.can_write = False profile_ls_def.save() profile_ls_temp = ProfileFactory() profile_ls_temp.can_write = False profile_ls_temp.end_ban_write = datetime.now() + timedelta(days=1) profile_ls_temp.save() # groups bot = Group(name=settings.ZDS_MEMBER["bot_group"]) bot.save() # associate account to groups bot.user_set.add(profile_anonymous.user) bot.user_set.add(profile_external.user) bot.user_set.add(profile_bot.user) bot.save() # test reachable user profiles_reacheable = Profile.objects.contactable_members().all() self.assertIn(profile_normal, profiles_reacheable) self.assertIn(profile_superuser, profiles_reacheable) self.assertNotIn(profile_inactive, profiles_reacheable) self.assertNotIn(profile_anonymous, profiles_reacheable) self.assertNotIn(profile_external, profiles_reacheable) self.assertNotIn(profile_bot, profiles_reacheable) self.assertIn(profile_unban, profiles_reacheable) self.assertNotIn(profile_ban_def, profiles_reacheable) self.assertNotIn(profile_ban_temp, profiles_reacheable) self.assertIn(profile_ls_def, profiles_reacheable) self.assertIn(profile_ls_temp, profiles_reacheable)
class MemberDetailAPITest(APITestCase): def setUp(self): self.client = APIClient() self.profile = ProfileFactory() client_oauth2 = create_oauth2_client(self.profile.user) self.client_authenticated = APIClient() authenticate_client(self.client_authenticated, client_oauth2, self.profile.user.username, 'hostel77') get_cache(extensions_api_settings.DEFAULT_USE_CACHE).clear() def test_detail_of_a_member(self): """ Gets all information about a user. """ response = self.client.get(reverse('api-member-detail', args=[self.profile.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(self.profile.pk, response.data.get('pk')) self.assertEqual(self.profile.user.username, response.data.get('username')) self.assertIsNone(response.data.get('email')) self.assertEqual(self.profile.user.is_active, response.data.get('is_active')) self.assertIsNotNone(response.data.get('date_joined')) self.assertEqual(self.profile.site, response.data.get('site')) self.assertEqual(self.profile.get_avatar_url(), response.data.get('avatar_url')) self.assertEqual(self.profile.biography, response.data.get('biography')) self.assertEqual(self.profile.sign, response.data.get('sign')) self.assertFalse(response.data.get('show_email')) self.assertEqual(self.profile.show_sign, response.data.get('show_sign')) self.assertEqual(self.profile.hover_or_click, response.data.get('hover_or_click')) self.assertEqual(self.profile.email_for_answer, response.data.get('email_for_answer')) def test_detail_of_a_member_who_accepts_to_show_his_email(self): """ Gets all information about a user but not his email because the request isn't authenticated. """ self.profile.show_email = True self.profile.save() response = self.client.get(reverse('api-member-detail', args=[self.profile.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertIsNone(response.data.get('email')) def test_detail_of_a_member_who_accepts_to_show_his_email_with_authenticated_request(self): """ Gets all information about a user and his email. """ self.profile.show_email = True self.profile.save() response = self.client_authenticated.get(reverse('api-member-detail', args=[self.profile.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertTrue(response.data.get('show_email')) self.assertEqual(self.profile.user.email, response.data.get('email')) def test_detail_of_a_member_not_present(self): """ Gets an error when the user isn't present in the database. """ response = self.client.get(reverse('api-member-detail', args=[42])) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) def test_update_member_details_without_any_change(self): """ Updates a member but without any changes. """ response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(self.profile.pk, response.data.get('pk')) self.assertEqual(self.profile.user.username, response.data.get('username')) self.assertEqual(self.profile.user.email, response.data.get('email')) self.assertEqual(self.profile.user.is_active, response.data.get('is_active')) self.assertIsNotNone(response.data.get('date_joined')) self.assertEqual(self.profile.site, response.data.get('site')) self.assertEqual(self.profile.avatar_url, response.data.get('avatar_url')) self.assertEqual(self.profile.biography, response.data.get('biography')) self.assertEqual(self.profile.sign, response.data.get('sign')) self.assertFalse(response.data.get('show_email')) self.assertEqual(self.profile.show_sign, response.data.get('show_sign')) self.assertEqual(self.profile.hover_or_click, response.data.get('hover_or_click')) self.assertEqual(self.profile.email_for_answer, response.data.get('email_for_answer')) def test_update_member_details_not_exist(self): """ Tries to update a member who doesn't exist in the database. """ response = self.client_authenticated.put(reverse('api-member-detail', args=[42])) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) def test_update_member_details_with_a_problem_in_authentication(self): """ Tries to update a member with a authentication not valid. """ response = self.client.put(reverse('api-member-detail', args=[self.profile.pk])) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_update_member_details_without_permissions(self): """ Tries to update information about a member when the user isn't the target user. """ another = ProfileFactory() response = self.client_authenticated.put(reverse('api-member-detail', args=[another.pk])) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_update_member_details_username(self): """ Updates username of a member given. """ data = { 'username': '******' } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('username'), data.get('username')) def test_update_member_details_email(self): """ Updates email of a member given. """ data = { 'email': '*****@*****.**' } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('email'), data.get('email')) def test_update_member_details_with_email_malformed(self): """ Gets an error when the user try to update a member given with an email malformed. """ data = { 'email': 'wrong email' } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_update_member_details_site(self): """ Updates site of a member given. """ data = { 'site': 'www.zestedesavoir.com' } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('site'), data.get('site')) def test_update_member_details_avatar(self): """ Updates url of the member's avatar given. """ data = { 'avatar_url': 'www.zestedesavoir.com' } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('avatar_url'), data.get('avatar_url')) def test_update_member_details_biography(self): """ Updates biography of a member given. """ data = { 'biography': 'It is my awesome biography.' } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('biography'), data.get('biography')) def test_update_member_details_sign(self): """ Updates sign of a member given. """ data = { 'sign': 'It is my awesome sign.' } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('sign'), data.get('sign')) def test_update_member_details_show_email(self): """ Updates show email of a member given. """ data = { 'show_email': True } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('show_email'), data.get('show_email')) data = { 'show_email': False } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('show_email'), data.get('show_email')) def test_update_member_details_show_sign(self): """ Updates show sign of a member given. """ data = { 'show_sign': True } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('show_sign'), data.get('show_sign')) data = { 'show_sign': False } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('show_sign'), data.get('show_sign')) def test_update_member_details_hover_or_click(self): """ Updates hover or click of a member given. """ data = { 'hover_or_click': True } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('hover_or_click'), data.get('hover_or_click')) data = { 'hover_or_click': False } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('hover_or_click'), data.get('hover_or_click')) def test_update_member_details_email_for_answer(self): """ Updates email for answer of a member given. """ data = { 'email_for_answer': True } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('email_for_answer'), data.get('email_for_answer')) data = { 'email_for_answer': False } response = self.client_authenticated.put(reverse('api-member-detail', args=[self.profile.pk]), data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data.get('email_for_answer'), data.get('email_for_answer')) def test_member_detail_url_with_post_method(self): """ Gets an error when the user try to make a request with a method not allowed. """ response = self.client.post(reverse('api-member-detail', args=[self.profile.pk])) self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED) def test_member_detail_url_with_delete_method(self): """ Gets an error when the user try to make a request with a method not allowed. """ response = self.client.delete(reverse('api-member-detail', args=[self.profile.pk])) self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)