def test_put__user_unauthorized_for_modify_another_user(self): user = User.create(uuid=uuid.uuid4(), first_name='Maria', last_name='Rossi', email='*****@*****.**', password=crypt_password('1234567')) user2 = User.create(uuid=uuid.uuid4(), first_name='Alessandro', last_name='Cappellini', email='*****@*****.**', password=crypt_password('1234567')) data = { 'first_name': 'Anna', 'last_name': 'Rossi', 'email': '*****@*****.**', 'password': '******' } resp = self.open_with_auth('/users/{}'.format(user.uuid), 'put', user2.email, '1234567', data=data) assert resp.status_code == UNAUTHORIZED
def test_put__success(self): user = User.create(uuid=uuid.uuid4(), first_name='Giovanni', last_name='Mariani', email='*****@*****.**', password=crypt_password('1234567')) data = { 'first_name': 'anna', 'last_name': 'Marini', 'email': '*****@*****.**', 'password': '******' } resp = self.open_with_auth('/users/{}'.format(user.uuid), 'put', user.email, '1234567', data=data) query = User.select() user_from_db = query.get() expected_data = { 'first_name': user_from_db.first_name, 'last_name': user_from_db.last_name, 'email': user_from_db.email, 'password': data['password'] } assert expected_data == data assert resp.status_code == CREATED assert query.get().json() == json.loads(resp.data.decode())
def test_delete_user__unauthorized_for_delete_another_user(self): user = User.create(uuid=uuid.uuid4(), first_name='Maria', last_name='Rossi', email='*****@*****.**', password=crypt_password('1234567')) user2 = User.create(uuid=uuid.uuid4(), first_name='Alessandro', last_name='Cappellini', email='*****@*****.**', password=crypt_password('1234567')) resp = self.open_with_auth('/users/{}'.format(user.uuid), 'delete', user2.email, '1234567', data='') assert resp.status_code == UNAUTHORIZED
def create_user(self, email="*****@*****.**", first_name="First Name", last_name="Last name", password="******", superuser=False): return User.create( uuid=uuid.uuid4(), first_name=first_name, last_name=last_name, email=email, password=crypt_password(password), superuser=superuser, )
def test_delete_user__success(self): user = User.create(uuid=uuid.uuid4(), first_name='Alessandro', last_name='Cappellini', email='*****@*****.**', password=crypt_password('1234567')) user2 = User.create(uuid=uuid.uuid4(), first_name='Jonh', last_name='Smith', email='*****@*****.**', password=crypt_password('1234567')) resp = self.open_with_auth('/users/{}'.format(user.uuid), 'delete', user.email, '1234567', data='') all_users = User.select() user_from_db = all_users.get() assert resp.status_code == NO_CONTENT assert len(all_users) == 1 assert user_from_db.uuid == user2.uuid
def create_superuser(email, password): database.connect() User.create( uuid=uuid.uuid4(), first_name='', last_name='', email=email, password=(crypt_password(password)), superuser=True, ) database.close()
def test_put__empty_fields(self): user = User.create(uuid=uuid.uuid4(), first_name='Giovanni', last_name='Mariani', email='*****@*****.**', password=crypt_password('1234567')) data = {'first_name': '', 'last_name': '', 'email': '', 'password': ''} resp = self.open_with_auth('/users/{}'.format(user.uuid), 'put', user.email, '1234567', data=data) assert resp.status_code == BAD_REQUEST
def test_put__user_unauthorized(self): user = User.create(uuid=uuid.uuid4(), first_name='Giovanni', last_name='Mariani', email='*****@*****.**', password=crypt_password('1234567')) data = { 'first_name': 'Giovanni', 'last_name': 'Pippo', 'email': '*****@*****.**', 'password': '******' } resp = self.open_with_auth('/users/{}'.format(user.uuid), 'put', user.email, '1234568', data=data) query = User.select().where(User.last_name == user.last_name) assert len(query) == 1 assert resp.status_code == UNAUTHORIZED