def process(self, form: FlaskForm): login = session['username'] if db.session.query(User.surname).filter(User.login == login) != form.surname.data: User.update_by_login(login, 'surname', form.surname.data) return return_ok_status('Surname change.') else: return return_bad_status('Not change.')
def setUp(self): app.config['TESTING'] = True app.config['CSRF_ENABLED'] = False app.config['DEBUG'] = False app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' + os.path.join( BASE_DIR, TEST_DB) self.app = app.test_client() db.create_all() self.invite_link = ''.join( random.choice(string.ascii_lowercase + string.digits) for _ in range(32)) our_time = "2019-01-05 22:14:39" our_time_to_live = "2019-04-05 22:14:39" our_datetime = datetime.strptime(our_time, "%Y-%m-%d %H:%M:%S") our_datetime_to_live = datetime.strptime(our_time_to_live, "%Y-%m-%d %H:%M:%S") self.user = User() self.user.add() print(self.user.id) self.tournament = Tournament("CTF", "description", self.user, our_datetime, our_datetime_to_live, "45.408062, -123.007827", self.invite_link, True, True, False, True) self.tournament.add()
def process(self, form: FlaskForm): user = User.query.filter(User.email == form.email.data).count() if user: return return_bad_status( 'Пользователь с такой почтой уже существует.') user = User.query.filter(User.login == form.login.data).count() if user: return return_bad_status( 'Пользователь с таким логином уже существует.') code = ''.join([ random.choice( list( '123456789qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM' )) for x in range(8) ]) secret_link = 'http://*****:*****@yandex.ru", recipients=[form.email.data]) msg.body = 'Для подтверждения вашей учетной записи пройдите по этой ссылке: ' + secret_link mail.send(msg) secret_pass = sha256(form.password.data.encode()).hexdigest() user = User(form.name.data, form.email.data, form.login.data, secret_pass, code) user.save() user_id = User.last_id() return return_ok_status(user_id)
def process(self, form: FlaskForm): login = session['username'] if db.session.query(User.password).filter(User.login == login) != form.old_password.data: User.update_by_login(login,'password', form.new_password.data) return return_ok_status('Password change.') else: return return_bad_status('Not change.')
def process(self, form: FlaskForm): login = session['username'] if db.session.query(User.email).filter(User.login == login) != form.email.data and db.session.query( User.password).filter(User.login == login) == sha256(form.password.data.encode()).hexdigest(): User.update_by_login(login, 'email', form.email.data) return return_ok_status('Email change.') else: return return_bad_status('Not change.')
def test_get_info_about_user(self): user = User('MyName', '*****@*****.**', 'MyLogin', 'MyPassword', '123') user.save() url = '/api/user/1' resp = self.app.get(url) self.assertEqual(resp.status_code, 200) response = json.loads(resp.data) self.assertEqual(response['status'], 'ok')
def test_reset_password(self): user = User('MyName', '*****@*****.**', 'MyLogin', 'MyPassword', '123') user.save() url = '/api/forgetpass' data = {'email': '*****@*****.**'} resp = self.app.post(url, data=data) self.assertEqual(resp.status_code, 200) response = json.loads(resp.data) self.assertEqual(response['status'], 'ok')
def setUp(self): super().setUp() self.app = app.test_client() self.user = User('name', 'test@test', 'login', 'pass', 'code') self.user.save() with self.app.session_transaction() as session: session['id'] = self.user.id self.team = Team("Bushwhackers", 'Moscow', 'qwerty', self.user)
def test_member_can_be_deleted_from_team_by_creator(self): self.team.save() test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_user.save() self.team.add_new_member(test_user) response = self.app.get('/api/teams/{}/delete/{}'.format( self.team.id, test_user.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertFalse(self.team.if_user_in_the_team(test_user))
def test_member_cant_be_deleted_from_team_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_user.save() test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/api/teams/{}/delete/{}'.format( test_team.id, test_user.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы не имеете прав редактировать команду')
def setUp(self): super().setUp() self.app = app.test_client() u = User('John Novikov', '*****@*****.**', 'login', 'secretpass', 123) u.save() u2 = User('Johnnnn Novikov', '*****@*****.**', 'login', 'secretpass', 123) u.save() db.session.add(Team('Shadow Servants')) db.session.add(Team('Shadow Servants')) db.session.commit() self.sh1 = ScoreHistory(500, datetime.datetime(2018, 1, 1, 00, 00, 00), contestant=1, tournament=1) self.sh2 = ScoreHistory(700, datetime.datetime(2018, 1, 1, 00, 00, 00), contestant=1, tournament=1) self.sh3 = ScoreHistory(700, datetime.datetime(2018, 1, 1, 00, 00, 00), contestant=2, tournament=1) self.sh4 = ScoreHistory(900, datetime.datetime(2018, 1, 1, 00, 00, 00), contestant=2, tournament=1)
def test_user_cant_leave_the_team_if_he_is_not_in_it(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/api/teams/{}/leave'.format(test_team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы уже/еще не в команде')
def test_user_can_join_the_team_by_right_code(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/team/join?code={}'.format( test_team.invite_code)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertTrue(self.user in test_team.members)
def test_user_can_leave_the_team(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() test_team.add_new_member(self.user) response = self.app.get('/api/teams/{}/leave'.format(test_team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertFalse(self.user in test_team.members)
def test_invite_code_cant_be_got_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/api/teams/{}/code'.format(test_team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual( response['result'], 'Вы не имеете доступа к ссылке приглашения в команду')
def test_team_city_cant_be_changed_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.post('/api/teams/{}/city/change'.format( test_team.id), data={'city': 'kek'}) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы не имеете прав редактировать команду')
def post(): if 'id' in session and session['id'] and User.is_exist_by_id( session['id']): user_state = { 'id': session['id'], 'username': session['username'], 'loading': False, 'team_id': session['team_id'] } return return_ok_status(user_state) session.pop('id', None) session.pop('team_id', None) session.pop('username', None) user_state = {'id': None, 'login': None, 'loading': False} return return_bad_status(user_state)
class TestTeam(BaseTestCase): def setUp(self): super().setUp() self.app = app.test_client() self.user = User('name', 'test@test', 'login', 'pass', 'code') self.user.save() with self.app.session_transaction() as session: session['id'] = self.user.id self.team = Team("Bushwhackers", 'Moscow', 'qwerty', self.user) def tearDown(self): db.session.remove() db.drop_all() def test_should_model_has_need_fields(self): self.assertTrue(hasattr(self.team, "id")) self.assertTrue(hasattr(self.team, "name")) self.assertTrue(hasattr(self.team, 'city')) self.assertTrue(hasattr(self.team, 'invite_code')) self.assertTrue(hasattr(self.team, 'creator')) self.assertTrue(hasattr(self.team, 'creator_id')) def test_should_team_delete(self): self.team.save() with app.app_context(): self.team.delete() self.assertFalse(Team.query.count()) def test_team_can_be_created(self): response = self.app.post('/api/team/create', data={ 'name': self.team.name, 'city': self.team.city, 'invite_code': self.team.invite_code }) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') def test_all_team_can_be_got(self): team_for_quantity = Team('SS', 'Moscow', 'lolkek', self.user) team_for_quantity.save() response = self.app.get('/api/teams') self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertEqual(len(response['result']), 2) def test_one_team_can_be_got_by_id(self): self.team.save() response = self.app.get('/api/teams/{}'.format(self.team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertEqual(response['result'][0]['id'], self.team.id) def test_team_members_can_be_got(self): self.team.save() response = self.app.get('/api/teams/{}/members'.format(self.team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertEqual(response['result'][0][0]['id'], self.user.id) def test_user_can_join_the_team_by_right_code(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/team/join?code={}'.format( test_team.invite_code)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertTrue(self.user in test_team.members) def test_user_cant_join_the_team_by_wrong_code(self): response = self.app.get('/team/join?code=keklol') self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Неверный код приглашения') def test_user_cant_join_the_team_twice(self): response = self.app.get('/team/join?code={}'.format( self.team.invite_code)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы уже присоединены к команде') def test_user_can_leave_the_team(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() test_team.add_new_member(self.user) response = self.app.get('/api/teams/{}/leave'.format(test_team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertFalse(self.user in test_team.members) def test_user_cant_leave_a_nonexistent_team(self): response = self.app.get('/api/teams/666/leave') self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Команды с таким id не существует') def test_user_cant_leave_the_team_if_he_is_not_in_it(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/api/teams/{}/leave'.format(test_team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы уже/еще не в команде') def test_invite_code_can_be_changed_by_creator(self): self.team.save() response = self.app.get('/api/teams/{}/code/change'.format( self.team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') def test_invite_code_cant_be_changed_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/api/teams/{}/code/change'.format( test_team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual( response['result'], 'Вы не имеете доступа к ссылке приглашения в команду') def test_invite_code_cant_be_updated_in_nonexistent_team(self): response = self.app.get('/api/teams/666/code/change') self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Команды с таким id не существует') def test_invite_code_can_be_got_by_creator(self): self.team.save() response = self.app.get('/api/teams/{}/code'.format(self.team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') def test_invite_code_cant_be_got_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/api/teams/{}/code'.format(test_team.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual( response['result'], 'Вы не имеете доступа к ссылке приглашения в команду') def test_invite_code_cant_be_got_in_nonexistent_team(self): response = self.app.get('/api/teams/666/code') self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Команды с таким id не существует') def test_team_name_can_be_changed_by_creator(self): self.team.save() response = self.app.post('/api/teams/{}/name/change'.format( self.team.id), data={'name': 'SS'}) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertEqual(Team.get_by_id(self.team.id).name, 'SS') def test_team_city_can_be_changed_by_creator(self): self.team.save() response = self.app.post('/api/teams/{}/city/change'.format( self.team.id), data={'city': 'Hum'}) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertEqual(Team.get_by_id(self.team.id).city, 'Hum') def test_team_name_cant_be_changed_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.post('/api/teams/{}/name/change'.format( test_team.id), data={'name': 'kek'}) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы не имеете прав редактировать команду') def test_team_city_cant_be_changed_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.post('/api/teams/{}/city/change'.format( test_team.id), data={'city': 'kek'}) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы не имеете прав редактировать команду') def test_member_can_be_deleted_from_team_by_creator(self): self.team.save() test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_user.save() self.team.add_new_member(test_user) response = self.app.get('/api/teams/{}/delete/{}'.format( self.team.id, test_user.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'ok') self.assertFalse(self.team.if_user_in_the_team(test_user)) def test_member_cant_be_deleted_from_team_not_by_creator(self): test_user = User('test', 'test@test', 'test', 'pass', 'lol') test_user.save() test_team = Team('SS', 'Moscow', 'lolkek', test_user) test_team.save() response = self.app.get('/api/teams/{}/delete/{}'.format( test_team.id, test_user.id)) self.assertEqual(response.status_code, 200) response = json.loads(response.data) self.assertEqual(response['status'], 'bad') self.assertEqual(response['result'], 'Вы не имеете прав редактировать команду')
def is_auth(): if 'id' in session and session['id'] and User.is_exist_by_id( session['id']): return True return False
class TestTournament(unittest.TestCase): def setUp(self): app.config['TESTING'] = True app.config['CSRF_ENABLED'] = False app.config['DEBUG'] = False app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' + os.path.join( BASE_DIR, TEST_DB) self.app = app.test_client() db.create_all() self.invite_link = ''.join( random.choice(string.ascii_lowercase + string.digits) for _ in range(32)) our_time = "2019-01-05 22:14:39" our_time_to_live = "2019-04-05 22:14:39" our_datetime = datetime.strptime(our_time, "%Y-%m-%d %H:%M:%S") our_datetime_to_live = datetime.strptime(our_time_to_live, "%Y-%m-%d %H:%M:%S") self.user = User() self.user.add() print(self.user.id) self.tournament = Tournament("CTF", "description", self.user, our_datetime, our_datetime_to_live, "45.408062, -123.007827", self.invite_link, True, True, False, True) self.tournament.add() def tearDown(self): db.session.remove() db.drop_all() def test_should_model_has_need_fields(self): self.assertTrue(hasattr(self.tournament, "id")) self.assertTrue(hasattr(self.tournament, "name")) self.assertTrue(hasattr(self.tournament, "description")) self.assertTrue(hasattr(self.tournament, "private")) self.assertTrue(hasattr(self.tournament, "platform")) self.assertTrue(hasattr(self.tournament, "invite_link")) self.assertTrue(hasattr(self.tournament, "creator")) self.assertTrue(hasattr(self.tournament, "time")) self.assertTrue(hasattr(self.tournament, "time_to_live")) self.assertTrue(hasattr(self.tournament, "place")) self.assertTrue(hasattr(self.tournament, "online")) self.assertTrue(hasattr(self.tournament, "for_team_allowed")) def test_should_tournament_delete(self): with app.app_context(): self.tournament.delete() self.assertFalse(Tournament.query.count()) def test_should_add_team_to_tournament(self): with app.app_context(): self.team_to_tournament = TournamentsToObject( 1, 1, self.user, self.tournament) self.assertEqual(self.team_to_tournament.add(), 1) def test_should_delete_team_to_tournament(self): with app.app_context(): self.team_to_tournament = TournamentsToObject( 1, 1, self.user, self.tournament) self.team_to_tournament.add() self.team_to_tournament.delete() self.assertFalse(TournamentsToObject.query.count())