def test_delete(self): """Can delete badge""" user = self._get_user() badge = Badge(creator=user, title="Test III", description="Another test") badge.save() slug = badge.slug badge.award_to(user) self.client.login(username="******", password="******") r = self.client.get(reverse('badger.views.detail', args=(badge.slug,)), follow=True) doc = pq(r.content) eq_('badge_detail', doc.find('body').attr('id')) delete_url = doc.find('a.delete_badge').attr('href') ok_(delete_url is not None) r = self.client.get(delete_url) doc = pq(r.content) eq_('badge_delete', doc.find('body').attr('id')) eq_("1", doc.find('.awards_count').text()) r = self.client.post(delete_url, {}, follow=True) doc = pq(r.content) try: badge = Badge.objects.get(slug=slug) ok_(False) except Badge.DoesNotExist: ok_(True)
def test_delete_award(self): """Can delete award""" user = self._get_user() badge = Badge(creator=user, title="Test III", description="Another test") badge.save() award = badge.award_to(user) self.client.login(username="******", password="******") r = self.client.get(reverse('badger.views.award_detail', args=(badge.slug, award.id)), follow=True) doc = pq(r.content) eq_('award_detail', doc.find('body').attr('id')) delete_url = doc.find('a.delete_award').attr('href') ok_(delete_url is not None) r = self.client.post(delete_url, {}, follow=True) try: award = Award.objects.get(pk=award.pk) ok_(False) except Award.DoesNotExist: ok_(True)
class BadgerApiViewsTests(BadgerTestCase): def setUp(self): self.client = Client() self.testuser = self._get_user() self.badge = Badge(creator=self.testuser, title="Test II", description="Another test", unique=True) self.badge.save() self.awards_url = reverse('badger.views.awards_list', args=(self.badge.slug,)) key = Key() key.user = self.testuser self.password = key.generate_secret() self.username = key.key key.save() self.key = key auth_ct = '%s:%s' % (self.username, self.password) self.basic_auth = 'Basic %s' % b64encode(auth_ct) self.headers = {'HTTP_AUTHORIZATION': self.basic_auth} Award.objects.all().delete() def tearDown(self): self.key.delete() Award.objects.all().delete() Badge.objects.all().delete() def test_forbidden_without_key(self): """POST should require a valid key, or else yield a 403 response""" resp = self.client.get(self.awards_url) ok_(200, resp.status_code) resp = self.client.post(self.awards_url) ok_(403, resp.status_code) resp = self.client.post(self.awards_url, {'HTTP_AUTHORIZATION': 'Basic THISISINVALID'}) ok_(403, resp.status_code) resp = self.client.post(self.awards_url, self.headers) ok_(200, resp.status_code) resp = self.client.get(self.awards_url, self.headers) ok_(200, resp.status_code) def test_bad_data(self): """Bad JSON request should result in a 400 response""" resp = self.client.post(self.awards_url, "THISISBADDATA", content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) ok_(400, resp.status_code) def test_badge_award(self): """Can award badges from API""" invite_email = '*****@*****.**' invalid_email = 'THISISINVALID' description = "Is a hoopy frood." award_user = self._get_user(username="******", email="*****@*****.**") # Construct the request data... data = dict( description = description, emails = [ award_user.email, invite_email, invalid_email, ], ) # POST to the awards URL resp = self.client.post(self.awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) ok_(self.badge.is_awarded_to(award_user)) award = Award.objects.get(user=award_user, badge=self.badge) eq_(description, award.description) eq_('application/json', resp['Content-Type']) data = json.loads(resp.content) ok_('successes' in data) ok_(award_user.email in data['successes']) eq_('AWARDED', data['successes'][award_user.email]) ok_(invite_email in data['successes']) eq_('INVITED', data['successes'][invite_email]) ok_('errors' in data) ok_(invalid_email in data['errors']) eq_('INVALID', data['errors'][invalid_email]) def test_no_description(self): """Awards can be issued with no description""" award_user = self._get_user(username="******", email="*****@*****.**") data = {"emails": [award_user.email]} resp = self.client.post(self.awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) eq_('application/json', resp['Content-Type']) data = json.loads(resp.content) ok_(award_user.email in data['successes']) ok_(award_user.email not in data['errors']) ok_(self.badge.is_awarded_to(award_user)) def test_already_awarded(self): """Can award badges from API""" description = "Is a hoopy frood." invite_email = '*****@*****.**' award_user = self._get_user(username="******", email="*****@*****.**") award = self.badge.award_to(email=award_user.email) deferred_award = self.badge.award_to(email=invite_email) # Construct the request data... data = dict( description = description, emails = [ invite_email, award_user.email, ], ) # POST to the awards URL resp = self.client.post(self.awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) eq_('application/json', resp['Content-Type']) data = json.loads(resp.content) print "DATA %s" % data ok_('errors' in data) ok_(award_user.email in data['errors']) eq_('ALREADYAWARDED', data['errors'][award_user.email]) ok_(invite_email in data['errors']) eq_('ALREADYAWARDED', data['errors'][invite_email]) def test_disallowed_badge_award(self): """User should not be able to POST an award to a badge for which the user hasn't got permission to do so""" user = self._get_user(username="******", email="*****@*****.**") badge = Badge(creator=user, title="Hey you badge", description="Another test", unique=True) badge.save() awards_url = reverse('badger.views.awards_list', args=(self.badge.slug,)) data = dict(emails=['*****@*****.**',]) resp = self.client.post(awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) ok_(403, resp.status_code)
class BadgerApiViewsTests(BadgerTestCase): def setUp(self): self.client = Client() self.testuser = self._get_user() self.badge = Badge(creator=self.testuser, title="Test II", description="Another test", unique=True) self.badge.save() self.awards_url = reverse('badger.views.awards_list', args=(self.badge.slug, )) key = Key() key.user = self.testuser self.password = key.generate_secret() self.username = key.key key.save() self.key = key auth_ct = '%s:%s' % (self.username, self.password) self.basic_auth = 'Basic %s' % b64encode(auth_ct) self.headers = {'HTTP_AUTHORIZATION': self.basic_auth} Award.objects.all().delete() def tearDown(self): self.key.delete() Award.objects.all().delete() Badge.objects.all().delete() def test_forbidden_without_key(self): """POST should require a valid key, or else yield a 403 response""" resp = self.client.get(self.awards_url) ok_(200, resp.status_code) resp = self.client.post(self.awards_url) ok_(403, resp.status_code) resp = self.client.post(self.awards_url, {'HTTP_AUTHORIZATION': 'Basic THISISINVALID'}) ok_(403, resp.status_code) resp = self.client.post(self.awards_url, self.headers) ok_(200, resp.status_code) resp = self.client.get(self.awards_url, self.headers) ok_(200, resp.status_code) def test_bad_data(self): """Bad JSON request should result in a 400 response""" resp = self.client.post(self.awards_url, "THISISBADDATA", content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) ok_(400, resp.status_code) def test_badge_award(self): """Can award badges from API""" invite_email = '*****@*****.**' invalid_email = 'THISISINVALID' description = "Is a hoopy frood." award_user = self._get_user(username="******", email="*****@*****.**") # Construct the request data... data = dict( description=description, emails=[ award_user.email, invite_email, invalid_email, ], ) # POST to the awards URL resp = self.client.post(self.awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) ok_(self.badge.is_awarded_to(award_user)) award = Award.objects.get(user=award_user, badge=self.badge) eq_(description, award.description) eq_('application/json', resp['Content-Type']) data = json.loads(resp.content) ok_('successes' in data) ok_(award_user.email in data['successes']) eq_('AWARDED', data['successes'][award_user.email]) ok_(invite_email in data['successes']) eq_('INVITED', data['successes'][invite_email]) ok_('errors' in data) ok_(invalid_email in data['errors']) eq_('INVALID', data['errors'][invalid_email]) def test_no_description(self): """Awards can be issued with no description""" award_user = self._get_user(username="******", email="*****@*****.**") data = {"emails": [award_user.email]} resp = self.client.post(self.awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) eq_('application/json', resp['Content-Type']) data = json.loads(resp.content) ok_(award_user.email in data['successes']) ok_(award_user.email not in data['errors']) ok_(self.badge.is_awarded_to(award_user)) def test_already_awarded(self): """Can award badges from API""" description = "Is a hoopy frood." invite_email = '*****@*****.**' award_user = self._get_user(username="******", email="*****@*****.**") award = self.badge.award_to(email=award_user.email) deferred_award = self.badge.award_to(email=invite_email) # Construct the request data... data = dict( description=description, emails=[ invite_email, award_user.email, ], ) # POST to the awards URL resp = self.client.post(self.awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) eq_('application/json', resp['Content-Type']) data = json.loads(resp.content) ok_('errors' in data) ok_(award_user.email in data['errors']) eq_('ALREADYAWARDED', data['errors'][award_user.email]) ok_(invite_email in data['errors']) eq_('ALREADYAWARDED', data['errors'][invite_email]) def test_disallowed_badge_award(self): """User should not be able to POST an award to a badge for which the user hasn't got permission to do so""" user = self._get_user(username="******", email="*****@*****.**") badge = Badge(creator=user, title="Hey you badge", description="Another test", unique=True) badge.save() awards_url = reverse('badger.views.awards_list', args=(self.badge.slug, )) data = dict(emails=[ '*****@*****.**', ]) resp = self.client.post(awards_url, json.dumps(data), content_type='application/json', HTTP_AUTHORIZATION=self.basic_auth) ok_(403, resp.status_code)