def test_user_auth_can_get_list_of_category(self): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response = self.client.get( API_CATEGORY_ITEM, {}, format='json' ) json_category_list = json.loads(response.content).get('category_list') self.assertEqual(200, response.status_code) json_category_title_list = UtilCategory.get_list_category_title( json_category_list) self.assertIn(self.category3.category_title, json_category_title_list) self.assertIn(self.category4.category_title, json_category_title_list) self.assertNotIn(self.not_saved_category.category_title, json_category_title_list)
def test_user_auth_cant_post_transaction_if_dompet_and_category_not_found( self): token = UtilCategory.get_jwt_token(self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = {"amount": 123.321} response_transaction = self.basic_client.post(API_TRANSACTION_ITEM, data) self.assertEqual(404, response_transaction.status_code)
def test_user_auth_cannot_post_one_item_of_category_with__null_data(self): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "category_type": "INCOME" } response_category = self.basic_client.post(API_CATEGORY_ITEM, data) self.assertEqual(400, response_category.status_code)
def test_user_and_other_user_has_different_data(self): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response_user = self.client.get( API_CATEGORY_ITEM, {}, format='json' ) self.assertEqual(200, response_user.status_code) token = UtilCategory.get_jwt_token( self.client, OTHER_EMAIL_TEST, PASSWORD_TEST) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response_other_user = self.client.get( API_CATEGORY_ITEM, {}, format='json' ) self.assertEqual(200, response_other_user.status_code) self.assertNotEqual(response_user.data, response_other_user.data)
def test_user_auth_cannot_delete_other_user_category(self): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response_category8 = self.client.generic( method="DELETE", path=API_CATEGORY_ITEM+str(self.category8.category_id) + "/", content_type='application/json' ) self.assertEqual(404, response_category8.status_code)
def test_user_auth_cannot_delete_one_transaction_if_id_wrong_or_null(self): token = UtilCategory.get_jwt_token(self.client, EMAIL_TEST, PASSWORD_TEST) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response_transaction = self.client.generic( method="DELETE", path=API_TRANSACTION_ITEM + str(self.transaction1.category.category_id) + "/", content_type='application/json') self.assertEqual(404, response_transaction.status_code)
def test_user_auth_cant_post_transaction_if_dompet_and_category_not_found( self): transaction1_id = str(self.transaction1.transaction_id) token = UtilCategory.get_jwt_token(self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = {"amount": 123.321} response_transaction = self.basic_client.put( API_TRANSACTION_ITEM + transaction1_id + "/", data, content_type="application/json") self.assertEqual(200, response_transaction.status_code)
def test_user_auth_can_get_one_item_of_category(self): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response_category6 = self.client.generic( method="GET", path=API_CATEGORY_ITEM+str(self.category6.category_id) + "/", content_type='application/json' ) self.assertEqual(200, response_category6.status_code) json_category_item = json.loads( response_category6.content).get("category_title") self.assertEqual(json_category_item, self.category6.category_title)
def test_user_auth_can_post_one_item_of_category(self): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "category_title": "tester", "category_type": "INCOME" } response_category = self.basic_client.post(API_CATEGORY_ITEM, data) self.assertEqual(200, response_category.status_code) json_category_item = json.loads( response_category.content).get("message") self.assertEqual(json_category_item, "success add category")
def test_user_auth_cannot_post_one_category_if_title_exist_for_that_user( self ): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "category_title": self.category3.category_title, "category_type": "INCOME" } response_category = self.basic_client.post(API_CATEGORY_ITEM, data) self.assertEqual(400, response_category.status_code) json_category_item = json.loads( response_category.content).get("detail") self.assertIn("UNIQUE constraint", json_category_item)
def test_user_auth_cannot_post_one_category_if_type_not_income_or_expense( self ): token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "category_title": "error type", "category_type": "ADD" } response_category = self.basic_client.post(API_CATEGORY_ITEM, data) self.assertEqual(400, response_category.status_code) json_category_item = json.loads( response_category.content).get("category_type") self.assertIn("not a valid choice", json_category_item[0])
def test_user_auth_can_get_list_of_transaction_by_dompet(self): token = UtilCategory.get_jwt_token(self.client, EMAIL_TEST, PASSWORD_TEST) id_dompet1 = str(self.dompet1_object.account_id) id_dompet2 = str(self.dompet2_object.account_id) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response = self.client.get(API_TRANSACTION_ITEM + "?account_id=" + id_dompet1, {}, format='json') json_transaction_list = json.loads( response.content).get('transaction_list') self.assertEqual(200, response.status_code) self.assertEqual(2, len(json_transaction_list)) self.assertIn(id_dompet1, json_transaction_list[0].get("dompet")) self.assertNotIn(id_dompet2, json_transaction_list[1].get("dompet"))
def setUp(self): self.user_1 = User.objects.create_superuser(email=EMAIL_TEST_1, password=PASSWORD_TEST) self.user_2 = User.objects.create_superuser(email=EMAIL_TEST_2, password=PASSWORD_TEST) self.api_client = APIClient() self.unauthenticated_client = Client() jwt_token = UtilDompet.get_jwt_token(self.api_client, EMAIL_TEST_1, PASSWORD_TEST) self.api_client.credentials(HTTP_AUTHORIZATION='Bearer ' + jwt_token) self.new_dompet_post = self.api_client.post(ALL_DOMPET, { "account_title": "test 0", "user": str(self.user_1.id) }) self.newly_created_dompet = json.loads( self.new_dompet_post.content.decode('utf-8'))
def test_user_auth_cant_put_one_category_if_title_exist_for_user(self): category6_id = str(self.category6.category_id) category7_title = self.category7.category_title token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "category_title": category7_title, "category_type": "INCOME" } response_category = self.basic_client.put( API_CATEGORY_ITEM + category6_id + "/", data, content_type="application/json" ) self.assertEqual(400, response_category.status_code) json_category_item = json.loads( response_category.content).get("detail") self.assertIn("UNIQUE constraint", json_category_item)
def test_user_auth_can_put_one_item_of_transaction(self): transaction1_id = str(self.transaction1.transaction_id) token = UtilCategory.get_jwt_token(self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "dompet": self.dompet1_object.account_id, "category": self.category1_object.category_id, "amount": 123.321 } response_transaction = self.basic_client.put( API_TRANSACTION_ITEM + transaction1_id + "/", data, content_type="application/json") self.assertEqual(200, response_transaction.status_code) transaction = Transaction.objects.get(amount=123.321) self.assertEqual(str(transaction.category.category_id), str(self.category1_object.category_id))
def setUp(self): self.user1 = User.objects.create_superuser(email=EMAIL_TEST_1, password=PASSWORD_TEST) self.user2 = User.objects.create_superuser(email=EMAIL_TEST_2, password=PASSWORD_TEST) self.api_client = APIClient() self.unauthenticated_client = Client() jwt_token = UtilTarget.get_jwt_token(self.api_client, EMAIL_TEST_1, PASSWORD_TEST) self.api_client.credentials(HTTP_AUTHORIZATION='Bearer ' + jwt_token) self.new_target_post = self.api_client.post( ALL_TARGET, { "target_title": MOCK_TARGET_TITLE_3, "target_amount": MOCK_TARGET_AMOUNT_1, "due_date": MOCK_TARGET_DATE_1, "user": str(self.user1.id), "annual_invest_rate": MOCK_RATE_1, "monthly_deposit_amount": MOCK_MONTHLY_DEPOSIT, }) self.newly_created_target = json.loads( self.new_target_post.content.decode('utf-8'))
def test_user_auth_can_post_one_item_of_transaction(self): token = UtilCategory.get_jwt_token(self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "dompet": self.dompet1_object.account_id, "category": self.category1_object.category_id, "amount": 123.321 } response_transaction = self.basic_client.post(API_TRANSACTION_ITEM, data) self.assertEqual(200, response_transaction.status_code) json_transacrion_item = json.loads( response_transaction.content).get("message") self.assertEqual(json_transacrion_item, "success add category") transaction = Transaction.objects.get(amount=123.321) self.assertEqual(str(transaction.category.category_id), str(self.category1_object.category_id)) self.assertNotEqual(str(transaction.category.category_id), str(self.category2_object.category_id))
def test_user_auth_can_put_one_item_of_category(self): category6_id = str(self.category6.category_id) token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "category_title": "test_put", "category_type": "INCOME" } response_category = self.basic_client.put( API_CATEGORY_ITEM + category6_id + "/", data, content_type="application/json" ) self.assertEqual(200, response_category.status_code) json_category_item = json.loads( response_category.content).get("message") self.assertEqual(json_category_item, "success add category") get_latest_category6 = Category.objects.get(category_id=category6_id) self.assertEqual(get_latest_category6.category_title, "test_put")
def test_user_auth_cant_put_one_category_if_type_not_income_or_expense( self ): category6_id = str(self.category6.category_id) token = UtilCategory.get_jwt_token( self.client, EMAIL_TEST, PASSWORD_TEST) self.basic_client.defaults["HTTP_AUTHORIZATION"] = 'Bearer ' + token data = { "category_title": "error type", "category_type": "ADD" } response_category = self.basic_client.put( API_CATEGORY_ITEM + category6_id + "/", data, content_type="application/json" ) self.assertEqual(400, response_category.status_code) json_category_item = json.loads( response_category.content).get("category_type") self.assertIn("not a valid choice", json_category_item[0]) get_latest_category6 = Category.objects.get(category_id=category6_id) self.assertNotEqual(get_latest_category6.category_title, "error type")
def test_user_should_not_able_to_access_other_user_dompet(self): api_client_user_2 = APIClient() jwt_token_2 = UtilDompet.get_jwt_token(api_client_user_2, EMAIL_TEST_2, PASSWORD_TEST) api_client_user_2.credentials(HTTP_AUTHORIZATION='Bearer ' + jwt_token_2) post_data = {"account_title": "test 1", "user": str(self.user_2.id)} user_2_new_dompet_response = api_client_user_2.post( ALL_DOMPET, post_data) user_2_new_dompet_json = json.loads( user_2_new_dompet_response.content.decode('utf-8')) # user 1 access user 2 response = self.api_client.get( f'{ALL_DOMPET}{user_2_new_dompet_json["account_id"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = self.api_client.get(f'{ALL_DOMPET}') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['count'], 1) response = self.api_client.put( f'{ALL_DOMPET}{user_2_new_dompet_json["account_id"]}/', data={ "account_title": "changed", "user": str(self.user_2.id) }) json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = self.api_client.delete( f'{ALL_DOMPET}{user_2_new_dompet_json["account_id"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) # # user 2 access user 1 response = api_client_user_2.get( f'{ALL_DOMPET}{self.newly_created_dompet["account_title"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = api_client_user_2.get(f'{ALL_DOMPET}') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['count'], 1) response = api_client_user_2.put( f'{ALL_DOMPET}{self.newly_created_dompet["account_id"]}/', data={ "account_title": "changed", "user": str(self.user_2.id) }) json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = api_client_user_2.delete( f'{ALL_DOMPET}{self.newly_created_dompet["account_id"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) self.assertEqual(len(Dompet.objects.all()), 2)
def test_user_should_not_able_to_access_other_user_target(self): api_client_user_2 = APIClient() jwt_token_2 = UtilTarget.get_jwt_token(api_client_user_2, EMAIL_TEST_2, PASSWORD_TEST) api_client_user_2.credentials(HTTP_AUTHORIZATION='Bearer ' + jwt_token_2) post_data = { "target_title": "test 1", "user": str(self.user2.id), "target_amount": 200, "due_date": MOCK_TARGET_DATE_1, "annual_invest_rate": MOCK_RATE_1, "monthly_deposit_amount": MOCK_TARGET_AMOUNT_1, } user_2_new_target_response = api_client_user_2.post( ALL_TARGET, post_data) user_2_new_target_json = json.loads( user_2_new_target_response.content.decode('utf-8')) # user 1 access user 2 response = self.api_client.get( f'{ALL_TARGET}{user_2_new_target_json["target_id"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = self.api_client.get(f'{ALL_TARGET}') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['count'], 1) response = self.api_client.put( f'{ALL_TARGET}{user_2_new_target_json["target_id"]}/', data={ "target_title": "changed", "user": str(self.user2.id) }) json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = self.api_client.delete( f'{ALL_TARGET}{user_2_new_target_json["target_id"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) # # user 2 access user 1 response = api_client_user_2.get( f'{ALL_TARGET}{self.newly_created_target["target_title"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = api_client_user_2.get(f'{ALL_TARGET}') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['count'], 1) response = api_client_user_2.put( f'{ALL_TARGET}{self.newly_created_target["target_id"]}/', data={ "target_title": "changed", "user": str(self.user2.id) }) json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) response = api_client_user_2.delete( f'{ALL_TARGET}{self.newly_created_target["target_id"]}/') json_response = json.loads(response.content.decode('utf-8')) self.assertEqual(json_response['detail'], NOT_FOUND_MESSAGE) self.assertEqual(len(Target.objects.all()), 2)