def test_owner_can_change_reward(self, client):
rewards_url = reverse('rewards-list')
user_params_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
rewards_create_params = {'name': 'test', 'url': 'http://www.test.com'}
new_name = 'test_new'
UserFactory.create(**user_params_owner)
token_dict_owner = get_login_params_dict(client, user_params_owner)
client.post(rewards_url, simplejson.dumps(rewards_create_params),
**token_dict_owner)
created_reward = Reward.objects.get(name='test')
rewards_detail = reverse('rewards-detail', args=[created_reward.id])
token_dict_owner = get_login_params_dict(client, user_params_owner)
resp = simplejson.loads(
client.put(rewards_detail, simplejson.dumps({'name': new_name}),
**token_dict_owner).content)
assert resp.get('name') == new_name
def test_owner_can_change_book(self, client):
books_url = reverse('books-list')
user_params_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
books_create_params = simplejson.dumps({
'title': 'Lord of the rings'
})
new_title = 'Hobbit'
UserFactory.create(**user_params_owner)
token_dict_owner = get_login_params_dict(client, user_params_owner)
client.post(books_url, books_create_params, **token_dict_owner)
created_book = Book.objects.get(title='Lord of the rings')
books_detail = reverse('books-detail', args=[created_book.id])
token_dict_owner = get_login_params_dict(client, user_params_owner)
resp = simplejson.loads(
client.put(
books_detail, simplejson.dumps({'title': new_title}), **token_dict_owner
).content
)
assert resp.get('title') == new_title
def test_not_owner_can_not_change_target(self, client):
targets_url = reverse('targets-list')
user_params_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
user_params_not_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
book = BookFactory.create()
end_date = datetime.datetime.now() + datetime.timedelta(days=21)
targets_create_params = {
'title': 'Test title',
'description': 'test',
'book': book.id,
'start_date': datetime.datetime.now().strftime('%Y-%m-%d'),
'end_date': end_date.strftime('%Y-%m-%d'),
}
UserFactory.create(**user_params_owner)
UserFactory.create(**user_params_not_owner)
token_dict_owner = get_login_params_dict(client, user_params_owner)
client.post(targets_url, simplejson.dumps(targets_create_params),
**token_dict_owner)
created_target = Target.objects.get(title='Test title')
targets_detail = reverse('targets-detail', args=[created_target.id])
user_params_not_owner.pop('email')
token_dict_not_owner = get_login_params_dict(client,
user_params_not_owner)
resp = simplejson.loads(
client.put(targets_detail, simplejson.dumps({'name': 'new'}),
**token_dict_not_owner).content)
expected_resp = {
'detail': 'You do not have permission to perform this action.'
}
assert resp == expected_resp
def test_authenticated_users_can_add_reward(self, client):
rewards_url = reverse('rewards-list')
params = simplejson.dumps({
'name': 'laptop',
'url': 'https://www.test.com/laptop/'
})
login_params = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
UserFactory.create(**login_params)
token_dict = get_login_params_dict(client, login_params)
resp = simplejson.loads(
client.post(rewards_url, params, **token_dict).content)
expected_resp = {
'id': 1,
'name': 'laptop',
'url': 'https://www.test.com/laptop/'
}
assert expected_resp == resp
def test_authenticated_users_can_add_target(self, client):
targets_url = reverse('targets-list')
book = BookFactory.create()
end_date = datetime.datetime.now() + datetime.timedelta(days=21)
params = simplejson.dumps({
'title':
'Test title',
'description':
'test',
'book':
book.id,
'start_date':
datetime.datetime.now().strftime('%Y-%m-%d'),
'end_date':
end_date.strftime('%Y-%m-%d'),
})
login_params = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
UserFactory.create(**login_params)
token_dict = get_login_params_dict(client, login_params)
resp = simplejson.loads(
client.post(targets_url, params, **token_dict).content)
expected_resp_title = 'Test title'
assert expected_resp_title == resp.get('title')
def test_not_owner_can_not_change_user_profile(self, client):
params = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
params_1 = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
UserFactory.create(**params)
UserFactory.create(**params_1)
user = UserModel.objects.get(username='******')
user_detail = reverse('users-detail', args=[user.id])
params_1.pop('email')
token_dict = get_login_params_dict(client, params_1)
resp = simplejson.loads(
client.put(user_detail, simplejson.dumps({'email': '*****@*****.**'}),
**token_dict).content)
expected_resp = {
'detail': 'You do not have permission to perform this action.'
}
assert resp == expected_resp
def test_not_owner_can_not_change_book(self, client):
books_url = reverse('books-list')
user_params_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
user_params_not_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
books_create_params = simplejson.dumps({
'title': 'Lord of the rings'
})
UserFactory.create(**user_params_owner)
UserFactory.create(**user_params_not_owner)
token_dict_owner = get_login_params_dict(client, user_params_owner)
client.post(books_url, books_create_params, **token_dict_owner)
created_book = Book.objects.get(title='Lord of the rings')
books_detail = reverse('books-detail', args=[created_book.id])
user_params_not_owner.pop('email')
token_dict_not_owner = get_login_params_dict(client, user_params_not_owner)
resp = simplejson.loads(
client.put(
books_detail, simplejson.dumps({'title': 'Hobbit'}), **token_dict_not_owner
).content
)
expected_resp = {'detail': 'You do not have permission to perform this action.'}
assert resp == expected_resp
def test_not_owner_can_not_change_reward(self, client):
rewards_url = reverse('rewards-list')
user_params_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
user_params_not_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
rewards_create_params = {'name': 'test'}
UserFactory.create(**user_params_owner)
UserFactory.create(**user_params_not_owner)
token_dict_owner = get_login_params_dict(client, user_params_owner)
client.post(rewards_url, simplejson.dumps(rewards_create_params),
**token_dict_owner)
created_reward = Reward.objects.get(name='test')
rewards_detail = reverse('rewards-detail', args=[created_reward.id])
user_params_not_owner.pop('email')
token_dict_not_owner = get_login_params_dict(client,
user_params_not_owner)
resp = simplejson.loads(
client.put(rewards_detail, simplejson.dumps({'name': 'new'}),
**token_dict_not_owner).content)
expected_resp = {
'detail': 'You do not have permission to perform this action.'
}
assert resp == expected_resp
def test_owner_can_change_target(self, client):
targets_url = reverse('targets-list')
user_params_owner = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
book = BookFactory.create()
end_date = datetime.datetime.now() + datetime.timedelta(days=21)
targets_create_params = {
'title': 'Test title',
'description': 'test',
'book': book.id,
'start_date': datetime.datetime.now().strftime('%Y-%m-%d'),
'end_date': end_date.strftime('%Y-%m-%d'),
}
new_title = 'test_new'
UserFactory.create(**user_params_owner)
token_dict_owner = get_login_params_dict(client, user_params_owner)
client.post(targets_url, simplejson.dumps(targets_create_params),
**token_dict_owner)
created_target = Target.objects.get(title='Test title')
targets_detail = reverse('targets-detail', args=[created_target.id])
token_dict_owner = get_login_params_dict(client, user_params_owner)
resp = simplejson.loads(
client.patch(targets_detail, simplejson.dumps({'title':
new_title}),
**token_dict_owner).content)
assert resp.get('title') == new_title
def test_owner_can_change_user_profile(self, client):
params = {
'username': '******',
'email': '*****@*****.**',
'password': '******',
'city': 'Kyiv',
}
new_city = 'Lviv'
UserFactory.create(**params)
user = UserModel.objects.get(username='******')
user_detail = reverse('users-detail', args=[user.id])
token_dict = get_login_params_dict(client, params)
resp = simplejson.loads(
client.put(user_detail, simplejson.dumps({'city': new_city}),
**token_dict).content)
assert resp.get('city') == new_city
def test_authenticated_users_can_add_book(self, client):
books_url = reverse('books-list')
params = simplejson.dumps({
'title': 'Lord of the rings'
})
login_params = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
UserFactory.create(**login_params)
token_dict = get_login_params_dict(client, login_params)
resp = simplejson.loads(
client.post(books_url, params, **token_dict).content
)
expected_resp_title = 'Lord of the rings'
assert expected_resp_title == resp.get('title')
def test_email_should_not_be_changed_after_put_request(self, client):
params = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
UserFactory.create(**params)
user = UserModel.objects.get(username='******')
user_detail = reverse('users-detail', args=[user.id])
users_email_before = user.email
params.pop('email')
token_dict = get_login_params_dict(client, params)
client.put(user_detail, simplejson.dumps({'email': '*****@*****.**'}),
**token_dict)
user = UserModel.objects.get(username='******')
users_email_after = user.email
assert users_email_before == users_email_after