def login_with_permission(self, permission_codename): self.client.logout() ct = ContentType(app_label='dms', model=str(uuid.uuid4()), name=str(uuid.uuid4())).save() permission = Permission(name=permission_codename, codename=permission_codename, content_type=ct.id).save() group = Group(name=str(uuid.uuid4()), permissions=[permission]).save() user = User(username='******', group=group) user.set_password('pw') self.client.login(username='******', password='******')
def _post_with_basic_auth(api_endpoint, data_dict): api_url = settings.HOSTNAME + api_endpoint data = json.dumps(data_dict) payload = {'username': '******', 'password': settings.API_USER_PASS} api_user = User.objects.order_by('-id').first() if api_user is None: api_user = User(**dict(username=payload['username'], is_active=True)).save() api_user.set_password(payload['password']) basic_auth_key = _basic_auth_header(payload['username'], payload['password']) else: basic_auth_key = _basic_auth_header(api_user.username, settings.API_USER_PASS) return requests.post(api_url, data, \ headers={'Authorization': basic_auth_key, 'content-type': 'application/json'})
def test_allow_user_to_see_their_own(self): self.client.logout() attr = self.user_profile_attr.copy() attr['phone'] = '+2555837295789' user = User(username='******', email='*****@*****.**') user.group = None user.set_password('weak_password') attr['user'] = user profile = UserProfile(**attr) profile.photo.put(open(settings.PROJECT_ROOT + '/../dms/tests/test.jpg', 'rb'), content_type='image/content_type') profile.save() self.client.login(username='******', password='******') response = self.client.get(self.PROFILE_IMAGE_ENDPOINT + str(profile.id) + '/') self.assertEquals(response.status_code, 200)
def test_not_raising_403_if_user_only_wants_access_to_their_profile(self): self.client.logout() attr = self.mobile_user.copy() attr['email'] = '*****@*****.**' attr['phone'] = '+256775029500' user = User(username='******', email='*****@*****.**') user.group = None user.set_password('hahahah') attr['user'] = user profile = UserProfile(**attr).save() self.client.login(username='******', password='******') response = self.client.get(self.API_ENDPOINT + str(profile.id) + '/') self.assertEquals(response.status_code, 200) response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/') self.assertEquals(response.status_code, 200)
def _post_with_basic_auth(api_endpoint, data_dict): api_url = settings.HOSTNAME + api_endpoint data = json.dumps(data_dict) payload = {'username': '******', 'password': settings.API_USER_PASS} api_user = User.objects.order_by('-id').first() if api_user is None: api_user = User( **dict(username=payload['username'], is_active=True)).save() api_user.set_password(payload['password']) basic_auth_key = _basic_auth_header(payload['username'], payload['password']) else: basic_auth_key = _basic_auth_header(api_user.username, settings.API_USER_PASS) return requests.post(api_url, data, \ headers={'Authorization': basic_auth_key, 'content-type': 'application/json'})
def _post_with_token_auth(api_endpoint, data_dict): api_url = settings.HOSTNAME + api_endpoint payload = {'username': '******', 'password': settings.API_USER_PASS} api_user = User.objects.order_by('-id').first() if api_user is None: api_user = User(**dict(username=payload['username'], is_active=True)).save() api_user.set_password(payload['password']) token, created = Token.objects.get_or_create(user=api_user) else: try: token = Token.objects.get(user=api_user) except DoesNotExist: token, created = Token.objects.get_or_create(user=api_user) return requests.post(api_url, json.dumps(data_dict), \ headers={'Authorization': 'Token %s' % token.key, 'content-type': 'application/json'})
def _post_with_token_auth(api_endpoint, data_dict): api_url = settings.HOSTNAME + api_endpoint payload = {'username': '******', 'password': settings.API_USER_PASS} api_user = User.objects.order_by('-id').first() if api_user is None: api_user = User( **dict(username=payload['username'], is_active=True)).save() api_user.set_password(payload['password']) token, created = Token.objects.get_or_create(user=api_user) else: try: token = Token.objects.get(user=api_user) except DoesNotExist: token, created = Token.objects.get_or_create(user=api_user) return requests.post(api_url, json.dumps(data_dict), \ headers={'Authorization': 'Token %s' % token.key, 'content-type': 'application/json'})
class PasswordChangeSerializerTest(MongoTestCase): def setUp(self): self.user = User(username='******') self.user.set_password('hehe') self.password_data = dict(old_password='******', new_password='******', confirm_password='******') def test_serialize_should_show_nothing(self): serializer = UserPasswordChangeSerializer(self.user, data=self.password_data) self.assertEqual({}, serializer.data) def test_should_deserialize_user_object(self): serializer = UserPasswordChangeSerializer(self.user, data=self.password_data) self.assertTrue(serializer.is_valid()) saved_user = serializer.save() self.assertTrue(isinstance(saved_user, User)) self.assertTrue( saved_user.check_password(self.password_data['new_password'])) def test_serializer_should_be_invalid_if_current_password_does_not_match( self): data = self.password_data.copy() data['old_password'] = '******' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['Current password incorrect.'], serializer.errors['old_password']) def test_serializer_should_be_invalid_if_new_password_and_confirm_password_do_not_match( self): data = self.password_data.copy() data['confirm_password'] = '******' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(["The two password fields didn't match."], serializer.errors['confirm_password']) def test_new_password_is_required(self): data = self.password_data.copy() data['new_password'] = '' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['new_password']) del data['new_password'] serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['new_password']) def test_confirm_password_is_required(self): data = self.password_data.copy() data['confirm_password'] = '' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['confirm_password']) del data['confirm_password'] serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['confirm_password'])
class PasswordChangeSerializerTest(MongoTestCase): def setUp(self): self.user = User(username='******') self.user.set_password('hehe') self.password_data = dict(old_password='******', new_password='******', confirm_password='******') def test_serialize_should_show_nothing(self): serializer = UserPasswordChangeSerializer(self.user, data=self.password_data) self.assertEqual({}, serializer.data) def test_should_deserialize_user_object(self): serializer = UserPasswordChangeSerializer(self.user, data=self.password_data) self.assertTrue(serializer.is_valid()) saved_user = serializer.save() self.assertTrue(isinstance(saved_user, User)) self.assertTrue(saved_user.check_password(self.password_data['new_password'])) def test_serializer_should_be_invalid_if_current_password_does_not_match(self): data = self.password_data.copy() data['old_password'] = '******' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['Current password incorrect.'], serializer.errors['old_password']) def test_serializer_should_be_invalid_if_new_password_and_confirm_password_do_not_match(self): data = self.password_data.copy() data['confirm_password'] = '******' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(["The two password fields didn't match."], serializer.errors['confirm_password']) def test_new_password_is_required(self): data = self.password_data.copy() data['new_password'] = '' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['new_password']) del data['new_password'] serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['new_password']) def test_confirm_password_is_required(self): data = self.password_data.copy() data['confirm_password'] = '' serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['confirm_password']) del data['confirm_password'] serializer = UserPasswordChangeSerializer(self.user, data=data) self.assertFalse(serializer.is_valid()) self.assertEqual(['This field is required.'], serializer.errors['confirm_password'])