def post(self): parser = reqparse.RequestParser() # define the input parameters need and its type parser.add_argument('name', type=str, required=True, help="This field cannot be left blank") parser.add_argument('lastname', type=str, required=True, help="This field cannot be left blank") parser.add_argument('email', type=str, required=True, help="This field cannot be left blank") parser.add_argument('password', required=True, type=str, help="This field cannot be left blank") data = parser.parse_args() if AccountModel.find_by_email(data['email']): return { "message": "Account already registered for that email address" }, 409 account = AccountModel(data['email'], data['name'], data['lastname'], data['password']) account.save_to_db() return {"message": "Account saved correctly"}, 200
def test_invalid_token_validity(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) response = self.login('*****@*****.**', 'america16') acc = AccountModel.find_by_email('*****@*****.**') self.assertEqual(None, AccountModel.verify_auth_token('askldjaofhsah'))
def test_model_delete_from_db(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) acc = AccountModel.find_by_email('*****@*****.**') acc.delete_from_db() self.assertEqual(None, AccountModel.find_by_email('*****@*****.**'))
def test_expired_token_validity(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) acc = AccountModel.find_by_email('*****@*****.**') self.assertEqual( None, AccountModel.verify_auth_token( acc.generate_auth_token(expiration=-1)))
def test_valid_token_validity(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) response = self.login('*****@*****.**', 'america16') acc = AccountModel.find_by_email('*****@*****.**') self.assertEqual( acc.id, AccountModel.verify_auth_token(json.loads( response.data)['token']).id)
def put(self, idd): account = AccountModel.find_by_id(idd) if account: if g.user != account: return { "error: ": "You cannot modify an account which you are not log with" }, 401 parser = reqparse.RequestParser() # define the input parameters need and its type parser.add_argument('old_password', type=str, required=True, help="This field cannot be left blank") parser.add_argument('new_password', type=str, required=True, help="This field cannot be left blank") data = parser.parse_args() if account.verify_password(data["old_password"]): account.hash_password(data['new_password']) account.save_to_db() return {"message": "Password changed correctly"}, 200 return {'message': "Incorrect password"}, 406
def put(self, idd): data = self.__parse_request__() review = ReviewModel.find_by_id(idd) if not review: return { 'message': "There is no review with ['id': {}]".format(idd) }, 404 review.delete_from_db() user = AccountModel.find_by_id(data.get('user_id')) book = BookModel.find_by_id(data.get('book_id')) if not user or not book: if not user: return { 'message': "There is no account with ['id': {}]".format( data.get('user_id')) }, 404 if not book: return { 'message': "There is no book with ['id': {}]".format( data.get('book_id')) }, 404 new_review = ReviewModel(data.get('title'), data.get('user_id'), data.get('book_id'), data.get('date'), data.get('valuation'), data.get('comment')) new_review.save_to_db() user.reviews.append(new_review) book.reviews.append(new_review) return new_review.json(), 200
def test_put_order(self): acc = AccountModel.find_by_email("*****@*****.**") acc.type = 2 acc.save_to_db() resp_account_admin = self.login('*****@*****.**', 'sm22') self.add_order(self.order_info) info_put = {"state": 1} response = self.app.put( 'api/order/1', data=info_put, headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(resp_account_admin.data)['token'], 'ascii')).decode('ascii') }, follow_redirects=True) resp = self.app.put( 'api/order/1000', data=info_put, headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(resp_account_admin.data)['token'], 'ascii')).decode('ascii') }, follow_redirects=True) self.assertEqual(response.status_code, 200) self.assertEqual(resp.status_code, 400)
def test_delete_address_order(self): acc = AccountModel.find_by_email("*****@*****.**") acc.type = 2 acc.save_to_db() resp_account_admin = self.login('*****@*****.**', 'sm22') self.create_account(self.account_info) self.add_card(self.card_info) self.add_order(self.order_info) self.add_address_order(self.address_order_info) response = self.app.delete( 'api/address-order/1/1', headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(resp_account_admin.data)['token'], 'ascii')).decode('ascii') }, follow_redirects=True) resp = self.app.delete( 'api/address-order/1000/1', headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(resp_account_admin.data)['token'], 'ascii')).decode('ascii') }, follow_redirects=True) self.assertEqual(response.status_code, 201) self.assertEqual(resp.status_code, 409)
def test_verify_account(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) acc = AccountModel.find_by_email('*****@*****.**') self.assertEqual(acc.id, verify_account(acc.id, acc.generate_auth_token()).id)
def test_get_article(self): self.register(self.account_admin_info) acc = AccountModel.find_by_email("*****@*****.**") acc.type = 2 acc.save_to_db() resp_account_admin = self.login('*****@*****.**', 'sm22') self.add_article(self.article_info) response = self.app.get( 'api/article/1', headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(resp_account_admin.data)['token'], 'ascii')).decode('ascii') }, follow_redirects=True) resp = self.app.get( 'api/article/1000', headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(resp_account_admin.data)['token'], 'ascii')).decode('ascii') }, follow_redirects=True) self.assertEqual(response.status_code, 200) self.assertEqual(resp.status_code, 404)
def post(self): parser = reqparse.RequestParser( ) # create parameters parser from request # define the input parameters need and its type parser.add_argument('email', type=str, required=True, help="This field cannot be left blanck") parser.add_argument('password', required=True, type=str, help="This field cannot be left blanck") data = parser.parse_args() account = AccountModel.find_by_email(data["email"]) if account: if account.verify_password(data["password"]): token = account.generate_auth_token() log = LogModel(account.id).save_to_db() return { 'token': token.decode('ascii'), 'type': account.type, 'id': account.id }, 200 return {'message': "Password is invalid"}, 400 return { 'message': "Account with email [{}] Not found".format(data["email"]) }, 404
def test_create_article_order(self): acc = AccountModel.find_by_email("*****@*****.**") acc.type = 2 acc.save_to_db() resp_account_admin = self.login('*****@*****.**', 'sm22') response = self.add_article_order(self.article_order_info) resp = self.add_article_order(self.article_order_2_info) resp_order = self.app.post( 'api/article-order/1000', data=self.article_order_info, headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(resp_account_admin.data)['token'], 'ascii')).decode('ascii') }, follow_redirects=True) resp_book = self.add_article_order(self.article_order_3_info) self.assertEqual(response.status_code, 200) self.assertEqual(resp.status_code, 404) self.assertEqual(resp_order.status_code, 404) self.assertEqual(resp_book.status_code, 404)
def post(self, ): parser = reqparse.RequestParser() # define the input parameters need and its type parser.add_argument('account_id', type=int, required=True, help="This field cannot be left blank") parser.add_argument('order_id', type=str, required=True, help="This field cannot be left blank") data = parser.parse_args() account_id, order_id = data['account_id'], data['order_id'] account = AccountModel.find_by_id(account_id) order = OrdersModel.find_by_id(order_id) if account and order: try: MailSender.send_ticket_order_mail(account.email, account.name, order) return {"message": "Email sended correctly"}, 200 except (FileNotFoundError, smtplib.SMTPException) as e: print(e) return {'message': 'Something went wrong'}, 500 else: return {"message": "Account or Order not found"}, 404
def post(self, id_account, id_book): acc = AccountModel.find_by_id(id_account) if not acc: return { 'message': "Account with ['id': {}] not found".format(id_account) }, 404 book = BookModel.find_by_id(id_book) if not book: return { 'message': "Book with ['id': {}] not found".format(id_book) }, 404 wl = WishlistModel.find_by_account(id_account) if book in wl.books: return { 'message': "Book with ['id': {}] is already is this wish list".format( id_book) }, 400 wl.books.append(book) wl.save_to_db() return { 'message': "Book with ['id': {}] added to wish list".format(id_book), 'wl': wl.json() }, 200
def test_put_change_email_already_registered_email(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) acc = AccountModel.find_by_email('*****@*****.**') response = self.login('*****@*****.**', 'america16') response = self.app.put( 'api/account/2', follow_redirects=True, data={ "name": "CEp", "lastname": "asdas", "email": "*****@*****.**" }, headers={ 'Authorization': 'Basic ' + base64.b64encode( bytes( str(acc.id) + ":" + json.loads(response.data)['token'], 'ascii')).decode('ascii') }) self.assertEqual(409, response.status_code)
def test_model_find_non_existent_address_id(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) self.assertEqual( None, AccountModel.find_by_email('*****@*****.**').find_address_by_id( 1))
def test_model_rollback_function(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) acc = AccountModel.find_by_email('*****@*****.**') accMod = acc accMod.email = '*****@*****.**' accMod.db_rollback() self.assertEqual(accMod.email, acc.email)
def setUp(self): self.app = setupApp(True).test_client() db.drop_all() db.create_all() self.register(self.account_dev_info) self.acc = AccountModel.find_by_email("*****@*****.**") self.acc.type = 1 self.acc.save_to_db() self.resp_account_dev = self.login('*****@*****.**', 'sm22')
def get(self, user_id): user = AccountModel.find_by_id(user_id) if not user: return { 'message': "User with ['id': {}] not found".format(user_id) }, 404 return { 'reviews': [i.json()['review'] for i in ReviewModel.find_by_user(user_id)] }, 200
def post(self, idd): parser = reqparse.RequestParser( ) # create parameters parser from request parser.add_argument('date', type=str, required=True, help="This field cannot be left blanck") parser.add_argument('total', type=float, required=True, help="This field cannot be left blanck") parser.add_argument('shipping', type=float, required=True, help="This field cannot be left blanck") parser.add_argument('taxes', type=float, required=True, help="This field cannot be left blanck") parser.add_argument('state', type=int, required=True, help="This field cannot be left blanck") parser.add_argument('send_type', type=int, required=True, help="This field cannot be left blanck") parser.add_argument('card_id', type=int, required=True, help="This field cannot be left blanck") parser.add_argument('address_id', type=int, required=True, help="This field cannot be left blanck") data = parser.parse_args() acc = AccountModel.find_by_id(idd) if not acc: return {'message': "There isn't a user with this id"}, 409 new_order = OrdersModel(idd, data.date, data.total, data.shipping, data.taxes, data.state, data.send_type, data.card_id, data.address_id) acc.orders.append(new_order) db.session.add(new_order) db.session.commit() return new_order.id, 200
def put(self, idd): account = AccountModel.find_by_id(idd) if account: if g.user != account: return { "error: ": "You cannot modify an account which you are not log with" }, 401 else: return {"error: ": "Account not found"}, 404 parser = reqparse.RequestParser() # define the input parameters need and its type parser.add_argument('name', type=str, required=True, help="This field cannot be left blank") parser.add_argument('lastname', type=str, required=True, help="This field cannot be left blank") parser.add_argument('email', type=str, required=True, help="This field cannot be left blank") data = parser.parse_args() if AccountModel.find_by_email( data['email']) and account.email != data['email']: return { "message": "Account already registered for that email address" }, 409 account.name, account.lastname, account.email = data['name'], data[ 'lastname'], data['email'] account.save_to_db() return {"token": account.generate_auth_token().decode('ascii')}, 200
def test_model_account_json(self): response = self.register('Cristobal', 'Colon', '*****@*****.**', 'america16') self.assertEqual(response.status_code, 200) acc = AccountModel.find_by_email('*****@*****.**') self.assertEqual( acc.json(), { 'id': 1, 'name': 'Cristobal', 'lastname': 'Colon', 'email': '*****@*****.**', 'available_money': 0, 'type': 0 })
def get(self, account_id, idd): account = AccountModel.find_by_id(account_id) card = CardModel.find_by_id(idd) if card is not None and account is not None: if card in account.cards: return {'card': card.json()}, 200 return { 'message': "This account doesn't have a card with id [{}] ".format(idd) }, 409 elif card is None: return {'message': "Card with id [{}] Not found".format(idd)}, 404 return {'message': "Account with id [{}] Not found".format(idd)}, 404
def json(self): account = AccountModel.find_by_id(self.user_id) return { "review": { "name": "" + account.name + " " + account.lastname[0] + ".", "id": self.id, "title": self.title, "user_id": self.user_id, "book_id": self.book_id, "date": self.date, "valuation": self.valuation, "comment": self.comment } }
def get(self, account_id, idd): account = AccountModel.find_by_id(account_id) address = AddressModel.find_by_id(idd) if address is not None and account is not None: if address in account.addresses: return {'address': address.json()}, 200 return { 'message': "This account doesn't have an address with id [{}] ".format( idd) }, 409 return {'message': "Address with id [{}] Not found".format(idd)}, 404
def delete(self, account_id, idd): account = AccountModel.find_by_id(account_id) address = AddressModel.find_by_id(idd) if address is not None and account is not None: if address in account.addresses: address.delete_from_db() return {"Message": "Address deleted correctly"}, 200 return { 'message': "This account doesn't have an address with id [{}] ".format(id) }, 409 elif address is None: return { 'message': "Address with id [{}] Not found".format(id) }, 404
def delete(self, idd): exists = ReviewModel.find_by_id(idd) if not exists: return { 'message': "There is no review with ['id': {}], therefore it cannot be deleted" .format(idd) }, 404 user = AccountModel.find_by_id(exists.user_id) book = BookModel.find_by_id(exists.book_id) exists.delete_from_db() return { 'message': "Review with ['id': {}] has successfully been deleted".format(idd) }, 200
def delete(self, account_id, idd): account = AccountModel.find_by_id(account_id) card = CardModel.find_by_id(idd) if card is not None and account is not None: if card in account.cards: card.delete_from_db() return {"Message": "Card deleted correctly"}, 200 return { 'message': "This account doesn't have an card with id [{}] ".format(idd) }, 409 elif card is None: return {'message': "Card with id [{}] Not found".format(idd)}, 404 return {'message': "Account with id [{}] Not found".format(idd)}, 404
def setUp(self): self.app = setupApp(True).test_client() db.drop_all() db.create_all() self.register(self.account_admin_info) self.acc = AccountModel.find_by_email("*****@*****.**") self.acc.type = 2 self.acc.save_to_db() self.resp_account_admin = self.login('*****@*****.**', 'sm22') self.authorization = { 'Authorization': 'Basic ' + base64.b64encode( bytes( str(self.acc.id) + ":" + json.loads(self.resp_account_admin.data)['token'], 'ascii')).decode('ascii') }