def test_pull_from_queue_order(self, mocked_now): # now needs to be padded to account for API and db clocks not in perfect sync test_datetime = (datetime.utcnow() - timedelta(0, 3)).isoformat() + 'Z' mocked_now.return_value = test_datetime client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.service_token) minus_10_min = (datetime.utcnow() - timedelta(0, 600)).isoformat() + 'Z' # purposely not ordered by the actual expected by pull classifier4 = self.schedule_classifier(priority=4) classifier1 = self.schedule_classifier(priority=1) classifier2 = self.schedule_classifier(priority=2) response = client.get('/classifiers/queue?title=' + DEFAULT_CLASSIFIER_TITLE + '&worker_id=foo') self.assertEqual(classifier1['id'], response.data[0]['id']) response = client.get('/classifiers/queue?title=' + DEFAULT_CLASSIFIER_TITLE + '&worker_id=foo') self.assertEqual(classifier2['id'], response.data[0]['id']) # All the 'normal' priority tasks from setUp() should be here response = client.get('/classifiers/queue?title=' + DEFAULT_CLASSIFIER_TITLE + '&worker_id=foo') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.data), number_of_classifiers_created_initially) response = client.get('/classifiers/queue?title=' + DEFAULT_CLASSIFIER_TITLE + '&worker_id=foo') self.assertEqual(classifier4['id'], response.data[0]['id'])
def test_put_member(self): """ Good request """ member_1 = MemberFactory() client = APIClient() client.credentials(HTTP_AUTHORIZATION='Token ' + self.token.key) data = { 'first_name': 'Patrick', 'last_name': 'St-pierre' } response = client.put( reverse( 'api:retrieve_update_destroy_member_api', kwargs={'pk': 1} ), data, format='json' ) self.assertEqual(response.status_code, 200) self.assertEqual(response.data['first_name'], 'Patrick') self.assertEqual(response.data['last_name'], 'St-pierre')
class EndpointTestCase(TestCase): def setUp(self): super().setUp() self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.reload(self.r).token) def assertResponseEqualsRoom(self, response, room, check_token=True): response['name'].should.eql(room.name) response['current_music'].should.eql(room.current_music) response['shuffle'].should.eql(room.shuffle) response['can_adjust_volume'].should.eql(room.can_adjust_volume) response['count_left'].should.eql(room.get_count_remaining()) response['time_left'].should.eql(room.get_remaining_time()) response['current_time_left'].should.eql(room.get_current_remaining_time()) response['volume'].should.eql(room.volume) response['playlist'].should.eql(list(room.playlist.all())) if check_token: response['token'].should.eql(room.token) def assertResponseEqualsMusic(self, response, music): response['name'].should.eql(music.name) response['music_id'].should.eql(music.music_id) response['url'].should.eql(music.url) response['duration'].should.eql(music.duration) response['thumbnail'].should.eql(music.thumbnail) response['count'].should.eql(music.count) response['timer_start'].should.eql(music.timer_start) response['source'].should.eql(music.source) if response['last_play'] is not None: datetime.strptime(response['last_play'], '%Y-%m-%dT%H:%M:%S.%f').should.eql(music.last_play) else: response['last_play'].should.eql(music.last_play)
def test_expansion(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.token) classifier1_response = client.post('/classifiers', self.classifier_post_data, format='json') classifier2_response = client.post('/classifiers', self.classifier_post_data, format='json') self.assertEqual(classifier1_response.status_code, 201) self.assertEqual(classifier2_response.status_code, 201) get_1_response = client.get('/classifiers/{id}?expand=user,genes,diseases'.format(id=classifier1_response.data['id'])) get_2_response = client.get('/classifiers/{id}?expand=user,genes,diseases'.format(id=classifier2_response.data['id'])) self.assertEqual(get_1_response.status_code, 200) self.assertEqual(get_1_response.status_code, 200) self.assertEqual(list(get_1_response.data.keys()), classifier_keys) self.assertEqual(list(get_2_response.data.keys()), classifier_keys) self.assertTrue(isinstance(get_1_response.data['user'], dict)) self.assertTrue(isinstance(get_2_response.data['user'], dict)) self.assertTrue(isinstance(get_1_response.data['genes'][0], dict)) self.assertTrue(isinstance(get_1_response.data['genes'][1], dict)) self.assertTrue(isinstance(get_1_response.data['diseases'][0], dict)) self.assertTrue(isinstance(get_1_response.data['diseases'][1], dict)) self.assertTrue(isinstance(get_2_response.data['genes'][0], dict)) self.assertTrue(isinstance(get_2_response.data['genes'][1], dict)) self.assertTrue(isinstance(get_2_response.data['diseases'][0], dict)) self.assertTrue(isinstance(get_2_response.data['diseases'][1], dict))
class AuthenticationTest(APITestCase): def setUp(self): self.client = APIClient() self.organization = Organization( rid=1, name="testorganization") self.user = User.objects.create_user( username='******', email='*****@*****.**', password='******', organization=self.organization) def test_login_logout(self): request = self.client.post( '/auth/login', {"username": "******", "password": "******"}) token = request.data.get('token', None) self.assertIsNotNone( token, "Could not receive authentication token on login post.") self.assertEqual(request.status_code, 200, "Status code on /auth/login was %s (should be 200)." % request.status_code) self.client.credentials(HTTP_AUTHORIZATION='Token ' + token) request = self.client.get('/auth/load') self.assertEqual(request.status_code, 200, "Status code on /auth/load was not 200.") self.assertEqual(request.data['username'], self.user.username, "Usernames for loaded user (%s) and initialized user " "(%s) do not match." % (request.data['username'], self.user.username)) request = self.client.get('/auth/logout') self.assertEqual(request.status_code, 200, "Status code on /auth/logout was %s (should be 200)." % request.status_code) self.client.credentials(HTTP_AUTHORIZATION='') request = self.client.get('/auth/load') self.assertEqual(request.status_code, 401, "Status code on /auth/load was %s (should be 401) " "after logout." % request.status_code)
def test_case8(self): client = APIClient() client.credentials(HTTP_GOOGLEID=google_id, HTTP_TOKEN='invalidtoken') response = client.post('/login/', {'email': email, 'name': name, 'font_size': font_size, 'language': language}, format='json') self.assertNotEqual(response.status_code, status.HTTP_200_OK, "Login shouldn't work.")
def test_superuser_can_edit_an_unowned_sample(self): client = APIClient() client.credentials( HTTP_AUTHORIZATION='Token ' + self.superuser1.auth_token.key ) sample_data = deepcopy(self.sample_data) res = client.post('/samples/', sample_data) res_json = json.loads(res.content.decode('utf-8')) sample_data['number'] = get_random_str() sample_data.update(dict( minerals=[ { "id": str(self.minerals[2].pk), "amount": "y", }, { "id": str(self.minerals[3].pk), "amount": "y", }, ] )), res = client.put('/samples/{}/'.format(res_json['id']), sample_data) self.assertEqual(res.status_code, status.HTTP_200_OK) res_json = json.loads(res.content.decode('utf-8')) self.assertEqual(res_json['number'], updated_sample_number) self.assertEqual( set(mineral['id'] for mineral in res_json['minerals']), set(mineral['id'] for mineral in sample_data['minerals']) )
class AuthTestCase(APITestCase, TestCaseMixin): def setUp(self): self.user = User.objects.create() self.client = APIClient() token, created = Token.objects.get_or_create(user=self.user) self.client.credentials(HTTP_AUTHORIZATION="Token " + token.key) self.notAuthClient = APIClient() self.fakeAuthClient = APIClient() self.fakeAuthClient.credentials(HTTP_AUTHORIZATION="Token justAFakeToken123") def test_auth(self): url = reverse("verify-token") result = self.client.post(url) self.assertEqual(result.status_code, 200) def test_no_auth(self): url = reverse("verify-token") result = self.notAuthClient.post(url) self.assertEqual(result.status_code, 401) def test_fake_auth(self): url = reverse("verify-token") result = self.fakeAuthClient.post(url) self.assertEqual(result.status_code, 401)
def test_create_selection(self): token = Token.objects.get(user__username="******") client = APIClient() client.credentials(HTTP_AUTHORIZATION="Token " + token.key) response = client.post("/selections/") self.assertEqual(response.status_code, status.HTTP_201_CREATED)
def get_api_client(self, admin_auth=False): client = APIClient() if admin_auth: client.credentials(HTTP_AUTHORIZATION='Token {0}'.format(self.td.user_admin_apikey.key)) return client
def test_pull_and_complete(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.service_token) update_response = self.pull_and_update(client, False) self.assertEqual(update_response.data['status'], 'complete')
def get_authorized_client(user): token = Token.objects.create(user=user) client = APIClient() client.credentials(HTTP_AUTHORIZATION='Token ' + token.key) return client
class GetVariableDetail(TestCase): def setUp(self): self.user = User.objects.create_user(username='******', email='*****@*****.**', password='******') self.token = Token.objects.get(user=self.user.id) self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token.key) self.dataset = Dataset(name='test_set', owner=self.user) self.dataset.save() self.variable = Variable(name='variable', dataset=self.dataset, datatype='string', values=['one', 'two', 'three']) self.variable.save() self.url = reverse('api:variable_by_dataset_detail', kwargs={'dataset_pk': self.dataset.id, 'pk':self.variable.id}) def test_get_variable_detail(self): response = self.client.get(self.url) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data['name'], self.variable.name) self.assertEqual(response.data['dataset'], self.variable.dataset.id) self.assertEqual(response.data['datatype'], self.variable.datatype) self.assertEqual(response.data['values'], self.variable.values) def test_modify_variable(self): data = {'name': 'changed_name', 'dataset':'changed_dataset', 'datatype':'float', 'subtype': 'continuous', 'values':[1, 2 , 3]} response = self.client.put(self.url, data) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data['name'], data['name']) self.assertEqual(response.data['dataset'], self.variable.dataset.id) self.assertEqual(response.data['datatype'], self.variable.datatype) self.assertEqual(response.data['values'], self.variable.values) self.assertEqual(response.data['subtype'], data['subtype']) def test_delete_variable(self): response = self.client.delete(self.url) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def create_client(user, url, get=True, kwargs=None): token = Token.objects.get_or_create(user=user)[0] client = APIClient() client.credentials(HTTP_AUTHORIZATION='Token ' + token.key) if get: return client.get(url, kwargs=kwargs) return client.post(url, data=kwargs)
def test_list_tasks(self): task_post_data = { 'task_def': self.task_def_name, 'data': { 'foo': 'bar' } } client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.token) task_1_repsonse = client.post('/tasks', task_post_data, format='json') task_2_response = client.post('/tasks', task_post_data, format='json') client = APIClient() # clear token list_response = client.get('/tasks') self.assertEqual(list_response.status_code, 200) self.assertEqual(list(list_response.data.keys()), ['count', 'next', 'previous', 'results']) self.assertEqual(len(list_response.data['results']), 2) self.assertEqual(list(list_response.data['results'][0].keys()), task_keys) self.assertEqual(list(list_response.data['results'][1].keys()), task_keys)
def test_update_task_auth(self): task_post_data = { 'task_def': self.task_def_name, 'unique': 'classifer-2343', 'data': { 'foo': 'bar' } } client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.token) create_response = client.post('/tasks', task_post_data, format='json') self.assertEqual(create_response.status_code, 201) client = APIClient() # clear token update = create_response.data update['priority'] = 'high' update_response = client.put('/tasks/' + str(update['id']), update, format='json') self.assertEqual(update_response.status_code, 401) self.assertEqual(update_response.data, {'detail': 'Authentication credentials were not provided.'})
def test_detail(self): url = reverse('api-job-detail', kwargs={'pk': self.job1}) response = self.client.get(url, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data['title'], 'job title 1') # unexisting or of someone else: 404 url = reverse('api-job-detail', kwargs={'pk': 0}) response = self.client.get(url, format='json') self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) # setting back the correct url url = reverse('api-job-detail', kwargs={'pk': self.job1}) client = APIClient() # another user SAME APP: OK user = User.objects.create(username='******', password='******', email="*****@*****.**") Membership.objects.create(user=user, account=self.account) token = Token.objects.get(user=user) token = 'Token ' + token.key + '/' + self.app.token client.credentials(HTTP_AUTHORIZATION=token) response = client.get(url, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) # another user, another app: 404 token = Token.objects.get(user=self.user2) token = 'Token ' + token.key + '/' + self.app2.token client.credentials(HTTP_AUTHORIZATION=token) response = client.get(url, format='json') # this is not 403 beacuse the list is restricted by the app (see get_queryset) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
class GroupTests(APITestCase): def setUp(self): self.user = User.objects.create_user(username='******', email='*****@*****.**', password='******') self.cl = Client.objects.create(user=self.user, redirect_uri="http://localhost/", client_type=2 ) self.token = AccessToken.objects.create( user=self.user, client=self.cl, expires=datetime.date( year=2015, month=1, day=2 ) ) self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.token.token) def test_create_group(self): """ Ensure we can create a group. """ url = reverse('group-create') data = { 'name': 'SECSI', 'description': 'SECSI, DO YOU SPEAK IT', 'creator': self.user.id} response = self.client.post(url + ".json", data) self.assertEqual(response.status_code, status.HTTP_201_CREATED)
class TodoTest(TestCase): def setUp(self): self.username = '******' self.email = '*****@*****.**' self.password = '******' self.user = User.objects.create_user(self.username, self.email, self.password) self.user.save() self.client = APIClient() def test_get_empty_todo_list(self): token = Token.objects.create(user=self.user).key self.client.credentials(HTTP_AUTHORIZATION="Token " + token) request = self.client.get("/todos/", {}, format="json") self.assertEqual(request.status_code, status.HTTP_200_OK) def test_get_todo_list(self): todo = Todo.objects.create( title = "hacer tarea", body = "terminar modulo django", user = self.user, ) todo.save() token = Token.objects.create(user=self.user).key self.client.credentials(HTTP_AUTHORIZATION="Token " + token) request = self.client.get("/todos/", {}, format="json") self.assertEqual(request.status_code, status.HTTP_200_OK)
def api_client(): """Create an admin user, and login using the token.""" user = UserFactory(username='******', is_staff=True) token = Token.objects.create(user=user) client = APIClient() client.credentials(HTTP_AUTHORIZATION='Token {}'.format(token.key)) yield client
def user_api_client(user): api_client = APIClient() token = access_token_factory(scopes=['identities'], user=user) api_client.credentials(HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token)) api_client.token = token api_client.user = user return api_client
def interface_device_api_client(user): api_client = APIClient() enc_key = jwk.JWK.generate(kty='oct', alg='HS256', use='enc') sign_key = jwk.JWK.generate(kty='EC', crv='P-256', use='sig') user_device = UserDeviceFactory( secret_key=json.loads(enc_key.export()), public_key=json.loads(sign_key.export_public()), user=user, ) interface_device = InterfaceDeviceFactory(secret_key=str(uuid.uuid4()), scopes='read:identities:helmet') header = {'alg': 'A256KW', 'enc': 'A128CBC-HS256', 'iss': str(user_device.id)} nonce = int(random.random()*1000000000000000) payload = { 'iss': str(user_device.id), 'cnt': user_device.auth_counter + 1, 'azp': str(interface_device.id), 'sub': str(user.uuid), 'iat': int(time.time()), 'nonce': nonce, } token = create_jwe(header, payload, sign_key, enc_key) api_client.credentials(HTTP_AUTHORIZATION='Bearer {}'.format(token), HTTP_X_INTERFACE_DEVICE_SECRET=str(interface_device.secret_key)) api_client.user_device = user_device api_client.interface_device = interface_device api_client.token = token api_client.user = user_device.user api_client.nonce = str(nonce) return api_client
def test_url(self, token, view_name, query, table): url = reverse(view_name) + '.json' + query pre_index_scans = self.get_index_scan_counts(table) client = APIClient() client.credentials(HTTP_AUTHORIZATION='Token ' + token) start_time = time.time() response = client.get(url) time_taken = time.time() - start_time # TODO figure out how to get stats to refresh without this workaround. # You'd think that SELECT pg_stat_clear_snapshot() might work but no. connection.close() time.sleep(1) post_index_scans = self.get_index_scan_counts(table) access_result = colored(response.status_code, Fore.GREEN if 200 <= response.status_code < 300 else Fore.RED) time_result = colored("%.3f" % time_taken, Fore.GREEN if time_taken < MAX_REQUEST_TIME else Fore.RED) + " secs" used_indexes = [i for i, scans in pre_index_scans.iteritems() if post_index_scans.get(i) > scans] index_result = ",".join(used_indexes) self.stdout.write("GET %s %s / %s / %s" % (url, access_result, time_result, index_result))
def test_user_cannot_view_another_user_detail(self): client = APIClient() token = Token.objects.get(user__username=self.user_one.username) client.credentials(HTTP_AUTHORIZATION='Token ' + token.key) url = reverse('user-detail', kwargs={'pk': self.user_two.pk}) response = client.get(url) self.assertEqual(response.status_code, 404)
def test_only_me_can_delete_account(self): """ Accounts can only be deleted by authed owner :return: """ # setup self.test_create_account() view = AccountViewSet.as_view({'delete': 'destroy'}) account = Account.objects.get(username=self.username) client = APIClient() # auth with jwt response = client.post('/api-token-auth/', self.json_account_credentials, format='json') token = response.data['token'] self.assertEqual(response.status_code, status.HTTP_200_OK) # Make request client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) response = client.delete('/api/v1/accounts/'+self.username+'/') # Asserts self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) # check no object exists try: account = Account.objects.get(username=self.username) except: account = None self.assertIsNone(account)
def test_update_subject_on_protocol(self, mock_grh_update, mock_grh_get, mock_orh, mock_srh): ''' Ensure that we can create a subject on a Protocol ''' subject = { 'id': 1, 'first_name': 'Johnny', 'last_name': 'Sample', 'organization_subject_id': '42424242', 'organization': '1', 'dob': '2000-01-01', 'modified': '2015-01-01 00:00:00.000', 'created': '2015-01-01 00:00:00.000' } url = reverse( 'protocol-subject-view', kwargs={ 'pk': self.test_protocol.id, 'subject': self.test_user.id }) token = Token.objects.get(user__username='******') client = APIClient() client.credentials(HTTP_AUTHORIZATION='Token ' + token.key) mock_orh.return_value = TestOrganization mock_srh.return_value = TestSubject mock_grh_get.return_value = TestGroup mock_grh_update.return_value = [{'success': True}] response = client.put(url, subject, format='json') self.assertTrue(response.status_code, 200) print(response.data) self.assertEqual(response.data['first_name'], 'Johnny')
def _get_basic_auth_client(user_id, password): auth = base64.b64encode('{}:{}'.format(user_id, password).encode('utf-8')) client = APIClient(HTTP_ACCEPT='application/json') client.credentials(HTTP_AUTHORIZATION='Basic {}'.format(auth.decode('utf-8'))) return client
def create_oidc_api_client(scopes=(), user=None): user = user or UserFactory() token = access_token_factory(scopes=scopes, user=user) api_client = APIClient() api_client.credentials(HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token)) api_client.user = user return api_client
class DatasetListTest(TestCase): #create two users and one dataset for each user. def setUp(self): self.user1 = User.objects.create_user(username='******', email='*****@*****.**', password='******') self.user2 = User.objects.create_user(username='******', email='*****@*****.**', password='******') self.token1 = Token.objects.get(user=self.user1.id) self.token2 = Token.objects.get(user=self.user2.id) self.client = APIClient() self.url = reverse('api:dataset_list') self.dataset1 = Dataset(name='dataset1', owner=self.user1) self.dataset1.save() self.dataset2 = Dataset(name='dataset2', owner=self.user2) self.dataset2.save() #Test that each user is shown only the dataset that he owns. def test_show_datasets_by_owner(self): self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token1.key) response = self.client.get(self.url) self.assertEqual(response.data.__len__(), 1) self.assertEqual(response.data[0]['name'], u'dataset1') self.assertEqual(response.data[0]['owner'], u'api_test_user_1') self.assertEqual(response.status_code, status.HTTP_200_OK) #Test that unauthorized gets result in a 401 status code. def test_list_dataset_noauth(self): self.client.credentials() response = self.client.get(self.url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_queueing(self, mocked_now): test_datetime = datetime.utcnow().isoformat() + 'Z' mocked_now.return_value = test_datetime task_post_data = { 'task_def': self.task_def_name, 'data': { 'foo': 'bar' } } client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.token) response = client.post('/tasks', task_post_data, format='json') self.assertEqual(response.status_code, 201) self.assertEqual(list(response.data.keys()), task_keys) self.assertEqual(response.data['task_def'], self.task_def_name) ## test fields defaults self.assertEqual(response.data['status'], 'queued') self.assertEqual(response.data['priority'], 'normal') self.assertEqual(response.data['run_at'], test_datetime)
class AccountPermissionsTests(APITestCase): def setUp(self) -> None: self.superadmin = {'username': '******', 'password': '******', 'id': None, 'work': {"description": "superadmin work", "duration": 10, "workday": "2020-07-30", "id": None}} self.admin = {'username': '******', 'password': '******', 'id': None, 'work': {"description": "admin work", "duration": 10, "workday": "2020-07-30", "id": None}} self.user = {'username': '******', 'password': '******', 'id': None, 'work': {"description": "user work", "duration": 10, "workday": "2020-07-30", "id": None}} self.superadmin['id'] = User.objects.create_superuser(self.superadmin['username'], '*****@*****.**', self.superadmin['password']).id self.admin['id'] = User.objects.create_user(self.admin['username'], '*****@*****.**', self.admin['password'], is_staff=True).id self.user['id'] = User.objects.create_user(self.user['username'], '*****@*****.**', self.user['password']).id self.superadmin_auth_token = 'Token ' + (self.client.post(reverse('api_token_auth'), self.superadmin, format='json')).data['token'] self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION=self.superadmin_auth_token) self.superadmin['work']['id'] = \ self.client.post(reverse('work-list'), self.superadmin['work'], format='json').data['id'] self.admin_auth_token = 'Token ' + (self.client.post(reverse('api_token_auth'), self.admin, format='json')).data['token'] self.client.credentials(HTTP_AUTHORIZATION=self.admin_auth_token) self.admin['work']['id'] = self.client.post(reverse('work-list'), self.admin['work'], format='json').data['id'] self.user_auth_token = 'Token ' + (self.client.post(reverse('api_token_auth'), self.user, format='json')).data['token'] self.client.credentials(HTTP_AUTHORIZATION=self.user_auth_token) self.user['work']['id'] = self.client.post(reverse('work-list'), self.user['work'], format='json').data['id'] def test_user_cannot_get_admin_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.user_auth_token) response = client.get(reverse('work-detail', kwargs={'pk': self.superadmin['work']['id']})) self.assertEqual(response.status_code, 404) def test_admin_cannot_get_superuser_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.admin_auth_token) response = client.get(reverse('work-detail', kwargs={'pk': self.superadmin['work']['id']})) self.assertEqual(response.status_code, 404) def test_superadmin_can_get_admin_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.superadmin_auth_token) response = client.get(reverse('work-detail', kwargs={'pk': self.admin['work']['id']})) self.assertEqual(response.status_code, 200) def test_superadmin_can_get_user_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.superadmin_auth_token) response = client.get(reverse('work-detail', kwargs={'pk': self.user['work']['id']})) self.assertEqual(response.status_code, 200) def test_user_cannot_delete_admin_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.user_auth_token) response = client.delete(reverse('work-detail', kwargs={'pk': self.superadmin['work']['id']})) self.assertEqual(response.status_code, 401) def test_admin_cannot_delete_superuser_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.admin_auth_token) response = client.delete(reverse('work-detail', kwargs={'pk': self.superadmin['work']['id']})) self.assertEqual(response.status_code, 401) def test_superadmin_can_delete_admin_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.superadmin_auth_token) response = client.delete(reverse('work-detail', kwargs={'pk': self.admin['work']['id']})) self.assertEqual(response.status_code, 204) def test_superadmin_can_delete_user_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.superadmin_auth_token) response = client.delete(reverse('work-detail', kwargs={'pk': self.user['work']['id']})) self.assertEqual(response.status_code, 204)
class AppointmentViewTestCase(TestCase): """Test suite for the Appointment views.""" def setUp(self): """Defines the test client and other test variables.""" token = self.getToken() self.api_client = APIClient() self.api_client.credentials(HTTP_AUTHORIZATION='Token ' + token) self.test_service = Service.objects.create( name='Manicura Flash', price=11.00, category=CATEGORIES.MANICURA, description='Test description' ) self.test_client = Client.objects.create( dni='12345678t', name='Ander', surname='Conal', second_surname='Fuertes', birthdate=datetime.now(), phone_number='666666666', address='Fake Street, 7', postal_code='66666', city='Bilbao', province='Vizcaya', email='*****@*****.**', release_date=timezone.now(), partner=PARTNER_OPTIONS.NO_PARTNER, partner_release_date=datetime.now(), known_for=KNOWN_FOR_CHOICES.FACEBOOK, lopd=True, lopd_channel=LOPD_CHANNEL_CHOICES.WHATSAPP, lopd_options=LOPD_OPTION_CHOICES.FOTODEPILACION, notes='Test' ) self.test_invoice = Invoice.objects.create( issueDate=timezone.now(), client=self.test_client ) self.another_test_invoice = Invoice.objects.create( issueDate=timezone.now(), client=self.test_client ) self.appointment_data = { "service": [self.test_service.id], "date": timezone.now(), "client": self.test_client.id, "invoice": self.another_test_invoice.id, "notes": "Newly created notes." } self.test_appointment = Appointment.objects.create( date=timezone.now(), client=self.test_client, invoice=self.test_invoice, notes='' ) self.test_appointment.service.add(self.test_service) self.test_appointment.save() def getToken(self): user = User.objects.create_user(username='******', password='******', email='*****@*****.**') token = Token.objects.get_or_create(user=user) return token[0].key def test_api_can_create_an_appointment(self): """Test the API has Appointment creation capability.""" response = self.api_client.post( reverse('appointment-create'), self.appointment_data, format="json") self.assertEqual(response.status_code, status.HTTP_201_CREATED) Appointment.objects.get(pk=response.json().get('id')) def test_default_state(self): """Test the default state is PENDING.""" response = self.api_client.post( reverse('appointment-create'), self.appointment_data, format="json") self.assertEqual(response.json().get('state'), APPOINTMENT_STATES.PENDING) def test_api_can_get_an_appointment(self): """Test the API can get a given Appointment.""" response = self.api_client.get( reverse('appointment-details', kwargs={'pk': self.test_appointment.id}), format="json") self.assertEqual(response.status_code, status.HTTP_200_OK) Appointment.objects.get(pk=response.json().get('id')) def test_api_can_update_an_appointment(self): """Test the API can update a given Appointment.""" response = self.api_client.put( reverse('appointment-details', kwargs={'pk': self.test_appointment.id}), self.appointment_data, format='json' ) self.assertEqual(response.status_code, status.HTTP_200_OK) Appointment.objects.get(pk=response.json().get('id')) self.assertEqual(response.json().get('notes'), self.appointment_data.get('notes')) def test_api_can_delete_an_appointment(self): """Test the API can delete a given Appointment.""" response = self.api_client.delete( reverse('appointment-details', kwargs={'pk': self.test_appointment.id}), format='json', follow=True) self.assertEquals(response.status_code, status.HTTP_204_NO_CONTENT)
class ListEventTest(APITestCase): #testing get method def setUp(self): self.client = APIClient() customUser = apps.get_model('users', 'CustomUser') self.user = customUser.objects.create_superuser( 'admin', '*****@*****.**', 'admin123') self.token = Token.objects.create(user=self.user) def testGetEvents(self): self.client.force_login(user=self.user) self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token.key) response = self.client.get('http://127.0.0.1:8000/api/events/') self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) # testing create event method def testCreateEvent(self): url = 'http://127.0.0.1:8000/api/events/' data = { "id": 1, "title": "Test for long and lat", "date": "2019-10-07", "time": "13:25:00", "source": "school", "destination": "abc", "duration": 0, "creator_id": 1, "created_at": "2019-10-23T16:26:51.150975Z", "long": "-95.712891", "lat": "37.090240" } self.client.force_login(user=self.user) self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token.key) response = self.client.post(url, data, format='json') self.assertEqual(response.status_code, status.HTTP_201_CREATED) response = self.client.put(url, data, format='json') self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED) data2 = { "id": 2, "title": "Test for long and lat", "date": "2019-10-07", "time": "13:25:00", "source": "school", "duration": 0, "creator_id": 1, "created_at": "2019-10-23T16:26:51.150975Z", "long": "-95.712891", "lat": "37.090240" } response = self.client.post(url, data2, format='json') self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) # testing conflict constraint at the time of event creation. def testEventCreationConstraint(self): url = 'http://127.0.0.1:8000/api/events/' data1 = { "id": 1, "title": "Test1", "date": "2019-10-07", "time": "13:25:00", "source": "school", "destination": "540 N May, Mesa, AZ", "duration": 0, "creator_id": 1, "created_at": "2019-10-23T16:26:51.150975Z", "long": "-95.712891", "lat": "37.090240" } data2 = { "id": 2, "title": "Test2", "date": "2019-10-07", "time": "13:25:00", "source": "school", "destination": "abc", "duration": 0, "creator_id": 1, "created_at": "2019-10-23T16:26:51.150975Z", "long": "-95.712891", "lat": "37.090240" } data3 = { "id": 3, "title": "Test3", "date": "2019-10-07", "time": "13:40:00", "source": "abc", "destination": "2900 S Goldwater Lake Rd, Prescott, AZ 86303-8405", "duration": 0, "creator_id": 1, "created_at": "2019-10-23T16:26:51.150975Z", "long": "0", "lat": "0" } self.client.force_login(user=self.user) self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token.key) response1 = self.client.post(url, data1, format='json') response2 = self.client.post(url, data2, format='json') response3 = self.client.post(url, data3, format='json') self.assertEqual(response2.status_code, status.HTTP_406_NOT_ACCEPTABLE) self.assertEqual(response3.status_code, status.HTTP_412_PRECONDITION_FAILED) # testing event model def createEventModel(self): event = Event.objects.create(id=1, title="Test for long and lat", date="2019-10-07", time="13:25:00", source="school", destination="abc", duration=timedelta(), creator_id=48, created_at="2019-10-23T16:26:51.150975Z", long=-95.712891, lat=37.090240) return event def testEventModel(self): event = self.createEventModel() self.assertTrue(isinstance(event, Event))
class TestViews(TestCase): def setUp(self): api_key, key = APIKey.objects.create_key(name="expense-service") self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION=f"Api-Key {key}") def test_expense_create(self): payload = { "amount": 50.0, "merchant": "AT&T", "description": "cell phone subscription", "category": "utilities", } res = self.client.post(reverse("restapi:expense-list-create"), payload, format="json") self.assertEqual(201, res.status_code) json_res = res.json() self.assertEqual(payload["amount"], json_res["amount"]) self.assertEqual(payload["merchant"], json_res["merchant"]) self.assertEqual(payload["description"], json_res["description"]) self.assertEqual(payload["category"], json_res["category"]) self.assertIsInstance(json_res["id"], int) def test_expense_list(self): res = self.client.get(reverse("restapi:expense-list-create"), format="json") self.assertEqual(200, res.status_code) json_res = res.json() self.assertIsInstance(json_res, list) expenses = models.Expense.objects.all() self.assertEqual(len(expenses), len(json_res)) def test_expense_create_required_fields_missing(self): payload = { "merchant": "AT&T", "description": "cell phone subscription", "category": "utilities", } res = self.client.post(reverse("restapi:expense-list-create"), payload, format="json") self.assertEqual(400, res.status_code) def test_expense_retrieve(self): expense = models.Expense.objects.create(amount=300, merchant="George", description="loan", category="transfer") res = self.client.get(reverse("restapi:expense-retrieve-delete", args=[expense.id]), format="json") self.assertEqual(200, res.status_code) json_res = res.json() self.assertEqual(expense.id, json_res["id"]) self.assertEqual(expense.amount, json_res["amount"]) self.assertEqual(expense.merchant, json_res["merchant"]) self.assertEqual(expense.description, json_res["description"]) self.assertEqual(expense.category, json_res["category"]) def test_expense_delete(self): expense = models.Expense.objects.create(amount=400, merchant="John", description="loan", category="transfer") res = self.client.delete(reverse("restapi:expense-retrieve-delete", args=[expense.id]), format="json") self.assertEqual(204, res.status_code) self.assertFalse(models.Expense.objects.filter(pk=expense.id).exists()) def test_list_expense_filter_by_merchant(self): amazon_expense = models.Expense.objects.create( amount=100, merchant="amazon", description="sunglasses", category="fashion") ebay_expense = models.Expense.objects.create(amount=200, merchant="ebay", description="watch", category="fashion") url = "/api/expenses?merchant=amazon" res = self.client.get(url, format="json") self.assertEqual(200, res.status_code) json_res = res.json() self.assertEqual(1, len(json_res)) self.assertEqual(amazon_expense.id, json_res[0]["id"]) self.assertEqual(amazon_expense.amount, json_res[0]["amount"]) self.assertEqual(amazon_expense.merchant, json_res[0]["merchant"]) self.assertEqual(amazon_expense.description, json_res[0]["description"]) self.assertEqual(amazon_expense.category, json_res[0]["category"])
def token_auth_client(db): client = APIClient() user = UserFactory() token = Token.objects.create(user=user) client.credentials(HTTP_AUTHORIZATION="Token " + token.key) return client
class AlbumListTestCase(TestCase): maxDiff = True def setUp(self): self.client = APIClient() self.user = mommy.make('User', username='******', is_active=True) self.user.set_password('pierwszy') self.user.save() self.user2 = mommy.make('User', first_name='Adam', username='******', is_active=True) self.assertEquals(User.objects.count(), 2) mommy.make('Profile', user=self.user) mommy.make('Profile', user=self.user2) mommy.make('Album', user=self.user, name='pierwszy', place=Place.objects.create(city='Paris')) mommy.make('Album', user=self.user, name='drugi', place=Place.objects.create(city='London')) mommy.make('Token', user=self.user, key="9af907a61113e7c3a872920d759b3a3269c54191") mommy.make('Token', user=self.user2, key="f09e9009b180d937552b9e52499d3dae6f6de059") self.client.credentials( HTTP_AUTHORIZATION='Token 9af907a61113e7c3a872920d759b3a3269c54191' ) def test_album_list(self): """ Zakladajac, ze znajduje sie 2 uzytkownikow w systemie i 2 albumy Gdy uzytkownik wysle zadanie pobrania listy albumow To system zwroci liste albumow """ response = self.client.get('/api/albums/') expected_response = [{ 'place': 'London', 'name': 'drugi', 'photos_readable': [] }, { 'place': 'Paris', 'name': 'pierwszy', 'photos_readable': [] }] self.assertEquals(expected_response, cleaned(data_from(response), fields=['id'])) self.assertEquals(200, response.status_code) def test_album_list_on_profile(self): """ Zakladajac, ze znajduje sie 2 uzytkownikow w systemie i 2 albumy Gdy uzytkownik wysle zadanie pobrania listy albumow nalezacych do drugiego uzytkownika To system zwroci liste albumow """ self.client.credentials( HTTP_AUTHORIZATION='Token f09e9009b180d937552b9e52499d3dae6f6de059' ) response = self.client.get('/api/users/{}/albums/'.format( self.user.id)) expected_response = [{ 'place': 'London', 'name': 'drugi', 'photos_readable': [] }, { 'place': 'Paris', 'name': 'pierwszy', 'photos_readable': [] }] self.assertEquals(expected_response, cleaned(data_from(response), fields=['id'])) self.assertEquals(200, response.status_code)
class PDUStatusTestCase(TestCase): """Test the PDUStatus API.""" def setUp(self): """Create a superuser and token for API calls.""" self.user = User.objects.create(username="******", is_superuser=True) self.token = Token.objects.create(user=self.user) self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION=f"Token {self.token.key}") self.base_url_lookup = "plugins-api:axians_netbox_pdu-api:pdustatus" self.site = Site.objects.create(name="Site", slug="site") self.role = DeviceRole.objects.create(name="Role", slug="role") self.manufacturer = Manufacturer.objects.create(name="Manufacturer", slug="manufacturer") self.device_type = DeviceType.objects.create( slug="device_type", model="device_type", manufacturer=self.manufacturer ) self.outlets = PowerOutletTemplate.objects.create(device_type=self.device_type, name="1") self.pduconfig = PDUConfig.objects.create( device_type=self.device_type, power_usage_oid="1.1.1.1", power_usage_unit="watts" ) self.device = Device.objects.create( name="Device One", device_role=self.role, device_type=self.device_type, site=self.site, ) self.pdustatus = PDUStatus.objects.create(device=self.device, power_usage="1234") self.device_1 = Device.objects.create( name="Device Two", device_role=self.role, device_type=self.device_type, site=self.site, ) self.pdustatus_1 = PDUStatus.objects.create(device=self.device_1, power_usage=4321) def test_list_pdustatus(self): """Verify that PDUStatus can be listed.""" url = reverse(f"{self.base_url_lookup}-list") response = self.client.get(url) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data["count"], 2) def test_get_pdustatus(self): """Verify that an PDUStatus can be retrieved.""" url = reverse(f"{self.base_url_lookup}-detail", kwargs={"pk": self.pdustatus.pk}) response = self.client.get(url) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data["power_usage"], int(self.pdustatus.power_usage)) def test_create_pdustatus_missing_mandatory_parameters(self): """Verify that the only mandatory POST parameters are power_usage_oid and power_usage_unit.""" url = reverse(f"{self.base_url_lookup}-list") response = self.client.post(url, format="json") self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) # The response tells us which fields are missing from the request self.assertIn("device", response.data) self.assertIn("power_usage", response.data) self.assertEqual(len(response.data), 2, "Only two parameters should be mandatory") def test_create_pdustatus_duplicate(self): """Verify that you cannot add two instances.""" url = reverse(f"{self.base_url_lookup}-list") power_usage = 1234 data = {"device": self.device.pk, "power_usage": power_usage} response = self.client.post(url, data, format="json") self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_update_pdustatus(self): """Verify that an PDUStatus can be updated via this API.""" url = reverse(f"{self.base_url_lookup}-detail", kwargs={"pk": self.pdustatus.pk}) response = self.client.patch(url, {"device": self.device.pk, "power_usage": "6666"}, format="json",) pdu_status = PDUStatus.objects.get(pk=self.pdustatus.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(pdu_status.device.pk, self.device.pk) self.assertEqual(pdu_status.power_usage, 6666) url = reverse(f"{self.base_url_lookup}-detail", kwargs={"pk": self.pdustatus_1.pk}) response = self.client.patch(url, {"device": self.device_1.pk, "power_usage": "7777"}, format="json",) pdu_status = PDUStatus.objects.get(pk=self.pdustatus_1.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(pdu_status.device.pk, self.device_1.pk) self.assertEqual(pdu_status.power_usage, 7777) def test_delete_pdustatus(self): """Verify that an PDUStatus can be deleted.""" url = reverse(f"{self.base_url_lookup}-detail", kwargs={"pk": self.pdustatus.pk}) response = self.client.delete(url) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) with self.assertRaises(PDUStatus.DoesNotExist): PDUStatus.objects.get(pk=self.pdustatus.pk)
class TestModels(TestCase): fixtures = ['project.json'] def __init__(self, *args, **kwargs): TestCase.__init__(self, *args, **kwargs) self.client = None self.project_id = 1 self.project_path = "zS2NSxM9A4I0" def setUp(self): # Making sure media root is empty if exists(settings.MEDIA_ROOT): rmtree(settings.MEDIA_ROOT) makedirs(join(settings.MEDIA_ROOT, self.project_path), exist_ok=True) self.client = APIClient() def testWithoutAuthorization(self): # Checking if the list starts empty request = self.client.get('/api/logical_models/%d/' % self.project_id) self.assertEqual(request.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(loads(request.content), {'detail': 'You do not have permission to perform this action.'}) model_name = 'Flobak2015_full_journal.pcbi.1004426.s003.ZGINML' # Checking if we can add a model request_add = self.client.post( '/api/logical_models/%d/' % self.project_id, { 'name': 'Flobak full', 'file': open(join(dirname(__file__), 'files', model_name), 'rb'), }, ) self.assertEqual(request_add.status_code, status.HTTP_403_FORBIDDEN) # Checking if we can remove it with a bad id request_del = self.client.delete('/api/logical_models/%d/%d' % (self.project_id, 0)) self.assertEqual(request_del.status_code, status.HTTP_403_FORBIDDEN) def testWithAuthorization(self): # Checking if the list starts empty request = self.client.post('/api/auth/login', { 'username': '******', 'password': '******' }) self.assertEqual(request.status_code, status.HTTP_200_OK) self.assertEqual(list(loads(request.content).keys()), ["key"]) # Adding credentials to the APIClient api_key = loads(request.content)["key"] self.client.credentials(HTTP_AUTHORIZATION='Token ' + api_key) # Checking if the list starts empty request = self.client.get('/api/logical_models/%d/' % self.project_id) self.assertEqual(request.status_code, status.HTTP_200_OK) self.assertEqual(loads(request.content), []) model_name = 'Flobak2015_full_journal.pcbi.1004426.s003.ZGINML' # Checking if we can add a model request_add = self.client.post( '/api/logical_models/%d/' % self.project_id, { 'name': 'Flobak full', 'file': open(join(dirname(__file__), 'files', model_name), 'rb'), }, ) self.assertEqual(request_add.status_code, status.HTTP_200_OK) request = self.client.get('/api/logical_models/%d/' % self.project_id) self.assertEqual(request.status_code, status.HTTP_200_OK) model_id = 1 json_content = loads(request.content) self.assertEqual(len(json_content), 1) self.assertEqual(json_content[0]['name'], "Flobak full") self.assertEqual(json_content[0]['project'], self.project_id) # Checking if we can remove it with a bad id request_del = self.client.delete('/api/logical_models/%d/%d' % (self.project_id, 0)) self.assertEqual(request_del.status_code, status.HTTP_404_NOT_FOUND) # Now with the good id request_del = self.client.delete('/api/logical_models/%d/%d' % (self.project_id, json_content[0]['id'])) self.assertEqual(request_del.status_code, status.HTTP_200_OK) # Checking if the list ends up empty request = self.client.get('/api/logical_models/%d/' % self.project_id) self.assertEqual(request.status_code, status.HTTP_200_OK) self.assertEqual(loads(request.content), [])
class TestAuth(TestCase): def setUp(self): self.client = APIClient() from django.contrib.auth import get_user_model User = get_user_model() self.our_user = User.objects.create_user(email='*****@*****.**', password='******', name='qwerty') self.another_user = mixer.blend(UserAccount, role='Customer') self.restaurant = mixer.blend(Restaurant, name='just get a house lulw', address='Moscow', main_contact=self.our_user) self.another_restaurant = mixer.blend(Restaurant, name='shosho', address='Minsk', main_contact=self.another_user) self.token_url = 'http://*****:*****@mail.ru', 'password': 1234} response = self.client.post(self.token_url, data=user_data) self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + response.data['access']) def test_restaurant_list_works(self): # create homework url = reverse('restaurant-list') # call the url response = self.client.get(url) # assertion assert response.json() is not None def test_restaurant_detail_works(self): url = reverse('restaurant-detail', kwargs={'pk': self.restaurant.pk}) response = self.client.get(url) # assertion assert response.json() is not None assert response.status_code == 200 assert response.json()['name'] == 'just get a house lulw' def test_food_creation_error(self): url = reverse('food-list') input_data_wrong = { 'name': 'kasha gre4nevaya', 'price': 54.54, 'description': 'very testy lol', 'restaurant': self.another_restaurant } response_wrong = self.client.post(url, data=input_data_wrong) assert response_wrong.status_code == 400 assert response_wrong.json( )['error'] == 'You specified wrong restaurant!' def test_restaurant_creation_error(self): url = reverse('restaurant-list') input_data_wrong = { 'name': 'kasha gre4nevaya', 'address': 'Svetlogorsk', 'main_contact': self.our_user.pk, } response_wrong = self.client.post(url, data=input_data_wrong) assert response_wrong.status_code == 400 assert response_wrong.json()['error'] == 'You already have restaurant!' input_data_wrong = { 'name': 'kasha gre4nevaya', 'address': 'Svetlogorsk', 'main_contact': self.another_user.pk, } response_wrong = self.client.post(url, data=input_data_wrong) assert response_wrong.status_code == 400 assert response_wrong.json()['error'] == 'You specified wrong contact!'
class BulkUploadTests(APITransactionTestCase): """ Bulk upload error classes are documented in the wiki: https://github.com/metpetdb/api_v2/wiki/Bulk-Upload Note that these tests rely on files uploaded to DropBox. An internet connection is required for most of them to pass. """ def setUp(self): #Create a user self.contributor1 = User.objects.create_user( email='*****@*****.**', password='******', is_active=True) self.owner = self.contributor1.id #Authenticate User self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.contributor1.auth_token.key) #Create required minerals minerals = [ 'Silica', 'Quartz', 'Mica', 'Kalsilite', 'Celsian', 'Leucite' ] Mineral.objects.bulk_create([Mineral(name=n) for n in minerals]) #Create required rock type rock_type = RockType.objects.create(name='Slate') #Create required elements elements = [{ 'name': 'Argon', 'atomic_number': 18, 'symbol': 'Ar' }, { 'name': 'Silver', 'atomic_number': 47, 'symbol': 'Ag' }] self.elements = Element.objects.bulk_create( [Element(**n) for n in elements]) #Create required Oxides Oxide.objects.create(species='FeO', conversion_factor=1.28659683051303, element_id=self.elements[0].id) #Create required Subsample sample = Sample.objects.create( rock_type=rock_type, location_coords='POINT(-95.3385 29.7245)', owner_id=self.owner) subsample_type = SubsampleType.objects.create(name='Rock Chip') Subsample.objects.create(id='dfab518c-7876-4d8d-ab62-22a4b2fb0cc4', owner=self.contributor1, sample=sample, subsample_type=subsample_type) def empty_errors(self, lst): """ Returns true iff lst contains fields with no errors """ return all(len(x['errors']) == 0 for x in lst if 'errors' in x.keys()) def is_error(self, lst, err): """ Returns true iff err is an error in at least one object in lst """ for l in lst: if l['errors'] and err in l['errors'].values(): return True return False def field_has_multiple_errors(self, lst): """ Returns true iff lst contains an object with more than one error """ for l in lst: if l['errors'] and len(l['errors']) > 1: return True return False def test_bulkupload_samples_no_errors(self): """ Errorless sample bulk upload """ data = { 'owner': self.owner, 'template': 'SampleTemplate', 'url': 'https://www.dropbox.com/s/2w7tav2bmdag72t/sample-redo-dates.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_201_CREATED) self.assertIsNotNone(res.data) self.assertTrue(self.empty_errors(res.data)) def test_bulkupload_chemical_analyses_no_errors(self): """ Errorless chemical analyses bulk upload """ data = { 'owner': self.owner, 'template': 'ChemicalAnalysesTemplate', 'url': 'https://www.dropbox.com/s/cyna912h69ylov8/chem-a-updated.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_201_CREATED) self.assertIsNotNone(res.data) self.assertTrue(self.empty_errors(res.data)) def test_invalid_bulkupload_template(self): """ Non-existent bulkupload_template """ data = { 'owner': self.owner, 'template': 'NoExistTemplate', 'url': 'https://www.dropbox.com/s/2w7tav2bmdag72t/sample-redo-dates.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(res.data['error'], 'invalid template') def test_sample_missing_required_field(self): """ Missing required field in sample """ data = { 'owner': self.owner, 'template': 'SampleTemplate', 'url': 'https://www.dropbox.com/s/qw8nv3lwgn2c95l/sample_miss_no.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertFalse(self.empty_errors(res.data)) self.assertTrue(self.is_error(res.data, 'missing')) def test_chemical_analysis_missing_required_field(self): """ Missing required field in chemical analysis """ data = { 'owner': self.owner, 'template': 'ChemicalAnalysesTemplate', 'url': 'https://www.dropbox.com/s/ylvw8gslwby5dbq/chem-a-miss-id.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertFalse(self.empty_errors(res.data)) self.assertTrue(self.is_error(res.data, 'missing')) def test_sample_invalid_required_type(self): """ Create a sample with an invalid required type """ data = { 'owner': self.owner, 'template': 'SampleTemplate', 'url': 'https://www.dropbox.com/s/mibznbi5d4o8616/sample-invalid-latitude.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertFalse(self.empty_errors(res.data)) self.assertTrue(self.is_error(res.data, 'float expected')) def test_chemical_analysis_invalid_required_type(self): """ Create a chemical analysis with an invalid required type """ data = { 'owner': self.owner, 'template': 'ChemicalAnalysesTemplate', 'url': 'https://www.dropbox.com/s/hgm1dfmi2aezx40/chem-a-type-err.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertFalse(self.empty_errors(res.data)) self.assertTrue(self.is_error(res.data, 'float expected')) def test_sample_multi_error(self): """ Submit a samples csv with multiple soft errors """ data = { 'owner': self.owner, 'template': 'SampleTemplate', 'url': 'https://www.dropbox.com/s/k3y6dily50tue16/sample-multiple-error.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertFalse(self.empty_errors(res.data)) self.assertTrue(self.field_has_multiple_errors(res.data)) def test_chemical_analysis_multi_error(self): """ Submit a chemical analysis csv with multiple soft errors """ data = { 'owner': self.owner, 'template': 'ChemicalAnalysesTemplate', 'url': 'https://www.dropbox.com/s/uubppw4tzjszfm7/chem-a-comb-err.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertFalse(self.empty_errors(res.data)) self.assertTrue(self.field_has_multiple_errors(res.data)) def test_db_error(self): """ Submit a csv with a reference to an invalid foreign key """ data = { 'owner': self.owner, 'template': 'ChemicalAnalysesTemplate', 'url': 'https://www.dropbox.com/s/zol737s9uxa0xtr/chem-a-invalid-subsample-id.csv?dl=0' } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST) self.assertFalse(self.empty_errors(res.data)) def test_sample_json_fix(self): data = { 'owner': self.owner, 'template': 'SampleTemplate', 'json': [{ "location_name": "The U S of A", "mineral": [{ "amount": 0, "name": "Silica" }, { "amount": 0, "name": "Quartz" }, { "amount": 0, "name": "Mica" }], "number": "1", "country": "USA", "comment": ["Comment on the sample"], "collection_date": "1999-03-27", "region": "Troy", "description": "Uber Sample", "alias": "2", "rock_type_name": "Slate", "collector_name": "Brandon D.", "location_error": "7", "latitude": "7.86210012", "longitude": "46.01432423", "errors": {}, "metamorpic_grade": "Chlorite Zone", "reference": "2000-038151" }, { "location_name": "Merica", "mineral": [{ "amount": 0, "name": "Silica" }, { "amount": 0, "name": "Quartz" }, { "amount": 0, "name": "Mica" }], "number": "7", "country": "USA", "comment": ["Comment on the sample2"], "collection_date": "1999-03-22", "region": "Boston", "description": "Cool Sample", "alias": "2213", "rock_type_name": "Slate", "collector_name": "Brandon P.", "location_error": "2", "latitude": "12.86210012", "longitude": "13.01432423", "errors": { "number": "missing" }, "metamorpic_grade": "Biotite Zone", "reference": "2000-038151" }, { "meta_header": [["number", "number"], ["alias", "alias"], ["region", "region"], ["country", "country"], [["latitude", "longitude"], "location_coords"], ["collector_name", "collector_name"], ["collection_date", "collection_date"], ["comment", "comment"], ["location_name", "location_name"], ["rock_type_name", "rock_type_name"], ["reference", "reference"], ["description", "description"], ["metamorpic_grade", "metamorpic_grade"], ["mineral", "minerals"]] }] } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_201_CREATED) def test_chemical_analysis_json_fix(self): data = { 'owner': self.owner, 'template': 'ChemicalAnalysesTemplate', 'json': [{ "analysis_date": "1990-03-12", "mineral": [{ "name": "Kalsilite", "amount": "4" }], "stage_y": 2.0, "analyst": "7", "analysis_method": "4", "reference_image": "8", "stage_x": 1.0, "where_done": "5", "subsample_id": "dfab518c-7876-4d8d-ab62-22a4b2fb0cc4", "reference_x": 9.0, " reference_y": "0", "total": "3", "element": [{ "name": "Argon", "amount": "2" }], "spot_id": "2", "errors": {}, "amount": "3", "oxide": [{ "name": "FeO", "amount": "3" }], "comment": ["1", "2", "3"] }, { "analysis_date": "1990-03-12", "mineral": [{ "name": "Celsian", "amount": "4" }], "stage_y": 2.0, "analyst": "7", "analysis_method": "4", "reference_image": "8", "stage_x": 1.0, "where_done": "5", "subsample_id": "dfab518c-7876-4d8d-ab62-22a4b2fb0cc4", "reference_x": 9.0, " reference_y": "0", "total": "3", "element": [{ "name": "Argon", "amount": "3" }], "spot_id": "2", "errors": {}, "amount": "6", "oxide": [{ "name": "FeO", "amount": "6" }], "comment": ["1", "2", "3"] }, { "analysis_date": "1990-03-12", "mineral": [{ "name": "Leucite", "amount": "4" }], "stage_y": 2.0, "analyst": "7", "analysis_method": "4", "reference_image": "8", "stage_x": 1.0, "where_done": "5", "subsample_id": "dfab518c-7876-4d8d-ab62-22a4b2fb0cc4", "reference_x": 9.0, " reference_y": "0", "total": "3", "element": [{ "name": "Silver", "amount": "5" }], "spot_id": "2", "errors": {}, "amount": "9", "oxide": [{ "name": "FeO", "amount": "9" }], "comment": ["6", "7", "8"] }, { "meta_header": [["subsample_id", "subsample_id"], ["spot_id", "spot_id"], ["mineral", "mineral"], ["analysis_method", "analysis_method"], ["where_done", "where_done"], ["analysis_date", "analysis_date"], ["analyst", "analyst"], ["reference_image", "reference_image"], ["reference_x", "reference_x"], [" reference_y", " reference_y"], ["stage_x", "stage_x"], ["stage_y", "stage_y"], ["total", "total"], ["element", "element"], ["amount", "amount"], ["oxide", "oxide"], ["amount", "amount"], ["comment", "comment"], ["comment", "comment"], ["comment", "comment"]] }] } res = self.client.post('/api/bulk_upload/', data) self.assertEqual(res.status_code, status.HTTP_201_CREATED)
def test_player_list_get_invalid_token(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION='JWT absolute_invalid_token') response = client.get(reverse('v1:player-list')) self.assertEqual(response.status_code, 401)
def test_user_cannot_get_admin_work(self): client = APIClient() client.credentials(HTTP_AUTHORIZATION=self.user_auth_token) response = client.get(reverse('work-detail', kwargs={'pk': self.superadmin['work']['id']})) self.assertEqual(response.status_code, 404)
class BwsRiskFactors(TestCase): ''' Test the risk factors webservice ''' TEST_BASE_DIR = os.path.dirname(os.path.dirname(__file__)) TEST_DATA_DIR = os.path.join(TEST_BASE_DIR, 'tests', 'data') @classmethod def setUpClass(cls): ''' Create a user, token and url. ''' super(BwsRiskFactors, cls).setUpClass() cls.user = User.objects.create_user('testuser', email='*****@*****.**', password='******') # add user details UserDetails.objects.create(user=cls.user, job_title=UserDetails.CGEN, country='UK') cls.user.save() cls.token = Token.objects.create(user=cls.user) cls.token.save() cls.url = reverse('bws') def setUp(self): ''' Set up test client and pedigree data. ''' self.client = APIClient(enforce_csrf_checks=True) self.pedigree_data = open( os.path.join(BwsRiskFactors.TEST_DATA_DIR, "pedigree_data.txt"), "r") def test_bws_risk_factor(self): ''' Test affect of including the risk factors. ''' data = { 'mut_freq': 'UK', 'cancer_rates': 'UK', 'pedigree_data': self.pedigree_data, 'user_id': 'test_XXX', 'risk_factor_code': 7 } self.client.credentials(HTTP_AUTHORIZATION='Token ' + BwsRiskFactors.token.key) # no permissions to use the risk factors and so ignored response = self.client.post(BwsRiskFactors.url, data, format='multipart', HTTP_ACCEPT="application/json") self.assertEqual(response.status_code, status.HTTP_200_OK) cancer_risks1 = json.loads(force_text( response.content))['pedigree_result'][0]['cancer_risks'] # add permissions to enable use of the risk factors data['pedigree_data'] = open( os.path.join(BwsRiskFactors.TEST_DATA_DIR, "pedigree_data.txt"), "r") BwsRiskFactors.user.user_permissions.add( Permission.objects.get(name='Can risk')) response = self.client.post(BwsRiskFactors.url, data, format='multipart', HTTP_ACCEPT="application/json") self.assertEqual(response.status_code, status.HTTP_200_OK) cancer_risks2 = json.loads(force_text( response.content))['pedigree_result'][0]['cancer_risks'] self.assertLess(cancer_risks2[0]['breast cancer risk']['decimal'], cancer_risks1[0]['breast cancer risk']['decimal']) def test_risk_factors_inconsistent(self): ''' Test inconsistent risk factors, e.g. age of first birth specified with parity unobserved. ''' data = { 'mut_freq': 'UK', 'cancer_rates': 'UK', 'pedigree_data': self.pedigree_data, 'user_id': 'test_XXX', 'risk_factor_code': BCRiskFactors.encode([0, 0, 1, 0, 0, 0, 0, 0, 0, 0]) } self.client.credentials(HTTP_AUTHORIZATION='Token ' + BwsRiskFactors.token.key) BwsRiskFactors.user.user_permissions.add( Permission.objects.get(name='Can risk')) response = self.client.post(BwsRiskFactors.url, data, format='multipart', HTTP_ACCEPT="application/json") self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) content = json.loads(force_text(response.content)) self.assertTrue('Model Error' in content)
class PDUStatusCreateTestCase(TestCase): """Test the PDUStatus API.""" def setUp(self): """Create a superuser and token for API calls.""" self.user = User.objects.create(username="******", is_superuser=True) self.token = Token.objects.create(user=self.user) self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION=f"Token {self.token.key}") self.base_url_lookup = "plugins-api:axians_netbox_pdu-api:pdustatus" self.site = Site.objects.create(name="Site", slug="site") self.role = DeviceRole.objects.create(name="Role", slug="role") self.manufacturer = Manufacturer.objects.create(name="Manufacturer", slug="manufacturer") self.device_type = DeviceType.objects.create( slug="device_type", model="device_type", manufacturer=self.manufacturer ) self.outlets = PowerOutletTemplate.objects.create(device_type=self.device_type, name="1") self.pduconfig = PDUConfig.objects.create( device_type=self.device_type, power_usage_oid="1.1.1.1", power_usage_unit="watts" ) self.device = Device.objects.create( name="Device One", device_role=self.role, device_type=self.device_type, site=self.site, ) def test_create_pdustatus(self): """Verify that an PDUStatus can be created.""" url = reverse(f"{self.base_url_lookup}-list") power_usage = 1234 data = {"device": self.device.pk, "power_usage": power_usage} response = self.client.post(url, data, format="json") self.assertEqual(response.status_code, status.HTTP_201_CREATED) for key, value in data.items(): self.assertEqual(response.data[key], value) self.assertEqual(response.data["device"], self.device.pk) self.assertEqual(response.data["power_usage"], power_usage) pdu_status = PDUStatus.objects.get(pk=response.data["id"]) self.assertEqual(pdu_status.device.pk, data["device"]) self.assertEqual(pdu_status.power_usage, data["power_usage"]) def test_create_pdustatus_without_power_outlets(self): """Verify that an PDUStatus can be created.""" self.device.poweroutlets.all().delete() url = reverse(f"{self.base_url_lookup}-list") power_usage = 1234 data = {"device": self.device.pk, "power_usage": power_usage} response = self.client.post(url, data, format="json") self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_create_pdustatus_without_device(self): """Verify that an PDUStatus can be created.""" self.device.delete() url = reverse(f"{self.base_url_lookup}-list") power_usage = 1234 data = {"device": 1, "power_usage": power_usage} response = self.client.post(url, data, format="json") self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
class CommentsAndFriendsApiTest(APITestCase): def setUp(self): #create an user self.user = User.objects.create_user(username = '******', password = '******') self.user.set_password('testUser345') self.user.is_superuser = True self.user.is_staff = True self.user.save() self.author = Author.objects.create(user = self.user, github = 'testUser1.github') self.uid1 = self.author.id self.user2 = User.objects.create_user(username = '******', password = '******') self.user2.set_password('testUser000') self.user2.is_superuser = True self.user2.is_staff = True self.user2.save() self.author2 = Author.objects.create(user = self.user2, github = 'testUser2.github') self.uid2 = self.author2.id #create a post self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION = 'Basic '+ base64.b64encode('testUser1:testUser345')) response = self.client.post('/posts/create' ,{ "title": "first post", "description": "this is my first post", "content_type": "text/markdown", "content": "this is my first post for test" }) response = self.client.get('/posts', {}, format='json') request_msg = response.data['posts'] self.post_id = request_msg[0]['id'] # print self.post_id def test_create_comment(self): self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION = 'Basic '+ base64.b64encode('testUser1:testUser345')) response = self.client.post('/posts/%s/comments/create' % self.post_id, { "comment": "here is my first comment", "content_type": "text/markdown" }) self.assertEqual(response.status_code, 201) #get the id of comment self.comment_id = response.data['id'] # test to get comments response = self.client.get('/posts/%s' % self.post_id, {}, format = 'json') self.assertEqual(response.status_code, 200) comments = response.data['comments'] self.assertTrue(comments[0]['id'] != None) #test to get a comment response = self.client.get('/comments/%s' % self.comment_id, {}, format = 'json') self.assertEqual(response.status_code, 200) #test delete the comment response = self.client.delete('/comments/%s/destroy' % self.comment_id) self.assertEqual(response.status_code, 204) def test_send_friend_request(self): self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION = 'Basic '+ base64.b64encode('testUser1:testUser345')) #test to send a friend request response = self.client.post('/author/friend_request/%s' % self.uid2, {}, format = 'json') self.assertEqual(response.status_code, 202) # print self.uid2 self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION = 'Basic '+ base64.b64encode('testUser2:testUser000')) #test get friend request list response = self.client.get('/author/friends/friend_requests', {}, format = 'json') self.assertEqual(response.status_code, 200) #test accept friend request response = self.client.post('/author/friend_request/accept/%s' % self.uid1, {}, format = 'json') self.assertEqual(response.status_code, 202) #test get friend list for user2, since user1 and user2 are friends now response = self.client.get('/author/%s/network' % self.uid2, {}, format = 'json') self.assertEqual(response.status_code, 200) #test get all friend's post response = self.client.get('/author/%s/posts' % self.uid1, {}, format = 'json') self.assertEqual(response.status_code, 200) #test unfriend a friend response = self.client.delete('/author/friends/unfriend/%s' % self.uid1, {}, format = 'json') self.assertEqual(response.status_code, 202) #test get the friend list for user 2 again, response = self.client.get('/author/%s/network' % self.uid2, {}, format = 'json') self.assertEqual(response.status_code, 200) request = response.data['authors'] self.assertTrue(request == []) def test_reject_friend_requests(self): self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION = 'Basic '+ base64.b64encode('testUser1:testUser345')) #test to send a friend request response = self.client.post('/author/friend_request/%s' % self.uid2, {}, format = 'json') self.assertEqual(response.status_code, 202) #test reject friend request response = self.client.delete('/author/friend_request/reject/%s' % self.uid1, {}, format = 'json') self.assertEqual(response.status_code, 202)
class PostTestCase(TestCase): """ Testing that you must be authorized to post and that you must have the correct object-level permissions to update and delete a post. """ def setUp(self): # Create and log into a user self.user = User.objects.create_user(username='******', password='******', email='*****@*****.**') self.client = APIClient() response = self.client.post('/auth/', { 'username': '******', 'password': '******' }) self.token = json.loads(response.content)['token'] def test_authorized_listing(self): Post.objects.create(message='Hello!', author=self.user) self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token) response = self.client.get('/posts/') posts = json.loads(response.content) self.assertEqual(len(posts), 1) def test_unauthorized_listing(self): Post.objects.create(message='Hello!', author=self.user) response = self.client.get('/posts/') posts = json.loads(response.content) self.assertEqual(len(posts), 1) def test_authorized_posting(self): self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token) post = 'Making a post on the wall!' self.client.post('/posts/', {'message': post}) # The post should now exist self.assertTrue(Post.objects.filter(message=post).exists()) def test_unauthorized_posting(self): post = 'Making a post on the wall!' self.client.post('/posts/', {'message': post}) # The post should not exist self.assertFalse(Post.objects.filter(message=post).exists()) def test_authorized_update(self): # Create a post with the original user post = 'Making a post on the wall!' instance = Post.objects.create(message=post, author=self.user) # Try to update the post when authorized self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token) new_post = 'Updating a post on the wall!' self.client.patch('/posts/%i/' % instance.id, {'message': new_post}) # The content of the post should have changed to the new post self.assertTrue(Post.objects.filter(message=new_post).exists()) def test_unauthorized_update(self): # Create a post with the original user post = 'Making a post on the wall!' instance = Post.objects.create(message=post, author=self.user) # Create and log into a second user new_user = User.objects.create_user(username='******', password='******', email='*****@*****.**') response = self.client.post('/auth/', { 'username': '******', 'password': '******' }) new_token = json.loads(response.content)['token'] # Now, try to make an update with the new user's credentials new_post = 'Updating a post on the wall!' self.client.credentials(HTTP_AUTHORIZATION='Token ' + new_token) self.client.patch('/posts/%i/' % instance.id, {'message': new_post}) # The original post should still be up self.assertTrue(Post.objects.filter(message=post).exists()) # Now, totally deauthorize and try to do an update self.client.credentials(HTTP_AUTHORIZATION='') self.client.patch('/posts/%i/' % instance.id, {'message': new_post}) # The original post should still be up self.assertTrue(Post.objects.filter(message=post).exists()) def test_authorized_full_update(self): # Create a post with the original user post = 'Making a post on the wall!' instance = Post.objects.create(message=post, author=self.user) # Set-up the object we'll replace our post with post_data = PostSerializer(instance).data new_message = 'Updating a post on the wall!' post_data['message'] = new_message post_data['author'] = post_data['author']['username'] # Login and try to do a full update self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token) self.client.put('/posts/%i/' % instance.id, post_data) # The content of the post should have changed to the new post self.assertTrue(Post.objects.filter(message=new_message).exists()) def test_unauthorized_full_update(self): # Create a post with the original user post = 'Making a post on the wall!' instance = Post.objects.create(message=post, author=self.user) # Set-up the object we'll replace our post with post_data = PostSerializer(instance).data new_message = 'Updating a post on the wall!' post_data['message'] = new_message post_data['author'] = post_data['author']['username'] # Create and log into a second user new_user = User.objects.create_user(username='******', password='******', email='*****@*****.**') response = self.client.post('/auth/', { 'username': '******', 'password': '******' }) new_token = json.loads(response.content)['token'] # Now, try to make an update with the new user's credentials self.client.credentials(HTTP_AUTHORIZATION='Token ' + new_token) self.client.put('/posts/%i/' % instance.id, post_data) # The original post should still be up self.assertTrue(Post.objects.filter(message=post).exists()) # Now, totally deauthorize and try to do an update self.client.credentials(HTTP_AUTHORIZATION='') self.client.put('/posts/%i/' % instance.id, post_data) # The original post should still be up self.assertTrue(Post.objects.filter(message=post).exists()) def test_authorized_deletion(self): self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token) post = 'Making a post on the wall!' response = self.client.post('/posts/', {'message': post}) # Get the ID from the instance instance = Post.objects.get(message=post) self.client.delete('/posts/%i/' % instance.id) # The post should no longer exist self.assertFalse(Post.objects.filter(message=post).exists()) def test_unauthorized_deletion(self): # Create a post with the original user instance = Post.objects.create(message='Hello!', author=self.user) # Create and log into a second user new_user = User.objects.create_user(username='******', password='******', email='*****@*****.**') response = self.client.post('/auth/', { 'username': '******', 'password': '******' }) new_token = json.loads(response.content)['token'] # Now, try to delete with the new user's credentials self.client.credentials(HTTP_AUTHORIZATION='Token ' + new_token) self.client.delete('/posts/%i/' % instance.id) # The post should still exist self.assertTrue(Post.objects.filter(id=instance.id).exists()) # Now, totally deauthorize and try to delete self.client.credentials(HTTP_AUTHORIZATION='') self.client.delete('/posts/%i/' % instance.id) # The post should still exist self.assertTrue(Post.objects.filter(id=instance.id).exists())
class DeleteScheduleTestCase(APITestCase): def setUp(self): # make_everything() self.master_object = make_master('VASYA', 10) self.user = self.master_object.user token, _ = Token.objects.get_or_create(master=self.master_object) self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION=f'Token {token.key}') def test_delete_time_slots(self): schedule = Schedule.objects.create(master=self.master_object, date='2017-11-20') TimeSlot.objects.create(time=Time.objects.create(hour=10, minute=30), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=00), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=30), taken=False, schedule=schedule), resp = self.client.patch(reverse(CreateDeleteScheduleView.view_name, args=[self.master_object.id]), data={ 'date': '2017-11-20', 'time_slots': '10:30,11:00' }, format='json') self.assertEqual(resp.status_code, status.HTTP_204_NO_CONTENT) master = Master.objects.get(first_name='VASYA') schedules = master.schedule.all() self.assertEqual(len(schedules), 1) schedule = schedules[0] self.assertEqual(schedule.date, datetime.strptime('2017-11-20', '%Y-%m-%d').date()) self.assertIsNone(schedule.get_slot('10:30')) self.assertIsNone(schedule.get_slot('11:00')) def test_delete_time_slots_and_schedule(self): schedule = Schedule.objects.create(master=self.master_object, date='2017-11-20') TimeSlot.objects.create(time=Time.objects.create(hour=10, minute=30), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=00), taken=False, schedule=schedule), resp = self.client.patch(reverse(CreateDeleteScheduleView.view_name, args=[self.master_object.id]), data={ 'date': '2017-11-20', 'time_slots': '10:30,11:00' }, format='json') self.assertEqual(resp.status_code, status.HTTP_204_NO_CONTENT) master = Master.objects.get(first_name='VASYA') schedules = master.schedule.all() # both timeslots are deleted -> the schedule is deleted self.assertEqual(len(schedules), 0) def test_delete_time_slots_range(self): schedule = Schedule.objects.create(master=self.master_object, date='2017-11-20') TimeSlot.objects.create(time=Time.objects.create(hour=10, minute=30), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=00), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=30), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=12, minute=0), taken=False, schedule=schedule), resp = self.client.patch(reverse(CreateDeleteScheduleView.view_name, args=[self.master_object.id]), data={ 'date': '2017-11-20', 'time_slots': '10:30-11:30' }, format='json') self.assertEqual(resp.status_code, status.HTTP_204_NO_CONTENT) master = Master.objects.get(first_name='VASYA') schedules = master.schedule.all() self.assertEqual(len(schedules), 1) schedule = schedules[0] self.assertEqual(schedule.date, datetime.strptime('2017-11-20', '%Y-%m-%d').date()) self.assertIsNone(schedule.get_slot('10:30')) self.assertIsNone(schedule.get_slot('11:00')) self.assertIsNone(schedule.get_slot('11:30')) def test_delete_time_slots_wrong_date(self): schedule = Schedule.objects.create(master=self.master_object, date='2017-11-20') TimeSlot.objects.create(time=Time.objects.create(hour=10, minute=30), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=00), taken=False, schedule=schedule), resp = self.client.patch(reverse(CreateDeleteScheduleView.view_name, args=[self.master_object.id]), data={ 'date': '2017-11-21', 'time_slots': '10:30,11:00' }, format='json') self.assertEqual(resp.status_code, status.HTTP_404_NOT_FOUND) def test_delete_time_slots_taken(self): schedule = Schedule.objects.create(master=self.master_object, date='2017-11-20') TimeSlot.objects.create(time=Time.objects.create(hour=10, minute=30), taken=True, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=00), taken=False, schedule=schedule), TimeSlot.objects.create(time=Time.objects.create(hour=11, minute=30), taken=False, schedule=schedule), resp = self.client.patch(reverse(CreateDeleteScheduleView.view_name, args=[self.master_object.id]), data={ 'date': '2017-11-20', 'time_slots': '10:30-11:30' }, format='json') self.assertEqual(resp.status_code, status.HTTP_500_INTERNAL_SERVER_ERROR)
class PostApiTest(APITestCase): def setUp(self): self.user = User.objects.create_user(username = '******', password = '******') self.user.set_password('testUser345') self.user.is_superuser = True self.user.is_staff = True self.user.save() self.author = Author.objects.create(user = self.user, github = 'testUser1.github') #print self.user.password self.uid = self.author.id def test_get_user_info(self): self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION = 'Basic '+ base64.b64encode('testUser1:testUser345')) response = self.client.get('/author/%s' % self.uid, {}, format = 'json') self.assertEqual(response.status_code, 200) #test get all Users response = self.client.get('/author/', {}, format = 'json') self.assertEqual(response.status_code, 200) def test_post(self): self.client = APIClient() self.client.credentials(HTTP_AUTHORIZATION = 'Basic '+ base64.b64encode('testUser1:testUser345')) response = self.client.post('/posts/create' ,{ "title": "first post", "description": "this is my first post", "content_type": "text/markdown", "content": "this is my first post for test" }) self.assertEqual(response.status_code, 201) #test get posts response = self.client.get('/posts', {}, format='json') self.assertEqual(response.status_code, 200) request_msg = response.data['posts'] self.post_id = request_msg[0]['id'] # print self.post_id #test get a single post with post_id response = self.client.get('/posts/%s' % self.post_id, {}, format ='json') self.assertEqual(response.status_code, 200) #test all the posts of a single user that are public response = self.client.get('/author/%s/posts' % self.uid, {}, format = 'json') self.assertEqual(response.status_code, 200) #test update a post response = self.client.put('/posts/%s/update' % self.post_id, { "title": "update post", "description": "this is an updated msg", "content_type": "text/markdown", "content": "this is the msg for update posts" }) self.assertEqual(response.status_code, 200) #delete posts response = self.client.delete('/posts/%s/destroy' % self.post_id, {}, format='json') self.assertEqual(response.status_code, 204)
class APITest(APITestCase): def setUp(self): """ Configura o ambiente de teste """ # usuario api self.usuario_api = get_user_model().objects.create_user( username="******", password="******") token = Token.objects.create(user=self.usuario_api) self.cliente_api = APIClient() self.cliente_api.credentials(HTTP_AUTHORIZATION="Token " + token.key) # usuario teste self.usuario_teste = get_user_model().objects.create_user( username="******", password="******") token_teste = Token.objects.create(user=self.usuario_teste) self.cliente_teste = APIClient() self.cliente_teste.credentials(HTTP_AUTHORIZATION="Token " + token_teste.key) # Cadastro de especialidades self.pediatra = Especialidade.objects.create(nome="Pediatra") self.ortopedista = Especialidade.objects.create(nome="Orpedista") self.otorrino = Especialidade.objects.create(nome="Otorrino") # Cadastro dos médicos self.medica_juliette = Medico.objects.create( nome="Juliette", crm=5214, especialidade=self.pediatra) self.medica_vihtube = Medico.objects.create( nome="Vihtube", crm=5472, especialidade=self.otorrino) self.medico_joao = Medico.objects.create( nome="Joao", crm=1334, especialidade=self.ortopedista) self.medica_camilla = Medico.objects.create( nome="Camilla", crm=1587, especialidade=self.pediatra) # Cadastrar alguns horários agora = dt.now() futuro_1 = agora + timedelta(minutes=5) hora_futuro1 = Horario.objects.create(horario=futuro_1.time()) futuro_2 = futuro_1 + timedelta(minutes=5) self.hora_futuro2 = Horario.objects.create(horario=futuro_2.time()) hora_generica = Horario.objects.create(horario="14:00") hora_generica_2 = Horario.objects.create(horario="15:00") passado = agora - timedelta(minutes=5) hora_passado = Horario.objects.create(horario=passado.time()) # Cadastra agendas # Agenda para hoje da Juliette self.hoje = dt.today() self.agenda_hoje = Agenda(medico=self.medica_juliette, dia=self.hoje) self.agenda_hoje.save() # Adiciona horarios validos à agenda self.agenda_hoje.horarios.add(hora_futuro1, self.hora_futuro2) # Adiciona horarios invalidos (Dia de hoje, mas que já passou) self.agenda_hoje.horarios.add(hora_passado) # Agenda para amanhã self.amanha = self.hoje + timedelta(days=1) self.agenda_amanha = Agenda(medico=self.medica_vihtube, dia=self.amanha) self.agenda_amanha.save() # Adiciona horários e todos são válido, pois a agenda é para amanhã self.agenda_amanha.horarios.add(hora_futuro1, self.hora_futuro2, hora_passado, hora_generica, hora_generica_2) # Agenda passada self.agenda_ontem = Agenda(medico=self.medico_joao, dia=self.hoje - timedelta(days=1)) self.agenda_ontem.save() self.agenda_ontem.horarios.add(hora_futuro1, self.hora_futuro2, hora_passado, hora_generica) url_consultas = reverse("consultas_post") # Cadastra algumas consultas para hoje e amanhã res = self.cliente_api.post(url_consultas, { "agenda_id": self.agenda_hoje.pk, "horario": futuro_1.time() }) self.assertEqual(res.status_code, status.HTTP_201_CREATED) self.pk_consulta = res.data["id"] self.consulta_passada = Consulta.objects.create( horario="14:00", usuario=self.usuario_api, agenda=self.agenda_ontem, ) self.cliente_api.post(url_consultas, { "agenda_id": self.agenda_amanha.pk, "horario": passado.time() }) self.cliente_api.post(url_consultas, { "agenda_id": self.agenda_amanha.pk, "horario": futuro_1.time() }) self.cliente_api.post(url_consultas, { "agenda_id": self.agenda_amanha.pk, "horario": futuro_2.time() }) def teste_get_especialidades(self): """ Testa o GET request no endpoint especialidades que deve retornar todas as especialidades cadastradas no banco """ url = reverse("get_especialidades") resposta = self.cliente_api.get(url, format="json") self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 3) def teste_busca_especialidades(self): """ Testa a pesquisa em especialidades (?search=) """ url = reverse("get_especialidades") + "?search=ped" resposta = self.cliente_api.get(url, format="json") self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 1) url = reverse("get_especialidades") + "?search=o" resposta = self.cliente_api.get(url, format="json") self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 2) def teste_get_medicos(self): """ Testa o GET request no endpoint medicos que deve retornar todos os médicos cadastrados no banco """ url = reverse("get_medicos") resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 4) def teste_busca_medicos(self): """ Testa a busca (?search) pelo nome do médico """ url = reverse("get_medicos") + "?search=ju" resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(resposta.data[0]["nome"], "Juliette") url = reverse("get_medicos") + "?search=j" resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 2) def teste_filtro_medicos(self): """ Testa o filtro de especialidade """ url = f'{reverse("get_medicos")}?especialidade={self.ortopedista.pk}' resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(resposta.data[0]["nome"], "Joao") url = (f'{reverse("get_medicos")}?especialidade={self.ortopedista.pk}' f"&especialidade={self.pediatra.pk}") resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 3) def teste_filtro_busca_medicos(self): """ Testa a busca e o filtro juntos """ url = reverse("get_medicos") + "?search=j" resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 2) # certifica que filtrou a juliete url = f'{reverse("get_medicos")}?search=j&especialidade={self.ortopedista.pk}' resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 1) def teste_get_agenda_disponiveis(self): """ Testa se lista somente as agendas disponiveis e não mostra as agendas para datas passadas """ url = reverse("get_agendas") resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 2) def teste_agenda_horario_excluido(self): """ Testa se o horário é removido da listagem da agenda disponivel quando se marcar uma consulta para ele """ url = reverse("get_agendas") resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data[1]["horarios"]), 2) url = reverse("consultas_post") resposta = self.cliente_api.post(url, { "agenda_id": self.agenda_amanha.pk, "horario": "14:00" }) self.assertEqual(resposta.status_code, status.HTTP_201_CREATED) # Depois da inserção deve ter só 1 horario disponivel agora url = reverse("get_agendas") resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data[1]["horarios"]), 1) def teste_filtro_medico_agenda(self): """ Testa o filtro de medico aplicado no endpoint agenda """ url = f'{reverse("get_agendas")}?medico={self.medico_joao.pk}' resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 0) url = f'{reverse("get_agendas")}?medico={self.medica_juliette.pk}' resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 1) def teste_filtro_especialidade_agenda(self): """ Testa o filtro de especialidade aplicado no endpoint agenda """ url = f'{reverse("get_agendas")}?especialidade={self.pediatra.pk}' resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 1) def teste_filtro_data_agenda(self): """ Testa o filtro de especialidade aplicado no endpoint agenda """ url = ( f'{reverse("get_agendas")}?data_inicio={self.hoje.date()}&data_final={self.hoje.date()}' ) resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 1) def teste_todos_filtros_agenda(self): """ Testa a combinação dos filtros do endpoint agenda """ url = ( f'{reverse("get_agendas")}?medico={self.medica_juliette.pk}' f"&especialidade={self.pediatra.pk}&data_inicio={self.hoje.date()}" f"&data_final={self.hoje.date()}") resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 1) def teste_horario_excluido_agenda(self): """ Teste se os horarios passados sao removidos da listagem da agenda e se o horario marcado esta sendo removido da listagem """ url = ( f'{reverse("get_agendas")}?data_inicio={self.hoje.date()}&data_final={self.hoje.date()}' ) resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data[0]["horarios"]), 1) def teste_agenda_excluida_quando_cheia(self): """ Teste se a agenda desaparece da listagem quando tem todos os seus horarios preenchidos, pois não há mais horários disponíveis """ url = ( f'{reverse("get_agendas")}?data_inicio={self.hoje.date()}&data_final={self.hoje.date()}' ) resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data[0]["horarios"]), 1) # Agenda consulta no último horario disponivel nessa agenda url = reverse("consultas_post") resposta = self.cliente_api.post(url, { "agenda_id": self.agenda_hoje.pk, "horario": self.hora_futuro2.horario }) self.assertEqual(resposta.status_code, status.HTTP_201_CREATED) # Deve retornar um array vazio url = ( f'{reverse("get_agendas")}?data_inicio={self.hoje.date()}&data_final={self.hoje.date()}' ) resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 0) def teste_get_consultas(self): """ Testa se lista somente as consultas que não passaram o dia e o horario """ url = reverse("consultas_post") resposta = self.cliente_api.get(url) self.assertEqual(resposta.status_code, status.HTTP_200_OK) self.assertEqual(len(resposta.data), 4) def teste_marcar_consulta(self): """ Teste o caso onde a insercao da certo """ url = reverse("consultas_post") resposta = self.cliente_api.post(url, { "agenda_id": self.agenda_amanha.pk, "horario": "14:00" }) self.assertEqual(resposta.status_code, status.HTTP_201_CREATED) def teste_marcar_consulta_dia_passado(self): """ Testa a inserção em um dia passado """ url = reverse("consultas_post") resposta = self.cliente_api.post(url, { "agenda_id": self.agenda_ontem.pk, "horario": "14:00" }) self.assertEqual(resposta.status_code, status.HTTP_400_BAD_REQUEST) def teste_marcar_consulta_mesmo_horario(self): """ Testa a inserção em um dia e horário que o usuário já tem outra consulta marcada no mesmo dia e horario """ url = reverse("consultas_post") resposta = self.cliente_api.post(url, { "agenda_id": self.agenda_amanha.pk, "horario": "14:00" }) self.assertEqual(resposta.status_code, status.HTTP_201_CREATED) # marcando consulta para o mesmo dia e horarios para esse usuario url = reverse("consultas_post") resposta = self.cliente_api.post(url, { "agenda_id": self.agenda_amanha.pk, "horario": "14:00" }) self.assertEqual(resposta.status_code, status.HTTP_400_BAD_REQUEST) def teste_marcar_consulta_horario_ocupado(self): """ Testa a inserção em um dia e horário que já está ocupado por outro usuario """ url = reverse("consultas_post") resposta = self.cliente_api.post(url, { "agenda_id": self.agenda_amanha.pk, "horario": "14:00" }) self.assertEqual(resposta.status_code, status.HTTP_201_CREATED) # usuario teste tenta marcar a consulta no mesmo dia e horario # do usuário api url = reverse("consultas_post") resposta = self.cliente_teste.post(url, { "agenda_id": self.agenda_amanha.pk, "horario": "14:00" }) self.assertEqual(resposta.status_code, status.HTTP_400_BAD_REQUEST) def teste_desmarcar_consulta(self): """ Testa o caso de sucesso da desmarcação de consulta """ url = f'{reverse("consultas_post")}{self.pk_consulta}/' resposta = self.cliente_api.delete(url) self.assertEqual(resposta.status_code, status.HTTP_204_NO_CONTENT) def teste_desmacar_consulta_inexistente(self): """ Testa caso onde tenta desmarcar uma consulta que não existe """ url = f'{reverse("consultas_post")}546846/' resposta = self.cliente_api.delete(url) self.assertEqual(resposta.status_code, status.HTTP_404_NOT_FOUND) def teste_desmacar_consulta_do_outro(self): """ Testa caso onde um usuario manda um delete para uma consulta que existe, mas não pertence a ele """ url = f'{reverse("consultas_post")}{self.pk_consulta}/' resposta = self.cliente_teste.delete(url) self.assertEqual(resposta.status_code, status.HTTP_404_NOT_FOUND) def teste_desmarcar_consulta_passada(self): """ Testa caso onde o usuario tenta desmarcar uma consulta que ja aconteceu """ url = f'{reverse("consultas_post")}{self.consulta_passada.pk}/' resposta = self.cliente_teste.delete(url) self.assertEqual(resposta.status_code, status.HTTP_404_NOT_FOUND)
class OwnerUserAccountTest(APITestCase): r""" This class of tests is used for testing of following endpoints: - Access to account's main page - Partial Update of the account - Create/Update/Delete of the user's own userpic - Create/Update/Delete of the user's own documents - Create/Update/Delete of the user's own billing addresses - Create/Update/Delete the user's own of phones - Changing of user's own password - !!Deprecated: Changing of user's own username - Tests of permissions - Tests of access to another user's info - Access to sub-resources like properties, etc. """ def setUp(self) -> None: self.client = APIClient() self.false_token = "adamantly" self.token_verify_url = reverse('jwtauth:token_verify') self.token_obtain_ulr = reverse('jwtauth:token_obtain_pair') self.registration_url = reverse('jwtauth:register') self.login_url = reverse('jwtauth:token_obtain_pair') self.logout_url = reverse('jwtauth:logout') self.logout_all_url = reverse('jwtauth:logout_all') self.properties_create_list_url = reverse('properties:properties-list') self.user_main_page_url = reverse('userAccount:user-details') self.userpic_url = reverse('userAccount:userpic') # this section of JSON bodies for the requests self.registration_json_correct = \ { "first_name": "test_case_fn", "last_name": "test_case_ln", "email": "*****@*****.**", "password": "******", "password2": "test_pass_test_pass" } # this section of JSON bodies for the responses assertion # be advised: first account always creates with id of 1 self.main_page_payload_JSON = \ { "id": 1, "email": "*****@*****.**", "userpic": "", "first_name": "test_case_fn", "last_name": "test_case_ln", "middle_name": "", "bio": "", "timezone": "Europe/Moscow", "is_confirmed": False, "is_staff": False, 'two_factor_auth': False, "dob": "1970-01-01", "gender": "", "properties_url": "http://testserver/api/v1/user/properties/", "documents_url": "http://testserver/api/v1/user/documents/", "billing_addresses_url": "http://testserver/api/v1/user/billing_addresses/", "phones_url": "http://testserver/api/v1/user/phones/" } self.list_of_possible_genders = ['M', 'F', 'D'] self.list_of_possible_dobs = [ '2000-01-01', '2002-01-01', '01-01-2000', ] self.response_post = self.client.post( path=self.registration_url, data=self.registration_json_correct, format='json') self.client_auth = APIClient() self.client_not_auth = APIClient() self.client_auth.credentials( HTTP_AUTHORIZATION=f'Bearer {self.response_post.data["access"]}') def test_main_page_access(self): resp_auth = self.client_auth.get(self.user_main_page_url, format='json') # due to the fact that we can't really test the dates for updating and # creating the object, we must pop them from data and then compare resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual(resp_auth.data, self.main_page_payload_JSON) self.assertEqual(resp_auth.status_code, status.HTTP_200_OK) resp_not_auth = self.client_not_auth.get(self.user_main_page_url, format='json') self.assertEqual(resp_not_auth.status_code, status.HTTP_401_UNAUTHORIZED) def test_partial_update(self): list_of_first_names = generate_random_list_of_strings(10, 7) list_of_last_names = generate_random_list_of_strings(10, 10) list_of_patronymics = generate_random_list_of_strings(10, 10) list_of_random_bios = generate_random_list_of_strings(10, 50) for i in range(len(list_of_first_names)): data = {"first_name": list_of_first_names[i]} resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual(resp_auth.data["first_name"], list_of_first_names[i]) self.assertEqual(resp_auth.status_code, status.HTTP_200_OK) for i in range(len(list_of_last_names)): data = {"last_name": list_of_last_names[i]} resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual(resp_auth.data["last_name"], list_of_last_names[i]) self.assertEqual(resp_auth.status_code, status.HTTP_200_OK) for i in range(len(list_of_patronymics)): data = {"middle_name": list_of_patronymics[i]} resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual(resp_auth.data["middle_name"], list_of_patronymics[i]) self.assertEqual(resp_auth.status_code, status.HTTP_200_OK) for i in range(len(list_of_random_bios)): data = {"bio": list_of_random_bios[i]} resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual(resp_auth.data["bio"], list_of_random_bios[i]) self.assertEqual(resp_auth.status_code, status.HTTP_200_OK) for i in range(len(self.list_of_possible_genders) - 1): data = {"gender": self.list_of_possible_genders[i]} resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual(resp_auth.data["gender"], self.list_of_possible_genders[i]) self.assertEqual(resp_auth.status_code, status.HTTP_200_OK) for i in range(len(self.list_of_possible_dobs) - 1): data = {"dob": self.list_of_possible_dobs[i]} resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual(resp_auth.data["dob"], self.list_of_possible_dobs[i]) self.assertEqual(resp_auth.status_code, status.HTTP_200_OK) data = { "gender": self.list_of_possible_genders[len(self.list_of_possible_genders) - 1] } resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') resp_auth.data.pop('created_at') resp_auth.data.pop('updated_at') self.assertEqual( resp_auth.data["gender"], self.list_of_possible_genders[len(self.list_of_possible_genders) - 2]) data = { "dob": self.list_of_possible_dobs[len(self.list_of_possible_dobs) - 1] } resp_auth = self.client_auth.patch(self.user_main_page_url, data=data, format='json') self.assertEqual(resp_auth.status_code, status.HTTP_400_BAD_REQUEST) def test_upload_update_userpic(self): image1 = Image.new('RGB', (100, 100)) image2 = Image.new('RGB', (100, 100)) tmp_file1 = tempfile.NamedTemporaryFile(suffix='.jpg') tmp_file2 = tempfile.NamedTemporaryFile(suffix='.png') image1.save(tmp_file1) image2.save(tmp_file2) tmp_file1.seek(0) resp_auth_1 = self.client_auth.put(self.userpic_url, data={'image': tmp_file1}, format='multipart') self.assertEqual(resp_auth_1.status_code, status.HTTP_200_OK) self.assertIsNot(resp_auth_1.data['image'], "") tmp_file2.seek(0) resp_auth_2 = self.client_auth.put(self.userpic_url, data={'image': tmp_file2}, format='multipart') self.assertEqual(resp_auth_2.status_code, status.HTTP_200_OK) self.assertIsNot(resp_auth_2.data['image'], "") self.assertNotEqual(resp_auth_1.data['image'], resp_auth_2.data['image']) def test_delete_userpic(self): pass def test_access_to_documents(self): pass def test_create_document(self): pass def test_delete_document(self): pass def test_update_documents(self): pass def test_access_to_billing_addresses(self): pass def test_create_billing_addresses(self): pass def test_delete_billing_addresses(self): pass def test_update_billing_addresses(self): pass def test_access_to_phones(self): pass def test_create_phones(self): pass def test_delete_phones(self): pass def test_update_phones(self): pass def test_change_password(self): pass
class SurgeryTest(APITestCase): fixtures = ['testdata.json'] def setUp(self): self.data = { "name": 'test_11', } self.client = APIClient() self.client.credentials(HTTP_tenant="test") self.tetant_data = {"name": "test", "subdomain_prefix": "foo_bar"} self.tenant = self.create_tenant(self.tetant_data) self.url = reverse('surgery-list') @staticmethod def create_surgery(data): return SurgeryModel.objects.get_or_create(**data)[0] @staticmethod def create_tenant(data): tenant = Tenant.objects.get_or_create(**data) return tenant[0] def test_surgery_list(self): # client = APIClient() self.client.credentials(HTTP_tenant="test") response = self.client.get(self.url) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) def test_surgery_create(self): tenant = self.create_tenant(self.tetant_data) # self.client.credentials(HTTP_tenant= "t1") response = self.client.post(self.url, data={ "name": "test_surgery", "tenant": tenant.id }) self.assertEqual( response.status_code, status.HTTP_201_CREATED, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) def test_surgery_update(self): data = { "name": "test_surgery1", "tenant": self.create_tenant(self.tetant_data) } surgery = self.create_surgery(data) url = reverse("surgery-detail", kwargs={"pk": surgery.id}) response = self.client.put(url, data={ "name": "test_surgery_name_changed", "tenant": surgery.tenant.id }) self.assertEqual(response.data.get("name"), "test_surgery_name_changed", "Name not changed properly") self.assertEqual( response.status_code, status.HTTP_200_OK, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) def test_surgery_delete(self): data = { "name": "test_surgery1", "tenant": self.create_tenant(self.tetant_data) } surgery = self.create_surgery(data) url = reverse("surgery-detail", kwargs={"pk": surgery.id}) response = self.client.delete( url, data={"name": "test_surgery_name_changed"}) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) def test_surgery_delete_does_not_exist(self): data = { "name": "test_surgery1", "tenant": self.create_tenant(self.tetant_data) } surgery = self.create_surgery(data) url = reverse("surgery-detail", kwargs={"pk": SurgeryModel.objects.latest('id').id + 1}) response = self.client.delete( url, data={"name": "test_surgery_name_changed"}) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
class MakeANewChargeInStripe(TestCase): def setUp(self): self.maxDiff = None expected_json = { "customer_id": "cus_842ErI0D7xCGm1", "cards": [{ "card_id": "card_17nu9mJNKLANSXXXNZlzhQge", "last4": "4444", "brand": "MasterCard", "name": u"Javier Castañeda", "customer": { "customer_id": "cus_842ErI0D7xCGm1", "user": { "id": 2, "username": "******", "name": None, "last_name": None, "second_last_name": None, "description": None, "email": "*****@*****.**" } } }] } self.expected_json = json.dumps(expected_json) stripe.api_key = settings.STRIPE_PRIVATE_KEY self.client = APIClient() self.client.post(reverse('api:v2:registration-list'), { 'username': '******', 'email': '*****@*****.**', 'password': '******', 'device_os': 'IOS', 'gender': 2, }, format='json') # # Login the user to the platform before running every test # self.login_response = self.client.post(reverse('api:v2:auth-login'), { 'email': '*****@*****.**', 'password': '******', 'device_os': 'IOS' }, format='json') self.client.credentials( HTTP_AUTHORIZATION=('JWT ' + self.login_response.data.get('token'))) self.stripe_cards = [] self.stripe_customer = None self.class_status = None self.class_status_2 = None self.class_status_3 = None self.related_class = None self.class_extension = None self.another_class = None self.class_subject = None self.teacher_subject = None self.user = None self.another_user = None @httpretty.activate def create_customer_and_card(self, customer_id): custumer_data = { "id": "{}".format(customer_id), "object": "customer", "account_balance": 0, "business_vat_id": None, "created": 1461863006, "currency": None, "default_source": "card_17nu9mJNKLANSXXXNZlzhQge", "delinquent": False, "description": "Javier Castañeda", "discount": None, "email": "*****@*****.**", "livemode": False, "metadata": {}, "shipping": None, "sources": { "object": "list", "data": [{ "id": "card_17nu9mJNKLANSXXXNZlzhQge", "object": "card", "address_city": None, "address_country": None, "address_line1": None, "address_line1_check": None, "address_line2": None, "address_state": None, "address_zip": None, "address_zip_check": None, "brand": "MasterCard", "country": "US", "customer": "cus_8M0Z2V20QoOpMS", "cvc_check": "pass", "dynamic_last4": None, "exp_month": 12, "exp_year": 2017, "fingerprint": "Xt5EWLLDS7FJjR1c", "funding": "credit", "last4": "4444", "metadata": {}, "name": "Javier Castañeda", "tokenization_method": None }], "has_more": False, "total_count": 1, "url": "/v1/customers/cus_8M0Z2V20QoOpMS/sources" }, "subscriptions": { "object": "list", "data": [], "has_more": False, "total_count": 0, "url": "/v1/customers/cus_8M0Z2V20QoOpMS/subscriptions" } } httpretty.register_uri( httpretty.GET, "https://api.stripe.com/v1/customers/{}".format(customer_id), body=json.dumps(custumer_data), status=200) # # Customer created for the testing of Charges and cards # self.customer = stripe.Customer.retrieve(customer_id) # # Cards created for the testing of Charges and cards # self.cards = self.customer.sources.data self.user = get_user_model().objects.create(username=customer_id, password='******', email='*****@*****.**', is_teacher=True) self.another_user = get_user_model().objects.create( username='******', password='******', email='*****@*****.**') # # Create the stripeCustomer inside the database for testing # self.stripe_customer = StripeCustomer.objects.create( user=self.user, account_balance=self.customer.account_balance, delinquent=self.customer.delinquent, default_source=self.customer.default_source, customer_id=self.customer.id) self.stripe_cards = [] for card in self.cards: self.stripe_cards.append( StripeCard.objects.create( customer=self.stripe_customer, name=card.name, address_line_1=card.address_line1, address_line_1_check=card.address_line1_check, address_line_2=card.address_line2, address_city=card.address_city, address_state=card.address_state, address_country=card.address_country, address_zip=card.address_zip, address_zip_check=card.address_zip_check, brand=card.brand, country=card.country, cvc_check=card.cvc_check, dynamic_last4=card.dynamic_last4, tokenization_method=card.tokenization_method, exp_month=card.exp_month, exp_year=card.exp_year, funding=card.funding, last4=card.last4, fingerprint=card.fingerprint, card_id=card.id)) self.class_status = ClassStatus.objects.create( name="status", description="status") self.class_status_2 = ClassStatus.objects.create( name="status2", description="status2") self.class_status_3 = ClassStatus.objects.create( name="acecpted", description="acecpted") self.class_subject = Subject.objects.create(name="subject", description="subject", price_per_hour=9.99) self.teacher_subject = SubjectTeacher.objects.create( teacher=self.user, subject=self.class_subject, status=True) self.related_class = Class.objects.create( class_start_date="2016-07-14 20:00:52.921276+00:00", teacher=self.user, student=self.user, subject=self.class_subject, class_status=self.class_status, class_detail="testing class", participants=1, class_time=time(hour=1, minute=0), time_zone_conf=5, location=(u"SRID=4326;POINT " u"(19.4619810000000015 -99.1511504000000059)")) self.class_extension_1 = RequestClassExtensionTime.objects.create( class_request=self.related_class, time=time(0, 30, 0, 0)) self.another_class = Class.objects.create( class_start_date="2016-07-14 20:00:52.921276+00:00", teacher=self.another_user, student=self.another_user, subject=self.class_subject, class_status=self.class_status_2, class_time=time(hour=1, minute=0), class_detail="testing class", participants=2, time_zone_conf=5, location=(u"SRID=4326;POINT " u"(19.4619810000000015 -99.1511504000000059)")) self.class_extension_2 = RequestClassExtensionTime.objects.create( class_request=self.another_class, time=time(0, 30, 0, 0)) def tearDown(self): if self.class_status: self.class_status.delete() if self.class_subject: self.class_subject.delete() if self.related_class: self.related_class.delete() if self.another_class: self.another_class.delete() if self.stripe_cards: for card in self.stripe_cards: card.delete() if self.stripe_customer: self.stripe_customer.delete() @httpretty.activate def test_the_user_should_be_able_to_create_a_new_charge(self): charges_data = { "id": "ch_185IYD2eZvKYlo2CiprQHol4", "object": "charge", "amount": 2000, "amount_refunded": 0, "application_fee": None, "balance_transaction": "txn_185IYD2eZvKYlo2CeR0Oax5g", "captured": True, "created": 1461863021, "currency": "usd", "customer": "cus_842ErI0D7xCGm1", "description": None, "destination": None, "dispute": None, "failure_code": None, "failure_message": None, "fraud_details": {}, "invoice": None, "livemode": False, "metadata": {}, "order": None, "paid": True, "receipt_email": None, "receipt_number": None, "refunded": False, "refunds": { "object": "list", "data": [], "has_more": False, "total_count": 0, "url": "/v1/charges/ch_185IYD2eZvKYlo2CiprQHol4/refunds" }, "shipping": None, "source": { "id": "card_17nu9mJNKLANSXXXNZlzhQge", "object": "card", "address_city": None, "address_country": None, "address_line1": None, "address_line1_check": None, "address_line2": None, "address_state": None, "address_zip": None, "address_zip_check": None, "brand": "Visa", "country": "US", "customer": "cus_842ErI0D7xCGm1", "cvc_check": "pass", "dynamic_last4": None, "exp_month": 12, "exp_year": 2017, "fingerprint": "Xt5EWLLDS7FJjR1c", "funding": "credit", "last4": "4242", "metadata": {}, "name": "Javier Castañeda", "tokenization_method": None }, "source_transfer": None, "statement_descriptor": None, "status": "succeeded" } httpretty.register_uri(httpretty.POST, "https://api.stripe.com/v1/charges", body=json.dumps(charges_data), status=201) self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Create a new charge for the user # response = self.client.post(reverse('api:v1:stripe-charges-list'), { 'currency': 'usd', 'customer_id': self.customer.id, 'description': 'testing charge', 'class_id': self.related_class.id }, format='json') # # If everything was correct the answer should be a 201 http response # with a success message and a charge id. If the charge was created in # Stripe then is possible to retrieve it # self.assertEqual(response.status_code, 201) # Testing information returned from the serializer. self.assertEqual(response.data.get('amount'), "9.99") # Checking related class information. data = response.data self.assertEqual(data['related_class']['id'], 1) self.assertEqual(data['related_class']['teacher'], 2) self.assertEqual(data['related_class']['student'], 2) self.assertEqual(data['related_class']['subject']['id'], 1) # Testing the spected information against the stripe charge # information. created_charge = stripe.Charge.retrieve(response.data.get('charge_id')) self.assertEqual(created_charge.amount, 999) self.assertEqual(created_charge.currency, 'usd') self.assertEqual(created_charge.description, 'testing charge') self.assertEqual(created_charge.amount_refunded, 0) def test_customer_detail_information_by_user_id(self): self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Getting the customer information. # response = self.client.get(reverse('api:v1:stripe-customers-detail', kwargs={'pk': 2}), format='json') self.assertJSONEqual(response.content, self.expected_json) def test_customer_detail_information_by_customer_id(self): self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Getting the customer information. # response = self.client.get(reverse('api:v1:stripe-customers-detail', kwargs={'pk': self.customer.id}), format='json') self.assertJSONEqual(response.content, self.expected_json) @httpretty.activate def test_address_line1_is_incorrect_for_the_card(self): """ This test is designed for the card with number 4000 0000 0000 0010 where the address_line1 and address_zip are incorrect to check that the error message is managed correctly. All the customers where created with the console, if there is a problem with the customer a new token should be generated, a new customer created and the customer_id should be replaced. """ charges_data = { "id": "ch_185IYD2eZvKYlo2CiprQHol4", "object": "charge", "amount": 2000, "amount_refunded": 0, "application_fee": None, "balance_transaction": "txn_185IYD2eZvKYlo2CeR0Oax5g", "captured": True, "created": 1461863021, "currency": "usd", "customer": "cus_842ErI0D7xCGm1", "description": None, "destination": None, "dispute": None, "failure_code": None, "failure_message": None, "fraud_details": {}, "invoice": None, "livemode": False, "metadata": {}, "order": None, "paid": True, "receipt_email": None, "receipt_number": None, "refunded": False, "refunds": { "object": "list", "data": [], "has_more": False, "total_count": 0, "url": "/v1/charges/ch_185IYD2eZvKYlo2CiprQHol4/refunds" }, "shipping": None, "source": { "id": "card_17nu9mJNKLANSXXXNZlzhQge", "object": "card", "address_city": None, "address_country": None, "address_line1": None, "address_line1_check": None, "address_line2": None, "address_state": None, "address_zip": None, "address_zip_check": None, "brand": "Visa", "country": "US", "customer": "cus_842ErI0D7xCGm1", "cvc_check": "pass", "dynamic_last4": None, "exp_month": 12, "exp_year": 2017, "fingerprint": "Xt5EWLLDS7FJjR1c", "funding": "credit", "last4": "4242", "metadata": {}, "name": "Javier Castañeda", "tokenization_method": None }, "source_transfer": None, "statement_descriptor": None, "status": "succeeded" } httpretty.register_uri(httpretty.POST, "https://api.stripe.com/v1/charges", body=json.dumps(charges_data), status=201) self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Create a new charge for the user # response = self.client.post(reverse('api:v1:stripe-charges-list'), { 'currency': 'usd', 'customer_id': self.customer.id, 'description': 'testing charge', 'class_id': self.related_class.id }, format='json') # # If everything was correct the answer should be a 201 http response # with a success message and a charge id. If the charge was cerated in # Stripe then is possible to retrieve it # # Testing information returned from the serializer. self.assertEqual(response.data['amount'], "9.99") # Checking related class information. self.assertEqual(response.data['related_class']['id'], 1) self.assertEqual(response.data['related_class']['teacher'], 2) self.assertEqual(response.data['related_class']['student'], 2) self.assertEqual(response.data['related_class']['subject']['id'], 1) created_charge = stripe.Charge.retrieve(response.data.get('charge_id')) self.assertEqual(created_charge.amount, 999) self.assertEqual(created_charge.currency, 'usd') self.assertEqual(created_charge.description, 'testing charge') self.assertEqual(created_charge.amount_refunded, 0) self.assertEqual(created_charge.source.address_line1_check, None) def test_address_line1_is_unavailable_for_the_card(self): """ This test is designed for the card with number 4000 0000 0000 0044 where the address_line1 and address_zip are unavailable to check that the error message is managed correctly. All the customers where created with the console, if there is a problem with the customer a new token should be generated, a new customer created and the customer_id should be replaced. """ charges_data = { "id": "ch_185IYD2eZvKYlo2CiprQHol4", "object": "charge", "amount": 2000, "amount_refunded": 0, "application_fee": None, "balance_transaction": "txn_185IYD2eZvKYlo2CeR0Oax5g", "captured": True, "created": 1461863021, "currency": "usd", "customer": "cus_842ErI0D7xCGm1", "description": None, "destination": None, "dispute": None, "failure_code": None, "failure_message": None, "fraud_details": {}, "invoice": None, "livemode": False, "metadata": {}, "order": None, "paid": True, "receipt_email": None, "receipt_number": None, "refunded": False, "refunds": { "object": "list", "data": [], "has_more": False, "total_count": 0, "url": "/v1/charges/ch_185IYD2eZvKYlo2CiprQHol4/refunds" }, "shipping": None, "source": { "id": "card_17nu9mJNKLANSXXXNZlzhQge", "object": "card", "address_city": None, "address_country": None, "address_line1": None, "address_line1_check": None, "address_line2": None, "address_state": None, "address_zip": None, "address_zip_check": None, "brand": "Visa", "country": "US", "customer": "cus_842ErI0D7xCGm1", "cvc_check": "pass", "dynamic_last4": None, "exp_month": 12, "exp_year": 2017, "fingerprint": "Xt5EWLLDS7FJjR1c", "funding": "credit", "last4": "4242", "metadata": {}, "name": "Javier Castañeda", "tokenization_method": None }, "source_transfer": None, "statement_descriptor": None, "status": "succeeded" } httpretty.register_uri(httpretty.POST, "https://api.stripe.com/v1/charges", body=json.dumps(charges_data), status=201) self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Create a new charge for the user # response = self.client.post(reverse('api:v1:stripe-charges-list'), { 'currency': 'usd', 'customer_id': self.customer.id, 'description': 'testing charge', 'class_id': 1 }, format='json') # # If everything was correct the answer should be a 201 http response # with a success message and a charge id. If the charge was cerated in # Stripe then is possible to retrieve it # self.assertEqual(response.status_code, 201) # Testing information returned from the serializer. self.assertEqual(response.data['amount'], "9.99") # Checking related class information. self.assertEqual(response.data['related_class']['id'], 1) self.assertEqual(response.data['related_class']['teacher'], 2) self.assertEqual(response.data['related_class']['student'], 2) self.assertEqual(response.data['related_class']['subject']['id'], 1) created_charge = stripe.Charge.retrieve(response.data.get('charge_id')) self.assertEqual(created_charge.amount, 999) self.assertEqual(created_charge.currency, 'usd') self.assertEqual(created_charge.description, 'testing charge') self.assertEqual(created_charge.amount_refunded, 0) self.assertEqual(created_charge.source.address_line1_check, None) @httpretty.activate def test_a_charge_is_not_created_when_the_card_is_declined(self): """ This test is designed for the card with number 4000 0000 0000 0019 where the card is denied to check that the error message is managed correctly. All the customers where created with the console, if there is a problem with the customer a new token should be generated, a new customer created and the customer_id should be replaced. """ httpretty.register_uri( httpretty.POST, "https://api.stripe.com/v1/charges", body="{'error_message':'Your card was declined.'}", status=400) self.create_customer_and_card('cus_85ZAFMAAcIMWZW') # # Create a new charge for the user # response = self.client.post( reverse('api:v1:stripe-charges-list'), { 'amount': 1050, 'currency': 'usd', 'customer_id': self.customer.id, 'description': 'testing charge', 'class_id': self.related_class.id }) # # # # The expected answer should be a 500 http response # # with a error message and a error code. # # self.assertEqual(response.status_code, 400) self.assertEqual(response.data.get('error_message'), "Your card was declined.") # self.assertEqual( # response.data.get('error_code'), # 'card_declined' # ) def test_a_customer_is_not_created_when_the_cvc_code_is_incorrect(self): """ This test is designed for the card with number 4000 0000 0000 0127 where the cvc code is incorrect the error message is managed correctly. All the customers where created with the console, if there is a problem with the customer a new token should be generated, a new customer created and the customer_id should be replaced. """ with self.assertRaises(stripe.error.CardError): stripe.Customer.create(source='tok_17pNKiJNKLANSXXXMRIWbCuX', description='incorrect cvc code') def test_a_customer_is_not_created_when_the_card_is_declines(self): """ This test is designed for the card with number 4000 0000 0000 0002 where the card is declined the error message is managed correctly. All the customers where created with the console, if there is a problem with the customer a new token should be generated, a new customer created and the customer_id should be replaced. """ with self.assertRaises(stripe.error.CardError): stripe.Customer.create(source='tok_17pNHmJNKLANSXXXBIeWhGvi', description='card declined') def test_a_customer_is_not_created_when_the_card_has_expired(self): """ This test is designed for the card with number 4000 0000 0000 0069 where the card is declined the error message is managed correctly. All the customers where created with the console, if there is a problem with the customer a new token should be generated, a new customer created and the customer_id should be replaced. """ with self.assertRaises(stripe.error.CardError): stripe.Customer.create(source='tok_17pNLzJNKLANSXXXIjkm6Iub', description='card expired') def test_a_customer_is_not_created_when_there_is_a_processing_error(self): """ This test is designed for the card with number 4000 0000 0000 0119 where the card is declined the error message is managed correctly. All the customers where created with the console, if there is a problem with the customer a new token should be generated, a new customer created and the customer_id should be replaced. """ with self.assertRaises(stripe.error.CardError): stripe.Customer.create(source='tok_17pNMhJNKLANSXXX2j2KPc68', description='processing error') def test_student_without_a_stripe_customer_cant_receive_a_class(self): """ A user that doesn't have a customer account, avoid teacher to accept the class. """ self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Trying to change the state of the class to accepted # response = self.client.patch( reverse('api:v1:class-detail', kwargs={'pk': self.another_class.id}), {'class_status': 3}, format='json') self.assertEqual(response.status_code, 400) self.assertEqual(response.data.get('error_message'), "Student doesn't have a stripe customer account.") def test_student_with_a_stripe_customer_can_receive_a_class(self): """ A user that does have a customer account, allows a teacher to accept a class and generate a stripe charge. """ self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Trying to change the state of the class to accepted # response = self.client.patch( reverse('api:v1:class-detail', kwargs={'pk': self.related_class.id}), {'class_status': 3}, format='json') # A charge was created so, the state should be 201. self.assertEqual(response.status_code, 200) # Testing information returned from the serializer. self.assertEqual(response.data['amount'], "9.99") # Checking related class information. self.assertEqual(response.data['related_class']['id'], 1) self.assertEqual(response.data['related_class']['teacher'], 2) self.assertEqual(response.data['related_class']['student'], 2) self.assertEqual(response.data['related_class']['subject']['id'], 1) created_charge = stripe.Charge.retrieve(response.data.get('charge_id')) self.assertEqual(created_charge.amount, 999) self.assertEqual(created_charge.currency, 'usd') self.assertEqual(created_charge.description, 'class:1 customer:cus_842ErI0D7xCGm1 amount:9.99') self.assertEqual(created_charge.amount_refunded, 0) self.assertEqual(created_charge.source.address_line1_check, None) created_charge = stripe.Charge.retrieve(response.data.get('charge_id')) self.assertEqual(created_charge.amount, 999) self.assertEqual(created_charge.currency, 'usd') schedule_class = Class.objects.get(id=1) # Description used in the stripe charge. charge_description = generate_charge_description( schedule_class, schedule_class.teacher.price_per_hour(schedule_class.subject.id)) self.assertEqual(created_charge.description, charge_description) self.assertEqual(created_charge.amount_refunded, 0) self.assertEqual(created_charge.source.address_line1_check, None) def test_student_without_a_stripe_customer_cant_receive_a_extension(self): """ A user that doesn't have a customer account, avoid him to accept a class extension. """ self.create_customer_and_card('cus_842ErI0D7xCGm1') # # Trying to change the state of the class extension to accepted. # response = self.client.patch(reverse( 'api:v1:request-class-extension-time-detail', kwargs={'pk': self.class_extension_2.id}), {'accepted': True}, format='json') self.assertEqual(response.status_code, 400) self.assertEqual(response.data.get('error_message'), "Student doesn't have a stripe customer account.")
class TestOutlookTokens(TestCase): """ Unit Test case class for Outlook Tokens. """ OUTLOOK_AUTH_CODE = settings.OUTLOOK_AUTH_CODE OUTLOOK_REFRESH_TOKEN = settings.OUTLOOK_REFRESH_TOKEN OUTLOOK_DETAILS = { "client_id": '2e36be5f-0040-4f0d-bbef-12787ddc158b', "client_secret": '.5JwU-O9E_lY~uYUha5.3~dAUx3_0p_wu2', "tenant_id": 'cc6b2eea-c864-4839-85f5-94736facc3be', "redirect_uri": 'http://*****:*****@mail.com' } User.objects.create_superuser(**self.credentials) self.client = APIClient() response = self.client.post('http://localhost:8000/api-token-auth/', { 'username': self.credentials['username'], "password": self.credentials['password'] }, format='json') self.token = response.json()['token'] self.client.credentials(HTTP_AUTHORIZATION=self.token) def test_outlook_token(self): """ Unit test cases for token generation. """ post_data_auth_code = { 'grant_type': 'authorization_code', 'code': self.OUTLOOK_AUTH_CODE, 'redirect_uri': self.OUTLOOK_DETAILS['redirect_uri'], 'scope': self.OUTLOOK_SCOPES, 'client_id': self.OUTLOOK_DETAILS['client_id'], 'client_secret': self.OUTLOOK_DETAILS['client_secret'] } post_data_refresh_token = { 'grant_type': 'refresh_token', 'redirect_uri': self.OUTLOOK_DETAILS['redirect_uri'], 'scope': self.OUTLOOK_SCOPES, 'refresh_token': self.OUTLOOK_REFRESH_TOKEN, 'client_id': self.OUTLOOK_DETAILS['client_id'], 'client_secret': self.OUTLOOK_DETAILS['client_secret'] } if self.OUTLOOK_REFRESH_TOKEN is not None: r = requests.post(settings.OUTLOOK_TOKEN_URL, data=post_data_refresh_token) response = r.json() token_response = "Token Generated" if 'refresh_token' in response.keys( ) else "Token Not Generated" else: r = requests.post(settings.OUTLOOK_TOKEN_URL, data=post_data_auth_code) response = r.json() self.assertEqual(token_response, "Token Generated") self.assertEqual(status.HTTP_200_OK, r.status_code) def test_outlook_invalid_token(self): """ Unit test cases for expired token. """ OUTLOOK_REFRESH_INVALID_TOKEN = "0.AAAA6i5rzGTIOUiF9ZRzb6zDvl--Ni5AAA1Pu-8SeH3cFYtYAPE.AgABAAAAAAAGV_bv21oQQ4ROqh0_1-tAAQDs_wIA9P_OGYOVkWs4tpIDhO-WGf7nByalMDx2UuJbtBaJbIK0DCEM2pWIsrQDjP7ilTC2fNH_qtuETWAfQV1FincmGBBJ_CHP00qAwvfOAuv488gTSCU4eezpajvAIER2LC50q6HghAEBJRLZ2t-EdHD9KeJYsASzwpYMODUMLug7c1geD_oTI_est_6hHdTnn8nUrLo5jwUJWiWLLlwTzcQUswYnMjTCmr3tACvWi5gaRxJJwsQ3CQJQOye6v9g6lDpyqLC8OweL1ZsvwW4-xabeov8NKeFYLTIblt0CV9NApsog6ncexWQ0HRdrkmxiMLZv3jrD5FiFL0JywgekwxJtJyR47MPbZzjpJb6RkZs3tKPYUA9NT3NRqDBeVIDYD7aQfGNLB0zDn-ux41tuqjo7CtieBv7CwQb-9KrcSMXszlKvmMgbHikesUX2JFFF3QrXXY7yaKaQaI3h9cgUkJdf6WgkyZAnoqFZlqtFgxp3TWnO-x2mfT27fcKwxiAlbnG6XsXvtivXu7YHSjSFfhqNvgRCqbw0IDkeGTJIdsmCSh1NNtCy4iVE7d4uarmSh3I27selzPTOqZVoMAHvUd5I6TMzCNV-s1Rj0Ov5dTX5n33QYIG4LKxSWYL-gdGgZlAtQkW74o7e9CWggt2dpbziEsCyDgf-OufRmSqPHZruDOUqmJCdGroT5kvicydQBOObKPz5RbU8pelI_T5JVWQxJA1CMIrBlt8ihtKtrpKbI-BSsUJiYSJ65A0sTYMHVcvk_gcjzgkX4Ifi4ULQHzF9zlyCRdJAb8g2ccWaoCmUdm6kVY_iBt6XrhQ8PC1s0kriSi-fPkyj7-xYGXZrOR26Zv7r4Fgq1KFsbC0O79GnkMrOD_x4Szu0wHYQAzdOk37uAFOg93BRbbHf3RBXZqDfLlEJr_h4YIut6qW8zzRHgwK0ARMm4D3juhtCShyMrA0G1TjuRhUEsMWef4ALXA" post_data_auth_code = { 'grant_type': 'authorization_code', 'code': self.OUTLOOK_AUTH_CODE, 'redirect_uri': self.OUTLOOK_DETAILS['redirect_uri'], 'scope': self.OUTLOOK_SCOPES, 'client_id': self.OUTLOOK_DETAILS['client_id'], 'client_secret': self.OUTLOOK_DETAILS['client_secret'] } post_data_refresh_token = { 'grant_type': 'refresh_token', 'redirect_uri': self.OUTLOOK_DETAILS['redirect_uri'], 'scope': self.OUTLOOK_SCOPES, 'refresh_token': OUTLOOK_REFRESH_INVALID_TOKEN, 'client_id': self.OUTLOOK_DETAILS['client_id'], 'client_secret': self.OUTLOOK_DETAILS['client_secret'] } if self.OUTLOOK_REFRESH_TOKEN is not None: r = requests.post(settings.OUTLOOK_TOKEN_URL, data=post_data_refresh_token) response = r.json() token_response = "invalid_grant" if 'error' in response.keys( ) else "Valid Token" else: r = requests.post(settings.OUTLOOK_TOKEN_URL, data=post_data_auth_code) response = r.json() self.assertEqual(token_response, "invalid_grant") self.assertNotEqual(status.HTTP_200_OK, r.status_code) def test_outlook_token_negative(self): """ Unit test case for token repeatation """ post_data_auth_code = { 'grant_type': 'authorization_code', 'code': self.OUTLOOK_AUTH_CODE, 'redirect_uri': self.OUTLOOK_DETAILS['redirect_uri'], 'scope': self.OUTLOOK_SCOPES, 'client_id': self.OUTLOOK_DETAILS['client_id'], 'client_secret': self.OUTLOOK_DETAILS['client_secret'] } post_data_refresh_token = { 'grant_type': 'refresh_token', 'redirect_uri': self.OUTLOOK_DETAILS['redirect_uri'], 'scope': self.OUTLOOK_SCOPES, 'refresh_token': self.OUTLOOK_REFRESH_TOKEN, 'client_id': self.OUTLOOK_DETAILS['client_id'], 'client_secret': self.OUTLOOK_DETAILS['client_secret'] } if self.OUTLOOK_REFRESH_TOKEN is not None: r = requests.post(settings.OUTLOOK_TOKEN_URL, data=post_data_refresh_token) token_before = r.json() time.sleep(10) r = requests.post(settings.OUTLOOK_TOKEN_URL, data=post_data_refresh_token) token_after = r.json() else: r = requests.post(settings.OUTLOOK_TOKEN_URL, data=post_data_auth_code) response = r.json() self.assertNotEqual(token_before['refresh_token'], token_after['refresh_token']) self.assertEqual(status.HTTP_200_OK, r.status_code)
def test_remove_provider_with_non_customer_user(self): """ Test removing a provider with the user account that does not belong to the customer group. PermissionDenied is expected. """ # Get the customer owner token so a regular user can be created user_name = self.customer_data[0]['owner']['username'] user_pass = self.customer_data[0]['owner']['password'] owner_token = self.get_token(user_name, user_pass) # Create a regular user and get the user's token user_data = { 'username': '******', 'password': '******', 'email': '*****@*****.**' } user = self.create_user(owner_token, user_data) self.assertEquals(user.status_code, 201) user_token = self.get_token(user_data['username'], user_data['password']) # Create a Provider as a regular user iam_arn = 'arn:aws:s3:::my_s3_bucket' bucket_name = 'my_s3_bucket' response = self.create_provider(bucket_name, iam_arn, user_token) self.assertEqual(response.status_code, 201) # Verify that the Provider creation was successful json_result = response.json() self.assertIsNotNone(json_result.get('uuid')) self.assertIsNotNone(json_result.get('customer')) self.assertEqual( json_result.get('customer').get('name'), self.customer_data[0].get('name')) self.assertIsNotNone(json_result.get('created_by')) self.assertEqual( json_result.get('created_by').get('username'), user_data['username']) # Create a regular user that belongs to a different customer other_owner_token = self.get_token( self.customer_data[1]['owner']['username'], self.customer_data[1]['owner']['password']) other_user_data = { 'username': '******', 'password': '******', 'email': '*****@*****.**' } other_user = self.create_user(other_owner_token, other_user_data) self.assertEquals(other_user.status_code, 201) other_user_token = self.get_token(other_user_data['username'], other_user_data['password']) # Remove Provider as the regular user that belongs to the other company url = reverse('provider-detail', args=[json_result.get('uuid')]) client = APIClient() client.credentials(HTTP_AUTHORIZATION=other_user_token) response = client.delete(url) self.assertEqual(response.status_code, 403)
class TestAPITestClient(TestCase): def setUp(self): self.client = APIClient() def test_credentials(self): """ Setting `.credentials()` adds the required headers to each request. """ self.client.credentials(HTTP_AUTHORIZATION='example') for _ in range(0, 3): response = self.client.get('/view/') self.assertEqual(response.data['auth'], 'example') def test_force_authenticate(self): """ Setting `.force_authenticate()` forcibly authenticates each request. """ user = User.objects.create_user('example', '*****@*****.**') self.client.force_authenticate(user) response = self.client.get('/view/') self.assertEqual(response.data['user'], 'example') def test_force_authenticate_with_sessions(self): """ Setting `.force_authenticate()` forcibly authenticates each request. """ user = User.objects.create_user('example', '*****@*****.**') self.client.force_authenticate(user) # First request does not yet have an active session response = self.client.get('/session-view/') self.assertEqual(response.data['active_session'], False) # Subsequent requests have an active session response = self.client.get('/session-view/') self.assertEqual(response.data['active_session'], True) # Force authenticating as `None` should also logout the user session. self.client.force_authenticate(None) response = self.client.get('/session-view/') self.assertEqual(response.data['active_session'], False) def test_csrf_exempt_by_default(self): """ By default, the test client is CSRF exempt. """ User.objects.create_user('example', '*****@*****.**', 'password') self.client.login(username='******', password='******') response = self.client.post('/view/') self.assertEqual(response.status_code, 200) def test_explicitly_enforce_csrf_checks(self): """ The test client can enforce CSRF checks. """ client = APIClient(enforce_csrf_checks=True) User.objects.create_user('example', '*****@*****.**', 'password') client.login(username='******', password='******') response = client.post('/view/') expected = {'detail': 'CSRF Failed: CSRF cookie not set.'} self.assertEqual(response.status_code, 403) self.assertEqual(response.data, expected) def test_can_logout(self): """ `logout()` resets stored credentials """ self.client.credentials(HTTP_AUTHORIZATION='example') response = self.client.get('/view/') self.assertEqual(response.data['auth'], 'example') self.client.logout() response = self.client.get('/view/') self.assertEqual(response.data['auth'], b'') def test_logout_resets_force_authenticate(self): """ `logout()` resets any `force_authenticate` """ user = User.objects.create_user('example', '*****@*****.**', 'password') self.client.force_authenticate(user) response = self.client.get('/view/') self.assertEqual(response.data['user'], 'example') self.client.logout() response = self.client.get('/view/') self.assertEqual(response.data['user'], '') def test_follow_redirect(self): """ Follow redirect by setting follow argument. """ response = self.client.get('/redirect-view/') self.assertEqual(response.status_code, 302) response = self.client.get('/redirect-view/', follow=True) self.assertIsNotNone(response.redirect_chain) self.assertEqual(response.status_code, 200) response = self.client.post('/redirect-view/') self.assertEqual(response.status_code, 302) response = self.client.post('/redirect-view/', follow=True) self.assertIsNotNone(response.redirect_chain) self.assertEqual(response.status_code, 200) response = self.client.put('/redirect-view/') self.assertEqual(response.status_code, 302) response = self.client.put('/redirect-view/', follow=True) self.assertIsNotNone(response.redirect_chain) self.assertEqual(response.status_code, 200) response = self.client.patch('/redirect-view/') self.assertEqual(response.status_code, 302) response = self.client.patch('/redirect-view/', follow=True) self.assertIsNotNone(response.redirect_chain) self.assertEqual(response.status_code, 200) response = self.client.delete('/redirect-view/') self.assertEqual(response.status_code, 302) response = self.client.delete('/redirect-view/', follow=True) self.assertIsNotNone(response.redirect_chain) self.assertEqual(response.status_code, 200) response = self.client.options('/redirect-view/') self.assertEqual(response.status_code, 302) response = self.client.options('/redirect-view/', follow=True) self.assertIsNotNone(response.redirect_chain) self.assertEqual(response.status_code, 200) def test_invalid_multipart_data(self): """ MultiPart encoding cannot support nested data, so raise a helpful error if the user attempts to do so. """ self.assertRaises(AssertionError, self.client.post, path='/view/', data={ 'valid': 123, 'invalid': { 'a': 123 } })
def auth_api_client(create_token): from rest_framework.test import APIClient api_client = APIClient() api_client.credentials(HTTP_AUTHORIZATION='Token ' + create_token.key) return api_client
class RecipeViewSetTest(TestCase): def setUp(self): path_dir = pathlib.Path().absolute() load_dotenv(os.path.join(path_dir, '.env')) self.API_URL = os.getenv('API_BASE') self.chef = ChefUser.objects.create(username="******", first_name="Alvo", last_name="Dumbledore", email="*****@*****.**", password="******") self.client = APIClient() self.refresh = RefreshToken.for_user(self.chef) self.client.credentials( HTTP_AUTHORIZATION=f'Bearer {self.refresh.access_token}') Recipe.objects.create( title="Pão de aveia", ingredients="1 ovo, 2 colheres de farinha de aveia, pitada de sal", preparation_mode= "Mistura todos os ingredientes e coloque na figideira.", chef=self.chef) def test_create_recipe(self): data = { "title": "Mousse de Chocolate Funcional", "ingredients": "1 abacate, 2 bananas maduras e cacau em pó 100%.", "preparation_mode": "Bata todos os ingredientes no liquidificador e depois coloque na geladeira." } response = self.client.post('{0}api/recipes/'.format(self.API_URL), data, format='json') self.assertEquals(response.status_code, 201) def test_return_list_recipes(self): response = self.client.get('{0}api/recipes/'.format(self.API_URL), format='json') encoded_recipe = json.dumps(response.data) decoded_recipe = json.loads(encoded_recipe) value = next((True for recipe in decoded_recipe if recipe['title'] == 'Pão de aveia'), None) self.assertEquals(value, True) self.assertEquals(response.status_code, 200) def test_get_recipe_by_id(self): response = self.client.get('{0}api/recipes/1/'.format(self.API_URL), format='json') self.assertEquals(response.data['title'], 'Pão de aveia') def test_update_recipe(self): data = {"title": "Pão de aveia funcional"} response = self.client.put('{0}api/recipes/1/'.format(self.API_URL), data, format='json') self.assertEquals(response.data['title'], 'Pão de aveia funcional') def test_delete_recipe(self): response = self.client.delete('{0}api/recipes/1/'.format(self.API_URL)) recipes = Recipe.objects.all() self.assertEquals(len(recipes), 0) self.assertEquals(response.status_code, 204) def test_search_recipes_chef(self): data = {"search": "Alvo"} response = self.client.post(reverse('recipes_chef'), data, format='json') encoded_recipe = json.dumps(response.data) decoded_recipe = json.loads(encoded_recipe) self.assertEquals(decoded_recipe[0]['title'], 'Pão de aveia') self.assertEquals(response.status_code, 200) def test_search_recipe(self): data = {"search": "aveia"} response = self.client.post(reverse('search_recipe'), data, format='json') encoded_recipe = json.dumps(response.data) decoded_recipe = json.loads(encoded_recipe) self.assertEquals(decoded_recipe[0]['title'], 'Pão de aveia') self.assertEquals(response.status_code, 200)
class TestBlockUserViews(TestCase): def setUp(self): self.client = APIClient() self.block_user_url = reverse('block') self.example_user1 = User(username='******') self.example_user1.set_password('pass') self.example_user1.save() self.example_user2 = User(username='******') self.example_user2.set_password('pass') self.example_user2.save() self.response = self.client.post('/api/authentication/token/', { 'username': "******", 'password': "******" }, format='multipart') self.access_token = self.response.data['access'] def test_block_a_user_with_no_data(self): self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.access_token) resp = self.client.post(self.block_user_url, {}, format='multipart') self.assertEqual(resp.data, {"blocked_id": ["This field is required."]}) self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST) def test_block_a_user(self): self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.access_token) resp = self.client.post(self.block_user_url, {'blocked_id': self.example_user2.pk}, format='multipart') self.assertEqual(resp.data, {'blocked_instance'}) self.assertEqual(resp.status_code, status.HTTP_201_CREATED) def test_block_non_existed_user(self): self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.access_token) resp = self.client.post(self.block_user_url, {'blocked_id': 10000}, format='multipart') self.assertEqual(resp.data, {"blocked_id": ["not exists"]}) self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST) def test_block_already_blocked_user(self): blocked_instance = UserBlacklist(user=self.example_user1, blocked_user=self.example_user2) blocked_instance.save() print('done') self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.access_token) resp = self.client.post(self.block_user_url, {'blocked_id': self.example_user2.pk}, format='multipart') print('blocked_id') self.assertEqual(resp.data, {"blocked_id": "already blocked"}) self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)
class ViewTestCase(TestCase): """Test suite for the api views.""" def setUp(self): """Define the test client and other test variables.""" self.client = APIClient() self.initialize_data = { 'customer_xid': 'ea0212d3-abd6-406f-8c67-868e814a2436' } self.response = self.client.post(reverse('mini_wallet:init_wallet'), self.initialize_data, format="json") response_json = self.response.json() self.api_token = response_json['data']['token'] def test_api_can_init_wallet(self): """Test the api has initialize account for wallet.""" # print(self.response.json()) self.assertEqual(self.response.status_code, status.HTTP_200_OK) def test_api_can_get_wallet_balance(self): """Test the api has get wallet balance for wallet.""" self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.api_token) wallet_response = self.client.get(reverse('mini_wallet:wallet'), format="json") self.assertEqual(wallet_response.status_code, status.HTTP_200_OK) def test_api_can_enable_wallet(self): """Test the api can enable wallet.""" self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.api_token) self.client.patch(reverse('mini_wallet:wallet'), format="json") wallet_response = self.client.post(reverse('mini_wallet:wallet'), format="json") self.assertEqual(wallet_response.status_code, status.HTTP_200_OK) def test_api_can_disable_wallet(self): """Test the api can disable wallet.""" self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.api_token) self.client.post(reverse('mini_wallet:wallet'), format="json") wallet_response = self.client.patch(reverse('mini_wallet:wallet'), format="json") # print(wallet_response.json()) self.assertEqual(wallet_response.status_code, status.HTTP_200_OK) def test_api_can_credit_transaction(self): """Test the api can credit transaction.""" self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.api_token) data = { 'amount': 100, 'reference_id': '50535246-dcb2-4929-8cc9-004ea06f5241' } response = self.client.post(reverse('mini_wallet:wallet_transaction', kwargs={'category': 'deposits'}), data, format="json") self.assertEqual(response.status_code, status.HTTP_200_OK) def test_api_can_debit_transaction(self): """Test the api can debit transaction.""" self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.api_token) data = { 'amount': 100, 'reference_id': '50535246-dcb2-4929-8cc9-004ea06f5241' } response = self.client.post(reverse('mini_wallet:wallet_transaction', kwargs={'category': 'withdrawals'}), data, format="json") self.assertEqual(response.status_code, status.HTTP_200_OK) def test_api_check_validate_transaction(self): """Test the api can debit transaction.""" self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.api_token) data = { 'amount': 100, 'reference_id': '50535246-dcb2-4929-8cc9-004ea06f52411111111111111' } response = self.client.post(reverse('mini_wallet:wallet_transaction', kwargs={'category': 'withdrawals'}), data, format="json") self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) data = {'amount': '', 'reference_id': ''} response = self.client.post(reverse('mini_wallet:wallet_transaction', kwargs={'category': 'withdrawals'}), data, format="json") self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_with_correct_secret(self): client = APIClient() client.credentials(HTTP_SECRET=settings.API_SECRET) response = client.get("/api/v1/levels/") self.assertEqual(response.status_code, status.HTTP_200_OK)