def test_get_user_admin(self): admin_user = th.get_user_details('admin') access_token = flask_jwt_extended.create_access_token(identity=admin_user) username = '******' response = self.client.open( f'/api/v1/user/{username}', method='GET', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 200) data = response.json self.assertEqual(data['first_name'], 'Administrator') self.assertEqual(data['last_name'], 'SuperUser') self.assertEqual(data['username'], 'admin') self.assertEqual(data['email'], '*****@*****.**') self.assertEqual(data['role'], 'admin') self.assertEqual(data['enabled'], True) self.assertNotIn('password', data) username = '******' response = self.client.open( f'/api/v1/user/{username}', method='GET', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 200) data = response.json self.assertEqual(data['first_name'], 'user_first_name') self.assertEqual(data['last_name'], 'user_last_name') self.assertEqual(data['username'], 'user') self.assertEqual(data['email'], '*****@*****.**') self.assertEqual(data['role'], 'user') self.assertEqual(data['enabled'], True) self.assertNotIn('password', data) username = '******' response = self.client.open( f'/api/v1/user/{username}', method='GET', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 200) data = response.json self.assertEqual(data['first_name'], 'manager_first_name') self.assertEqual(data['last_name'], 'manager_last_name') self.assertEqual(data['username'], 'manager') self.assertEqual(data['email'], '*****@*****.**') self.assertEqual(data['role'], 'manager') self.assertEqual(data['enabled'], True) self.assertNotIn('password', data)
def test_update_user_manager(self): admin_user = th.get_user_details('manager') access_token = flask_jwt_extended.create_access_token(identity=admin_user) new_user_details = { 'first_name': 'modified', 'last_name': 'modififed', 'email': '*****@*****.**' } username = '******' response = self.client.open( f'/api/v1/user/{username}', method='PUT', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token}, data=json.dumps(new_user_details) ) self.assertStatus(response, 403) username = '******' response = self.client.open( f'/api/v1/user/{username}', method='PUT', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token}, data=json.dumps(new_user_details) ) self.assertStatus(response, 200) data = UserDetails.get(username).to_dict() self.assertEqual(data['first_name'], 'modified') self.assertEqual(data['last_name'], 'modififed') self.assertEqual(data['username'], 'user') self.assertEqual(data['email'], '*****@*****.**') self.assertEqual(data['enabled'], True) new_user_details = { 'first_name': 'modified', 'last_name': 'modififed', 'email': '*****@*****.**' } username = '******' response = self.client.open( f'/api/v1/user/{username}', method='PUT', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token}, data=json.dumps(new_user_details) ) self.assertStatus(response, 200) data = UserDetails.get(username).to_dict() self.assertEqual(data['first_name'], 'modified') self.assertEqual(data['last_name'], 'modififed') self.assertEqual(data['username'], 'manager') self.assertEqual(data['email'], '*****@*****.**') self.assertEqual(data['enabled'], True)
def test_enable_disable_user(self): admin_user = th.get_user_details('user') access_token = flask_jwt_extended.create_access_token(identity=admin_user) username = '******' response = self.client.open( f'/api/v1/user/{username}/enable', method='POST', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 403) response = self.client.open( f'/api/v1/user/{username}/disable', method='POST', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 403) username = '******' response = self.client.open( f'/api/v1/user/{username}/enable', method='POST', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 403) response = self.client.open( f'/api/v1/user/{username}/disable', method='POST', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 403) username = '******' response = self.client.open( f'/api/v1/user/{username}/enable', method='POST', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 403) response = self.client.open( f'/api/v1/user/{username}/disable', method='POST', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 403)
def test_get_user_not_found(self): user = th.get_user_details('admin') access_token = flask_jwt_extended.create_access_token(identity=user) username = '******' response = self.client.open( f'/api/v1/user/{username}', method='GET', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 404)
def test_delete_user_admin_by_user(self): user = th.get_user_details('user') access_token = flask_jwt_extended.create_access_token(identity=user) self.assertEqual(len(UserDetails.get_all()), 3) username = '******' response = self.client.open( f'/api/v1/user/{username}', method='DELETE', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 403) self.assertEqual(len(UserDetails.get_all()), 3)
def test_get_all_users_manager(self): user = th.get_user_details('manager') access_token = flask_jwt_extended.create_access_token(identity=user) response = self.client.open( '/api/v1/user', method='GET', content_type='application/json', headers = {'Authorization': 'Bearer ' + access_token} ) self.assertStatus(response, 200) data = response.json['data'] self.assertEqual(len(UserDetails.get_all()), 3) self.assertEqual(len(data), 1) self.assertEqual(data[0]['first_name'], 'user_first_name') self.assertEqual(data[0]['last_name'], 'user_last_name') self.assertEqual(data[0]['username'], 'user') self.assertEqual(data[0]['email'], '*****@*****.**') self.assertEqual(data[0]['role'], 'user') self.assertEqual(data[0]['enabled'], True) self.assertNotIn('password', data[0])