def test_update_user_unauthenticated(self):
res = self.client.put(f'{self.ROUTE}{self.db.staff_user.id}', data={
'email': self.db.STAFF_EMAIL,
'first_name': 'Updated',
'last_name': 'Name',
}, content_type='application/json')
utils.unauthorized_check(self, res)
def test_old_password_does_not_work(self):
self.client.login(username=self.db.CUSTOMER_EMAIL, password=self.db.PASSWORD)
res = self.client.put(self.ROUTE, data={
'old_password': self.db.PASSWORD,
'new_password': self.NEW_PASSWORD
}, content_type='application/json')
self.assertEqual(res.status_code, 204)
self.client.logout()
self.client.login(username=self.db.CUSTOMER_EMAIL, password=self.db.PASSWORD)
res = self.client.get('/api/auth/')
utils.unauthorized_check(self, res)
def test_change_email_unauthenticated(self):
res = self.client.put(self.ROUTE,
data={'email': self.NEW_EMAIL},
content_type='application/json')
utils.unauthorized_check(self, res)
self.client.login(username=self.db.CUSTOMER_EMAIL,
password=self.db.PASSWORD)
res = self.client.get(f'/api/users/{self.db.customer_user.id}')
utils.get_detail_check(self, res)
body = json.loads(res.content)
self.assertEqual(body['data']['email'], self.db.CUSTOMER_EMAIL)
def test_change_password_unauthenticated(self):
res = self.client.put(self.ROUTE, data={
'old_password': self.db.PASSWORD,
'new_password': self.NEW_PASSWORD
}, content_type='application/json')
self.assertEqual(res.status_code, 401)
# Check that new password does not work
self.client.login(username=self.db.CUSTOMER_EMAIL, password=self.NEW_PASSWORD)
res = self.client.get('/api/auth/')
utils.unauthorized_check(self, res)
# Check if password remained the same
self.client.login(username=self.db.CUSTOMER_EMAIL, password=self.db.PASSWORD)
res = self.client.get('/api/auth/')
utils.format_success_response_check(self, res)
def test_delete_unauthenticated(self):
res = self.client.delete(f'{self.ROUTE}{self.db.staff_user.id}')
utils.unauthorized_check(self, res)