def test_when_logged_in_form_is_available(self): user = create_user() login_user(user.id) response = self.send_request(user_id=user.id) assert response.status_code == 200
def test_when_logged_in_endpoint_is_available(self): old_password = '******' new_password = '******' user = create_user() password_service.create_password_hash(user.id, old_password) login_user(user.id) credential_before = self.find_credential(user.id) assert credential_before is not None session_token_before = self.find_session_token(user.id) assert session_token_before is not None form_data = { 'old_password': old_password, 'new_password': new_password, 'new_password_confirmation': new_password, } response = self.send_request(form_data, user_id=user.id) assert response.status_code == 302 assert response.headers.get( 'Location') == 'http://example.com/authentication/login' credential_after = self.find_credential(user.id) session_token_after = self.find_session_token(user.id) assert credential_after is not None assert credential_before.password_hash != credential_after.password_hash assert credential_before.updated_at != credential_after.updated_at # Session token should have been removed after password change. assert session_token_after is None
def test_when_logged_in(self): user = create_user('McFly') login_user(user.id) response = self.send_request(user_id=user.id) assert response.status_code == 200 assert response.mimetype == 'text/html'
def create_admin(self): admin = create_user('Admin') permission_ids = {'admin.access', 'shop_order.view'} assign_permissions_to_user(admin.id, 'admin', permission_ids) login_user(admin.id) return admin
def create_admin(self): admin = create_user('Admin') permission_ids = {'admin.access', 'newsletter.export_subscribers'} assign_permissions_to_user(admin.id, 'admin', permission_ids) login_user(admin.id) return admin
def request_view(self, current_user, order_id): login_user(current_user.id) url = '/shop/orders/{}'.format(str(order_id)) with http_client(self.app, user_id=current_user.id) as client: response = client.get(url) return response
def test_user_should_create_review_if_already_did(client, db): helpers.create_user(client) helpers.login_user(client) helpers.insert_complete_restaurant(db) create_review(client) res = create_review(client, rating=3) assert res.status_code == 200 assert b"You already reviewed this restaraunt"
def test_user_should_see_review_form(client, db): helpers.create_user(client) helpers.login_user(client) helpers.insert_complete_restaurant(db) res = visit_restaurant_page(client) assert res.status_code == 200 assert b"Add your review" in res.data assert b"Your rating" in res.data assert b"Your review" in res.data
def send_request(self, recipient_id, text, *, current_user_id=None): url = '/user_messages/to/{}/create'.format(recipient_id) form_data = { 'body': text, } if current_user_id is not None: login_user(current_user_id) with http_client(self.app, user_id=current_user_id) as client: return client.post(url, data=form_data)
def create_admin(self): admin = create_user('Admin') permission_ids = { 'admin.access', 'shop_order.cancel', 'shop_order.mark_as_paid', } assign_permissions_to_user(admin.id, 'admin', permission_ids) login_user(admin.id) return admin
def test_user_should_create_review(client, db): helpers.create_user(client) helpers.login_user(client) helpers.insert_complete_restaurant(db) res = create_review(client) assert res.status_code == 200 assert b"mario" in res.data assert b"5" in res.data assert ( b"It was a delicious dinner, but initially the service was not so excellent in the speed of serving the meals." in res.data)
def test_user_should_not_create_review_when_message_is_less_than_30_character( client, db): helpers.create_user(client) helpers.login_user(client) helpers.insert_complete_restaurant(db) res = client.post( "/restaurants/1", data=dict(rating=4, message="It was a"), follow_redirects=True, ) assert res.status_code == 200 assert b"The review should be at least of 30 characters." in res.data
def test_when_logged_in(self): user = create_user('McFly') login_user(user.id) response = self.send_request(user_id=user.id) assert response.status_code == 200 assert response.content_type == CONTENT_TYPE_JSON assert response.mimetype == CONTENT_TYPE_JSON response_data = response.json assert response_data['id'] == str(user.id) assert response_data['screen_name'] == user.screen_name assert response_data['avatar_url'] is None
def setUp(self): super().setUp() self.admin = create_user('Admin') login_user(self.admin.id) self.user = create_user('User') self.brand = create_brand() party = create_party(brand_id=self.brand.id) create_email_config() create_site(party.id) self.board = create_board(self.brand.id) site_settings_service \ .create_setting('acmecon-2014-website', 'board_id', self.board.id)
def test_non_registered_user_login(self): """ Test for login of non-registered user """ with self.client: response = login_user(self, '*****@*****.**', '123456') data = json.loads(response.get_data().decode()) self.assertTrue(data['status'] == 'fail') self.assertTrue(data['message'] == 'User does not exist.') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, html_codes.HTTP_BAD_NOTFOUND)
def test_login_success(client): username = "******" email = "*****@*****.**" password = "******" signup_user(client=client, username=username, email=email, password=password) response = login_user(client=client, username=username, password=password) assert_success_200(response) data = json.loads(response.data) assert data["token"]
def test_login_bad_credentials(client): username = "******" email = "*****@*****.**" password = "******" signup_user(client=client, username=username, email=email, password=password) response = login_user(client=client, username=username, password="******") assert_error(response, 401) data = json.loads(response.data) assert data["errorCode"] == "INVALID_CREDENTIALS" assert not "token" in data
def test_registered_user_login(self): """ Test for login of registered-user login """ with self.client: # user registration register_user(self, '*****@*****.**', '123456') # registered user login response = login_user(self, '*****@*****.**', '123456') data = json.loads(response.get_data().decode()) self.assertTrue(data['status'] == 'success') self.assertTrue(data['message'] == 'Successfully logged in.') self.assertTrue(data['auth_token']) self.assertTrue(data['token_max_age']) self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, html_codes.HTTP_OK_BASIC)
def test_protected_get_data(self): """ Test for protected api against user with permissions """ with self.client: # user login resp_login = login_user(self, '*****@*****.**', 'TestTourister2017@') # valid api call resp_get_data = self.client.get( '/api/protected_get_data', headers={ 'Authentication-Token': 'Bearer ' + json.loads(resp_login.get_data().decode())['auth_token'] }) data_api = json.loads(resp_get_data.get_data().decode()) self.assertTrue(data_api['Heroes'])
def test_get_data(self): """ Test for guarded api """ with self.client: # user login resp_login = login_user(self, '*****@*****.**', 'TestTourister2017@') data = json.loads(resp_login.get_data().decode()) # valid api call resp_get_data = self.client.get('/api/get_data', headers={ 'Authentication-Token': 'Bearer ' + data['auth_token'] }) data_api = json.loads(resp_get_data.get_data().decode()) self.assertTrue(data_api['Heroes']) self.assertEqual(resp_get_data.status_code, html_codes.HTTP_OK_BASIC)
def test_valid_logout(self): """ Test for logout before token expires """ with self.client: # user login resp_login = login_user( self, '*****@*****.**', 'TestTourister2017@' ) data_login = json.loads(resp_login.get_data().decode()) # valid token logout resp_logout = self.client.post( '/auth/logout', headers={ 'Authentication-Token': 'Bearer ' + data_login['auth_token'] } ) data_logout = json.loads(resp_logout.get_data().decode()) self.assertTrue(data_logout['status'] == 'success') self.assertTrue( data_logout['message'] == 'Successfully logged out.' ) self.assertEqual(resp_logout.status_code, html_codes.HTTP_OK_BASIC) # try to access guarded endpoint again response = self.client.post( '/auth/logout', headers={ 'Authentication-Token': 'Bearer ' + data_login['auth_token'] } ) data = json.loads(response.get_data().decode()) self.assertTrue(data['status'] == 'fail') self.assertTrue( data['message'] == 'Token blacklisted. Please log in again.' ) self.assertEqual(response.status_code, html_codes.HTTP_BAD_UNAUTHORIZED)
def test_protected_get_data(self): """ Test for protected api against user with permissions """ with self.client: # user login resp_login = login_user( self, '*****@*****.**', 'TestTourister2017@' ) # valid api call resp_get_data = self.client.get( '/api/protected_get_data', headers={ 'Authentication-Token': 'Bearer ' + json.loads( resp_login.get_data().decode() )['auth_token'] } ) data_api = json.loads(resp_get_data.get_data().decode()) self.assertTrue( data_api['Heroes'] )
def test_get_data(self): """ Test for guarded api """ with self.client: # user login resp_login = login_user( self, '*****@*****.**', 'TestTourister2017@' ) data = json.loads(resp_login.get_data().decode()) # valid api call resp_get_data = self.client.get( '/api/get_data', headers={ 'Authentication-Token': 'Bearer ' + data['auth_token'] } ) data_api = json.loads(resp_get_data.get_data().decode()) self.assertTrue( data_api['Heroes'] ) self.assertEqual(resp_get_data.status_code, html_codes.HTTP_OK_BASIC)
def create_player(self): player = create_user() login_user(player.id) return player
def setup_orderer(self): self.orderer = create_user() login_user(self.orderer.id)