def test_should_return_200_with_removed_user_data(
self,
mocker,
client,
):
db = mocker.MagicMock()
user = UserFactory()
moderator = UserFactory(moderator=True)
crud = mocker.patch(f"{MODULE}.crud.users")
crud.get.return_value = user
crud.remove.return_value = user
client.app.dependency_overrides[deps.db_session] = lambda: db
client.app.dependency_overrides[
deps.get_authenticated_moderator] = lambda: moderator
response = client.delete(f"/users/{user.id}")
assert response.status_code == 200
assert response.json() == {
"active": user.active,
"created_at": user.created_at.isoformat(),
"updated_at": user.updated_at.isoformat(),
"email": user.email,
"moderator": user.moderator,
}
crud.get.assert_called_once_with(db=db, id=user.id)
crud.remove.assert_called_once_with(db=db, model=user)
def test_should_return_404_when_user_is_not_found(
self,
mocker,
client,
):
db = mocker.MagicMock()
user = UserFactory()
moderator = UserFactory(moderator=True)
request_payload = {
"email": user.email,
"password": user.password,
}
crud = mocker.patch(f"{MODULE}.crud.users")
crud.get.return_value = None
client.app.dependency_overrides[deps.db_session] = lambda: db
client.app.dependency_overrides[
deps.get_authenticated_moderator] = lambda: moderator
response = client.put(f"/users/{user.id}", json=request_payload)
assert response.status_code == 404
assert response.json() == {
"detail": "No user found for the ID provided."
}
crud.get.assert_called_once_with(db=db, id=user.id)
crud.update.assert_not_called()
def test_should_return_201_with_created_user_data(
self,
mocker,
client,
):
db = mocker.MagicMock()
user = UserFactory()
request_payload = {
"email": user.email,
"password": user.password,
}
crud = mocker.patch(f"{MODULE}.crud.users")
crud.get_by_email.return_value = None
crud.create.return_value = user
client.app.dependency_overrides[deps.db_session] = lambda: db
client.app.dependency_overrides[deps.get_api_key] = lambda: "api_key"
response = client.post(ACCOUNT_CREATION_PATH, json=request_payload)
assert response.status_code == 201
assert response.json() == {
"active": user.active,
"created_at": user.created_at.isoformat(),
"updated_at": user.updated_at.isoformat(),
"email": user.email,
"moderator": user.moderator,
}
crud.get_by_email.assert_called_once_with(db=db, email=user.email)
crud.create.assert_called_once_with(
db=db,
schema=schema.UserCreate(**request_payload),
)
def test_should_return_the_user_object_when_it_exist_and_password_match(
self,
faker,
mocker,
):
user = UserFactory()
email = faker.email()
password = faker.sha1()
db = mocker.MagicMock()
get_by_email = mocker.patch.object(
CRUDUsers,
"get_by_email",
return_value=user,
)
verify_password = mocker.patch(
f"{MODULE}.security.password.verify_password",
return_value=True,
)
actual_user = CRUDUsers(model=model.User).authenticate(
db=db,
email=email,
password=password,
)
assert actual_user == user
get_by_email.assert_called_once_with(db=db, email=email)
verify_password.assert_called_once_with(
plain_text=password,
hashed_password=user.password,
)
def test_should_the_user_object_when_it_exists_in_database(
self,
mocker,
faker,
):
db = mocker.MagicMock()
token = faker.sha1()
sub = faker.pyint()
secret_key = faker.sha1()
access_token_algorithm = faker.word()
user = UserFactory()
payload = {"sub": sub}
decode = mocker.patch(f"{MODULE}.decode", return_value=payload)
get = mocker.patch(f"{MODULE}.crud.users.get", return_value=user)
settings = mocker.patch(f"{MODULE}.core.settings")
settings.SECRET_KEY = secret_key
settings.ACCESS_TOKEN_ALGORITHM = access_token_algorithm
actual_user = get_authenticated_user(db=db, token=token)
assert actual_user == user
decode.assert_called_once_with(
jwt=token,
key=secret_key,
algorithms=[access_token_algorithm],
)
get.assert_called_once_with(db=db, id=sub)
def test_should_update_the_user_with_the_schema_data_provided(
self,
mocker,
):
db = mocker.MagicMock()
user = UserFactory()
hash_password = mocker.patch(
f"{MODULE}.security.password.hash_password")
update_method = mocker.patch(
f"{MODULE}.CRUDBase.update",
return_value=user,
)
user_schema = mocker.MagicMock()
user_schema.password = None
actual_user = CRUDUsers(model=model.User).update(
db=db,
user=user,
schema=user_schema,
)
assert actual_user == user
update_method.assert_called_once_with(
db=db,
model=user,
schema=user_schema.dict(exclude_unset=True),
)
hash_password.assert_not_called()
def test_should_return_bad_request_when_user_is_not_active(
self,
mocker,
client,
):
user = UserFactory(active=False)
authenticate = mocker.patch(
f"{MODULE}.crud.users.authenticate",
return_value=user,
)
response = client.post(
ACCOUNT_LOGIN_PATH,
data={
"grant_type": "",
"username": user.email,
"password": user.password,
"scope": "",
"client_id": "",
"client_secret": "",
},
)
assert response.status_code == 400
assert response.json() == {"detail": "Inactive user."}
authenticate.assert_called_once_with(
db=mocker.ANY,
email=user.email,
password=user.password,
)
def test_should_return_409_conflict_if_email_is_already_registed(
self,
mocker,
client,
):
db = mocker.MagicMock()
user = UserFactory()
crud = mocker.patch(f"{MODULE}.crud.users")
crud.get_by_email.return_value = user
client.app.dependency_overrides[deps.db_session] = lambda: db
client.app.dependency_overrides[deps.get_api_key] = lambda: "api_key"
response = client.post(
ACCOUNT_CREATION_PATH,
json={
"email": user.email,
"password": user.password,
},
)
assert response.status_code == 409
assert response.json() == {
"detail": f"The email '{user.email} is alredy registered."
}
crud.get_by_email.assert_called_once_with(db=db, email=user.email)
crud.create.assert_not_called()
def test_should_raise_httpexception_401_when_user_is_not_active(self):
user = UserFactory(active=False)
with pytest.raises(HTTPException) as ex:
get_authenticated_active_user(user=user)
assert ex.value.status_code == 401
assert ex.value.detail == "The user is inactive."
def test_should_raise_httpexception_401_when_user_is_not_a_moderator(self):
user = UserFactory(moderator=False)
with pytest.raises(HTTPException) as ex:
get_authenticated_moderator(user=user)
assert ex.value.status_code == 401
assert (
ex.value.detail == "You must be moderator to perform this action."
)
def test_get_user_with_auth(app):
client = app.test_client()
user = UserFactory()
path = '/v{}/users/{}'.format(app.config['API_VERSION'], user.id)
response = client.get(path, headers={'Authorization': 'Bearer 1.2.3'})
response_user = json.loads(response.data.decode('utf-8'))
assert response.status_code == 200
assert response_user['id'] == user.id
assert response_user['name'] == user.name
assert response_user['email'] == user.email
def test_should_hash_the_new_password_when_it_is_present_in_schema_data(
self,
faker,
mocker,
):
plain_password = faker.word()
hashed_password = faker.sha1()
db = mocker.MagicMock()
user = UserFactory()
hash_password = mocker.patch(
f"{MODULE}.security.password.hash_password",
return_value=hashed_password,
)
update_method = mocker.patch(
f"{MODULE}.CRUDBase.update",
return_value=user,
)
user_schema = mocker.MagicMock()
user_schema.password.get_secret_value.return_value = plain_password
user_schema.dict.return_value = {
"email": user_schema.email,
"password": hashed_password,
}
actual_user = CRUDUsers(model=model.User).update(
db=db,
user=user,
schema=user_schema,
)
assert actual_user == user
user_schema.password.get_secret_value.assert_called_once()
hash_password.assert_called_once_with(plain_password)
update_method.assert_called_once_with(
db=db,
model=user,
schema={
"email": user_schema.email,
"password": hashed_password,
},
)
def test_should_query_for_all_users_using_default_query_params(
self,
mocker,
client,
):
db = mocker.MagicMock()
user = UserFactory()
all = mocker.patch(f"{MODULE}.crud.users.all", return_value=[])
client.app.dependency_overrides[
deps.get_authenticated_active_user] = lambda: user
client.app.dependency_overrides[deps.db_session] = lambda: db
response = client.get("/users/", )
assert response.status_code == 200
assert response.json() == []
all.assert_called_once_with(db=db, skip=0, limit=100)
def test_should_create_access_token_when_user_exists_and_is_active(
self,
mocker,
faker,
client,
):
user = UserFactory(active=True)
access_token = faker.sha1()
authenticate = mocker.patch(
f"{MODULE}.crud.users.authenticate",
return_value=user,
)
create_access_token = mocker.patch(
f"{MODULE}.security.create_access_token",
return_value=access_token,
)
response = client.post(
ACCOUNT_LOGIN_PATH,
data={
"grant_type": "",
"username": user.email,
"password": user.password,
"scope": "",
"client_id": "",
"client_secret": "",
},
)
assert response.status_code == 200
assert response.json() == {
"access_token": access_token,
"token_type": "bearer",
}
authenticate.assert_called_once_with(
db=mocker.ANY,
email=user.email,
password=user.password,
)
create_access_token.assert_called_once_with(subject=user.id)
def test_should_commit_and_refresh_the_create_entity(self, faker, mocker):
hashed_password = faker.sha1()
db = mocker.MagicMock()
created_user = UserFactory(password=SecretStr(hashed_password))
mocker.patch(f"{MODULE}.model.User", return_value=created_user)
hash_password = mocker.patch(
f"{MODULE}.security.password.hash_password",
return_value=hashed_password,
)
user_schema = schema.UserCreate(email=faker.email(),
password=faker.word())
actual_user = CRUDUsers(model=model.User).create(db=db,
schema=user_schema)
assert actual_user == created_user
hash_password.assert_called_once_with(created_user.password)
db.add.assert_called_once_with(created_user)
db.commit.assert_called_once()
db.refresh.assert_called_once_with(created_user)
def test_should_query_for_all_users_using_the_query_params_specified(
self,
faker,
mocker,
client,
):
db = mocker.MagicMock()
skip = faker.pyint()
limit = faker.pyint()
user = UserFactory()
all = mocker.patch(f"{MODULE}.crud.users.all", return_value=[])
client.app.dependency_overrides[
deps.get_authenticated_active_user] = lambda: user
client.app.dependency_overrides[deps.db_session] = lambda: db
response = client.get("/users/", params={"limit": limit, "skip": skip})
assert response.status_code == 200
assert response.json() == []
all.assert_called_once_with(db=db, skip=skip, limit=limit)
def test_should_the_user_when_it_is_active(self):
user = UserFactory(moderator=True)
assert user == get_authenticated_moderator(user=user)
