def testRegister(self, client):
timestamp = int(datetime.datetime.utcnow().timestamp())
"""Take a timestamp value now to compare against when a user is registered in the database."""
rv = register(client, self.app.config['EMAIL'],
self.app.config['USERNAME'], self.app.config['PASSWORD'])
assert 200 == rv.status_code
assert 'Registration successful.' in json.loads(rv.data)['message']
user = db.session.query(User).filter_by(id=1).one()
assert 1 == user.id
assert self.app.config['EMAIL'] == user.email
assert self.app.config['USERNAME'] == user.username
assert check_password_hash(user.password, self.app.config['PASSWORD'])
assert timestamp <= user.created_at
assert timestamp <= user.updated_at
rv = register(client, self.app.config['EMAIL'],
self.app.config['USERNAME'], self.app.config['PASSWORD'])
assert 400 == rv.status_code
assert 'A user with that email address or username already exists.' in json.loads(
rv.data)['message']
def test_create_duplicate_user():
response = register('test_user', '12345678', '1111111111')
assert response.status_code == 200
response = logout()
assert response.status_code == 200
response = register('test_user', '12345678', '1111111111')
assert response.status_code == 200
assert 'Username not available' in str(response.data)
def test_logged_user_is_presented_the_main_page(self):
register(self.app)
resp = self.app.get('/')
self.assertEquals('200 OK', resp.status)
self.assertIn('Fake Name', resp)
self.assertIn('By Date', resp)
self.assertIn('Income', resp)
self.assertIn('Outcome', resp)
def test_logged_user_cannot_check_avatar_change_status_of_another_user(self):
register(self.app)
with self.assertRaises(webtest.AppError) as cm:
self.app.get(
'/v1/users/invalid-uuid/avatar/change/status/invalid-uuid',
extra_environ=dict(
HTTP_ACCEPT='application/json'
))
self.assertEqual("Bad response: 401 Unauthorized", cm.exception)
def test_logged_user_can_view_the_profile_page(self):
register(self.app)
resp = self.app.get('/profile')
self.assertEquals('200 OK', resp.status)
self.assertIn('Avatar', resp)
self.assertIn('Name', resp)
self.assertIn('Currency', resp)
self.assertIn('Google', resp)
self.assertIn('Facebook', resp)
self.assertIn('Twitter', resp)
self.assertIn('Fake', resp)
def test_change_password():
response = register('test_user', '12345678', '1111111111')
assert response.status_code == 200
assert 'Successfully created new account for test_user' in str(
response.data)
response = login('test_user', '12345678')
assert response.status_code == 200
response = test_client.get(
'/settings',
follow_redirects=True)
assert response.status_code == 200
response = test_client.post(
'/settings',
data=dict(
current_password='******',
new_password='******',
new_password_check='dankmemes',
),
follow_redirects=True)
assert response.status_code == 200
assert "Successfully changed password" in str(response.data)
response = logout()
assert response.status_code == 200
assert 'test_user' not in str(response.data)
response = login('test_user', '12345678')
assert response.status_code == 200
assert 'test_user' not in str(response.data)
response = login('test_user', 'dankmemes')
assert response.status_code == 200
assert 'test_user' in str(response.data)
# We have to do this to prevent test_client issues.
logout()
def test_logged_user_can_change_avatar(self):
user_id = register(self.app)
resp = change_avatar(user_id, self.app, 'tests/avatar.png')
resp = wait_avatar_change(resp.location, self.app, 10)
self.assertEquals('201 Created', resp.status)
self.assertIn('.png', resp.location)
def test_login_and_logout(client):
# Access to logout view before login should fail.
response = logout(client)
assert b"Please log in to access this page." in response.data
register('sam')
response = login(client, 'sam')
assert b'Login successful.' in response.data
# Should successfully logout the currently logged in user.
response = logout(client)
assert b"You were logged out." in response.data
# Incorrect login credentials should fail.
response = login(client, "sam", "wrongpassword")
assert b"Wrong user ID or password." in response.data
# Correct credentials should login
response = login(client, "sam")
assert b"Login successful." in response.data
def test_logged_user_cannot_update_profile_with_invalid_currency(self):
user_id = register(self.app)
resp = edit_profile(user_id, self.app, name='name', currency='invalid')
self.assertFalse(
resp.json['success'], 'An error should have been received')
self.assertIn('errors', resp.json)
self.assertIn('currency', resp.json['errors'])
def test_logged_user_cannot_post_avatar_change_specifying_non_image(self):
user_id = register(self.app)
resp = change_avatar(user_id, self.app, __file__)
self.assertFalse(resp.json['success'],
'An error should have been received')
self.assertIn('errors', resp.json)
self.assertIn('avatar', resp.json['errors'])
def client():
app = create_app(environment="testing")
app.config["TESTING"] = True
with app.test_client() as client:
app_ctx = app.app_context()
app_ctx.push()
db.drop_all()
db.create_all()
register()
with mail.record_messages() as outbox:
client.outbox = outbox
yield client
db.session.remove()
db.drop_all()
app_ctx.pop()
def testLogout(self, client):
rv = register(client, self.app.config['EMAIL'],
self.app.config['USERNAME'], self.app.config['PASSWORD'])
rv = login(client, self.app.config['USERNAME'],
self.app.config['PASSWORD'])
response = logout(client)
assert 200 == response.status_code
assert 'Logout successful.' in response.json['message']
def test_login_and_logout(client):
# Access to logout view before login should fail.
response = logout(client)
assert b"Please log in to access this page." in response.data
register()
response = login(client, "*****@*****.**")
assert response.status_code == 200
# Should successfully logout the currently logged in user.
response = logout(client)
assert response.status_code == 200
# Incorrect login credentials should fail.
response = login(client, "*****@*****.**", "wrongpassword")
assert b"Wrong email or password." in response.data
# Correct credentials should login
response = login(client, "*****@*****.**")
assert response.status_code == 200
def test_login_logout():
response = register('test_user', '12345678', '1111111111')
assert response.status_code == 200
assert ('Successfully created new account for test_user'
in str(response.data))
assert 'Logout' in str(response.data)
response = login('test_user', '12345678')
assert response.status_code == 200
assert 'Logged in successfully' in str(response.data)
assert 'test_user' in str(response.data)
response = logout()
assert response.status_code == 200
assert 'test_user' not in str(response.data)
assert 'Logout' not in str(response.data)
def testLogin(self, client):
rv = register(client, self.app.config['EMAIL'],
self.app.config['USERNAME'], self.app.config['PASSWORD'])
rv = login(client, self.app.config['USERNAME'],
self.app.config['PASSWORD'])
assert 200 == rv.status_code
assert 'Login successful.' in json.loads(rv.data)['message']
rv = login(client, self.app.config['USERNAME'] + 'log',
self.app.config['PASSWORD'])
assert 400 == rv.status_code
assert 'Invalid username or password.' in json.loads(
rv.data)['message']
rv = login(client, self.app.config['USERNAME'],
self.app.config['PASSWORD'] + 'log')
assert 400 == rv.status_code
assert 'Invalid username or password.' in json.loads(
rv.data)['message']
def test_bad_password():
response = register('test_user', '12345678', '1111111111')
assert response.status_code == 200
assert 'Successfully created new account for test_user' in str(
response.data)
response = login('test_user', '12345678')
assert response.status_code == 200
response = test_client.get(
'/settings',
follow_redirects=True)
assert response.status_code == 200
response = test_client.post(
'/settings',
data=dict(
current_password='******',
new_password='******',
new_password_check='dankmemes',
),
follow_redirects=True)
assert response.status_code == 200
assert "Current password is invalid" in str(response.data)
logout()
def test_mismatched_passwords():
response = register('test_user', '12345678', '1111111111')
assert response.status_code == 200
assert 'Successfully created new account for test_user' in str(
response.data)
response = login('test_user', '12345678')
assert response.status_code == 200
response = test_client.get(
'/settings',
follow_redirects=True)
assert response.status_code == 200
response = test_client.post(
'/settings',
data=dict(
current_password='******',
new_password='******',
new_password_check='surrealmemes',
),
follow_redirects=True)
assert response.status_code == 200
assert "New passwords do not match" in str(response.data)
logout()
def test_logged_user_can_decide_which_period_to_display(self):
register(self.app)
resp = self.app.get('/2012/12')
self.assertEquals('200 OK', resp.status)
self.assertIn('2012, 12', resp)
def test_logged_user_can_update_profile(self):
user_id = register(self.app)
resp = edit_profile(user_id, self.app, name='name', currency='$')
self.assertEquals('204 No Content', resp.status)
def test_nonint_phonenumber():
response = register('test_user', '12345678', 'aaaaaaaaaa')
assert response.status_code == 200
assert 'Input characters must be numeric' in str(response.data)
def test_short_phonenumber():
response = register('test_user', '12345678', '11111111')
assert response.status_code == 200
assert 'Please enter a valid phone number' in str(response.data)
def test_create_user():
response = register('test_user', '12345678', '1111111111')
assert response.status_code == 200
assert 'Successfully created new account for test_user' in str(
response.data)
def test_short_password():
response = register('test_user', '12345', '1111111111')
assert response.status_code == 200
assert 'Password must be at least 8 characters' in str(response.data)
def test_empty_username():
response = register('', '12345678', '1111111111')
assert response.status_code == 200
assert 'Please enter username' in str(response.data)
def test_logged_user_can_delete_profile(self):
user_id = register(self.app)
resp = delete_profile(user_id, self.app)
self.assertEquals('204 No Content', resp.status)
def test_logged_user_can_remove_avatar(self):
user_id = register(self.app)
resp = remove_avatar(user_id, self.app)
self.assertEquals('204 No Content', resp.status)
def test_logged_user_cannot_remove_avatar_of_another_user(self):
register(self.app)
with self.assertRaises(webtest.AppError) as cm:
remove_avatar('invalid-uuid', self.app)
self.assertEqual("Bad response: 401 Unauthorized", cm.exception)
def test_logged_user_can_post_avatar_change(self):
user_id = register(self.app)
resp = change_avatar(user_id, self.app, 'tests/avatar.png')
self.assertEquals('202 Accepted', resp.status)
self.assertIn('avatar/change/status', resp.location)
def user1_register(test_data):
register(test_data['user1']['auth'])
def test_logged_user_cannot_update_profile_of_another_user(self):
register(self.app)
with self.assertRaises(webtest.AppError) as cm:
edit_profile('invalid-uuid', self.app)
self.assertEqual("Bad response: 401 Unauthorized", cm.exception)
