def test_auth_token_success(self): """Verify a token is created for a new user.""" orig_token_count = Token.objects.count() self.user = UserFactory() self.assertEqual(Token.objects.count(), orig_token_count + 1) self.assertIsNotNone(self.user.auth_token) self.user.auth_token.delete() self.user.delete()
def setUp(self): self.user = UserFactory() self.user.is_active = True self.user.save() self.group_count = 2 groups = list(GroupFactory.create_batch(self.group_count)) self.user.groups.set(groups)
def test_auth_token_only_on_user_create(self): """Verify a token is not created when a user is updated.""" orig_token_count = Token.objects.count() self.user = UserFactory() self.assertEqual(Token.objects.count(), orig_token_count + 1) self.user.is_active = not self.user.is_active self.user.save() self.assertEqual(Token.objects.count(), orig_token_count + 1) self.user.auth_token.delete() self.user.delete()
def setUp(self): """Create a user to test. Add a group and a pemission.""" self.password = '******' self.user = UserFactory() self.user.set_password(self.password) self.user.save() self.group = GroupFactory() self.group.user_set.add(self.user) self.perm = Permission.objects.get(codename='add_group') self.perm.user_set.add(self.user)
class TestUserSerializer(TestCase): """Test the UserSerializer.""" def setUp(self): self.user = UserFactory() self.user.is_active = True self.user.save() self.group_count = 2 groups = list(GroupFactory.create_batch(self.group_count)) self.user.groups.set(groups) def test_groups(self): """Verify groups are in the serialized user data.""" test_data = UserSerializer(self.user).data self.assertEqual(self.group_count, len(test_data['groups']))
class TestAuth(TestCase): """Test the user authentication using LDAP and local process.""" def setUp(self): """Create a user to test the login.""" self.password = '******' self.user = UserFactory() self.user.set_password(self.password) self.user.save() def tearDown(self): """Delete the test user.""" self.user.delete() def test_user_auth_success(self): """Test a successful user authentication, login. This test will generate an error message similar to this Caught LDAPError while authenticating veronicagraves: LDAPError(2, 'No such file or directory') because the test will try LDAP auth first and fail, then it will try local auth and succeed. """ usr = authenticate( username=self.user.username, password=self.password ) self.assertIsNotNone(usr, msg="User not able to login.")
def setUp(self): """Create user accounts to modify.""" self.factory = APIRequestFactory() self.user1 = UserFactory() self.user1.first_name = Faker('first_name').generate({}) self.user1.is_active = False self.user1.save() self.user2 = UserFactory() self.user2.first_name = Faker('first_name').generate({}) self.user2.is_active = True self.user2.save() self.group = GroupFactory() # Create a user with permissions to change user accounts. self.change_user_perm = Permission.objects.get(codename='change_user') self.admin_user = UserFactory() self.admin_user.is_active = True self.admin_user.user_permissions.add(self.change_user_perm) self.admin_user.save()
class TestAuthToken(TestCase): """Test the user creation process also creates an authorization Token.""" def test_auth_token_success(self): """Verify a token is created for a new user.""" orig_token_count = Token.objects.count() self.user = UserFactory() self.assertEqual(Token.objects.count(), orig_token_count + 1) self.assertIsNotNone(self.user.auth_token) self.user.auth_token.delete() self.user.delete() def test_auth_token_only_on_user_create(self): """Verify a token is not created when a user is updated.""" orig_token_count = Token.objects.count() self.user = UserFactory() self.assertEqual(Token.objects.count(), orig_token_count + 1) self.user.is_active = not self.user.is_active self.user.save() self.assertEqual(Token.objects.count(), orig_token_count + 1) self.user.auth_token.delete() self.user.delete()
class TestUserAuthSerializer(TestCase): """Test the UserAuthSerializer.""" def setUp(self): """Create a user to test. Add a group and a pemission.""" self.password = '******' self.user = UserFactory() self.user.set_password(self.password) self.user.save() self.group = GroupFactory() self.group.user_set.add(self.user) self.perm = Permission.objects.get(codename='add_group') self.perm.user_set.add(self.user) def tearDown(self): """Delete the test user, token and group.""" self.user.auth_token.delete() self.user.delete() self.group.delete() def test_to_representation(self): """Verify the method to_representation returns the right user data.""" response = UserAuthSerializer(self.user).data self.assertEqual(self.user.auth_token.key, response['token']) self.assertEqual(self.user.id, response['id']) self.assertEqual(self.user.first_name, response['first_name']) self.assertEqual(self.user.last_name, response['last_name']) self.assertEqual(self.user.email, response['email']) self.assertIn(self.group.name, response['groups']) # test_perm_value will be "auth.add_group" test_perm_value = "{}.{}".format( self.perm.natural_key()[1], self.perm.natural_key()[0], ) self.assertIn(test_perm_value, response['permissions'])
class UserViewSetTests(TestCase): """Test all actions of UserViewSet List, Retieve, Update. All methods force_auth with user1. """ def setUp(self): """Create user accounts to modify.""" self.factory = APIRequestFactory() self.user1 = UserFactory() self.user1.first_name = Faker('first_name').generate({}) self.user1.is_active = False self.user1.save() self.user2 = UserFactory() self.user2.first_name = Faker('first_name').generate({}) self.user2.is_active = True self.user2.save() self.group = GroupFactory() # Create a user with permissions to change user accounts. self.change_user_perm = Permission.objects.get(codename='change_user') self.admin_user = UserFactory() self.admin_user.is_active = True self.admin_user.user_permissions.add(self.change_user_perm) self.admin_user.save() def test_assign_groups_to_user(self): """Test the method that assigns groups to users.""" self.assertEqual(len(self.user1.groups.all()), 0) view = UserViewSet() user = view.assign_groups_to_user(user=self.user1, group_names=[ self.group.name, 'junk group', ]) self.assertEqual(len(user.groups.all()), 1) def test_change_groups(self): """Test moving a user from one group to another.""" self.assertEqual(len(self.user1.groups.all()), 0) # Assign one group view = UserViewSet.as_view(actions={'put': 'update'}) request = self.factory.put(reverse('user-detail', args=(self.user1.pk, )), {'groups': [self.group.name]}, format='json') force_authenticate(request, user=self.admin_user) response = view(request, pk=self.user1.pk) self.assertEqual(len(self.user1.groups.all()), 1) # Reassign to another group new_group = GroupFactory(name=self.group.name + '-NEW') request = self.factory.put(reverse('user-detail', args=(self.user1.pk, )), {'groups': [new_group.name]}, format='json') force_authenticate(request, user=self.admin_user) response = view(request, pk=self.user1.pk) self.assertEqual(response.status_code, HTTP_200_OK) self.assertEqual(len(self.user1.groups.all()), 1) self.assertEqual(self.user1.groups.all()[0], new_group) def test_create_fails(self): """Verify a user account cannot be created by POST to /users""" start_user_count = User.objects.count() view = UserViewSet.as_view(actions={'post': 'create'}) request = self.factory.post(reverse('user-list'), { 'username': '******', 'first_name': 'New', 'last_name': 'User', 'is_active': True, }, format='json') force_authenticate(request, user=self.admin_user) response = view(request) self.assertEqual(response.status_code, HTTP_403_FORBIDDEN) stop_user_count = User.objects.count() # When the counts are equal, no user account was created. self.assertEqual(start_user_count, stop_user_count) def test_delete_fails(self): """Verify a user account cannot be deleted using the API.""" start_user_count = User.objects.count() view = UserViewSet.as_view(actions={'delete': 'destroy'}) request = self.factory.delete(reverse('user-detail', args=(self.user1.pk, )), format='json') force_authenticate(request, user=self.admin_user) response = view(request, pk=self.user1.pk) self.assertEqual(response.status_code, HTTP_403_FORBIDDEN) stop_user_count = User.objects.count() # When the counts are equal, no user account was deleted. self.assertEqual(start_user_count, stop_user_count) def test_forbidden(self): """Test a user without permsissions cannot update a user account.""" view = UserViewSet.as_view(actions={'put': 'update'}) request = self.factory.put(reverse('user-detail', args=(self.user1.pk, )), { 'is_active': True, }, format='json') force_authenticate(request, user=self.user2) response = view(request, pk=self.user1.pk) self.assertEqual(response.status_code, HTTP_403_FORBIDDEN) def test_list(self): """Tests retrieval of all users in the system from /users""" view = UserViewSet.as_view(actions={'get': 'list'}) request = self.factory.get(reverse('user-list')) force_authenticate(request, user=self.admin_user) response = view(request) self.assertEqual(response.status_code, HTTP_200_OK) data_list = response.data self.assertEqual(len(data_list), 3) for data in data_list: if data['id'] == self.user1.pk: self.assertEqual(data['is_active'], self.user1.is_active) self.assertEqual(data['first_name'], self.user1.first_name) elif data['id'] == self.user2.pk: self.assertEqual(data['is_active'], self.user2.is_active) self.assertEqual(data['first_name'], self.user2.first_name) def test_retieve(self): """Tests that we are able to retrieve a users data from the API""" view = UserViewSet.as_view(actions={'get': 'retrieve'}) request = self.factory.get( reverse('user-detail', args=(self.user1.pk, ))) force_authenticate(request, user=self.admin_user) response = view(request, pk=self.user1.pk) self.assertEqual(response.status_code, HTTP_200_OK) user = response.data self.assertEqual(user['id'], self.user1.pk) self.assertEqual(user['first_name'], self.user1.first_name) self.assertEqual(user['is_active'], self.user1.is_active) def test_update_no_groups(self): """Tests that we are able to remove all groups from a user.""" self.user1.groups.add(self.group) self.assertEqual(len(self.user1.groups.all()), 1) view = UserViewSet.as_view(actions={'put': 'update'}) request = self.factory.put(reverse('user-detail', args=(self.user1.pk, )), { 'groups': [], }, format='json') force_authenticate(request, user=self.admin_user) response = view(request, pk=self.user1.pk) self.assertEqual(response.status_code, HTTP_200_OK) self.assertEqual(len(self.user1.groups.all()), 0) def test_update_groups(self): """Tests that we are able to add a group to a user.""" self.assertEqual(len(self.user1.groups.all()), 0) view = UserViewSet.as_view(actions={'put': 'update'}) request = self.factory.put( reverse('user-detail', args=(self.user1.pk, )), {'groups': [self.group.name, 'garbage group']}, format='json') force_authenticate(request, user=self.admin_user) response = view(request, pk=self.user1.pk) self.assertEqual(response.status_code, HTTP_200_OK) self.assertEqual(len(self.user1.groups.all()), 1)
def setUp(self): """Create dummy data to test.""" self.factory = APIRequestFactory() self.user = UserFactory() self.group = GroupFactory()
def setUp(self): """Create test data""" self.factory = APIRequestFactory() self.user = UserFactory() self.config = SiteConfigurationFactory()
def setUp(self): """Create a user to test the login.""" self.password = '******' self.user = UserFactory() self.user.set_password(self.password) self.user.save()