def test_debit_account_adds_credit_event_to_db(fake_app: FlaskClient, db, account_id, session: Session): fake_app.patch(f'/api/v1/account/{account_id}/balance', data=json.dumps({ 'action': 'debit', 'dollars': 12, 'cents': 95 }), content_type='application/json') aggregate = session.query(AggregateModel).filter( AggregateModel.uuid == account_id.value).one() assert aggregate.events[-1].data['dollars'] == 12 assert aggregate.events[-1].data['cents'] == 95 assert aggregate.version == AGGREGATE_VERSION + 1
def test_update_country_successful_response(app_test_client: FlaskClient, country_summary: Dict[str, Union[str, int]]): """ Test updating one country with success. Args: app_test_client (FlaskClient): App's HTTP client. country_summary (Dict[str, Union[str, int]]): Summary message example. """ clean_database() original_new_confirmed_number = country_summary["new_confirmed"] updated_new_confirmed_number = country_summary["new_confirmed"] + 100 app_test_client.post("countries/", json=country_summary) pre_update_get_response = app_test_client.get( f"countries/{country_summary['country_code']}") assert (pre_update_get_response.json["new_confirmed"] == original_new_confirmed_number) country_summary["new_confirmed"] = updated_new_confirmed_number response = app_test_client.patch( f"/countries/{country_summary['country_code']}", json=country_summary) assert response.status_code == 200 post_update_get_response = app_test_client.get( f"countries/{country_summary['country_code']}") assert (post_update_get_response.json["new_confirmed"] == updated_new_confirmed_number)
def test_edit_should_change_user_info(sample_app, app_client: FlaskClient, test_token): with sample_app.test_request_context(): expected_response = { "user": { "email": "*****@*****.**", "nickname": "LuanGameplays", "first_name:": "Ze", "last_name": "Neves", "biography": "Peace", } } response = app_client.patch( USERS_ROUTE, json={ "nickname": "LuanGameplays", "first_name": "Ze", "biography": "Peace", }, headers=test_token, ) assert response.status_code == HTTPStatus.OK assert response.get_json() == expected_response
def test_update_user_profile_not_logged_in(client: FlaskClient): user = users.add( User(email='*****@*****.**', password='******', first_name='Tibor', last_name='Mikita', phone='+421111222333', street='Kosicka', zip_code='06601', city='Humenne', country=Country.SK, date_of_birth=datetime.date(1994, 5, 25))) user.active = True r = client.patch(f'/api/users/{user.id}', data=json.dumps({ 'city': 'Medzilaborce', 'street': 'Bratislavska', 'zip_code': '99999', 'phone': '+420999999999' }), content_type='application/json') payload = r.json assert r.status_code == status.HTTP_403_FORBIDDEN assert payload[ 'message'] == 'You do not have permission to perform this action.'
def test_update_user_profile_invalid_phone_format(client: FlaskClient): user = users.add( User(email='*****@*****.**', password='******', first_name='Tibor', last_name='Mikita', phone='+421111222333', street='Kosicka', zip_code='06601', city='Humenne', country=Country.SK, date_of_birth=datetime.date(1994, 5, 25))) user.active = True r = client.post('/api/auth/login', data=json.dumps({ 'email': '*****@*****.**', 'password': '******' }), content_type='application/json') payload = r.json access_token = payload['access_token'] r = client.patch(f'/api/users/{user.id}', data=json.dumps({'phone': '0999999999'}), content_type='application/json', headers={'Authorization': f'Bearer {access_token}'}) payload = r.json assert r.status_code == status.HTTP_400_BAD_REQUEST assert 'Phone must have format' in payload['message']
def test_does_not_exist(self, client: FlaskClient, jwt_token: str) -> None: """ A 404 is returned when editing a Todo item that does not exist """ patch_result = client.patch( "/todo/1", json={"text": "test_text_edited"}, headers={"Authorization": jwt_token}, ) assert patch_result.status_code == 404
def test_disallowed(client: FlaskClient, pets): # delete disabled assert client.delete("/human/2").status_code == 405 # human has get_enabled assert client.get("/human/2000").status_code == 404 # pointless doesn't allow anything assert client.post("/pointless").status_code == 405 assert client.patch("/pointless/2").status_code == 405 assert client.get("/pointless/1").status_code == 405
def test_acceptance_criteria_4(client: FlaskClient, session: Session): # create product product = create_basic_db_product() session.add(product) session.commit() assert product.featured is False # Make sure product doesn't become featured when rating is less then threshold response = client.patch(f'/products/{product.id}', data=json.dumps({ "rating": FEATURED_THRESHOLD - 1, }), content_type='application/json') json_response = json.loads(response.data) assert response.status_code == 200 assert json_response["featured"] is False # Check if featured is updated when rating is more then threshold response = client.patch(f'/products/{product.id}', data=json.dumps({ "rating": FEATURED_THRESHOLD + 1, }), content_type='application/json') json_response = json.loads(response.data) assert response.status_code == 200 assert json_response["featured"] is True # Make sure product do not stop being featured if rating becomes less then threshold response = client.patch(f'/products/{product.id}', data=json.dumps({ "rating": FEATURED_THRESHOLD - 1, }), content_type='application/json') json_response = json.loads(response.data) assert response.status_code == 200 assert json_response["featured"] is True
def assert_crud_resource(api_gateway: FlaskClient, auth_header, path, inputs, loader_func, valid=True, delete=False): """ Generic test routine, attempt to create a resource, assert that the relevant artifacts were (or not) created """ for test_resource in inputs: resource_to_create = loader_func(test_resource["create"]) p = api_gateway.post(f"{path}", headers=auth_header, data=json.dumps(resource_to_create)) if valid: assert p.status_code == HTTPStatus.CREATED assert_json_subset(resource_to_create, p.get_json()) else: assert p.status_code == HTTPStatus.BAD_REQUEST # ToDo: assert that the response is a problem - move problems to common resource_id = p.get_json().get("id_") g = api_gateway.get(f"{path}/{resource_id}", headers=auth_header) if valid: assert g.status_code == HTTPStatus.OK assert_json_subset(resource_to_create, g.get_json()) else: assert g.status_code == HTTPStatus.NOT_FOUND # ToDo: assert that the response is a problem - move problems to common update = test_resource.get("update") if update: resource_to_update = loader_func(update) if update["type"] == "put": u = api_gateway.put(f"{path}/{resource_id}", headers=auth_header, data=json.dumps(resource_to_update)) assert_json_subset(resource_to_update, u.get_json()) elif update["type"] == "patch": u = api_gateway.patch(f"{path}/{resource_id}", headers=auth_header, data=json.dumps(resource_to_update)) patch = jsonpatch.JsonPatch.from_string(resource_to_update) baseline = patch.apply(resource_to_create) assert_json_subset(baseline, u.get_json()) if delete: d = api_gateway.delete(f"{path}/{resource_id}", headers=auth_header) assert d.status_code == HTTPStatus.NO_CONTENT
def test_todo_of_other_user(self, client: FlaskClient) -> None: """ A 403 is returned when a user attempts to retrieve a Todo item that they do not own. """ credentials = { "email": "*****@*****.**", "password": "******", } credentials_other = { "email": "*****@*****.**", "password": "******", } client.post("/auth/signup", json=credentials) client.post("/auth/signup", json=credentials_other) result_from_login = client.post("/auth/login", json=credentials) result_from_login_other = client.post("/auth/login", json=credentials_other) jwt_token = "Bearer " + result_from_login.get_json()["token"] jwt_token_other = ("Bearer " + result_from_login_other.get_json()["token"]) post_res = client.post( "/todo", json={"text": "test_text"}, headers={"Authorization": jwt_token}, ) post_res_other = client.post( "/todo", json={"text": "test_text_other"}, headers={"Authorization": jwt_token_other}, ) obj_id = post_res.get_json()["obj_id"] obj_id_other = post_res_other.get_json()["obj_id"] res = client.get("/todo/" + obj_id, headers={"Authorization": jwt_token}) res_other = client.get("/todo/" + obj_id_other, headers={"Authorization": jwt_token_other}) get_data = res.get_json() get_data_other = res_other.get_json() assert get_data == "test_text" assert get_data_other == "test_text_other" wrong_auth_token = client.get("/todo/" + obj_id_other, headers={"Authorization": jwt_token}) assert wrong_auth_token.status_code == 403 patch_result = client.patch( "/todo/" + obj_id, json={"text": "test_text_edited"}, headers={"Authorization": jwt_token_other}, ) assert patch_result.status_code == 403
def test_edit_membership_details(client: FlaskClient) -> None: user = User(uuid=example_uuid1) meeting = Meeting(uuid=example_uuid2, owner=user) membership = Membership(meeting=meeting, user=user) db.session.add(membership) db.session.commit() response = client.patch(f'/api/v1/memberships/{meeting.uuid}/{user.uuid}', json={'stop_name': 'Chopina'}) assert response.status_code == 204 assert response.data == b'' membership = Membership.query.get((meeting.uuid, user.uuid)) assert membership.stop_name == 'Chopina'
def test_assets_id(client: FlaskClient): """Test for /api/meta/assets/<id>""" url = '/api/meta/assets/1' res = client.get(url) assert res.json['code'] == http.HTTPStatus.OK res = client.post(url) assert res.json['code'] == http.HTTPStatus.METHOD_NOT_ALLOWED # Method Not Allowed res = client.put(url) assert res.json['code'] == http.HTTPStatus.OK res = client.patch(url) assert res.json['code'] == http.HTTPStatus.OK
def test_update_user_profile(client: FlaskClient): user = users.add( User(email='*****@*****.**', password='******', first_name='Tibor', last_name='Mikita', phone='+421111222333', street='Kosicka', zip_code='06601', city='Humenne', country=Country.SK, date_of_birth=datetime.date(1994, 5, 25))) user.active = True r = client.post('/api/auth/login', data=json.dumps({ 'email': '*****@*****.**', 'password': '******' }), content_type='application/json') payload = r.json access_token = payload['access_token'] assert user.city == 'Humenne' assert user.street == 'Kosicka' assert user.zip_code == '06601' assert user.phone == '+421111222333' r = client.patch(f'/api/users/{user.id}', data=json.dumps({ 'city': 'Medzilaborce', 'street': 'Bratislavska', 'zip_code': '99999', 'phone': '+420999999999' }), content_type='application/json', headers={'Authorization': f'Bearer {access_token}'}) payload = r.json assert r.status_code == status.HTTP_200_OK assert payload['message'] == 'Profile successfully modified.' assert user.city == 'Medzilaborce' assert user.street == 'Bratislavska' assert user.zip_code == '99999' assert user.phone == '+420999999999'
def test_acceptance_criteria_3(client: FlaskClient, session: Session): # create brand and category to add to new product brand = create_basic_db_brand() category = create_basic_db_category() session.add(brand) session.add(category) session.commit() now = datetime.utcnow() # Try to pass expiration date that is too early (creation) response = client.post('/products', data=json.dumps({ "name": "test", "rating": 5, "brand": brand.id, "categories": [category.id], "expiration_date": email_utils.format_datetime(now), "items_in_stock": 1 }), content_type='application/json') json_response = json.loads(response.data) assert response.status_code == 400 assert len(json_response["errors"]) == 1 assert json_response["errors"][0]["loc"][0] == 'expiration_date' # Try to pass expiration date that is too early (update) product = create_basic_db_product() session.add(product) session.commit() response = client.patch(f"/products/{product.id}", data=json.dumps({ "expiration_date": email_utils.format_datetime(now), }), content_type='application/json') json_response = json.loads(response.data) assert response.status_code == 400 assert len(json_response["errors"]) == 1 assert json_response["errors"][0]["loc"][0] == 'expiration_date'
def test_edit_should_fail_when_user_not_exists(sample_app, app_client: FlaskClient, test_token_user_not_exists): with sample_app.test_request_context(): expected_response = {"error": "User not found"} response = app_client.patch( USERS_ROUTE, json={}, headers=test_token_user_not_exists, ) assert response.status_code == HTTPStatus.NOT_FOUND assert response.get_json() == expected_response
def test_edit_should_fail_when_email_already_exists(sample_app, app_client: FlaskClient, test_token): with sample_app.test_request_context(): expected_response = { "error": "This email address is already being used" } response = app_client.patch( USERS_ROUTE, json={ "email": "*****@*****.**", }, headers=test_token, ) assert response.status_code == HTTPStatus.CONFLICT assert response.get_json() == expected_response
def test_update_other_user_profile_not_mine(client: FlaskClient): user1 = users.add( User(email='*****@*****.**', password='******', first_name='Tibor', last_name='Mikita', phone='+421111222333', street='Kosicka', zip_code='06601', city='Humenne', country=Country.SK, date_of_birth=datetime.date(1994, 5, 25))) user1.active = True user2 = users.add(User('*****@*****.**', 'dsaa')) user2.active = True r = client.post('/api/auth/login', data=json.dumps({ 'email': '*****@*****.**', 'password': '******' }), content_type='application/json') payload = r.json access_token = payload['access_token'] r = client.patch(f'/api/users/{user1.id}', data=json.dumps({ 'city': 'Medzilaborce', 'street': 'Bratislavska', 'zip_code': '99999', 'phone': '+420999999999' }), content_type='application/json', headers={'Authorization': f'Bearer {access_token}'}) payload = r.json assert r.status_code == status.HTTP_400_BAD_REQUEST assert payload['message'] == 'You cannot edit profile of other person.'
def test_edit_meeting(client: FlaskClient) -> None: owner = User(uuid=example_uuid1) meeting = Meeting(uuid=example_uuid2, owner=owner) db.session.add(meeting) db.session.commit() response = client.patch(f'/api/v1/meetings/{meeting.uuid}', json={ 'owner_uuid': owner.uuid, 'name': 'Lorem ipsum', 'description': 'Lorem ipsum sit dolor amet.', 'datetime': '2020-01-02T03:04:05', 'stop_name': 'Czarnowiejska', }) assert response.status_code == 204 meeting = Meeting.query.get(meeting.uuid) assert meeting.name == 'Lorem ipsum' assert meeting.description == 'Lorem ipsum sit dolor amet.' assert meeting.datetime == datetime(2020, 1, 2, 3, 4, 5) assert meeting.stop_name == 'Czarnowiejska'
def test_exists(self, client: FlaskClient, jwt_token: str) -> None: """ It is possible to edit the text of a Todo item """ result_from_post = client.post( "/todo", json={"text": "test_text"}, headers={"Authorization": jwt_token}, ) obj_id = result_from_post.get_json()["obj_id"] patch_result = client.patch( "/todo/" + obj_id, json={"text": "test_text_edited"}, headers={"Authorization": jwt_token}, ) assert patch_result.status_code == 200 res = client.get("/todo/" + obj_id, headers={"Authorization": jwt_token}) get_data = res.get_json() expected_data = "test_text_edited" assert get_data == expected_data
def http_req(client: FlaskClient, url: str, method: str, payload: dict) -> dict: """ 发送测试请求 :param client: flask客户端对象 :param url: 路由 :param method: 请求方法 :param payload: 参数 :return: 数据 """ if method.upper() == 'GET': return client.get(url, query_string=payload).json if method.upper() == 'POST': return client.post(url, json=payload, headers=headers).json if method.upper() == 'PUT': return client.put(url, json=payload, headers=headers).json if method.upper() == 'DELETE': return client.delete(url, json=payload, headers=headers).json if method.upper() == 'PATCH': return client.patch(url, json=payload, headers=headers).json else: raise RuntimeError('Http method error!')
def verify_add_team_members(client: FlaskClient, access_token: str, team_slug: str, users: List[Mapping]) -> Mapping: assert users payload = dict(users=[{ 'username': u['username'], 'uniqueId': u['uniqueId'], } for u in users]) response = client.patch(f'/teams/{team_slug}/members', headers=auth_header(access_token), json=payload, follow_redirects=True) data = verify_api_response(response) assert data.get('slug') == team_slug members = data.get('members') assert members member_ids = [m['uniqueId'] for m in members] for uid in [u['uniqueId'] for u in users]: assert uid in member_ids
def test_update_product(client: FlaskClient, session: Session): # create product product = create_basic_db_product() session.add(product) session.commit() # check before change product_pre_update = product.serialized # request update response = client.patch(f"/products/{product.id}", data=json.dumps({"name": "test2"}), content_type='application/json') # check status assert response.status_code == 200 # check if product changed in database session.refresh(product) assert product.name == "test2" # make sure everything else is NOT changed product_post_update = product.serialized assert product_post_update["id"] == product_pre_update["id"] assert product_post_update["featured"] == product_pre_update["featured"] assert product_post_update["brand"] == product_pre_update["brand"] assert product_post_update["categories"] == product_pre_update[ "categories"] assert product_post_update["items_in_stock"] == product_pre_update[ "items_in_stock"] assert product_post_update["receipt_date"] == product_pre_update[ "receipt_date"] assert product_post_update["expiration_date"] == product_pre_update[ "expiration_date"] assert product_post_update["created_at"] == product_pre_update[ "created_at"]
def test_update(client: FlaskClient, pets): update = {"species": "Canis"} res = client.patch(f"/pet/{pets[0].id}", json=update) assert res.status_code == 200 pet = res.json assert pet["species"] == "Canis"
def test_other_methods_not_allowed(self, client: FlaskClient): assert client.get('tasks/complete-task/1/').status_code == 405 assert client.put('tasks/complete-task/1/').status_code == 405 assert client.patch('tasks/complete-task/1/').status_code == 405 assert client.delete('tasks/complete-task/1/').status_code == 405