def test_add_user_duplicate_email(self):
"""Ensure an error is thrown in edge case of duplicate email"""
with self.client:
user = add_user('testuser', '*****@*****.**', 'test', True)
auth_token = auth_with_user(self.client, user, 'test')
self.client.post('/users',
data=json.dumps({
'username': '******',
'email': '*****@*****.**',
'password': '******'
}),
content_type='application/json',
headers={'Authorization': f'Bearer {auth_token}'})
response = self.client.post(
'/users',
data=json.dumps({
'username': '******',
'email': '*****@*****.**',
'password': '******'
}),
content_type='application/json',
headers={'Authorization': f'Bearer {auth_token}'})
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 400)
self.assertIn('Sorry, That email already exists.', data['message'])
self.assertIn('fail', data['status'])
def test_add_user_invalid_json(self):
"""Ensure that sending nothing to new user throws error"""
user = add_user('test', '*****@*****.**', 'test', True)
with self.client:
auth_token = auth_with_user(self.client, user, 'test')
response = self.client.post(
'/users',
data=json.dumps({}),
content_type='application/json',
headers={'Authorization': f'Bearer {auth_token}'})
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 400)
self.assertIn('Invalid payload', data['message'])
self.assertIn('fail', data['status'])
def test_add_user_invalid_request_no_password(self):
"""Ensure that error is thrown if password key is missing"""
with self.client:
user = add_user('testuser', '*****@*****.**', 'test', True)
auth_token = auth_with_user(self.client, user, 'test')
response = self.client.post(
'/users',
data=json.dumps({
'email': '*****@*****.**',
'username': '******'
}),
content_type='application/json',
headers={'Authorization': f'Bearer {auth_token}'})
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 400)
self.assertIn('Invalid payload', data['message'])
self.assertIn('fail', data['status'])
def test_add_user(self):
"""Ensure a new user can be added to the database"""
user = add_user('testuser', '*****@*****.**', 'password', True)
auth_token = auth_with_user(self.client, user, 'password')
response = self.client.post(
'/users',
data=json.dumps({
'username': '******',
'email': '*****@*****.**',
'password': '******'
}),
content_type='application/json',
headers={'Authorization': f'Bearer {auth_token}'})
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 201)
self.assertIn('[email protected] was added!', data['message'])
self.assertIn('success', data['status'])
def test_add_user_not_admin(self):
"""Add a user when not admin"""
user = add_user('testuser', '*****@*****.**', 'password', False)
auth_token = auth_with_user(self.client, user, 'password')
response = self.client.post(
'/users',
data=json.dumps({
'username': '******',
'email': '*****@*****.**',
'password': '******'
}),
content_type='application/json',
headers={'Authorization': f'Bearer {auth_token}'})
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 401)
self.assertEqual(data['status'], 'fail')
self.assertEqual(data['message'],
'You do not have permission to do that.')
def test_add_user_invactive_is_invalid(self):
add_user('test', '*****@*****.**', 'test', True)
# update user
user = User.query.filter_by(email='*****@*****.**').first()
user.active = False
db.session.commit()
with self.client:
auth_token = auth_with_user(self.client, user, 'test')
response = self.client.post(
'/users',
data=json.dumps({
'username': '******',
'email': '*****@*****.**',
'password': '******'
}),
content_type='application/json',
headers={'Authorization': f'Bearer {auth_token}'})
data = json.loads(response.data.decode())
self.assertTrue(data['status'] == 'fail')
self.assertTrue(data['message'] == 'Provide a valid auth token')
self.assertEqual(response.status_code, 401)