def test_valid_credentials(self):
"""
If username and password credentials match that of a registered user,
the user's authentication token, mystery hash and http_200_ok are
returned in the response.
"""
time = datetime.datetime.now()
time = time + datetime.timedelta(days=1)
with self.settings(START_DATETIME=time.strftime("%d/%m/%Y %H:%M:%S")):
# test case setup
token = Token.objects.get(user__username='******')
data = {'username': "******", 'password': "******"}
# sends login request
response = self.client.post(reverse('authentication:token'), data)
# run test
# proper status code test
self.assertEqual(response.status_code, 200)
# user token test
self.assertEqual(response.data['token'], token.key)
# custom login view test
if self.custom:
self.assertEqual(response.data['release'],
get_current_release())
def post(self, request, *args, **kwargs):
try:
# checks if user credentials are correct
username = request.data['username']
password = request.data['password']
user = authenticate(username=username, password=password)
if user is not None:
# successfully authenticated
token, created = Token.objects.get_or_create(user=user)
release = floor(get_current_release())
# mystery = Instance.objects.get(group=user.group).mystery.hash
return Response({
'token': token.key,
'release': release,
'is_ta': user.is_ta
# 'mystery': mystery
}, status=status.HTTP_200_OK)
else:
# authentication failed
return Response(status=status.HTTP_400_BAD_REQUEST)
except AttributeError:
return Response(status=status.HTTP_400_BAD_REQUEST)
except KeyError:
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
return Response(status=status.HTTP_400_BAD_REQUEST)
def get(self, request, release):
"""
Returns a list of comments from the users instance and specified
release.
:param release: a release id, passed in the url.
"""
try:
instance = request.user.group.instance.all()[0].id
commented = Comment.objects.filter(instance=instance,
release=release,
owner=request.user.id).exists()
current_release = get_current_release()
# checks if user has commented on the current release
if commented or int(release) < current_release:
comments = Comment.objects.filter(instance=instance,
release=release)
serializer = CommentSerializer(comments, many=True)
return Response(serializer.data, status=status.HTTP_200_OK)
else:
# if requested release has not yet been reached
# if int(release) > current_release:
# return Response(status=status.HTTP_400_BAD_REQUEST)
return Response(status=status.HTTP_403_FORBIDDEN)
except AttributeError:
# catches if an attribute does not exist
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
# catches if an object (instance) does not exist
return Response(status=status.HTTP_400_BAD_REQUEST)
def get(self, request, format=None):
current_week = get_current_release()
# now releases are contricted in 1-3
if (current_week % 3) == 0:
current_week = 3
elif current_week % 3 == 1:
current_week = 1
elif current_week % 3 == 2:
current_week = 2
# we need to work on implenting which order of mysteries to release in which order
# for time being it is this particular mystery object
mystery_name = Mystery.objects.get(pk=1)
mystery_ob = Release.objects.get(pk=current_week)
# Need to implement a method to assign mysteries to groups in a list format
# so we can figure which mysteries to release in which order
# later implement a method to organize all 1-9 releases for a student so we can
# easily navigate between next, previous releases/weeks
# also need to create a python file which well read all text files and create
# release objects extracting the clue/answer text and putting it in the db
# not currently storing images in db so we must use a path in front end
path_image = "assets/anthro-virtual-mysteries/Archaeology-demo/"
#path_clue = "assets/anthro-virtual-mysteries/Archaeology-demo/"
path_clue = mystery_ob.clue
#path_answer = "assets/anthro-virtual-mysteries/Archaeology-demo/"
path_answer = mystery_ob.answer
path_image += str(mystery_name.name) + "/Release" +str(current_week) +"/image1.jpg"
#path_clue += str(request.user.group.mystery1) + "/Release" +str(current_week)+"/clue.txt"
#path_answer += str(request.user.group.mystery1) + "/Release" +str(current_week)+ "/ans.txt"
#Release.objects.filter(mystery=users_mystery, release=required_release)
return Response({
'user': str(request.user),
'mystery': str(mystery_name.name),
'image': path_image,
'clue': path_clue,
'answer': path_answer,
},
status=status.HTTP_200_OK)
def test_valid_logout(self):
"""
If the authentication credential (token) matches that of a registered
user, the user's authentication token is deleted and http_200_ok is
returned in the response.
"""
time = datetime.datetime.now()
time = time + datetime.timedelta(days=1)
with self.settings(START_DATETIME=time.strftime("%d/%m/%Y %H:%M:%S")):
# test case setup
token1 = Token.objects.get(user__username='******')
data = {'username': "******", 'password': "******"}
# sends login request
response = self.client.post(reverse('authentication:token'), data)
# login test
# proper status code test
self.assertEqual(response.status_code, 200)
# user token test
self.assertEqual(response.data['token'], token1.key)
# custom login view test
if self.custom:
self.assertEqual(response.data['release'],
get_current_release())
# auth header
header = {'HTTP_AUTHORIZATION': 'Token {}'.format(token1.key)}
# send logout request
response = self.client.get(reverse('authentication:logout'), {},
**header)
# logout test
# proper status code test
self.assertEqual(response.status_code, 200)
# sends login request
response = self.client.post(reverse('authentication:token'), data)
# login test
# proper status code test
self.assertEqual(response.status_code, 200)
# get new token
token2 = Token.objects.get(user__username='******')
# user token test
self.assertNotEqual(token2.key, token1.key)
def get(self, request):
try:
results = Result.objects.get(comment__owner=request.user,
comment__release=get_current_release())
serializer = ResultSerializer(results)
return Response(serializer.data, status=status.HTTP_200_OK)
except AttributeError:
# catches if an attribute does not exist
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
# catches if an object (instance) does not exist
return Response(status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
username = ''
try:
# checks if user credentials are correct
username = request.data['username']
password = request.data['password']
user = authenticate(username=username, password=password)
if user is not None:
# successfully authenticated
token, created = Token.objects.get_or_create(user=user)
# get current release info
release_info = get_current_release()
# log successful login
activityLogger.info(f'Login: User "{username}" logged in.')
return Response(
{
'token': token.key,
'release': release_info[0],
'mark': release_info[1],
'mystery_end': release_info[2],
'is_ta': user.is_ta
},
status=status.HTTP_200_OK)
else:
# authentication failed
activityLogger.error(
f'Failed login: User "{username}" failed authentication.')
return Response(status=status.HTTP_400_BAD_REQUEST)
except AttributeError:
debugLogger.exception(f'User "{username}" login failed.',
exc_info=True)
return Response(status=status.HTTP_400_BAD_REQUEST)
except KeyError:
debugLogger.exception(f'User "{username}" login failed.',
exc_info=True)
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
debugLogger.exception(f'User "{username}" login failed.',
exc_info=True)
return Response(status=status.HTTP_400_BAD_REQUEST)
def get(self, request, groupId):
try:
current_release = get_current_release()[0]
# checks if mystery has reached start date
if current_release > 0 and request.user.is_ta:
mystery = Instance.objects.get(group__id=groupId).mystery
# releases for mystery <= current_release
releases = Release.objects.filter(mystery=mystery.id)
serializer = ArtifactSerializerTA(releases, many=True)
return Response(serializer.data, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_400_BAD_REQUEST)
except AttributeError:
return Response(status=status.HTTP_400_BAD_REQUEST)
except KeyError:
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
return Response(status=status.HTTP_400_BAD_REQUEST)
def get(self, request, release):
"""
Returns artifact information for a specific release.
:param release: a release id, passed in the url.
"""
try:
current_release = get_current_release()[0]
# checks if requested release has been reached
if int(release) <= current_release:
mystery = Instance.objects.get(group=request.user.group) \
.mystery
release_info = Release.objects.get(mystery=mystery.id,
number=release)
serializer = ArtifactSerializer(release_info)
return Response(serializer.data, status=status.HTTP_200_OK)
else:
# release not reached or dne
return Response(status=status.HTTP_400_BAD_REQUEST)
except AttributeError:
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
return Response(status=status.HTTP_400_BAD_REQUEST)
def get(self, request):
try:
current_release = get_current_release()
# checks if mystery has reached start date
if current_release > 0:
mystery = Instance.objects.get(group=request.user.group)\
.mystery
# releases for mystery <= current_release
releases = Release.objects.filter(mystery=mystery.id,
number__lte=current_release)
serializer = ReleaseSerializer(releases,
many=True,
context={'request': request})
return Response(serializer.data, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_400_BAD_REQUEST)
except AttributeError:
return Response(status=status.HTTP_400_BAD_REQUEST)
except KeyError:
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
return Response(status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
"""
Creates a comment through info submitted in a post request.
"""
try:
instance = request.user.group.instance.all()[0].id
release = get_current_release()
commented = Comment.objects.filter(instance=instance,
release=release,
owner=request.user.id).exists()
# checks if mystery start date has been reached
if release > 0:
# checks if user has already commented
if not commented:
# (.copy returns a mutable QueryDict object)
data = request.data.copy()
data['owner'] = request.user.id
data['instance'] = instance
data['release'] = release
serializer = CommentSerializer(data=data)
if serializer.is_valid():
# creates comment
serializer.save()
return Response(status=status.HTTP_201_CREATED)
return Response(status=status.HTTP_400_BAD_REQUEST)
else:
return Response(status=status.HTTP_403_FORBIDDEN)
else:
return Response(status=status.HTTP_400_BAD_REQUEST)
except AttributeError:
# catches if an attribute does not exist
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
# catches if an object (instance) does not exist
return Response(status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
"""
Creates a comment through info submitted in a post request.
"""
username = ''
data = {}
try:
instance = request.user.group.instance.all()[0].id
release_info = get_current_release()
commented = Comment.objects.filter(instance=instance,
release=release_info[0],
owner=request.user.id).exists()
username = request.user.get_username()
# checks if mystery start date has been reached
if release_info[0] > 0:
# checks if user has already commented
if not commented and \
(not release_info[1] or not release_info[2]):
# (.copy returns a mutable QueryDict object)
data = request.data.copy()
data['owner'] = request.user.id
data['instance'] = instance
data['release'] = release_info[0]
# sanitize the input string
data['text'] = sanitize_text(data, username)
data['time'] = get_time_string()
serializer = CommentSerializer(data=data)
if serializer.is_valid():
# creates comment
serializer.save()
# log successful comment
activityLogger.info(
f'User comment ({username}): {data}')
return Response(status=status.HTTP_201_CREATED)
# otherwise, log the unsuccessful comment
debugLogger.debug(
f'Unsuccessful user comment ({username}): {data}')
return Response(status=status.HTTP_400_BAD_REQUEST)
else:
# add updated response here
debugLogger.info(
f'User "{username}" tried to submit a '
f'comment when they should not be able to.')
return Response(status=status.HTTP_403_FORBIDDEN)
else:
debugLogger.info(f'User "{username}" tried to submit a '
f'comment before mystery start date.')
return Response(status=status.HTTP_400_BAD_REQUEST)
except AttributeError:
# catches if an attribute does not exist
debugLogger.exception(
f'User "{username}" comment create failed: {data}',
exc_info=True)
return Response(status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
# catches if an object (instance) does not exist
debugLogger.exception(
f'User "{username}" comment create failed: {data}',
exc_info=True)
return Response(status=status.HTTP_400_BAD_REQUEST)