def test_multiple_members_to_owners(create_input): """ Tests that the first owner of Dreams is able to promote several members of Dreams to an owner. These new owners should also be able to promote other members. """ # user_1 is a dreams owner, everyone else is a member user_1, user_2, user_3, user_4, user_5 = create_input[0] private_channel = create_input[1][2] # Promote user_2 to owner assert admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 1) == {} # user_2 should be able to promote other members to owners as well assert admin_userpermission_change_v1(user_2['token'], user_3['auth_user_id'], 1) == {} assert admin_userpermission_change_v1(user_2['token'], user_4['auth_user_id'], 1) == {} # user_3 should also be able to promote members to owners assert admin_userpermission_change_v1(user_3['token'], user_5['auth_user_id'], 1) == {} # everyone should be able to join a private channel assert channel_join_v2(user_2['token'], private_channel['channel_id']) == {} assert channel_join_v2(user_3['token'], private_channel['channel_id']) == {} assert channel_join_v2(user_4['token'], private_channel['channel_id']) == {} assert channel_join_v2(user_5['token'], private_channel['channel_id']) == {}
def test_exception_priority(): """ When there are multiple errors, an AccessError should be the first one raised for invalid token. """ clear_v1() auth_register_v2("*****@*****.**", "Hihjile", "Eric", "Zheng") user_2 = auth_register_v2("*****@*****.**", "ccas1122", "Joshua", "Hatton") user_3 = auth_register_v2("*****@*****.**", "bunnyyipyip", "Bunny", "Dong") with pytest.raises(AccessError): admin_userpermission_change_v1(user_3['token'] + 'bug', user_2['auth_user_id'] + 5, 3)
def userpermission_change(): parameters = request.get_json() token = parameters['token'] u_id = parameters['u_id'] permission_id = parameters['permission_id'] output = admin_userpermission_change_v1(token, u_id, permission_id) return dumps(output)
def admin_userpermission_change(): data = request.get_json() token = data['token'] u_id = data['u_id'] permission_id = data['permission_id'] return dumps(admin_userpermission_change_v1(token, u_id, permission_id))
def test_demote_owner_to_member(create_input): """ Test for demoting owners to members. """ user_1 = create_input[0][0] user_2 = create_input[0][1] private_channel = create_input[1][2] # first make user_2 an owner assert admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 1) == {} # now demote user_1 to member assert admin_userpermission_change_v1(user_2['token'], user_1['auth_user_id'], 2) == {} # user_1 should not be able to join private channels with pytest.raises(AccessError): channel_join_v2(user_1['token'], private_channel['channel_id'])
def test_multiple_owners_to_members(create_input): """ Tests for demoting multiple owners to members. """ user_1, user_2, user_3, user_4, user_5 = create_input[0] private_channel = create_input[1][2] # make user 2,3,4 all owners assert admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 1) == {} assert admin_userpermission_change_v1(user_1['token'], user_3['auth_user_id'], 1) == {} assert admin_userpermission_change_v1(user_1['token'], user_4['auth_user_id'], 1) == {} # as user 2, demote user1,3,4 assert admin_userpermission_change_v1(user_2['token'], user_1['auth_user_id'], 2) == {} assert admin_userpermission_change_v1(user_2['token'], user_3['auth_user_id'], 2) == {} assert admin_userpermission_change_v1(user_2['token'], user_4['auth_user_id'], 2) == {} # user1,3,4,5 should not be able to join private channels with pytest.raises(AccessError): channel_join_v2(user_1['token'], private_channel['channel_id']) channel_join_v2(user_3['token'], private_channel['channel_id']) channel_join_v2(user_4['token'], private_channel['channel_id']) channel_join_v2(user_5['token'], private_channel['channel_id'])
def test_no_change(create_input): """ Assume owners are able to set the new permissions of others and themselves to be the same permissions they already had, with no errors occurring. """ user_1, user_2, user_3, user_4, user_5 = create_input[0] private_channel = create_input[1][2] # change permissions of user2 and user3 to owners assert admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 1) == {} assert admin_userpermission_change_v1(user_1['token'], user_3['auth_user_id'], 1) == {} # call function on user2,3,4,5 but "change" their permissions to their # original permissions assert admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 1) == {} assert admin_userpermission_change_v1(user_1['token'], user_3['auth_user_id'], 1) == {} assert admin_userpermission_change_v1(user_1['token'], user_4['auth_user_id'], 2) == {} assert admin_userpermission_change_v1(user_1['token'], user_5['auth_user_id'], 2) == {} # user2,3 should still be able to join private channels assert channel_join_v2(user_2['token'], private_channel['channel_id']) == {} assert channel_join_v2(user_3['token'], private_channel['channel_id']) == {} # user4,5 should still not be able to join private channels with pytest.raises(AccessError): channel_join_v2(user_4['token'], private_channel['channel_id']) channel_join_v2(user_5['token'], private_channel['channel_id'])
def test_auth_user_not_owner(create_input): """ Raises an AccessError when auth user is not an owner of Dreams. """ user_1 = create_input[0][0] user_2 = create_input[0][1] user_3 = create_input[0][2] # access error should be raised when authorised user is not an owner with pytest.raises(AccessError): admin_userpermission_change_v1(user_2['token'], user_1['auth_user_id'], 1) admin_userpermission_change_v1(user_2['token'], user_1['auth_user_id'], 2) admin_userpermission_change_v1(user_3['token'], user_1['auth_user_id'], 1) admin_userpermission_change_v1(user_3['token'], user_2['auth_user_id'], 2)
def test_self_permission_change(create_input): """ Assume owners are able to change their own permission to member permissions. Assume if there is only one Owner of Dreams, they are not able to change their own permission to 2. """ user_1 = create_input[0][0] user_2 = create_input[0][1] user_3 = create_input[0][2] private_channel = create_input[1][2] # promote user2 and user3 to owners assert admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 1) == {} assert admin_userpermission_change_v1(user_1['token'], user_3['auth_user_id'], 1) == {} # user1, user2 should both be able to change their own permissions to 2 assert admin_userpermission_change_v1(user_1['token'], user_1['auth_user_id'], 2) == {} assert admin_userpermission_change_v1(user_2['token'], user_2['auth_user_id'], 2) == {} # user3 shouldn't have their permissions changed despite function returning # expected output assert admin_userpermission_change_v1(user_3['token'], user_3['auth_user_id'], 2) == {} # user1 & user2 should now be members and can't join private channels with pytest.raises(AccessError): channel_join_v2(user_1['token'], private_channel['channel_id']) channel_join_v2(user_2['token'], private_channel['channel_id']) # user3 should still be able to join private channels assert channel_join_v2(user_3['token'], private_channel['channel_id']) == {}
def test_invalid_u_id(): """ Should raise an InputError when passed in an invalid user id """ clear_v1() user_1 = auth_register_v2("*****@*****.**", "WaffleNow!", "Eric", "Zheng") # Invalid u_id should raise an InputError with pytest.raises(InputError): admin_userpermission_change_v1(user_1['token'], user_1['auth_user_id'] + 5, 2) admin_userpermission_change_v1(user_1['token'], user_1['auth_user_id'] + 10, 2) admin_userpermission_change_v1(user_1['token'], user_1['auth_user_id'] - 5, 1) admin_userpermission_change_v1(user_1['token'], user_1['auth_user_id'] - 500, 1)
def test_promote_member_to_owner(create_input): """ Tests that the first owner of Dreams is able to successfully promote a member of Dreams to an owner. """ user_1 = create_input[0][0] # Dreams owner user_2 = create_input[0][1] # Dreams member private_channel = create_input[1][2] # Promote user_2 to an owner assert admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 1) == {} # user_2 should be able to join private channels now as an owner assert channel_join_v2(user_2['token'], private_channel['channel_id']) == {}
def test_invalid_token_id(): """ Raises an AccessError when the token passed in does not refer to a valid user. """ clear_v1() user_1 = auth_register_v2("*****@*****.**", "Helalfs432", "Eric", "Zheng") user_2 = auth_register_v2("*****@*****.**", "ccas1122", "Joshua", "Hatton") with pytest.raises(AccessError): admin_userpermission_change_v1(user_1['token'] + 'bug', user_2['auth_user_id'], 1) admin_userpermission_change_v1(user_1['token'] + 'sadf', user_2['auth_user_id'], 2) admin_userpermission_change_v1(user_1['token'] + '1', user_2['auth_user_id'], 2) admin_userpermission_change_v1(user_1['token'] + '7455', user_2['auth_user_id'], 1)
def test_invalid_permission_id(create_input): """ Raises an InputError when passed in an invalid permission id """ user_1 = create_input[0][0] user_2 = create_input[0][1] # only 1 and 2 are valid permission ids # invalid permissions shoould raise an input error with pytest.raises(InputError): admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 3) admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], -1) admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 4) admin_userpermission_change_v1(user_1['token'], user_2['auth_user_id'], 5)
def test_remove_self(create_input): """An owner should be allowed to remove themselves with no errors as long as they are not the last owner left """ user_1, user_2, user_3, user_4, user_5 = create_input[0] admin_userpermission_change_v1(user_1["token"], user_2["auth_user_id"], 1) admin_userpermission_change_v1(user_1["token"], user_3["auth_user_id"], 1) admin_userpermission_change_v1(user_1["token"], user_4["auth_user_id"], 1) admin_userpermission_change_v1(user_1["token"], user_5["auth_user_id"], 1) assert admin_user_remove_v1(user_2["token"], user_2["auth_user_id"]) == {} assert admin_user_remove_v1(user_3["token"], user_3["auth_user_id"]) == {} assert admin_user_remove_v1(user_4["token"], user_4["auth_user_id"]) == {} assert admin_user_remove_v1(user_1["token"], user_1["auth_user_id"]) == {} # only user_5 should be shown when calling users_all assert users_all_v1(user_5["token"]) == { "users": [user_profile_v2(user_5["token"], user_5["auth_user_id"])["user"]] } # check to see that these users are indeed removed # calling channels list should raise an input error as their u_id's are invalid with pytest.raises(AccessError): channels_list_v2(user_2["token"]) channels_list_v2(user_3["token"]) channels_list_v2(user_4["token"]) channels_list_v2(user_1["token"]) # Check to see each removed user's profile is retrievable and their name is # now 'Removed user' for user in [user_1, user_2, user_3, user_4]: user_profile = user_profile_v2(user_5["token"], user["auth_user_id"]) assert type(user_profile) == dict assert ( f"{user_profile['user']['name_first']}{user_profile['user']['name_last']}" == "Removed user" or f"{user_profile['user']['name_first']} {user_profile['user']['name_last']}" == "Removed user") # CHECK THAT MESSAGES SENT ARE 'REMOVED USER' # check channel messages for user 2 channel_join_v2(user_5["token"], create_input[1][1]["channel_id"]) channel_1_messages = channel_messages_v2(user_5["token"], create_input[1][1]["channel_id"], 0) for message in channel_1_messages["messages"]: if message["message_id"] == create_input[2][1]: assert message["message"] == "Removed user" # check channel messages for user 3 channel_join_v2(user_5["token"], create_input[1][0]["channel_id"]) channel_2_messages = channel_messages_v2(user_5["token"], create_input[1][0]["channel_id"], 0) for message in channel_2_messages["messages"]: if message["message_id"] == create_input[2][2]: assert message["message"] == "Removed user" clear_v1()