def test_account_admin_cannot_access_resource_if_account_different(self): test_objects = TestObjects() test_user = test_objects.get_test_user() timer = Timer(notes="More testing, boss", user=test_user) timer.save() assert(can_access_user_owned_resource(test_user, timer)) timer.delete()
def test_user_can_access_their_own_resource(self): test_objects = TestObjects() test_user = test_objects.get_test_user() timer = Timer(notes="More testing, boss", user=test_user) timer.save() assert(can_access_user_owned_resource(test_user, timer)) timer.delete()
def test_can_save_and_load_timer(self): user = TestObjects().get_test_user() t = TimerEntity(id=TestObjects().get_any_id(), notes="Saved from unit test", user=user) t.save() t2 = TimerEntity.objects(id=t.id).first() assert (t.__repr__() == t2.__repr__()) t.delete()
def test_save_timer(self): dao = TimerDAO() t1 = TimerEntity(notes="My Test LegacyTimer Running!", user=TestObjects().get_test_user(), running=True) dao.put(t1) assert (t1.id is not None)
def test_can_create_tag(self): t = Tag(accountId=TestObjects().get_test_account().id, name="Goalboost") assert (t is not None) t.save() t2 = Tag.objects(name="Goalboost").first() assert (t2.id == t.id) t2 = Tag.objects(name="Goalboost").delete()
def test_can_load_user(self): user = TestObjects().get_test_user() formatter = ModelFormatter() model_as_dict = formatter.model_to_dict( user, include=["_id", "email", "account"]) model = formatter.dict_to_model(User, model_as_dict) assert (model.id == user.id) assert (model.email == user.email)
def test_can_convert_timer_to_dict(self): user = TestObjects().get_test_user() timer = TimerEntity(notes="Just a test timer", user=user, tags=["Unit Tests"]) tf = TimerFormatter() timer_entity_as_dict = tf.model_to_dict(timer) assert (timer_entity_as_dict is not None) assert (timer_entity_as_dict["notes"] == timer.notes)
def test_login(self): # Ensure test user created test_objects = TestObjects() userOriginal = test_objects.get_test_user() try: email, password = test_objects.get_test_user_credentials() credentials = dict(email = email , password = password) login_payload = dumps(credentials) response = requests.post(url=test_server + "/login", data=login_payload, headers={'content-type' : 'application/json'}) assert(response.status_code == 200) response_object = response.json() user = response_object["response"]["user"] assert(user["id"] is not None) assert(user["authentication_token"] is not None) finally: # Cleanup userOriginal.delete()
def get_auth_token(self): user = TestObjects().get_test_user() # Force user creation credentials_tuple = TestObjects().get_test_user_credentials() credentials = dict(email=credentials_tuple[0], password=credentials_tuple[1]) key = str(credentials) if (not key in self.credential_map): response = requests.post( url=test_server + "/login", data=dumps(credentials), headers={'content-type': 'application/json'}) assert (response.status_code == 200) response_object = response.json() # TODO Note also need error case -- this assumes we passed: user_response = response_object["response"]["user"] basic_auth_credentials = HTTPBasicAuth( credentials["email"], user_response["authentication_token"]) self.credential_map[key] = basic_auth_credentials return self.credential_map[key]
def test_user_not_updated_on_save(self): user = TestObjects().get_test_user() t1 = TimerEntity(id=ObjectId(b"Timer1Timer3"), notes="I want a shrubbery", user=user) t1.save() t1.user.password = "******" t1.save() # TODO ETC... t1.delete()
def test_can_dump_user(self): user = TestObjects().get_test_user() formatter = ModelFormatter() model_as_dict = formatter.model_to_dict( user, include=["_id", "email", "account"]) assert ("password" not in model_as_dict) assert ("_id" in model_as_dict) model_as_dict = formatter.model_to_dict( user, include=["_id", "email", "account", "password"]) assert ("password" in model_as_dict)
def test_can_convert_user_to_dict_using_model_formatter(self): user = TestObjects().get_test_user() formatter = ModelFormatter() user_dict = formatter.model_to_dict(user) # This won't pass because we're using base class implementation # assert(user_dict["account"]["name"] == user.account.name) #assert(user_dict["confirmed_at"] == None) # Important!!! make sure we can convert to JSON: as_json = dumps(user_dict) assert (isinstance(as_json, str))
def test_eval_ok(self): user = TestObjects().get_test_user() t1 = TimerEntity(id=ObjectId(b"Timer1Timer2"), notes="I want a shrubbery", user=user) # print(t1.__repr__()) t2 = eval(t1.__repr__()) # Note this part works partly because compare is brain-dead, compares id only and only works for non-null id # But that may be what we need for MongoEngine purposes, so don't override assert (t1 == t2) # A better check assert (t1.__repr__() == t2.__repr__())
def test_login_and_use_resource(self): # Ensure test user created test_objects = TestObjects() userOriginal = test_objects.get_test_user() try: email, password = test_objects.get_test_user_credentials() credentials = dict(email = email, password = password) login_payload = dumps(credentials) response = requests.post(url=test_server + "/login", data=login_payload, headers={'content-type' : 'application/json'}) assert(response.status_code == 200) response_object = response.json() user = response_object["response"]["user"] basic_auth_credentials = HTTPBasicAuth(email, user["authentication_token"]) response = requests.get(url=test_server + "/auth/api/resource", headers={'content-type' : 'application/json'}, auth=basic_auth_credentials) assert(response.status_code == 200) assert("hello" in str(response.json())) print(response.json()) finally: #Cleanup userOriginal.delete()
def test_can_convert_user_to_dict(self): user = TestObjects().get_test_user() formatter = UserModelFormatter() user_dict = formatter.model_to_dict(user) # This all passes because our custom implementation takes care of these # Extended details assert (user_dict["account"]["name"] == user.account.name) assert (user_dict["confirmed_at"] == None) assert ("password" not in user_dict) # Important!!! make sure we can convert to JSON: as_json = dumps(user_dict) assert (isinstance(as_json, str))
def test_can_verify_token(self): with self.testHelper.app().app_context(): user = None try: user_data_store = self.security.datastore # -- Should and do really use encrypted password in prod, but slows tests down # encrypted = encrypt_password("WhatsUpDocument") user = user_data_store.create_user( email="*****@*****.**", account=TestObjects().get_test_account(), password="******") # print(str(type(user))) token = user.get_auth_token() token2 = token assert (token == token2) result = user.verify_auth_token(token) assert (result) # Clean up finally: if (user is not None): user_data_store.delete_user(user)
def test_can_dump_and_load_timer(self): user = TestObjects().get_test_user() timer = TimerEntity(notes="Just a test timer", user=user, tags=["Unit Tests"], seconds=22, running=True) timer.save() tf = TimerFormatter() timer_entity_as_dict = tf.model_to_dict(timer) timer.delete() timer2 = tf.dict_to_model(TimerEntity, timer_entity_as_dict) # This won't pass, there are subtle, trivial differences in datetimes once dates have been serialized #assert(timer.lastRestart == timer2.lastRestart) #assert(timer.dateEntered == timer2.dateEntered) assert (timer.tags == timer2.tags) assert (timer.running == timer2.running) assert (timer.seconds == timer2.seconds) assert (timer.notes == timer2.notes) assert (timer.user == timer2.user) assert (timer.to_json() == timer2.to_json())
def test_can_create_and_save_user(self): with self.testHelper.app().app_context(): user = None try: user_data_store = self.security.datastore uTemp = User.objects(email="*****@*****.**").first() if uTemp is not None: uTemp.delete() # -- Should and do really use encrypted password in prod, but slows tests down # encrypted = encrypt_password("WhatsUpDocument") user = user_data_store.create_user( email="*****@*****.**", account=TestObjects().get_test_account(), password="******") user2 = user_data_store.find_user(email="*****@*****.**") assert (user.email == user2.email) assert (user.account == user2.account) # Clean up finally: if (user is not None): user_data_store.delete_user(user)
def test_timer_resource_all(self): token = test_credentials.get_auth_token() user = TestObjects().get_test_user() timer = TimerEntity(notes="Just a test timer", user=user, tags=["Unit Tests"], seconds=22, running=True) timer_dict = TimerFormatter().model_to_dict(timer) # Not authorized w/o token response = requests.post(v1_api + "/timer", headers={'content-type': 'application/json'}, data=timer.to_json()) assert (response.status_code == http.client.UNAUTHORIZED) # With token, should get "CREATED" response = requests.post(v1_api + "/timer", headers={'content-type': 'application/json'}, auth=token, data=timer.to_json()) assert (response.status_code == http.client.CREATED) # Object location url = response.headers["Location"] # Not authorized without the token (401) response = requests.get(url) assert (response.status_code == http.client.UNAUTHORIZED) # Re-send the request with the token, this time get OK (200) response = requests.get(url, auth=token) assert (response.status_code == http.client.OK) timer_dict2 = loads(response.text) assert (timer_dict2["seconds"] == 22) # Update the seconds and PUT the request timer_dict2["seconds"] = 99 response = requests.put(url, headers={'content-type': 'application/json'}, auth=token, data=dumps(timer_dict2)) assert (response.status_code == http.client.OK) response = requests.get(url, auth=token) assert (response.status_code == http.client.OK) timer_dict3 = loads(response.text) assert (timer_dict3["seconds"] == 99) # Currently our GET all means "Everything for the current user. This will change, and we'll need a new test get_many_url = v1_api + "/timer" # Not authorized without the token (401) response = requests.get(get_many_url) assert (response.status_code == http.client.UNAUTHORIZED) # Re-send the request with the token, this time get OK (200) response = requests.get(get_many_url, auth=token) assert (response.status_code == http.client.OK) print(response.text) # Delete the resource response = requests.delete(url, auth=token) assert (response.status_code == http.client.NO_CONTENT)