def _do_test_ok_email_or_pass(self,
api_client_mgmt,
init_users,
user,
update,
tenant_id=None):
auth = None
if tenant_id is not None:
auth = make_auth("foo", tenant_id)
# test update
_, r = api_client_mgmt.update_user(user.id, update, auth)
assert r.status_code == 204
# get/verify users
users = api_client_mgmt.get_users(auth)
assert len(users) == len(init_users)
# find the user via (new?) email
email = user.email
new_email = update.get("email", None)
if new_email != None and new_email != user.email:
email = new_email
found = [u for u in users if u.email == email]
assert len(found) == 1
# try if login still works
_, r = api_client_mgmt.login(email, update["password"])
assert r.status_code == 200
def _do_test_ok_email_or_pass(self,
api_client_mgmt,
init_users,
user,
update,
tenant_id=None):
_, r = api_client_mgmt.login(user.email, 'correcthorsebatterystaple')
assert r.status_code == 200
token = r.text
auth = {"Authorization": "Bearer " + token}
# test update
_, r = api_client_mgmt.update_user(user.id, update, auth)
assert r.status_code == 204
# get/verify users
users = api_client_mgmt.get_users(auth)
assert len(users) == len(init_users)
# find the user via (new?) email
email = user.email
new_email = update.get("email", None)
if new_email != None and new_email != user.email:
email = new_email
found = [u for u in users if u.email == email]
assert len(found) == 1
# try if login still works
_, r = api_client_mgmt.login(email, update["password"])
assert r.status_code == 200
def test_fail_invalidated_tokens_after_update(self, api_client_mgmt, api_client_int, init_users_f):
users = [
init_users_f[0],
init_users_f[1]
]
update = {
"email": "*****@*****.**",
"current_password": "******"
}
_, r = api_client_mgmt.login(users[0].email, "correcthorsebatterystaple")
assert r.status_code == 200
token_one = r.text
auth = {"Authorization": "Bearer " + token_one}
_, r = api_client_mgmt.login(users[1].email, "correcthorsebatterystaple")
assert r.status_code == 200
token_two = r.text
_, r = api_client_int.verify(token_two)
assert r.status_code == 200
# test update
_, r = api_client_mgmt.update_user(users[1].id, update, auth)
assert r.status_code == 204
# verify tokens
_, r = api_client_int.verify(token_one)
assert r.status_code == 200
with pytest.raises(bravado.exception.HTTPError) as excinfo:
_, r = api_client_int.verify(token_two)
assert excinfo.value.response.status_code == 401
def _do_test_fail_bad_update(self,
api_client_mgmt,
init_users,
tenant_id=None):
try:
_, r = api_client_mgmt.update_user(init_users[0].id,
{"foo": "bar"})
except bravado.exception.HTTPError as e:
assert e.response.status_code == 400
def test_fail_update_email_without_current_password(self, api_client_mgmt, init_users_f):
update = {"email": "*****@*****.**"}
_, r = api_client_mgmt.login(init_users_f[0].email, "correcthorsebatterystaple")
assert r.status_code == 200
token = r.text
auth = {"Authorization": "Bearer " + token}
with pytest.raises(bravado.exception.HTTPError) as excinfo:
_, r = api_client_mgmt.update_user(init_users_f[0].id, update, auth)
assert excinfo.value.response.status_code == 422
def _do_test_fail_unprocessable_entity(
self, api_client_mgmt, init_users, user, update, tenant_id=None
):
_, r = api_client_mgmt.login(user.email, "correcthorsebatterystaple")
assert r.status_code == 200
token = r.text
auth = {"Authorization": "Bearer " + token}
try:
_, r = api_client_mgmt.update_user(user.id, update, auth)
except bravado.exception.HTTPError as e:
assert e.response.status_code == 422
def _do_test_fail_not_found(
self, api_client_mgmt, init_users, update, tenant_id=None
):
_, r = api_client_mgmt.login(init_users[0].email, "correcthorsebatterystaple")
assert r.status_code == 200
token = r.text
auth = {"Authorization": "Bearer " + token}
try:
_, r = api_client_mgmt.update_user("madeupid", update, auth)
except bravado.exception.HTTPError as e:
assert e.response.status_code == 404
def _do_test_fail_not_found(self,
api_client_mgmt,
init_users,
update,
tenant_id=None):
auth = None
if tenant_id is not None:
auth = make_auth("foo", tenant_id)
try:
_, r = api_client_mgmt.update_user("madeupid", update, auth)
except bravado.exception.HTTPError as e:
assert e.response.status_code == 404
def _do_test_fail_duplicate_email(self,
api_client_mgmt,
init_users,
user,
update,
tenant_id=None):
auth = None
if tenant_id is not None:
auth = make_auth("foo", tenant_id)
try:
_, r = api_client_mgmt.update_user(user.id, update, auth)
except bravado.exception.HTTPError as e:
assert e.response.status_code == 422
def _do_test_ok_email(
self, api_client_mgmt, init_users, user, update, tenant_id=None
):
_, r = api_client_mgmt.login(user.email, "correcthorsebatterystaple")
assert r.status_code == 200
token = r.text
auth = {"Authorization": "Bearer " + token}
# test update
_, r = api_client_mgmt.update_user(user.id, update, auth)
assert r.status_code == 204
# get/verify users
users = api_client_mgmt.get_users(auth)
assert len(users) == len(init_users)
found = [u for u in users if u.email == update["email"]]
assert len(found) == 1
def _do_test_ok_email(self,
api_client_mgmt,
init_users,
user,
update,
tenant_id=None):
auth = None
if tenant_id is not None:
auth = make_auth("foo", tenant_id)
# test update
_, r = api_client_mgmt.update_user(user.id, update, auth)
assert r.status_code == 204
# get/verify users
users = api_client_mgmt.get_users(auth)
assert len(users) == len(init_users)
found = [u for u in users if u.email == update["email"]]
assert len(found) == 1
