def test_create(self):
self.create_users()
user_data = {'username': '******', 'password': sha1('test').hexdigest()}
serialized = json.dumps(user_data)
# authorized as an admin
resp = self.app.post('/api/user/', data=serialized, headers=self.auth_headers('admin', 'admin'))
self.assertEqual(resp.status_code, 200)
new_user = User.get(username='******')
resp_json = self.response_json(resp)
self.assertAPIUser(resp_json, new_user)
def test_edit(self):
self.create_users()
user_data = {'username': '******'}
serialized = json.dumps(user_data)
url = '/api/user/%s/' % self.normal.id
# authorized as an admin
resp = self.app.put(url, data=serialized, headers=self.auth_headers('admin', 'admin'))
self.assertEqual(resp.status_code, 200)
user = User.get(id=self.normal.id)
self.assertEqual(user.username, 'edited')
resp_json = self.response_json(resp)
self.assertAPIUser(resp_json, user)
def test_model_deserializer(self):
users = self.create_users()
deserialized = self.md.deserialize_object({
'__model__': 'User',
'__module__': 'flaskext.tests.test_app',
'id': self.admin.id,
'username': '******',
'password': self.admin.password,
'join_date': self.admin.join_date.strftime('%Y-%m-%d %H:%M:%S'),
'active': True,
'admin': True,
})
for attr in ['id', 'username', 'password', 'active', 'admin']:
self.assertEqual(
getattr(deserialized, attr),
getattr(self.admin, attr),
)
self.assertEqual(
deserialized.join_date.strftime('%Y-%m-%d %H:%M:%S'),
self.admin.join_date.strftime('%Y-%m-%d %H:%M:%S'),
)
admin_pk = self.admin.id
deserialized = self.md.deserialize_object({
'__model__': 'User',
'__module__': 'flaskext.tests.test_app',
'username': '******',
'active': False,
'admin': False,
}, self.admin)
self.assertEqual(deserialized.username, 'edited')
self.assertEqual(deserialized.admin, False)
self.assertEqual(deserialized.active, False)
self.assertEqual(deserialized.id, admin_pk)
deserialized.save()
self.assertEqual(User.select().count(), 3)
edited = User.get(username='******')
self.assertEqual(edited.id, admin_pk)
def test_model_admin_add(self):
self.create_users()
self.assertEqual(User.select().count(), 3)
with self.flask_app.test_client() as c:
self.login(c)
# the add url returns a 200
resp = c.get('/admin/user/add/')
self.assertEqual(resp.status_code, 200)
# ensure the user, model_admin and form are correct in the context
self.assertContext('user', self.admin)
self.assertContext('model_admin', admin._registry['user'])
self.assertTrue('form' in self.flask_app._template_context)
frm = self.flask_app._template_context['form']
self.assertEqual(sorted(frm._fields.keys()), [
'active',
'admin',
'email',
'join_date',
'password',
'username',
])
# make an incomplete post and get a 200 with errors
resp = c.post('/admin/user/add/', data={
'username': '',
'password': '******',
'active': '1',
'email': '',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 200)
# no new user created
self.assertEqual(User.select().count(), 3)
# check the form for errors
frm = self.get_context('form')
self.assertEqual(frm.errors, {
'username': ['This field is required.'],
'email': ['This field is required.'],
})
# make a complete post and get a 302 to the edit page
resp = c.post('/admin/user/add/', data={
'username': '******',
'password': '******',
'active': '1',
'email': '*****@*****.**',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 302)
# new user was created
self.assertEqual(User.select().count(), 4)
# check they have the correct data on the new instance
user = User.get(username='******')
self.assertEqual(user.password, sha1('new').hexdigest())
self.assertEqual(user.active, True)
self.assertEqual(user.admin, False)
self.assertEqual(user.email, '*****@*****.**')
self.assertEqual(user.join_date, datetime.datetime(2011, 1, 1))
# check the redirect was correct
self.assertTrue(resp.headers['location'].endswith('/admin/user/%d/' % user.id))
def test_model_admin_edit(self):
users = self.create_users()
self.assertEqual(User.select().count(), 3)
# grab an id so we can test a 404 on non-existent user
unused_id = [x for x in range(1, 5) if not User.filter(id=x).exists()][0]
with self.flask_app.test_client() as c:
self.login(c)
# nonexistant user 404s
resp = c.get('/admin/user/%d/' % unused_id)
self.assertEqual(resp.status_code, 404)
# edit page returns a 200
resp = c.get('/admin/user/%d/' % self.normal.id)
self.assertEqual(resp.status_code, 200)
# check the user, model_admin and form are correct in the context
self.assertContext('user', self.admin)
self.assertContext('model_admin', admin._registry['user'])
self.assertTrue('form' in self.flask_app._template_context)
frm = self.flask_app._template_context['form']
self.assertEqual(sorted(frm._fields.keys()), [
'active',
'admin',
'email',
'join_date',
'password',
'username',
])
# check the form pulled the right data off the model
self.assertEqual(frm.data, {
'username': '******',
'password': sha1('normal').hexdigest(),
'email': '',
'admin': False,
'active': True,
'join_date': frm.join_date.data, # microseconds...bleh
})
# make an incomplete post to update the user and get a 200 w/errors
resp = c.post('/admin/user/%d/' % self.normal.id, data={
'username': '',
'password': '',
'active': '1',
'email': '*****@*****.**',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 200)
# no new user created
self.assertEqual(User.select().count(), 3)
# refresh database content
normal = User.get(id=self.normal.id)
self.assertEqual(normal.username, 'normal') # was not saved
# check the form for errors
frm = self.get_context('form')
self.assertEqual(frm.errors, {
'username': ['This field is required.'],
'password': ['This field is required.'],
})
# make a complete post
resp = c.post('/admin/user/%d/' % self.normal.id, data={
'username': '******',
'password': '******',
'active': '1',
'email': '[email protected]',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 302)
# no new user was created
self.assertEqual(User.select().count(), 3)
# grab from the database
user = User.get(username='******')
self.assertEqual(user.id, self.normal.id) # it is the same user
self.assertEqual(user.password, sha1('edited').hexdigest())
self.assertEqual(user.active, True)
self.assertEqual(user.admin, False)
self.assertEqual(user.email, '[email protected]')
self.assertEqual(user.join_date, datetime.datetime(2011, 1, 1))
self.assertTrue(resp.headers['location'].endswith('/admin/user/%d/' % user.id))
# make another post without modifying the password, should stay same
resp = c.post('/admin/user/%d/' % user.id, data={
'username': '******',
'password': user.password,
'active': '1',
'email': '[email protected]',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 302)
# no new user was created
self.assertEqual(User.select().count(), 3)
# grab from the database
user = User.get(username='******')
self.assertEqual(user.id, self.normal.id) # it is the same user
# the password has not changed
self.assertEqual(user.password, sha1('edited').hexdigest())
