def test_put_authorized_not_owned_valid_data(client):
# Init data
category_id = 1
user = _create_user(client)
user2 = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
headers2 = create_headers(
access_token=generate_access_token(user2['id'])
)
item = _create_item_in_category(client, headers, category_id)
item_id = item['id']
data = {
'name': 'New Item Name ({})'.format(random_string(10))
}
# Update item
response = client.put(
'/categories/{}/items/{}'.format(category_id, item_id),
headers=headers2,
data=json.dumps(data)
)
# Check if server returns 403
assert response.status_code == 403
def test_put_unauthorized_valid_data(client):
# Init data
category_id = 1
user = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
headers2 = create_headers()
item = _create_item_in_category(client, headers, category_id)
item_id = item['id']
data = {
'name': 'New Item Name ({})'.format(random_string(10))
}
# Update item
response = client.put(
'/categories/{}/items/{}'.format(category_id, item_id),
headers=headers2,
data=json.dumps(data)
)
resp = json_response(response)
# Check if server returns 401
assert response.status_code == 401
# Check if each dict contains these keys
assert all(
key in resp
for key in ['error_code', 'message']
) is True
def test_put_authorized_duplicated(client):
# Init data
category_id = 1
user = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
item = _create_item_in_category(client, headers, category_id)
item2 = _create_item_in_category(client, headers, category_id)
item_id = item['id']
data = {
'name': item2['name']
}
# Update item
response = client.put(
'/categories/{}/items/{}'.format(category_id, item_id),
headers=headers,
data=json.dumps(data)
)
resp = json_response(response)
# Check if server returns 400
assert response.status_code == 400
# Check if each dict contains these keys
assert all(
key in resp
for key in ['error_code', 'message']
) is True
def test_post_authorized_unrecognized_field(client):
# Init data
user = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
category_id = 1
data = {
'id': 100,
'name': 'My Item {}'.format(random_string(10))
}
# Create item
response = client.post(
'/categories/{}/items'.format(category_id),
headers=headers,
data=json.dumps(data)
)
resp = json_response(response)
# Check if server returns 400
assert response.status_code == 400
# Check if each dict contains these keys
assert all(
key in resp
for key in ['error_code', 'message']
) is True
def test_post_duplicated_email(client):
credential = {
'username': '******',
'password': '******',
'name': 'Thinh Nguyen',
'email': '*****@*****.**'
}
response = client.post(
'/users',
headers=create_headers(),
data=json.dumps(credential)
)
resp = json_response(response)
# Check if server returns 400
assert response.status_code == 400
# Check if these keys exists in response
assert all(
key in resp
for key in ['error_code', 'message']
) is True
# Check if only email error
assert 'email' in resp['errors']
assert 'username' not in resp['errors']
def test_post_no_name_field(client):
# Init data
user = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
category_id = 1
data = {
'description': 'Hello testing'
}
# Create item
response = client.post(
'/categories/{}/items'.format(category_id),
headers=headers,
data=json.dumps(data)
)
resp = json_response(response)
# Check if server returns 400
assert response.status_code == 400
# Check if each dict contains these keys
assert all(
key in resp
for key in ['error_code', 'message']
) is True
def test_put_authorized_valid_data(client):
# Init data
category_id = 1
user = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
item = _create_item_in_category(client, headers, category_id)
item_id = item['id']
data = {
'name': 'New Item Name ({})'.format(random_string(10))
}
# Update item
response = client.put(
'/categories/{}/items/{}'.format(category_id, item_id),
headers=headers,
data=json.dumps(data)
)
resp = json_response(response)
# Check if server returns 200
assert response.status_code == 200
# Check if each dict contains these keys
assert all(
key in resp
for key in ['id', 'name', 'description', 'updated', 'created']
) is True
# Check if new name matches
assert resp['name'] == data['name']
def test_post_authorized_invalid_input(client):
# Init data
user = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
category_id = 1
combine_data = {
'name': [None, '', '{}'.format(random_string(100))],
'description': [None, '', 'ABC']
}
combinations = itertools.product(*combine_data.values())
num_valid_combine = 0
for combination in combinations:
data = dict((k, v) for k, v in zip(combine_data.keys(), combination))
# Create item
response = client.post(
'/categories/{}/items'.format(category_id),
headers=headers,
data=json.dumps(data)
)
num_valid_combine += 1 if response.status_code != 400 else 0
# Check if valid combination counter always equals to 0 (all cases are invalid)
assert num_valid_combine <= 1
def test_post_unauthorized(client):
headers = create_headers()
category_id = 1
data = {
'name': 'My Item ({})'.format(random_string(10))
}
# Create item
response = client.post(
'/categories/{}/items'.format(category_id),
headers=headers,
data=json.dumps(data)
)
resp = json_response(response)
# Check if server returns 401
assert response.status_code == 401
# Check if each dict contains these keys
assert all(
key in resp
for key in ['message', 'error_code']
) is True
def test_get_unauthorized(client):
for category_id in range(1, 4):
response = client.get('/categories/{}/items'.format(category_id),
headers=create_headers())
resp = json_response(response)
# Check if server returns 200
assert response.status_code == 200
# Check if pagination is correct
assert all(
key in resp
for key in ['items', 'total_pages', 'page', 'total', 'per_page'
]) is True
# Check if each dict contains these keys
for res in resp['items']:
assert all(
key in res
for key in ['id', 'name', 'description', 'updated', 'created'
]) is True
# Check if is_owner not in item
for res in resp['items']:
assert 'is_owner' not in res
def test_post_authorized(client):
# Init data
user = _create_user(client)
headers = create_headers(
access_token=generate_access_token(user['id'])
)
category_id = 1
data = {
'name': 'My Item {}'.format(random_string(10))
}
# Create item
response = client.post(
'/categories/{}/items'.format(category_id),
headers=headers,
data=json.dumps(data)
)
resp = json_response(response)
# Check if server returns 200
assert response.status_code == 200
# Check if each dict contains these keys
assert all(
key in resp
for key in ['id', 'name', 'description', 'updated', 'created']
) is True
# Check if newly created item is has the same name
assert resp['name'] == data['name']
assert resp['description'] == ''
def test_post_correct_input(client):
credential = {
'username': '******',
'password': '******',
'name': 'Thinh Nguyen',
'email': '*****@*****.**'
}
response = client.post(
'/users',
headers=create_headers(),
data=json.dumps(credential)
)
resp = json_response(response)
# Check if server returns 200
assert response.status_code == 200
# Check if these keys exists in response
assert all(
key in resp
for key in ['id', 'username', 'name', 'created', 'updated']
) is True
# Check if password not in response
assert 'password' not in resp.keys()
def test_not_found(client):
response = client.post(
'/not-found',
headers=create_headers()
)
# Check if server returns 404
assert response.status_code == 404
def test_method_not_allowed(client):
response = client.get(
'/authentication',
headers=create_headers()
)
# Check if server returns 405
assert response.status_code == 405
def test_get_authorized_exceeded_pagination(client):
for category_id in range(1, 4):
response = client.get(
'/categories/{}/items?page=10'.format(category_id),
headers=create_headers(access_token=generate_access_token(1)))
# Check if server returns 400
assert response.status_code == 400
def test_post_invalid_json(client):
response = client.post(
'/users',
headers=create_headers(),
data="{"
)
# Check if server returns 400
assert response.status_code == 400
def test_get_invalid_category_id(client):
for category_id in range(5, 7):
response = client.get('/categories/{}/items'.format(category_id),
headers=create_headers())
# Check if server returns 404
assert response.status_code == 404
# Check if these keys exists in response
assert all(key in json_response(response).keys()
for key in ['message', 'error_code']) is True
def test_post_correct_credentials(client):
credential = {'username': '******', 'password': '******'}
response = client.post('/authentication',
headers=create_headers(),
data=json.dumps(credential))
# Check if server returns 200
assert response.status_code == 200
# Check if the server return an access_token
assert 'access_token' in json_response(response).keys()
def test_post_invalid_credentials(client):
credential = {'username': '******', 'password': '******'}
response = client.post('/authentication',
headers=create_headers(),
data=json.dumps(credential))
# Check if server returns 401
assert response.status_code == 401
# Check if these keys exists in response
assert all(key in json_response(response).keys()
for key in ['message', 'error_code']) is True
def test_get_valid_category(client):
for category_id in range(1, 4):
response = client.get(
'/categories/{}'.format(category_id),
headers=create_headers()
)
# Check if server returns 200
assert response.status_code == 200
# Check if these keys exists in response
assert all(
key in json_response(response).keys()
for key in ['id', 'name', 'description', 'updated', 'created']
) is True
def test_get_unauthorized_valid_category(client):
category_id = 1
for item_id in range(1, 3):
response = client.get('/categories/{}/items/{}'.format(
category_id, item_id),
headers=create_headers())
resp = json_response(response)
# Check if server returns 200
assert response.status_code == 200
# Check if each dict contains these keys
assert all(key in resp for key in
['id', 'name', 'description', 'updated', 'created']) is True
def test_get_authorized_valid_pagination(client):
response = client.get(
'/categories/{}/items?page=1&per_page=1'.format(1),
headers=create_headers(access_token=generate_access_token(1)))
resp = json_response(response)
# Check if server returns 200
assert response.status_code == 200
# Check if pagination is correct
assert all(key in resp for key in
['items', 'total_pages', 'page', 'total', 'per_page']) is True
# Check if it has 3 pages
assert resp['total_pages'] == 3
# Check if number of items is correct
assert len(resp['items']) == 1
def test_get_categories(client):
response = client.get(
'/categories',
headers=create_headers()
)
resp = json_response(response)
# Check if server returns 200
assert response.status_code == 200
# Check if number of categories equals to 4
assert len(resp) == 4
# Check if each dict contains these keys
for res in resp:
assert all(
key in res
for key in ['id', 'name', 'description', 'updated', 'created']
) is True
