def test_update_user_with_user_manager(self):
# Arrange
u_manager = utils.create_user_manager()
u1 = utils.create_and_save_user('u1', 'pu1', 'Us1', 'Er1')
u2 = utils.create_and_save_user('u2', 'pu2', 'Us2', 'Er2')
token = u_manager.generate_rest_auth_token()
headers = {'Authorization': utils.encode_info_token_http_auth(token)}
for actual_u in [u1, u2]:
new_first_name = 'Mod{}'.format(actual_u.first_name)
new_last_name = 'Mod{}'.format(actual_u.last_name)
update_data = {
'first_name': new_first_name,
'last_name': new_last_name
}
# Act
response = self.client.put('/api/v1/users/{}/'.format(actual_u.id),
data=json.dumps(update_data),
content_type='application/json',
headers=headers)
# Assert
self.assertEqual(response.status_code, 204)
u_from_db = User.query.get(actual_u.id)
self.assertEqual(u_from_db.first_name, new_first_name)
self.assertEqual(u_from_db.last_name, new_last_name)
def test_get_one_user_other_user(self):
# Arrange
u1 = utils.create_and_save_user('u1', 'pass_u1')
u2 = utils.create_and_save_user('u2', 'pass_u2')
token = u1.generate_rest_auth_token()
# Act
response = self.client.get('/api/v1/users/{}/'.format(u2.id),
headers={
'Authorization':
utils.encode_info_token_http_auth(token)
})
# Assert
self.assertEqual(response.status_code, 401)
def test_generate_rest_token_happy(self):
expected_user = utils.create_and_save_user()
user_token = expected_user.generate_rest_auth_token()
actual_user = User.get_user_given_rest_token(user_token)
self.assertEqual(expected_user.id, actual_user.id)
def test_create_trip_bad_date_format(self, start_date):
# Arrange
user = utils.create_and_save_user()
trip_dict = {
'destination': 'Country1',
'start_date': start_date,
'end_date': '10/12/2017',
'comment': 'Very Nice',
'user_id': user.id
}
token = user.generate_rest_auth_token()
headers = {'Authorization': utils.encode_info_token_http_auth(token)}
# Act
response = self.client.post('/api/v1/trips/',
data=json.dumps(trip_dict),
headers=headers,
content_type='application/json')
data = json.loads(utils.decode_data(response.data))
# Assert
self.assertEqual(response.status_code, 400)
self.assertIn(
f"time data '{start_date}' does not match format '{tp_utils.DATE_FORMAT}'",
data['error'])
def test_create_trip(self):
# Arrange
user = utils.create_and_save_user()
trip_dict = {
'destination': 'Country1',
'start_date': '01/01/2017',
'end_date': '01/02/2017',
'comment': 'Very Nice',
'user_id': user.id
}
token = user.generate_rest_auth_token()
headers = {'Authorization': utils.encode_info_token_http_auth(token)}
# Act
response = self.client.post('/api/v1/trips/',
data=json.dumps(trip_dict),
headers=headers,
content_type='application/json')
# Assert
self.assertEqual(response.status_code, 201)
trip = Trip.query.get(
json.loads(utils.decode_data(response.data))['id'])
self.assertEqual(trip.start_date, datetime.date(2017, 1, 1))
self.assertEqual(trip.end_date, datetime.date(2017, 2, 1))
def test_generate_rest_token_timeout(self):
exp_time = 1
expected_user = utils.create_and_save_user()
token = expected_user.generate_rest_auth_token(exp_time)
time.sleep(2)
self.assertIsNone(User.get_user_given_rest_token(token))
def test_delete_user_with_user_manager(self):
# Arrange
u_manager = utils.create_user_manager()
u1 = utils.create_and_save_user('u1', 'pu1', 'Us1', 'Er1')
u2 = utils.create_and_save_user('u2', 'pu2', 'Us2', 'Er2')
token = u_manager.generate_rest_auth_token()
headers = {'Authorization': utils.encode_info_token_http_auth(token)}
for actual_u in [u1, u2]:
# Act
response = self.client.delete('/api/v1/users/{}/'.format(
actual_u.id),
headers=headers)
# Assert
self.assertEqual(response.status_code, 204)
self.assertIsNone(User.query.get(actual_u.id))
def test_add_roles_to_user(self):
user = utils.create_and_save_user()
user.roles.append(Role.admin())
db.session.add(user)
db.session.commit()
actual_user = User.query.get(user.id)
self.assertIn(Role.admin(), actual_user.roles)
self.assertIn(Role.regular(),
actual_user.roles) # All have this by default
self.assertNotIn(Role.manager(), actual_user.roles)
def test_get_auth_token_incorrect_credentials(self):
# Arrange
user = utils.create_and_save_user()
auth_header = utils.encode_info_basic_http_auth(
user.username, 'wrongPass')
# Act
response = self.client.post('/api/v1/token/',
headers={'Authorization': auth_header})
# Assert
self.assertEqual(response.status_code, 401)
def test_get_auth_token_success(self):
# Arrange
user = utils.create_and_save_user()
auth_header = utils.encode_info_basic_http_auth(user.username, 'pass1')
# Act
response = self.client.post('/api/v1/token/',
headers={'Authorization': auth_header})
decoded_data = utils.decode_data(response.data)
# Assert
self.assertIn('token', json.loads(decoded_data))
def test_get_all_users_from_admin_success(self):
# Arrange
admin = utils.create_user_admin()
usernames = ['u1', 'u2', 'u3']
for u in usernames:
utils.create_and_save_user(u, 'pass{}'.format(u))
usernames.append('admin')
token = admin.generate_rest_auth_token()
# Act
response = self.client.get('/api/v1/users/',
headers={
'Authorization':
utils.encode_info_token_http_auth(token)
})
# Assert
self.assertEqual(response.status_code, 200)
users = json.loads(utils.decode_data(response.data))
for u in users:
self.assertIn(u['username'], usernames)
def test_create_trip_by_regular_user_on_behalf_of_other_user_fail(self):
# Arrange
user1 = utils.create_and_save_user('u1', 'pu1')
user2 = utils.create_and_save_user('u2', 'pu2')
trip_dict = {
'destination': 'Country1',
'start_date': '01/01/2017',
'end_date': '01/02/2017',
'comment': 'Very Nice',
'user_id': user2.id
}
token = user1.generate_rest_auth_token()
headers = {'Authorization': utils.encode_info_token_http_auth(token)}
# Act
response = self.client.post('/api/v1/trips/',
data=json.dumps(trip_dict),
headers=headers,
content_type='application/json')
# Assert
self.assertEqual(response.status_code, 401)
def test_get_one_user_correct_id(self):
# Arrange
u = utils.create_and_save_user('u1', 'pass_u1')
token = u.generate_rest_auth_token()
# Act
response = self.client.get('/api/v1/users/{}/'.format(u.id),
headers={
'Authorization':
utils.encode_info_token_http_auth(token)
})
# Assert
self.assertEqual(response.status_code, 200)
u_dict = json.loads(utils.decode_data(response.data))
self.assertEqual(u_dict['username'], u.username)
def test_get_all_users_from_regular_user_error(self):
# Arrange
usernames = ['u1', 'u2', 'u3']
users = [
utils.create_and_save_user(u, 'pass{}'.format(u))
for u in usernames
]
token = users[0].generate_rest_auth_token()
# Act
response = self.client.get('/api/v1/users/',
headers={
'Authorization':
utils.encode_info_token_http_auth(token)
})
# Assert
self.assertEqual(response.status_code, 401)
