def test_put_request_fails_if_attribute_exists(self, attribute, users, client):
user, user2 = users[:2]
data = {attribute: getattr(user2, attribute)}
response = client.put(
"/users/{id}".format(id=user.id),
data=json.dumps(data),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "400 BAD REQUEST"
assert attribute in response.get_json()["details"]
def test_get_request_returns_404_for_venue_of_another_user(
self, client, database):
venue1, venue2 = VenueFactory.create_batch(2)
database.session.commit()
response = client.get(
"/venues/{id}".format(id=venue1.id),
headers=create_token_auth_header(venue2.user.get_token()),
)
assert response.status == "404 NOT FOUND"
assert response.get_json() == {"error": "Not Found"}
def test_post_request_fails_if_name_is_invalid(self, user, client):
venue = VenueFactory.build(name="")
data = venue_schema.dump(venue)
response = client.post(
"/venues",
data=json.dumps(data),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "422 UNPROCESSABLE ENTITY"
assert "name" in response.get_json()["details"]
def test_put_request_fails_if_attribute_is_invalid(
self, user, client, attribute, value
):
response = client.put(
"/users/{id}".format(id=user.id),
data=json.dumps({attribute: value}),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "422 UNPROCESSABLE ENTITY"
assert attribute in response.get_json()["details"]
def test_put_request_fails_if_name_exists(self, client, user, database):
venue1, venue2 = VenueFactory.create_batch(2, user=user)
database.session.commit()
response = client.put(
"/venues/{id}".format(id=venue1.id),
data=json.dumps({"name": venue2.name}),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "400 BAD REQUEST"
assert "name" in response.get_json()["details"]
def test_put_request_succeeds_if_attribute_is_unchanged(
self, attribute, user, client
):
value = getattr(user, attribute)
response = client.put(
"/users/{id}".format(id=user.id),
data=json.dumps({attribute: value}),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "200 OK"
assert getattr(User.query.get(user.id), attribute) == value
def test_put_request_fails_if_id_is_passed(self, client, user):
original = user_schema.dump(user)
original["password"] = "******"
response = client.put(
"/users/{id}".format(id=user.id),
data=json.dumps({"id": 123}),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "422 UNPROCESSABLE ENTITY"
assert "id" in response.get_json()["details"]
def test_put_request_succeeds_if_name_exists_for_another_user(
self, client, database):
venue1, venue2 = VenueFactory.create_batch(2)
database.session.commit()
response = client.put(
"/venues/{id}".format(id=venue1.id),
data=json.dumps({"name": venue2.name}),
content_type="application/json",
headers=create_token_auth_header(venue1.user.get_token()),
)
assert response.status == "200 OK"
assert Venue.query.get(venue1.id).name == venue2.name
def test_put_request_succeeds_for_venue_of_another_user_if_admin(
self, client, venue, admin):
data = {"name": "john"}
response = client.put(
"/venues/{id}".format(id=venue.id),
data=json.dumps(data),
content_type="application/json",
headers=create_token_auth_header(admin.get_token()),
)
assert response.status == "200 OK"
assert response.get_json() == venue_schema.dump(venue)
def test_put_request_returns_modified_venue(self, venue, client):
original_id = venue.id
response = client.put(
"/venues/{id}".format(id=venue.id),
data=json.dumps({"name": "john"}),
content_type="application/json",
headers=create_token_auth_header(venue.user.get_token()),
)
data = response.get_json()
venue = Venue.query.get(data["id"])
assert data["id"] == original_id
assert data["name"] == venue.name
def test_put_request_modifies_name(self, client, venue):
original = venue_schema.dump(venue)
data = {"name": "john"}
response = client.put(
"/venues/{id}".format(id=venue.id),
data=json.dumps(data),
content_type="application/json",
headers=create_token_auth_header(venue.user.get_token()),
)
assert response.status == "200 OK"
assert venue.id == original["id"]
assert venue.name == data["name"]
def test_post_request_fails_if_name_exists(self, venue, client):
name, user = venue.name, venue.user
venue = VenueFactory.build(name=name)
data = venue_schema.dump(venue)
del data["id"]
response = client.post(
"/venues",
data=json.dumps(data),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "400 BAD REQUEST"
assert "name" in response.get_json()["details"]
def test_put_request_returns_404_for_venue_of_another_user(
self, client, database):
venue1, venue2 = VenueFactory.create_batch(2)
database.session.commit()
data = {"name": "john"}
response = client.put(
"/venues/{id}".format(id=venue1.id),
data=json.dumps(data),
content_type="application/json",
headers=create_token_auth_header(venue2.user.get_token()),
)
assert response.status == "404 NOT FOUND"
assert response.get_json() == {"error": "Not Found"}
def test_put_request_returns_modified_user(self, user, client):
original_id = user.id
response = client.put(
"/users/{id}".format(id=user.id),
data=json.dumps({"email": "*****@*****.**"}),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
data = response.get_json()
user = User.query.get(data["id"])
assert data["id"] == original_id
for key in ["username", "email"]:
assert data[key] == getattr(user, key)
assert "password" not in data
def test_get_request_returns_requested_number_of_users(
self, users, admin, client, page, per_page
):
users.append(admin)
response = client.get(
"/users",
query_string={"page": page, "per_page": per_page},
headers=create_token_auth_header(admin.get_token()),
)
offset = per_page * (page - 1)
window = users[offset : offset + per_page]
assert response.status == "200 OK"
assert response.get_json() == users_schema.dump(window)
def test_delete_request_expires_token(self, user, client):
response = client.post(
"/tokens",
data=json.dumps({}),
content_type="application/json",
headers=create_basic_auth_header(user.username, "example"),
)
token = response.get_json()["token"]
response = client.delete("/tokens", headers=create_token_auth_header(token))
assert response.status == "204 NO CONTENT"
assert response.data == b""
assert user.check_token(token) is None
def test_get_request_returns_requested_page_of_venues(
self, client, user, database, page):
venues = VenueFactory.create_batch(25, user=user)
database.session.commit()
response = client.get(
"/venues",
query_string={"page": page},
headers=create_token_auth_header(user.get_token()),
)
per_page = 10
offset = per_page * (page - 1)
window = venues[offset:offset + per_page]
assert response.status == "200 OK"
assert response.get_json() == venues_schema.dump(window)
def test_put_request_modifies_attributes(self, client, user, data):
original = user_schema.dump(user)
original["password"] = "******"
response = client.put(
"/users/{id}".format(id=user.id),
data=json.dumps(data),
content_type="application/json",
headers=create_token_auth_header(user.get_token()),
)
assert response.status == "200 OK"
for key in ["id", "username", "email", "password"]:
value = data[key] if key in data and key != "id" else original[key]
if key == "password":
assert user.check_password(value)
else:
assert getattr(user, key) == value
def test_get_request_for_users_fails_without_admin_status(self, users, client):
response = client.get(
"/users", headers=create_token_auth_header(users[0].get_token())
)
assert response.status == "401 UNAUTHORIZED"
def test_delete_request_fails_without_authentication(self, user, client, token):
user.get_token()
response = client.delete("/tokens", headers=create_token_auth_header(token))
assert response.status == "401 UNAUTHORIZED"
assert user.check_token(user.token) is not None