def test_user_count(settings): """A basic test to execute the get_users_count Celery task.""" UserFactory.create_batch(3) settings.CELERY_TASK_ALWAYS_EAGER = True task_result = get_users_count.delay() assert isinstance(task_result, EagerResult) assert task_result.result == 3
def setUp(self): self.client = APIClient() self.user = UserFactory() self.user.set_password('Test123!') self.user.is_active = False self.user.save()
def test_should_return_a_bunch_of_items(db_session): UserFactory.create_batch(10) users = auth_services.list_users() assert len(users) == 10
def test_list_users(self): UserFactory.create_batch(size=10) self.client.force_authenticate(self.user) response = self.client.get("/api/v1/users/", format="json") self.assertEqual(response.status_code, status.HTTP_200_OK) data = response.json() self.assertEqual(1, data["count"])
class RestorePasswordAPITests(APITestCase): def setUp(self): self.user = UserFactory() def test_request_restore_code(self): self.assertIsNone(self.user.restore_password_code) data = { "email": self.user.email, } response = self.client.post( "/api/v1/request_restore_code/", data=data, format="json" ) self.assertEqual(response.status_code, status.HTTP_201_CREATED) user = User.objects.get(pk=self.user.pk) self.assertIsNotNone(user.restore_password_code) def test_restore_password(self): self.user.send_restore_code() data = { "password": "******", "repeat_password": "******", "restore_password_code": self.user.restore_password_code, } response = self.client.post( "/api/v1/restore_password/", data=data, format="json" ) self.assertEqual(response.status_code, status.HTTP_201_CREATED) user = User.objects.get(pk=self.user.pk) self.assertTrue(user.check_password(data["password"]))
def test_create_new_user_duplicate_email(self): """ Ensure we can't create a new user with an already existing email """ data = { 'email': '*****@*****.**', 'password': '******', 'phone': '1234567890', 'first_name': 'Chuck', 'last_name': 'Norris', } user = UserFactory() user.email = data['email'] user.save() response = self.client.post( reverse('user-list'), data, format='json', ) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) content = { 'email': [ "An account for the specified email address already exists." ] } self.assertEqual(json.loads(response.content), content)
def test_api_permissions_admin_user(admin_user): users = [admin_user, UserFactory(), UserFactory(), UserFactory(), UserFactory()] get_default_shop() viewset = UserViewSet() client = _get_client(admin_user) permission_key = make_permission_config_key(viewset) # set API disabled config.set(None, permission_key, PermissionLevel.DISABLED) assert client.get("/api/E-Commerce/user/").status_code == status.HTTP_403_FORBIDDEN assert client.post("/api/E-Commerce/user/", {"email": "*****@*****.**"}).status_code == status.HTTP_403_FORBIDDEN # set API Public WRITE - access granted config.set(None, permission_key, PermissionLevel.PUBLIC_WRITE) response = client.get("/api/E-Commerce/user/") assert response.status_code == status.HTTP_200_OK user_data = sorted(json.loads(response.content.decode("utf-8")), key=lambda u: u["id"]) for ix, user in enumerate(user_data): assert users[ix].id == user["id"] # DELETE data too assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_204_NO_CONTENT users.pop() # set API Public READ - access granted config.set(None, permission_key, PermissionLevel.PUBLIC_READ) response = client.get("/api/E-Commerce/user/") assert response.status_code == status.HTTP_200_OK user_data = sorted(json.loads(response.content.decode("utf-8")), key=lambda u: u["id"]) for ix, user in enumerate(user_data): assert users[ix].id == user["id"] # DELETE data - YES assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_204_NO_CONTENT users.pop() # set API authenticated readonly - access only for readonly config.set(None, permission_key, PermissionLevel.AUTHENTICATED_READ) response = client.get("/api/E-Commerce/user/") assert response.status_code == status.HTTP_200_OK user_data = sorted(json.loads(response.content.decode("utf-8")), key=lambda u: u["id"]) for ix, user in enumerate(user_data): assert users[ix].id == user["id"] assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_204_NO_CONTENT users.pop() # set API authenticated write - access granted config.set(None, permission_key, PermissionLevel.AUTHENTICATED_WRITE) assert client.get("/api/E-Commerce/user/").status_code == status.HTTP_200_OK assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_204_NO_CONTENT users.pop() # set API admin only - aaaww yess config.set(None, permission_key, PermissionLevel.ADMIN) assert client.get("/api/E-Commerce/user/").status_code == status.HTTP_200_OK assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_204_NO_CONTENT # as we deleted all users, we have left with just one - us get_user_model().objects.count() == 1
def setUp(self): self.client = APIClient() self.user = UserFactory() self.user.set_password('Test123!') self.user.save() self.admin = AdminFactory() self.admin.set_password('Test123!') self.admin.save()
def setUp(self): self.client = APIClient() self.user = UserFactory() self.user.set_password('Test123!') self.user.is_active = False self.user.save() self.activation_token = ActionToken.objects.create( user=self.user, type='account_activation', )
def test_get_by_pk(admin_user): get_default_shop() for i in range(0,10): UserFactory() user = UserFactory() client = _get_client(admin_user) response = client.get("/api/E-Commerce/user/%s/" % user.id) assert response.status_code == status.HTTP_200_OK user_data = json.loads(response.content.decode("utf-8")) assert user_data.get("id") == user.id assert user_data.get("username") == user.username
def setUp(self): self.user = UserFactory() self.password = "******" self.user.set_password(self.password) self.user.save() self.app = Application( authorization_grant_type=Application.GRANT_PASSWORD, client_type=Application.CLIENT_CONFIDENTIAL, ) self.app.save() credentials = base64.b64encode('{}:{}'.format(self.app.client_id, self.app.client_secret).encode()).decode() self.client.defaults['HTTP_AUTHORIZATION'] = 'Basic ' + credentials
def test_authenticated(self, user: User, rf: RequestFactory): request = rf.get("/fake-url/") request.user = UserFactory() response = user_detail_view(request, {{cookiecutter.user.slug_field}}=user.{{cookiecutter.user.slug_field}}) assert response.status_code == 200
def test_get_by_email(admin_user): get_default_shop() for i in range(0, 10): UserFactory() user = UserFactory() client = _get_client(admin_user) response = client.get("/api/E-Commerce/user/", data={"email": user.email}) assert response.status_code == status.HTTP_200_OK user_data = json.loads(response.content.decode("utf-8")) assert get_user_model().objects.filter(email=user.email).count() == len(user_data) assert user_data[0].get("id") == user.id assert user_data[0].get("email") == user.email assert user_data[0].get("username") == user.username
def test_campaign_with_non_active_coupon(rf): initial_status = get_initial_order_status() request, shop, group = initialize_test(rf, include_tax=False) order = _get_order_with_coupon(request, initial_status) coupon = order.coupon_usages.first().coupon coupon.active = False coupon.save() modifier = UserFactory() contact = create_random_person(locale="en_US", minimum_name_comp_len=5) assert order.customer != contact state = _get_frontend_order_state(shop, contact) assert order.shop.id == state["shop"]["selected"]["id"] request = get_frontend_request_for_command(state, "finalize", modifier) response = OrderEditView.as_view()(request, pk=order.pk) assert_contains(response, "orderIdentifier") data = json.loads(response.content.decode("utf8")) edited_order = Order.objects.get(pk=order.pk) assert edited_order.identifier == data["orderIdentifier"] == order.identifier assert edited_order.pk == order.pk assert edited_order.lines.count() == 3 assert OrderLineType.DISCOUNT not in [l.type for l in edited_order.lines.all()] assert edited_order.coupon_usages.count() == 0
def test_clean_username(self): # A user with proto_user params does not exist yet. proto_user = UserFactory.build() form = UserCreationForm( { "username": proto_user.username, "password1": proto_user._password, "password2": proto_user._password, } ) assert form.is_valid() assert form.clean_username() == proto_user.username # Creating a user. form.save() # The user with proto_user params already exists, # hence cannot be created. form = UserCreationForm( { "username": proto_user.username, "password1": proto_user._password, "password2": proto_user._password, } ) assert not form.is_valid() assert len(form.errors) == 1 assert "username" in form.errors
def test_authenticated(self, user: User, rf: RequestFactory): request = rf.get("/fake-url/") request.user = UserFactory() response = user_detail_view(request, username=user.username) assert response.status_code == 200
def setUp(self): self.owner = UserFactory.build() self.owner.save() self.tempfile = tempfile.NamedTemporaryFile() self.document = SimpleUploadedFile(self.tempfile.name, b'some example data for our file') self.project = Project.objects.create(path="testpath",url=self.document, uploadurl='http://gpap.trailstewards.com/userprojects') self.project.save() self.tag = Tag.objects.create(path="testpath1",url=self.document ) self.tag.save() self.basemap = Basemap.objects.create(path="testpath1",url=self.document) self.basemap.save() self.spatialitedb = Spatialitedbs.objects.create(path="testpath1",url=self.document, uploadurl='http://webmap.geoanalytic.com/download/Trails/Alberta.sqlite', visible=["sites","atv"]) self.spatialitedb.save() self.location = Point(-114.38, 52.12) self.otherfile = Otherfiles.objects.create(path="testpath1",url=self.document, location=self.location) self.otherfile.save() self.profile1 = Profile.objects.create(name='testprofile', description='a profile for testing', project=self.project, tags=self.tag) self.profile1.basemaps.add(self.basemap) self.profile1.spatialitedbs.add(self.spatialitedb) self.profile1.otherfiles.add(self.otherfile) self.profile1.save() self.profile2 = Profile.objects.create(name='testprofile2', description='a second profile for testing', project=self.project, tags=self.tag) self.profile2.basemaps.add(self.basemap) self.profile2.spatialitedbs.add(self.spatialitedb) self.profile2.save() self.profileset = ProfileSet(owner=self.owner) self.profileset.save() self.profileset.profiles.add(self.profile1) self.profileset.profiles.add(self.profile2)
def setUp(self): self.tempfile = tempfile.NamedTemporaryFile() self.document = SimpleUploadedFile(self.tempfile.name, b'some example data for our file') self.project = Project.objects.create(path="testpath", url=self.document, uploadurl='http://gpap.trailstewards.com/userprojects') self.tag = Tag.objects.create(path="testpath1", url=self.document) self.basemap = Basemap.objects.create(path="testpath1", url=self.document) self.spatialitedb = Spatialitedbs.objects.create(path="testpath1", url=self.document, uploadurl='http://webmap.geoanalytic.com/download/Trails/Alberta.sqlite', visible=["sites", "atv"]) self.otherfile = Otherfiles.objects.create(path="testpath1", url=self.document) self.profile1 = Profile.objects.create(name="test", description="test profile", color="#FFFFFF", active=True, sdcardPath="MAINSTORAGE", mapView="52.0,-110.5,11", project=self.project, tags=self.tag) self.profile1.basemaps.add(self.basemap) self.profile1.spatialitedbs.add(self.spatialitedb) self.profile1.otherfiles.add(self.otherfile) self.profile2 = Profile.objects.create(name="test2", description="test profile2", color="#FFEFF", active=False, sdcardPath="MAINSTORAGE", mapView="52.0,-110.5,11", project=self.project, tags=self.tag) self.profile2.basemaps.add(self.basemap) self.profile2.spatialitedbs.add(self.spatialitedb) self.user1 = UserFactory.build() self.user1.save() self.client.login(username=self.user1.username, password=self.user1.password)
def test_api_permissions_anonymous(): users = [UserFactory(), UserFactory(), UserFactory(), UserFactory()] get_default_shop() viewset = UserViewSet() client = _get_client() permission_key = make_permission_config_key(viewset) # set API disabled config.set(None, permission_key, PermissionLevel.DISABLED) assert client.get("/api/E-Commerce/user/").status_code == status.HTTP_401_UNAUTHORIZED assert client.post("/api/E-Commerce/user/", {"email": "*****@*****.**"}).status_code == status.HTTP_401_UNAUTHORIZED # set API Public WRITE - access granted config.set(None, permission_key, PermissionLevel.PUBLIC_WRITE) response = client.get("/api/E-Commerce/user/") assert response.status_code == status.HTTP_200_OK user_data = sorted(json.loads(response.content.decode("utf-8")), key=lambda u: u["id"]) for ix, user in enumerate(user_data): assert users[ix].id == user["id"] # DELETE data too assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_204_NO_CONTENT users.pop() # set API Public READ - access granted to read config.set(None, permission_key, PermissionLevel.PUBLIC_READ) response = client.get("/api/E-Commerce/user/") assert response.status_code == status.HTTP_200_OK user_data = sorted(json.loads(response.content.decode("utf-8")), key=lambda u: u["id"]) for ix, user in enumerate(user_data): assert users[ix].id == user["id"] # DELETE data - nope, not a safe method assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_401_UNAUTHORIZED # set API authenticated readonly - no access config.set(None, permission_key, PermissionLevel.AUTHENTICATED_READ) assert client.get("/api/E-Commerce/user/").status_code == status.HTTP_401_UNAUTHORIZED assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_401_UNAUTHORIZED # set API authenticated write - no access config.set(None, permission_key, PermissionLevel.AUTHENTICATED_WRITE) assert client.get("/api/E-Commerce/user/").status_code == status.HTTP_401_UNAUTHORIZED assert client.delete("/api/E-Commerce/user/%d/" % users[-1].id).status_code == status.HTTP_401_UNAUTHORIZED # set API admin only - not a chance config.set(None, permission_key, PermissionLevel.ADMIN) assert client.get("/api/E-Commerce/user/").status_code == status.HTTP_401_UNAUTHORIZED assert client.put("/api/E-Commerce/user/", user_data[0]).status_code == status.HTTP_401_UNAUTHORIZED
def setUp(self): self.timestamp_start = datetime.datetime.now(tz=datetime.timezone.utc) self.owner = UserFactory.build() self.owner.save() self.linestring = LineString(Point(-114.38, 52.12),Point(-114.381, 52.123),Point(-114.389, 52.123),Point(-114.386, 52.119)) self.timestamp_end = datetime.datetime.now(tz=datetime.timezone.utc) self.trackfeature = TrackFeature.objects.create(linestring=self.linestring, owner=self.owner, timestamp_start=self.timestamp_start, timestamp_end=self.timestamp_end, text='some test text')
def setUp(self): self.owner = UserFactory.build() self.owner.save() self.location = Point(-114.38, 52.12) self.form = '{"sectionname":"Image Note","sectiondescription":"note with image","forms":[{"formname":"image note","formitems":[{"key":"description","islabel":"true","value":"cutline 1","type":"string","mandatory":"no"},{"key":"pictures of the environment around the note","value":"11;12","type":"pictures"}]}]}' self.note = Note.objects.create(location=self.location, lat=52.12, lon=-114.38, altitude=1105.5, timestamp=datetime.datetime.now(tz=datetime.timezone.utc), owner=self.owner, form=self.form, description='POI', text='Test text here')
class VerifyEmailAPITests(APITestCase): def setUp(self): self.user = UserFactory() def test_request_restore_code(self): self.user.is_email_verified = False self.user.save() self.assertFalse(self.user.is_email_verified) data = { "verification_code": self.user.verification_code, } response = self.client.post( "/api/v1/verify_email/", data=data, format="json" ) self.assertEqual(response.status_code, status.HTTP_201_CREATED) user = User.objects.get(pk=self.user.pk) self.assertTrue(user.is_email_verified)
def login_user(client): password = "******" user = UserFactory() user.set_password(password) user.save() client.login(username=user.username, password=password) return user
def handle(self, *args, **kwargs): print('Creating "cheesehead" user and cheeses...') cheesehead_user = UserFactory( username="******", email="*****@*****.**", password="******", name="Jacky Cheddar", ) CheeseFactory( creator=cheesehead_user, name="Colby", description="Similar to Cheddar but without undergoing" " the cheddaring process, Colby is a mild, creamy" " cheese that was first created in 1885 in Colby," " Wisconsin.", firmness=Cheese.Firmness.SEMI_HARD, country_of_origin="US", ) CheeseFactory( creator=cheesehead_user, name="Camembert", description="A French cheese with a white, powdery rind and a soft, delicately salty interior.", firmness=Cheese.Firmness.SOFT, country_of_origin="FR", ) CheeseFactory( creator=cheesehead_user, name="Stracchino", description="Semi-sweet cheese that goes well with starches.", firmness=Cheese.Firmness.SOFT, country_of_origin="IT", ) CheeseFactory( creator=cheesehead_user, name="Gouda", description="A Dutch yellow cheese that develops" " a slight crunchiness and a complex salty toffee-like flavor as it ages.", firmness=Cheese.Firmness.HARD, country_of_origin="NE", ) CheeseFactory( creator=cheesehead_user, name="Cheddar", description="A relatively hard, pale yellow to off-white, and sometimes sharp-tasting cheese.", firmness=Cheese.Firmness.HARD, country_of_origin="GB", ) print("Creating a superuser...") call_command("createsuperuser") print( "Done! Now run the server and check the admin for new data." )
def test_editing_existing_order(rf, admin_user): modifier = UserFactory() get_initial_order_status() # Needed for the API contact = create_random_person(locale="en_US", minimum_name_comp_len=5) state = get_frontend_order_state(contact=contact) shop = get_default_shop() order = create_empty_order(shop=shop) order.payment_data = {"payment_data": True} order.shipping_data = {"shipping_data": True} order.extra_data = {"external_id": "123"} order.save() assert order.lines.count() == 0 assert order.pk is not None assert order.modified_by == order.creator request = get_frontend_request_for_command(state, "finalize", modifier) response = OrderEditView.as_view()(request, pk=order.pk) assert_contains(response, "orderIdentifier") # this checks for status codes as a side effect data = json.loads(response.content.decode("utf8")) edited_order = Order.objects.get(pk=order.pk) # Re fetch the initial order # Check that identifiers has not changed assert edited_order.identifier == data["orderIdentifier"] == order.identifier assert edited_order.pk == order.pk # Check that the product content is updated based on state assert edited_order.lines.count() == 5 assert edited_order.customer == contact # Check that product line have right taxes for line in edited_order.lines.all(): if line.type == OrderLineType.PRODUCT: assert [line_tax.tax.code for line_tax in line.taxes.all()] == ["test_code"] assert line.taxful_price.amount > line.taxless_price.amount # Make sure order modification information is correct assert edited_order.modified_by != order.modified_by assert edited_order.modified_by == modifier assert edited_order.modified_on > order.modified_on # Make sure all non handled attributes is preserved from original order assert edited_order.creator == order.creator assert edited_order.ip_address == order.ip_address assert edited_order.orderer == order.orderer assert edited_order.customer_comment == order.customer_comment assert edited_order.marketing_permission == order.marketing_permission assert edited_order.order_date == order.order_date assert edited_order.status == order.status assert edited_order.payment_data == order.payment_data assert edited_order.shipping_data == order.shipping_data assert edited_order.extra_data == order.extra_data
def test_get_telemetry_data_after_login(rf, admin_user): get_default_shop() # create users to ensure correct admin is found UserFactory() UserFactory() data = json.loads(get_telemetry_data(rf.get("/"))) assert data.get("admin_user") == admin_user.email assert not data.get("last_login") client = SmartClient() client.login(username="******", password="******") data = json.loads(get_telemetry_data(rf.get("/"))) assert data.get("admin_user") == admin_user.email last_login = data.get("last_login", None) assert last_login last_login_datetime = datetime.datetime.strptime(last_login, "%Y-%m-%dT%H:%M:%S.%fZ") today = datetime.datetime.now() assert last_login_datetime.year == today.year assert last_login_datetime.month == today.month assert last_login_datetime.day == today.day
class TemporaryTokenDestroyTests(APITestCase): def setUp(self): self.client = APIClient() self.user = UserFactory() self.user.set_password('Test123!') self.user.save() def test_logout(self): """ Ensure we can logout of the platform. This deletes the TemporaryToken assigned to the user. """ data = { 'email': self.user.email, 'password': '******' } response = self.client.post(reverse('token_api'), data, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) token = TemporaryToken.objects.get( user__email=self.user.email, ) self.client.credentials(HTTP_AUTHORIZATION='Token ' + token.key) response = self.client.delete( reverse( 'authentication-detail', kwargs={'pk': token.key}, ), ) self.assertFalse(TemporaryToken.objects.filter(key=token.key)) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
def setUp(self): self.owner = UserFactory.build() self.owner.save() self.location = Point(-114.38, 52.12) self.form = '{"sectionname":"Image Note","sectiondescription":"note with image","forms":[{"formname":"image note","formitems":[{"key":"description","islabel":"true","value":"cutline 1","type":"string","mandatory":"no"},{"key":"pictures of the environment around the note","value":"11;12","type":"pictures"}]}]}' self.note = Note.objects.create(location=self.location, lat=52.12, lon=-114.38, altitude=1105.5, timestamp=datetime.datetime.now(tz=datetime.timezone.utc), owner=self.owner, form=self.form, description='POI', text='Image note') self.tempfile = tempfile.NamedTemporaryFile() self.document = SimpleUploadedFile(self.tempfile.name, b'some example data for our file') self.imagenote = ImageNote.objects.create(location=self.location, lat=52.12, lon=-114 - 38, altitude=1105.5, azimuth=328.12, timestamp=datetime.datetime.now(tz=datetime.timezone.utc), owner=self.owner, image=self.document, note=self.note)
def test_login_as_user_errors(rf, admin_user, regular_user): get_default_shop() view_func = LoginAsUserView.as_view() request = apply_request_middleware(rf.post("/"), user=regular_user, skip_session=True) # log in as self with pytest.raises(Problem): view_func(request, pk=regular_user.pk) user = UserFactory() get_person_contact(user) # non superuser trying to login as someone else with pytest.raises(PermissionDenied): view_func(request, pk=user.pk) request = apply_request_middleware(rf.post("/"), user=admin_user) user.is_superuser = True user.save() # user is trying to login as another superuser with pytest.raises(PermissionDenied): view_func(request, pk=user.pk) user.is_superuser = False user.is_staff = True user.save() # user is trying to login as a staff user with pytest.raises(PermissionDenied): view_func(request, pk=user.pk) user.is_staff = False user.is_active = False user.save() # user is trying to login as an inactive user with pytest.raises(Problem): view_func(request, pk=user.pk)
def setUp(self): self.user = UserFactory()
from flask import Flask, render_template, jsonify, session, redirect, request, url_for import requests import UserFactory from datetime import datetime, timedelta from rauth import OAuth2Service import sys from pymongo import MongoClient from bson.json_util import dumps import json app = Flask(__name__) app.config.from_object('app_config') app.secret_key = app.config['APP_SECRET'] candidate_pool = UserFactory.generate_candidates(5) client = MongoClient('mongodb://*****:*****@ds035240.mongolab.com:35240/foradb') foradb = client['foradb'] user_collection = foradb['userdata'] current_office = { 'company_name': 'Blue Whale Inc.', 'address': '1501 Magnolia Ave, San Bruno, CA 94066', 'latitude': '37.6089039', 'longitude': '-122.4041261' } EXPEDIA_API_KEY="CCK2GO59nPAFwiFiPX4D3HsZORoHWat7" UBER_CLIENT_ID="P7I1oMD8sDWl3kfyrcfPUv-mlzzAehMF" UBER_CLIENT_SEC="vfD2BAJLdAxD-i3IlyLbFSawsZE4S79XgFvybzTv" ACCESS_TOKEN_SESSION_ID = 'uber_at' BASE_UBER_API="https://api.uber.com/v1/"