def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.save()
self.endpoint = '/api/accounts/' + str(self.account.user_id)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.save()
self.client.login(username=self.account.user.username, password=self.password)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.client.login(username=self.account.user.username, password=self.password)
self.account_id = self.account.user_id
self.endpoint = '/api/accounts/' + str(self.account_id)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.save()
self.endpoint = '/api/accounts/' + str(self.account.user_id)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
ar = AccountRequest.objects.get(account=self.account, type='create-primary-account', status='pending')
payload = json.dumps({"action": "verify_email", "code": ar.code})
self.client.put('/api/accounts/' + str(self.account.id), payload, content_type='application/json')
self.client.login(username=self.account.user.username, password=self.password)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.client.login(username=self.account.user.username,
password=self.password)
self.account_id = self.account.user_id
self.endpoint = '/api/accounts/' + str(self.account_id)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.save()
self.client.login(username=self.account.user.username,
password=self.password)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.save()
payload = json.dumps({"action": "request_password_reset", "email": self.email})
self.client.put('/api/accounts', payload, content_type='application/json')
self.endpoint = '/api/accounts/' + str(self.account.user_id)
def put(self, request):
#################
# Setup
#################
headers = {
"Content-Type": "application/json",
"Allow": "GET, POST",
}
# Check content-type header
if not self.content_type.startswith('application/json'):
errors = {
"header_content_type":
"Content-Type must be 'application/json'. Your Content-Type is "
+ str(self.content_type)
}
return Response(content=errors,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
try:
action = self.CONTENT['action']
except KeyError:
error = {"action": "Missing action."}
return Response(content=error,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
#################
# Validation
#################
# Request to reset user's password
if action == 'request_password_reset':
try:
email = self.CONTENT['email']
except KeyError:
error = {"email": "Missing email address."}
return Response(content=error,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
result = Account.request_reset_password(email)
else:
result = {"action": "Invalid action."}
if isinstance(result, dict):
return Response(content=result,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
return Response(content={}, headers=headers, status=status.HTTP_200_OK)
def test_400_missing_email_list(self):
account = Account.create_account(self.email, self.password)
account.status = 'active'
account.group = 'agency'
account.save()
self.client.login(username=account.user.username, password=self.password)
data = json.dumps({
"type": "secondary",
})
response = self.client.post('/api/accounts', data, content_type='application/json')
self.assertEqual(response.status_code, 400)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
ar = AccountRequest.objects.get(account=self.account,
type='create-primary-account',
status='pending')
payload = json.dumps({"action": "verify_email", "code": ar.code})
self.client.put('/api/accounts/' + str(self.account.id),
payload,
content_type='application/json')
self.client.login(username=self.account.user.username,
password=self.password)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.group = 'agency'
self.account.save()
self.client.login(username=self.account.user.username, password=self.password)
payload = json.dumps({
"type": "secondary",
"email_list": ['*****@*****.**']
})
response = self.client.post('/api/accounts/', payload, content_type='application/json')
self.client.logout()
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.save()
payload = json.dumps({
"action": "request_password_reset",
"email": self.email
})
self.client.put('/api/accounts',
payload,
content_type='application/json')
self.endpoint = '/api/accounts/' + str(self.account.user_id)
def test_400_missing_email_list(self):
account = Account.create_account(self.email, self.password)
account.status = 'active'
account.group = 'agency'
account.save()
self.client.login(username=account.user.username,
password=self.password)
data = json.dumps({
"type": "secondary",
})
response = self.client.post('/api/accounts',
data,
content_type='application/json')
self.assertEqual(response.status_code, 400)
def test_200_valid_secondary_accounts(self):
account = Account.create_account(self.email, self.password)
account.status = 'active'
account.group = 'agency'
account.save()
self.client.login(username=account.user.username, password=self.password)
data = json.dumps({
"type": "secondary",
"email_list": [
'*****@*****.**',
'*****@*****.**'
],
})
response = self.client.post('/api/accounts', data, content_type='application/json')
self.assertEqual(response.status_code, 200)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
self.account.status = 'active'
self.account.group = 'agency'
self.account.save()
self.client.login(username=self.account.user.username,
password=self.password)
payload = json.dumps({
"type": "secondary",
"email_list": ['*****@*****.**']
})
response = self.client.post('/api/accounts/',
payload,
content_type='application/json')
self.client.logout()
def test_200_valid_secondary_accounts(self):
account = Account.create_account(self.email, self.password)
account.status = 'active'
account.group = 'agency'
account.save()
self.client.login(username=account.user.username,
password=self.password)
data = json.dumps({
"type":
"secondary",
"email_list": ['*****@*****.**', '*****@*****.**'],
})
response = self.client.post('/api/accounts',
data,
content_type='application/json')
self.assertEqual(response.status_code, 200)
def post(self, request):
#################
# Setup
#################
headers = {
"Content-Type": "application/json",
"Allow": "GET, POST",
}
# Check content-type header
if not self.content_type.startswith('application/json'):
errors = {"header_content_type": "Content-Type must be 'application/json'. Your Content-Type is " + str(self.content_type)}
return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)
try:
request.session["_auth_user_id"]
except KeyError:
pass
else:
error = {"session": "Unable to create new account with a valid session."}
return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)
try:
email = self.CONTENT['email']
except KeyError:
error = {"email": "Missing email address field."}
return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)
try:
password = self.CONTENT['password']
except KeyError:
error = {"password": "******"}
return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)
try:
code = self.CONTENT['code']
except KeyError:
code = None
account = Account.create_account(email, password, code=code)
if not isinstance(account, Account):
return Response(content=account, headers=headers, status=status.HTTP_400_BAD_REQUEST)
return Response(content=account.record_to_dictionary(), headers=headers, status=status.HTTP_200_OK)
def put(self, request):
#################
# Setup
#################
headers = {
"Content-Type": "application/json",
"Allow": "GET, POST",
}
# Check content-type header
if not self.content_type.startswith('application/json'):
errors = {"header_content_type": "Content-Type must be 'application/json'. Your Content-Type is " + str(self.content_type)}
return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)
try:
action = self.CONTENT['action']
except KeyError:
error = {"action": "Missing action."}
return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)
#################
# Validation
#################
# Request to reset user's password
if action == 'request_password_reset':
try:
email = self.CONTENT['email']
except KeyError:
error = {"email": "Missing email address."}
return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)
result = Account.request_reset_password(email)
else:
result = {"action": "Invalid action."}
if isinstance(result, dict):
return Response(content=result, headers=headers, status=status.HTTP_400_BAD_REQUEST)
return Response(content={}, headers=headers, status=status.HTTP_200_OK)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
def setUp(self):
self.email = '*****@*****.**'
self.password = '******'
self.account = Account.create_account(self.email, self.password)
def post(self, request):
#################
# Setup
#################
headers = {
"Content-Type": "application/json",
"Allow": "GET, POST",
}
# Check content-type header
if not self.content_type.startswith('application/json'):
errors = {
"header_content_type":
"Content-Type must be 'application/json'. Your Content-Type is "
+ str(self.content_type)
}
return Response(content=errors,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
try:
request.session["_auth_user_id"]
except KeyError:
pass
else:
error = {
"session": "Unable to create new account with a valid session."
}
return Response(content=error,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
try:
email = self.CONTENT['email']
except KeyError:
error = {"email": "Missing email address field."}
return Response(content=error,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
try:
password = self.CONTENT['password']
except KeyError:
error = {"password": "******"}
return Response(content=error,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
try:
code = self.CONTENT['code']
except KeyError:
code = None
account = Account.create_account(email, password, code=code)
if not isinstance(account, Account):
return Response(content=account,
headers=headers,
status=status.HTTP_400_BAD_REQUEST)
return Response(content=account.record_to_dictionary(),
headers=headers,
status=status.HTTP_200_OK)
def post(self, request):
#################
# Setup
#################
headers = {
"Content-Type": "application/json",
"Allow": "GET, POST",
}
#################
# Validation
#################
try:
account_id = int(request.session["_auth_user_id"])
except KeyError:
return Response(status=status.HTTP_401_UNAUTHORIZED)
try:
account = Account.objects.get(user_id=account_id)
except Account.DoesNotExist:
errors = {"account_id": "Invalid account ID."}
return Response(content=errors, headers=headers, status=status.HTTP_404_NOT_FOUND)
# Check content-type header
if not self.content_type.startswith('application/json'):
errors = {"header_content_type": "Content-Type must be 'application/json'. Your Content-Type is " + str(self.content_type)}
return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)
#################
# Operation
#################
try:
project_id = int(self.CONTENT["project_id"])
except KeyError:
errors = {"project_id": "Missing project ID."}
return Response(content=errors, headers=headers, status=status.HTTP_404_NOT_FOUND)
# Must be project owner to create a permission
try:
project = Project.objects.get(id=project_id, account=account)
except Project.DoesNotExist:
errors = {"project_id": "Invalid project ID."}
return Response(content=errors, headers=headers, status=status.HTTP_404_NOT_FOUND)
try:
email = str(self.CONTENT['email']).lower().strip()
except KeyError:
errors = {"email": "Missing email address."}
return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)
try:
p_account = Account.objects.get(email=email)
except Account.DoesNotExist:
p_account = Account.create_invitation_account(email)
if isinstance(p_account, dict):
return Response(content=p_account, headers=headers, status=status.HTTP_400_BAD_REQUEST)
else:
try:
Permission.objects.get(project=project, account=p_account)
except Permission.DoesNotExist:
pass
else:
# Send a 30X response instead for PUT to correct endpoint?
errors = {"email": "This email address already has a permission."}
return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)
try:
permission = str(self.CONTENT['permission'])
except KeyError:
permission = 'client'
else:
if permission not in ['client', 'coworker']:
permission = 'client'
perm = Permission.create_record(account, project, p_account, self.CONTENT)
if not isinstance(perm, Permission):
# HTTP status 422: Unprocessable Entity (WebDAV; RFC 4918)
return Response(content=perm, headers=headers, status=422)
return Response(content=perm.record_to_dictionary(), headers=headers, status=status.HTTP_200_OK)