def test_stock_list(app, client):
"""test inventory list"""
names = [
"Muffin Bun", "Sesame Bun", "Standard Bun", "Wrap", "Chicken Patty",
"Beef Patty", "Vegetarian Patty", "Tuna Patty", "Tomato",
"Tomato Sauce", "BBQ Sauce", "Mint Sauce", "Chocolate Sauce",
"Cheddar Cheese", "Nuggets", "Fries (g)", "Coke (ml)", "Sundaes (ml)"
]
with app.app_context():
user = User(name="Dickson",
email="*****@*****.**",
user_type=UserType.ADMIN)
user.SetPassword("123456")
db.session.add(user)
db.session.commit()
stock_amount = 100
for name in names:
db.session.add(Stock(name=name, amount=stock_amount))
stock_amount += 1
db.session.commit()
response = client.get('/admin/inventory')
assert response.status == '302 FOUND'
login(client, "*****@*****.**", "123456")
response = client.get('/admin/inventory')
rsp = str(response.data)
print(rsp)
stock_amount = 100
for name in names:
assert name in rsp
rsp = rsp[rsp.find(name) + 1:]
assert str(stock_amount) in rsp
rsp = rsp[rsp.find(str(stock_amount)) + 1:]
stock_amount += 1
def test_index(client, app):
""" Test customer index
"""
with app.app_context():
response = client.get('/')
assert b"Welcome!" in response.data
user = User(
name="Jeff", email="*****@*****.**", user_type=UserType.CUSTOMER)
user.SetPassword("123456")
db.session.add(user)
db.session.commit()
login(client, "*****@*****.**", "123456")
response = client.get('/')
assert b"Welcome, Jeff" in response.data
def registerAction():
if request.method == 'POST':
action = DB()
first = request.form['inputFirstName']
last = request.form['inputLastName']
email = request.form['inputEmail']
password = request.form['inputPassword']
confirmPassword = request.form['confirmPassword']
hash = request.form['inputHash']
if not action.checkHash(hash):
flash('Register link is no longer valid', 'danger')
return render_template('core/register.html')
if action.checkUserExists(email):
flash('Email already used. Did you mean to log in?', 'danger')
return render_template('core/register.html')
if password != confirmPassword:
flash('Passwords don\'t match', 'danger')
return render_template('core/register.html')
if len(password) < 6:
flash('Password too short', 'danger')
return render_template('core/register.html')
registrant = User(first, last, email, password)
user_id = action.createUser(registrant)
File().makeDirectory(user_id)
action.voidHash(hash)
signinAction(email, password)
return redirect('/')
def count_orders(user=None):
if user is not None:
user = User.get_by_username(user)
res = Order.objects(user=user)
else:
res = Order.objects
return res.count()
def find_users(condition):
users = User.users(condition)
page = condition['_page'] if '_page' in condition else 1
per_page = condition['_per_page'] if '_per_page' in condition else 20
pagination = users.paginate(page=int(page),
per_page=int(per_page),
error_out=False)
return pagination
def insert_user(request_json):
user = User()
for key, value in request_json.items():
if key == 'password':
user.password = value
if hasattr(user, key):
setattr(user, key, value)
db.session.add(user)
db.session.commit()
term = Term.query.order_by(Term.id.desc()).first().name
for role_name in request_json['role_names']:
user_role = UserRole()
role = Role.query.filter(Role.name == role_name).first()
user_role.user_id = user.id
user_role.role_id = role.id
user_role.term = term
db.session.add(user_role)
db.session.commit()
def get_orders(user=None, limit=None, offset=None, sorting='-number'):
if user is not None:
user = User.get_by_username(user)
res = Order.objects(user=user)
else:
res = Order.objects
if offset:
res = res.skip(offset)
if limit:
res = res.limit(limit)
return res.order_by(sorting)
def test_user_password():
""" Test user password
"""
user = User(email="*****@*****.**", user_type=0)
user.SetPassword("test_pwd")
assert user.VerifyPassword("test_pwd")
assert not user.VerifyPassword("wrong_pwd")
assert not user.VerifyPassword(None)
def test_invalid_length_for_new_password():
""" Test new password with invalid length (< 4 or > 20)
provided by user
"""
user = User(email="*****@*****.**", user_type=0)
user_password = "******"
user.SetPassword(user_password)
new_password1 = "pwd"
with pytest.raises(ValueError):
user.SetPassword(new_password1)
assert not user.VerifyPassword(new_password1)
assert user.VerifyPassword(user_password)
new_password2 = "I love meatball and tuna."
with pytest.raises(ValueError):
user.SetPassword(new_password2)
assert not user.VerifyPassword(new_password2)
assert user.VerifyPassword(user_password)
def test_order_list(client, app):
"""test order list page"""
with app.app_context():
order = Order(price=123, status=OrderStatus.PAID)
db.session.add(order)
db.session.commit()
timestamp = order.GetCreatedAt()
user = User(name="Dickson",
email="*****@*****.**",
user_type=UserType.ADMIN)
user.SetPassword("123456")
db.session.add(user)
db.session.commit()
login(client, "*****@*****.**", "123456")
response = client.get('/admin/orderlist')
rsp = str(response.data)
assert "ID" in rsp
assert "User Name" in rsp
assert "Price" in rsp
assert "Created at" in rsp
assert "Updated at" in rsp
assert "Status" in rsp
assert "123" in rsp
assert "paid" in rsp
assert str(timestamp) in rsp
with app.app_context():
order1 = Order(price=231, status=OrderStatus.PAID)
db.session.add(order1)
db.session.commit()
response = client.get('/admin/orderlist')
rsp = str(response.data)
assert "231" in rsp
position = rsp.find("123")
position1 = rsp.find("231")
assert position1 < position
def test_mark_as_done(client, app):
"""test mark done page"""
with app.app_context():
sburger = Stock(name="burger", amount=10)
swrap = Stock(name="wrap", amount=10)
db.session.add(sburger)
db.session.add(swrap)
imain = Item(name="main")
iburger = Item(name="burger")
iwrap = Item(name="wrap")
gtype = IngredientGroup(name="type",
min_item=1,
max_item=1,
min_option=1,
max_option=1)
db.session.add(imain)
db.session.add(iburger)
db.session.add(iwrap)
db.session.add(gtype)
sburger.items.append(iburger)
swrap.items.append(iwrap)
gtype.options.append(iburger)
gtype.options.append(iwrap)
imain.ingredientgroups.append(gtype)
db.session.commit()
user = User(name="Dickson",
email="*****@*****.**",
user_type=UserType.ADMIN)
user.SetPassword("123456")
user2 = User(name="Superman",
email="*****@*****.**",
user_type=UserType.CUSTOMER)
user2.SetPassword("123456")
order = Order(status=OrderStatus.PAID, price=100)
user2.orders.append(order)
order.AddRootItem(imain.GetID(), 1)
order.AddIG("0.0", [iburger.GetID()], [1])
db.session.add(user)
db.session.add(user2)
db.session.add(order)
db.session.commit()
login(client, "*****@*****.**", "123456")
order = Order.query.get(order.GetID())
response = client.get('/order/%d' % order.GetID())
assert b"paid" in response.data
client.get('/admin/order/%d/done' % order.GetID())
response = client.get('/order/%d' % order.GetID())
assert b"ready" in response.data
def create_order(sid: str) -> Order:
session = session_utility.get_session(sid)
order = Order()
if session.cart is None:
raise ValueError('В корзине нет товаров')
order.cart = session.cart
order.user = User.get_by_username(session.user)
order.contragent = session.contragent
order.comment = session.comment
order._price = session.cart.subtotal
order.sale = session.sale
order.time_created = datetime.datetime.now(
tz=pytz.timezone('Europe/Moscow'))
num = utility.find_last_order_num()
order.order_num = 'РВ-' + str(num + 1)
order._number = num + 1
order.save()
return order
def dispatch_request(self):
context = {'commit_hash': commit_hash}
if request.method == 'POST':
if current_user.is_authenticated:
return redirect(url_for('frontend.create_order.create_order'))
username = request.form.get('username')
password = request.form.get('password')
user = User.get_by_username(username)
user: User
if user is not None and user.check_password(password):
login_user(user, remember=True)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('frontend.create_order.create_order')
return redirect(next_page)
elif current_user.is_authenticated:
return redirect(url_for('frontend.create_order.create_order'))
return self.render_template(context)
def signinAction(email=None, password=None):
if request.method == 'POST' or (email and password):
action = DB()
email = request.form['inputEmail']
password = request.form['inputPassword']
if action.validateCreds(email, password):
session['active'] = True
userInfo = action.getUserInfoByEmail(email)
user = User(userInfo[0], userInfo[1], userInfo[2])
session['first'] = user.first
session['last'] = user.last
session['email'] = user.email
# session['folder'] = user.folder
user_id = action.getUserIdByEmail(email)
session['folders'] = action.getFoldersByUserId(user_id)
session['id'] = user_id
action.recordLogin(user_id)
else:
flash('Email and password don\'t match', 'danger')
return render_template('core/signin.html')
return redirect('/')
def test_checkout_page(client, app):
""" Test checkout page
"""
with app.app_context():
sburger = Stock(name="burger", amount=10)
swrap = Stock(name="wrap", amount=10)
db.session.add(sburger)
db.session.add(swrap)
imain = Item(name="main")
iburger = Item(name="burger")
iwrap = Item(name="wrap")
gtype = IngredientGroup(
name="type", min_item=1, max_item=1, min_option=1, max_option=1)
db.session.add(imain)
db.session.add(iburger)
db.session.add(iwrap)
db.session.add(gtype)
sburger.items.append(iburger)
swrap.items.append(iwrap)
gtype.options.append(iburger)
gtype.options.append(iwrap)
imain.ingredientgroups.append(gtype)
db.session.commit()
user = User(
name="Dickson", email="*****@*****.**", user_type=UserType.ADMIN)
user.SetPassword("123456")
user2 = User(
name="Superman",
email="*****@*****.**",
user_type=UserType.CUSTOMER)
user2.SetPassword("123456")
order = Order(status=OrderStatus.PAID, price=100)
user2.orders.append(order)
order.AddRootItem(imain.GetID(), 1)
order.AddIG("0.0", [iburger.GetID()], [1])
db.session.add(user)
db.session.add(user2)
db.session.add(order)
db.session.commit()
login(client, "*****@*****.**", "123456")
order = Order.query.get(order.GetID())
response = client.get('/order/%d' % order.GetID())
# Check if the customer can see the unique ID for the order.
assert str(order.GetID()).encode("utf-8") in response.data
client.get('/admin/order/%d/done' % order.GetID())
# Check if the customer can see the details of his order.
assert order.GetDetailsString().encode("utf-8") in response.data
def load_user(user_id):
return User.get(user_id)
def create_user(**kwargs):
if User.objects(username=kwargs['username']).count() > 0:
raise ValueError('Пользователь уже существует')
token = utility.create_user_without_password(**kwargs)
mail_controller.send_user_created_email(token)
return token
def check_super_user():
if User.objects(username=root_username).count() == 0:
utility.create_user(root_username,
root_password,
'root',
role='super_admin')
def test_order_details(client, app):
""" Test correct order details on front end
"""
with app.app_context():
sburger = Stock(name="burger", amount=10)
swrap = Stock(name="wrap", amount=10)
db.session.add(sburger)
db.session.add(swrap)
imain = Item(name="main")
iburger = Item(name="burger")
iwrap = Item(name="wrap")
gtype = IngredientGroup(name="type",
min_item=1,
max_item=1,
min_option=1,
max_option=1)
db.session.add(imain)
db.session.add(iburger)
db.session.add(iwrap)
db.session.add(gtype)
sburger.items.append(iburger)
swrap.items.append(iwrap)
gtype.options.append(iburger)
gtype.options.append(iwrap)
imain.ingredientgroups.append(gtype)
db.session.commit()
user = User(name="Dickson",
email="*****@*****.**",
user_type=UserType.ADMIN)
user.SetPassword("123456")
user1 = User(name="123",
email="*****@*****.**",
user_type=UserType.CUSTOMER)
user1.SetPassword("123456")
user2 = User(name="Superman",
email="*****@*****.**",
user_type=UserType.CUSTOMER)
user2.SetPassword("123456")
order = Order(status=OrderStatus.PAID, price=100)
user2.orders.append(order)
order.AddRootItem(imain.GetID(), 1)
order.AddIG("0.0", [iburger.GetID()], [1])
db.session.add(user)
db.session.add(user1)
db.session.add(user2)
db.session.add(order)
db.session.commit()
login(client, "*****@*****.**", "654321")
response = client.get('/order/%d' % order.GetID())
assert response.status == '302 FOUND'
login(client, "*****@*****.**", "123456")
response = client.get('/order/%d' % order.GetID())
assert b"Superman" in response.data
assert order.GetDetailsString().encode("utf-8") in response.data
if order.GetStatusText() != "ready":
assert b"Mark as done" in response.data
login(client, "*****@*****.**", "123456")
response = client.get('/order/%d' % order.GetID())
assert response.status == '302 FOUND'
login(client, "*****@*****.**", "123456")
response = client.get('/order/%d' % order.GetID())
assert b"Superman" in response.data
# Check if the user can see his unique order ID in the details page.
assert "ORDER {0}".format(
order.GetID()).encode("utf-8") in response.data
# Customer shouldn't have access to details page of unpaid orders
order.SetStatus(OrderStatus.CREATED)
db.session.commit()
response = client.get('/order/%d' % order.GetID())
assert response.status == '302 FOUND'