def current_user():
from faker import Faker
from app.helpers.session_helper import hash_password
from app.models.user import User
from app.models.todo import Todo
fake = Faker()
email = f"test_user_{fake.random_number(digits=10)}@test.com"
user = User(
name=fake.name(),
email=email,
encrypted_password=hash_password("password"),
location=f"{fake.city()} {fake.country()}",
profile=fake.paragraph(),
)
user.todos.append(
Todo(
title="Test Todo",
status="none",
description="test todo",
)
)
session = db_helper.session()
session.add(user)
session.commit()
user = session.query(User).filter(User.email == email).first()
session.close()
api = app.main.api
api.requests.post("/login", {"email": user.email, "password": "******"})
return user
def test_patch_todo(api, db_session, current_user):
todo = (
db_session.query(Todo)
.filter(Todo.user_id == current_user.id)
.order_by(Todo.id.desc())
.first()
)
url = f"/todo/{todo.id}"
due_date = datetime.now() + timedelta(days=7)
changed = {
"title": todo.title + " changed",
"description": todo.description + " changed",
"due_date": due_date.date(),
"status": TodoStatus.wip.value,
}
r = api.requests.post(url, dict({"_method": "patch"}, **changed))
assert r.status_code == 200
session = db_helper.session()
todo = session.query(Todo).get(todo.id)
assert todo.title == changed["title"]
assert todo.description == changed["description"]
assert todo.due_date.date() == changed["due_date"]
assert todo.status.value == changed["status"]
async def on_post(self, req, resp, *, idx):
session = db_helper.session()
me = current_user(resp, session)
if me is None:
resp.status_code = 401
resp.html = render_template(resp, "401.html")
session.close()
return
try:
idx = int(idx)
user = session.query(User).get(idx)
except ValueError:
user = None
if user is None or me.id != user.id:
resp.status_code = 403
resp.html = render_template(resp, "403.html")
session.close()
return
params = await req.media()
if "_method" in params:
if params["_method"] == "patch":
self.on_patch(req, resp, session, me, user, params)
elif params["_method"] == "delete":
self.on_delete(req, resp, session, user)
session.close()
def _make_dummy_data():
from db.dummy.users import generate_serial_users
from db.dummy.todos import add_serial_todos_to_user
session = db_helper.session()
users = generate_serial_users(10)
for user in users[:5]:
add_serial_todos_to_user(user)
session.add_all(users)
session.commit()
def test_delete_todo(api, db_session, current_user):
todo = (
db_session.query(Todo)
.filter(Todo.user_id == current_user.id)
.order_by(Todo.id.desc())
.first()
)
r = api.requests.post(f"/todo/{todo.id}", {"_method": "delete"})
assert r.status_code == 201
session = db_helper.session()
todo = session.query(Todo).get(todo.id)
assert todo is None
async def on_post(self, req, resp):
params = await req.media()
validator = SignupValidator(params)
if not validator.valid:
resp.status_code = 422
resp.html = render_template(resp,
"signup/join.html",
messages=validator.messages)
return
session = db_helper.session()
err_msg = []
try:
hashed_pass = hash_password(params["password"])
user = User(
name=params["name"],
email=params["email"],
encrypted_password=hashed_pass,
)
session.add(user)
session.commit()
user = session.query(User).filter(
User.email == params["email"]).first()
except SQLAlchemyError as e:
print(e)
err_msg.append("Internal Server Error")
session.rollback()
except Exception as e:
print(e)
err_msg.append("Internal Server Error")
session.rollback()
finally:
session.close()
if len(err_msg) > 0:
resp.status_code = 500
resp.html = render_template(resp,
"signup/join.html",
messages=err_msg)
else:
login(resp, user.id)
resp.status_code = 201
resp.html = render_template(resp, "signup/registered.html")
async def on_get(self, req, resp, *, idx):
session = db_helper.session()
try:
idx = int(idx)
user = session.query(User).get(idx)
except ValueError:
user = None
me = current_user(resp, session)
if user:
resp.status_code = 200
resp.html = render_template(resp,
"users/show.html",
user=user,
me=me)
else:
resp.status_code = 404
resp.html = render_template(resp, "404.html")
def _authenticate(self, email, row_password):
session = db_helper.session()
user = session.query(User).filter(User.email == email).first()
if user and verify_password(row_password, user.encrypted_password):
return True, user
return False, None
def db_session():
return db_helper.session()
async def on_get(self, req, resp):
session = db_helper.session()
users = session.query(User).all()
resp.status_code = 200
resp.html = render_template(resp, "users/index.html", users=users)