def test_can_get_all_users(db, cleanup): email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) email2 = "*****@*****.**" password = "******" user_in2 = UserCreate(email=email2, password=password) user2 = crud.create_user(db, user=user_in2) response = client.get("/users/") assert response.status_code == 200 resp = response.json() assert resp[0]['email'] == '*****@*****.**' assert resp[1]['email'] == '*****@*****.**' assert len(resp) == 2
def test_create_invitation(db: Session, normal_user: User, dataroom: Dataroom) -> None: """ GIVEN an existing dataroom WHEN a invitation is created THEN the invitation should exist in db """ with freeze_time("2021-01-01 12:00"): EMAIL_STR = "*****@*****.**" TOKEN_STR = "random_token_string" EXPIRES_IN = calculate_expires_in_days(90) create_user = UserCreate(email=EMAIL_STR, password=random_password()) invitee = crud.user.create_if_not_exists(db, obj_in=create_user) obj_in = InviteCreate( invitee=invitee, jwt_token=TOKEN_STR, dataroom=dataroom, creator=normal_user, expires_in=EXPIRES_IN, ) metadata = crud.invite.create(db, obj_in=obj_in) expected_expires_in = datetime(2021, 4, 2, 0, 0, 0, tzinfo=timezone.utc) assert metadata.expires_in == expected_expires_in assert metadata.invitee.email == EMAIL_STR assert metadata.jwt_token == TOKEN_STR
def test_user_image_has_default_value(db, cleanup): email = "*****@*****.**" password = "******" username = "******" user_in = UserCreate(email=email, password=password, username=username) user = crud.create_user(db, user=user_in) assert user.image == ''
def authentication_token_from_email( *, client: TestClient, email: str, db: Session, user_type: str = "student", school_id: Optional[str] = None, type_: str = "access", ) -> dict[str, str]: """ Return a valid token for the user with given email. If the user doesn't exist it is created first. """ password = random_password() user = crud.user.get_by_email(db, email=email) if not user: user_in_create = UserCreate(email=email, password=password, type=user_type, school_id=school_id) crud.user.create(db, obj_in=user_in_create) else: user_in_update = UserUpdate(password=password) crud.user.update(db, db_obj=user, obj_in=user_in_update) return user_authentication_headers(client=client, email=email, password=password, type_=type_)
def test_create_user_student(db: Session) -> None: email = random_email() password = random_password() user_in = UserCreate(email=email, password=password, type="student") user = crud.user.create(db, obj_in=user_in) assert user.email == email assert hasattr(user, "hashed_password")
def test_create_user(db: Session) -> None: username = random_lower_string() password = random_lower_string() user_in = UserCreate(username=username, password=password) user = crud.user.create(db, user_in) assert user.username == username assert hasattr(user, "password_hashed")
def create_random_user(db: Session, type: str, is_admin: bool = False, school_id: Optional[str] = None, permissions: Optional[int] = None) -> User: """ :param db: SQLAlchemy Session object pointing to the project database :param type: Type of user to create :param is_admin: True if user is an auxilary admin, else False :param school_id: School that the user belongs to (optional) :param permissions: permissions to be set if user is an admin :return: User object created from random values and given type """ email = random_email() password = random_password() user_in = UserCreate(email=email, password=password, type=type, is_admin=is_admin, school_id=school_id) user = crud.user.create(db=db, obj_in=user_in) if user.is_admin and permissions: if admin := crud.admin.get(db, user.id): admin_in = AdminUpdate(user_id=user.id, permissions=permissions) crud.admin.update(db=db, db_obj=admin, obj_in=admin_in)
def normal_user(db: Session) -> User: email = NORMAL_USER_EMAIL password = NORMAL_USER_PW user_in = UserCreate(email=email, password=password, is_superuser=False, is_active=True) return crud.user.create(db, obj_in=user_in)
def test_authenticate_user_invalid_password(db: Session) -> None: username = random_lower_string() password = random_lower_string() user_in = UserCreate(username=username, password=password) crud.user.create(db, user_in) authenticated_user = crud.user.authenticate(db, username=username, password=password + "1") assert authenticated_user is None
def test_can_create_a_favorite_with_no_existing_market(db, cleanup): market_id = 123 email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) response = client.post(f"/users/{user.id}/favorites", json={"fmid": market_id}) assert response.status_code == 200
def test_authenticate_user_student_wrong_password(db: Session) -> None: email = random_email() password = random_password() user_in = UserCreate(email=email, password=password, type="student") crud.user.create(db, obj_in=user_in) authenticated_user = crud.user.authenticate(db, email=email, password=f"WRoNg{password}") assert authenticated_user is None
def test_create_existing_user(client: TestClient, db: Session) -> None: username = random_lower_string() password = random_lower_string() data = {"username": username, "password": password} user_in = UserCreate(username=username, password=password) crud.user.create(db, user_in) response = client.post("/users", json=data) json = response.json() assert response.status_code == 400 assert json["detail"] == "User already exists."
def room_user(db: Session, dataroom: Dataroom) -> User: email = ROOM_USER_EMAIL password = ROOM_USER_PW user_in = UserCreate(email=email, password=password, is_superuser=False, is_active=True) user = crud.user.create(db, obj_in=user_in) oso_roles.add_user_role(db, user, dataroom, "MEMBER", commit=True) return user
def test_authenticate_user_student(db: Session) -> None: email = random_email() password = random_password() user_in = UserCreate(email=email, password=password, type="student") user = crud.user.create(db, obj_in=user_in) authenticated_user = crud.user.authenticate(db, email=email, password=password) assert authenticated_user assert user.email == authenticated_user.email
def test_can_get_a_single_user(db, cleanup): email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) response = client.get("/users/1") assert response.status_code == 200 resp = response.json() assert resp['email'] == '*****@*****.**' assert resp['id'] == 1 assert resp['favorites'] == []
def test_create_user(db_session): assert create_user( db_session, UserCreate( username="******", email="*****@*****.**", password="******", is_active=True, is_superuser=False, ), )
def add_members( organization_id: int, *, invites: List[UserInvite] = Body(...), auth=Depends(authorization("organizations:add_members")), db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): try: members = crud.organization.get_members(db, id=organization_id) users_to_add = (invite for invite in invites if invite.email not in (u.get("email") for u in members)) for invite in users_to_add: user_in_db = user.get_by_email(db, email=invite.email) role = invite.role if invite.role else "guest" if not user_in_db: user_in_db = user.create( db, obj_in=UserCreate( full_name=invite.full_name, email=invite.email, password=pwd.genword(), ), ) else: organization_in_db = crud.organization.get(db, id=organization_id) if organization_in_db: send_new_invitation_email_task.delay( full_name=user_in_db.full_name, email_to=user_in_db.email, organization=organization_in_db.name, role=role) enforcer.add_role_for_user_in_domain( str(user_in_db.id), role, str(organization_id), ) enforcer.load_policy() return [ user for user in get_members( organization_id, auth=auth, db=db, current_user=current_user) if user.get("email") in (invite.email for invite in invites) ] except Exception as e: logging.error(e)
def test_create_user(db, cleanup): email = "*****@*****.**" password = "******" username = "******" image = "12674.jpg" user_in = UserCreate(email=email, password=password, username=username, image=image) user = crud.create_user(db, user=user_in) assert user.email == email assert user.username == username assert user.image == image
def test_create_defaults(db_session): example_user_schema = UserCreate( email='*****@*****.**', password='******' ) user: User = create(db_session, example_user_schema) assert user.email == example_user_schema.email assert user.is_admin is False assert user.lists == [] assert user.username == 'example' assert user.hashed_password
def test_get_user(db: Session) -> None: username = random_lower_string() password = random_lower_string() user_in = UserCreate(username=username, password=password) user = crud.user.create(db, user_in) user2 = crud.user.get(db, user.id) assert user2 assert jsonable_encoder(user2) == jsonable_encoder(user) user3 = crud.user.get_by_username(db, username=user.username) assert user3 assert jsonable_encoder(user3) == jsonable_encoder(user)
def test_retrieve_users(client: TestClient, superuser_token_headers: Dict[str, str], db: Session) -> None: username = random_lower_string() email = random_email() password = random_lower_string() user_in = UserCreate(email=email, password=password, username=username) crud.user.create(db, obj_in=user_in) username2 = random_lower_string() email2 = random_email() password2 = random_lower_string() user_in2 = UserCreate(email=email2, password=password2, username=username2) crud.user.create(db, obj_in=user_in2) r = client.get(f"{settings.API_V1_STR}/users/", headers=superuser_token_headers) all_users = r.json() assert len(all_users) > 1 for fact in all_users: assert "email" in fact
def create_organization_root_node( *, db: Session = Depends(get_db), organization_in: OrganizationCreateRoot, current_user: User = Depends(get_current_user), ) -> Optional[Organization]: """ Create a new **root node for organizations tree**; If `owner_email` is present organization tree ownership will be affected to *existing or newly created user*, else organizations tree ownership will be affected to *superuser*. """ if not current_user.is_superuser: raise HTTPException( status_code=403, detail="You are not authorized to perform this action.") new_organization_root_node = organization.create_root( db, obj_in=organization_in).to_schema() if organization_in.owner_email: user_in_db = user.get_by_email(db, email=organization_in.owner_email) if not user_in_db: user_in_db = user.create( db, obj_in=UserCreate( full_name=organization_in.owner_email.split("@")[0], email=organization_in.owner_email, password=pwd.genword(), ), ) if new_organization_root_node: send_new_invitation_email_task.delay( full_name=user_in_db.full_name, email_to=user_in_db.email, organization=new_organization_root_node.name, role="owner") enforcer.add_role_for_user_in_domain( str(user_in_db.id), "owner", str(new_organization_root_node.id)) enforcer.load_policy() else: enforcer.add_role_for_user_in_domain( str(current_user.id), "owner", str(new_organization_root_node.id)) enforcer.load_policy() current_roles = enforcer.get_roles_for_user_in_domain( str(current_user.id), str(new_organization_root_node.id)) if len(current_roles) > 0: new_organization_root_node.current_user_role = current_roles[0] if current_user.is_superuser: new_organization_root_node.current_user_role = 'admin' # new_organization_root_node.current_user_role = current_roles[0] return new_organization_root_node
def test_it_can_get_all_user_favorites(db, cleanup): market_id = 123456 market_in = MarketCreate(market_id=market_id) market = crud.create_market(db, market=market_in) email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) client.post(f"/users/{user.id}/favorites", json={"fmid": market_id}) response = client.get(f"/users/{user.id}/favorites") assert response.status_code == 200 resp = response.json() assert resp['favorites'] == [{'market_id': 123456, 'id': 1}]
def test_it_cant_create_a_favorite_if_user_already_has_one(db, cleanup): market_id = 123 email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) market_in = MarketCreate(market_id=market_id) market = crud.create_market(db, market=market_in) favorite_in = FavoriteCreate(user_id=user.id, market_id=market.id) favorite = crud.favorite_market(db, favorite=favorite_in) response = client.post(f"/users/{user.id}/favorites", json={"fmid": market_id}) assert response.status_code == 400 resp = response.json() assert resp['detail'] == 'That market is already favorited!'
def test_it_can_login_a_user(db, cleanup): email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) response = client.post("/login/token", data={ "username": email, "password": password }) resp = response.json() assert response.status_code == 200 assert "access_token" in resp assert resp["access_token"]
def test_access_token_works(db, cleanup): email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) response = client.post("/login/token", data={ "username": email, "password": password }) token = response.json() a_token = token["access_token"] headers = {"Authorization": f"Bearer {a_token}"} response2 = client.post("/login/token_check", headers=headers) assert response2.status_code == 200
def test_create(db_session): example_user_schema = UserCreate( email='*****@*****.**', password='******', username='******', is_admin=True ) user: User = create(db_session, example_user_schema) assert user.email == example_user_schema.email assert user.username == example_user_schema.username assert user.is_admin is True assert user.lists == [] assert user.hashed_password
def test_create_user_existing_email(client: TestClient, superuser_token_headers: Dict[str, str], db: Session) -> None: username = random_lower_string() email = random_email() password = random_lower_string() user_in = UserCreate(email=email, password=password, username=username) crud.user.create(db, obj_in=user_in) data = {"email": email, "password": password, "username": username} r = client.post( f"{settings.API_V1_STR}/users/", headers=superuser_token_headers, json=data, ) created_user = r.json() assert r.status_code == 400 assert "_id" not in created_user
def test_it_can_update_a_users_password(db, cleanup): email = "*****@*****.**" password = "******" user_in = UserCreate(email=email, password=password) user = crud.create_user(db, user=user_in) update_response = client.put(f"/users/{user.id}", json={"password": "******"}) assert update_response.status_code == 200 response = client.post("/login/token", data={ "username": email, "password": '******' }) token = response.json() assert response.status_code == 200 assert "access_token" in token assert token["access_token"]
def test_get_existing_user(client: TestClient, superuser_token_headers: Dict[str, str], db: Session) -> None: username = random_lower_string() email = random_email() password = random_lower_string() user_in = UserCreate(email=email, password=password, username=username) user = crud.user.create(db, obj_in=user_in) user_id = user.id r = client.get( f"{settings.API_V1_STR}/users/{user_id}", headers=superuser_token_headers, ) assert 200 <= r.status_code < 300 api_user = r.json() existing_user = crud.user.get_by_email(db, email=email) assert existing_user assert existing_user.email == api_user["email"] assert existing_user.username == api_user["username"]