def test_owner_can_change_book(self, client): books_url = reverse('books-list') user_params_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } books_create_params = simplejson.dumps({ 'title': 'Lord of the rings' }) new_title = 'Hobbit' UserFactory.create(**user_params_owner) token_dict_owner = get_login_params_dict(client, user_params_owner) client.post(books_url, books_create_params, **token_dict_owner) created_book = Book.objects.get(title='Lord of the rings') books_detail = reverse('books-detail', args=[created_book.id]) token_dict_owner = get_login_params_dict(client, user_params_owner) resp = simplejson.loads( client.put( books_detail, simplejson.dumps({'title': new_title}), **token_dict_owner ).content ) assert resp.get('title') == new_title
def test_owner_can_change_reward(self, client): rewards_url = reverse('rewards-list') user_params_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } rewards_create_params = {'name': 'test', 'url': 'http://www.test.com'} new_name = 'test_new' UserFactory.create(**user_params_owner) token_dict_owner = get_login_params_dict(client, user_params_owner) client.post(rewards_url, simplejson.dumps(rewards_create_params), **token_dict_owner) created_reward = Reward.objects.get(name='test') rewards_detail = reverse('rewards-detail', args=[created_reward.id]) token_dict_owner = get_login_params_dict(client, user_params_owner) resp = simplejson.loads( client.put(rewards_detail, simplejson.dumps({'name': new_name}), **token_dict_owner).content) assert resp.get('name') == new_name
def test_authenticated_users_can_add_reward(self, client): rewards_url = reverse('rewards-list') params = simplejson.dumps({ 'name': 'laptop', 'url': 'https://www.test.com/laptop/' }) login_params = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } UserFactory.create(**login_params) token_dict = get_login_params_dict(client, login_params) resp = simplejson.loads( client.post(rewards_url, params, **token_dict).content) expected_resp = { 'id': 1, 'name': 'laptop', 'url': 'https://www.test.com/laptop/' } assert expected_resp == resp
def test_not_owner_can_not_change_user_profile(self, client): params = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } params_1 = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } UserFactory.create(**params) UserFactory.create(**params_1) user = UserModel.objects.get(username='******') user_detail = reverse('users-detail', args=[user.id]) params_1.pop('email') token_dict = get_login_params_dict(client, params_1) resp = simplejson.loads( client.put(user_detail, simplejson.dumps({'email': '*****@*****.**'}), **token_dict).content) expected_resp = { 'detail': 'You do not have permission to perform this action.' } assert resp == expected_resp
def test_authenticated_users_can_add_target(self, client): targets_url = reverse('targets-list') book = BookFactory.create() end_date = datetime.datetime.now() + datetime.timedelta(days=21) params = simplejson.dumps({ 'title': 'Test title', 'description': 'test', 'book': book.id, 'start_date': datetime.datetime.now().strftime('%Y-%m-%d'), 'end_date': end_date.strftime('%Y-%m-%d'), }) login_params = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } UserFactory.create(**login_params) token_dict = get_login_params_dict(client, login_params) resp = simplejson.loads( client.post(targets_url, params, **token_dict).content) expected_resp_title = 'Test title' assert expected_resp_title == resp.get('title')
def test_should_not_return_superuser_in_response(self, client): user_list_url = reverse('users-list') UserFactory.create(username='******', password='******', is_superuser=True) UserFactory.create(username='******', password='******', is_superuser=False) resp = simplejson.loads(client.get(user_list_url).content) resp_user_names = [resp_obj.get('username') for resp_obj in resp] assert 'su' not in resp_user_names
def test_returned_fields(self, client): user_list_url = reverse('users-list') UserFactory.create(password='******') resp = simplejson.loads(client.get(user_list_url).content) fields = resp[0].keys() expected_fields = [ 'username', 'first_name', 'last_name', 'bio', 'country', 'city', 'birth_date', 'favorite_books', 'targets' ] assert list(fields) == expected_fields
def test_not_owner_can_not_change_target(self, client): targets_url = reverse('targets-list') user_params_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } user_params_not_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } book = BookFactory.create() end_date = datetime.datetime.now() + datetime.timedelta(days=21) targets_create_params = { 'title': 'Test title', 'description': 'test', 'book': book.id, 'start_date': datetime.datetime.now().strftime('%Y-%m-%d'), 'end_date': end_date.strftime('%Y-%m-%d'), } UserFactory.create(**user_params_owner) UserFactory.create(**user_params_not_owner) token_dict_owner = get_login_params_dict(client, user_params_owner) client.post(targets_url, simplejson.dumps(targets_create_params), **token_dict_owner) created_target = Target.objects.get(title='Test title') targets_detail = reverse('targets-detail', args=[created_target.id]) user_params_not_owner.pop('email') token_dict_not_owner = get_login_params_dict(client, user_params_not_owner) resp = simplejson.loads( client.put(targets_detail, simplejson.dumps({'name': 'new'}), **token_dict_not_owner).content) expected_resp = { 'detail': 'You do not have permission to perform this action.' } assert resp == expected_resp
def test_owner_can_change_user_profile(self, client): params = { 'username': '******', 'email': '*****@*****.**', 'password': '******', 'city': 'Kyiv', } new_city = 'Lviv' UserFactory.create(**params) user = UserModel.objects.get(username='******') user_detail = reverse('users-detail', args=[user.id]) token_dict = get_login_params_dict(client, params) resp = simplejson.loads( client.put(user_detail, simplejson.dumps({'city': new_city}), **token_dict).content) assert resp.get('city') == new_city
def test_not_owner_can_not_change_book(self, client): books_url = reverse('books-list') user_params_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } user_params_not_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } books_create_params = simplejson.dumps({ 'title': 'Lord of the rings' }) UserFactory.create(**user_params_owner) UserFactory.create(**user_params_not_owner) token_dict_owner = get_login_params_dict(client, user_params_owner) client.post(books_url, books_create_params, **token_dict_owner) created_book = Book.objects.get(title='Lord of the rings') books_detail = reverse('books-detail', args=[created_book.id]) user_params_not_owner.pop('email') token_dict_not_owner = get_login_params_dict(client, user_params_not_owner) resp = simplejson.loads( client.put( books_detail, simplejson.dumps({'title': 'Hobbit'}), **token_dict_not_owner ).content ) expected_resp = {'detail': 'You do not have permission to perform this action.'} assert resp == expected_resp
def test_not_owner_can_not_change_reward(self, client): rewards_url = reverse('rewards-list') user_params_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } user_params_not_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } rewards_create_params = {'name': 'test'} UserFactory.create(**user_params_owner) UserFactory.create(**user_params_not_owner) token_dict_owner = get_login_params_dict(client, user_params_owner) client.post(rewards_url, simplejson.dumps(rewards_create_params), **token_dict_owner) created_reward = Reward.objects.get(name='test') rewards_detail = reverse('rewards-detail', args=[created_reward.id]) user_params_not_owner.pop('email') token_dict_not_owner = get_login_params_dict(client, user_params_not_owner) resp = simplejson.loads( client.put(rewards_detail, simplejson.dumps({'name': 'new'}), **token_dict_not_owner).content) expected_resp = { 'detail': 'You do not have permission to perform this action.' } assert resp == expected_resp
def test_authenticated_users_can_add_book(self, client): books_url = reverse('books-list') params = simplejson.dumps({ 'title': 'Lord of the rings' }) login_params = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } UserFactory.create(**login_params) token_dict = get_login_params_dict(client, login_params) resp = simplejson.loads( client.post(books_url, params, **token_dict).content ) expected_resp_title = 'Lord of the rings' assert expected_resp_title == resp.get('title')
def test_owner_can_change_target(self, client): targets_url = reverse('targets-list') user_params_owner = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } book = BookFactory.create() end_date = datetime.datetime.now() + datetime.timedelta(days=21) targets_create_params = { 'title': 'Test title', 'description': 'test', 'book': book.id, 'start_date': datetime.datetime.now().strftime('%Y-%m-%d'), 'end_date': end_date.strftime('%Y-%m-%d'), } new_title = 'test_new' UserFactory.create(**user_params_owner) token_dict_owner = get_login_params_dict(client, user_params_owner) client.post(targets_url, simplejson.dumps(targets_create_params), **token_dict_owner) created_target = Target.objects.get(title='Test title') targets_detail = reverse('targets-detail', args=[created_target.id]) token_dict_owner = get_login_params_dict(client, user_params_owner) resp = simplejson.loads( client.patch(targets_detail, simplejson.dumps({'title': new_title}), **token_dict_owner).content) assert resp.get('title') == new_title
def test_email_should_not_be_changed_after_put_request(self, client): params = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } UserFactory.create(**params) user = UserModel.objects.get(username='******') user_detail = reverse('users-detail', args=[user.id]) users_email_before = user.email params.pop('email') token_dict = get_login_params_dict(client, params) client.put(user_detail, simplejson.dumps({'email': '*****@*****.**'}), **token_dict) user = UserModel.objects.get(username='******') users_email_after = user.email assert users_email_before == users_email_after
def test_should_return_three_users(self, client): user_list_url = reverse('users-list') users_count = 3 UserFactory.create(password='******') UserFactory.create(password='******') UserFactory.create(password='******') resp = simplejson.loads(client.get(user_list_url).content) assert users_count == len(resp)