def test_patch_role_to_provide_actor_id(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
new_role = Role(movie_id=movie_id, **AppTestCase.test_role)
new_role.insert()
role_id = new_role.id
new_actor = Actor(**AppTestCase.test_actor)
new_actor.insert()
actor_id = new_actor.id
res = self.client().patch(f'/roles/{role_id}',
json={'actor_id': actor_id},
headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertTrue(data['success'])
self.assertEqual(data['id'], role_id)
role = Role.query.get(role_id)
self.assertEqual(role.actor_id, actor_id)
new_movie.delete()
new_actor.delete()
def test_patch_role_by_invalid_age_interval(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
new_role = Role(movie_id=movie_id, **AppTestCase.test_role)
new_role.insert()
role_id = new_role.id
change_data = {
'min_age': 25,
'max_age': 20,
}
res = self.client().patch(f'/roles/{role_id}',
json=change_data,
headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 422)
self.assertFalse(data['success'])
err_message = 'Min age can not be greater than max age'
self.assertEqual(data['message'], err_message)
new_movie.delete()
def get_movie(request, pk):
"""
function to handle request for a particular movie
GET => uesd to query
POST w/o id, to insert and return inserted value
POST w/ id, to update existing record
:param request: incomming http request
:param pk: primary key of the movie requested
:return:
"""
#check the incomming method
try:
if request.method == "GET":
if pk != '':
_movie = Movie.objects.get(pk=pk).json()
response = HttpResponse(_movie, content_type="application/json")
return response
else:
response = search_movie(request)
return response
raise Movie.MultipleObjectsReturned()
elif request.method == 'POST':
#check if user is authenticated to touch it
#if pk='', insert, else overwrite
if pk == '' and has_perm(request, 'IMDB.create_movie'):
_m = Movie()
elif pk != '' and has_perm(request, 'IMDB.change_movie'):
_m = get_object_or_404(Movie, pk=pk)
else:
raise PermissionDenied()
_m.add_using_json(request.body)
_m.save()
return HttpResponse(_m.json(), content_type="application/json", status=201)
elif request.method == 'DELETE':
if pk != '':
if has_perm(request, 'delete_movie'):
_m = get_object_or_404(Movie, pk=pk)
_m.delete()
return HttpResponse('delete successful', content_type="application/json", status=200)
else:
raise PermissionDenied()
else:
raise Movie.MultipleObjectsReturned()
else:
raise Movie.MultipleObjectsReturned() #avoiding modification to the entire series
except IntegrityError as ie:
return HttpResponseBadRequest("{'status':400,'message':'Bad Request -- Integrity violation:" + ie.message + "'}",
content_type="application/json")
except KeyError as k:
return HttpResponseBadRequest("{'status':400,'message':'Bad Request -- Key violation:" + k.message + "'}",
content_type="application/json")
except Movie.MultipleObjectsReturned as e:
return HttpResponseNotFound(json.dumps({'status': 404, 'message': 'movie not found'}),
content_type="application/json")
except (Movie.DoesNotExist, Http404):
return HttpResponseNotFound(json.dumps({'status': 404, 'message': 'movie not found'}),
content_type="application/json")
except PermissionDenied as p:
return HttpResponseForbidden(json.dumps({'status': 403, 'message': 'Permission Denied{0:s}'.format(p.message)}),
content_type="application/json")
def delete_movies(token, movie_id):
movie_info = Movie.query.get(movie_id)
Movie.delete(movie_info)
movies = list(map(Movie.format, Movie.query.all()))
res = jsonify({
"success": True,
"movies": movies
})
return res
def delete_movie(id):
movie = Movie.query.filter(Movie.id == id).one_or_none()
print("Hello from Delete ")
if movie is None:
abort(422)
Movie.delete(movie)
return jsonify({'success': True})
def get_movies_error(self):
error_movie = Movie(title=None)
error_movie.insert()
res = self.client().get(
'/movies',
headers={'Authorization': 'Bearer ' + CASTING_ASSISTANT})
data = json.loads(res.data)
self.assertEqual(res.status_code, 404)
self.assertEqual(data['success'], False)
self.assertEqual(data['message'], 'Not Found')
error_movie.delete()
def test_delete_movie(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
res = self.client().delete(f'/movies/{movie_id}', headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 401)
self.assertEqual(data['description'], 'Permission not found.')
new_movie.delete()
def test_patch_movie(self):
movie = Movie(title='titanic', release_date='2018-01-02', actor_id=[2])
movie.id = 888
movie.insert()
res = self.client().patch(
'/movies/888',
headers={'Authorization': executive_producer_token},
json={"title": "American Pie"})
self.assertEqual(res.status_code, 200)
movie.delete()
def test_get_movies_by_id(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
res = self.client().get(f'/movies?id={movie_id}')
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertTrue(data['success'])
self.assertEqual(data['movies'][0]['id'], movie_id)
new_movie.delete()
def test_get_movies_by_min_release_date(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
min_release_date = '2020-11-25'
res = self.client().get(f'/movies?min_release_date={min_release_date}')
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertTrue(data['success'])
self.assertTrue(data['movies'][0]['release_date'] >= min_release_date)
new_movie.delete()
def test_get_movies_by_title_search_term(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
search_term = 'test'
res = self.client().get(f'/movies?search_term={search_term}')
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertTrue(data['success'])
for movie in data['movies']:
self.assertTrue(search_term in movie['title'])
new_movie.delete()
def delete_movie(payload, movie_id):
try:
movie = Movie.query.filter(Movie.id == movie_id).one_or_none()
if movie:
Movie.delete(movie)
else:
abort(422)
return jsonify({
'status_code': 200,
'success': True,
'deleted': movie_id ,
}), 200
except:
abort(422)
def delete_movie(payload, movie_id):
"""
Deletes a movie by ID
"""
movie = Movie.query.get(movie_id)
if not movie:
abort(404)
title = movie.title
Movie.delete(movie)
return jsonify({
"success": True,
'message': 'Movie ' + title + ' successfully deleted.'
}), 200
def delete_movies(token, id):
#selecting the actor that we want to delete
deleted_movie = Movie.query.get(id)
if not deleted_movie:
abort(404)
try:
Movie.delete(deleted_movie)
movies_list = [m.summarize() for m in Movie.query.all()]
return jsonify({
'success': True,
'deleted': id,
'actors': movies_list
})
except BaseException:
abort(422)
def test_patch_movie_to_change_title(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
change_data = {'title': 'changed_test_movie'}
res = self.client().patch(f'/movies/{movie_id}',
json=change_data,
headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 401)
self.assertEqual(data['description'], 'Permission not found.')
new_movie.delete()
def db_cleanup():
# Movie cleanup
aprint('Cleaning up movies...', 'NOTIFICATOR')
movies = Movie.select().order_by(Movie.title)
n_movies = len(movies)
for movie in movies:
deletion = Movie.delete().where(Movie.imdb == movie.imdb,
Movie.quality == movie.quality)
deletion.execute()
aprint('Deleted {} movies.'.format(n_movies), 'NOTIFICATOR')
# TV cleanup
aprint('Cleaning up tv shows...', 'NOTIFICATOR')
episodes = Show.select().order_by(Show.series).order_by(
Show.season).order_by(Show.episode)
n_episodes = len(episodes)
for episode in episodes:
deletion = Show.delete().where(Show.series == episode.series,
Show.season == episode.season,
Show.episode == episode.episode)
deletion.execute()
aprint('Deleted {} episodes.'.format(n_episodes), 'NOTIFICATOR')
# Tracks cleanup
aprint('Cleaning up tracks...', 'NOTIFICATOR')
tracks = Track.select().order_by(Track.artist).order_by(Track.tracknumber)
n_tracks = len(tracks)
for track in tracks:
deletion = Track.delete().where(Track.artist == track.artist,
Track.title == track.title,
Track.tracknumber == track.tracknumber,
Track.quality == track.quality)
deletion.execute()
aprint('Deleted {} tracks.'.format(n_tracks), 'NOTIFICATOR')
def test_create_role(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
valid_test_role = AppTestCase.test_role.copy()
valid_test_role['movie_id'] = movie_id
res = self.client().post('/roles',
json=valid_test_role,
headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 401)
self.assertEqual(data['description'], 'Permission not found.')
new_movie.delete()
def test_delete_role(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
new_role = Role(movie_id=movie_id, **AppTestCase.test_role)
new_role.insert()
role_id = new_role.id
res = self.client().delete(f'/roles/{role_id}', headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertTrue(data['success'])
self.assertEqual(data['id'], role_id)
new_movie.delete()
def test_create_role(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
valid_test_role = AppTestCase.test_role.copy()
valid_test_role['movie_id'] = movie_id
res = self.client().post('/roles',
json=valid_test_role,
headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertTrue(data['success'])
role = Role.query.filter(Role.name == 'test_role').one_or_none()
self.assertEqual(data['id'], role.id)
new_movie.delete()
def test_patch_role_to_provide_actor_id(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
new_role = Role(movie_id=movie_id, **AppTestCase.test_role)
new_role.insert()
role_id = new_role.id
new_actor = Actor(**AppTestCase.test_actor)
new_actor.insert()
actor_id = new_actor.id
res = self.client().patch(f'/roles/{role_id}',
json={'actor_id': actor_id},
headers=HEADER)
data = json.loads(res.data)
self.assertEqual(res.status_code, 401)
self.assertEqual(data['description'], 'Permission not found.')
new_movie.delete()
new_actor.delete()
def test_get_roles_by_min_age(self):
new_movie = Movie(**AppTestCase.test_movie)
new_movie.insert()
movie_id = new_movie.id
new_actor = Actor(**AppTestCase.test_actor)
new_actor.insert()
new_role = Role(movie_id=movie_id, **AppTestCase.test_role)
new_role.actor = new_actor
new_role.insert()
min_age = 20
res = self.client().get(f'/roles?min_age={min_age}')
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertTrue(data['success'])
for role in data['roles']:
self.assertTrue(role['min_age'] >= min_age)
new_movie.delete()
new_actor.delete()
def delete_movie():
"""
Delete movie by id
"""
data = get_request_data()
if 'id' in data.keys():
try:
row_id = int(data['id'])
except:
err = 'Id must be integer'
return make_response(jsonify(error=err), 400)
try:
Movie.delete(row_id) #id
msg = 'Record successfully deleted'
return make_response(jsonify(message=msg), 200)
except:
err = 'Problem with delete'
return make_response(jsonify(error=err), 400)
# use this for 200 response code
else:
err = 'No id specified'
return make_response(jsonify(error=err), 400)
def delete_movie():
"""
Delete movie by id
"""
data = get_request_data()
if 'id' in data.keys():
try:
row_id = int(data['id'])
except:
err = 'Id must be integer'
return make_response(jsonify(error=err), 400)
if Movie.delete(row_id):
msg = 'Record successfully deleted'
return make_response(jsonify(message=msg), 200)
else:
err = 'Record with such id does not exist'
return make_response(jsonify(error=err), 400)
else:
err = 'No id specified'
return make_response(jsonify(error=err), 400)
class CapstoneTestCase(unittest.TestCase):
def setUp(self):
self.app = create_app()
self.client = self.app.test_client
self.database_path = database_path
setup_db(self.app, self.database_path)
# binds the app to the current context
with self.app.app_context():
self.db = SQLAlchemy()
self.db.init_app(self.app)
self.db.create_all()
def tearDown(self):
"""Executed after reach test"""
pass
'''
Endpoint Test
'''
def test_get_actors(self):
res = self.client().get('/actors', headers={'Authorization': f'Bearer {executive_producer}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
def test_get_movies(self):
res = self.client().get('/movies', headers={'Authorization': f'Bearer {executive_producer}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
def test_post_actor(self):
res = self.client().post('/actors', headers={'Authorization': f'Bearer {executive_producer}'}, json={"name": "test", "age": 1, "gender": "male"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
def test_error_post_actor(self):
res = self.client().post('/actors', headers={'Authorization': f'Bearer {executive_producer}'}, json={})
data = json.loads(res.data)
self.assertEqual(res.status_code, 422)
self.assertEqual(data['success'], False)
self.assertEqual(data['error'], 422)
def test_post_movie(self):
res = self.client().post('/movies', headers={'Authorization': f'Bearer {executive_producer}'}, json={"title": "test", "release_date": "2021-11-11"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
def test_error_post_movie(self):
res = self.client().post('/movies', headers={'Authorization': f'Bearer {executive_producer}'}, json={})
data = json.loads(res.data)
self.assertEqual(res.status_code, 422)
self.assertEqual(data['success'], False)
self.assertEqual(data['error'], 422)
def test_patch_actor(self):
self.actor = Actor(name="test", age=1, gender="male")
self.actor.insert()
res = self.client().patch(f'/actors/{self.actor.id}', headers={'Authorization': f'Bearer {executive_producer}'}, json={"name": "test1"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
self.actor.delete()
def test_error_patch_actor(self):
res = self.client().patch('/actors/999', headers={'Authorization': f'Bearer {executive_producer}'}, json={"name": "test1"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 404)
self.assertEqual(data['success'], False)
self.assertEqual(data['error'], 404)
def test_patch_movie(self):
self.movie = Movie(title="test", release_date="2021-11-11")
self.movie.insert()
res = self.client().patch(f'/movies/{self.movie.id}', headers={'Authorization': f'Bearer {executive_producer}'}, json={"title": "test1"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
self.movie.delete()
def test_error_patch_movie(self):
res = self.client().patch('/movies/999', headers={'Authorization': f'Bearer {executive_producer}'}, json={"title": "test1"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 404)
self.assertEqual(data['success'], False)
self.assertEqual(data['error'], 404)
def test_delete_actor(self):
self.actor = Actor(name="test", age=1, gender="male")
self.actor.insert()
res = self.client().delete(f'/actors/{self.actor.id}', headers={'Authorization': f'Bearer {executive_producer}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
def test_error_delete_actor(self):
res = self.client().delete('/actors/999', headers={'Authorization': f'Bearer {executive_producer}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 404)
self.assertEqual(data['success'], False)
self.assertEqual(data['error'], 404)
def test_delete_movie(self):
self.movie = Movie(title="test", release_date="2021-11-11")
self.movie.insert()
res = self.client().delete(f'/movies/{self.movie.id}', headers={'Authorization': f'Bearer {executive_producer}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
self.movie.delete()
def test_error_delete_movie(self):
res = self.client().patch('/movies/999', headers={'Authorization': f'Bearer {executive_producer}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 404)
self.assertEqual(data['success'], False)
self.assertEqual(data['error'], 404)
'''
RBAC Test
'''
# view actors
def test_casting_assistant(self):
res = self.client().get('/actors', headers={'Authorization': f'Bearer {casting_assistant}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
# add actor
def test_error_casting_assistant(self):
res = self.client().post('/actors', headers={'Authorization': f'Bearer {casting_assistant}'}, json={"name": "test", "age": 1, "gender": "male"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 401)
self.assertEqual(data['success'], False)
# add actor
def test_casting_director(self):
res = self.client().post('/actors', headers={'Authorization': f'Bearer {casting_director}'}, json={"name": "test", "age": 1, "gender": "male"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
# add movie
def test_error_casting_director(self):
res = self.client().post('/movies', headers={'Authorization': f'Bearer {casting_director}'}, json={"title": "test", "release_date": "2021-11-11"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 401)
self.assertEqual(data['success'], False)
# add movie
def test_executive_producer(self):
res = self.client().post('/movies', headers={'Authorization': f'Bearer {executive_producer}'}, json={"title": "test", "release_date": "2021-11-11"})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
# delete movie
def test_executive_producer_2(self):
self.movie = Movie(title="test", release_date="2021-11-11")
self.movie.insert()
res = self.client().delete(f'/movies/{self.movie.id}', headers={'Authorization': f'Bearer {executive_producer}'})
data = json.loads(res.data)
self.assertEqual(res.status_code, 200)
self.assertEqual(data['success'], True)
self.movie.delete()
