class RoleEndpointTest(TestCase):
def setUp(self):
self.client = APIClient()
self.user = User.objects.create_user("Foo", "Bar", "*****@*****.**", "123456")
self.dev_user = User.objects.create_user("Foo", "Bar1", "*****@*****.**", "123456")
self.application = Application(
name="Test Application",
user=self.dev_user,
client_type=Application.CLIENT_PUBLIC,
authorization_grant_type=Application.GRANT_PASSWORD,
)
self.application.save()
self.token = AccessToken(
token="ABC123",
user=self.user,
expires=datetime.datetime.now() + datetime.timedelta(days=1),
scope='read write',
application=self.application
)
self.token.save()
self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.token.token)
def tearDown(self):
self.application.delete()
self.token.delete()
self.user.delete()
self.dev_user.delete()
class AccessTokenTest(TestCaseUtils, TestCase):
def setUp(self):
self.client = APIClient()
self.user = User.objects.create_user("Foo", "Bar", "*****@*****.**", "123456")
self.user.is_active = True
self.user.save()
self.dev_user = User.objects.create_user("Foo", "Bar1", "*****@*****.**", "123456")
settings._SCOPES = ['read', 'write']
settings._DEFAULT_SCOPES = ['read', 'write']
self.application = Application(
name="Test Application",
user=self.dev_user,
client_type=Application.CLIENT_PUBLIC,
authorization_grant_type=Application.GRANT_PASSWORD,
)
self.application.save()
def tearDown(self):
self.application.delete()
self.user.delete()
self.dev_user.delete()
def test_get_token(self):
"""
Request an access token using Resource Owner Password Flow
"""
token_request_data = {
'grant_type': 'password',
'username': '******',
'password': '******'
}
auth_headers = self.get_basic_auth_header(self.application.client_id, self.application.client_secret)
response = self.client.post(reverse('oauth2_provider:token'), data=token_request_data, **auth_headers)
content = json.loads(response.content.decode("utf-8"))
self.assertTrue('access_token' in content)
self.assertTrue('refresh_token' in content)
class ClientCredentialTest(TestCaseUtils, TestCase):
def setUp(self):
self.client = APIClient()
self.test_user = User.objects.create_user("Edwin", "J", "*****@*****.**", "123456")
self.application = Application(
name="Test Application Client Credentials",
redirect_uris="http://127.0.0.1:8000/api/",
user=self.test_user,
client_type=Application.CLIENT_PUBLIC,
authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS,
)
self.application.save()
def tearDown(self):
self.test_user.delete()
self.application.delete()
def test_client_credentials_access_allowed(self):
token_request_data = {'grant_type': 'client_credentials'}
auth_headers = self.get_basic_auth_header(self.application.client_id, self.application.client_secret)
response = self.client.post(reverse('oauth2_provider:token'), data=token_request_data, **auth_headers)
self.assertEqual(response.status_code, 200)
content = json.loads(response.content.decode("utf-8"))
self.assertTrue('access_token' in content)
access_token = content['access_token']
def test_client_credentials_access_not_allowed(self):
token_request_data = {'grant_type': 'client_credentials'}
response = self.client.post(reverse('oauth2_provider:token'), data=token_request_data)
self.assertEqual(response.status_code, 401)
content = json.loads(response.content.decode("utf-8"))
self.assertTrue('invalid_client', content['error'])
class PostsTest(APITestCase):
create_post_data = dict()
update_post_data = dict()
def setUp(self):
self.client = APIClient()
self.test_user = User.objects.create_user(
first_name='test',
last_name='user',
username='******',
email='*****@*****.**',
password='******',
)
self.application = Application(
name="Test Application",
redirect_uris="http://*****:*****@tag('posts')
def test_posts(self):
tok = AccessToken.objects.create(user=self.test_user,
token='1234567890',
application=self.application,
scope='read write',
expires=timezone.now() +
datetime.timedelta(days=1))
auth_headers = {
'HTTP_AUTHORIZATION': 'Bearer ' + tok.token,
}
make_writer_response = self.client.post(
reverse('users:test_make_writer',
kwargs={'username': self.test_user.username}),
**auth_headers)
self.assertEquals(make_writer_response.status_code, status.HTTP_200_OK)
with open(
os.path.join(os.path.dirname(__file__),
'test_images/create_post.png'),
'rb') as create_post_image:
self.create_post_data = {
'post_heading': 'This is a test heading',
'post_heading_image': create_post_image,
'post_body': 'This is a test body.',
'read_duration': '1',
'tag': 'UX',
}
create_post_response = self.client.post(
reverse('posts:create_post'),
data=self.create_post_data,
**auth_headers)
self.assertEquals(create_post_response.status_code,
status.HTTP_200_OK)
tag_posts_response = self.client.get(
reverse('posts:view_tag_posts', kwargs={'tag_name': 'UX'}),
**auth_headers)
self.assertEquals(tag_posts_response.status_code, status.HTTP_200_OK)
with open(
os.path.join(os.path.dirname(__file__),
'test_images/update_post.png'),
'rb') as update_post_image:
self.update_post_data = {
'post_heading': 'This is an update of test heading',
'post_heading_image': update_post_image,
'post_body': 'This is an update of test body.',
'read_duration': '1.5',
'tag': 'Machine learning',
}
update_post_response = self.client.post(reverse(
'posts:update_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
data=self.update_post_data,
**auth_headers)
self.assertEquals(update_post_response.status_code,
status.HTTP_200_OK)
os.remove(settings.BASE_DIR + tag_posts_response.json()[0]
['post_heading_image'].replace(settings.DOMAIN_URL, ''))
delete_post_response = self.client.post(
reverse('posts:delete_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(delete_post_response.status_code, status.HTTP_200_OK)
@tag('ratings')
def test_ratings(self):
tok = AccessToken.objects.create(user=self.test_user,
token='1234567890',
application=self.application,
scope='read write',
expires=timezone.now() +
datetime.timedelta(days=1))
auth_headers = {
'HTTP_AUTHORIZATION': 'Bearer ' + tok.token,
}
make_writer_response = self.client.post(
reverse('users:test_make_writer',
kwargs={'username': self.test_user.username}),
**auth_headers)
self.assertEquals(make_writer_response.status_code, status.HTTP_200_OK)
with open(
os.path.join(os.path.dirname(__file__),
'test_images/create_post.png'),
'rb') as create_post_image:
self.create_post_data = {
'post_heading': 'This is a test heading',
'post_heading_image': create_post_image,
'post_body': 'This is a test body.',
'read_duration': '1',
'tag': 'UX',
}
create_post_response = self.client.post(
reverse('posts:create_post'),
data=self.create_post_data,
**auth_headers)
self.assertEquals(create_post_response.status_code,
status.HTTP_200_OK)
tag_posts_response = self.client.get(
reverse('posts:view_tag_posts', kwargs={'tag_name': 'UX'}),
**auth_headers)
self.assertEquals(tag_posts_response.status_code, status.HTTP_200_OK)
view_post_response = self.client.get(
reverse(
'posts:view_post',
kwargs={
'username':
tag_posts_response.json()[0]['post_author']['username'],
'slug':
tag_posts_response.json()[0]['slug']
}), **auth_headers)
self.assertEquals(view_post_response.status_code, status.HTTP_200_OK)
like_post_response = self.client.post(reverse(
'posts:rate_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
data={'rating': 1},
**auth_headers)
self.assertEquals(like_post_response.status_code, status.HTTP_200_OK)
rated_posts_response = self.client.get(
reverse('posts:view_rated_posts'), **auth_headers)
self.assertEquals(rated_posts_response.status_code, status.HTTP_200_OK)
dislike_post_response = self.client.post(reverse(
'posts:rate_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
data={'rating': 0},
**auth_headers)
self.assertEquals(dislike_post_response.status_code,
status.HTTP_200_OK)
os.remove(settings.BASE_DIR + tag_posts_response.json()[0]
['post_heading_image'].replace(settings.DOMAIN_URL, ''))
delete_post_response = self.client.post(
reverse('posts:delete_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(delete_post_response.status_code, status.HTTP_200_OK)
@tag('comments')
def test_comments(self):
tok = AccessToken.objects.create(user=self.test_user,
token='1234567890',
application=self.application,
scope='read write',
expires=timezone.now() +
datetime.timedelta(days=1))
auth_headers = {
'HTTP_AUTHORIZATION': 'Bearer ' + tok.token,
}
make_writer_response = self.client.post(
reverse('users:test_make_writer',
kwargs={'username': self.test_user.username}),
**auth_headers)
self.assertEquals(make_writer_response.status_code, status.HTTP_200_OK)
with open(
os.path.join(os.path.dirname(__file__),
'test_images/create_post.png'),
'rb') as create_post_image:
self.create_post_data = {
'post_heading': 'This is a test heading',
'post_heading_image': create_post_image,
'post_body': 'This is a test body.',
'read_duration': '1',
'tag': 'UX',
}
create_post_response = self.client.post(
reverse('posts:create_post'),
data=self.create_post_data,
**auth_headers)
self.assertEquals(create_post_response.status_code,
status.HTTP_200_OK)
tag_posts_response = self.client.get(
reverse('posts:view_tag_posts', kwargs={'tag_name': 'UX'}),
**auth_headers)
self.assertEquals(tag_posts_response.status_code, status.HTTP_200_OK)
create_comment_response = self.client.post(
reverse('posts:create_comment',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
data={'comment': 'This is a test comment.'},
**auth_headers)
self.assertEquals(create_comment_response.status_code,
status.HTTP_200_OK)
view_post_comments_response = self.client.get(
reverse('posts:view_comments',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(view_post_comments_response.status_code,
status.HTTP_200_OK)
update_post_comment_response = self.client.post(
reverse('posts:update_comment',
kwargs={
'resource_key':
view_post_comments_response.json()[0]['resource_key']
}),
data={'comment': 'This is an updated test comment.'},
**auth_headers)
self.assertEquals(update_post_comment_response.status_code,
status.HTTP_200_OK)
delete_post_comment_response = self.client.post(
reverse('posts:delete_comment',
kwargs={
'resource_key':
view_post_comments_response.json()[0]['resource_key']
}), **auth_headers)
self.assertEquals(delete_post_comment_response.status_code,
status.HTTP_200_OK)
os.remove(settings.BASE_DIR + tag_posts_response.json()[0]
['post_heading_image'].replace(settings.DOMAIN_URL, ''))
delete_post_response = self.client.post(
reverse('posts:delete_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(delete_post_response.status_code, status.HTTP_200_OK)
@tag('replies')
def test_replies(self):
tok = AccessToken.objects.create(user=self.test_user,
token='1234567890',
application=self.application,
scope='read write',
expires=timezone.now() +
datetime.timedelta(days=1))
auth_headers = {
'HTTP_AUTHORIZATION': 'Bearer ' + tok.token,
}
make_writer_response = self.client.post(
reverse('users:test_make_writer',
kwargs={'username': self.test_user.username}),
**auth_headers)
self.assertEquals(make_writer_response.status_code, status.HTTP_200_OK)
with open(
os.path.join(os.path.dirname(__file__),
'test_images/create_post.png'),
'rb') as create_post_image:
self.create_post_data = {
'post_heading': 'This is a test heading',
'post_heading_image': create_post_image,
'post_body': 'This is a test body.',
'read_duration': '1',
'tag': 'UX',
}
create_post_response = self.client.post(
reverse('posts:create_post'),
data=self.create_post_data,
**auth_headers)
self.assertEquals(create_post_response.status_code,
status.HTTP_200_OK)
tag_posts_response = self.client.get(
reverse('posts:view_tag_posts', kwargs={'tag_name': 'UX'}),
**auth_headers)
self.assertEquals(tag_posts_response.status_code, status.HTTP_200_OK)
create_comment_response = self.client.post(
reverse('posts:create_comment',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
data={'comment': 'This is a test comment.'},
**auth_headers)
self.assertEquals(create_comment_response.status_code,
status.HTTP_200_OK)
view_post_comments_response = self.client.get(
reverse('posts:view_comments',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(view_post_comments_response.status_code,
status.HTTP_200_OK)
create_reply_response = self.client.post(
reverse('posts:create_reply',
kwargs={
'resource_key':
view_post_comments_response.json()[0]['resource_key']
}),
data={'reply': 'This is a test reply.'},
**auth_headers)
self.assertEquals(create_reply_response.status_code,
status.HTTP_200_OK)
view_post_replies_response = self.client.get(
reverse('posts:view_replies',
kwargs={
'resource_key':
view_post_comments_response.json()[0]['resource_key']
}), **auth_headers)
self.assertEquals(view_post_replies_response.status_code,
status.HTTP_200_OK)
update_reply_response = self.client.post(
reverse('posts:update_reply',
kwargs={
'resource_key':
view_post_replies_response.json()[0]['resource_key']
}),
data={'reply': 'This is an updated test reply.'},
**auth_headers)
self.assertEquals(update_reply_response.status_code,
status.HTTP_200_OK)
delete_reply_response = self.client.post(
reverse('posts:delete_reply',
kwargs={
'resource_key':
view_post_replies_response.json()[0]['resource_key']
}), **auth_headers)
self.assertEquals(delete_reply_response.status_code,
status.HTTP_200_OK)
os.remove(settings.BASE_DIR + tag_posts_response.json()[0]
['post_heading_image'].replace(settings.DOMAIN_URL, ''))
delete_post_response = self.client.post(
reverse('posts:delete_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(delete_post_response.status_code, status.HTTP_200_OK)
@tag('bookmarks')
def test_bookmarks(self):
tok = AccessToken.objects.create(user=self.test_user,
token='1234567890',
application=self.application,
scope='read write',
expires=timezone.now() +
datetime.timedelta(days=1))
auth_headers = {
'HTTP_AUTHORIZATION': 'Bearer ' + tok.token,
}
make_writer_response = self.client.post(
reverse('users:test_make_writer',
kwargs={'username': self.test_user.username}),
**auth_headers)
self.assertEquals(make_writer_response.status_code, status.HTTP_200_OK)
with open(
os.path.join(os.path.dirname(__file__),
'test_images/create_post.png'),
'rb') as create_post_image:
self.create_post_data = {
'post_heading': 'This is a test heading',
'post_heading_image': create_post_image,
'post_body': 'This is a test body.',
'read_duration': '1',
'tag': 'UX',
}
create_post_response = self.client.post(
reverse('posts:create_post'),
data=self.create_post_data,
**auth_headers)
self.assertEquals(create_post_response.status_code,
status.HTTP_200_OK)
tag_posts_response = self.client.get(
reverse('posts:view_tag_posts', kwargs={'tag_name': 'UX'}),
**auth_headers)
self.assertEquals(tag_posts_response.status_code, status.HTTP_200_OK)
create_bookmark_response = self.client.post(
reverse('posts:create_bookmark',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(create_bookmark_response.status_code,
status.HTTP_200_OK)
view_bookmarks_response = self.client.get(
reverse('posts:view_bookmarks'), **auth_headers)
self.assertEquals(view_bookmarks_response.status_code,
status.HTTP_200_OK)
delete_bookmark_response = self.client.post(
reverse('posts:delete_bookmark',
kwargs={
'resource_key':
view_bookmarks_response.json()[0]['resource_key']
}), **auth_headers)
self.assertEquals(delete_bookmark_response.status_code,
status.HTTP_200_OK)
os.remove(settings.BASE_DIR + tag_posts_response.json()[0]
['post_heading_image'].replace(settings.DOMAIN_URL, ''))
delete_post_response = self.client.post(
reverse('posts:delete_post',
kwargs={'slug': tag_posts_response.json()[0]['slug']}),
**auth_headers)
self.assertEquals(delete_post_response.status_code, status.HTTP_200_OK)
class AccountEndpointTest(TestCaseUtils, TestCase):
def setUp(self):
self.client = APIClient()
self.user = User.objects.create_user("Foo", "Bar", "*****@*****.**", "123456")
self.user.is_active = True
self.user.save()
self.dev_user = User.objects.create_user("Foo", "Bar1", "*****@*****.**", "123456")
self.dev_user.is_active = True
self.dev_user.save()
self.application = Application(
name="Test Application",
user=self.dev_user,
client_type=Application.CLIENT_PUBLIC,
authorization_grant_type=Application.GRANT_PASSWORD,
)
self.application.save()
token_request_data = {
'grant_type': 'password',
'username': '******',
'password': '******'
}
auth_headers = self.get_basic_auth_header(self.application.client_id, self.application.client_secret)
response = self.client.post(reverse('oauth2_provider:token'), data=token_request_data, **auth_headers)
content = json.loads(response.content.decode("utf-8"))
self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + content['access_token'])
def tearDown(self):
self.application.delete()
self.user.delete()
self.dev_user.delete()
def test_add_new_account(self):
"""
test get user information
"""
response = self.client.post('/api/v1/account/', {
'name': 'Test Business',
'user': self.user.id,
'metadata': "{'address': '24 JUMP STREET'}"
})
self.assertEqual(response.status_code, 201)
content = json.loads(response.content.decode("utf-8"))
self.assertTrue('name' in content)
self.assertTrue('metadata' in content)
self.assertTrue('user' in content)
def test_get_business_account_user(self):
"""
it should returns account info after created via POST
"""
response = self.client.post('/api/v1/account/', json.dumps({
'name': 'Test Business',
'user': self.user.id,
'metadata': {'address': '24 JUMP STREET'}
}))
self.assertEqual(response.status_code, 201)
response = self.client.get('/api/v1/users/get_user/')
self.assertEqual(response.status_code, 200)
content = json.loads(response.content.decode("utf-8"))
self.assertTrue('user' in content)
self.assertTrue('first_name' in content['user'])
self.assertTrue('last_name' in content['user'])
self.assertTrue('address' in content['user'])
self.assertTrue('account' in content['user'])
# check if account information exists
self.assertTrue('name' in content['user']['account'])
self.assertTrue('metadata' in content['user']['account'])
def test_get_business_account_user(self):
response = self.client.get('/api/v1/users/get_user/')
self.assertEqual(response.status_code, 200)
content = json.loads(response.content.decode("utf-8"))
self.assertTrue('user' in content)
self.assertTrue('first_name' in content['user'])
self.assertTrue('last_name' in content['user'])
self.assertTrue('address' in content['user'])
self.assertTrue('account' in content['user'])
self.assertEqual({}, content['user']['account'])
def test_update_business_account(self):
response = self.client.post('/api/v1/account/', {
'name': 'Test Business',
'user': self.user.id,
'metadata': "{'address': '24 JUMP STREET'}"
})
self.assertEqual(response.status_code, 201)
content = json.loads(response.content.decode("utf-8"))
response = self.client.put('/api/v1/account/' + str(content['id']) + '/', {
'name': 'Test Business 1',
'user': self.user.id,
'metadata': "{'address': '24 JUMP STREET'}"
})
self.assertEqual(response.status_code, 200)
content = json.loads(response.content.decode("utf-8"))
self.assertEqual(content['name'], 'Test Business 1')
def test_delete_business_account(self):
response = self.client.post('/api/v1/account/', {
'name': 'Test Business',
'user': self.user.id,
'metadata': "{'address': '24 JUMP STREET'}"
})
self.assertEqual(response.status_code, 201)
content = json.loads(response.content.decode("utf-8"))
response = self.client.delete('/api/v1/account/' + str(content['id']) + '/')
self.assertTrue(Account.objects.filter().count() == 0)
def test_add_business_account_failed(self):
self.client.credentials()
response = self.client.post('/api/v1/account/', {
'name': 'Test Business',
'user': self.user.id,
'metadata': "{'address': '24 JUMP STREET'}"
})
self.assertEqual(response.status_code, 401)
def test_update_business_account_failed(self):
response = self.client.post('/api/v1/account/', {
'name': 'Test Business',
'user': self.user.id,
'metadata': "{'address': '24 JUMP STREET'}"
})
self.assertEqual(response.status_code, 201)
content = json.loads(response.content.decode("utf-8"))
self.client.credentials()
response = self.client.put('/api/v1/account/' + str(content['id']) + '/', {
'name': 'Test Business 1',
'user': self.user.id,
'metadata': "{'address': '24 JUMP STREET'}"
})
self.assertEqual(response.status_code, 401)
content = json.loads(response.content.decode("utf-8"))
self.assertTrue(content['detail'], 'Authentication credentials were not provided.')
