def index(request):
'''
Supports the index of a users account and the post for a single account
'''
user = request.user
if request.method == "POST":
if teller_permission(user):
data = decode_json_content(request.body)
data = {camel_case_to_snake(key): data[key] for key in data}
data["user_id"] = data["user"]
del data["user"]
data['creator'] = user
data['balance'] = float(data.get('balance', 0))
Account.objects.create(**data)
return JsonResponse({}, status=201)
else:
return JsonResponse({}, status=403)
if user.is_anonymous:
return JsonResponse([], status=200, safe=False)
serialized_q = serialize_accounts(
user.account_set.extra(select={
'lower_name': 'lower(name)'
}).order_by('lower_name').all())
return JsonResponse(serialized_q, status=200, safe=False)
def create_user(request):
"""
Creates a user based on a request
"""
try:
data = decode_json_content(request.body)
if "password2" in data:
del data["password2"]
data = {
camel_case_to_snake(key): data[key]
for key in data if data[key]
}
role = None
if data.get('role') and not manager_permission(request.user):
return JsonResponse({}, status=403)
elif data.get('role'):
role = data['role']
del data['role']
user = User.objects.create_user(**data)
if role in PERMISSION_CLASSES:
user.user_permissions.add(PERMISSION_CLASSES[role])
return JsonResponse({}, status=200)
except TypeError as e:
return JsonResponse({}, status=422)
def test_does_not_return_other_users_account(self):
'''
Should not return other users accounts
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
account = Account.objects.create(
user=user,
balance=1000,
name="John's private account",
address="New York",
phone_number="9176910399",
creator=user
)
account = Account.objects.create(
user=user,
balance=1000,
name="John's public account",
address="New York",
phone_number="9176910399",
creator=user
)
user2 = User.objects.create_user(
'jack',
'*****@*****.**',
'johnpassword'
)
request = MockRequest(user=user2)
response = index(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(decode_json_content(response.content)), 0)
def post(request):
user = request.user
if user.is_anonymous:
account_ids = []
else:
account_ids = user.account_set.values_list('id', flat=True)
data = decode_json_content(request.body)
data = {
camel_case_to_snake(key): data[key]
for key in data
}
data['creator'] = user
data['amount'] = float(data['amount'])
if "account_to" in data:
data["account_to_id"] = data["account_to"]
del data["account_to"]
if "account_from" in data:
data["account_from_id"] = data["account_from"]
del data["account_from"]
if (
teller_permission(user) or
(
data.get("transaction_type") == "transfer" and
int(data.get("account_to_id")) in account_ids and
int(data.get("account_from_id")) in account_ids
)
):
Transaction.objects.create(**data)
return JsonResponse({}, status=201)
else:
return JsonResponse({}, status=403)
def test_gets_users_accounts(self):
'''
An user should have accounts
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
account = Account.objects.create(
user=user,
balance=1000,
name="John's private account",
address="New York",
phone_number="9176910399",
creator=user
)
account = Account.objects.create(
user=user,
balance=1000,
name="John's public account",
address="New York",
phone_number="9176910399",
creator=user
)
request = MockRequest(user=user)
response = index(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(decode_json_content(response.content)), 2)
def test_gets_account_detail_if_user_is_teller_or_above(self, mock_permission):
'''
Teller can see other people's accounts
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
account = Account.objects.create(
user=user,
balance=1000,
name="John's private account",
address="New York",
phone_number="9176910399",
creator=user
)
user2 = User.objects.create_user(
'jack',
'*****@*****.**',
'johnpassword'
)
request = MockRequest(user=user2)
response = detail(request, account.id)
self.assertEqual(response.status_code, 200)
self.assertEqual(decode_json_content(response.content)['id'], account.id)
def test_anon_user_has_no_accounts(self):
'''
An anon user should have no accounts
'''
request = MockRequest(user=AnonymousUser)
response = index(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(decode_json_content(response.content)), 0)
def test_it_returns_data_if_no_user(self):
'''
A request should indicate if there is no user
'''
request = MockRequest(AnonymousUser())
response = data(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(
decode_json_content(response.content)['loggedIn'],
False
)
def test_user_is_a_customer(self):
'''
Returns permissions for a customer
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
request = MockRequest(user)
response = data(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(
decode_json_content(response.content)['isManager'],
False
)
self.assertEqual(
decode_json_content(response.content)['isTeller'],
False
)
def test_user_is_a_manager(self):
'''
return permissions for a manager
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
user.user_permissions.add(MANAGER)
request = MockRequest(user)
response = data(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(
decode_json_content(response.content)['isManager'],
True
)
self.assertEqual(
decode_json_content(response.content)['isTeller'],
True
)
def test_empty_string_for_username_of_anon(self):
'''
A request should have an empty string as a name if
the user was AnonymousUser
'''
request = MockRequest(AnonymousUser())
response = data(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(
decode_json_content(response.content)['username'],
''
)
def login_user(request):
"""
Log in a user. Returns 400 for an invalid user.
"""
data = decode_json_content(request.body)
username = data.get("username", "")
password = data.get("password", "")
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
return JsonResponse({}, status=200)
else:
return JsonResponse({}, status=400)
def test_returns_nothing_if_user_does_not_have_accounts(self):
'''
An user should be able to have no accounts
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
request = MockRequest(user=user)
response = index(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(decode_json_content(response.content)), 0)
def test_it_returns_data_if_a_user(self):
'''
A request should indicate if there is a user
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
request = MockRequest(user)
response = data(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(
decode_json_content(response.content)['loggedIn'],
True
)
def test_it_returns_username(self):
'''
A request should have username as name
if there is one.
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
request = MockRequest(user)
response = data(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(
decode_json_content(response.content)['username'],
'john'
)
def test_teller_can_view_all_accounts(self, mock_permission):
'''
Should return all accounts
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
account = Account.objects.create(
user=user,
balance=1000,
name="John's private account",
address="New York",
phone_number="9176910399",
creator=user
)
user2 = User.objects.create_user(
'jack',
'*****@*****.**',
'johnpassword'
)
account = Account.objects.create(
user=user2,
balance=1000,
name="John's public account",
address="New York",
phone_number="9176910399",
creator=user
)
user3 = User.objects.create_user(
'fred',
'*****@*****.**',
'johnpassword'
)
response = self.client.get(reverse('accounts:manage_index'))
self.assertEqual(response.status_code, 200)
self.assertEqual(len(decode_json_content(response.content)), 2)
def test_gets_account_detail_if_user_owns_account(self, mock_permission):
'''
User can see his own account
'''
user = User.objects.create_user(
'john',
'*****@*****.**',
'johnpassword'
)
self.client.force_login(user)
account = Account.objects.create(
user=user,
balance=1000,
name="John's private account",
address="New York",
phone_number="9176910399",
creator=user
)
request = MockRequest(user=user)
response = detail(request, account.id)
self.assertEqual(response.status_code, 200)
self.assertEqual(decode_json_content(response.content)['id'], account.id)