def test_add_two_users_with_same_email(self, api_client: ApiClient): """Test that it is impossible to create two users with same email Steps: - Make request to application with path /api/add_user and JSON in valid format - Make another request to application with path /api/add_user but different username and password Expected results: Status code for the first request is in 200-300 range Status code for the first request is in 400-500 range """ username, email, password = make.auth_data() username2, _, password2 = make.auth_data(email=email) with allure.step( 'Add the first user and check status code is in range 200 to 300' ): response = api_client.add_user(username=username, email=email, password=password) attach_http(response, '1') assert response.status_code in range(200, 300) with allure.step( 'Add the second user and check status code is in range 400 to 500' ): response2 = api_client.add_user(username=username2, email=email, password=password2) attach_http(response2, '2') assert response2.status_code in range(400, 500)
def test_added_users(self, username, email, password, api_client: ApiClient): """Tests that users blocked Steps: - Make request to application with path /api/add_user and JSON in valid format - Make request to application with path /api/block_user/<username> - Make request to application with path /api/block_user/<username> again Expected results: Status code for the first request is in 200-300 range Status code for the second request is 200 Status code for the third request is 304 """ response = api_client.add_user(username=username, email=email, password=password) attach_http(response, '1') if response.status_code not in range(200, 300): raise Exception('there was error with add_user function') with allure.step('Block user'): response2 = api_client.block_user(username) attach_http(response2, '2') assert response2.status_code == status_codes.OK with allure.step('Block user again'): response3 = api_client.block_user(username) attach_http(response3, '3') assert response3.status_code == status_codes.NOT_CHANGED
def test_valid_credentials(self, username, email, password, api_client: ApiClient): """Test add_user API function with valid credentials Steps: - Make request to application with path /api/add_user. JSON in valid format like {"username": "******", "email": "*****@*****.**", "password": "******"} Expected results: Response status code is 201 """ response = api_client.add_user(username=username, email=email, password=password) assert response.status_code == 201
def test_add_user_negative(self, username, email, password, mysql_client: MysqlClient, api_client: ApiClient): """Test status code of API function 'add_user' Steps: Call 'add_user' with some credentials and check record with these credentials in the users' table Expected results: Status code is 400 and record with these credentials no exists in the users' table or another status code and the record exists """ response = api_client.add_user(username, email, password) record = mysql_client.get_record(username) assert response.status_code == 400 and record is None \ or record == Record(username, email, password, 1, 0, None)
def test_authorize_after_add(self, authorization_page: AuthorizationPage, api_client: ApiClient): """Test that user, created by API, can authorize properly Steps: - Make request to application with path /api/add_user and JSON in valid format - Try to authorize with the same credentials Expected results: Response status code is 200 for API request User succeed to authorize """ username, email, password = make.auth_data() response = api_client.add_user(username=username, email=email, password=password) assert response.status_code in range(200, 300) try: authorization_page.authorize(username=username, password=password) except WebDriverException as err: raise AssertionError from err
def test_integrity(self, username, email, password, authorization_page: AuthorizationPage, api_client: ApiClient): """Test integrity of add_user API function and authorization Steps: - Make request to application with path /api/add_user and JSON in valid format like {"username": "******", "email": "*****@*****.**", "password": "******"} - Try to authorize to the site with the same credentials Expected results: If request to /api/add_user has status code 400 or more, user mustn't be able to authorize to the site with these credentials In other cases user must be able to authorize to the site with these credentials """ response = api_client.add_user(username=username, email=email, password=password) if response.status_code >= 400: with allure.step( "'add_user' not succeed. Check that authorization will not succeed" ): with pytest.raises(AuthorizationError): authorization_page.authorize(username=username, password=password) else: with allure.step( "'add_user' succeed. Check that authorization will succeed" ): try: authorization_page.authorize(username=username, password=password) except AuthorizationError as err: allure.attach.file( authorization_page.make_screenshot( 'not_succeed_authorization'), attachment_type=allure.attachment_type.PNG, name='not_succeed_authorization.png') raise AssertionError from err # to mark test as failed, not broken
def test_scenario_single_user(self, api_client: ApiClient, mysql_client: MysqlClient, authorization_page: AuthorizationPage): """Test scenario for API Steps: 0 Generate credentials 1 Add user via API 2 Delete user via API 3 Add user via API 4 Accept user via API 5 Block user via API 6 Accept user via API 7 Authorize user via API 8 Logout 9 Block user via API 0 Try to authorize user Expected results: Step 1: database table has record with these credentials and values `access` = 1, `active` = 0, `start_active_time` = None Step 2: record does not exist for this username Steps 3-4: database table has record with these credentials and values `access` = 1, `active` = 0, `start_active_time` = None Step 5: `access` = 0, no other changes Step 6: `access` = 1, no other changes Step 7: User succeeds to authorize, `active` changed to 1, start_active_time changed and almost equal time.time(), no other changes Step 8: `active` = 0, no other changes Step 9: `access` = 0, no other changes Step 10: User doesn't succeed to authorize, the record doesn't changed """ username, email, password = make.auth_data() with allure.step('Add user'): api_client.add_user(username=username, email=email, password=password) record = mysql_client.get_record(username) assert record is not None assert record == Record(username, email, password, 1, 0, None) with allure.step('Del user'): api_client.del_user(username=username) assert mysql_client.get_record( username) is None # record not exists with allure.step('Add user'): api_client.add_user(username=username, email=email, password=password) record = mysql_client.get_record(username) assert record is not None assert record == Record(username, email, password, 1, 0, None) with allure.step('Accept user'): api_client.accept_user(username=username) record = mysql_client.get_record(username) assert record is not None assert record == Record(username, email, password, 1, 0, None) # no changes with allure.step('Block user'): api_client.block_user(username=username) record = mysql_client.get_record(username) assert record is not None assert record == Record(username, email, password, 0, 0, None) # access = 0 with allure.step('Accept user'): api_client.accept_user(username=username) record = mysql_client.get_record(username) assert record is not None assert record == Record(username, email, password, 1, 0, None) with allure.step('Authorize user'): main_page = authorization_page.authorize(username, password) record = mysql_client.get_record(username) start_time = time.time() assert record is not None assert record == Record(username, email, password, 1, 1, start_time) # active = 1 with allure.step('Logout'): main_page.logout() assert record is not None assert record == Record(username, email, password, 1, 0, start_time) # active = 0 with allure.step('Block user'): api_client.block_user(username=username) record = mysql_client.get_record(username) assert record is not None assert record == Record(username, email, password, 0, 0, start_time) # access = 0 with allure.step('Authorize user (who is blocked)'): with pytest.raises(AuthorizationError): authorization_page.authorize(username, password) record = mysql_client.get_record(username) assert record is not None assert record == Record(username, email, password, 0, 0, start_time) # no changes
def test_scenario2(api_client: ApiClient): """Test scenario with several requests Steps: 0 Generate credentials 1 Delete user via del_user API function (user not exists) 2 Block user via block_user API function (user not exists) 3 Accept user via accept_user API function (user not exists) 4 Add user via add_user API function with credentials 5 Accept user via accept_user API function 6 Block user via block_user API function 7 Block user via block_user API function 8 Accept user via accept_user API function 9 Accept user via accept_user API function 0 Delete user via del_user API function 1 Add user via add_user API function with the same credentials 2 Add user via add_user API function 3 Add user via add_user API function with different email 4 Add user via add_user API function with different username Expected results: Steps 1-3 fail, status code 404 Step 4 succeed, status code 201 Step 5 status code 304 Step 6 status code 200 Step 7 status code 304 Step 8 status code 200 Step 9 status code 304 Step 10 status code 204 Step 11 status code 201 Step 12 status code 304 Step 13 status code 304 Step 14 status code 304 """ username = '******' email = '*****@*****.**' password = '******' with allure.step(f"Del user {username} who doesn't exist"): response = api_client.del_user(username) attach_http(response) assert response.status_code == status_codes.NOT_EXIST with allure.step(f"Block user {username} who doesn't exist"): response = api_client.block_user(username) attach_http(response) assert response.status_code == status_codes.NOT_EXIST with allure.step(f"Accept user {username} who doesn't exist"): response = api_client.accept_user(username) attach_http(response) assert response.status_code == status_codes.NOT_EXIST with allure.step( f'Add user with credentials ({username}, {email}, {password})'): response = api_client.add_user(username=username, email=email, password=password) attach_http(response) assert response.status_code == status_codes.CREATED with allure.step(f"Accept user {username}"): response = api_client.accept_user(username) attach_http(response) assert response.status_code == status_codes.NOT_CHANGED with allure.step(f"Block user {username}"): response = api_client.block_user(username) attach_http(response) assert response.status_code == status_codes.OK with allure.step(f"Block user {username} again"): response = api_client.block_user(username) attach_http(response) assert response.status_code == status_codes.NOT_CHANGED with allure.step(f"Accept user {username}"): response = api_client.accept_user(username) attach_http(response) assert response.status_code == status_codes.OK with allure.step(f"Accept user {username}"): response = api_client.accept_user(username) attach_http(response) assert response.status_code == status_codes.NOT_CHANGED with allure.step(f"Del user {username}"): response = api_client.del_user(username) attach_http(response) assert response.status_code == status_codes.DELETED with allure.step( f'Add user with credentials ({username}, {email}, {password})'): response = api_client.add_user(username=username, email=email, password=password) attach_http(response) assert response.status_code == status_codes.CREATED with allure.step( f'Try to add user with credentials ({username}, {email}, {password})' ): response = api_client.add_user(username=username, email=email, password=password) attach_http(response) assert response.status_code == status_codes.NOT_CHANGED with allure.step( f'Try to add user with credentials ({username}, {email}, {password})' ): response = api_client.add_user(username=username, email='a' + email, password=password) attach_http(response) assert response.status_code == status_codes.NOT_CHANGED with allure.step( f'Try to add user with credentials ({username}, {email}, {password})' ): response = api_client.add_user(username='******' + username, email=email, password=password) attach_http(response) assert response.status_code == status_codes.NOT_CHANGED