def test_delete(self):
headers = {'Authorization': self.token}
t_data = deepcopy(self.test_data)
t_data['username'] = '******'
t_data['email'] = '*****@*****.**'
t_data['password'] = '******'
t_user = User(**t_data)
t_user.save()
user = User.get_by_id(self.id)
response = test_app.delete(f'/api/v1/user/{str(t_user.id)}',
headers=headers,
content_type='application/json')
tools.assert_equals(response.status_code, 500)
tools.assert_equals(json.loads(response.data)['data'],
{'msg': 'user don\'t has authority'})
user.level = 9
user.save()
response = test_app.delete(f'/api/v1/user/{str(t_user.id)}',
headers=headers,
content_type='application/json')
json_resp = json.loads(response.data)
tools.assert_equals(response.status_code, 200)
tools.assert_equals(json_resp.get('data'),
{'msg': 'SUCCESS'})
def test_put(self):
headers = {'Authorization': self.token}
t_data = deepcopy(self.test_data)
t_data['username'] = '******'
t_data['email'] = '*****@*****.**'
t_data['password'] = '******'
t_user = User(**t_data)
t_user.save()
data = json.dumps(t_data)
user = User.get_by_id(self.id)
user.level = 1
user.save()
response = test_app.put(f'/api/v1/user/{str(t_user.id)}',
data=data,
headers=headers,
content_type='application/json')
json_resp = json.loads(response.data)
tools.assert_equals(response.status_code, 403)
tools.assert_equals(json.loads(response.data)['data'],
{'msg': 'Don\'t have authority'})
user.level = 9
user.save()
t_data['username'] = '******'
data = json.dumps(t_data)
response = test_app.put(f'/api/v1/user/{str(t_user.id)}',
data=data,
headers=headers,
content_type='application/json')
tools.assert_equals(response.status_code, 403)
tools.assert_equals(json.loads(response.data)['data'],
{'msg': 'Can\'t modify username'})
t_data['password'] = '******'
t_data['username'] = '******'
data = json.dumps(t_data)
response = test_app.put(f'/api/v1/user/{str(t_user.id)}',
data=data,
headers=headers,
content_type='application/json')
json_resp = json.loads(response.data)
tools.assert_equals(response.status_code, 200)
tools.assert_is_not_none(json_resp.get('data'))
self.username = t_data.get('username')
self.password = t_data.get('password')
self.__test_login()
def test_post(self):
headers = {'Authorization': self.token}
t_data = deepcopy(self.test_data)
t_data['username'] = '******'
t_data['email'] = '*****@*****.**'
data = json.dumps(t_data)
user = User.get_by_id(self.id)
user.level = 1
user.save()
response = test_app.post('/api/v1/user',
data=data,
headers=headers,
content_type='application/json')
tools.assert_equals(response.status_code, 500)
tools.assert_equals(json.loads(response.data).get('data'),
{'msg': "user don't has authority"})
user.level = 9
user.save()
response = test_app.post('/api/v1/user',
data=data,
headers=headers,
content_type='application/json')
json_resp = json.loads(response.data)
tools.assert_equals(response.status_code, 200)
tools.assert_is_not_none(json_resp.get('data'))
tools.assert_is_not_none(json_resp.get('data').get('id'))
def change_user_level(self, level=9):
"""
测试修改用户权限
"""
user = User.get_by_id(self.id)
user.level = level
user.save()
def __test_save(self):
user = User(**self.test_data)
user.password = util.md5(user.password)
user.email = 'email'
# user.save(
with tools.assert_raises(mongoengine.errors.ValidationError):
user = user.save()
tools.assert_is_none(user.id)
user = User(**self.test_data)
user.password = util.md5(user.password)
user.save()
tools.assert_is_not_none(user.id)
self.id = str(user.id)
self.username = user.username
self.password = self.test_data['password']
def test_login(cls, test_data=None):
"""
测试登录是否成功,返回access_token
"""
if test_data is None:
test_data = user_data
user = User(**test_data)
user.password = util.md5(user.password)
user.save()
cls.user = user
test_user = {
'username': user.username,
'password': test_data.get('password', '')
}
data = json.dumps(test_user)
response = test_app.post('/api/v1/login',
data=data,
content_type='application/json')
json_resp = json.loads(response.data)
cls.id = str(user.id)
cls.token = f'JWT {json_resp["data"]["access_token"]}'
def test_article_put(self):
"""
测试edited_article的put接口
1、测试登录认证
2、测试权限问题,普通用户不能提交
"""
user = User.get_by_id(self.user_id)
user.level = 1
user.save()
headers = {'Authorization': self.token}
t_data = deepcopy(self.test_data2)
t_user_data = deepcopy(self.test_data1)
t_article = Article.get_by_id(str(self.article_id_list[0]))
t_user_data['username'] = '******'
t_user_data['email'] = '*****@*****.**'
t_user = User(**t_user_data)
t_user.save()
t_data['author'] = str(t_user.id)
t_data.pop('added')
data = json.dumps(t_data)
response = test_app.put(f'/api/v1/article/{str(t_article.id)}',
data=data,
headers=headers,
content_type='application/json')
tools.assert_equals(response.status_code, 500)
tools.assert_equals(json.loads(response.data)['data'],
{'msg': 'user don\'t has authority'})
user = User.get_by_id(self.user_id)
user.level = 9
user.save()
response = test_app.put(f'/api/v1/article/{str(t_article.id)}',
data=data,
headers=headers,
content_type='application/json')
json_resp = json.loads(response.data)
tools.assert_equals(response.status_code, 200)
tools.assert_is_not_none(json_resp.get('data'))
tools.assert_is_not_none(json_resp.get('data').get('id'))
t_user.delete()
def test_me(self):
headers = {'Authorization': self.token}
response = test_app.get('/api/v1/user/me', headers=headers)
tools.assert_equals(response.status_code, 200)
json_resp = json.loads(response.data)
user_data = json_resp.get('data')
user = User.get_by_id(self.id)
tools.assert_equals(user_data, user.api_response())
tools.assert_is_none(user_data.get('password'))
headers = {'Authorization': self.token + 'aaaa'}
response = test_app.get('/api/v1/user/me')
tools.assert_equals(response.status_code, 401)
response = test_app.get('/api/v1/user/me', headers=headers)
tools.assert_equals(response.status_code, 401)
def test_article_post(self):
"""
测试edited_article的post接口
1、测试登录认证
2、测试权限问题,普通用户不能提交
"""
headers = {'Authorization': self.token + 'aaaa'}
response = test_app.post('/api/v1/article')
tools.assert_equals(response.status_code, 401)
response = test_app.post('/api/v1/article', headers=headers)
tools.assert_equals(response.status_code, 401)
headers = {'Authorization': self.token}
t_data = deepcopy(self.test_data2)
t_data.pop('added')
data = json.dumps(t_data)
user = User.get_by_id(self.user_id)
user.level = 1
user.save()
response = test_app.post('/api/v1/article',
data=data,
headers=headers,
content_type='application/json')
tools.assert_equals(response.status_code, 500)
tools.assert_equals(json.loads(response.data)['data'],
{'msg': "user don't has authority"})
user.level = 9
user.save()
response = test_app.post('/api/v1/article',
data=data,
headers=headers,
content_type='application/json')
json_resp = json.loads(response.data)
tools.assert_equals(response.status_code, 200)
tools.assert_is_not_none(json_resp.get('data'))
tools.assert_is_not_none(json_resp.get('data').get('id'))
def teardown_class(self):
temp = User.objects(username='******').first()
if temp:
temp.delete()
def teardown_class(self):
User.objects().delete()
for id in self.article_id_list:
articles = Article.objects(id=id).first()
if articles:
articles.delete()