def test_givers_and_is_answer_flag(self):
deck = factories.CardFactory(type=Card.DECK, is_ask_mode_enabled=True)
self.db.session.add(deck)
self.db.session.commit()
question_creator = User(username='******')
self.db.session.add(question_creator)
question = Card(type=Card.TEXT,
parent_id=deck.id,
position=0,
is_answer=False,
creator=question_creator)
self.db.session.add(question)
giver1 = User(username='******')
self.db.session.add(giver1)
answer = Card(type=Card.TEXT,
parent_id=deck.id,
creator=giver1,
position=1,
is_answer=True)
self.db.session.add(answer)
answer1 = Card(type=Card.TEXT,
parent_id=deck.id,
creator=giver1,
position=2,
is_answer=True)
self.db.session.add(answer1)
question1 = Card(type=Card.TEXT,
parent_id=deck.id,
position=3,
is_answer=False,
creator=question_creator)
self.db.session.add(question1)
self.db.session.commit()
res = deck.to_dict()
self.assertEqual(len(res['givers']), 1)
self.assertEqual(res['givers'][0]['user_id'], giver1.id)
#check if children elements has correct flag is_answer
children = res['children']
self.assertEqual(len(children), 4)
self.assertEqual(children[0]['id'], question.id)
self.assertEqual(children[0]['is_answer'], False)
self.assertEqual(children[1]['id'], answer.id)
self.assertEqual(children[1]['is_answer'], True)
self.assertEqual(children[2]['id'], answer1.id)
self.assertEqual(children[2]['is_answer'], True)
self.assertEqual(children[3]['id'], question1.id)
self.assertEqual(children[3]['is_answer'], False)
def test_signin_success(self):
self.user = User(username='******', email='*****@*****.**', password='******')
self.db.session.add(self.user)
self.db.session.commit()
data = {
'email': '*****@*****.**'
}
response = self.client.post('/api/v1/auth/signin', data=json.dumps(data), content_type='application/json')
self.assertEqual(response.status, '200 OK')
data = json.loads(response.data)
self.assertEqual(data['user']['id'], self.user.id)
self.assertEqual(data['auth_token'], self.user.get_auth_token())
def setUp(self):
super(SetAskersTestCase, self).setUp()
# input data
self.owner = User(username='******')
self.db.session.add(self.owner)
self.deck = Card(type=Card.DECK,
name='test_deck',
creator=self.owner,
is_ask_mode_enabled=True)
self.db.session.add(self.deck)
self.asker = User(username='******')
self.db.session.add(self.asker)
self.db.session.commit()
self.asker_ids = None
def test_success(self):
deck = Card(evaluation_period_status=card_module.EVALUATION_PERIOD_STATUS_DONE)
self.db.session.add(deck)
user = User()
self.db.session.add(user)
ucr = UserRoleCard(user=user, card=deck, role_id=card_role.CardRole.ASKED, total_likes=10, prize=100)
self.db.session.add(ucr)
self.db.session.commit()
data = {
'deck_id': deck.id
}
response = self.client.get('/api/v1/deck/get_winners', query_string=data, content_type='application/json')
self.assertEqual(response.status, '200 OK')
res = flask.json.loads(response.data)
total_likes = res['total_likes']
self.assertEqual(total_likes, 10)
winners = res['winners']
self.assertEqual(len(winners), 1)
it = winners[0]
self.assertEqual(it['user_id'], user.id)
self.assertEqual(it['likes'], 10)
self.assertEqual(it['likes_relative'], 100)
self.assertEqual(it['prize'], 100)
def create_inactive_user(self, username, email):
user = User(username=username,
email=email,
active=False,
verification_code=generate_verification_code())
self.db.session.add(user)
return user
def call_target(self):
self.owner = User(username='******')
self.db.session.add(self.owner)
self.deck = Card(type=Card.DECK,
name='test_deck',
creator=self.owner,
is_ask_mode_enabled=True,
silver_points=self.deck_silver_points,
prize_to_join=10)
self.db.session.add(self.deck)
self.db.session.commit()
self.join_user = self.user
ucr = UserRoleCard(user_id=self.join_user.id,
role_id=CardRole.JOINED,
card_id=self.deck.id)
self.db.session.add(ucr)
self.db.session.commit()
data = {'deck_id': self.deck.id}
response = self.client.post('/api/v1/deck/unjoin_ask',
data=json.dumps(data),
content_type='application/json')
self.response = response
return response
def handle_request(self, request):
try:
request_type = request.get('type')
if request_type not in self.no_auth_check_handlers:
username = request.get('auth', {}).get('username')
token = request.get('auth', {}).get('auth_token')
if not username or not token:
return construct_result(400, 'Bad request')
with Transaction() as tr:
try:
user = User.read_by_name(tr.cursor, username)
except ItemNotFoundError:
return construct_result(404, 'User not found')
if not self.auth_handler.verify_auth_token(user.user_id, token):
return construct_result(403, 'Bad auth token, you should sign in')
self.context['user_id'] = user.user_id
return self.type_to_handler.get(request_type, lambda _: construct_result(400, 'Bad request'))(request)
except KeyboardInterrupt:
raise
except Exception as e:
logging.exception('Unhandled exception during request handling occured: {}'.format(e))
return construct_result(500, 'Error occured')
def test_for_specific_user_true(self):
from lib.models import card as card_module
self.creator = User(username='******')
self.card = factories.CardFactory(type=Card.DECK,
is_ask_mode_enabled=True,
creator=self.creator)
self.viewer = factories.UserFactory()
self.card.views.append(self.viewer)
self.card.comments.append(factories.Comment(user=self.viewer))
urc = factories.UserRoleCard(card=self.card,
user=self.viewer,
prize=56)
self.db.session.add(self.card)
self.db.session.commit()
self.call_target(by_user=self.viewer)
self.assertEqual(self.result['views_count'], 1)
self.assertEqual(self.result['viewed_by_me'], True)
self.assertEqual(self.result['commented_by_me'], True)
self.assertEqual(self.result['won_by_me'], True)
def add(self, name):
prevUser = User.query.order_by(User.id.desc()).first()
id = prevUser.id + 1 if prevUser is not None else 1
user = User(id, name)
db.session.add(user)
db.session.commit()
def get_user():
username = cherrypy.session.get(SESSION_KEY, None)
if username is None:
return None
db = cherrypy.request.db
u = User.get_by_username(db, username)
return u
def setUp(self):
super(GetUserInfoTestCase, self).setUp()
user = User(id='TestUser', username='******', email='*****@*****.**', password='******')
self.db.session.add(user)
self.db.session.commit()
self.set_current_user(user)
self.user = user
self.data = {}
def test_simple_fields(self):
from lib.models import card as card_module
self.creator = User(username='******')
self.card = factories.CardFactory(type=Card.DECK,
is_ask_mode_enabled=True,
creator=self.creator)
eastern = timezone('US/Eastern')
self.card.evaluation_period_status = card_module.EVALUATION_PERIOD_STATUS_OPEN
self.card.distribution_rule = card_module.DISTRIBUTION_RULE_SPLIT_EVENLY
self.card.distribution_for = 10
self.card.evaluation_start_dt = datetime(2016,
11,
28,
9,
51,
38,
tzinfo=eastern)
self.card.evaluation_end_dt = datetime(2016,
11,
29,
9,
51,
38,
tzinfo=eastern)
self.card.answer_visibility = card_module.ANSWER_VISIBILITY_ONLY_ASKERS
self.card.scale = 3
self.card.original_prize_pool = 123
self.viewer = factories.UserFactory()
self.card.views.append(self.viewer)
self.db.session.add(self.card)
self.db.session.commit()
self.call_target()
self.assert_result()
self.joined_users = [self.creator]
self.assertEqual(self.result['evaluation_period_status'],
card_module.EVALUATION_PERIOD_STATUS_OPEN)
self.assertEqual(self.result['distribution_rule'],
card_module.DISTRIBUTION_RULE_SPLIT_EVENLY)
self.assertEqual(self.result['distribution_for'], 10)
self.assertEqual(self.result['evaluation_start_dt'],
datetime(2016, 11, 28, 9, 51, 38, tzinfo=eastern))
self.assertEqual(self.result['evaluation_end_dt'],
datetime(2016, 11, 29, 9, 51, 38, tzinfo=eastern))
self.assertEqual(self.result['answer_visibility'],
card_module.ANSWER_VISIBILITY_ONLY_ASKERS)
self.assertEqual(self.result['creator_info']['user_id'],
self.creator.id)
self.assertEqual(self.result['scale'], 3)
self.assertEqual(self.result['original_prize_pool'], 123)
self.assertEqual(self.result['views_count'], 1)
def handle_signup(self, request):
username = request.get('username')
password = request.get('password')
if not username or not password:
return construct_result(400, 'Bad request')
with Transaction() as tr:
no_users = False
try:
user = User.read_by_name(tr.cursor, username)
except ItemNotFoundError:
no_users = True
if not no_users:
return construct_result(400, 'User already exists')
User(None, username, self.auth_handler.get_password_key(password)).create_me(tr.cursor)
return construct_result()
def construct_follows_list_response(follows, followers_mode=False):
res = []
for follow in follows:
with Transaction() as tr:
try:
user_id = follow.user_id if not followers_mode else follow.follower_id
res.append(User.read_by_pk(tr.cursor, user_id).username)
except ItemNotFoundError:
continue
return res
def get_user(uname: str) -> User:
"""Get one Tellonym user"""
res = req.get(urls.USER_INFO.format(uname))
if res.status_code != 200:
return None
obj = json.loads(res.text)
return User(obj['avatarFileName'],
obj['followerCount'] + obj['anonymousFollowerCount'],
obj['followingCount'], obj['id'], obj['displayName'],
obj['username'], obj['aboutMe'], obj['likesCount'],
obj['answerCount'], obj['tellCount'], obj['isVerified'])
def test_constructorParsesDictionary(self):
# Arrange
userId = 'abc123'
role = 'admin'
dictionary = {'userId': userId, 'role': role}
# Act
user = User(dictionary)
#Assert
self.assertEqual(userId, user.userId)
self.assertEqual(role, user.role)
def setUp(self):
super(ApiBaseTestCase, self).setUp()
# create current user
self.user = User(id='DefaultCurrentUser', username='******', password='******', active=True)
self.db.session.add(self.user)
self.db.session.commit()
self.set_current_user(self.user)
# way around of flask_securirty.decorators.auth_token_required decarator
self._check_token_patcher = mock.patch('flask_security.decorators._check_token', return_value=True)
self._check_token_mock = self._check_token_patcher.start()
def construct_posts_list_response(posts):
res = []
for post in posts:
post_dict = post.to_dict()
with Transaction() as tr:
try:
post_dict['username'] = User.read_by_pk(
tr.cursor, post_dict.pop('user_id')).username
except ItemNotFoundError:
continue
res.append(post_dict)
return res
class GoogleSigninTestCase(ApiBaseTestCase):
def test_signin_success(self):
self.user = User(username='******',
email='*****@*****.**',
password='******',
silver_points=41)
self.db.session.add(self.user)
self.db.session.commit()
with mock.patch(
'app.managers.account_manager.get_google_verification_data'
) as m:
m.return_value = {'verified': True, 'email': '*****@*****.**'}
data = {'google_access_token': 'my_goolge_token'}
response = self.client.post('/api/v1/auth/google_signin',
data=json.dumps(data),
content_type='application/json')
self.assertEqual(response.status, '200 OK')
data = json.loads(response.data)
self.assertEqual(data['user']['id'], self.user.id)
self.assertEqual(data['user']['total_silver_points'], 41)
self.assertEqual(data['auth_token'], self.user.get_auth_token())
def test_signup_success(self):
with mock.patch(
'app.managers.account_manager.get_google_verification_data'
) as m:
m.return_value = {'verified': True, 'email': '*****@*****.**'}
data = {'google_access_token': 'my_goolge_token'}
response = self.client.post('/api/v1/auth/google_signin',
data=json.dumps(data),
content_type='application/json')
self.assertEqual(response.status, '200 OK')
self.user = User.query.filter(User.email == '*****@*****.**').first()
data = json.loads(response.data)
self.assertEqual(data['user']['id'], self.user.id)
self.assertEqual(data['user']['total_silver_points'], 1000)
self.assertEqual(data['auth_token'], self.user.get_auth_token())
def handle_admin_info(self, request):
with Transaction() as tr:
try:
user = User.read_by_pk(tr.cursor, self.context['user_id'])
except ItemNotFoundError:
return construct_result(404, 'User not found')
if not user.is_admin:
return construct_result(403, 'Access denied')
users = User.read_all(tr.cursor)
posts = Post.read_all(tr.cursor)
follows = Follow.read_all(tr.cursor)
return construct_result(
200,
{
'users': [user.to_dict() for user in users],
'posts': [post.to_dict() for post in posts],
'folows': [follow.to_dict() for follow in follows],
}
)
def check_credentials(username, password):
"""Verifies credentials for username and password.
Returns None on success or a string describing the error on failure"""
db = cherrypy.request.db
u = User.get_by_username(db, username)
if u is None:
return u"Username or Password is invaild. Pleas try again."
dk = hashlib.pbkdf2_hmac('sha256', password.encode(), u.salt, 100000)
binascii.hexlify(dk)
if u.hash != dk:
return u"Username or Password is invaild. Pleas try again."
def handle_get_following_users(self, request):
username = request.get('username')
if not username:
return construct_result(400, 'Bad request')
with Transaction() as tr:
try:
user = User.read_by_name(tr.cursor, username)
except ItemNotFoundError:
return construct_result(404, 'User not found')
follows = Follow.get_following_users(tr.cursor, user.user_id)
return construct_result(200, construct_follows_list_response(follows, followers_mode=True))
def handle_get_user_posts(self, request):
username = request.get('username')
if not username:
return construct_result(400, 'Bad request')
with Transaction() as tr:
try:
user = User.read_by_name(tr.cursor, username)
except ItemNotFoundError:
return construct_result(404, 'User not found')
posts = Post.get_user_posts(tr.cursor, user.user_id)
return construct_result(200, construct_posts_list_response(posts))
def handle_follow(self, request):
username_to_follow = request.get('username_to_follow')
if not username_to_follow:
return construct_result(400, 'Bad request')
with Transaction() as tr:
try:
user_to_follow = User.read_by_name(tr.cursor, username_to_follow)
except ItemNotFoundError:
return construct_result(404, 'User not found')
Follow(None, user_to_follow.user_id, self.context['user_id']).create_me(tr.cursor)
return construct_result()
def create_input_data(self):
if self.owner is None:
self.owner = User(username='******')
self.db.session.add(self.owner)
if self.card is None:
self.card = Card(type=self.card_type,
name=self.card_name,
creator=self.owner)
self.db.session.add(self.card)
self.db.session.commit()
if self.questions is not None:
for idx, c in enumerate(self.questions):
c.position = idx
self.card.cards.append(c)
self.db.session.commit()
if self.asked_users is None:
if self.asked_user1 is None:
self.asked_user1 = User(username='******')
self.db.session.add(self.asked_user1)
self.db.session.commit()
self.asked_users = [self.asked_user1]
def setUp(self):
super(GiveCardToDeckTestCase, self).setUp()
self.deck_creator = User(username='******')
self.deck = Card(
type=Card.DECK,
name='test_deck',
is_ask_mode_enabled=True,
evaluation_period_status=card_module.EVALUATION_PERIOD_STATUS_OPEN,
creator=self.deck_creator)
self.db.session.add(self.deck)
self.question_creator = User(username='******')
self.db.session.add(self.question_creator)
self.question = Card(type=Card.TEXT,
name='question',
creator=self.question_creator)
self.db.session.add(self.question)
self.deck.cards.append(self.question)
self.creator = User(username='******')
self.answer = Card(type=Card.TEXT, name='answer', creator=self.creator)
self.db.session.add(self.answer)
self.db.session.commit()
def get_all_users(con: Optional[sqlite3.Connection] = None) -> List[User]:
"""
Gets all users stored in the sqlite db.
Parameters
----------
con : Optional[sqlite3.Connection]
Connection to the db.
Returns
-------
List[User]
List containing all users or empty.
"""
users = fetchall('SELECT * FROM users', con=con)
return [User(*u) for u in users]
def handle_signin(self, request):
username = request.get('username')
password = request.get('password')
if not username or not password:
return construct_result(400, 'Bad request')
with Transaction() as tr:
try:
user = User.read_by_name(tr.cursor, username)
except ItemNotFoundError:
return construct_result(404, 'User not found')
if not self.auth_handler.verify_password(password, user.password_key):
return construct_result(400, 'Bad password')
return construct_result(200, {'auth_token': self.auth_handler.get_auth_token(user.user_id)})
def test_success(self):
user = User(username='******', password='******', active=True)
self.db.session.add(user)
self.db.session.commit()
data = {'search_key': 'user1'}
response = self.client.post(self.url,
data=json.dumps(data),
content_type='application/json')
self.assertEqual(response.status, '200 OK')
usernames = json.loads(response.data)['users']
self.assertEqual(usernames, [{
'user_id': user.id,
'username': '******'
}])
def test_for_specific_user_false(self):
from lib.models import card as card_module
self.creator = User(username='******')
self.card = factories.CardFactory(type=Card.DECK,
is_ask_mode_enabled=True,
creator=self.creator)
self.viewer = factories.UserFactory()
self.db.session.commit()
self.call_target(by_user=self.viewer)
self.assert_result()
self.joined_users = [self.creator]
self.assertEqual(self.result['views_count'], 0)
self.assertEqual(self.result['viewed_by_me'], False)
self.assertEqual(self.result['commented_by_me'], False)
self.assertEqual(self.result['won_by_me'], False)
def call_target(self, by_user=None):
if self.card is None:
self.card = factories.CardFactory(type=Card.DECK,
is_ask_mode_enabled=True)
if self.creator:
if self.creator.id is None:
self.db.session.add(self.creator)
self.db.session.commit()
self.card.creator = self.creator
if self.evaluation_period_status is not None:
self.card.evaluation_period_status = self.evaluation_period_status
self.db.session.add(self.card)
self.db.session.commit()
if self.creator is not None:
urc = UserRoleCard(user_id=self.creator.id,
role_id=CardRole.JOINED,
card_id=self.card.id)
self.db.session.add(urc)
self.db.session.commit()
if self.joined_user1_name is not None:
self.joined_user_id1 = User(username=self.joined_user1_name)
self.db.session.add(self.joined_user_id1)
self.db.session.commit()
if self.joined_user_id1 is not None:
if self.joined_user_id1.id is None:
self.db.session.add(self.joined_user_id1)
self.db.session.commit()
urc = UserRoleCard(user_id=self.joined_user_id1.id,
role_id=CardRole.JOINED,
card_id=self.card.id)
if self.joined_user_id1_contribution is not None:
urc.contribution = self.joined_user_id1_contribution
self.db.session.add(urc)
self.db.session.commit()
res = self.card.to_dict(user=by_user)
self.result = res
self.create_expected()
return self.result
def test_visible(self):
from lib.models.user_permission import UserPermission
user = User(username='******', password='******', active=True)
role = Role(name='homes')
user.roles.append(role)
self.db.session.add(user)
self.db.session.commit()
deck_visible = Card(type=Card.DECK, name='1 visible_deck')
self.db.session.add(deck_visible)
deck_owned = Card(type=Card.DECK,
name='2 owned_by_user',
user_id=user.id)
self.db.session.add(deck_owned)
deck_invisible = Card(type=Card.DECK, name='3 invisible_deck')
self.db.session.add(deck_invisible)
deck_visible_by_role = Card(type=Card.DECK, name='4 visible_by_role')
self.db.session.add(deck_visible_by_role)
self.db.session.commit()
up1 = UserPermission(card_id=deck_visible.id,
permission_id='view',
user_id=user.id)
self.db.session.add(up1)
up2 = UserPermission(card_id=deck_visible_by_role.id,
permission_id='view',
role_id=role.id)
self.db.session.add(up2)
self.db.session.commit()
deck_repo = DeckRepo()
decks = list(deck_repo.get_viewable_decks(user))
decks = sorted(decks, key=lambda d: d.name)
self.assertEqual(len(decks), 3)
self.assertEqual(decks[0].id, deck_visible.id)
self.assertEqual(decks[1].id, deck_owned.id)
self.assertEqual(decks[2].id, deck_visible_by_role.id)
