def test_has_role_user_with_role(self):
role_names = TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
user.set_roles(role_names)
db.session.commit()
for role in role_names:
self.assertTrue(user.has_role(role))
def test_set_roles_none_in_user_some_in_db(self):
role_names = TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
added_roles = set(role_names)
added_roles.add('role4')
user.set_roles(added_roles)
db.session.commit()
self.assertUserRolesEqual(user, role_names)
def test_read_user(self):
user = User('username', 'asdfghjkl;')
db.session.add(user)
db.session.commit()
response = self.get_with_status_check('/api/users/{}'.format(user.id),
headers=self.headers,
status_code=SUCCESS)
self.assertDictEqual(response, user.as_json())
def test_first_login(self):
user = User('username', 'password')
db.session.add(user)
db.session.commit()
user.login('192.168.0.1')
self.assertUserTimestamps(user, current_login=datetime.utcnow())
self.assertUserIps(user, current_ip='192.168.0.1')
self.assertLoginCount(user, 1)
def test_roles_as_json_with_users_one_user(self):
role = Role('role1')
db.session.add(role)
user = User('username', 'password')
db.session.add(user)
user.set_roles(['role1'])
expected = {'name': 'role1', 'description': '', 'resources': [], 'users': ['username']}
role_json = role.as_json(with_users=True)
role_json.pop('id')
self.assertDictEqual(role_json, expected)
def test_as_json_with_user_history(self):
role_names = TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
db.session.add(user)
user.set_roles(role_names)
user.login('192.168.0.1')
first_login_timestamp = datetime.utcnow()
user.login('192.168.0.2')
second_login_timestamp = datetime.utcnow()
user_json = user.as_json(with_user_history=True)
expected = {"id": 1,
"username": '******',
"roles": [{'name': role, 'description': '', 'resources': []} for role in
['role1', 'role2', 'role3']],
"active": True,
"last_login_at": first_login_timestamp,
"current_login_at": second_login_timestamp,
"last_login_ip": '192.168.0.1',
"current_login_ip": '192.168.0.2',
"login_count": 2}
self.assertSetEqual(set(user_json.keys()), set(expected.keys()))
for key in ['username', 'active', 'last_login_ip', 'current_login_ip', 'login_count']:
self.assertEqual(user_json[key], expected[key], '{} for user\'s json in incorrect'.format(key))
self.assertAlmostEqual(user_json['last_login_at'], first_login_timestamp, delta=timedelta(milliseconds=100))
self.assertAlmostEqual(user_json['current_login_at'], second_login_timestamp, delta=timedelta(milliseconds=100))
for role in user_json['roles']:
self.assertIn('id', role)
self.assertIn(role['name'], ['role1', 'role2', 'role3'])
self.assertListEqual(role['resources'], [])
self.assertEqual(role['description'], '')
def test_update_username(self):
user = User('username', 'whisperDieselEngine')
db.session.add(user)
db.session.commit()
data = {'id': user.id, 'username': '******'}
response = self.post_with_status_check('/api/users',
headers=self.headers,
content_type='application/json',
data=json.dumps(data),
status_code=SUCCESS)
self.assertEqual(user.username, 'new_name')
self.assertDictEqual(response, user.as_json())
def test_update_user_with_roles(self):
role = Role('role1')
db.session.add(role)
db.session.commit()
user = User('username', 'supersecretshhhhh')
db.session.add(user)
db.session.commit()
data = {'id': user.id, 'roles': ['role1']}
response = self.post_with_status_check('/api/users',
headers=self.headers,
content_type='application/json',
data=json.dumps(data),
status_code=SUCCESS)
self.assertDictEqual(response, user.as_json())
self.assertSetEqual({role.name for role in user.roles}, {'role1'})
def test_update_user_password_only_invalid_old_password(self):
user = User('username', 'asdfghjkl;')
db.session.add(user)
db.session.commit()
data = {
'id': user.id,
'old_password': '******',
'password': '******'
}
self.post_with_status_check('/api/users',
headers=self.headers,
content_type='application/json',
data=json.dumps(data),
status_code=BAD_REQUEST)
self.assertTrue(user.verify_password('asdfghjkl;'))
def test_update_username_name_already_exists(self):
user = User('username', 'whisperDieselEngine')
db.session.add(user)
user2 = User('user2', 'shhnow')
db.session.add(user)
db.session.add(user2)
db.session.commit()
data = {'id': user.id, 'username': '******'}
self.post_with_status_check('/api/users',
headers=self.headers,
content_type='application/json',
data=json.dumps(data),
status_code=BAD_REQUEST)
self.assertTrue(user.verify_password(
'whisperDieselEngine')) # check password wasn't changed
def test_update_user_password_only(self):
user = User('username', 'asdfghjkl;')
db.session.add(user)
db.session.commit()
data = {
'id': user.id,
'old_password': '******',
'password': '******'
}
response = self.post_with_status_check('/api/users',
headers=self.headers,
content_type='application/json',
data=json.dumps(data),
status_code=SUCCESS)
self.assertDictEqual(response, user.as_json())
self.assertTrue(user.verify_password('changed!'))
def test_delete_user(self):
user = User('username', 'asdfghjkl;')
db.session.add(user)
db.session.commit()
self.delete_with_status_check('/api/users/{}'.format(user.id),
headers=self.headers,
status_code=SUCCESS)
def test_change_password_and_username_invalid_password(self):
user = User('username', 'whisperDieselEngine')
db.session.add(user)
db.session.commit()
data = {
'id': user.id,
'old_password': '******',
'password': '******',
'username': '******'
}
self.post_with_status_check('/api/users',
headers=self.headers,
content_type='application/json',
data=json.dumps(data),
status_code=BAD_REQUEST)
self.assertTrue(user.verify_password('whisperDieselEngine'))
self.assertEqual(user.username, 'username')
def test_as_json(self):
role_names = TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
db.session.add(user)
user.set_roles(role_names)
user.login('192.168.0.1')
user.login('192.168.0.2')
user_json = user.as_json()
expected = {
"id":
1,
"username":
'******',
"active":
True,
"roles": [{
'name': role,
'description': '',
'resources': []
} for role in ['role1', 'role2', 'role3']]
}
self.assertSetEqual(set(user_json.keys()), set(expected.keys()))
self.assertEqual(user_json['username'], 'username')
self.assertEqual(user_json['active'], True)
for role in user_json['roles']:
self.assertIn('id', role)
self.assertIn(role['name'], ['role1', 'role2', 'role3'])
self.assertListEqual(role['resources'], [])
self.assertEqual(role['description'], '')
def test_read_users(self):
user = User('username', 'asdfghjkl;')
db.session.add(user)
db.session.commit()
response = self.get_with_status_check('/api/users',
headers=self.headers,
status_code=SUCCESS)
self.assertSetEqual({user['username']
for user in response}, {'admin', 'username'})
def test_user_init(self):
user = User('username', 'password')
self.assertEqual(user.username, 'username')
self.assertUserRolesEqual(user, set())
self.assertUserTimestamps(user)
self.assertUserIps(user)
db.session.add(user)
db.session.commit()
self.assertLoginCount(user, 0)
def test_create_user_username_alrady_exists(self):
user = User('username', 'asdfghjkl;')
db.session.add(user)
db.session.commit()
data = {'username': '******', 'password': '******'}
self.put_with_status_check('/api/users',
headers=self.headers,
content_type='application/json',
data=json.dumps(data),
status_code=OBJECT_EXISTS_ERROR)
def test_logout_from_first_login(self):
user = User('username', 'password')
db.session.add(user)
db.session.commit()
user.login('192.168.0.1')
user.logout()
self.assertLoginCount(user, 0)
def test_set_roles_some_in_user_some_in_db(self):
TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
user.set_roles({'role1', 'role2'})
user.set_roles({'role2', 'role3', 'role4'})
db.session.commit()
self.assertUserRolesEqual(user, {'role2', 'role3'})
def test_set_roles_to_none_with_some_in_user(self):
role_names = TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
user.set_roles(role_names)
db.session.commit()
user.set_roles([])
db.session.commit()
self.assertUserRolesEqual(user, set())
def test_set_roles_some_in_user_none_in_db(self):
TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
user.set_roles({'role1', 'role2'})
user.set_roles({'role4', 'role5', 'role6'})
self.assertUserRolesEqual(user, set())
def test_verify_valid_password(self):
user = User('username', 'password')
self.assertTrue(user.verify_password('password'))
def test_verify_invalid_password(self):
user = User('username', 'invalid')
self.assertFalse(user.verify_password('password'))
def test_set_roles_to_none_with_none_in_user(self):
user = User('username', 'password')
user.set_roles([])
self.assertUserRolesEqual(user, set())
def test_set_roles_none_in_user_none_in_db(self):
user = User('username', 'password')
user.set_roles(['role1', 'role2', 'role3'])
self.assertUserRolesEqual(user, set())
def test_remove_user(self):
user = User('username', 'password')
db.session.add(user)
db.session.commit()
remove_user('username')
self.assertIsNone(User.query.filter_by(username='******').first())
def test_add_user_already_exists(self):
user = User('username', 'password')
db.session.add(user)
db.session.commit()
user = add_user('username', 'password')
self.assertIsNone(user)
def test_has_role_user_without_role(self):
role_names = TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
user.set_roles(role_names)
self.assertFalse(user.has_role('invalid'))
def test_set_roles_none_in_user_all_in_db(self):
role_names = TestUserRolesDatabase.add_roles_to_db(3)
user = User('username', 'password')
user.set_roles(role_names)
self.assertUserRolesEqual(user, role_names)
def test_has_role_user_with_no_roles(self):
user = User('username', 'password')
self.assertFalse(user.has_role('role3'))