ProjetSigma /
backend
| Total Complexity | 53 |
| Total Lines | 452 |
| Duplicated Lines | 19.91 % |
| Coverage | 100% |
| Changes | 6 | ||
| Bugs | 0 | Features | 1 |
Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.
Common duplication problems, and corresponding solutions are:
Complex classes like UserTests often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
| 1 | 1 | import json |
|
| 19 | 1 | class UserTests(APITestCase): |
|
| 20 | @classmethod |
||
| 21 | 1 | def setUpTestData(self): |
|
| 22 | 1 | # Summary: 2 clusters, 2 groups, 10 users |
|
| 23 | 1 | # Cluster #1: users #1 to #5 |
|
| 24 | # Cluster #2: users #5 to #9 |
||
| 25 | 1 | # Group #1: users #1, #2 and #6 (pending request) |
|
| 26 | # Group #2: users #3, #7 and #8 (invitation not accepted yet) |
||
| 27 | 1 | # User #1 is admin in cluster #1 |
|
| 28 | # User #6 is admin in cluster #2 |
||
| 29 | # User #10 is Sigma admin |
||
| 30 | 1 | ||
| 31 | super(UserTests, self).setUpTestData() |
||
| 32 | 1 | self.clusters = ClusterFactory.create_batch(2) |
|
| 33 | 1 | self.users = UserFactory.create_batch(9) |
|
| 34 | self.groups = GroupFactory.create_batch(2) |
||
| 35 | |||
| 36 | # User #10 is Sigma admin |
||
| 37 | self.users.append(AdminUserFactory()) |
||
| 38 | |||
| 39 | # Add users in clusters (user #1 is admin in cluster #1 and user #6 is admin in cluster #2) |
||
| 40 | for i in range(5): |
||
| 41 | 1 | self.clusters[0].cluster_users.add(self.users[i]) |
|
| 42 | GroupMemberFactory(group=self.clusters[0], user=self.users[i], perm_rank=(Group.ADMINISTRATOR_RANK if i == 0 else 1)) |
||
| 43 | 1 | ||
| 44 | 1 | self.clusters[1].cluster_users.add(self.users[4+i]) |
|
| 45 | 1 | GroupMemberFactory(group=self.clusters[1], user=self.users[4+i], perm_rank=(Group.ADMINISTRATOR_RANK if i == 1 else 1)) |
|
| 46 | 1 | ||
| 47 | # Add users in group #1 |
||
| 48 | GroupMemberFactory(group=self.groups[0], user=self.users[0], perm_rank=Group.ADMINISTRATOR_RANK) |
||
| 49 | 1 | GroupMemberFactory(group=self.groups[0], user=self.users[1], perm_rank=1) |
|
| 50 | GroupMemberFactory(group=self.groups[0], user=self.users[5], perm_rank=0) # pending request |
||
| 51 | 1 | ||
| 52 | 1 | # Add users in group #2 |
|
| 53 | GroupMemberFactory(group=self.groups[1], user=self.users[2], perm_rank=1) |
||
| 54 | GroupMemberFactory(group=self.groups[1], user=self.users[6], perm_rank=1) |
||
| 55 | self.users[7].invited_to_groups.add(self.groups[1]) # User #8 is invited to group #2 |
||
| 56 | |||
| 57 | self.user_url = '/user/' |
||
| 58 | self.new_user_data = {'lastname': 'Doe', 'firstname': 'John', 'email': '[email protected]', 'password': 'password', 'clusters_ids' : {self.clusters[0].id}} |
||
| 59 | |||
| 60 | 1 | #### Model methods test |
|
| 61 | def test_model_user(self): |
||
| 62 | 1 | try: |
|
| 63 | 1 | user = User.objects.create_user(email="", lastname="Holmes", firstname="Sherlock") |
|
| 64 | 1 | except ValueError: |
|
| 65 | 1 | user = User.objects.create_user(email="[email protected]", lastname="Holmes", firstname="Sherlock") |
|
| 66 | 1 | ||
| 67 | self.assertRaises(ValueError, User.objects.create_superuser, email="", lastname="", firstname="", password="pass") |
||
| 68 | user_admin = User.objects.create_superuser(email="[email protected]", lastname="Holmes", firstname="Mycroft", password="pass") |
||
| 69 | 1 | self.assertTrue(user_admin.is_superuser) |
|
| 70 | |||
| 71 | 1 | self.assertEqual(user.email, '[email protected]') |
|
| 72 | 1 | self.assertEqual(user.get_full_name(), 'Holmes Sherlock') |
|
| 73 | self.assertEqual(user.get_short_name(), '[email protected]') |
||
| 74 | 1 | self.assertFalse(user.is_sigma_admin()) |
|
| 75 | self.assertEqual(user.__str__(), '[email protected]') |
||
| 76 | 1 | self.assertTrue(self.users[0].is_in_cluster(self.clusters[0])) |
|
| 77 | 1 | # Cluster admin |
|
| 78 | 1 | self.assertTrue(self.users[0].is_cluster_admin(self.clusters[0])) |
|
| 79 | 1 | self.assertFalse(self.users[1].is_cluster_admin(self.clusters[0])) |
|
| 80 | self.assertTrue(self.users[0].is_admin_of_one_cluster(self.clusters)) |
||
| 81 | self.assertFalse(self.users[1].is_admin_of_one_cluster(self.clusters)) |
||
| 82 | 1 | # Common cluster |
|
| 83 | self.assertTrue(self.users[0].has_common_cluster(self.users[1])) |
||
| 84 | 1 | self.assertFalse(self.users[0].has_common_cluster(self.users[5])) |
|
| 85 | 1 | # Common group |
|
| 86 | self.assertTrue(self.users[2].has_common_group(self.users[6])) |
||
| 87 | 1 | self.assertFalse(self.users[1].has_common_group(self.users[6])) |
|
| 88 | self.assertTrue(self.users[0].has_common_group(self.users[5])) |
||
| 89 | 1 | self.assertFalse(self.users[5].has_common_group(self.users[0])) |
|
| 90 | 1 | # Group membership |
|
| 91 | 1 | self.assertIsNone(self.users[0].get_group_membership(self.groups[1])) |
|
| 92 | self.assertIsNotNone(self.users[0].get_group_membership(self.groups[0])) |
||
| 93 | 1 | self.assertIsNotNone(self.users[5].get_group_membership(self.groups[0])) |
|
| 94 | self.assertFalse(self.users[0].is_group_member(self.groups[1])) |
||
| 95 | 1 | self.assertTrue(self.users[0].is_group_member(self.groups[0])) |
|
| 96 | 1 | self.assertFalse(self.users[5].is_group_member(self.groups[0])) |
|
| 97 | 1 | # Group perms |
|
| 98 | 1 | self.assertTrue(self.users[0].can_invite(self.clusters[0].group_ptr)) |
|
| 99 | self.assertFalse(self.users[1].can_invite(self.clusters[0].group_ptr)) |
||
| 100 | self.assertTrue(self.users[0].can_accept_join_requests(self.groups[0])) |
||
| 101 | 1 | self.assertTrue(self.users[0].can_modify_group_infos(self.groups[0])) |
|
| 102 | self.assertTrue(self.users[0].has_group_admin_perm(self.groups[0])) |
||
| 103 | 1 | self.assertFalse(self.users[1].has_group_admin_perm(self.groups[0])) |
|
| 104 | 1 | self.assertTrue(self.users[7].is_invited_to_group_id(self.groups[1].id)) |
|
| 105 | 1 | self.assertEqual(len(self.users[0].get_groups_with_confirmed_membership()), 2) |
|
| 106 | 1 | self.assertTrue(user_admin.can_accept_join_requests(self.groups[0])) |
|
| 107 | 1 | self.assertTrue(user_admin.has_group_admin_perm(self.groups[0])) |
|
| 108 | |||
| 109 | 1 | #### List requests |
|
| 110 | def test_get_users_list_unauthed(self): |
||
| 111 | 1 | # Client not authenticated |
|
| 112 | 1 | response = self.client.get(self.user_url) |
|
| 113 | 1 | self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
|
| 114 | 1 | ||
| 115 | 1 | def test_get_users_list_user1(self): |
|
| 116 | # Client authenticated: user in cluster #1, can see users in cluster #1 and in his groups |
||
| 117 | 1 | self.client.force_authenticate(user=self.users[0]) |
|
| 118 | response = self.client.get(self.user_url) |
||
| 119 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 120 | 1 | self.assertEqual(len(response.data), 6) |
|
| 121 | 1 | ||
| 122 | 1 | def test_get_users_list_user4(self): |
|
| 123 | 1 | # Client authenticated: user in cluster #1, can see users in cluster #1 |
|
| 124 | 1 | self.client.force_authenticate(user=self.users[3]) |
|
| 125 | response = self.client.get(self.user_url) |
||
| 126 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 127 | 1 | self.assertEqual(len(response.data), 5) |
|
| 128 | |||
| 129 | 1 | def test_get_users_list_user5(self): |
|
| 130 | # Client authenticated: user in clusters #1 and #2, can see eveybody (except admin user) then |
||
| 131 | 1 | self.client.force_authenticate(user=self.users[4]) |
|
| 132 | 1 | response = self.client.get(self.user_url) |
|
| 133 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 134 | 1 | self.assertEqual(len(response.data), 9) |
|
| 135 | 1 | ||
| 136 | def test_get_users_list_user6(self): |
||
| 137 | 1 | # Client authenticated: user in cluster #2, pending request to group #2 (cannot see members yet) |
|
| 138 | self.client.force_authenticate(user=self.users[5]) |
||
| 139 | 1 | response = self.client.get(self.user_url) |
|
| 140 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 141 | 1 | self.assertEqual(len(response.data), 5) |
|
| 142 | 1 | ||
| 143 | 1 | def test_get_users_list_user8(self): |
|
| 144 | 1 | # Client authenticated: user in cluster #2, invited to group #2 (cannot see members yet) |
|
| 145 | self.client.force_authenticate(user=self.users[7]) |
||
| 146 | 1 | response = self.client.get(self.user_url) |
|
| 147 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 148 | self.assertEqual(len(response.data), 5) |
||
| 149 | 1 | ||
| 150 | def test_get_users_list_admin_user(self): |
||
| 151 | 1 | # Client authenticated: Sigma admin, can see everyone |
|
| 152 | 1 | self.client.force_authenticate(user=self.users[9]) |
|
| 153 | 1 | response = self.client.get(self.user_url) |
|
| 154 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 155 | 1 | self.assertEqual(len(response.data), 10) |
|
| 156 | |||
| 157 | 1 | #### Get requests |
|
| 158 | def test_get_user_unauthed(self): |
||
| 159 | 1 | # Client is not authenticated |
|
| 160 | 1 | response = self.client.get(self.user_url) |
|
| 161 | 1 | self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
|
| 162 | 1 | ||
| 163 | 1 | def test_get_user_not_found(self): |
|
| 164 | 1 | # Client authenticated: request inexistant user |
|
| 165 | self.client.force_authenticate(user=self.users[0]) |
||
| 166 | 1 | response = self.client.get(self.user_url + "%d/" % 404) |
|
| 167 | 1 | self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) |
|
| 168 | |||
| 169 | View Code Duplication | def test_get_user_1_req_5(self): |
|
|
Duplication
introduced
by
|
|||
| 170 | # Client authenticated: request user in same cluster |
||
| 171 | 1 | self.client.force_authenticate(user=self.users[0]) |
|
| 172 | response = self.client.get(self.user_url + "%d/" % self.users[4].id) |
||
| 173 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 174 | 1 | self.assertEqual(response.data['lastname'], self.users[4].lastname) |
|
| 175 | 1 | self.assertEqual(response.data['email'], self.users[4].email) |
|
| 176 | 1 | self.assertEqual(response.data['clusters_ids'], [c.id for c in self.clusters]) |
|
| 177 | |||
| 178 | 1 | View Code Duplication | def test_get_user_3_req_7(self): |
| 179 | # Client authenticated: request user in same group |
||
| 180 | 1 | self.client.force_authenticate(user=self.users[2]) |
|
| 181 | 1 | response = self.client.get(self.user_url + "%d/" % self.users[6].id) |
|
| 182 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 183 | 1 | self.assertEqual(response.data['lastname'], self.users[6].lastname) |
|
| 184 | self.assertEqual(response.data['email'], self.users[6].email) |
||
| 185 | 1 | self.assertEqual(response.data['clusters_ids'], [self.clusters[1].id]) |
|
| 186 | |||
| 187 | 1 | def test_get_user_1_req_7(self): |
|
| 188 | 1 | # Client authenticated: no group in common |
|
| 189 | 1 | self.client.force_authenticate(user=self.users[0]) |
|
| 190 | 1 | response = self.client.get(self.user_url + "%d/" % self.users[6].id) |
|
| 191 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 192 | self.assertEqual(response.data['lastname'], self.users[6].lastname) |
||
| 193 | 1 | self.assertEqual(response.data['clusters_ids'], [self.clusters[1].id]) |
|
| 194 | self.assertNotIn('email', response.data) |
||
| 195 | 1 | self.assertNotIn('photo', response.data) |
|
| 196 | 1 | ||
| 197 | def test_get_user_2_req_6(self): |
||
| 198 | 1 | # Client authenticated: request user who has pending request into group |
|
| 199 | self.client.force_authenticate(user=self.users[1]) |
||
| 200 | 1 | response = self.client.get(self.user_url + "%d/" % self.users[5].id) |
|
| 201 | 1 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
| 202 | self.assertEqual(response.data['lastname'], self.users[5].lastname) |
||
| 203 | 1 | self.assertEqual(response.data['clusters_ids'], [self.clusters[1].id]) |
|
| 204 | self.assertIn('email', response.data) |
||
| 205 | 1 | ||
| 206 | 1 | def test_get_user_8_req_3(self): |
|
| 207 | 1 | # Client authenticated: request a user who is in a group I'm invited |
|
| 208 | 1 | self.client.force_authenticate(user=self.users[7]) |
|
| 209 | 1 | response = self.client.get(self.user_url + "%d/" % self.users[2].id) |
|
| 210 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 211 | self.assertEqual(response.data['lastname'], self.users[2].lastname) |
||
| 212 | self.assertEqual(response.data['clusters_ids'], [self.clusters[0].id]) |
||
| 213 | self.assertNotIn('email', response.data) |
||
| 214 | self.assertNotIn('photo', response.data) |
||
| 215 | |||
| 216 | def test_get_user_3_req_8(self): |
||
| 217 | # Client authenticated: request a user who is invited in a group whose I'm a member |
||
| 218 | self.client.force_authenticate(user=self.users[2]) |
||
| 219 | response = self.client.get(self.user_url + "%d/" % self.users[7].id) |
||
| 220 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 221 | self.assertEqual(response.data['lastname'], self.users[7].lastname) |
||
| 222 | self.assertEqual(response.data['clusters_ids'], [self.clusters[1].id]) |
||
| 223 | self.assertNotIn('email', response.data) |
||
| 224 | self.assertNotIn('photo', response.data) |
||
| 225 | |||
| 226 | |||
| 227 | #### "Get my data" requests |
||
| 228 | def test_get_my_data_unauthed(self): |
||
| 229 | # Client is not authenticated |
||
| 230 | response = self.client.get(self.user_url + 'me/') |
||
| 231 | self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
||
| 232 | |||
| 233 | def test_get_my_data_ok(self): |
||
| 234 | # Client is authenticated |
||
| 235 | self.client.force_authenticate(user=self.users[1]) |
||
| 236 | response = self.client.get(self.user_url + 'me/') |
||
| 237 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 238 | self.assertEqual(response.data['id'], self.users[1].id) |
||
| 239 | self.assertIn('invited_to_groups_ids', response.data) |
||
| 240 | |||
| 241 | #### Create requests |
||
| 242 | def test_create_user_unauthed(self): |
||
| 243 | # Client is not authenticated |
||
| 244 | response = self.client.post(self.user_url, self.new_user_data) |
||
| 245 | self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
||
| 246 | |||
| 247 | def test_create_user_not_cluster_admin(self): |
||
| 248 | # Client has no permission |
||
| 249 | self.client.force_authenticate(user=self.users[1]) |
||
| 250 | response = self.client.post(self.user_url, self.new_user_data) |
||
| 251 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 252 | |||
| 253 | View Code Duplication | def test_create_user_sigma_admin_ok(self): |
|
| 254 | # Client has permissions |
||
| 255 | self.client.force_authenticate(user=self.users[9]) |
||
| 256 | response = self.client.post(self.user_url, self.new_user_data) |
||
| 257 | self.assertEqual(response.status_code, status.HTTP_201_CREATED) |
||
| 258 | self.assertEqual(response.data['lastname'], self.new_user_data['lastname']) |
||
| 259 | self.assertTrue(GroupMember.objects.filter(user=response.data['id'], group=self.clusters[0].id).exists()) |
||
| 260 | |||
| 261 | def test_create_user_admin__bad_request1(self): |
||
| 262 | # Client has permissions |
||
| 263 | self.client.force_authenticate(user=self.users[9]) |
||
| 264 | data = self.new_user_data.copy() |
||
| 265 | data['clusters_ids'] = 'Completely wrong' |
||
| 266 | response = self.client.post(self.user_url, data) |
||
| 267 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 268 | |||
| 269 | def test_create_user_admin__bad_request2(self): |
||
| 270 | # Client has permissions |
||
| 271 | self.client.force_authenticate(user=self.users[9]) |
||
| 272 | data = self.new_user_data.copy() |
||
| 273 | data['clusters_ids'] = {'cluster': 1} |
||
| 274 | response = self.client.post(self.user_url, data) |
||
| 275 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 276 | |||
| 277 | def test_create_user_admin__bad_request3(self): |
||
| 278 | # Client has permissions |
||
| 279 | self.client.force_authenticate(user=self.users[9]) |
||
| 280 | data = self.new_user_data.copy() |
||
| 281 | data['clusters_ids'] = None |
||
| 282 | response = self.client.post(self.user_url, data) |
||
| 283 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 284 | |||
| 285 | View Code Duplication | def test_create_user_clusteradmin_ok(self): |
|
| 286 | # Client has permissions |
||
| 287 | self.client.force_authenticate(user=self.users[0]) |
||
| 288 | response = self.client.post(self.user_url, self.new_user_data) |
||
| 289 | self.assertEqual(response.status_code, status.HTTP_201_CREATED) |
||
| 290 | self.assertEqual(response.data['lastname'], self.new_user_data['lastname']) |
||
| 291 | self.assertTrue(GroupMember.objects.filter(user=response.data['id'], group=self.clusters[0].id).exists()) |
||
| 292 | |||
| 293 | def test_create_user_clusteradmin_wrong_cluster(self): |
||
| 294 | # Client has permissions |
||
| 295 | self.client.force_authenticate(user=self.users[4]) |
||
| 296 | response = self.client.post(self.user_url, self.new_user_data) |
||
| 297 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 298 | |||
| 299 | #### Modification requests |
||
| 300 | def test_get_user_not_found(self): |
||
| 301 | # Client authenticated: request inexistant user |
||
| 302 | self.client.force_authenticate(user=self.users[0]) |
||
| 303 | user_data = UserSerializer(self.users[0]).data |
||
| 304 | response = self.client.put(self.user_url + "%d/" % 404, user_data) |
||
| 305 | self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) |
||
| 306 | |||
| 307 | def test_edit_email_wrong_permission(self): |
||
| 308 | # Client wants to change another user's email |
||
| 309 | self.client.force_authenticate(user=self.users[1]) |
||
| 310 | user_data = UserSerializer(self.users[0]).data |
||
| 311 | user_data['email'] = "[email protected]" |
||
| 312 | response = self.client.put(self.user_url + "%d/" % self.users[0].id, user_data) |
||
| 313 | self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
||
| 314 | |||
| 315 | def test_edit_is_superuser_no_permission(self): |
||
| 316 | # Client can't set himself as administrator ! |
||
| 317 | self.client.force_authenticate(user=self.users[1]) |
||
| 318 | user_data = UserSerializer(self.users[1]).data |
||
| 319 | user_data['is_superuser'] = True |
||
| 320 | response = self.client.put(self.user_url + "%d/" % self.users[1].id, user_data) |
||
| 321 | self.assertFalse(self.users[1].is_superuser) |
||
| 322 | |||
| 323 | def test_edit_email_nonvalid_email(self): |
||
| 324 | # Client wants to change his email with a non valid value |
||
| 325 | self.client.force_authenticate(user=self.users[0]) |
||
| 326 | user_data = UserSerializer(self.users[0]).data |
||
| 327 | user_data['email'] = "ThisIsNotAnEmail" |
||
| 328 | response = self.client.put(self.user_url + "%d/" % self.users[0].id, user_data) |
||
| 329 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 330 | |||
| 331 | View Code Duplication | def test_edit_email_ok(self): |
|
| 332 | # Client wants to change his email and succeed in |
||
| 333 | self.client.force_authenticate(user=self.users[1]) |
||
| 334 | user_data = UserSerializer(self.users[1]).data |
||
| 335 | old_email = user_data['email'] |
||
| 336 | user_data['email'] = "[email protected]" |
||
| 337 | response = self.client.put(self.user_url + "%d/" % self.users[1].id, user_data) |
||
| 338 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 339 | self.assertEqual(reload(self.users[1]).email, user_data['email']) |
||
| 340 | # Guarantee that tests are independant |
||
| 341 | self.users[1].email = old_email |
||
| 342 | self.users[1].save() |
||
| 343 | |||
| 344 | def test_edit_profile_wrong_permission(self): |
||
| 345 | # Client wants to change another user's phone number |
||
| 346 | self.client.force_authenticate(user=self.users[1]) |
||
| 347 | user_data = UserSerializer(self.users[0]).data |
||
| 348 | user_data['phone'] = "0123456789" |
||
| 349 | response = self.client.put(self.user_url + "%d/" % self.users[0].id, user_data) |
||
| 350 | self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
||
| 351 | |||
| 352 | View Code Duplication | def test_edit_profile_ok(self): |
|
| 353 | # Client wants to change his phone number |
||
| 354 | self.client.force_authenticate(user=self.users[0]) |
||
| 355 | user_data = UserSerializer(self.users[0]).data |
||
| 356 | old_phone = user_data['phone'] |
||
| 357 | user_data['phone'] = "0123456789" |
||
| 358 | response = self.client.put(self.user_url + "%d/" % self.users[0].id, user_data) |
||
| 359 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 360 | self.assertEqual(reload(self.users[0]).phone, user_data['phone']) |
||
| 361 | # Guarantee that tests are independant |
||
| 362 | self.users[0].phone = old_phone |
||
| 363 | self.users[0].save() |
||
| 364 | |||
| 365 | def test_edit_lastname_oneself(self): |
||
| 366 | # Client wants to change his lastname |
||
| 367 | self.client.force_authenticate(user=self.users[1]) |
||
| 368 | user_data = UserSerializer(self.users[1]).data |
||
| 369 | user_data['lastname'] = "Daudet" |
||
| 370 | response = self.client.put(self.user_url + "%d/" % self.users[1].id, user_data) |
||
| 371 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 372 | |||
| 373 | View Code Duplication | def test_edit_lastname_oneself_clusteradmin(self): |
|
| 374 | # Client wants to change his lastname |
||
| 375 | self.client.force_authenticate(user=self.users[0]) |
||
| 376 | user_data = UserSerializer(self.users[0]).data |
||
| 377 | old_lastname = user_data['lastname'] |
||
| 378 | user_data['lastname'] = "Daudet" |
||
| 379 | response = self.client.put(self.user_url + "%d/" % self.users[0].id, user_data) |
||
| 380 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 381 | self.assertEqual(reload(self.users[0]).lastname, user_data['lastname']) |
||
| 382 | # Guarantee that tests are independant |
||
| 383 | self.users[1].lastname = old_lastname |
||
| 384 | self.users[1].save() |
||
| 385 | |||
| 386 | View Code Duplication | def test_edit_lastname_cluster_admin(self): |
|
| 387 | # Cluster admin wants to change the lastname of one cluster's member |
||
| 388 | self.client.force_authenticate(user=self.users[0]) |
||
| 389 | user_data = UserSerializer(self.users[1]).data |
||
| 390 | old_lastname = user_data['lastname'] |
||
| 391 | user_data['lastname'] = "Daudet" |
||
| 392 | response = self.client.put(self.user_url + "%d/" % self.users[1].id, user_data) |
||
| 393 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 394 | self.assertEqual(reload(self.users[1]).lastname, user_data['lastname']) |
||
| 395 | # Guarantee that tests are independant |
||
| 396 | self.users[1].lastname = old_lastname |
||
| 397 | self.users[1].save() |
||
| 398 | |||
| 399 | View Code Duplication | def test_edit_lastname_sigma_admin(self): |
|
| 400 | # Admin wants to change an user's lastname |
||
| 401 | self.client.force_authenticate(user=self.users[9]) |
||
| 402 | user_data = UserSerializer(self.users[0]).data |
||
| 403 | old_lastname = user_data['lastname'] |
||
| 404 | user_data['lastname'] = "Daudet" |
||
| 405 | response = self.client.put(self.user_url + "%d/" % self.users[0].id, user_data) |
||
| 406 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 407 | self.assertEqual(reload(self.users[0]).lastname, user_data['lastname']) |
||
| 408 | # Guarantee that tests are independant |
||
| 409 | self.users[0].lastname = old_lastname |
||
| 410 | self.users[0].save() |
||
| 411 | |||
| 412 | #### "Change password" requests |
||
| 413 | def test_change_pwd_wrong_pwd(self): |
||
| 414 | # Client gives a wrong old password |
||
| 415 | self.users[0].set_password('old_pwd') |
||
| 416 | self.client.force_authenticate(user=self.users[0]) |
||
| 417 | response = self.client.put(self.user_url + 'change_password/', {'old_password': 'wrong', 'password': 'new_pwd'}) |
||
| 418 | self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
||
| 419 | |||
| 420 | def test_change_pwd_no_pwd(self): |
||
| 421 | # Client gives no new password |
||
| 422 | self.users[0].set_password('old_pwd') |
||
| 423 | self.client.force_authenticate(user=self.users[0]) |
||
| 424 | response = self.client.put(self.user_url + 'change_password/', {'old_password': 'old_pwd', 'password': ''}) |
||
| 425 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 426 | |||
| 427 | def test_change_pwd_ok(self): |
||
| 428 | # Client successfully changes his password |
||
| 429 | self.users[0].set_password('old_pwd') |
||
| 430 | self.client.force_authenticate(user=self.users[0]) |
||
| 431 | response = self.client.put(self.user_url + 'change_password/', {'old_password': 'old_pwd', 'password': 'new_strong_pwd'}) |
||
| 432 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 433 | |||
| 434 | #### "Reset password" requests |
||
| 435 | def test_reset_pwd_no_email(self): |
||
| 436 | # Client gives no email |
||
| 437 | response = self.client.post(self.user_url + 'reset_password/', {'email': ''}) |
||
| 438 | self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) |
||
| 439 | |||
| 440 | def test_reset_pwd_no_user(self): |
||
| 441 | # Client's email is not found |
||
| 442 | response = self.client.post(self.user_url + 'reset_password/', {'email': '[email protected]'}) |
||
| 443 | self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) |
||
| 444 | |||
| 445 | def test_reset_pwd_ok(self): |
||
| 446 | # Client successfully resets his password |
||
| 447 | response = self.client.post(self.user_url + 'reset_password/', {'email': self.users[0].email}) |
||
| 448 | self.assertEqual(response.status_code, status.HTTP_200_OK) |
||
| 449 | self.assertEqual(len(mail.outbox), 1) |
||
| 450 | from sigma_core.views.user import reset_mail |
||
| 451 | self.assertEqual(mail.outbox[0].subject, reset_mail['subject']) |
||
| 452 | |||
| 453 | #### "Add photo" requests |
||
| 454 | def test_addphoto_ok(self): |
||
| 455 | self.client.force_authenticate(user=self.users[0]) |
||
| 456 | with open("sigma_files/test_img.png", "rb") as img: |
||
| 457 | response = self.client.post(self.user_url + "addphoto/", {'file': img}, format='multipart') |
||
| 458 | self.assertEqual(response.status_code, status.HTTP_201_CREATED) |
||
| 459 | |||
| 460 | #### Deletion requests |
||
| 461 | def test_destroy_user_unauthed(self): |
||
| 462 | # Client is not authenticated |
||
| 463 | response = self.client.delete(self.user_url + "%d/" % self.users[0].id) |
||
| 464 | self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
||
| 465 | |||
| 466 | def test_destroy_user_wrong_perms(self): |
||
| 467 | # Client wants to delete another user but is not sigma or cluster admin |
||
| 468 | self.client.force_authenticate(user=self.users[1]) |
||
| 469 | response = self.client.delete(self.user_url + "%d/" % self.users[2].id) |
||
| 470 | self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
||
| 471 | |||
| 496 |
Loading history...
