c3lf-system-3/core/authentication/tests/v2/test_users.py

from django.test import TestCase, Client
from django.contrib.auth.models import Permission, Group

from knox.models import AuthToken

from authentication.models import ExtendedUser, EventPermission
from core import settings
from inventory.models import Event


class UserApiTest(TestCase):

    def setUp(self):
        self.event = Event.objects.create(name='testevent', slug='testevent')
        self.group1 = Group.objects.create(name='testgroup1')
        self.group2 = Group.objects.create(name='testgroup2')
        self.group1.permissions.add(Permission.objects.get(codename='add_item'))
        self.group1.permissions.add(Permission.objects.get(codename='view_item'))
        self.group2.permissions.add(Permission.objects.get(codename='view_event'))
        self.group2.permissions.add(Permission.objects.get(codename='view_item'))
        self.user = ExtendedUser.objects.create_user('testuser', 'test', 'test')
        self.user.user_permissions.add(Permission.objects.get(codename='add_event'))
        self.user.groups.add(self.group1)
        self.user.groups.add(self.group2)
        self.user.save()
        EventPermission.objects.create(event=self.event, user=self.user,
                                       permission=Permission.objects.get(codename='delete_item'))
        self.user.save()
        self.token = AuthToken.objects.create(user=self.user)
        self.client = Client(headers={'Authorization': 'Token ' + self.token[1]})

    def test_users(self):
        response = self.client.get('/api/2/users/')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.json()), 2)
        self.assertEqual(response.json()[0]['username'], settings.LEGACY_USER_NAME)
        self.assertEqual(response.json()[0]['email'], 'mail@' + settings.MAIL_DOMAIN)
        self.assertEqual(response.json()[0]['first_name'], '')
        self.assertEqual(response.json()[0]['last_name'], '')
        self.assertEqual(response.json()[0]['id'], 1)
        self.assertEqual(response.json()[1]['username'], 'testuser')
        self.assertEqual(response.json()[1]['email'], 'test')
        self.assertEqual(response.json()[1]['first_name'], '')
        self.assertEqual(response.json()[1]['last_name'], '')

    def test_self_user(self):
        response = self.client.get('/api/2/self/')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json()['username'], 'testuser')
        self.assertEqual(response.json()['email'], 'test')
        self.assertEqual(response.json()['first_name'], '')
        self.assertEqual(response.json()['last_name'], '')
        permissions = response.json()['permissions']
        self.assertEqual(len(permissions), 5)

    def test_register_user(self):
        anonymous = Client()
        response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'password': 'test', 'email': 'test2'},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.json()['username'], 'testuser2')
        self.assertEqual(response.json()['email'], 'test2')
        self.assertEqual(len(ExtendedUser.objects.all()), 3)
        self.assertEqual(ExtendedUser.objects.get(username='testuser2').email, 'test2')
        self.assertTrue(ExtendedUser.objects.get(username='testuser2').check_password('test'))

    def test_register_user_duplicate(self):
        anonymous = Client()
        response = anonymous.post('/api/2/register/', {'username': 'testuser', 'password': 'test', 'email': 'test2'},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json()['errors']['username'], 'Username already exists')
        self.assertEqual(len(ExtendedUser.objects.all()), 2)

    def test_register_user_no_username(self):
        anonymous = Client()
        response = anonymous.post('/api/2/register/', {'password': 'test', 'email': 'test2'},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json()['errors']['username'], 'Username is required')
        self.assertEqual(len(ExtendedUser.objects.all()), 2)

    def test_register_user_no_password(self):
        anonymous = Client()
        response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'email': 'test2'},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json()['errors']['password'], 'Password is required')
        self.assertEqual(len(ExtendedUser.objects.all()), 2)

    def test_register_user_no_email(self):
        anonymous = Client()
        response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'password': 'test'},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json()['errors']['email'], 'Email is required')
        self.assertEqual(len(ExtendedUser.objects.all()), 2)

    def test_register_user_duplicate_email(self):
        anonymous = Client()
        response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'password': 'test', 'email': 'test'},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json()['errors']['email'], 'Email already exists')
        self.assertEqual(len(ExtendedUser.objects.all()), 2)

    def test_get_token(self):
        anonymous = Client()
        response = anonymous.post('/api/2/login/', {'username': 'testuser', 'password': 'test'},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 200)
        self.assertTrue('token' in response.json())

    def test_legacy_user(self):
        response = self.client.get('/api/2/users/1/')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json()['username'], settings.LEGACY_USER_NAME)
        self.assertEqual(response.json()['email'], 'mail@' + settings.MAIL_DOMAIN)
        self.assertEqual(response.json()['first_name'], '')
        self.assertEqual(response.json()['last_name'], '')
        self.assertEqual(response.json()['id'], 1)

    def test_get_legacy_user_token(self):
        anonymous = Client()
        response = anonymous.post('/api/2/login/', {
            'username': settings.LEGACY_USER_NAME, 'password': settings.LEGACY_USER_PASSWORD},
                                  content_type='application/json')
        self.assertEqual(response.status_code, 200)
        self.assertTrue('token' in response.json())
wip 2023-11-23 22:17:20 +00:00			`from django.test import TestCase, Client`
stash 2023-12-13 11:51:36 +00:00			`from django.contrib.auth.models import Permission, Group`
wip 2023-11-23 22:17:20 +00:00
stash 2023-12-11 21:18:33 +00:00			`from knox.models import AuthToken`

stash 2023-12-13 11:51:36 +00:00			`from authentication.models import ExtendedUser, EventPermission`
wip 2023-11-23 22:17:20 +00:00			`from core import settings`
stash 2023-12-13 11:51:36 +00:00			`from inventory.models import Event`
wip 2023-11-23 22:17:20 +00:00

stash 2023-12-11 21:18:33 +00:00			`class UserApiTest(TestCase):`
wip 2023-11-23 22:17:20 +00:00
stash 2023-12-11 21:18:33 +00:00			`def setUp(self):`
stash 2023-12-13 11:51:36 +00:00			`self.event = Event.objects.create(name='testevent', slug='testevent')`
			`self.group1 = Group.objects.create(name='testgroup1')`
			`self.group2 = Group.objects.create(name='testgroup2')`
			`self.group1.permissions.add(Permission.objects.get(codename='add_item'))`
			`self.group1.permissions.add(Permission.objects.get(codename='view_item'))`
			`self.group2.permissions.add(Permission.objects.get(codename='view_event'))`
			`self.group2.permissions.add(Permission.objects.get(codename='view_item'))`
stash 2023-12-11 21:18:33 +00:00			`self.user = ExtendedUser.objects.create_user('testuser', 'test', 'test')`
stash 2023-12-13 11:51:36 +00:00			`self.user.user_permissions.add(Permission.objects.get(codename='add_event'))`
			`self.user.groups.add(self.group1)`
			`self.user.groups.add(self.group2)`
			`self.user.save()`
			`EventPermission.objects.create(event=self.event, user=self.user,`
			`permission=Permission.objects.get(codename='delete_item'))`
stash 2023-12-11 21:18:33 +00:00			`self.user.save()`
			`self.token = AuthToken.objects.create(user=self.user)`
			`self.client = Client(headers={'Authorization': 'Token ' + self.token[1]})`
wip 2023-11-23 22:17:20 +00:00
stash 2023-12-11 21:18:33 +00:00			`def test_users(self):`
			`response = self.client.get('/api/2/users/')`
wip 2023-11-23 22:17:20 +00:00			`self.assertEqual(response.status_code, 200)`
stash 2023-12-11 21:18:33 +00:00			`self.assertEqual(len(response.json()), 2)`
wip 2023-11-23 22:17:20 +00:00			`self.assertEqual(response.json()[0]['username'], settings.LEGACY_USER_NAME)`
			`self.assertEqual(response.json()[0]['email'], 'mail@' + settings.MAIL_DOMAIN)`
			`self.assertEqual(response.json()[0]['first_name'], '')`
			`self.assertEqual(response.json()[0]['last_name'], '')`
			`self.assertEqual(response.json()[0]['id'], 1)`
stash 2023-12-11 21:18:33 +00:00			`self.assertEqual(response.json()[1]['username'], 'testuser')`
			`self.assertEqual(response.json()[1]['email'], 'test')`
			`self.assertEqual(response.json()[1]['first_name'], '')`
			`self.assertEqual(response.json()[1]['last_name'], '')`

			`def test_self_user(self):`
stash 2023-12-13 11:51:36 +00:00			`response = self.client.get('/api/2/self/')`
stash 2023-12-11 21:18:33 +00:00			`self.assertEqual(response.status_code, 200)`
			`self.assertEqual(response.json()['username'], 'testuser')`
			`self.assertEqual(response.json()['email'], 'test')`
			`self.assertEqual(response.json()['first_name'], '')`
			`self.assertEqual(response.json()['last_name'], '')`
stash 2023-12-13 11:51:36 +00:00			`permissions = response.json()['permissions']`
			`self.assertEqual(len(permissions), 5)`
stash 2023-12-11 21:18:33 +00:00
			`def test_register_user(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'password': 'test', 'email': 'test2'},`
			`content_type='application/json')`
			`self.assertEqual(response.status_code, 201)`
			`self.assertEqual(response.json()['username'], 'testuser2')`
			`self.assertEqual(response.json()['email'], 'test2')`
			`self.assertEqual(len(ExtendedUser.objects.all()), 3)`
			`self.assertEqual(ExtendedUser.objects.get(username='testuser2').email, 'test2')`
			`self.assertTrue(ExtendedUser.objects.get(username='testuser2').check_password('test'))`

			`def test_register_user_duplicate(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/register/', {'username': 'testuser', 'password': 'test', 'email': 'test2'},`
			`content_type='application/json')`
			`self.assertEqual(response.status_code, 400)`
			`self.assertEqual(response.json()['errors']['username'], 'Username already exists')`
			`self.assertEqual(len(ExtendedUser.objects.all()), 2)`

			`def test_register_user_no_username(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/register/', {'password': 'test', 'email': 'test2'},`
			`content_type='application/json')`
			`self.assertEqual(response.status_code, 400)`
			`self.assertEqual(response.json()['errors']['username'], 'Username is required')`
			`self.assertEqual(len(ExtendedUser.objects.all()), 2)`

			`def test_register_user_no_password(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'email': 'test2'},`
			`content_type='application/json')`
			`self.assertEqual(response.status_code, 400)`
			`self.assertEqual(response.json()['errors']['password'], 'Password is required')`
			`self.assertEqual(len(ExtendedUser.objects.all()), 2)`

			`def test_register_user_no_email(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'password': 'test'},`
			`content_type='application/json')`
			`self.assertEqual(response.status_code, 400)`
			`self.assertEqual(response.json()['errors']['email'], 'Email is required')`
			`self.assertEqual(len(ExtendedUser.objects.all()), 2)`

			`def test_register_user_duplicate_email(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/register/', {'username': 'testuser2', 'password': 'test', 'email': 'test'},`
			`content_type='application/json')`
			`self.assertEqual(response.status_code, 400)`
			`self.assertEqual(response.json()['errors']['email'], 'Email already exists')`
			`self.assertEqual(len(ExtendedUser.objects.all()), 2)`

			`def test_get_token(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/login/', {'username': 'testuser', 'password': 'test'},`
			`content_type='application/json')`
stash 2023-12-11 21:51:05 +00:00			`self.assertEqual(response.status_code, 200)`
			`self.assertTrue('token' in response.json())`
stash 2023-12-11 22:17:46 +00:00
			`def test_legacy_user(self):`
			`response = self.client.get('/api/2/users/1/')`
			`self.assertEqual(response.status_code, 200)`
			`self.assertEqual(response.json()['username'], settings.LEGACY_USER_NAME)`
			`self.assertEqual(response.json()['email'], 'mail@' + settings.MAIL_DOMAIN)`
			`self.assertEqual(response.json()['first_name'], '')`
			`self.assertEqual(response.json()['last_name'], '')`
			`self.assertEqual(response.json()['id'], 1)`

			`def test_get_legacy_user_token(self):`
			`anonymous = Client()`
			`response = anonymous.post('/api/2/login/', {`
			`'username': settings.LEGACY_USER_NAME, 'password': settings.LEGACY_USER_PASSWORD},`
			`content_type='application/json')`
			`self.assertEqual(response.status_code, 200)`
			`self.assertTrue('token' in response.json())`