|
|
|
|
#!/usr/bin/env python
|
|
|
|
|
# -*- encoding: utf-8 -*-
|
|
|
|
|
|
|
|
|
|
import unittest
|
|
|
|
|
|
|
|
|
|
from json import loads
|
|
|
|
|
|
|
|
|
|
from luncho import server
|
|
|
|
|
|
|
|
|
|
from luncho.server import User
|
|
|
|
|
from luncho.server import Group
|
|
|
|
|
from luncho.server import Place
|
|
|
|
|
|
|
|
|
|
from base import LunchoTests
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestGroups(LunchoTests):
|
|
|
|
|
"""Test groups requests."""
|
|
|
|
|
|
|
|
|
|
def setUp(self):
|
|
|
|
|
super(TestGroups, self).setUp()
|
|
|
|
|
# create a user to have a token
|
|
|
|
|
self.user = User(username='test',
|
|
|
|
|
fullname='Test User',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
self.user.verified = True
|
|
|
|
|
server.db.session.add(self.user)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
self.user.get_token()
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_empty_list(self):
|
|
|
|
|
"""Get an empty list from a user without groups."""
|
|
|
|
|
rv = self.get('/group/', token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv, groups=[])
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_create_group(self):
|
|
|
|
|
"""Test creating a group."""
|
|
|
|
|
request = {'name': 'Test group'}
|
|
|
|
|
rv = self.post('/group/',
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv, id=1)
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_create_group_unverified_account(self):
|
|
|
|
|
"""Try creating a group with an account that's not verified yet."""
|
|
|
|
|
self.user.verified = False
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
request = {'name': 'Test group'}
|
|
|
|
|
rv = self.post('/group/',
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 412, 'Account not verified')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_user_in_own_group(self):
|
|
|
|
|
"""The user must belong to a group it owns."""
|
|
|
|
|
token = self.user.token
|
|
|
|
|
self.test_create_group()
|
|
|
|
|
rv = self.get('/group/', token=token)
|
|
|
|
|
self.assertJsonOk(rv, groups=[{'id': 1,
|
|
|
|
|
'name': 'Test group',
|
|
|
|
|
'admin': True}])
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_get_groups_unknown_token(self):
|
|
|
|
|
"""Request groups with an unknown token."""
|
|
|
|
|
rv = self.get('/group/', token='invalid')
|
|
|
|
|
self.assertJsonError(rv, 404, 'User not found (via token)')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_get_groups_expired_token(self):
|
|
|
|
|
"""Request groups with an expired token."""
|
|
|
|
|
self.user.token = 'expired'
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
rv = self.get('/group/', token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 400, 'Invalid token')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_create_group_unknown_token(self):
|
|
|
|
|
"""Try to create a group with an invalid token."""
|
|
|
|
|
request = {'name': 'Test group'}
|
|
|
|
|
rv = self.post('/group/',
|
|
|
|
|
request,
|
|
|
|
|
token='invalid')
|
|
|
|
|
self.assertJsonError(rv, 404, 'User not found (via token)')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_create_group_expired_token(self):
|
|
|
|
|
self.user.token = 'expired'
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
request = {'name': 'Test group'}
|
|
|
|
|
rv = self.post('/group/',
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 400, 'Invalid token')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestExistingGroups(LunchoTests):
|
|
|
|
|
"""Test for existing groups."""
|
|
|
|
|
def setUp(self):
|
|
|
|
|
super(TestExistingGroups, self).setUp()
|
|
|
|
|
# create a user to have a token
|
|
|
|
|
self.user = User(username='test',
|
|
|
|
|
fullname='Test User',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
self.user.verified = True
|
|
|
|
|
server.db.session.add(self.user)
|
|
|
|
|
|
|
|
|
|
# create a group for the user
|
|
|
|
|
self.group = Group(name='Test group',
|
|
|
|
|
owner=self.user)
|
|
|
|
|
server.db.session.add(self.group)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
self.user.get_token()
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def tearDown(self):
|
|
|
|
|
super(TestExistingGroups, self).tearDown()
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_update_name(self):
|
|
|
|
|
"""Change the group name."""
|
|
|
|
|
group_id = self.group.id
|
|
|
|
|
request = {'name': 'New test group'}
|
|
|
|
|
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
|
|
|
|
|
# check the database
|
|
|
|
|
group = Group.query.get(group_id)
|
|
|
|
|
self.assertEqual(group.name, request['name'])
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_update_name_invalid_token(self):
|
|
|
|
|
"""Try to change the name with an unknown token."""
|
|
|
|
|
request = {'name': 'New test group'}
|
|
|
|
|
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
|
|
|
|
|
request,
|
|
|
|
|
token='invalid')
|
|
|
|
|
self.assertJsonError(rv, 404, 'User not found (via token)')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_update_name_expired_token(self):
|
|
|
|
|
"""Try to change the name with an expired token."""
|
|
|
|
|
self.user.token = 'expired'
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
request = {'name': 'New test group'}
|
|
|
|
|
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 400, 'Invalid token')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_update_owner(self):
|
|
|
|
|
"""Change the group owner."""
|
|
|
|
|
new_user = User(username='another_user',
|
|
|
|
|
fullname='Another user',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
server.db.session.add(new_user)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
group_id = self.group.id
|
|
|
|
|
new_username = new_user.username
|
|
|
|
|
|
|
|
|
|
request = {'admin': new_user.username}
|
|
|
|
|
rv = self.put('/group/{group_id}/'.format(group_id=group_id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
|
|
|
|
|
# check the database
|
|
|
|
|
group = Group.query.get(group_id)
|
|
|
|
|
self.assertEqual(group.owner, new_username)
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_update_owner_invalid(self):
|
|
|
|
|
"""Try to change the owner to a user that doesn't exist."""
|
|
|
|
|
request = {'admin': 'unknown'}
|
|
|
|
|
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'New admin not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_update_unknown_group(self):
|
|
|
|
|
"""Try to update a group that doesn't exist."""
|
|
|
|
|
group_id = self.group.id + 10
|
|
|
|
|
request = {'name': 'New test group'}
|
|
|
|
|
rv = self.put('/group/{group_id}/'.format(group_id=group_id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Group not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_not_admin(self):
|
|
|
|
|
"""Try to update with a user that it is not the group admin."""
|
|
|
|
|
new_user = self.create_user(name='another_user',
|
|
|
|
|
fullname='Another user',
|
|
|
|
|
passhash='hash',
|
|
|
|
|
verified=True,
|
|
|
|
|
create_token=True)
|
|
|
|
|
request = {'name': 'A new name'}
|
|
|
|
|
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
|
|
|
|
|
request,
|
|
|
|
|
token=new_user.token)
|
|
|
|
|
self.assertJsonError(rv, 403, 'User is not admin')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_delete_group(self):
|
|
|
|
|
"""Delete a group."""
|
|
|
|
|
group_id = self.group.id
|
|
|
|
|
rv = self.delete('/group/{group_id}/'.format(group_id=group_id),
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_delete_unknown_group(self):
|
|
|
|
|
"""Delete a group that doesn't exist."""
|
|
|
|
|
group_id = self.group.id + 10
|
|
|
|
|
rv = self.delete('/group/{group_id}/'.format(group_id=group_id),
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Group not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_delete_not_admin(self):
|
|
|
|
|
"""Try to delete a group when the user is not the admin."""
|
|
|
|
|
new_user = User(username='another_user',
|
|
|
|
|
fullname='Another user',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
server.db.session.add(new_user)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
new_user.get_token()
|
|
|
|
|
|
|
|
|
|
rv = self.delete('/group/{group_id}/'.format(group_id=self.group.id),
|
|
|
|
|
token=new_user.token)
|
|
|
|
|
self.assertJsonError(rv, 403, 'User is not admin')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_delete_invalid_token(self):
|
|
|
|
|
"""Try to delete a group with an unknown token."""
|
|
|
|
|
rv = self.delete('/group/{group_id}/'.format(group_id=self.group.id),
|
|
|
|
|
token='invalid')
|
|
|
|
|
self.assertJsonError(rv, 404, 'User not found (via token)')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestUsersInGroup(LunchoTests):
|
|
|
|
|
"""Tests for managing users in the group."""
|
|
|
|
|
def setUp(self):
|
|
|
|
|
super(TestUsersInGroup, self).setUp()
|
|
|
|
|
# create a user to have a token
|
|
|
|
|
self.user = User(username='test',
|
|
|
|
|
fullname='Test User',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
self.user.verified = True
|
|
|
|
|
server.db.session.add(self.user)
|
|
|
|
|
|
|
|
|
|
# create a group for the user
|
|
|
|
|
self.group = Group(name='Test group',
|
|
|
|
|
owner=self.user)
|
|
|
|
|
server.db.session.add(self.group)
|
|
|
|
|
|
|
|
|
|
self.user.groups.append(self.group)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
self.user.get_token()
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def tearDown(self):
|
|
|
|
|
super(TestUsersInGroup, self).tearDown()
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_user(self):
|
|
|
|
|
"""Try to add another user in the group."""
|
|
|
|
|
new_user = User(username='another_user',
|
|
|
|
|
fullname='Another user',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
server.db.session.add(new_user)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
request = {'usernames': [new_user.username]}
|
|
|
|
|
|
|
|
|
|
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
|
|
|
|
|
rv = self.post(url,
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_no_owner(self):
|
|
|
|
|
"""Try to add users without being the group admin."""
|
|
|
|
|
new_user = User(username='another_user',
|
|
|
|
|
fullname='Another user',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
server.db.session.add(new_user)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
new_user.get_token()
|
|
|
|
|
|
|
|
|
|
request = {'usernames': [new_user.username]}
|
|
|
|
|
|
|
|
|
|
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
|
|
|
|
|
rv = self.post(url,
|
|
|
|
|
request,
|
|
|
|
|
token=new_user.token)
|
|
|
|
|
self.assertJsonError(rv, 403, 'User is not admin')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_no_such_user(self):
|
|
|
|
|
"""Try to add an unknown user to the group."""
|
|
|
|
|
request = {'usernames': ['unknown']}
|
|
|
|
|
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
|
|
|
|
|
rv = self.post(url,
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
|
|
|
|
|
# not finding users still returns a 200, but with the users in the
|
|
|
|
|
# "not_found" field
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('not_found' in json)
|
|
|
|
|
self.assertTrue('unknown' in json['not_found'])
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_unknown_group(self):
|
|
|
|
|
"""Try to add users to some unknown group."""
|
|
|
|
|
# the usernames are worthless, group not found should kick first
|
|
|
|
|
request = {'usernames': ['unkonwn']}
|
|
|
|
|
group_id = self.group.id + 10
|
|
|
|
|
rv = self.post('/group/{group_id}/users/'.format(group_id=group_id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Group not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_get_members(self):
|
|
|
|
|
"""Try to get a list of group members."""
|
|
|
|
|
username = self.user.username
|
|
|
|
|
fullname = self.user.fullname
|
|
|
|
|
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
|
|
|
|
|
rv = self.get(url,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('users' in json)
|
|
|
|
|
self.assertEqual(len(json['users']), 1) # just the owner
|
|
|
|
|
self.assertEqual(json['users'][0]['username'], username)
|
|
|
|
|
self.assertEqual(json['users'][0]['full_name'], fullname)
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_get_members_by_member(self):
|
|
|
|
|
"""Non admin user requests the list of group members."""
|
|
|
|
|
new_user = User(username='another_user',
|
|
|
|
|
fullname='Another user',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
server.db.session.add(new_user)
|
|
|
|
|
new_user.groups.append(self.group)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
new_user.get_token()
|
|
|
|
|
|
|
|
|
|
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
|
|
|
|
|
rv = self.get(url,
|
|
|
|
|
token=new_user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('users' in json)
|
|
|
|
|
self.assertEqual(len(json['users']), 2) # owner and new user
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_get_members_by_non_member(self):
|
|
|
|
|
"""A user that is not part of the group ask for members."""
|
|
|
|
|
new_user = User(username='another_user',
|
|
|
|
|
fullname='Another user',
|
|
|
|
|
passhash='hash')
|
|
|
|
|
server.db.session.add(new_user)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
new_user.get_token()
|
|
|
|
|
|
|
|
|
|
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
|
|
|
|
|
rv = self.get(url,
|
|
|
|
|
token=new_user.token)
|
|
|
|
|
self.assertJsonError(rv, 403, 'User is not member of this group')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_unknown_group(self):
|
|
|
|
|
"""Test trying to get members of a group that doesn't exist."""
|
|
|
|
|
group_id = self.group.id + 10
|
|
|
|
|
rv = self.get('/group/{group_id}/users/'.format(group_id=group_id),
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Group not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestPlacesInGroup(LunchoTests):
|
|
|
|
|
"""Test the integration between groups and places."""
|
|
|
|
|
|
|
|
|
|
def setUp(self):
|
|
|
|
|
super(TestPlacesInGroup, self).setUp()
|
|
|
|
|
self.default_user()
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def tearDown(self):
|
|
|
|
|
super(TestPlacesInGroup, self).tearDown()
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def _group(self):
|
|
|
|
|
"""Add a default group."""
|
|
|
|
|
group = Group(name='Test group',
|
|
|
|
|
owner=self.user)
|
|
|
|
|
server.db.session.add(group)
|
|
|
|
|
self.user.groups.append(group)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
return group
|
|
|
|
|
|
|
|
|
|
def _place(self, user=None):
|
|
|
|
|
"""Add a default place, linked to the user."""
|
|
|
|
|
if not user:
|
|
|
|
|
user = self.user
|
|
|
|
|
|
|
|
|
|
place = Place(name='Place',
|
|
|
|
|
owner=user)
|
|
|
|
|
server.db.session.add(place)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
return place
|
|
|
|
|
|
|
|
|
|
def test_add_place(self):
|
|
|
|
|
"""Add a place to the group."""
|
|
|
|
|
place = self._place()
|
|
|
|
|
group = self._group()
|
|
|
|
|
|
|
|
|
|
request = {'places': [place.id]}
|
|
|
|
|
group_id = group.id
|
|
|
|
|
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('rejected' in json)
|
|
|
|
|
self.assertFalse(json['rejected']) # the list should be empty (False)
|
|
|
|
|
|
|
|
|
|
self.assertTrue('not_found' in json)
|
|
|
|
|
self.assertFalse(json['not_found'])
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_place_of_member(self):
|
|
|
|
|
"""Add a place that belongs to a member of the group."""
|
|
|
|
|
new_user = self.create_user(name='newuser',
|
|
|
|
|
fullname='new user',
|
|
|
|
|
verified=True)
|
|
|
|
|
group = self._group() # group belongs to self.user
|
|
|
|
|
group.users.append(new_user)
|
|
|
|
|
place = self._place(new_user) # place belongs to new_user
|
|
|
|
|
|
|
|
|
|
request = {'places': [place.id]}
|
|
|
|
|
group_id = group.id
|
|
|
|
|
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('rejected' in json)
|
|
|
|
|
self.assertFalse(json['rejected'])
|
|
|
|
|
|
|
|
|
|
def test_add_place_of_non_member(self):
|
|
|
|
|
"""Add a place that belongs to seomeone not in the group."""
|
|
|
|
|
new_user = self.create_user(name='newuser',
|
|
|
|
|
fullname='new user',
|
|
|
|
|
verified=True)
|
|
|
|
|
group = self._group() # group belongs to self.user
|
|
|
|
|
place = self._place(new_user) # place belongs to new_user
|
|
|
|
|
place_id = place.id
|
|
|
|
|
|
|
|
|
|
request = {'places': [place.id]}
|
|
|
|
|
group_id = group.id
|
|
|
|
|
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('rejected' in json)
|
|
|
|
|
self.assertTrue(place_id in json['rejected'])
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_place_unkown_group(self):
|
|
|
|
|
"""Add a place to a group that doesn't exist."""
|
|
|
|
|
place = self._place()
|
|
|
|
|
request = {'places': [place.id]}
|
|
|
|
|
rv = self.post('/group/{group_id}/places/'.format(group_id=100),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Group not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_place_non_admin(self):
|
|
|
|
|
"""Try to add a place with a user that's not the group admin."""
|
|
|
|
|
new_user = self.create_user(name='newUser',
|
|
|
|
|
fullname='new user',
|
|
|
|
|
verified=True,
|
|
|
|
|
create_token=True)
|
|
|
|
|
group = self._group()
|
|
|
|
|
place = self._place(new_user) # just make sure the user owns it
|
|
|
|
|
|
|
|
|
|
request = {'places': [place.id]}
|
|
|
|
|
rv = self.post('/group/{group_id}/places/'.format(group_id=group.id),
|
|
|
|
|
request,
|
|
|
|
|
token=new_user.token)
|
|
|
|
|
self.assertJsonError(rv, 403, 'User is not admin')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_add_unknown_place(self):
|
|
|
|
|
"""Try to add a place that doesn't exist."""
|
|
|
|
|
group = self._group()
|
|
|
|
|
|
|
|
|
|
request = {'places': [100]}
|
|
|
|
|
group_id = group.id
|
|
|
|
|
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
|
|
|
|
|
request,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('rejected' in json)
|
|
|
|
|
self.assertFalse(json['rejected']) # can't be rejected
|
|
|
|
|
|
|
|
|
|
self.assertTrue('not_found' in json)
|
|
|
|
|
self.assertEquals(len(json['not_found']), 1) # the place itself
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_get_group_places(self):
|
|
|
|
|
"""Try to get a list of places in the group."""
|
|
|
|
|
group = self._group()
|
|
|
|
|
place = self._place()
|
|
|
|
|
group.places.append(place)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
rv = self.get('/group/{group_id}/places/'.format(group_id=group.id),
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
json = loads(rv.data)
|
|
|
|
|
self.assertTrue('places' in json)
|
|
|
|
|
self.assertEquals(place.id, json['places'][0]['id'])
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_get_places_unknown_group(self):
|
|
|
|
|
"""Try to get the places of a group that doesn't exist."""
|
|
|
|
|
rv = self.get('/group/{group_id}/places/'.format(group_id=100),
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Group not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_group_get_places_non_member(self):
|
|
|
|
|
"""Non member tries to get the group places."""
|
|
|
|
|
new_user = self.create_user(name='newUser',
|
|
|
|
|
fullname='New User',
|
|
|
|
|
verified=True,
|
|
|
|
|
create_token=True)
|
|
|
|
|
group = self._group()
|
|
|
|
|
place = self._place()
|
|
|
|
|
group.places.append(place)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
rv = self.get('/group/{group_id}/places/'.format(group_id=group.id),
|
|
|
|
|
token=new_user.token)
|
|
|
|
|
self.assertJsonError(rv, 403, 'User is not member of this group')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_delete_place(self):
|
|
|
|
|
"""Delete a place from a group."""
|
|
|
|
|
group = self._group()
|
|
|
|
|
place = self._place()
|
|
|
|
|
group.places.append(place)
|
|
|
|
|
server.db.session.commit()
|
|
|
|
|
|
|
|
|
|
group_id = group.id
|
|
|
|
|
place_id = place.id
|
|
|
|
|
|
|
|
|
|
url = '/group/{group_id}/places/{place_id}/'.format(
|
|
|
|
|
group_id=group_id, place_id=place_id)
|
|
|
|
|
rv = self.delete(url,
|
|
|
|
|
token=self.user.token)
|
|
|
|
|
|
|
|
|
|
self.assertJsonOk(rv)
|
|
|
|
|
|
|
|
|
|
# check if it was really removed in the database
|
|
|
|
|
group = Group.query.get(group_id)
|
|
|
|
|
for place in group.places:
|
|
|
|
|
if place.id == place_id:
|
|
|
|
|
self.fail('Place still connected to group')
|
|
|
|
|
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_delete_unknown_group(self):
|
|
|
|
|
"""Try to delete a place of a group that doesn't exist."""
|
|
|
|
|
url = '/group/{group_id}/places/{place_id}/'.format(
|
|
|
|
|
group_id=100, place_id=100)
|
|
|
|
|
rv = self.delete(url, token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Group not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def test_delete_unknown_place(self):
|
|
|
|
|
"""Try to delete a place that doesn't belong to the group."""
|
|
|
|
|
group = self._group()
|
|
|
|
|
url = '/group/{group_id}/places/{place_id}/'.format(
|
|
|
|
|
group_id=group.id, place_id=100)
|
|
|
|
|
rv = self.delete(url, token=self.user.token)
|
|
|
|
|
self.assertJsonError(rv, 404, 'Place not found')
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
|
unittest.main()
|
