Lunching for groups.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

618 lines
22 KiB

#!/usr/bin/env python
# -*- encoding: utf-8 -*-
import unittest
from json import loads
from luncho import server
from luncho.server import User
11 years ago
from luncho.server import Group
from luncho.server import Place
from base import LunchoTests
class TestGroups(LunchoTests):
"""Test groups requests."""
def setUp(self):
super(TestGroups, self).setUp()
# create a user to have a token
self.user = User(username='test',
fullname='Test User',
passhash='hash')
11 years ago
self.user.verified = True
server.db.session.add(self.user)
server.db.session.commit()
self.user.get_token()
return
def test_empty_list(self):
"""Get an empty list from a user without groups."""
rv = self.get('/group/', token=self.user.token)
self.assertJsonOk(rv, groups=[])
return
11 years ago
def test_create_group(self):
"""Test creating a group."""
request = {'name': 'Test group'}
rv = self.post('/group/',
request,
token=self.user.token)
self.assertJsonOk(rv, id=1)
return
11 years ago
def test_create_group_unverified_account(self):
"""Try creating a group with an account that's not verified yet."""
self.user.verified = False
server.db.session.commit()
request = {'name': 'Test group'}
rv = self.post('/group/',
request,
token=self.user.token)
self.assertJsonError(rv, 412, 'Account not verified')
return
def test_user_in_own_group(self):
"""The user must belong to a group it owns."""
token = self.user.token
self.test_create_group()
rv = self.get('/group/', token=token)
self.assertJsonOk(rv, groups=[{'id': 1,
'name': 'Test group',
'admin': True}])
return
11 years ago
def test_get_groups_unknown_token(self):
"""Request groups with an unknown token."""
rv = self.get('/group/', token='invalid')
11 years ago
self.assertJsonError(rv, 404, 'User not found (via token)')
return
11 years ago
def test_get_groups_expired_token(self):
"""Request groups with an expired token."""
self.user.token = 'expired'
server.db.session.commit()
rv = self.get('/group/', token=self.user.token)
11 years ago
self.assertJsonError(rv, 400, 'Invalid token')
return
11 years ago
def test_create_group_unknown_token(self):
"""Try to create a group with an invalid token."""
request = {'name': 'Test group'}
rv = self.post('/group/',
request,
token='invalid')
11 years ago
self.assertJsonError(rv, 404, 'User not found (via token)')
return
11 years ago
def test_create_group_expired_token(self):
self.user.token = 'expired'
server.db.session.commit()
request = {'name': 'Test group'}
rv = self.post('/group/',
request,
token=self.user.token)
11 years ago
self.assertJsonError(rv, 400, 'Invalid token')
return
11 years ago
11 years ago
class TestExistingGroups(LunchoTests):
"""Test for existing groups."""
def setUp(self):
super(TestExistingGroups, self).setUp()
# create a user to have a token
self.user = User(username='test',
fullname='Test User',
passhash='hash')
self.user.verified = True
server.db.session.add(self.user)
# create a group for the user
self.group = Group(name='Test group',
11 years ago
owner=self.user)
11 years ago
server.db.session.add(self.group)
server.db.session.commit()
self.user.get_token()
return
11 years ago
def tearDown(self):
super(TestExistingGroups, self).tearDown()
return
11 years ago
def test_update_name(self):
"""Change the group name."""
group_id = self.group.id
11 years ago
request = {'name': 'New test group'}
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
request,
token=self.user.token)
self.assertJsonOk(rv)
11 years ago
# check the database
group = Group.query.get(group_id)
11 years ago
self.assertEqual(group.name, request['name'])
return
11 years ago
11 years ago
def test_update_name_invalid_token(self):
"""Try to change the name with an unknown token."""
request = {'name': 'New test group'}
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
request,
token='invalid')
11 years ago
self.assertJsonError(rv, 404, 'User not found (via token)')
return
11 years ago
def test_update_name_expired_token(self):
"""Try to change the name with an expired token."""
self.user.token = 'expired'
server.db.session.commit()
request = {'name': 'New test group'}
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
request,
token=self.user.token)
11 years ago
self.assertJsonError(rv, 400, 'Invalid token')
return
11 years ago
11 years ago
def test_update_owner(self):
"""Change the group owner."""
new_user = User(username='another_user',
fullname='Another user',
passhash='hash')
server.db.session.add(new_user)
server.db.session.commit()
group_id = self.group.id
11 years ago
new_username = new_user.username
request = {'admin': new_user.username}
rv = self.put('/group/{group_id}/'.format(group_id=group_id),
request,
token=self.user.token)
self.assertJsonOk(rv)
11 years ago
# check the database
group = Group.query.get(group_id)
11 years ago
self.assertEqual(group.owner, new_username)
return
11 years ago
11 years ago
def test_update_owner_invalid(self):
"""Try to change the owner to a user that doesn't exist."""
request = {'admin': 'unknown'}
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
request,
token=self.user.token)
self.assertJsonError(rv, 404, 'New admin not found')
return
11 years ago
11 years ago
def test_update_unknown_group(self):
"""Try to update a group that doesn't exist."""
group_id = self.group.id + 10
11 years ago
request = {'name': 'New test group'}
rv = self.put('/group/{group_id}/'.format(group_id=group_id),
request,
token=self.user.token)
self.assertJsonError(rv, 404, 'Group not found')
return
11 years ago
def test_not_admin(self):
"""Try to update with a user that it is not the group admin."""
new_user = self.create_user(name='another_user',
fullname='Another user',
passhash='hash',
verified=True,
create_token=True)
request = {'name': 'A new name'}
rv = self.put('/group/{group_id}/'.format(group_id=self.group.id),
request,
token=new_user.token)
self.assertJsonError(rv, 403, 'User is not admin')
return
11 years ago
def test_delete_group(self):
"""Delete a group."""
group_id = self.group.id
rv = self.delete('/group/{group_id}/'.format(group_id=group_id),
token=self.user.token)
self.assertJsonOk(rv)
return
11 years ago
def test_delete_unknown_group(self):
"""Delete a group that doesn't exist."""
group_id = self.group.id + 10
rv = self.delete('/group/{group_id}/'.format(group_id=group_id),
token=self.user.token)
self.assertJsonError(rv, 404, 'Group not found')
return
11 years ago
def test_delete_not_admin(self):
"""Try to delete a group when the user is not the admin."""
new_user = User(username='another_user',
fullname='Another user',
passhash='hash')
server.db.session.add(new_user)
server.db.session.commit()
new_user.get_token()
rv = self.delete('/group/{group_id}/'.format(group_id=self.group.id),
token=new_user.token)
self.assertJsonError(rv, 403, 'User is not admin')
return
11 years ago
11 years ago
def test_delete_invalid_token(self):
"""Try to delete a group with an unknown token."""
rv = self.delete('/group/{group_id}/'.format(group_id=self.group.id),
token='invalid')
11 years ago
self.assertJsonError(rv, 404, 'User not found (via token)')
return
11 years ago
class TestUsersInGroup(LunchoTests):
"""Tests for managing users in the group."""
def setUp(self):
super(TestUsersInGroup, self).setUp()
# create a user to have a token
self.user = User(username='test',
fullname='Test User',
passhash='hash')
self.user.verified = True
server.db.session.add(self.user)
# create a group for the user
self.group = Group(name='Test group',
11 years ago
owner=self.user)
server.db.session.add(self.group)
self.user.groups.append(self.group)
server.db.session.commit()
self.user.get_token()
return
def tearDown(self):
super(TestUsersInGroup, self).tearDown()
return
def test_add_user(self):
"""Try to add another user in the group."""
new_user = User(username='another_user',
fullname='Another user',
passhash='hash')
server.db.session.add(new_user)
server.db.session.commit()
request = {'usernames': [new_user.username]}
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
rv = self.post(url,
request,
token=self.user.token)
self.assertJsonOk(rv)
return
def test_add_no_owner(self):
"""Try to add users without being the group admin."""
new_user = User(username='another_user',
fullname='Another user',
passhash='hash')
server.db.session.add(new_user)
server.db.session.commit()
new_user.get_token()
request = {'usernames': [new_user.username]}
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
rv = self.post(url,
request,
token=new_user.token)
self.assertJsonError(rv, 403, 'User is not admin')
return
def test_add_no_such_user(self):
"""Try to add an unknown user to the group."""
request = {'usernames': ['unknown']}
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
rv = self.post(url,
request,
token=self.user.token)
# not finding users still returns a 200, but with the users in the
# "not_found" field
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('not_found' in json)
self.assertTrue('unknown' in json['not_found'])
return
def test_add_unknown_group(self):
"""Try to add users to some unknown group."""
# the usernames are worthless, group not found should kick first
request = {'usernames': ['unkonwn']}
group_id = self.group.id + 10
rv = self.post('/group/{group_id}/users/'.format(group_id=group_id),
request,
token=self.user.token)
self.assertJsonError(rv, 404, 'Group not found')
return
def test_get_members(self):
"""Try to get a list of group members."""
username = self.user.username
fullname = self.user.fullname
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
rv = self.get(url,
token=self.user.token)
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('users' in json)
self.assertEqual(len(json['users']), 1) # just the owner
self.assertEqual(json['users'][0]['username'], username)
self.assertEqual(json['users'][0]['full_name'], fullname)
return
def test_get_members_by_member(self):
"""Non admin user requests the list of group members."""
new_user = User(username='another_user',
fullname='Another user',
passhash='hash')
server.db.session.add(new_user)
new_user.groups.append(self.group)
server.db.session.commit()
new_user.get_token()
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
rv = self.get(url,
token=new_user.token)
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('users' in json)
self.assertEqual(len(json['users']), 2) # owner and new user
return
def test_get_members_by_non_member(self):
"""A user that is not part of the group ask for members."""
new_user = User(username='another_user',
fullname='Another user',
passhash='hash')
server.db.session.add(new_user)
server.db.session.commit()
new_user.get_token()
url = '/group/{group_id}/users/'.format(group_id=self.group.id)
rv = self.get(url,
token=new_user.token)
self.assertJsonError(rv, 403, 'User is not member of this group')
return
def test_unknown_group(self):
"""Test trying to get members of a group that doesn't exist."""
group_id = self.group.id + 10
rv = self.get('/group/{group_id}/users/'.format(group_id=group_id),
token=self.user.token)
self.assertJsonError(rv, 404, 'Group not found')
return
class TestPlacesInGroup(LunchoTests):
"""Test the integration between groups and places."""
def setUp(self):
super(TestPlacesInGroup, self).setUp()
self.default_user()
return
def tearDown(self):
super(TestPlacesInGroup, self).tearDown()
return
def _group(self):
"""Add a default group."""
group = Group(name='Test group',
owner=self.user)
server.db.session.add(group)
self.user.groups.append(group)
server.db.session.commit()
return group
def _place(self, user=None):
"""Add a default place, linked to the user."""
if not user:
user = self.user
place = Place(name='Place',
owner=user)
server.db.session.add(place)
server.db.session.commit()
return place
def test_add_place(self):
"""Add a place to the group."""
place = self._place()
group = self._group()
request = {'places': [place.id]}
group_id = group.id
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
request,
token=self.user.token)
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('rejected' in json)
self.assertFalse(json['rejected']) # the list should be empty (False)
self.assertTrue('not_found' in json)
self.assertFalse(json['not_found'])
return
def test_add_place_of_member(self):
"""Add a place that belongs to a member of the group."""
new_user = self.create_user(name='newuser',
fullname='new user',
verified=True)
group = self._group() # group belongs to self.user
group.users.append(new_user)
place = self._place(new_user) # place belongs to new_user
request = {'places': [place.id]}
group_id = group.id
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
request,
token=self.user.token)
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('rejected' in json)
self.assertFalse(json['rejected'])
def test_add_place_of_non_member(self):
"""Add a place that belongs to seomeone not in the group."""
new_user = self.create_user(name='newuser',
fullname='new user',
verified=True)
group = self._group() # group belongs to self.user
place = self._place(new_user) # place belongs to new_user
place_id = place.id
request = {'places': [place.id]}
group_id = group.id
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
request,
token=self.user.token)
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('rejected' in json)
self.assertTrue(place_id in json['rejected'])
return
def test_add_place_unkown_group(self):
"""Add a place to a group that doesn't exist."""
place = self._place()
request = {'places': [place.id]}
rv = self.post('/group/{group_id}/places/'.format(group_id=100),
request,
token=self.user.token)
self.assertJsonError(rv, 404, 'Group not found')
return
def test_add_place_non_admin(self):
"""Try to add a place with a user that's not the group admin."""
new_user = self.create_user(name='newUser',
fullname='new user',
verified=True,
create_token=True)
group = self._group()
place = self._place(new_user) # just make sure the user owns it
request = {'places': [place.id]}
rv = self.post('/group/{group_id}/places/'.format(group_id=group.id),
request,
token=new_user.token)
self.assertJsonError(rv, 403, 'User is not admin')
return
def test_add_unknown_place(self):
"""Try to add a place that doesn't exist."""
group = self._group()
request = {'places': [100]}
group_id = group.id
rv = self.post('/group/{group_id}/places/'.format(group_id=group_id),
request,
token=self.user.token)
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('rejected' in json)
self.assertFalse(json['rejected']) # can't be rejected
self.assertTrue('not_found' in json)
self.assertEquals(len(json['not_found']), 1) # the place itself
return
def test_get_group_places(self):
"""Try to get a list of places in the group."""
group = self._group()
place = self._place()
group.places.append(place)
server.db.session.commit()
rv = self.get('/group/{group_id}/places/'.format(group_id=group.id),
token=self.user.token)
self.assertJsonOk(rv)
json = loads(rv.data)
self.assertTrue('places' in json)
self.assertEquals(place.id, json['places'][0]['id'])
return
def test_get_places_unknown_group(self):
"""Try to get the places of a group that doesn't exist."""
rv = self.get('/group/{group_id}/places/'.format(group_id=100),
token=self.user.token)
self.assertJsonError(rv, 404, 'Group not found')
return
def test_group_get_places_non_member(self):
"""Non member tries to get the group places."""
new_user = self.create_user(name='newUser',
fullname='New User',
verified=True,
create_token=True)
group = self._group()
place = self._place()
group.places.append(place)
server.db.session.commit()
rv = self.get('/group/{group_id}/places/'.format(group_id=group.id),
token=new_user.token)
self.assertJsonError(rv, 403, 'User is not member of this group')
return
def test_delete_place(self):
"""Delete a place from a group."""
group = self._group()
place = self._place()
group.places.append(place)
server.db.session.commit()
group_id = group.id
place_id = place.id
url = '/group/{group_id}/places/{place_id}/'.format(
group_id=group_id, place_id=place_id)
rv = self.delete(url,
token=self.user.token)
self.assertJsonOk(rv)
# check if it was really removed in the database
group = Group.query.get(group_id)
for place in group.places:
if place.id == place_id:
self.fail('Place still connected to group')
return
def test_delete_unknown_group(self):
"""Try to delete a place of a group that doesn't exist."""
url = '/group/{group_id}/places/{place_id}/'.format(
group_id=100, place_id=100)
rv = self.delete(url, token=self.user.token)
self.assertJsonError(rv, 404, 'Group not found')
return
def test_delete_unknown_place(self):
"""Try to delete a place that doesn't belong to the group."""
group = self._group()
url = '/group/{group_id}/places/{place_id}/'.format(
group_id=group.id, place_id=100)
rv = self.delete(url, token=self.user.token)
self.assertJsonError(rv, 404, 'Place not found')
return
if __name__ == '__main__':
unittest.main()