jbiason
/
Lunch-O
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

check for non-JSON requests, missing fields and duplicate usernames

master
Julio Biason 11 years ago
parent
c01c39d87f
commit
3c4bf90bc5
3 changed files with 71 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      luncho/blueprints/users.py
  2. 10
      luncho/helpers.py
  3. 49
      tests/users_tests.py

21
luncho/blueprints/users.py
Unescape View File

@ -6,13 +6,13 @@
from flask import Blueprint from flask import Blueprint
from flask import request from flask import request
from flask import jsonify from flask import jsonify
# from flask import current_app
# from pony.orm import commit from sqlalchemy.exc import IntegrityError
from luncho.helpers import ForceJSON from luncho.helpers import ForceJSON
from luncho.server import User from luncho.server import User
from luncho.server import db
users = Blueprint('users', __name__) users = Blueprint('users', __name__)
@ -23,14 +23,19 @@ def create_user():
"""Create a new user. Request must be: """Create a new user. Request must be:
{ "username": "username", "full_name": "Full Name", "password": "hash" }""" { "username": "username", "full_name": "Full Name", "password": "hash" }"""
json = request.get_json(force=True) json = request.get_json(force=True)
# new_user = User(username=json['username'],
# fullname=json['full_name'], try:
# passhash=json['password'], new_user = User(username=json['username'],
# validated=False)
User(username=json['username'],
fullname=json['full_name'], fullname=json['full_name'],
passhash=json['password'], passhash=json['password'],
validated=False) validated=False)
# commit()
db.session.add(new_user)
db.session.commit()
return jsonify(status='OK') return jsonify(status='OK')
except IntegrityError:
resp = jsonify(status='ERROR',
error='username already exists')
resp.status_code = 409
return resp

10
luncho/helpers.py
Unescape View File

@ -18,8 +18,10 @@ class ForceJSON(object):
def check_json(*args, **kwargs): def check_json(*args, **kwargs):
json = request.get_json(force=True, silent=True) json = request.get_json(force=True, silent=True)
if not json: if not json:
return jsonify(status='ERROR', resp = jsonify(status='ERROR',
error='Request MUST be in JSON format'), 400 error='Request MUST be in JSON format')
resp.status_code = 400
return resp
# now we have the JSON, let's check if all the fields are here. # now we have the JSON, let's check if all the fields are here.
missing = [] missing = []
@ -30,8 +32,10 @@ class ForceJSON(object):
if missing: if missing:
fields = ', '.join(missing) fields = ', '.join(missing)
error = 'Missing fields: {fields}'.format(fields=fields) error = 'Missing fields: {fields}'.format(fields=fields)
return jsonify(status='ERROR', resp = jsonify(status='ERROR',
error=error) error=error)
resp.status_code = 400
return resp
return func(*args, **kwargs) return func(*args, **kwargs)
return check_json return check_json

49
tests/users_tests.py
Unescape View File

@ -15,21 +15,64 @@ class TestUsers(unittest.TestCase):
server.app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://' server.app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://'
server.app.config['TESTING'] = True server.app.config['TESTING'] = True
print server.app.config['SQLALCHEMY_DATABASE_URI']
self.app = server.app.test_client() self.app = server.app.test_client()
server.db.create_all()
# def tearDown(self): def tearDown(self):
# os.unlink(server.app.config['SQLITE_FILENAME']) server.db.drop_all(bind=None)
def test_create_user(self): def test_create_user(self):
"""Simple user creation."""
request = {'username': 'username', request = {'username': 'username',
'full_name': 'full name', 'full_name': 'full name',
'password': 'hash'} 'password': 'hash'}
rv = self.app.put('/user/', rv = self.app.put('/user/',
data=json.dumps(request), data=json.dumps(request),
content_type='application/json') content_type='application/json')
self.assertEqual(rv.status_code, 200) self.assertEqual(rv.status_code, 200)
self.assertEqual(json.loads(rv.data), {'status': 'OK'}) self.assertEqual(json.loads(rv.data), {'status': 'OK'})
def test_duplicate_user(self):
"""Check the status for trying to create a user that it is already
in the database."""
self.test_create_user() # create the first user
# now duplicate
request = {'username': 'username',
'full_name': 'full name',
'password': 'hash'}
rv = self.app.put('/user/',
data=json.dumps(request),
content_type='application/json')
expected = {"status": "ERROR",
"error": "username already exists"}
self.assertEqual(rv.status_code, 409)
self.assertEqual(json.loads(rv.data), expected)
def test_no_json(self):
"""Check the status when doing a request that it's not JSON."""
rv = self.app.put('/user/',
data='',
content_type='text/html')
expected = {"error": "Request MUST be in JSON format",
"status": "ERROR"}
self.assertEqual(rv.status_code, 400)
self.assertEqual(json.loads(rv.data), expected)
def test_missing_fields(self):
request = {'password': 'hash'}
rv = self.app.put('/user/',
data=json.dumps(request),
content_type='application/json')
resp = {'error': 'Missing fields: username, full_name',
'status': 'ERROR'}
self.assertEqual(rv.status_code, 400)
self.assertEqual(json.loads(rv.data), resp)
if __name__ == '__main__': if __name__ == '__main__':
unittest.main() unittest.main()

Write Preview
Loading…
Cancel
Save