You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
339 lines
12 KiB
339 lines
12 KiB
#!/usr/bin/env python |
|
# -*- encoding: utf-8 -*- |
|
|
|
import unittest |
|
|
|
from json import loads |
|
|
|
from luncho import server |
|
|
|
from luncho.server import User |
|
from luncho.server import Group |
|
|
|
from base import LunchoTests |
|
|
|
|
|
class TestGroups(LunchoTests): |
|
"""Test groups requests.""" |
|
|
|
def setUp(self): |
|
super(TestGroups, self).setUp() |
|
# create a user to have a token |
|
self.user = User(username='test', |
|
fullname='Test User', |
|
passhash='hash') |
|
self.user.verified = True |
|
server.db.session.add(self.user) |
|
server.db.session.commit() |
|
self.user.get_token() |
|
return |
|
|
|
def test_empty_list(self): |
|
"""Get an empty list from a user without groups.""" |
|
rv = self.get('/group/', token=self.user.token) |
|
self.assertJsonOk(rv, groups=[]) |
|
|
|
def test_create_group(self): |
|
"""Test creating a group.""" |
|
request = {'name': 'Test group'} |
|
rv = self.put('/group/', |
|
request, |
|
token=self.user.token) |
|
self.assertJsonOk(rv, id=1) |
|
|
|
def test_create_group_unverified_account(self): |
|
"""Try creating a group with an account that's not verified yet.""" |
|
self.user.verified = False |
|
server.db.session.commit() |
|
|
|
request = {'name': 'Test group'} |
|
rv = self.put('/group/', |
|
request, |
|
token=self.user.token) |
|
self.assertJsonError(rv, 412, 'Account not verified') |
|
|
|
def test_user_in_own_group(self): |
|
"""The user must belong to a group it owns.""" |
|
token = self.user.token |
|
self.test_create_group() |
|
rv = self.get('/group/', token=token) |
|
self.assertJsonOk(rv, groups=[{'id': 1, |
|
'name': 'Test group', |
|
'admin': True}]) |
|
|
|
def test_get_groups_unknown_token(self): |
|
"""Request groups with an unknown token.""" |
|
rv = self.get('/group/', token='invalid') |
|
self.assertJsonError(rv, 404, 'User not found (via token)') |
|
|
|
def test_get_groups_expired_token(self): |
|
"""Request groups with an expired token.""" |
|
self.user.token = 'expired' |
|
server.db.session.commit() |
|
|
|
rv = self.get('/group/', token=self.user.token) |
|
self.assertJsonError(rv, 400, 'Invalid token') |
|
|
|
def test_create_group_unknown_token(self): |
|
"""Try to create a group with an invalid token.""" |
|
request = {'name': 'Test group'} |
|
rv = self.put('/group/', |
|
request, |
|
token='invalid') |
|
self.assertJsonError(rv, 404, 'User not found (via token)') |
|
|
|
def test_create_group_expired_token(self): |
|
self.user.token = 'expired' |
|
server.db.session.commit() |
|
|
|
request = {'name': 'Test group'} |
|
rv = self.put('/group/', |
|
request, |
|
token=self.user.token) |
|
self.assertJsonError(rv, 400, 'Invalid token') |
|
|
|
|
|
class TestExistingGroups(LunchoTests): |
|
"""Test for existing groups.""" |
|
def setUp(self): |
|
super(TestExistingGroups, self).setUp() |
|
# create a user to have a token |
|
self.user = User(username='test', |
|
fullname='Test User', |
|
passhash='hash') |
|
self.user.verified = True |
|
server.db.session.add(self.user) |
|
|
|
# create a group for the user |
|
self.group = Group(name='Test group', |
|
owner=self.user) |
|
server.db.session.add(self.group) |
|
server.db.session.commit() |
|
self.user.get_token() |
|
|
|
def tearDown(self): |
|
super(TestExistingGroups, self).tearDown() |
|
|
|
def test_update_name(self): |
|
"""Change the group name.""" |
|
groupId = self.group.id |
|
request = {'name': 'New test group'} |
|
rv = self.post('/group/{groupId}/'.format(groupId=self.group.id), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonOk(rv) |
|
|
|
# check the database |
|
group = Group.query.get(groupId) |
|
self.assertEqual(group.name, request['name']) |
|
|
|
def test_update_name_invalid_token(self): |
|
"""Try to change the name with an unknown token.""" |
|
request = {'name': 'New test group'} |
|
rv = self.post('/group/{groupId}/'.format(groupId=self.group.id), |
|
request, |
|
token='invalid') |
|
self.assertJsonError(rv, 404, 'User not found (via token)') |
|
|
|
def test_update_name_expired_token(self): |
|
"""Try to change the name with an expired token.""" |
|
self.user.token = 'expired' |
|
server.db.session.commit() |
|
|
|
request = {'name': 'New test group'} |
|
rv = self.post('/group/{groupId}/'.format(groupId=self.group.id), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonError(rv, 400, 'Invalid token') |
|
|
|
def test_update_owner(self): |
|
"""Change the group owner.""" |
|
new_user = User(username='another_user', |
|
fullname='Another user', |
|
passhash='hash') |
|
server.db.session.add(new_user) |
|
server.db.session.commit() |
|
|
|
groupId = self.group.id |
|
new_username = new_user.username |
|
|
|
request = {'admin': new_user.username} |
|
rv = self.post('/group/{groupId}/'.format(groupId=groupId), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonOk(rv) |
|
|
|
# check the database |
|
group = Group.query.get(groupId) |
|
self.assertEqual(group.owner, new_username) |
|
|
|
def test_update_owner_invalid(self): |
|
"""Try to change the owner to a user that doesn't exist.""" |
|
request = {'admin': 'unknown'} |
|
rv = self.post('/group/{groupId}/'.format(groupId=self.group.id), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonError(rv, 404, 'New admin not found') |
|
|
|
def test_update_unknown_group(self): |
|
"""Try to update a group that doesn't exist.""" |
|
groupId = self.group.id + 10 |
|
request = {'name': 'New test group'} |
|
rv = self.post('/group/{groupId}/'.format(groupId=groupId), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonError(rv, 404, 'Group not found') |
|
|
|
def test_delete_group(self): |
|
"""Delete a group.""" |
|
groupId = self.group.id |
|
rv = self.delete('/group/{groupId}/'.format(groupId=groupId), |
|
token=self.user.token) |
|
self.assertJsonOk(rv) |
|
|
|
def test_delete_unknown_group(self): |
|
"""Delete a group that doesn't exist.""" |
|
groupId = self.group.id + 10 |
|
rv = self.delete('/group/{groupId}/'.format(groupId=groupId), |
|
token=self.user.token) |
|
self.assertJsonError(rv, 404, 'Group not found') |
|
|
|
def test_delete_not_admin(self): |
|
"""Try to delete a group when the user is not the admin.""" |
|
new_user = User(username='another_user', |
|
fullname='Another user', |
|
passhash='hash') |
|
server.db.session.add(new_user) |
|
server.db.session.commit() |
|
new_user.get_token() |
|
|
|
rv = self.delete('/group/{groupId}/'.format(groupId=self.group.id), |
|
token=new_user.token) |
|
self.assertJsonError(rv, 403, 'User is not admin') |
|
|
|
def test_delete_invalid_token(self): |
|
"""Try to delete a group with an unknown token.""" |
|
rv = self.delete('/group/{groupId}/'.format(groupId=self.group.id), |
|
token='invalid') |
|
self.assertJsonError(rv, 404, 'User not found (via token)') |
|
|
|
|
|
class TestUsersInGroup(LunchoTests): |
|
"""Tests for managing users in the group.""" |
|
def setUp(self): |
|
super(TestUsersInGroup, self).setUp() |
|
# create a user to have a token |
|
self.user = User(username='test', |
|
fullname='Test User', |
|
passhash='hash') |
|
self.user.verified = True |
|
server.db.session.add(self.user) |
|
|
|
# create a group for the user |
|
self.group = Group(name='Test group', |
|
owner=self.user) |
|
server.db.session.add(self.group) |
|
|
|
self.user.groups.append(self.group) |
|
server.db.session.commit() |
|
self.user.get_token() |
|
|
|
def tearDown(self): |
|
super(TestUsersInGroup, self).tearDown() |
|
|
|
def test_add_user(self): |
|
"""Try to add another user in the group.""" |
|
new_user = User(username='another_user', |
|
fullname='Another user', |
|
passhash='hash') |
|
server.db.session.add(new_user) |
|
server.db.session.commit() |
|
|
|
request = {'usernames': [new_user.username]} |
|
|
|
rv = self.put('/group/{groupId}/users/'.format(groupId=self.group.id), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonOk(rv) |
|
|
|
def test_add_no_owner(self): |
|
"""Try to add users without being the group admin.""" |
|
new_user = User(username='another_user', |
|
fullname='Another user', |
|
passhash='hash') |
|
server.db.session.add(new_user) |
|
server.db.session.commit() |
|
new_user.get_token() |
|
|
|
request = {'usernames': [new_user.username]} |
|
|
|
rv = self.put('/group/{groupId}/users/'.format(groupId=self.group.id), |
|
request, |
|
token=new_user.token) |
|
self.assertJsonError(rv, 403, 'User is not admin') |
|
|
|
def test_add_no_such_user(self): |
|
"""Try to add an unknown user to the group.""" |
|
request = {'usernames': ['unknown']} |
|
rv = self.put('/group/{groupId}/users/'.format(groupId=self.group.id), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonError(rv, 404, |
|
'Some users in the add list do not exist') |
|
|
|
def test_add_unknown_group(self): |
|
"""Try to add users to some unknown group.""" |
|
request = {'usernames': ['unkonwn']} # group not found should |
|
# kick first |
|
groupId = self.group.id + 10 |
|
rv = self.put('/group/{groupId}/users/'.format(groupId=groupId), |
|
request, |
|
token=self.user.token) |
|
self.assertJsonError(rv, 404, 'Group not found') |
|
|
|
def test_get_members(self): |
|
"""Try to get a list of group members.""" |
|
rv = self.get('/group/{groupId}/users/'.format(groupId=self.group.id), |
|
token=self.user.token) |
|
self.assertJsonOk(rv) |
|
json = loads(rv.data) |
|
self.assertTrue('users' in json) |
|
self.assertEqual(len(json['users']), 1) # just the owner |
|
self.assertEqual(json['users'][0]['username'], |
|
self.user.username) |
|
self.assertEqual(json['users'][0]['full_name'], |
|
self.user.fullname) |
|
|
|
def test_get_members_by_member(self): |
|
"""Non admin user requests the list of group members.""" |
|
new_user = User(username='another_user', |
|
fullname='Another user', |
|
passhash='hash') |
|
server.db.session.add(new_user) |
|
new_user.groups.append(self.group) |
|
server.db.session.commit() |
|
new_user.get_token() |
|
|
|
rv = self.get('/group/{groupId}/users/'.format(groupId=self.group.id), |
|
token=new_user.token) |
|
self.assertJsonOk(rv) |
|
|
|
json = loads(rv.data) |
|
self.assertTrue('users' in json) |
|
self.assertEqual(len(json['users']), 2) # owner and new user |
|
|
|
def test_get_members_by_non_member(self): |
|
"""A user that is not part of the group ask for members.""" |
|
new_user = User(username='another_user', |
|
fullname='Another user', |
|
passhash='hash') |
|
server.db.session.add(new_user) |
|
server.db.session.commit() |
|
new_user.get_token() |
|
|
|
rv = self.get('/group/{groupId}/users/'.format(groupId=self.group.id), |
|
token=new_user.token) |
|
self.assertJsonError(rv, 403, 'User is not member of this group') |
|
|
|
if __name__ == '__main__': |
|
unittest.main()
|
|
|