Merge pull request 'Profilsuche nach Nickname' (#41) from feature-nickname-search into main

Reviewed-on: kompetenzinventar/ki-backend#41
2021-07-26 19:40:33 +02:00
parent cd3f0f173b 76e95311f0
commit ea57f326b7
7 changed files with 66 additions and 31 deletions
--- a/ki/test/test_find_profiles_endpoint.py
+++ b/ki/test/test_find_profiles_endpoint.py
@ -7,36 +7,35 @@ import unittest
 from ki.test.ApiTest import ApiTest


-class TestSkillsEndpoint(ApiTest):
-    def test_skills_options(self):
-        response = self.client.options("/skills")
+class TestFindProfilesEndpoint(ApiTest):
+    def test_find_profiles_options(self):
+        response = self.client.options("/users/profiles")
        self.assertEqual(response.status_code, 200)
        self.assertIn("Access-Control-Allow-Origin", response.headers)
        self.assertEqual(response.headers["Access-Control-Allow-Origin"], "*")

-    def test_get_skills1(self):
+    def test_find_nobody(self):
        token = self.login("peter", "geheim")["token"]

-        response = self.client.get("/skills?search=p", headers={"Authorization": "Bearer " + token})
+        response = self.client.get("/users/profiles?nickname=horsthorsthorst",
+                                   headers={"Authorization": "Bearer " + token})
        self.assertEqual(response.status_code, 200)
-        self.assertEqual(
-            {
-                "skills": [{
-                    "id": 1,
-                    "name": "PHP",
-                    "icon_url": "/skills/1/icon"
-                }, {
-                    "id": 10,
-                    "name": "PostgreSQL",
-                    "icon_url": "/skills/10/icon"
-                }, {
-                    "id": 3,
-                    "name": "Python",
-                    "icon_url": "/skills/3/icon"
-                }]
-            }, response.json)
-        self.assertIn("Access-Control-Allow-Origin", response.headers)
-        self.assertEqual(response.headers["Access-Control-Allow-Origin"], "*")
+        self.assertEqual(response.json, {"total": 0, "profiles": []})
+
+    def test_find_sql_specialchars(self):
+        token = self.login("peter", "geheim")["token"]
+
+        response = self.client.get("/users/profiles?nickname=%22%27%25", headers={"Authorization": "Bearer " + token})
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.json, {"total": 0, "profiles": []})
+
+    def test_find_all(self):
+        token = self.login("peter", "geheim")["token"]
+
+        response = self.client.get("/users/profiles", headers={"Authorization": "Bearer " + token})
+        self.assertEqual(response.status_code, 200)
+        self.assertDictContainsSubset({"total": 1}, response.json)
+        self.assertDictContainsSubset({"nickname": "dirtydieter"}, response.json["profiles"][0])


 if __name__ == "main":
--- a/ki/test/test_profile_endpoint.py
+++ b/ki/test/test_profile_endpoint.py
@ -174,7 +174,14 @@ class TestProfileEndpoint(ApiTest):
        response = self.client.get("/users/1/profile")
        self.assertEqual(response.status_code, 401)

-    def test_get_profile(self):
+    def test_get_visible_proifle(self):
+        token = self.login("peter", "geheim")["token"]
+
+        response = self.client.get("/users/3/profile", headers={"Authorization": f"Bearer {token}"})
+
+        self.assertEqual(response.status_code, 200)
+
+    def test_get_own_profile(self):
        login_data = {"username": "peter", "password": "geheim"}
        login_response = self.client.post("/users/login", data=json.dumps(login_data), content_type="application/json")