Compare commits

..

No commits in common. "fa8e30b29985a7e999d59eea47e02c0cab56c497" and "21067d059b81e8f1eec0111c3c232fb528dbf8f8" have entirely different histories.

7 changed files with 74 additions and 82 deletions

View File

@ -1,5 +1,3 @@
--- ---
peter: peter:
password: geheim password: geheim
klaus:
password: jutta

View File

@ -81,9 +81,4 @@ def seed(dev: bool):
peter_fr = ProfileLanguage(profile=peters_profile, language_id="fr", level=3) peter_fr = ProfileLanguage(profile=peters_profile, language_id="fr", level=3)
db.session.add(peter_fr) db.session.add(peter_fr)
logging.info("seeding klaus :D")
klaus = User(auth_id="klaus")
db.session.add(klaus)
db.session.commit() db.session.commit()

View File

@ -124,14 +124,10 @@ def get_user_profile(user_id):
@app.route("/users/<user_id>/profile", methods=["POST"]) @app.route("/users/<user_id>/profile", methods=["POST"])
@token_auth @token_auth
def update_profile(user_id): def update_profile(user_id):
if g.user.id != int(user_id):
return make_response({}, 403)
return update_profile_handler(int(user_id)) return update_profile_handler(int(user_id))
@app.route("/skills") @app.route("/skills")
@token_auth
def get_skills(): def get_skills():
return handle_completion_request(Skill, "skills") return handle_completion_request(Skill, "skills")
@ -143,7 +139,6 @@ def get_skill_icon(skill_id):
@app.route("/languages") @app.route("/languages")
@token_auth
def get_languages(): def get_languages():
return handle_completion_request(Language, "languages") return handle_completion_request(Language, "languages")

View File

@ -1,35 +0,0 @@
from alembic import command
import json
import unittest
from app import app, db, migrate
from ki.actions import seed
class ApiTest(unittest.TestCase):
maxDiff = None
def setUp(self):
app.debug = True
app.config["TESTING"] = True
app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:"
self.client = app.test_client()
with app.app_context():
config = migrate.get_config()
command.upgrade(config, "head")
seed(True)
def tearDown(self):
db.drop_all()
db.engine.dispose()
def login(self, username, password):
login_data = {"username": username, "password": password}
login_response = self.client.post("/users/login", data=json.dumps(login_data), content_type="application/json")
self.assertEqual(login_response.status_code, 200)
self.assertIn("token", login_response.json)
return login_response.json

View File

@ -1,25 +1,42 @@
from alembic import command
import json import json
import unittest import unittest
from ki.test.ApiTest import ApiTest from app import app, db, migrate
from ki.actions import seed
class TestLoginEndpoint(ApiTest): class TestLoginEndpoint(unittest.TestCase):
def setUp(self):
app.debug = True
app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:"
self.client = app.test_client()
with app.app_context():
config = migrate.get_config()
command.upgrade(config, "head")
seed(True)
def tearDown(self):
db.drop_all()
db.engine.dispose()
def test_login(self): def test_login(self):
response1_data = self.login("peter", "geheim") response1_data = self.login()
response2_data = self.login("peter", "geheim") response2_data = self.login()
self.assertNotEqual(response1_data["token"], response2_data["token"]) self.assertNotEqual(response1_data["token"], response2_data["token"])
def test_login_wrong_credentails(self): def login(self):
login_data = {"username": "peter", "password": "123456"} response = self.client.post("/users/login",
login_response = self.client.post("/users/login", data=json.dumps(login_data), content_type="application/json") data=json.dumps({
self.assertEqual(login_response.status_code, 403) "username": "peter",
"password": "geheim"
def test_login_unknown_user(self): }),
login_data = {"username": "karl", "password": "123456"} content_type="application/json")
login_response = self.client.post("/users/login", data=json.dumps(login_data), content_type="application/json") self.assertEqual(response.status_code, 200)
self.assertEqual(login_response.status_code, 403) self.assertIn("token", response.json)
return response.json
if __name__ == "main": if __name__ == "main":

View File

@ -1,31 +1,38 @@
from alembic import command
import unittest import unittest
import json import json
from app import app from app import app, db, migrate
from ki.actions import seed
from ki.models import User from ki.models import User
from ki.test.ApiTest import ApiTest
class TestProfileEndpoint(ApiTest): class TestProfileEndpoint(unittest.TestCase):
maxDiff = None maxDiff = None
def test_update_profile_unauthorised(self): def setUp(self):
login_data = {"username": "klaus", "password": "jutta"} app.debug = True
app.config["TESTING"] = True
app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:"
self.client = app.test_client()
with app.app_context():
config = migrate.get_config()
command.upgrade(config, "head")
seed(True)
def tearDown(self):
db.drop_all()
db.engine.dispose()
def test_update_profile(self):
login_data = {"username": "peter", "password": "geheim"}
login_response = self.client.post("/users/login", data=json.dumps(login_data), content_type="application/json") login_response = self.client.post("/users/login", data=json.dumps(login_data), content_type="application/json")
self.assertEqual(login_response.status_code, 200) self.assertEqual(login_response.status_code, 200)
self.assertIn("token", login_response.json) self.assertIn("token", login_response.json)
response = self.client.post("/users/1/profile",
data=json.dumps({}),
content_type="application/json",
headers={"Authorization": "Bearer " + login_response.json["token"]})
self.assertEqual(response.status_code, 403)
def test_update_profile(self):
token = self.login("peter", "geheim")["token"]
data = { data = {
"pronouns": "Monsieur", "pronouns": "Monsieur",
"volunteerwork": "ja", "volunteerwork": "ja",
@ -83,7 +90,7 @@ class TestProfileEndpoint(ApiTest):
response = self.client.post("/users/1/profile", response = self.client.post("/users/1/profile",
data=json.dumps(data), data=json.dumps(data),
content_type="application/json", content_type="application/json",
headers={"Authorization": "Bearer " + token}) headers={"Authorization": "Bearer " + login_response.json["token"]})
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
with app.app_context(): with app.app_context():

View File

@ -1,9 +1,26 @@
from alembic import command
import unittest import unittest
from ki.test.ApiTest import ApiTest from app import app, db, migrate
from ki.actions import seed
class TestSkillsEndpoint(ApiTest): class TestSkillsEndpoint(unittest.TestCase):
def setUp(self):
app.debug = True
app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:"
self.client = app.test_client()
with app.app_context():
config = migrate.get_config()
command.upgrade(config, "head")
seed(True)
def tearDown(self):
db.drop_all()
db.engine.dispose()
def test_skills_options(self): def test_skills_options(self):
response = self.client.options("/skills") response = self.client.options("/skills")
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
@ -11,9 +28,7 @@ class TestSkillsEndpoint(ApiTest):
self.assertEqual(response.headers["Access-Control-Allow-Origin"], "*") self.assertEqual(response.headers["Access-Control-Allow-Origin"], "*")
def test_get_skills1(self): def test_get_skills1(self):
token = self.login("peter", "geheim")["token"] response = self.client.get("/skills?search=p")
response = self.client.get("/skills?search=p", headers={"Authorization": "Bearer " + token})
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
self.assertEqual( self.assertEqual(
{ {