From d63b1cabd58a879910de1f3e1bd23380fdc32d8b Mon Sep 17 00:00:00 2001 From: MiharyR Date: Tue, 11 Jan 2022 18:02:25 +0100 Subject: [PATCH] commencement des tests --- backend/test/fictive_users.py | 58 ++++++ backend/test/test.py | 366 ++++++++++++++++++++++++++++++++++ 2 files changed, 424 insertions(+) create mode 100644 backend/test/fictive_users.py create mode 100644 backend/test/test.py diff --git a/backend/test/fictive_users.py b/backend/test/fictive_users.py new file mode 100644 index 0000000..7804c91 --- /dev/null +++ b/backend/test/fictive_users.py @@ -0,0 +1,58 @@ +import os +import sys +sys.path.append("../application") +from users_model import Users +from api_functions import hash_password + + + +TAB_USER_WITH_PASSWORD = [ + { + "id": 1, + "email": "riri@gmail.com", + "nickname": "Riri", + "password": "ririPass", + "is_admin": False + }, + { + "id": 2, + "email": "fifi@gmail.com", + "nickname": "Fifi", + "password": "fifiPass", + "is_admin": False + }, + { + "id": 3, + "email": "donald@gmail.com", + "nickname": "Donald", + "password": "donaldPass", + "is_admin": False + }, + { + "id": 4, + "email": "daisy@gmail.com", + "nickname": "Daisy", + "password": "daisyPass", + "is_admin": True + }, +] + + + +# Convert user with passord (uwp) to user +def uwp_to_user(uwp): + salt0 = os.urandom(32) + hash_pass0 = hash_password(salt0, uwp["password"]) + return Users( + email = uwp["email"], + nickname = uwp["nickname"], + hash_pass = hash_pass0, + salt = salt0, + is_admin = uwp["is_admin"] + ) + + + +TAB_USER = [] +for uwp in TAB_USER_WITH_PASSWORD: + TAB_USER.append(uwp_to_user(uwp)) \ No newline at end of file diff --git a/backend/test/test.py b/backend/test/test.py new file mode 100644 index 0000000..3300549 --- /dev/null +++ b/backend/test/test.py @@ -0,0 +1,366 @@ +import unittest +from flask.ext.testing import TestCase +import json +import sys + +sys.path.append("../application") +from __init__ import app, db +from users_model import Users +from fictive_users import TAB_USER + + + + +class BaseTestCase(TestCase): + + def create_app(self): + FLASK_ENV = os.environ.get('FLASK_ENV', None) + if FLASK_ENV == 'production': + app.config.from_object("config.ProductionConfig") + elif FLASK_ENV == 'staging': + app.config.from_object("config.StagingConfig") + elif FLASK_ENV == 'development': + app.config.from_object("config.DevelopmentConfig") + else: + app.config.from_object("config.Config") + return app + + + def setUp(self): + db.create_all() + for user in TAB_USER: + db.session.add(user) + db.session.commit() + + + def tearDown(self): + db.session.remove() + db.drop_all() + + + + +class FlaskTestCase(BaseTestCase): + + # -- UTILS --- + + def login(self, email, password): + data0 = json.dumps({ + "email": email, + "passord": password + }) + response = self.client.post('/api/login', data=data0) + + + + # --- LOGIN --- + + def test_login_no_fields(self): + data0 = json.dumps({}) + response = self.client.post('/api/login', data=data0) + self.assertEqual(response.message, 'Need email, password fields.') + + + def test_login_empty_fields(self): + data0 = json.dumps({ + "email": "", + "passord": "blabla" + }) + response = self.client.post('/api/login', data=data0) + self.assertEqual(response.message, 'Empty email and/or password fields.') + + + def test_login_wrong_fields(self): + data0 = json.dumps({ + "email": "nimp@gmail.com", + "passord": "nimp" + }) + response = self.client.post('/api/login', data=data0) + self.assertEqual(response.message, 'Email or password invalid') + + + def test_login_success(self): + data0 = json.dumps({ + "email": "riri@gmail.com", + "passord": "ririPass" + }) + response = self.client.post('/api/login', data=data0) + self.assertEqual(response.message, 'User authenticated.') + + + + # --- REGISTER --- + + def test_register_no_fields(self): + data0 = json.dumps({}) + response = self.client.post('/api/register', data=data0) + self.assertIn('Need', response.message) + + + def test_register_empty_fields(self): + data0 = json.dumps({ + "email": "", + "passord": "blabla", + "nickname": "blabla" + }) + response = self.client.post('/api/register', data=data0) + self.assertEqual(response.message, 'Empty email and/or password and/or nickname fields.') + + + def test_register_already_exist(self): + data0 = json.dumps({ + "email": "riri@gmail.com", + "passord": "blabla", + "nickname": "blabla" + }) + response = self.client.post('/api/register', data=data0) + self.assertIn('already exist', response.message) + + + def test_register_success(self): + data0 = json.dumps({ + "email": "loulou@gmail.com", + "passord": "loulouPass", + "nickname": "Loulou" + }) + response = self.client.post('/api/register', data=data0) + self.assertEqual(response.message, 'User registered.') + + + + # --- LOGOUT --- + + def test_logout_fail(self): + response = self.client.delete('/api/logout') + self.assertEqual(response.status_code, 500) + + + def test_logout_success(self): + self.login_user() + response = self.client.delete('/api/logout') + self.assertEqual(response.status_code, 200) + + + # --- SELF UPDATE --- + + def test_self_update_not_connected(self): + data0 = json.dumps({}) + response = self.client.put('/api/user/update', data=data0) + self.assertEqual(response.status_code, 500) + + + def test_self_update_no_fields(self): + self.login('riri@gmail.com', 'ririPass') + data0 = json.dumps({}) + response = self.client.put('/api/user/update', data=data0) + self.assertIn('Need', response.message) + + + def test_self_update_empty_fields(self): + self.login('riri@gmail.com', 'ririPass') + data0 = json.dumps({ + "nickname": "", + "password": "blabla" + }) + response = self.client.put('/api/user/update', data=data0) + self.assertEqual(response.message, 'Empty nickname and/or password fields.') + + + def test_self_update_success(self): + self.login('riri@gmail.com', 'ririPass') + data0 = json.dumps({ + "nickname": "Ririri", + "password": "ririPass" + }) + response = self.client.put('/api/user/update', data=data0) + self.assertEqual(response.status_code, 200) + + + + # --- SELF DELETE --- + + def test_self_delete_not_connected(self): + response = self.client.delete('/api/user/delete') + self.assertEqual(response.status_code, 500) + + + def test_self_delete_success(self): + self.login('donald@gmail.com', 'donaldPass') + response = self.client.delete('/api/user/delete') + self.assertEqual(response.status_code, 200) + + + def test_self_delete_last_admin(self): + self.login('daisy@gmail.com', 'daisyPass') + response = self.client.delete('/api/user/delete') + self.assertEqual(response.message, 'Can\'t delete last admin') + + + + # --- admin: CREATE USER --- + + def test_admin_create_not_connected(self): + data0 = json.dumps({}) + response = self.client.post('/api/admin/create/user', data=data0) + self.assertEqual(response.message, 'User not authenticated.') + + + def test_admin_create_no_permission(self): + self.login('riri@gmail.com', 'ririPass') + data0 = json.dumps({}) + response = self.client.post('/api/admin/create/user', data=data0) + self.assertEqual(response.message, 'User does not have permission.') + + + def test_admin_create_no_fields(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({}) + response = self.client.post('/api/admin/create/user', data=data0) + self.assertIn('Need', response.message) + + + def test_admin_create_empty_fields(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({ + "email": "", + "nickname": "Mickey", + "password": "mickeyPass", + "is_admin": true, + }) + response = self.client.post('/api/admin/create/user', data=data0) + self.assertEqual(response.message, 'Empty email and/or nickname and/or password and/or is_admin fields.') + + + def test_admin_create_already_exist(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({ + "email": "riri@gmail.com", + "passord": "blabla", + "nickname": "blabla", + }) + response = self.client.post('/api/admin/create/user', data=data0) + self.assertIn('already exist', response.message) + + + def test_admin_create_success(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({ + "email": "mickey@gmail.com", + "nickname": "Mickey", + "password": "mickeyPass", + "is_admin": true, + }) + response = self.client.post('/api/admin/create/user', data=data0) + self.assertEqual(response.message, 'User registered.') + + + + # --- admin: UPDATE USER --- + + def test_admin_update_not_connected(self): + data0 = json.dumps({}) + response = self.client.put('/api/admin/update/user', data=data0) + self.assertEqual(response.message, 'User not authenticated.') + + + def test_admin_update_no_permission(self): + self.login('riri@gmail.com', 'ririPass') + data0 = json.dumps({}) + response = self.client.put('/api/admin/update/user', data=data0) + self.assertEqual(response.message, 'User does not have permission.') + + + def test_admin_update_no_fields(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({}) + response = self.client.put('/api/admin/update/user', data=data0) + self.assertIn('Need', response.message) + + + def test_admin_update_empty_fields(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({ + "id": 1, + "password": "", + "is_admin": false, + }) + response = self.client.put('/api/admin/update/user', data=data0) + self.assertEqual(response.message, 'Empty is_admin and/or password fields.') + + + def test_admin_update_not_exists(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({ + "id": 99, + "password": "", + "is_admin": false, + }) + response = self.client.put('/api/admin/update/user', data=data0) + self.assertEqual(response.message, 'User do not exist.') + + + def test_admin_update_success(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({ + "id": 1, + "password": "roroPass", + "is_admin": false, + }) + response = self.client.put('/api/admin/update/user', data=data0) + self.assertEqual(response.status_code, 200) + + + + # --- admin: DELETE USER --- + + def test_admin_delete_not_connected(self): + response = self.client.delete('/api/admin/delete/user') + self.assertEqual(response.message, 'User not authenticated.') + + + def test_admin_delete_no_permission(self): + self.login('riri@gmail.com', 'ririPass') + response = self.client.delete('/api/admin/delete/user') + self.assertEqual(response.message, 'User does not have permission.') + + + def test_admin_delete_no_fields(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({}) + response = self.client.delete('/api/admin/delete/user') + self.assertIn('Need', response.message) + + + def test_admin_delete_not_exists(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({"id": 99}) + response = self.client.delete('/api/admin/delete/user') + self.assertEqual(response.message, 'User do not exist.') + + + def test_admin_delete_success(self): + self.login('daisy@gmail.com', 'daisyPass') + data0 = json.dumps({"id": 2}) + response = self.client.delete('/api/admin/delete/user', data=data0) + self.assertEqual(response.status_code, 200) + + + + # --- LIST OF USER --- + + def test_list_of_users_fail(self): + response = self.client.get('/api/users') + self.assertEqual(response.status_code, 500) + + + def test_list_of_users_success(self): + self.login('riri@gmail.com', 'ririPass') + response = self.client.get('/api/users') + self.assertEqual(response.status_code, 200) + + + + + +if __name__ == '__main__': + unittest.main() \ No newline at end of file