diff --git a/backend/routes/user.py b/backend/routes/user.py index 8d5277e3..1f8d130e 100644 --- a/backend/routes/user.py +++ b/backend/routes/user.py @@ -74,6 +74,7 @@ def add(req: Request, @user_route.get("/user", response_model=UserResponse, summary="get all users", + name="user:get", tags=["User"]) def get(req: Request, active: int = 0, @@ -113,6 +114,7 @@ def get(req: Request, @user_route.get("/user/{id:path}", response_model=UserAccessBase, summary="get user detail", + name="user:get_by_id", tags=["User"]) def get_by_id(req: Request, id: int, @@ -128,6 +130,7 @@ def get_by_id(req: Request, @user_route.put("/user/{id:path}", response_model=UserAccessBase, summary="Update user", + name="user:update", tags=["User"]) def update_by_id(req: Request, id: int, diff --git a/backend/tests/test_01_auth.py b/backend/tests/test_01_auth.py index 5b1f71d8..b76cae62 100644 --- a/backend/tests/test_01_auth.py +++ b/backend/tests/test_01_auth.py @@ -14,13 +14,14 @@ class Acc: - def __init__(self, verified): + def __init__( + self, verified: bool = False, email: str = None, name: str = None): self.exp_date = (datetime.now() + timedelta(days=30)).timestamp() self.data = { - "email": "support@akvo.org", - "name": "Akvo Support", + "email": email if email else "support@akvo.org", + "name": name if name else "Akvo Support", "exp": self.exp_date, - "email_verified": verified + "email_verified": verified, } self.token = jwt.encode(self.data, "secret", algorithm="HS256") self.decoded = jwt.decode(self.token, "secret", algorithms=["HS256"]) @@ -28,7 +29,7 @@ def __init__(self, verified): class TestAuthorizationSetup: def test_token_verification(self): - account = Acc(True) + account = Acc(verified=True) assert account.token != "" assert account.decoded == account.data assert True if verify_token(account.decoded) else False @@ -37,36 +38,190 @@ def test_token_verification(self): verify_token(account.decoded) @pytest.mark.asyncio - async def test_user_get_registered(self, app: FastAPI, session: Session, - client: AsyncClient) -> None: - org = crud_organisation.add_organisation(session=session, - name="Akvo", - type="iNGO") + async def test_user_get_registered( + self, app: FastAPI, session: Session, client: AsyncClient + ) -> None: + org = crud_organisation.add_organisation( + session=session, name="Akvo", type="iNGO" + ) org = org.serialize assert org["id"] == 1 assert org["name"] == "Akvo" assert org["type"] == OrganisationType.iNGO - account = Acc(True) + account = Acc(verified=True) res = await client.post( app.url_path_for("user:register"), params={ "first_name": "Akvo", "last_name": "Support", - "organisation": org["id"] + "organisation": org["id"], }, - headers={"Authorization": f"Bearer {account.token}"}) + headers={"Authorization": f"Bearer {account.token}"}, + ) assert res.status_code == 200 res = res.json() - user = crud_user.update_user_by_id(session=session, - id=1, - role="admin", - active=True) + user = crud_user.update_user_by_id( + session=session, id=1, role="admin", active=True + ) assert res["email"] == user.email assert res["active"] is False res = await client.get( app.url_path_for("user:me"), - headers={"Authorization": f"Bearer {account.token}"}) + headers={"Authorization": f"Bearer {account.token}"}, + ) assert res.status_code == 200 res = res.json() assert res["active"] is user.active assert res["role"] == "admin" + + @pytest.mark.asyncio + async def test_get_user( + self, app: FastAPI, session: Session, client: AsyncClient + ) -> None: + account = Acc(verified=True) + res = await client.get( + app.url_path_for("user:get"), + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 404 + + res = await client.get( + app.url_path_for("user:get"), + params={"page": 2}, + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 404 + # get active user + res = await client.get( + app.url_path_for("user:get"), + params={"active": 1}, + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 200 + res = res.json() + assert res["current"] == 1 + assert res["total"] == 1 + assert res["total_page"] == 1 + assert len(res["data"]) == 1 + assert res["data"] == [ + { + "id": 1, + "email": "support@akvo.org", + "name": "Akvo Support", + "role": "admin", + "active": True, + "email_verified": True, + "picture": None, + "organisation": 1, + } + ] + # register as new user + new_account = Acc( + verified=True, email="john_doe@mail.com", name="John Doe") + res = await client.post( + app.url_path_for("user:register"), + params={ + "first_name": "John", + "last_name": "Doe", + "organisation": 1, + }, + headers={"Authorization": f"Bearer {new_account.token}"}, + ) + assert res.status_code == 200 + # get non active user + res = await client.get( + app.url_path_for("user:get"), + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 200 + res = res.json() + assert res["current"] == 1 + assert res["total"] == 1 + assert res["total_page"] == 1 + assert len(res["data"]) == 1 + assert res["data"] == [ + { + "id": 2, + "email": "john_doe@mail.com", + "name": "John Doe", + "role": "user", + "active": False, + "email_verified": None, + "picture": None, + "organisation": 1, + } + ] + # get user by id + res = await client.get( + app.url_path_for("user:get_by_id", id=3), + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 404 + + res = await client.get( + app.url_path_for("user:get_by_id", id=1), + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 200 + res = res.json() + assert res == { + "id": 1, + "email": "support@akvo.org", + "name": "Akvo Support", + "role": "admin", + "active": True, + "access": [], + "organisation": 1 + } + + @pytest.mark.asyncio + async def test_update_user( + self, app: FastAPI, session: Session, client: AsyncClient + ) -> None: + account = Acc(verified=True) + res = await client.get( + app.url_path_for("user:get_by_id", id=2), + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 200 + user = res.json() + # update John Doe + res = await client.put( + app.url_path_for("user:update", id=user["id"]), + params={ + "active": True, + "role": "admin", + "first_name": "John", + "last_name": "Doe", + "organisation": 1, + }, + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 200 + res = res.json() + assert res == { + "id": 2, + "email": "john_doe@mail.com", + "name": "John Doe", + "role": "admin", + "active": True, + "access": [], + "organisation": 1 + } + + @pytest.mark.asyncio + async def test_delete_user( + self, app: FastAPI, session: Session, client: AsyncClient + ) -> None: + account = Acc(verified=True) + res = await client.get( + app.url_path_for("user:get_by_id", id=2), + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 200 + user = res.json() + res = await client.delete( + app.url_path_for("user:delete", id=user["id"]), + headers={"Authorization": f"Bearer {account.token}"}, + ) + assert res.status_code == 204 diff --git a/backend/tests/test_14_advanced_query.py b/backend/tests/test_14_advanced_query.py index 7014409d..5b6773ef 100644 --- a/backend/tests/test_14_advanced_query.py +++ b/backend/tests/test_14_advanced_query.py @@ -46,7 +46,7 @@ async def test_get_data_with_query_option(self, app: FastAPI, ], [{"id": 1, "question": "1", "answer": "option 2"}], ] - + # search option 1 res = await client.get( app.url_path_for("data:get", form_id=1), params={"q": "1|option 1"}, @@ -57,7 +57,7 @@ async def test_get_data_with_query_option(self, app: FastAPI, assert res["total"] == 1 assert res["total_page"] == 1 assert len(res["data"]) == 1 - + # search option 2 res = await client.get( app.url_path_for("data:get", form_id=1), params={"q": "1|option 2"}, @@ -68,6 +68,17 @@ async def test_get_data_with_query_option(self, app: FastAPI, assert res["total"] == 3 assert res["total_page"] == 1 assert len(res["data"]) == 3 + # search with question and administration filter + res = await client.get( + app.url_path_for("data:get", form_id=1), + params={"question": [1, 4], "administration": 10}, + headers={"Authorization": f"Bearer {account.token}"}) + assert res.status_code == 200 + res = res.json() + assert res["current"] == 1 + assert res["total"] == 2 + assert res["total_page"] == 1 + assert len(res["data"]) == 2 @pytest.mark.asyncio async def test_get_maps_with_query_option(self, app: FastAPI,