ad842ee8a5
- Added type hinting (for now, 3.5-compatible) - Split `db` namespace into `db` module and `model` namespace - Changed elastic search to be created lazily for each operation - Changed to class based approach in entity serialization to allow stronger typing - Removed `required` argument from `context.get_*` family of functions; now it's implied if `default` argument is omitted - Changed `unalias_dict` implementation to use less magic inputs
125 lines
4.8 KiB
Python
125 lines
4.8 KiB
Python
from unittest.mock import patch
|
|
import pytest
|
|
from szurubooru import api, db, model, errors
|
|
from szurubooru.func import users
|
|
|
|
|
|
@pytest.fixture(autouse=True)
|
|
def inject_config(config_injector):
|
|
config_injector({
|
|
'privileges': {
|
|
'users:edit:self:name': model.User.RANK_REGULAR,
|
|
'users:edit:self:pass': model.User.RANK_REGULAR,
|
|
'users:edit:self:email': model.User.RANK_REGULAR,
|
|
'users:edit:self:rank': model.User.RANK_MODERATOR,
|
|
'users:edit:self:avatar': model.User.RANK_MODERATOR,
|
|
'users:edit:any:name': model.User.RANK_MODERATOR,
|
|
'users:edit:any:pass': model.User.RANK_MODERATOR,
|
|
'users:edit:any:email': model.User.RANK_MODERATOR,
|
|
'users:edit:any:rank': model.User.RANK_ADMINISTRATOR,
|
|
'users:edit:any:avatar': model.User.RANK_ADMINISTRATOR,
|
|
},
|
|
})
|
|
|
|
|
|
def test_updating_user(context_factory, user_factory):
|
|
user = user_factory(name='u1', rank=model.User.RANK_ADMINISTRATOR)
|
|
auth_user = user_factory(rank=model.User.RANK_ADMINISTRATOR)
|
|
db.session.add(user)
|
|
db.session.flush()
|
|
|
|
with patch('szurubooru.func.users.create_user'), \
|
|
patch('szurubooru.func.users.update_user_name'), \
|
|
patch('szurubooru.func.users.update_user_password'), \
|
|
patch('szurubooru.func.users.update_user_email'), \
|
|
patch('szurubooru.func.users.update_user_rank'), \
|
|
patch('szurubooru.func.users.update_user_avatar'), \
|
|
patch('szurubooru.func.users.serialize_user'):
|
|
users.serialize_user.return_value = 'serialized user'
|
|
|
|
result = api.user_api.update_user(
|
|
context_factory(
|
|
params={
|
|
'version': 1,
|
|
'name': 'chewie',
|
|
'email': 'asd@asd.asd',
|
|
'password': 'oks',
|
|
'rank': 'moderator',
|
|
'avatarStyle': 'manual',
|
|
},
|
|
files={
|
|
'avatar': b'...',
|
|
},
|
|
user=auth_user),
|
|
{'user_name': 'u1'})
|
|
|
|
assert result == 'serialized user'
|
|
users.create_user.assert_not_called()
|
|
users.update_user_name.assert_called_once_with(user, 'chewie')
|
|
users.update_user_password.assert_called_once_with(user, 'oks')
|
|
users.update_user_email.assert_called_once_with(user, 'asd@asd.asd')
|
|
users.update_user_rank.assert_called_once_with(
|
|
user, 'moderator', auth_user)
|
|
users.update_user_avatar.assert_called_once_with(
|
|
user, 'manual', b'...')
|
|
users.serialize_user.assert_called_once_with(
|
|
user, auth_user, options=[])
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
'field', ['name', 'email', 'password', 'rank', 'avatarStyle'])
|
|
def test_omitting_optional_field(user_factory, context_factory, field):
|
|
user = user_factory(name='u1', rank=model.User.RANK_ADMINISTRATOR)
|
|
db.session.add(user)
|
|
db.session.flush()
|
|
params = {
|
|
'name': 'chewie',
|
|
'email': 'asd@asd.asd',
|
|
'password': 'oks',
|
|
'rank': 'moderator',
|
|
'avatarStyle': 'gravatar',
|
|
}
|
|
del params[field]
|
|
with patch('szurubooru.func.users.create_user'), \
|
|
patch('szurubooru.func.users.update_user_name'), \
|
|
patch('szurubooru.func.users.update_user_password'), \
|
|
patch('szurubooru.func.users.update_user_email'), \
|
|
patch('szurubooru.func.users.update_user_rank'), \
|
|
patch('szurubooru.func.users.update_user_avatar'), \
|
|
patch('szurubooru.func.users.serialize_user'):
|
|
api.user_api.update_user(
|
|
context_factory(
|
|
params={**params, **{'version': 1}},
|
|
files={'avatar': b'...'},
|
|
user=user),
|
|
{'user_name': 'u1'})
|
|
|
|
|
|
def test_trying_to_update_non_existing(user_factory, context_factory):
|
|
user = user_factory(name='u1', rank=model.User.RANK_ADMINISTRATOR)
|
|
db.session.add(user)
|
|
db.session.flush()
|
|
with pytest.raises(users.UserNotFoundError):
|
|
api.user_api.update_user(
|
|
context_factory(user=user), {'user_name': 'u2'})
|
|
|
|
|
|
@pytest.mark.parametrize('params', [
|
|
{'name': 'whatever'},
|
|
{'email': 'whatever'},
|
|
{'rank': 'whatever'},
|
|
{'password': 'whatever'},
|
|
{'avatarStyle': 'whatever'},
|
|
])
|
|
def test_trying_to_update_field_without_privileges(
|
|
user_factory, context_factory, params):
|
|
user1 = user_factory(name='u1', rank=model.User.RANK_REGULAR)
|
|
user2 = user_factory(name='u2', rank=model.User.RANK_REGULAR)
|
|
db.session.add_all([user1, user2])
|
|
db.session.flush()
|
|
with pytest.raises(errors.AuthError):
|
|
api.user_api.update_user(
|
|
context_factory(
|
|
params={**params, **{'version': 1}},
|
|
user=user1),
|
|
{'user_name': user2.name})
|