darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 02:42:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

Reintroduce some tests. A bit of cleanup of mocks.

Browse Source 
User object fields made a bit clearer and simple test to
verify user added.
This commit is contained in:
Adam Shimali
2016-01-23 23:14:50 +00:00
parent ba0d0d49e1
commit 4674bd6b68
23 changed files with 493 additions and 453 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/main/views/verify.py
View File

@@ -22,6 +22,7 @@ def verify():
user_id = session['user_details']['id']
codes = verify_codes_dao.get_codes(user_id)
form = VerifyForm(codes)
if form.validate_on_submit():
verify_codes_dao.use_code_for_user_and_type(user_id=user_id, code_type='email')
verify_codes_dao.use_code_for_user_and_type(user_id=user_id, code_type='sms')

85
app/notify_client/user_api_client.py
View File

@@ -73,29 +73,14 @@ class UserApiClient(BaseAPIClient):
class User(object):
def __init__(self, fields, max_failed_login_count=3):
self.fields = fields
self.max_failed_login_count = max_failed_login_count
self._id = fields.get('id')
self._name = fields.get('name')
self._email_address = fields.get('email_address')
self._mobile_number = fields.get('mobile_number')
self._password_changed_at = fields.get('password_changed_at')
self._failed_login_count = 0
@property
def id(self):
return self.fields.get('id')
@property
def name(self):
return self.fields.get('name')
@property
def email_address(self):
return self.fields.get('email_address')
@property
def mobile_number(self):
return self.fields.get('mobile_number')
@property
def password_changed_at(self):
return self.fields.get('password_changed_at')
self._state = fields.get('state')
self.max_failed_login_count = max_failed_login_count
def get_id(self):
return self.id
@@ -106,13 +91,53 @@ class User(object):
def is_active(self):
return self.state == 'active'
@property
def id(self):
return self._id
@id.setter
def id(self, id):
self._id = id
@property
def name(self):
return self._name
@name.setter
def name(self, name):
self._name = name
@property
def email_address(self):
return self._email_address
@email_address.setter
def email_address(self, email_address):
self._email_address = email_address
@property
def mobile_number(self):
return self._mobile_number
@mobile_number.setter
def mobile_number(self, mobile_number):
self._mobile_number = mobile_number
@property
def password_changed_at(self):
return self._password_changed_at
@password_changed_at.setter
def password_changed_at(self, password_changed_at):
self._password_changed_at = password_changed_at
@property
def state(self):
return self.fields['state']
return self._state
@state.setter
def state(self, state):
self.fields['state'] = state
self._state = state
@property
def failed_login_count(self):
@@ -126,7 +151,15 @@ class User(object):
return False
def is_locked(self):
return self.failed_login_count > self.max_failed_login_count
return self.failed_login_count >= self.max_failed_login_count
def serialize(self):
return self.fields
return {"id": self.id,
"name": self.name,
"email_address": self.email_address,
"mobile_number": self.mobile_number,
"password_changed_at": self.password_changed_at,
"state": self.state,
"failed_login_count": self.failed_login_count,
"is_locked": self.is_locked()
}

14
tests/app/main/dao/test_service_dao.py
View File

@@ -3,20 +3,20 @@ from app.main.dao import services_dao
def test_can_insert_new_service(db_,
db_session,
mock_api_user,
mock_active_user,
mock_create_service,
mock_user_dao_get_by_email):
mock_get_by_email):
service_name = 'testing service'
id_ = services_dao.insert_new_service(service_name, mock_api_user.id)
id_ = services_dao.insert_new_service(service_name, mock_active_user.id)
mock_create_service.assert_called_once_with(
service_name, False, 1000, True, mock_api_user.id)
service_name, False, 1000, True, mock_active_user.id)
def test_unrestrict_service_updates_the_service(db_,
db_session,
mock_get_service,
mock_update_service,
mock_user_dao_get_by_email):
mock_get_by_email):
service_one = mock_get_service.side_effect(123)['data']
services_dao.unrestrict_service(service_one['id'])
mock_update_service.assert_called_once_with(service_one['id'],
@@ -29,10 +29,10 @@ def test_unrestrict_service_updates_the_service(db_,
def test_activate_service_update_service(db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_update_service,
mock_user_dao_get_by_email):
mock_get_by_email):
service_one = mock_get_service.side_effect(123)['data']
services_dao.activate_service(service_one['id'])
mock_update_service.assert_called_once_with(service_one['id'],

24
tests/app/main/dao/test_users_dao.py
View File

@@ -6,7 +6,7 @@ from app.models import User
from app.main.dao import users_dao
@pytest.mark.xfail(reason='Tests will be moved to api')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_insert_user_should_add_user(db_, db_session):
user = User(name='test insert',
password='somepassword',
@@ -19,7 +19,7 @@ def test_insert_user_should_add_user(db_, db_session):
assert saved_user == user
@pytest.mark.xfail(reason='Tests will be moved to api')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_insert_user_with_role_that_does_not_exist_fails(db_, db_session):
user = User(name='role does not exist',
password='somepassword',
@@ -31,7 +31,7 @@ def test_insert_user_with_role_that_does_not_exist_fails(db_, db_session):
assert 'insert or update on table "users" violates foreign key constraint "users_role_id_fkey"' in str(error.value)
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_get_user_by_email(db_, db_session):
user = User(name='test_get_by_email',
password='somepassword',
@@ -44,7 +44,7 @@ def test_get_user_by_email(db_, db_session):
assert retrieved == user
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_get_all_users_returns_all_users(db_, db_session):
user1 = User(name='test one',
password='somepassword',
@@ -70,7 +70,7 @@ def test_get_all_users_returns_all_users(db_, db_session):
assert users == [user1, user2, user3]
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_increment_failed_lockout_count_should_increade_count_by_1(db_, db_session):
user = User(name='cannot remember password',
password='somepassword',
@@ -85,7 +85,7 @@ def test_increment_failed_lockout_count_should_increade_count_by_1(db_, db_sessi
assert users_dao.get_user_by_id(user.id).failed_login_count == 1
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_user_is_locked_if_failed_login_count_is_10_or_greater(db_, db_session):
user = User(name='cannot remember password',
password='somepassword',
@@ -104,7 +104,7 @@ def test_user_is_locked_if_failed_login_count_is_10_or_greater(db_, db_session):
assert saved_user.is_locked() is True
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_user_is_active_is_false_if_state_is_inactive(db_, db_session):
user = User(name='inactive user',
password='somepassword',
@@ -131,14 +131,14 @@ def test_should_update_user_to_active(mock_activate_user):
assert activated_user.state == 'active'
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_should_throws_error_when_id_does_not_exist(db_, db_session):
with pytest.raises(AttributeError) as error:
users_dao.activate_user(123)
assert '''object has no attribute 'state''''' in str(error.value)
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_should_update_email_address(db_, db_session):
user = User(name='Update Email',
password='somepassword',
@@ -155,7 +155,7 @@ def test_should_update_email_address(db_, db_session):
assert updated.email_address == 'new_email@testit.gov.uk'
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_should_update_password(db_, db_session):
user = User(name='Update Email',
password='somepassword',
@@ -176,7 +176,7 @@ def test_should_update_password(db_, db_session):
assert updated.password_changed_at > start
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_should_return_list_of_all_email_addresses(db_, db_session):
first = User(name='First Person',
password='somepassword',
@@ -198,7 +198,7 @@ def test_should_return_list_of_all_email_addresses(db_, db_session):
assert expected == [x.email_address for x in email_addresses]
@pytest.mark.xfail(reason='Not implemented yet on api client')
@pytest.mark.skipif(True, reason='Database tests to move to api and ineraction tests done here')
def test_should_update_state_to_request_password_reset(db_, db_session):
user = User(name='Requesting Password Resest',
password='somepassword',

27
tests/app/main/test_user.py Normal file
View File

@@ -0,0 +1,27 @@
from app.notify_client.user_api_client import User
def test_user():
user_data = {'id': 1,
'name': 'Test User',
'email_address': 'test@user.gov.uk',
'mobile_number': '+4412341234',
'state': 'pending',
'failed_login_count': 0
}
user = User(user_data)
assert user.id == 1
assert user.name == 'Test User'
assert user.email_address == 'test@user.gov.uk'
assert user.mobile_number == '+4412341234'
assert user.state == 'pending'
# user has three failed logins before being locked
assert user.max_failed_login_count == 3
assert user.failed_login_count == 0
assert not user.is_locked()
# set failed logins to threshold
user.failed_login_count = 3
assert user.is_locked()

2
tests/app/main/test_validators.py
View File

@@ -2,7 +2,7 @@ from app.main.dao import users_dao
from app.main.forms import RegisterUserForm
def test_should_raise_validation_error_for_password(app_, mock_user_dao_get_by_email):
def test_should_raise_validation_error_for_password(app_, mock_get_by_email):
form = RegisterUserForm(users_dao.get_user_by_email)
form.name.data = 'test'
form.email_address.data = 'teset@example.gov.uk'

28
tests/app/main/views/test_add_service.py
View File

@@ -7,14 +7,13 @@ from app.models import User
def test_get_should_render_add_service_template(app_,
db_,
db_session,
mock_api_user,
mock_get_service,
mock_get_services,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.add_service'))
assert response.status_code == 200
assert 'Set up notifications for your service' in response.get_data(as_text=True)
@@ -25,12 +24,11 @@ def test_should_add_service_and_redirect_to_next_page(app_,
db_session,
mock_create_service,
mock_get_services,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.post(
url_for('main.add_service'),
data={'name': 'testing the post'})
@@ -43,14 +41,13 @@ def test_should_add_service_and_redirect_to_next_page(app_,
def test_should_return_form_errors_when_service_name_is_empty(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_get_services,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.post(url_for('main.add_service'), data={})
assert response.status_code == 200
assert 'Service name can not be empty' in response.get_data(as_text=True)
@@ -60,12 +57,11 @@ def test_should_return_form_errors_with_duplicate_service_name(app_,
db_,
db_session,
mock_get_services,
mock_user_loader,
mock_api_user,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.post(
url_for('main.add_service'), data={'name': 'service_one'})
assert response.status_code == 200

49
tests/app/main/views/test_api_keys.py
View File

@@ -5,12 +5,11 @@ from flask import url_for
def test_should_show_api_keys_and_documentation_page(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.documentation', service_id=123))
assert response.status_code == 200
@@ -19,13 +18,12 @@ def test_should_show_api_keys_and_documentation_page(app_,
def test_should_show_empty_api_keys_page(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email,
mock_active_user,
mock_get_by_email,
mock_get_no_api_keys):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.api_keys', service_id=123))
assert response.status_code == 200
@@ -37,13 +35,12 @@ def test_should_show_empty_api_keys_page(app_,
def test_should_show_api_keys_page(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email,
mock_active_user,
mock_get_by_email,
mock_get_api_keys):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.api_keys', service_id=123))
assert response.status_code == 200
@@ -56,13 +53,12 @@ def test_should_show_api_keys_page(app_,
def test_should_show_name_api_key_page(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email,
mock_active_user,
mock_get_by_email,
mock_get_api_keys):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.create_api_key', service_id=123))
assert response.status_code == 200
@@ -71,14 +67,13 @@ def test_should_show_name_api_key_page(app_,
def test_should_render_show_api_key(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email,
mock_active_user,
mock_get_by_email,
mock_create_api_key,
mock_get_api_keys):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.post(url_for('main.create_api_key', service_id=123),
data={'key_name': 'some default key name'})
@@ -90,13 +85,12 @@ def test_should_render_show_api_key(app_,
def test_should_show_confirm_revoke_api_key(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email,
mock_active_user,
mock_get_by_email,
mock_get_api_keys):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.revoke_api_key', service_id=123, key_id=321))
assert response.status_code == 200
@@ -107,14 +101,13 @@ def test_should_show_confirm_revoke_api_key(app_,
def test_should_redirect_after_revoking_api_key(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email,
mock_active_user,
mock_get_by_email,
mock_revoke_api_key,
mock_get_api_keys):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.post(url_for('main.revoke_api_key', service_id=123, key_id=321))
assert response.status_code == 302

79
tests/app/main/views/test_code_not_received.py
View File

@@ -1,5 +1,4 @@
from app.main.dao import verify_codes_dao
from tests import create_test_api_user
from flask import url_for
@@ -8,12 +7,12 @@ def test_should_render_email_code_not_received_template_and_populate_email_addre
db_session,
mock_send_sms,
mock_send_email,
mock_api_user,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
session['user_email'] = mock_active_user.email_address
response = client.get(url_for('main.check_and_resend_email_code'))
assert response.status_code == 200
assert 'Check your email address is correct and then resend the confirmation code' \
@@ -26,14 +25,14 @@ def test_should_check_and_resend_email_code_redirect_to_verify(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_api_user,
mock_user_dao_get_by_email,
mock_user_dao_update_email):
mock_active_user,
mock_get_by_email,
mock_update_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(mock_api_user.id, code='12345', code_type='email')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(mock_active_user.id, code='12345', code_type='email')
response = client.post(url_for('main.check_and_resend_email_code'),
data={'email_address': 'test@user.gov.uk'})
assert response.status_code == 302
@@ -45,13 +44,13 @@ def test_should_render_text_code_not_received_template(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_api_user,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(mock_api_user.id, code='12345', code_type='sms')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(mock_active_user.id, code='12345', code_type='sms')
response = client.get(url_for('main.check_and_resend_text_code'))
assert response.status_code == 200
assert 'Check your mobile phone number is correct and then resend the confirmation code.' \
@@ -64,14 +63,14 @@ def test_should_check_and_redirect_to_verify(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_api_user,
mock_user_dao_get_by_email,
mock_user_dao_update_mobile):
mock_active_user,
mock_get_by_email,
mock_update_mobile):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(mock_api_user.id, code='12345', code_type='sms')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(mock_active_user.id, code='12345', code_type='sms')
response = client.post(url_for('main.check_and_resend_text_code'),
data={'mobile_number': '+447700900460'})
assert response.status_code == 302
@@ -83,19 +82,19 @@ def test_should_update_email_address_resend_code(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_api_user,
mock_user_dao_get_by_email,
mock_user_dao_update_email):
mock_active_user,
mock_get_by_email,
mock_update_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='email')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(user_id=mock_active_user.id, code='12345', code_type='email')
response = client.post(url_for('main.check_and_resend_email_code'),
data={'email_address': 'new@address.gov.uk'})
assert response.status_code == 302
assert response.location == url_for('main.verify', _external=True)
assert mock_api_user.email_address == 'new@address.gov.uk'
assert mock_active_user.email_address == 'new@address.gov.uk'
def test_should_update_mobile_number_resend_code(app_,
@@ -103,29 +102,29 @@ def test_should_update_mobile_number_resend_code(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_api_user,
mock_user_dao_get_by_email,
mock_user_dao_update_mobile):
mock_active_user,
mock_get_by_email,
mock_update_mobile):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(user_id=mock_active_user.id, code='12345', code_type='sms')
response = client.post(url_for('main.check_and_resend_text_code'),
data={'mobile_number': '+447700900460'})
assert response.status_code == 302
assert response.location == url_for('main.verify', _external=True)
assert mock_api_user.mobile_number == '+447700900460'
assert mock_active_user.mobile_number == '+447700900460'
def test_should_render_verification_code_not_received(app_,
db_,
db_session,
mock_api_user):
mock_active_user):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
session['user_email'] = mock_active_user.email_address
response = client.get(url_for('main.verification_code_not_received'))
assert response.status_code == 200
assert 'Resend verification code' in response.get_data(as_text=True)
@@ -136,14 +135,14 @@ def test_should_render_verification_code_not_received(app_,
def test_check_and_redirect_to_two_factor(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_send_sms,
mock_send_email,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
session['user_email'] = mock_active_user.email_address
response = client.get(url_for('main.check_and_resend_verification_code'))
assert response.status_code == 302
assert response.location == url_for('main.two_factor', _external=True)
@@ -152,19 +151,19 @@ def test_check_and_redirect_to_two_factor(app_,
def test_should_create_new_code_for_user(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_send_sms,
mock_send_email,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(user_id=mock_active_user.id, code='12345', code_type='sms')
response = client.get(url_for('main.check_and_resend_verification_code'))
assert response.status_code == 302
assert response.location == url_for('main.two_factor', _external=True)
codes = verify_codes_dao.get_codes(user_id=mock_api_user.id, code_type='sms')
codes = verify_codes_dao.get_codes(user_id=mock_active_user.id, code_type='sms')
assert len(codes) == 2
for x in ([used.code_used for used in codes]):
assert x is False

3
tests/app/main/views/test_dashboard.py
View File

@@ -7,8 +7,7 @@ def test_should_show_recent_jobs_on_dashboard(app_,
db_session,
mock_api_user,
mock_get_service,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)

12
tests/app/main/views/test_forgot_password.py
View File

@@ -1,6 +1,4 @@
from flask import url_for
from app.main.dao import users_dao
from tests import create_test_user
def test_should_render_forgot_password(app_, db_, db_session):
@@ -15,15 +13,15 @@ def test_should_redirect_to_password_reset_sent_and_state_updated(app_,
db_,
db_session,
mock_send_email,
mock_api_user,
mock_user_dao_get_by_email,
mock_user_dao_password_reset):
mock_active_user,
mock_get_by_email,
mock_password_reset):
with app_.test_request_context():
response = app_.test_client().post(
url_for('.forgot_password'),
data={'email_address': mock_api_user.email_address})
data={'email_address': mock_active_user.email_address})
assert response.status_code == 200
assert (
'You have been sent an email containing a link'
' to reset your password.') in response.get_data(as_text=True)
assert mock_api_user.state == 'request_password_reset'
assert mock_active_user.state == 'request_password_reset'

7
tests/app/main/views/test_index.py
View File

@@ -4,12 +4,11 @@ from flask import url_for
def test_logged_in_user_redirects_to_choose_service(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.index'))
assert response.status_code == 302

32
tests/app/main/views/test_jobs.py
View File

@@ -1,27 +1,33 @@
from flask import url_for
from app.models import User
from tests import create_test_user
def test_should_return_list_of_all_jobs(app_, db_, db_session, service_one, mock_api_user,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_return_list_of_all_jobs(app_,
db_,
db_session,
service_one,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.view_jobs', service_id=101))
assert response.status_code == 200
assert 'You havent sent any notifications yet' in response.get_data(as_text=True)
def test_should_show_page_for_one_job(app_, db_, db_session, service_one, mock_api_user,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_page_for_one_job(app_,
db_,
db_session,
service_one,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
# TODO filename will be part of job metadata not in session
with client.session_transaction() as s:
s[456] = 'dispatch_20151114.csv'
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.view_job', service_id=123, job_id=456))
assert response.status_code == 200
@@ -29,11 +35,15 @@ def test_should_show_page_for_one_job(app_, db_, db_session, service_one, mock_a
assert 'Test message 1' in response.get_data(as_text=True)
def test_should_show_page_for_one_notification(app_, db_, db_session, service_one, mock_api_user,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_page_for_one_notification(app_,
db_,
db_session,
service_one,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for(
'main.view_notification',
service_id=101,

60
tests/app/main/views/test_new_password.py
View File

@@ -3,43 +3,49 @@ from flask import url_for
from app.main.dao import users_dao
from app.main.encryption import check_hash
from app.notify_client.sender import generate_token
from tests import create_test_user
import pytest
def test_should_render_new_password_template(app_, db_, db_session, mock_api_user,
mock_user_dao_get_new_password):
def test_should_render_new_password_template(app_,
db_,
db_session,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
token = generate_token(mock_api_user.email_address)
mock_active_user.state = 'request_password_reset'
token = generate_token(mock_active_user.email_address)
response = client.get(url_for('.new_password', token=token))
assert response.status_code == 200
assert ' You can now create a new password for your account.' in response.get_data(as_text=True)
# def test_should_render_new_password_template_with_message_of_bad_token(app_, db_, db_session,
# mock_user_dao_get_by_email):
# with app_.test_request_context():
# with app_.test_client() as client:
# create_test_user('request_password_reset')
# token = generate_token('no_user@d.gov.uk')
# response = client.get(url_for('.new_password', token=token))
# assert response.status_code == 200
# assert 'Message about email address does not exist. Some one needs to figure out the words here.' in \
# response.get_data(as_text=True)
@pytest.mark.skipif(True, reason='Password reset no implemented')
def test_should_render_new_password_template_with_message_of_bad_token(app_,
db_,
db_session,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
token = generate_token('no_user@d.gov.uk')
response = client.get(url_for('.new_password', token=token))
assert response.status_code == 200
assert 'Message about email address does not exist. Some one needs to figure out the words here.' in \
response.get_data(as_text=True)
@pytest.mark.xfail(reason='Password reset not implemented')
@pytest.mark.skipif(True, reason='Password reset no implemented')
def test_should_redirect_to_two_factor_when_password_reset_is_successful(app_,
db_,
db_session,
mock_send_sms,
mock_api_user,
mock_user_dao_get_new_password):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
mock_api_user.state = 'request_password_reset'
token = generate_token(mock_api_user.email_address)
mock_active_user.state = 'request_password_reset'
token = generate_token(mock_active_user.email_address)
response = client.post(url_for('.new_password', token=token), data={'new_password': 'a-new_password'})
assert response.status_code == 302
assert response.location == url_for('.two_factor', _external=True)
@@ -51,28 +57,28 @@ def test_should_redirect_to_two_factor_when_password_reset_is_successful(app_,
def test_should_redirect_to_forgot_password_with_flash_message_when_token_is_expired(app_,
db_,
db_session,
mock_api_user):
mock_active_user):
with app_.test_request_context():
with app_.test_client() as client:
app_.config['TOKEN_MAX_AGE_SECONDS'] = -1000
mock_api_user.state = 'request_password_reset'
token = generate_token(mock_api_user.email_address)
mock_active_user.state = 'request_password_reset'
token = generate_token(mock_active_user.email_address)
response = client.post(url_for('.new_password', token=token), data={'new_password': 'a-new_password'})
assert response.status_code == 302
assert response.location == url_for('.forgot_password', _external=True)
app_.config['TOKEN_MAX_AGE_SECONDS'] = 3600
@pytest.mark.xfail(reason='Password reset not implemented')
@pytest.mark.skipif(True, reason='Password reset no implemented')
def test_should_redirect_to_forgot_pass_when_user_active_should_be_request_passw_reset(app_,
db_,
db_session,
mock_api_user,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
mock_api_user.state = 'request_password_reset'
token = generate_token(mock_api_user.email_address)
mock_active_user.state = 'request_password_reset'
token = generate_token(mock_active_user.email_address)
response = client.post(url_for('.new_password', token=token), data={'new_password': 'a-new_password'})
assert response.status_code == 302
assert response.location == url_for('.index', _external=True)

26
tests/app/main/views/test_register.py
View File

@@ -11,12 +11,11 @@ def test_render_register_returns_template_with_form(app_, db_, db_session):
def test_logged_in_user_redirects_to_choose_service(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.register'))
assert response.status_code == 302
@@ -30,10 +29,10 @@ def test_process_register_creates_new_user(app_,
mock_send_sms,
mock_send_email,
mock_register_user,
mock_user_by_email_not_found):
mock_get_by_email):
user_data = {
'name': 'Some One Valid',
'email_address': 'someone@example.gov.uk',
'email_address': 'notfound@example.gov.uk',
'mobile_number': '+4407700900460',
'password': 'validPassword!'
}
@@ -43,6 +42,7 @@ def test_process_register_creates_new_user(app_,
data=user_data)
assert response.status_code == 302
assert response.location == url_for('main.verify', _external=True)
assert mock_register_user.called
def test_process_register_returns_400_when_mobile_number_is_invalid(app_,
@@ -50,7 +50,7 @@ def test_process_register_returns_400_when_mobile_number_is_invalid(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_user_by_email_not_found):
mock_get_by_email):
response = app_.test_client().post('/register',
data={'name': 'Bad Mobile',
'email_address': 'bad_mobile@example.gov.uk',
@@ -66,7 +66,7 @@ def test_should_return_400_when_email_is_not_gov_uk(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_user_by_email_not_found):
mock_get_by_email):
response = app_.test_client().post('/register',
data={'name': 'Bad Mobile',
'email_address': 'bad_mobile@example.not.right',
@@ -83,11 +83,10 @@ def test_should_add_verify_codes_on_session(app_,
mock_send_sms,
mock_send_email,
mock_register_user,
mock_user_loader,
mock_user_by_email_not_found):
mock_get_by_email):
user_data = {
'name': 'Test Codes',
'email_address': 'test@example.gov.uk',
'email_address': 'notfound@example.gov.uk',
'mobile_number': '+4407700900460',
'password': 'validPassword!'
}
@@ -99,7 +98,10 @@ def test_should_add_verify_codes_on_session(app_,
assert 'notify_admin_session' in response.headers.get('Set-Cookie')
def test_should_return_400_if_password_is_blacklisted(app_, db_, db_session, mock_user_by_email_not_found):
def test_should_return_400_if_password_is_blacklisted(app_,
db_,
db_session,
mock_get_by_email):
response = app_.test_client().post('/register',
data={'name': 'Bad Mobile',
'email_address': 'bad_mobile@example.not.right',

132
tests/app/main/views/test_service_settings.py
View File

@@ -1,11 +1,15 @@
from flask import (url_for, session)
def test_should_show_overview(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_overview(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'main.service_settings', service_id=service_id))
@@ -16,11 +20,15 @@ def test_should_show_overview(app_, db_, db_session, mock_api_user, mock_get_ser
assert mock_get_service.called
def test_should_show_service_name(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_service_name(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'main.service_name_change', service_id=service_id))
@@ -31,11 +39,15 @@ def test_should_show_service_name(app_, db_, db_session, mock_api_user, mock_get
service = mock_get_service.side_effect(service_id)['data']
def test_should_redirect_after_change_service_name(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_redirect_after_change_service_name(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.post(url_for(
'main.service_name_change', service_id=service_id))
@@ -50,13 +62,12 @@ def test_should_redirect_after_change_service_name(app_, db_, db_session, mock_a
def test_should_show_service_name_confirmation(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'main.service_name_change_confirm', service_id=service_id))
@@ -70,14 +81,13 @@ def test_should_show_service_name_confirmation(app_,
def test_should_redirect_after_service_name_confirmation(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_update_service,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
service_new_name = 'New Name'
with client.session_transaction() as session:
@@ -94,11 +104,15 @@ def test_should_redirect_after_service_name_confirmation(app_,
assert mock_update_service.called
def test_should_show_request_to_go_live(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_request_to_go_live(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(
url_for('main.service_request_to_go_live', service_id=service_id))
@@ -112,14 +126,13 @@ def test_should_show_request_to_go_live(app_, db_, db_session, mock_api_user, mo
def test_should_redirect_after_request_to_go_live(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_update_service,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.post(url_for(
'main.service_request_to_go_live', service_id=service_id))
@@ -132,11 +145,15 @@ def test_should_redirect_after_request_to_go_live(app_,
assert mock_update_service.called
def test_should_show_status_page(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_status_page(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'main.service_status_change', service_id=service_id))
@@ -150,13 +167,12 @@ def test_should_show_status_page(app_, db_, db_session, mock_api_user, mock_get_
def test_should_show_redirect_after_status_change(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.post(url_for(
'main.service_status_change', service_id=service_id))
@@ -168,11 +184,15 @@ def test_should_show_redirect_after_status_change(app_,
assert mock_get_service.called
def test_should_show_status_confirmation(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_status_confirmation(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'main.service_status_change_confirm', service_id=service_id))
@@ -186,14 +206,13 @@ def test_should_show_status_confirmation(app_, db_, db_session, mock_api_user, m
def test_should_redirect_after_status_confirmation(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_update_service,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.post(url_for(
'main.service_status_change_confirm', service_id=service_id))
@@ -206,11 +225,15 @@ def test_should_redirect_after_status_confirmation(app_,
assert mock_update_service.called
def test_should_show_delete_page(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_delete_page(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'main.service_delete', service_id=service_id))
@@ -220,11 +243,15 @@ def test_should_show_delete_page(app_, db_, db_session, mock_api_user, mock_get_
assert mock_get_service.called
def test_should_show_redirect_after_deleting_service(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_redirect_after_deleting_service(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.post(url_for(
'main.service_delete', service_id=service_id))
@@ -235,11 +262,15 @@ def test_should_show_redirect_after_deleting_service(app_, db_, db_session, mock
assert delete_url == response.location
def test_should_show_delete_confirmation(app_, db_, db_session, mock_api_user, mock_get_service,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_show_delete_confirmation(app_,
db_,
db_session,
mock_active_user,
mock_get_service,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'main.service_delete_confirm', service_id=service_id))
@@ -252,14 +283,13 @@ def test_should_show_delete_confirmation(app_, db_, db_session, mock_api_user, m
def test_should_redirect_delete_confirmation(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service,
mock_delete_service,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.post(url_for(
'main.service_delete_confirm', service_id=service_id))

51
tests/app/main/views/test_sign_in.py
View File

@@ -1,11 +1,5 @@
from datetime import datetime
from app.main.dao import users_dao
from app.models import User
from flask import url_for
import pytest
def test_render_sign_in_returns_sign_in_template(app_):
with app_.test_request_context():
@@ -20,12 +14,11 @@ def test_render_sign_in_returns_sign_in_template(app_):
def test_logged_in_user_redirects_to_choose_service(app_,
db_,
db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.get(url_for('main.sign_in'))
assert response.status_code == 302
@@ -38,10 +31,9 @@ def test_process_sign_in_return_2fa_template(app_,
db_session,
mock_send_sms,
mock_send_email,
mock_user_dao_get_user,
mock_user_loader,
mock_user_dao_get_by_email,
mock_user_dao_checkpassword):
mock_get_user,
mock_get_by_email,
mock_user_checkpassword):
with app_.test_request_context():
response = app_.test_client().post(
url_for('main.sign_in'), data={
@@ -51,16 +43,12 @@ def test_process_sign_in_return_2fa_template(app_,
assert response.location == 'http://localhost/two-factor'
def test_should_return_locked_out_true_when_user_is_locked(app_,
db_,
db_session,
mock_user_dao_get_user,
mock_inactive_user_dao_get_by_email):
def test_should_return_locked_out_true_when_user_is_locked(app_, mock_get_by_email):
with app_.test_request_context():
for _ in range(10):
app_.test_client().post(
url_for('main.sign_in'), data={
'email_address': 'valid@example.gov.uk',
'email_address': 'locked_user@example.gov.uk',
'password': 'whatIsMyPassword!'})
response = app_.test_client().post(
@@ -79,11 +67,8 @@ def test_should_return_locked_out_true_when_user_is_locked(app_,
assert 'Username or password is incorrect' in response.get_data(as_text=True)
def test_should_return_active_user_is_false_if_user_is_inactive(app_,
db_,
db_session,
mock_user_dao_get_user,
mock_inactive_user_dao_get_by_email):
def test_should_return_active_user_is_false_if_user_is_inactive(app_, mock_get_by_email):
with app_.test_request_context():
response = app_.test_client().post(
url_for('main.sign_in'), data={
@@ -94,29 +79,21 @@ def test_should_return_active_user_is_false_if_user_is_inactive(app_,
assert 'Username or password is incorrect' in response.get_data(as_text=True)
def test_should_return_200_when_user_does_not_exist(app_,
db_,
db_session,
mock_user_dao_get_user,
mock_user_dao_get_by_email):
def test_should_return_200_when_user_does_not_exist(app_, mock_get_by_email):
with app_.test_request_context():
response = app_.test_client().post(
url_for('main.sign_in'), data={
'email_address': 'does_not_exist@gov.uk',
'email_address': 'notfound@gov.uk',
'password': 'doesNotExist!'})
assert response.status_code == 200
assert 'Username or password is incorrect' in response.get_data(as_text=True)
def test_should_return_200_when_user_is_not_active(app_,
db_,
db_session,
mock_user_dao_get_user,
mock_user_dao_get_by_email):
def test_should_return_200_when_user_is_not_active(app_, mock_get_by_email):
with app_.test_request_context():
response = app_.test_client().post(
url_for('main.sign_in'), data={
'email_address': 'PendingUser@example.gov.uk',
'email_address': 'pending_user@example.gov.uk',
'password': 'val1dPassw0rd!'})
assert response.status_code == 200
assert 'Username or password is incorrect' in response.get_data(as_text=True)

9
tests/app/main/views/test_sign_out.py
View File

@@ -14,19 +14,16 @@ def test_render_sign_out_redirects_to_sign_in(app_):
def test_sign_out_user(app_,
db_,
db_session,
mock_send_sms,
mock_send_email,
mock_get_service,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
email = 'valid@example.gov.uk'
password = 'val1dPassw0rd!'
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
# Check we are logged in
response = client.get(
url_for('main.service_dashboard', service_id="123"))

47
tests/app/main/views/test_sms.py
View File

@@ -4,13 +4,15 @@ from flask import url_for
import moto
def test_upload_empty_csvfile_returns_to_upload_page(app_, db_, db_session,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
def test_upload_empty_csvfile_returns_to_upload_page(app_,
db_,
db_session,
mock_send_sms,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
upload_data = {'file': (BytesIO(''.encode('utf-8')), 'emtpy.csv')}
response = client.post(url_for('main.send_sms', service_id=123),
data=upload_data, follow_redirects=True)
@@ -22,19 +24,15 @@ def test_upload_empty_csvfile_returns_to_upload_page(app_, db_, db_session,
@moto.mock_s3
def test_upload_csvfile_with_invalid_phone_shows_check_page_with_errors(app_,
db_,
db_session,
mocker,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
contents = 'phone\n+44 123\n+44 456'
file_data = (BytesIO(contents.encode('utf-8')), 'invalid.csv')
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
upload_data = {'file': file_data}
response = client.post(url_for('main.send_sms', service_id=123),
data=upload_data,
@@ -49,12 +47,9 @@ def test_upload_csvfile_with_invalid_phone_shows_check_page_with_errors(app_,
@moto.mock_s3
def test_upload_csvfile_with_valid_phone_shows_first3_and_last3_numbers(app_,
db_,
db_session,
mocker,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
contents = 'phone\n+44 7700 900981\n+44 7700 900982\n+44 7700 900983\n+44 7700 900984\n+44 7700 900985\n+44 7700 900986\n+44 7700 900987\n+44 7700 900988\n+44 7700 900989' # noqa
@@ -62,7 +57,7 @@ def test_upload_csvfile_with_valid_phone_shows_first3_and_last3_numbers(app_,
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
upload_data = {'file': file_data}
response = client.post(url_for('main.send_sms', service_id=123),
data=upload_data,
@@ -87,12 +82,9 @@ def test_upload_csvfile_with_valid_phone_shows_first3_and_last3_numbers(app_,
@moto.mock_s3
def test_upload_csvfile_with_valid_phone_shows_all_if_6_or_less_numbers(app_,
db_,
db_session,
mocker,
mock_api_user,
mock_user_loader,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
contents = 'phone\n+44 7700 900981\n+44 7700 900982\n+44 7700 900983\n+44 7700 900984\n+44 7700 900985\n+44 7700 900986' # noqa
@@ -100,7 +92,7 @@ def test_upload_csvfile_with_valid_phone_shows_all_if_6_or_less_numbers(app_,
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
upload_data = {'file': file_data}
response = client.post(url_for('main.send_sms', service_id=123),
data=upload_data,
@@ -120,11 +112,12 @@ def test_upload_csvfile_with_valid_phone_shows_all_if_6_or_less_numbers(app_,
@moto.mock_s3
def test_should_redirect_to_job(app_, db_, db_session, mocker, mock_api_user,
mock_user_loader, mock_user_dao_get_by_email):
def test_should_redirect_to_job(app_,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
response = client.post(url_for('main.check_sms',
service_id=123,
upload_id='someid'))

19
tests/app/main/views/test_templates.py
View File

@@ -5,13 +5,12 @@ from flask import url_for
def test_should_return_list_of_all_templates(app_,
db_,
db_session,
mock_api_user,
mock_active_user,
mock_get_service_templates,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
client.login(mock_active_user)
service_id = 123
response = client.get(url_for(
'.manage_service_templates', service_id=service_id))
@@ -25,8 +24,7 @@ def test_should_show_page_for_one_templates(app_,
db_session,
mock_api_user,
mock_get_service_template,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
@@ -48,8 +46,7 @@ def test_should_redirect_when_saving_a_template(app_,
mock_api_user,
mock_get_service_template,
mock_update_service_template,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
@@ -82,8 +79,7 @@ def test_should_show_delete_template_page(app_,
db_session,
mock_api_user,
mock_get_service_template,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)
@@ -106,8 +102,7 @@ def test_should_redirect_when_deleting_a_template(app_,
mock_api_user,
mock_get_service_template,
mock_delete_service_template,
mock_user_loader,
mock_user_dao_get_by_email):
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
client.login(mock_api_user)

45
tests/app/main/views/test_two_factor.py
View File

@@ -1,27 +1,34 @@
from flask import json, url_for
from flask import url_for
from app.main.dao import verify_codes_dao
from tests import create_test_user
def test_should_render_two_factor_page(app_, db_, db_session, mock_api_user, mock_user_dao_get_by_email):
def test_should_render_two_factor_page(app_,
db_,
db_session,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
# TODO this lives here until we work out how to
# reassign the session after it is lost mid register process
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
session['user_email'] = mock_active_user.email_address
response = client.get(url_for('main.two_factor'))
assert response.status_code == 200
assert '''We've sent you a text message with a verification code.''' in response.get_data(as_text=True)
def test_should_login_user_and_redirect_to_dashboard(app_, db_, db_session, mock_api_user, mock_user_dao_get_by_email):
def test_should_login_user_and_redirect_to_dashboard(app_,
db_,
db_session,
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(user_id=mock_active_user.id, code='12345', code_type='sms')
response = client.post(url_for('main.two_factor'),
data={'sms_code': '12345'})
@@ -32,13 +39,13 @@ def test_should_login_user_and_redirect_to_dashboard(app_, db_, db_session, mock
def test_should_return_200_with_sms_code_error_when_sms_code_is_wrong(app_,
db_,
db_session,
mock_api_user,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(user_id=mock_active_user.id, code='12345', code_type='sms')
response = client.post(url_for('main.two_factor'),
data={'sms_code': '23456'})
assert response.status_code == 200
@@ -48,19 +55,19 @@ def test_should_return_200_with_sms_code_error_when_sms_code_is_wrong(app_,
def test_should_login_user_when_multiple_valid_codes_exist(app_,
db_,
db_session,
mock_api_user,
mock_user_dao_get_by_email):
mock_active_user,
mock_get_by_email):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_email'] = mock_api_user.email_address
verify_codes_dao.add_code(user_id=mock_api_user.id, code='23456', code_type='sms')
verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
verify_codes_dao.add_code(user_id=mock_api_user.id, code='34567', code_type='sms')
assert len(verify_codes_dao.get_codes(user_id=mock_api_user.id, code_type='sms')) == 3
session['user_email'] = mock_active_user.email_address
verify_codes_dao.add_code(user_id=mock_active_user.id, code='23456', code_type='sms')
verify_codes_dao.add_code(user_id=mock_active_user.id, code='12345', code_type='sms')
verify_codes_dao.add_code(user_id=mock_active_user.id, code='34567', code_type='sms')
assert len(verify_codes_dao.get_codes(user_id=mock_active_user.id, code_type='sms')) == 3
response = client.post(url_for('main.two_factor'),
data={'sms_code': '23456'})
assert response.status_code == 302
codes = verify_codes_dao.get_codes(user_id=mock_api_user.id, code_type='sms')
codes = verify_codes_dao.get_codes(user_id=mock_active_user.id, code_type='sms')
# query will only return codes where code_used == False
assert len(codes) == 0

78
tests/app/main/views/test_verify.py
View File

@@ -1,8 +1,5 @@
from flask import json, url_for
from app.main.dao import users_dao, verify_codes_dao
from tests import create_test_api_user
import pytest
from flask import url_for
from app.main.dao import verify_codes_dao
def test_should_return_verify_template(app_, db_, db_session, mock_api_user):
@@ -23,9 +20,8 @@ def test_should_redirect_to_add_service_when_code_are_correct(app_,
db_,
db_session,
mock_api_user,
mock_user_dao_get_user,
mock_activate_user,
mock_user_loader):
mock_get_user,
mock_activate_user):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
@@ -39,20 +35,20 @@ def test_should_redirect_to_add_service_when_code_are_correct(app_,
assert response.location == url_for('main.add_service', first='first', _external=True)
# def test_should_activate_user_after_verify(app_, db_, db_session, mock_api_user, mock_activate_user):
# with app_.test_request_context():
# with app_.test_client() as client:
# with client.session_transaction() as session:
# session['user_details'] = {'email_address': mock_api_user.email_address, 'id': mock_api_user.id}
# verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
# verify_codes_dao.add_code(user_id=mock_api_user.id, code='23456', code_type='email')
# client.post(url_for('main.verify'),
# data={'sms_code': '12345',
# 'email_code': '23456'})
# assert mock_api_user.state == 'active'
def test_should_activate_user_after_verify(app_, db_, db_session, mock_api_user, mock_activate_user, mock_get_user):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_details'] = {'email_address': mock_api_user.email_address, 'id': mock_api_user.id}
verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
verify_codes_dao.add_code(user_id=mock_api_user.id, code='23456', code_type='email')
client.post(url_for('main.verify'),
data={'sms_code': '12345',
'email_code': '23456'})
assert mock_api_user.state == 'active'
def test_should_return_200_when_codes_are_wrong(app_, db_, db_session, mock_api_user, mock_user_dao_get_user):
def test_should_return_200_when_codes_are_wrong(app_, db_, db_session, mock_api_user, mock_get_user):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
@@ -68,23 +64,25 @@ def test_should_return_200_when_codes_are_wrong(app_, db_, db_session, mock_api_
assert resp_data.count('Code does not match') == 2
# def test_should_mark_all_codes_as_used_when_many_codes_exist(app_,
# db_,
# db_session,
# mock_api_user):
# with app_.test_request_context():
# with app_.test_client() as client:
# with client.session_transaction() as session:
# session['user_details'] = {'email_address': mock_api_user.email_address, 'id': mock_api_user.id}
# code1 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='23345', code_type='sms')
# code2 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='98456', code_type='email')
# code3 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
# code4 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='23412', code_type='email')
# response = client.post(url_for('main.verify'),
# data={'sms_code': '23345',
# 'email_code': '23412'})
# assert response.status_code == 302
# assert verify_codes_dao.get_code_by_id(code1).code_used is True
# assert verify_codes_dao.get_code_by_id(code2).code_used is True
# assert verify_codes_dao.get_code_by_id(code3).code_used is True
# assert verify_codes_dao.get_code_by_id(code4).code_used is True
def test_should_mark_all_codes_as_used_when_many_codes_exist(app_,
db_,
db_session,
mock_api_user,
mock_get_user,
mock_activate_user):
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_details'] = {'email_address': mock_api_user.email_address, 'id': mock_api_user.id}
code1 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='23345', code_type='sms')
code2 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='98456', code_type='email')
code3 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='12345', code_type='sms')
code4 = verify_codes_dao.add_code(user_id=mock_api_user.id, code='23412', code_type='email')
response = client.post(url_for('main.verify'),
data={'sms_code': '12345',
'email_code': '23412'})
assert response.status_code == 302
assert verify_codes_dao.get_code_by_id(code1.id).code_used is True
assert verify_codes_dao.get_code_by_id(code2.id).code_used is True
assert verify_codes_dao.get_code_by_id(code3.id).code_used is True
assert verify_codes_dao.get_code_by_id(code4.id).code_used is True

116
tests/conftest.py
View File

@@ -119,26 +119,12 @@ def mock_update_service(mocker):
@pytest.fixture(scope='function')
def mock_get_services(mocker, mock_api_user):
def _get(user_id):
service_one = service_json(
1, "service_one", [mock_api_user.id], 1000, True, False)
service_two = service_json(
2, "service_two", [mock_api_user.id], 1000, True, False)
return {'data': [service_one, service_two]}
mock_class = mocker.patch(
'app.notifications_api_client.get_services', side_effect=_get)
return mock_class
@pytest.fixture(scope='function')
def mock_get_services(mocker, mock_api_user):
def mock_get_services(mocker, mock_active_user):
def _create(user_id):
service_one = service_json(
1, "service_one", [mock_api_user.id], 1000, True, False)
1, "service_one", [mock_active_user.id], 1000, True, False)
service_two = service_json(
2, "service_two", [mock_api_user.id], 1000, True, False)
2, "service_two", [mock_active_user.id], 1000, True, False)
return {'data': [service_one, service_two]}
mock_class = mocker.patch(
@@ -164,8 +150,7 @@ def mock_get_service_template(mocker):
return {'data': template}
return mocker.patch(
'app.notifications_api_client.get_service_template',
side_effect=_create)
'app.notifications_api_client.get_service_template', side_effect=_create)
@pytest.fixture(scope='function')
@@ -238,103 +223,98 @@ def mock_api_user(mocker):
@pytest.fixture(scope='function')
def mock_register_user(mocker, mock_api_user):
def _register(name, email_address, mobile_number, password):
mock_api_user.fields['name'] = name
mock_api_user.fields['email_address'] = email_address
mock_api_user.fields['mobile_number'] = mobile_number
mock_api_user.fields['password'] = password
mock_api_user.name = name
mock_api_user.email_address = email_address
mock_api_user.mobile_number = mobile_number
mock_api_user.password = password
return mock_api_user
return mocker.patch('app.user_api_client.register_user', side_effect=_register)
@pytest.fixture(scope='function')
def mock_user_loader(mocker, mock_api_user):
mock_class = mocker.patch('app.main.dao.users_dao.get_user_by_id')
mock_class.return_value = mock_api_user
return mock_class
def mock_active_user(mocker, mock_api_user):
mock_api_user.state = 'active'
return mock_api_user
@pytest.fixture(scope='function')
def mock_activate_user(mocker, mock_api_user):
def _activate(mock_api_user):
mock_api_user.state = 'active'
return mock_api_user
def mock_activate_user(mocker):
def _activate(user):
user.state = 'active'
return user
return mocker.patch('app.user_api_client.update_user', side_effect=_activate)
@pytest.fixture(scope='function')
def mock_user_dao_get_user(mocker, mock_api_user):
def mock_get_user(mocker, mock_active_user):
def _get_user(id):
return mock_api_user
return mock_active_user
return mocker.patch('app.main.dao.users_dao.get_user_by_id', side_effect=_get_user)
@pytest.fixture(scope='function')
def mock_user_dao_get_by_email(mocker, mock_api_user):
mock_api_user.state = 'active'
def mock_get_by_email(mocker, mock_api_user, mock_active_user, mock_get_user):
def _get_user(email_address):
mock_api_user.fields['email_address'] = email_address
return mock_api_user
if email_address == 'notfound@example.gov.uk':
return None
if email_address == 'locked_user@example.gov.uk':
mock_active_user.failed_login_count = 5
return mock_active_user
if email_address == 'inactive_user@example.gov.uk':
mock_active_user.state = 'inactive'
if email_address == 'pending_user@example.gov.uk':
return mock_api_user
else:
mock_active_user.email_address = email_address
return mock_active_user
return mocker.patch('app.main.dao.users_dao.get_user_by_email', side_effect=_get_user)
@pytest.fixture(scope='function')
def mock_inactive_user_dao_get_by_email(mocker, mock_api_user):
def _get_user(email_address):
mock_api_user.fields['email_address'] = email_address
mock_api_user.state = 'pending'
mock_api_user.fields['is_locked'] = True
return mock_api_user
return mocker.patch('app.main.dao.users_dao.get_user_by_email', side_effect=_get_user)
def mock_user_checkpassword(mocker, mock_active_user):
@pytest.fixture(scope='function')
def mock_user_by_email_not_found(mocker):
return mocker.patch('app.main.dao.users_dao.get_user_by_email', return_value=None)
@pytest.fixture(scope='function')
def mock_user_dao_checkpassword(mocker, mock_api_user):
def _check(mock_api_user, password):
def _check(mock_active_user, password):
return True
return mocker.patch('app.main.dao.users_dao.verify_password', side_effect=_check)
@pytest.fixture(scope='function')
def mock_user_dao_update_email(mocker, mock_api_user):
def mock_update_email(mocker, mock_active_user):
def _update(id, email_address):
mock_api_user.fields['email_address'] = email_address
mock_active_user.email_address = email_address
return mocker.patch('app.main.dao.users_dao.update_email_address', side_effect=_update)
@pytest.fixture(scope='function')
def mock_user_dao_update_mobile(mocker, mock_api_user):
def mock_update_mobile(mocker, mock_active_user):
def _update(id, mobile_number):
mock_api_user.fields['mobile_number'] = mobile_number
mock_active_user.mobile_number = mobile_number
return mocker.patch('app.main.dao.users_dao.update_mobile_number', side_effect=_update)
@pytest.fixture(scope='function')
def mock_user_dao_password_reset(mocker, mock_api_user):
def mock_password_reset(mocker, mock_active_user):
def _reset(email):
mock_api_user.state = 'request_password_reset'
mock_active_user.state = 'request_password_reset'
return mocker.patch('app.main.dao.users_dao.request_password_reset', side_effect=_reset)
@pytest.fixture(scope='function')
def mock_user_dao_get_new_password(mocker, mock_api_user):
mock_api_user.state = 'request_password_reset'
mock_class = mocker.patch('app.main.dao.users_dao.get_user_by_email')
mock_class.return_value = mock_api_user
return mock_class
@pytest.fixture(scope='function')
def mock_create_api_key(mocker):
def _create(service_id, key_name):