tests/app/user/test_rest_verify.py

import json
import moto

from datetime import (
    datetime,
    timedelta
)

from flask import url_for

from app.models import (
    VerifyCode,
    User
)

from app import db, encryption

from tests import create_authorization_header
from freezegun import freeze_time

import app.celery.tasks


def test_user_verify_code_sms(notify_api,
                              sample_sms_code):
    """
    Tests POST endpoint '/<user_id>/verify/code'
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            assert not VerifyCode.query.first().code_used
            data = json.dumps({
                'code_type': sample_sms_code.code_type,
                'code': sample_sms_code.txt_code})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_code', user_id=sample_sms_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_code', user_id=sample_sms_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 204
            assert VerifyCode.query.first().code_used


def test_user_verify_code_sms_missing_code(notify_api,
                                           sample_sms_code):
    """
    Tests POST endpoint '/<user_id>/verify/code'
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            assert not VerifyCode.query.first().code_used
            data = json.dumps({'code_type': sample_sms_code.code_type})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_code', user_id=sample_sms_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_code', user_id=sample_sms_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 400
            assert not VerifyCode.query.first().code_used


@moto.mock_sqs
def test_user_verify_code_email(notify_api,
                                sqs_client_conn,
                                sample_email_code):
    """
    Tests POST endpoint '/<user_id>/verify/code'
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            assert not VerifyCode.query.first().code_used
            data = json.dumps({
                'code_type': sample_email_code.code_type,
                'code': sample_email_code.txt_code})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_code', user_id=sample_email_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_code', user_id=sample_email_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 204
            assert VerifyCode.query.first().code_used


def test_user_verify_code_email_bad_code(notify_api,
                                         sample_email_code):
    """
    Tests POST endpoint '/<user_id>/verify/code'
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            assert not VerifyCode.query.first().code_used
            data = json.dumps({
                'code_type': sample_email_code.code_type,
                'code': "blah"})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_code', user_id=sample_email_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_code', user_id=sample_email_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 404
            assert not VerifyCode.query.first().code_used


def test_user_verify_code_email_expired_code(notify_api,
                                             sample_email_code):
    """
    Tests POST endpoint '/<user_id>/verify/code'
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            assert not VerifyCode.query.first().code_used
            sample_email_code.expiry_datetime = (
                datetime.now() - timedelta(hours=1))
            db.session.add(sample_email_code)
            db.session.commit()
            data = json.dumps({
                'code_type': sample_email_code.code_type,
                'code': sample_email_code.txt_code})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_code', user_id=sample_email_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_code', user_id=sample_email_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 400
            assert not VerifyCode.query.first().code_used


@freeze_time("2016-01-01 10:00:00.000000")
def test_user_verify_password(notify_api,
                              notify_db,
                              notify_db_session,
                              sample_user):
    """
    Tests POST endpoint '/<user_id>/verify/password'
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({'password': 'password'})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_password', user_id=sample_user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_password', user_id=sample_user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 204
            User.query.get(sample_user.id).logged_in_at == datetime.utcnow()


def test_user_verify_password_invalid_password(notify_api,
                                               sample_user):
    """
    Tests POST endpoint '/<user_id>/verify/password' invalid endpoint.
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({'password': 'bad password'})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_password', user_id=sample_user.id),
                method='POST',
                request_body=data)

            assert sample_user.failed_login_count == 0

            resp = client.post(
                url_for('user.verify_user_password', user_id=sample_user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 400
            json_resp = json.loads(resp.get_data(as_text=True))
            assert 'Incorrect password' in json_resp['message']['password']
            assert sample_user.failed_login_count == 1


def test_user_verify_password_valid_password_resets_failed_logins(notify_api,
                                                                  sample_user):
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({'password': 'bad password'})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_password', user_id=sample_user.id),
                method='POST',
                request_body=data)

            assert sample_user.failed_login_count == 0

            resp = client.post(
                url_for('user.verify_user_password', user_id=sample_user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 400
            json_resp = json.loads(resp.get_data(as_text=True))
            assert 'Incorrect password' in json_resp['message']['password']

            assert sample_user.failed_login_count == 1

            data = json.dumps({'password': 'password'})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_password', user_id=sample_user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_password', user_id=sample_user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])

            assert resp.status_code == 204
            assert sample_user.failed_login_count == 0


def test_user_verify_password_missing_password(notify_api,
                                               sample_user):
    """
    Tests POST endpoint '/<user_id>/verify/password' missing password.
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({'bingo': 'bongo'})
            auth_header = create_authorization_header(
                path=url_for('user.verify_user_password', user_id=sample_user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.verify_user_password', user_id=sample_user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 400
            json_resp = json.loads(resp.get_data(as_text=True))
            assert 'Required field missing data' in json_resp['message']['password']


def test_send_user_sms_code(notify_api,
                            sample_sms_code,
                            mock_celery_send_sms_code,
                            mock_encryption):
    """
    Tests POST endpoint /user/<user_id>/sms-code
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({})
            auth_header = create_authorization_header(
                path=url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 204
            app.celery.tasks.send_sms_code.apply_async.assert_called_once_with(['something_encrypted'],
                                                                               queue='sms-code')


def test_send_user_code_for_sms_with_optional_to_field(notify_api,
                                                       sample_sms_code,
                                                       mock_secret_code,
                                                       mock_celery_send_sms_code):
    """
   Tests POST endpoint '/<user_id>/code' successful sms with optional to field
   """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({'to': '+441119876757'})
            auth_header = create_authorization_header(
                path=url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])

            assert resp.status_code == 204
            encrypted = encryption.encrypt({'to': '+441119876757', 'secret_code': '11111'})
            app.celery.tasks.send_sms_code.apply_async.assert_called_once_with([encrypted], queue='sms-code')


def test_send_sms_code_returns_404_for_bad_input_data(notify_api, notify_db, notify_db_session):
    """
    Tests POST endpoint /user/<user_id>/sms-code return 404 for bad input data
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({})
            import uuid
            uuid_ = uuid.uuid4()
            auth_header = create_authorization_header(
                path=url_for('user.send_user_sms_code', user_id=uuid_),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.send_user_sms_code', user_id=uuid_),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 404
            assert json.loads(resp.get_data(as_text=True))['message'] == 'No result found'


def test_send_user_email_code(notify_api,
                              sample_email_code,
                              mock_celery_send_email_code,
                              mock_encryption):
    """
    Tests POST endpoint /user/<user_id>/email-code
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({})
            auth_header = create_authorization_header(
                path=url_for('user.send_user_email_code', user_id=sample_email_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.send_user_email_code', user_id=sample_email_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 204
            app.celery.tasks.send_email_code.apply_async.assert_called_once_with(['something_encrypted'],
                                                                                 queue='email-code')


def test_send_user_email_code_returns_404_for_when_user_does_not_exist(notify_api, notify_db, notify_db_session):
    """
    Tests POST endpoint /user/<user_id>/email-code return 404 for missing user
    """
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({})
            auth_header = create_authorization_header(
                path=url_for('user.send_user_email_code', user_id=1),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.send_user_email_code', user_id=1),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 404
            assert json.loads(resp.get_data(as_text=True))['message'] == 'No result found'


def test_send_user_email_verification(notify_api,
                                      sample_email_code,
                                      mock_celery_email_registration_verification,
                                      mock_encryption):

    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            data = json.dumps({})
            auth_header = create_authorization_header(
                path=url_for('user.send_user_email_verification', user_id=sample_email_code.user.id),
                method='POST',
                request_body=data)
            resp = client.post(
                url_for('user.send_user_email_verification', user_id=sample_email_code.user.id),
                data=data,
                headers=[('Content-Type', 'application/json'), auth_header])
            assert resp.status_code == 204
            app.celery.tasks.email_registration_verification.apply_async.assert_called_once_with(['something_encrypted'], queue='email-registration-verification')  # noqa
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`import json`
Missed a couple of places where we should push to the queue. 2016-02-03 13:52:09 +00:00			`import moto`
Added task for sending email verification links out on intial registration. Left original email code endpoint in as it is still used for things like email change. 2016-03-17 13:06:17 +00:00
			`from datetime import (`
			`datetime,`
			`timedelta`
			`)`

All tests working, second time around. 2016-01-21 17:29:24 +00:00			`from flask import url_for`
Added task for sending email verification links out on intial registration. Left original email code endpoint in as it is still used for things like email change. 2016-03-17 13:06:17 +00:00
			`from app.models import (`
			`VerifyCode,`
			`User`
			`)`

Celery task to send the sms verify code. Each celery task will use it's own queue. 2016-02-17 15:41:33 +00:00			`from app import db, encryption`
Added task for sending email verification links out on intial registration. Left original email code endpoint in as it is still used for things like email change. 2016-03-17 13:06:17 +00:00
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`from tests import create_authorization_header`
Capture logged in at when password is verified 2016-03-07 15:01:40 +00:00			`from freezegun import freeze_time`
All tests working, second time around. 2016-01-21 17:29:24 +00:00
Added task for sending email verification links out on intial registration. Left original email code endpoint in as it is still used for things like email change. 2016-03-17 13:06:17 +00:00			`import app.celery.tasks`

All tests working, second time around. 2016-01-21 17:29:24 +00:00
			`def test_user_verify_code_sms(notify_api,`
			`sample_sms_code):`
			`"""`
			`Tests POST endpoint '/<user_id>/verify/code'`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`assert not VerifyCode.query.first().code_used`
			`data = json.dumps({`
			`'code_type': sample_sms_code.code_type,`
			`'code': sample_sms_code.txt_code})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_code', user_id=sample_sms_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_code', user_id=sample_sms_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 204`
			`assert VerifyCode.query.first().code_used`


			`def test_user_verify_code_sms_missing_code(notify_api,`
			`sample_sms_code):`
			`"""`
			`Tests POST endpoint '/<user_id>/verify/code'`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`assert not VerifyCode.query.first().code_used`
			`data = json.dumps({'code_type': sample_sms_code.code_type})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_code', user_id=sample_sms_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_code', user_id=sample_sms_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 400`
			`assert not VerifyCode.query.first().code_used`


Missed a couple of places where we should push to the queue. 2016-02-03 13:52:09 +00:00			`@moto.mock_sqs`
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`def test_user_verify_code_email(notify_api,`
Missed a couple of places where we should push to the queue. 2016-02-03 13:52:09 +00:00			`sqs_client_conn,`
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`sample_email_code):`
			`"""`
			`Tests POST endpoint '/<user_id>/verify/code'`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`assert not VerifyCode.query.first().code_used`
			`data = json.dumps({`
			`'code_type': sample_email_code.code_type,`
			`'code': sample_email_code.txt_code})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_code', user_id=sample_email_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_code', user_id=sample_email_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 204`
			`assert VerifyCode.query.first().code_used`


			`def test_user_verify_code_email_bad_code(notify_api,`
			`sample_email_code):`
			`"""`
			`Tests POST endpoint '/<user_id>/verify/code'`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`assert not VerifyCode.query.first().code_used`
			`data = json.dumps({`
			`'code_type': sample_email_code.code_type,`
			`'code': "blah"})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_code', user_id=sample_email_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_code', user_id=sample_email_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 404`
			`assert not VerifyCode.query.first().code_used`


			`def test_user_verify_code_email_expired_code(notify_api,`
			`sample_email_code):`
			`"""`
			`Tests POST endpoint '/<user_id>/verify/code'`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`assert not VerifyCode.query.first().code_used`
			`sample_email_code.expiry_datetime = (`
			`datetime.now() - timedelta(hours=1))`
			`db.session.add(sample_email_code)`
			`db.session.commit()`
			`data = json.dumps({`
			`'code_type': sample_email_code.code_type,`
			`'code': sample_email_code.txt_code})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_code', user_id=sample_email_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_code', user_id=sample_email_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 400`
			`assert not VerifyCode.query.first().code_used`


Capture logged in at when password is verified 2016-03-07 15:01:40 +00:00			`@freeze_time("2016-01-01 10:00:00.000000")`
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`def test_user_verify_password(notify_api,`
			`notify_db,`
			`notify_db_session,`
Updated send user code to use an optional to field to send emails Added tests for send_user_code 2016-01-27 11:51:02 +00:00			`sample_user):`
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`"""`
			`Tests POST endpoint '/<user_id>/verify/password'`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({'password': 'password'})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_password', user_id=sample_user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_password', user_id=sample_user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 204`
Capture logged in at when password is verified 2016-03-07 15:01:40 +00:00			`User.query.get(sample_user.id).logged_in_at == datetime.utcnow()`
All tests working, second time around. 2016-01-21 17:29:24 +00:00

			`def test_user_verify_password_invalid_password(notify_api,`
Updated send user code to use an optional to field to send emails Added tests for send_user_code 2016-01-27 11:51:02 +00:00			`sample_user):`
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`"""`
			`Tests POST endpoint '/<user_id>/verify/password' invalid endpoint.`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({'password': 'bad password'})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_password', user_id=sample_user.id),`
			`method='POST',`
			`request_body=data)`
Record and persist failed login count on api. 2016-01-25 11:14:23 +00:00
			`assert sample_user.failed_login_count == 0`

All tests working, second time around. 2016-01-21 17:29:24 +00:00			`resp = client.post(`
			`url_for('user.verify_user_password', user_id=sample_user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 400`
			`json_resp = json.loads(resp.get_data(as_text=True))`
			`assert 'Incorrect password' in json_resp['message']['password']`
Record and persist failed login count on api. 2016-01-25 11:14:23 +00:00			`assert sample_user.failed_login_count == 1`
All tests working, second time around. 2016-01-21 17:29:24 +00:00

If failed login count > 0 and user subsequently logs in sucessfully, then failed logins set to 0. 2016-01-28 11:32:46 +00:00			`def test_user_verify_password_valid_password_resets_failed_logins(notify_api,`
			`sample_user):`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({'password': 'bad password'})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_password', user_id=sample_user.id),`
			`method='POST',`
			`request_body=data)`

			`assert sample_user.failed_login_count == 0`

			`resp = client.post(`
			`url_for('user.verify_user_password', user_id=sample_user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 400`
			`json_resp = json.loads(resp.get_data(as_text=True))`
			`assert 'Incorrect password' in json_resp['message']['password']`

			`assert sample_user.failed_login_count == 1`

			`data = json.dumps({'password': 'password'})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_password', user_id=sample_user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_password', user_id=sample_user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`

			`assert resp.status_code == 204`
			`assert sample_user.failed_login_count == 0`


All tests working, second time around. 2016-01-21 17:29:24 +00:00			`def test_user_verify_password_missing_password(notify_api,`
Updated send user code to use an optional to field to send emails Added tests for send_user_code 2016-01-27 11:51:02 +00:00			`sample_user):`
All tests working, second time around. 2016-01-21 17:29:24 +00:00			`"""`
			`Tests POST endpoint '/<user_id>/verify/password' missing password.`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({'bingo': 'bongo'})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.verify_user_password', user_id=sample_user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.verify_user_password', user_id=sample_user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 400`
			`json_resp = json.loads(resp.get_data(as_text=True))`
			`assert 'Required field missing data' in json_resp['message']['password']`
Updated send user code to use an optional to field to send emails Added tests for send_user_code 2016-01-27 11:51:02 +00:00

Refactor user/<user_id>/code into two endpoints. - Created new endpoint user/<user_id>/sms-code to send the sms verification code to the user. - Create new endpoirtn user/<user_id>/email-code to send the email verifcation code to the user. - Marked the old methods, schema, tests with a TODO to be deleted when the admin app is no longer sending messages to /user/<user_id>/code - Added error handlers for DataError and NoResultFound. Data error catches invalid input errors. - Added error handler for SqlAlchemyError which catches any other database errors. - Removed the need for the try catches around the db calls in the user endpoints with the addition of the db error handlers. - We may want to wrap db excpetions in the dao, if we want the No results found message to be more specific and say no result found for user. 2016-02-19 11:37:35 +00:00			`def test_send_user_sms_code(notify_api,`
			`sample_sms_code,`
			`mock_celery_send_sms_code,`
			`mock_encryption):`
			`"""`
			`Tests POST endpoint /user/<user_id>/sms-code`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 204`
			`app.celery.tasks.send_sms_code.apply_async.assert_called_once_with(['something_encrypted'],`
			`queue='sms-code')`


			`def test_send_user_code_for_sms_with_optional_to_field(notify_api,`
			`sample_sms_code,`
			`mock_secret_code,`
			`mock_celery_send_sms_code):`
			`"""`
			`Tests POST endpoint '/<user_id>/code' successful sms with optional to field`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
Remove code_type 2016-02-19 16:06:45 +00:00			`data = json.dumps({'to': '+441119876757'})`
Refactor user/<user_id>/code into two endpoints. - Created new endpoint user/<user_id>/sms-code to send the sms verification code to the user. - Create new endpoirtn user/<user_id>/email-code to send the email verifcation code to the user. - Marked the old methods, schema, tests with a TODO to be deleted when the admin app is no longer sending messages to /user/<user_id>/code - Added error handlers for DataError and NoResultFound. Data error catches invalid input errors. - Added error handler for SqlAlchemyError which catches any other database errors. - Removed the need for the try catches around the db calls in the user endpoints with the addition of the db error handlers. - We may want to wrap db excpetions in the dao, if we want the No results found message to be more specific and say no result found for user. 2016-02-19 11:37:35 +00:00			`auth_header = create_authorization_header(`
			`path=url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`

			`assert resp.status_code == 204`
			`encrypted = encryption.encrypt({'to': '+441119876757', 'secret_code': '11111'})`
			`app.celery.tasks.send_sms_code.apply_async.assert_called_once_with([encrypted], queue='sms-code')`


			`def test_send_sms_code_returns_404_for_bad_input_data(notify_api, notify_db, notify_db_session):`
			`"""`
			`Tests POST endpoint /user/<user_id>/sms-code return 404 for bad input data`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({})`
			`import uuid`
			`uuid_ = uuid.uuid4()`
			`auth_header = create_authorization_header(`
			`path=url_for('user.send_user_sms_code', user_id=uuid_),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.send_user_sms_code', user_id=uuid_),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 404`
Changed db queries to use one, which throws NoResultFound exception, this exception is dealt with in our error handlers. Now a lot of the if none checks can be removed. 2016-03-11 12:39:55 +00:00			`assert json.loads(resp.get_data(as_text=True))['message'] == 'No result found'`
Refactor user/<user_id>/code into two endpoints. - Created new endpoint user/<user_id>/sms-code to send the sms verification code to the user. - Create new endpoirtn user/<user_id>/email-code to send the email verifcation code to the user. - Marked the old methods, schema, tests with a TODO to be deleted when the admin app is no longer sending messages to /user/<user_id>/code - Added error handlers for DataError and NoResultFound. Data error catches invalid input errors. - Added error handler for SqlAlchemyError which catches any other database errors. - Removed the need for the try catches around the db calls in the user endpoints with the addition of the db error handlers. - We may want to wrap db excpetions in the dao, if we want the No results found message to be more specific and say no result found for user. 2016-02-19 11:37:35 +00:00

			`def test_send_user_email_code(notify_api,`
			`sample_email_code,`
			`mock_celery_send_email_code,`
			`mock_encryption):`
			`"""`
			`Tests POST endpoint /user/<user_id>/email-code`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.send_user_email_code', user_id=sample_email_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.send_user_email_code', user_id=sample_email_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 204`
			`app.celery.tasks.send_email_code.apply_async.assert_called_once_with(['something_encrypted'],`
			`queue='email-code')`


			`def test_send_user_email_code_returns_404_for_when_user_does_not_exist(notify_api, notify_db, notify_db_session):`
			`"""`
			`Tests POST endpoint /user/<user_id>/email-code return 404 for missing user`
			`"""`
			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.send_user_email_code', user_id=1),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.send_user_email_code', user_id=1),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 404`
Changed db queries to use one, which throws NoResultFound exception, this exception is dealt with in our error handlers. Now a lot of the if none checks can be removed. 2016-03-11 12:39:55 +00:00			`assert json.loads(resp.get_data(as_text=True))['message'] == 'No result found'`
Added task for sending email verification links out on intial registration. Left original email code endpoint in as it is still used for things like email change. 2016-03-17 13:06:17 +00:00

			`def test_send_user_email_verification(notify_api,`
			`sample_email_code,`
			`mock_celery_email_registration_verification,`
			`mock_encryption):`

			`with notify_api.test_request_context():`
			`with notify_api.test_client() as client:`
			`data = json.dumps({})`
			`auth_header = create_authorization_header(`
			`path=url_for('user.send_user_email_verification', user_id=sample_email_code.user.id),`
			`method='POST',`
			`request_body=data)`
			`resp = client.post(`
			`url_for('user.send_user_email_verification', user_id=sample_email_code.user.id),`
			`data=data,`
			`headers=[('Content-Type', 'application/json'), auth_header])`
			`assert resp.status_code == 204`
			`app.celery.tasks.email_registration_verification.apply_async.assert_called_once_with(['something_encrypted'], queue='email-registration-verification') # noqa`