darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-03 01:41:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into email-templates-part-2

Browse Source
This commit is contained in:
Martyn Inglis
2016-02-22 14:04:01 +00:00
parent 9bb95a53ec 71bfaa3c10
commit b3b3cca65f
12 changed files with 408 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tests/app/celery/test_tasks.py
View File

@@ -1,5 +1,6 @@
import uuid
import pytest
from flask import current_app
from app.celery.tasks import (send_sms, send_sms_code, send_email_code)
from app import (firetext_client, aws_ses_client, encryption)
from app.clients.sms.firetext import FiretextClientException
@@ -98,17 +99,15 @@ def test_should_throw_firetext_client_exception(mocker):
def test_should_send_email_code(mocker):
verification = {'to_address': 'someone@it.gov.uk',
'from_address': 'no-reply@notify.gov.uk',
'subject': 'Verification code',
'body': 11111}
verification = {'to': 'someone@it.gov.uk',
'secret_code': 11111}
encrypted_verification = encryption.encrypt(verification)
mocker.patch('app.aws_ses_client.send_email')
send_email_code(encrypted_verification)
aws_ses_client.send_email.assert_called_once_with(verification['from_address'],
verification['to_address'],
verification['subject'],
verification['body'])
aws_ses_client.send_email.assert_called_once_with(current_app.config['VERIFY_CODE_FROM_EMAIL_ADDRESS'],
verification['to'],
"Verification code",
verification['secret_code'])

3
tests/app/conftest.py
View File

@@ -32,7 +32,8 @@ def sample_user(notify_db,
'email_address': email,
'password': 'password',
'mobile_number': '+447700900986',
'state': 'active'
'state': 'active',
'permissions': []
}
usr = User.query.filter_by(email_address=email).first()
if not usr:

159
tests/app/user/test_rest.py
View File

@@ -1,6 +1,7 @@
import json
from flask import url_for
from app.models import (User, Service)
from app.dao.users_dao import save_model_user
from tests import create_authorization_header
from tests.app.conftest import sample_service as create_sample_service
@@ -27,7 +28,8 @@ def test_get_user_list(notify_api, notify_db, notify_db_session, sample_user, sa
"password_changed_at": None,
"logged_in_at": None,
"state": "active",
"failed_login_count": 0
"failed_login_count": 0,
"permissions": []
}
assert expected in json_resp['data']
@@ -54,7 +56,8 @@ def test_get_user(notify_api, notify_db, notify_db_session, sample_user, sample_
"password_changed_at": None,
"logged_in_at": None,
"state": "active",
"failed_login_count": 0
"failed_login_count": 0,
"permissions": []
}
assert json_resp['data'] == expected
@@ -74,7 +77,8 @@ def test_post_user(notify_api, notify_db, notify_db_session, sample_admin_servic
"password_changed_at": None,
"logged_in_at": None,
"state": "active",
"failed_login_count": 0
"failed_login_count": 0,
"permissions": []
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.create_user'),
@@ -107,7 +111,8 @@ def test_post_user_missing_attribute_email(notify_api, notify_db, notify_db_sess
"password_changed_at": None,
"logged_in_at": None,
"state": "active",
"failed_login_count": 0
"failed_login_count": 0,
"permissions": []
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.create_user'),
@@ -138,7 +143,8 @@ def test_post_user_missing_attribute_password(notify_api, notify_db, notify_db_s
"password_changed_at": None,
"logged_in_at": None,
"state": "active",
"failed_login_count": 0
"failed_login_count": 0,
"permissions": []
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.create_user'),
@@ -166,7 +172,8 @@ def test_put_user(notify_api, notify_db, notify_db_session, sample_user, sample_
data = {
'name': sample_user.name,
'email_address': new_email,
'mobile_number': sample_user.mobile_number
'mobile_number': sample_user.mobile_number,
'permissions': []
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.update_user', user_id=sample_user.id),
@@ -189,7 +196,8 @@ def test_put_user(notify_api, notify_db, notify_db_session, sample_user, sample_
"id": user.id,
"logged_in_at": None,
"state": "active",
"failed_login_count": 0
"failed_login_count": 0,
"permissions": []
}
assert json_resp['data'] == expected
assert json_resp['data']['email_address'] == new_email
@@ -211,7 +219,8 @@ def test_put_user_update_password(notify_api,
'name': sample_user.name,
'email_address': sample_user.email_address,
'mobile_number': sample_user.mobile_number,
'password': new_password
'password': new_password,
'permissions': []
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.update_user', user_id=sample_user.id),
@@ -248,22 +257,140 @@ def test_put_user_not_exists(notify_api, notify_db, notify_db_session, sample_us
assert User.query.count() == 2
new_email = 'new@digital.cabinet-office.gov.uk'
data = {'email_address': new_email}
auth_header = create_authorization_header(
service_id=sample_admin_service_id,
path=url_for('user.update_user', user_id="9999"),
method='PUT',
request_body=json.dumps(data))
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.update_user', user_id="9999"),
method='PUT',
request_body=json.dumps(data))
headers = [('Content-Type', 'application/json'), auth_header]
resp = client.put(
url_for('user.update_user', user_id="9999"),
data=json.dumps(data),
headers=headers)
json_resp = json.loads(resp.get_data(as_text=True))
print(json_resp)
assert resp.status_code == 404
assert User.query.count() == 2
user = User.query.filter_by(id=sample_user.id).first()
json_resp = json.loads(resp.get_data(as_text=True))
assert json_resp == {'result': 'error', 'message': 'User not found'}
assert json_resp['result'] == "error"
assert json_resp['message'] == "User not found"
assert user == sample_user
assert user.email_address != new_email
def test_post_with_permissions(notify_api, notify_db, notify_db_session, sample_admin_service_id):
"""
Tests POST endpoint '/' to create a user with permissions.
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
assert User.query.count() == 1
permissions = ['new permission']
data = {
"name": "Test User",
"email_address": "user@digital.cabinet-office.gov.uk",
"password": "password",
"mobile_number": "+447700900986",
"password_changed_at": None,
"logged_in_at": None,
"state": "active",
"failed_login_count": 0,
"permissions": permissions
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.create_user'),
method='POST',
request_body=json.dumps(data))
headers = [('Content-Type', 'application/json'), auth_header]
resp = client.post(
url_for('user.create_user'),
data=json.dumps(data),
headers=headers)
assert resp.status_code == 201
user = User.query.filter_by(email_address='user@digital.cabinet-office.gov.uk').first()
json_resp = json.loads(resp.get_data(as_text=True))
json_resp['data'] == {"email_address": user.email_address, "id": user.id}
assert json_resp['data']['email_address'] == user.email_address
assert json_resp['data']['id'] == user.id
assert json_resp['data']['permissions'] == permissions
def test_put_add_permissions(notify_api, notify_db, notify_db_session, sample_user, sample_admin_service_id):
"""
Tests PUT endpoint '/' to update user permissions.
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
permissions = ['one permission', 'another permission']
data = {
'name': sample_user.name,
'email_address': sample_user.email_address,
'mobile_number': sample_user.mobile_number,
'permissions': permissions
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.update_user', user_id=sample_user.id),
method='PUT',
request_body=json.dumps(data))
headers = [('Content-Type', 'application/json'), auth_header]
resp = client.put(
url_for('user.update_user', user_id=sample_user.id),
data=json.dumps(data),
headers=headers)
assert resp.status_code == 200
assert User.query.count() == 2
user = User.query.filter_by(email_address=sample_user.email_address).first()
json_resp = json.loads(resp.get_data(as_text=True))
expected = {
"name": user.name,
"email_address": user.email_address,
"mobile_number": user.mobile_number,
"password_changed_at": None,
"id": user.id,
"logged_in_at": None,
"state": user.state,
"failed_login_count": 0,
"permissions": permissions
}
assert json_resp['data'] == expected
def test_put_remove_permissions(notify_api, notify_db, notify_db_session, sample_user, sample_admin_service_id):
"""
Tests PUT endpoint '/' to update user permissions.
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
old_permissions = ['one permission', 'another permission']
save_model_user(sample_user, {'permissions': old_permissions})
permissions = ['new permissions']
data = {
'name': sample_user.name,
'email_address': sample_user.email_address,
'mobile_number': sample_user.mobile_number,
'permissions': permissions
}
auth_header = create_authorization_header(service_id=sample_admin_service_id,
path=url_for('user.update_user', user_id=sample_user.id),
method='PUT',
request_body=json.dumps(data))
headers = [('Content-Type', 'application/json'), auth_header]
resp = client.put(
url_for('user.update_user', user_id=sample_user.id),
data=json.dumps(data),
headers=headers)
assert resp.status_code == 200
assert User.query.count() == 2
user = User.query.filter_by(email_address=sample_user.email_address).first()
json_resp = json.loads(resp.get_data(as_text=True))
expected = {
"name": user.name,
"email_address": user.email_address,
"mobile_number": user.mobile_number,
"password_changed_at": None,
"id": user.id,
"logged_in_at": None,
"state": user.state,
"failed_login_count": 0,
"permissions": permissions
}
assert json_resp['data'] == expected

163
tests/app/user/test_rest_verify.py
View File

@@ -2,9 +2,7 @@ import json
import moto
from datetime import (datetime, timedelta)
from flask import url_for
from app.models import (VerifyCode)
import app.celery.tasks
from app import db, encryption
from tests import create_authorization_header
@@ -191,7 +189,6 @@ def test_user_verify_password_valid_password_resets_failed_logins(notify_api,
notify_db,
notify_db_session,
sample_user):
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({'password': 'bad password'})
@@ -249,9 +246,10 @@ def test_user_verify_password_missing_password(notify_api,
assert 'Required field missing data' in json_resp['message']['password']
# TODO: Remove this test once the admin app has stopped using it.
def test_send_user_code_for_sms(notify_api,
sample_sms_code,
mock_secret_code,
mock_encryption,
mock_celery_send_sms_code):
"""
Tests POST endpoint '/<user_id>/code' successful sms
@@ -269,35 +267,11 @@ def test_send_user_code_for_sms(notify_api,
headers=[('Content-Type', 'application/json'), auth_header])
assert resp.status_code == 204
encrpyted = encryption.encrypt({'to': sample_sms_code.user.mobile_number, 'secret_code': '11111'})
app.celery.tasks.send_sms_code.apply_async.assert_called_once_with([encrpyted], queue='sms-code')
def test_send_user_code_for_sms_with_optional_to_field(notify_api,
sample_sms_code,
mock_secret_code,
mock_celery_send_sms_code):
"""
Tests POST endpoint '/<user_id>/code' successful sms with optional to field
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({'code_type': 'sms', 'to': '+441119876757'})
auth_header = create_authorization_header(
path=url_for('user.send_user_code', user_id=sample_sms_code.user.id),
method='POST',
request_body=data)
resp = client.post(
url_for('user.send_user_code', user_id=sample_sms_code.user.id),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
assert resp.status_code == 204
encrypted = encryption.encrypt({'to': '+441119876757', 'secret_code': '11111'})
app.celery.tasks.send_sms_code.apply_async.assert_called_once_with([encrypted], queue='sms-code')
app.celery.tasks.send_sms_code.apply_async.assert_called_once_with(['something_encrypted'],
queue='sms-code')
# TODO: Remove this test once the admin app has stopped using it.
def test_send_user_code_for_email(notify_api,
sample_email_code,
mock_secret_code,
@@ -323,6 +297,7 @@ def test_send_user_code_for_email(notify_api,
queue='email-code')
# TODO: Remove this test once the admin app has stopped using it.
def test_send_user_code_for_email_uses_optional_to_field(notify_api,
sample_email_code,
mock_secret_code,
@@ -348,16 +323,130 @@ def test_send_user_code_for_email_uses_optional_to_field(notify_api,
queue='email-code')
def test_request_verify_code_schema_invalid_code_type(notify_api, notify_db, notify_db_session, sample_user):
from app.schemas import request_verify_code_schema
# TODO: Remove this test once the admin app has stopped using it.
def test_request_verify_code_schema_invalid_code_type(notify_api, sample_user):
from app.schemas import old_request_verify_code_schema
data = json.dumps({'code_type': 'not_sms'})
code, error = request_verify_code_schema.loads(data)
code, error = old_request_verify_code_schema.loads(data)
assert error == {'code_type': ['Invalid code type']}
def test_request_verify_code_schema_with_to(notify_api, notify_db, notify_db_session, sample_user):
from app.schemas import request_verify_code_schema
# TODO: Remove this method once the admin app has stopped using it.
def test_request_verify_code_schema_with_to(notify_api, sample_user):
from app.schemas import old_request_verify_code_schema
data = json.dumps({'code_type': 'sms', 'to': 'some@one.gov.uk'})
code, error = request_verify_code_schema.loads(data)
code, error = old_request_verify_code_schema.loads(data)
assert code == {'code_type': 'sms', 'to': 'some@one.gov.uk'}
assert error == {}
def test_send_user_sms_code(notify_api,
sample_sms_code,
mock_celery_send_sms_code,
mock_encryption):
"""
Tests POST endpoint /user/<user_id>/sms-code
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({})
auth_header = create_authorization_header(
path=url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
method='POST',
request_body=data)
resp = client.post(
url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
print(resp.get_data(as_text=True))
assert resp.status_code == 204
app.celery.tasks.send_sms_code.apply_async.assert_called_once_with(['something_encrypted'],
queue='sms-code')
def test_send_user_code_for_sms_with_optional_to_field(notify_api,
sample_sms_code,
mock_secret_code,
mock_celery_send_sms_code):
"""
Tests POST endpoint '/<user_id>/code' successful sms with optional to field
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({'to': '+441119876757'})
auth_header = create_authorization_header(
path=url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
method='POST',
request_body=data)
resp = client.post(
url_for('user.send_user_sms_code', user_id=sample_sms_code.user.id),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
assert resp.status_code == 204
encrypted = encryption.encrypt({'to': '+441119876757', 'secret_code': '11111'})
app.celery.tasks.send_sms_code.apply_async.assert_called_once_with([encrypted], queue='sms-code')
def test_send_sms_code_returns_404_for_bad_input_data(notify_api, notify_db, notify_db_session):
"""
Tests POST endpoint /user/<user_id>/sms-code return 404 for bad input data
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({})
import uuid
uuid_ = uuid.uuid4()
auth_header = create_authorization_header(
path=url_for('user.send_user_sms_code', user_id=uuid_),
method='POST',
request_body=data)
resp = client.post(
url_for('user.send_user_sms_code', user_id=uuid_),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
assert resp.status_code == 404
assert json.loads(resp.get_data(as_text=True))['message'] == 'No user found'
def test_send_user_email_code(notify_api,
sample_email_code,
mock_celery_send_email_code,
mock_encryption):
"""
Tests POST endpoint /user/<user_id>/email-code
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({})
auth_header = create_authorization_header(
path=url_for('user.send_user_email_code', user_id=sample_email_code.user.id),
method='POST',
request_body=data)
resp = client.post(
url_for('user.send_user_email_code', user_id=sample_email_code.user.id),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
print(resp.get_data(as_text=True))
assert resp.status_code == 204
app.celery.tasks.send_email_code.apply_async.assert_called_once_with(['something_encrypted'],
queue='email-code')
def test_send_user_email_code_returns_404_for_when_user_does_not_exist(notify_api, notify_db, notify_db_session):
"""
Tests POST endpoint /user/<user_id>/email-code return 404 for missing user
"""
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({})
auth_header = create_authorization_header(
path=url_for('user.send_user_email_code', user_id=1),
method='POST',
request_body=data)
resp = client.post(
url_for('user.send_user_email_code', user_id=1),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
assert resp.status_code == 404
assert json.loads(resp.get_data(as_text=True))['message'] == 'No user found'