import random import string import json import datetime from urllib.parse import quote from django.utils import timezone from django.test import TestCase from rest_framework.test import APITestCase from rest_framework import status from companies.factories import CompanyFactory from products.factories import ProductFactory from products.models import Product from core.factories import CustomUserFactory from core.utils import get_tokens_for_user # Create your tests here. class ProductViewSetTest(APITestCase): """ProductViewSet tests """ def setUp(self): """Tests setup """ self.endpoint = '/api/v1/products/' self.factory = ProductFactory self.model = Product # create user self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) self.user = CustomUserFactory(email="test@mail.com", password=self.password, is_active=True) # anon user def test_anon_user_cannot_create_instance(self): """Not logged-in user cannot create new instance """ instances = [self.factory() for n in range(random.randint(1,5))] # Query endpoint response = self.client.post(self.endpoint, data={}) # Assert access is forbidden self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_anon_user_cannot_modify_existing_instance(self): """Not logged-in user cannot modify existing instance """ # Create instance instance = self.factory() # Query endpoint url = self.endpoint + f'{instance.pk}/' response = self.client.put(url, {}, format='json') # Assert forbidden code self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_anon_user_cannot_delete_existing_instance(self): """Not logged-in user cannot delete existing instance """ # Create instances instance = self.factory() # Query endpoint url = self.endpoint + f'{instance.pk}/' response = self.client.delete(url) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) # Assert instance still exists on db self.assertTrue(self.model.objects.get(id=instance.pk)) def test_anon_user_can_list_instance(self): """Not logged-in user can list instance """ # Request list response = self.client.get(self.endpoint) # Assert access is forbidden self.assertEqual(response.status_code, status.HTTP_200_OK) def test_anon_user_can_filter_name(self): # create instances self.factory(name='product1', tags="zapatos, verdes") self.factory(name='product2', tags="rojos") url = f"{self.endpoint}?name=product1" # Request list response = self.client.get(url) payload = response.json() # Assert access is granted self.assertEqual(response.status_code, status.HTTP_200_OK) # Assert number of instnaces in response self.assertEquals(1, len(payload)) def test_anon_user_can_filter_tags(self): # create instances expected_instance = [ self.factory(name='product1', tags="zapatos, rojos"), self.factory(name='product2', tags="rojos") ] unexpected_instance = [ self.factory(name='sadfdsa', tags="zapatos, azules"), self.factory(name='qwerw', tags="xxl") ] # prepare url url = f"{self.endpoint}?tags=rojos" # Request list response = self.client.get(url) payload = response.json() # Assert access is granted self.assertEqual(response.status_code, status.HTTP_200_OK) # Assert number of instnaces in response self.assertEquals(len(expected_instance), len(payload)) def test_anon_user_can_filter_attributes(self): # create instances expected_instance = [ self.factory(attributes='xxl', tags="zapatos, rojos"), self.factory(attributes='blue, xxl', tags="rojos") ] unexpected_instance = [ self.factory(name='sadfdsa', tags="zapatos, azules"), self.factory(name='qwerw', tags="xxl") ] # prepare url url = f"{self.endpoint}?attributes=xxl" # Request list response = self.client.get(url) payload = response.json() # Assert access is granted self.assertEqual(response.status_code, status.HTTP_200_OK) # Assert number of instnaces in response self.assertEquals(len(expected_instance), len(payload)) def test_anon_user_can_filter_category(self): # create instances expected_instance = [ self.factory(category='ropa', tags="zapatos, rojos"), self.factory(category='ropa', tags="rojos") ] unexpected_instance = [ self.factory(category='roperos', tags="zapatos, azules"), self.factory(category='enropados', tags="xxl") ] # prepare url url = f"{self.endpoint}?category=ropa" # Request list response = self.client.get(url) payload = response.json() # Assert access is granted self.assertEqual(response.status_code, status.HTTP_200_OK) # Assert number of instnaces in response self.assertEquals(len(expected_instance), len(payload)) # authenticated user def test_auth_user_can_list_instances(self): """Regular logged-in user can list instance """ # Create instances instances = [self.factory() for n in range(random.randint(1,5))] # Authenticate user token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Request list response = self.client.get(self.endpoint) # Assert access is allowed self.assertEqual(response.status_code, status.HTTP_200_OK) # Assert all instances are returned self.assertEqual(len(instances), len(response.data)) def test_auth_user_can_get_instance(self): """Regular logged-in user can list instance """ # Create instances instance = self.factory() # Authenticate user token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Request list url = f"{self.endpoint}{instance.id}/" response = self.client.get(url) # Assert access is allowed self.assertEqual(response.status_code, status.HTTP_200_OK) data = json.loads(response.content) self.assertEquals(instance.id, data['id']) def test_auth_user_can_create_instance(self): """Regular logged-in user can create new instance """ # Define request data company = CompanyFactory() data = { 'company': company.id, 'sku': 'qwerewq', 'name': 'qwerewq', 'description': 'qwerewq', 'url': 'http://qwerewq.com', 'price': '12.21', 'shipping_cost': '21.12', 'shipping_terms': 'qwerewq', 'source': 'SYNCHRONIZED', 'sourcing_date': datetime.datetime.now().isoformat()+'Z', 'update_date': datetime.datetime.now().isoformat()+'Z', 'discount': '0.05', 'stock': 22, 'tags': ['tag1, tag2'], 'category': 'Mr', 'attributes': ['color/red', 'size/xxl'], 'identifiers': '34rf34f43c43', } # Authenticate user token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint response = self.client.post(self.endpoint, data=data, format='json') # Assert endpoint returns created status self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Assert instance exists on db self.assertTrue(self.model.objects.get(id=response.data['id'])) def test_auth_user_can_modify_own_instance(self): """Regular logged-in user can modify existing instance """ # Create instances instance = self.factory() # make our user the creator instance.creator = self.user instance.save() # Define request data company = CompanyFactory() data = { 'company': company.id, 'sku': 'qwerewq', 'name': 'qwerewq', 'description': 'qwerewq', 'image': None, 'url': 'http://qwerewq.com', 'price': '12.21', 'shipping_cost': '21.12', 'shipping_terms': 'qwerewq', 'source': 'SYNCHRONIZED', 'sourcing_date': datetime.datetime.now().isoformat()+'Z', 'update_date': datetime.datetime.now().isoformat()+'Z', 'discount': '0.05', 'stock': 22, 'tags': ['tag1x, tag2x'], 'category': 'MayorTagCategory2', 'attributes': ['color/blue', 'size/m'], 'identifiers': '34rf34f43c43', } # Authenticate user token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint url = self.endpoint + f'{instance.pk}/' response = self.client.put(url, data, format='json') # Assert endpoint returns OK code self.assertEqual(response.status_code, status.HTTP_200_OK) # Assert instance has been modified for key in data: self.assertEqual(data[key], response.data[key]) def test_auth_user_cannot_modify_other_users_instance(self): """Regular logged-in user cannot modify other user's instance """ # Create instances instance = self.factory() # Define request data company = CompanyFactory() data = { 'company': company.id, 'sku': 'qwerewq', 'name': 'qwerewq', 'description': 'qwerewq', 'url': 'http://qwerewq.com', 'price': '12.21', 'shipping_cost': '21.12', 'shipping_terms': 'qwerewq', 'source': 'SYNCHRONIZED', 'sourcing_date': datetime.datetime.now().isoformat()+'Z', 'update_date': datetime.datetime.now().isoformat()+'Z', 'discount': '0.05', 'stock': 22, 'tags': ['tag1, tag2'], 'category': 'Mr', 'attributes': ['color/red', 'size/xxl'], 'identifiers': '34rf34f43c43', } # Authenticate user token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint url = self.endpoint + f'{instance.pk}/' response = self.client.put(url, data=data, format='json') # Assert endpoint returns OK code self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_auth_user_cannot_delete_other_users_instance(self): """Regular logged-in user cannot delete other user's instance """ # Create instances instance = self.factory() # Authenticate user token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint url = self.endpoint + f'{instance.pk}/' response = self.client.delete(url, format='json') # Assert endpoint returns OK code self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_auth_user_can_delete_own_instance(self): """Regular logged-in user can delete existing instance """ # Create instances instance = self.factory() # make our user the creator instance.creator = self.user instance.save() # Authenticate user token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint url = self.endpoint + f'{instance.pk}/' response = self.client.delete(url) # assert 204 no content self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) # Assert instance doesn't exists anymore on db self.assertFalse(self.model.objects.filter(id=instance.pk).exists()) class LoadCoopProductsTestCase(APITestCase): def setUp(self): """Tests setup """ self.endpoint = '/api/v1/load_products/' self.model = Product self.factory = ProductFactory # create admin user self.admin_email = f"admin_user@mail.com" self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) self.admin_user = CustomUserFactory(email=self.admin_email, password=self.password, is_staff=True, is_active=True) # create regular user self.reg_email = f"user@mail.com" self.user = CustomUserFactory(email=self.reg_email, is_active=True) self.user.set_password(self.password) self.user.save() # test CSV file path self.csv_path = 'datasets/test_products.csv' def test_auth_user_with_company_can_load_csv(self): # delete existing instances self.model.objects.all().delete() # create company company = CompanyFactory(creator=self.user) # read csv file files = {'csv_file': open(self.csv_path,'rt')} # Authenticate token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # send in request response = self.client.post(self.endpoint, files) # check re sponse self.assertEqual(response.status_code, 200) # check for object creation self.assertEquals(5, self.model.objects.count()) def test_auth_user_with_no_company_cannot_load_csv(self): # delete existing instances self.model.objects.all().delete() # read csv file files = {'csv_file': open(self.csv_path,'r')} # Authenticate token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # send in request response = self.client.post(self.endpoint, files) # check response self.assertEqual(response.status_code, 200) # check for object creation self.assertEqual(0, self.model.objects.count()) def test_anon_user_cannot_load_csv(self): # delete existing instances self.model.objects.all().delete() # read csv file files = {'csv_file': open(self.csv_path,'r')} # send in request response = self.client.post(self.endpoint, files) # check response self.assertEqual(response.status_code, 401) # check for object creation self.assertEqual(0, self.model.objects.count()) class ProductSearchTest(TestCase): def setUp(self): """Tests setup """ self.endpoint = '/api/v1/search_products/' self.model = Product self.factory = ProductFactory # create admin user self.admin_email = "admin_user@mail.com" self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) self.admin_user = CustomUserFactory(email=self.admin_email, password=self.password, is_staff=True, is_active=True) # create regular user self.reg_email = "user@mail.com" self.user = CustomUserFactory(email=self.reg_email, is_active=True) self.user.set_password(self.password) self.user.save() def test_anon_user_can_search(self): expected_instances = [ self.factory(tags="lunares/blancos",description="zapatos verdes"), self.factory(tags="colores/rojos, tono/brillante"), self.factory(tags="lunares/azules", description="zapatos rojos"), self.factory(tags="lunares/rojos", description="zapatos"), self.factory(attributes='"zapatos de campo", tono/oscuro'), ] unexpected_instances = [ self.factory(description="chanclas"), self.factory(tags="azules"), ] query_string = quote("zapatos rojos") url = f"{self.endpoint}?query_string={query_string}" # send in request response = self.client.get(url) payload = response.json() # check response self.assertEqual(response.status_code, 200) # check for object creation self.assertEquals(len(payload['products']), len(expected_instances)) # check for filters self.assertNotEquals([], payload['filters']['singles']) self.assertTrue(len(payload['filters']) >= 2 ) class MyProductsViewTest(APITestCase): """my_products tests """ def setUp(self): """Tests setup """ self.endpoint = '/api/v1/my_products/' self.factory = ProductFactory self.model = Product # create user self.email = f"user@mail.com" self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) self.user = CustomUserFactory(email=self.email, is_active=True) self.user.set_password(self.password) self.user.save() def test_auth_user_gets_data(self): # create instance user_instances = [ self.factory(creator=self.user), self.factory(creator=self.user), ] # Authenticate token = get_tokens_for_user(self.user) self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint response = self.client.get(self.endpoint) payload = response.json() # Assert forbidden code self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEquals(len(user_instances), len(payload)) def test_anon_user_cannot_access(self): # send in request response = self.client.get(self.endpoint) # check response self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)