Home Explore Help
Sign In
bux
/
tracim_v2
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
1301 Commits
1 Branches
Tree: fb794b84bf
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fb794b84bf'
${ noResults }
tracim_v2/backend/tracim_backend/tests/functional/test_user.py

test_user.py 178KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979398039813982398339843985398639873988398939903991399239933994399539963997399839994000400140024003400440054006400740084009401040114012401340144015401640174018401940204021402240234024402540264027402840294030403140324033403440354036403740384039404040414042404340444045404640474048404940504051405240534054405540564057405840594060406140624063406440654066406740684069407040714072407340744075407640774078407940804081408240834084408540864087408840894090409140924093409440954096409740984099410041014102410341044105410641074108410941104111411241134114411541164117411841194120412141224123412441254126412741284129413041314132413341344135413641374138413941404141414241434144414541464147414841494150415141524153415441554156415741584159416041614162416341644165416641674168416941704171417241734174417541764177417841794180418141824183418441854186418741884189419041914192419341944195419641974198419942004201420242034204420542064207420842094210421142124213421442154216421742184219422042214222422342244225422642274228422942304231423242334234423542364237423842394240424142424243424442454246424742484249425042514252425342544255425642574258425942604261426242634264426542664267426842694270427142724273427442754276427742784279428042814282428342844285428642874288428942904291429242934294429542964297429842994300430143024303430443054306430743084309431043114312431343144315431643174318431943204321432243234324432543264327432843294330433143324333433443354336433743384339434043414342434343444345434643474348434943504351435243534354435543564357435843594360436143624363436443654366436743684369437043714372437343744375437643774378437943804381438243834384438543864387438843894390439143924393439443954396439743984399440044014402440344044405440644074408440944104411441244134414441544164417441844194420442144224423442444254426442744284429443044314432443344344435443644374438443944404441444244434444444544464447444844494450445144524453445444554456445744584459446044614462446344644465446644674468446944704471447244734474447544764477447844794480448144824483448444854486448744884489449044914492449344944495449644974498449945004501450245034504450545064507450845094510451145124513451445154516451745184519452045214522452345244525452645274528452945304531453245334534453545364537453845394540454145424543454445454546454745484549455045514552455345544555455645574558455945604561456245634564456545664567456845694570457145724573457445754576457745784579458045814582458345844585458645874588458945904591459245934594459545964597459845994600460146024603460446054606460746084609461046114612461346144615461646174618461946204621462246234624462546264627462846294630463146324633463446354636463746384639464046414642464346444645464646474648464946504651465246534654465546564657465846594660466146624663466446654666466746684669467046714672467346744675467646774678467946804681468246834684468546864687468846894690469146924693469446954696469746984699470047014702470347044705470647074708470947104711471247134714471547164717471847194720472147224723472447254726472747284729473047314732473347344735473647374738473947404741474247434744474547464747474847494750475147524753475447554756475747584759476047614762476347644765476647674768476947704771477247734774477547764777477847794780478147824783478447854786478747884789479047914792479347944795479647974798479948004801480248034804480548064807480848094810481148124813481448154816481748184819482048214822482348244825482648274828482948304831483248334834483548364837483848394840484148424843484448454846484748484849485048514852485348544855485648574858485948604861486248634864486548664867486848694870487148724873487448754876487748784879488048814882488348844885488648874888488948904891489248934894489548964897489848994900490149024903490449054906490749084909491049114912491349144915491649174918491949204921492249234924492549264927492849294930493149324933493449354936493749384939494049414942494349444945494649474948494949504951495249534954495549564957495849594960496149624963496449654966496749684969497049714972497349744975497649774978497949804981498249834984498549864987498849894990499149924993499449954996499749984999500050015002500350045005500650075008500950105011501250135014501550165017501850195020502150225023502450255026502750285029503050315032503350345035503650375038503950405041504250435044504550465047504850495050505150525053505450555056505750585059506050615062506350645065506650675068506950705071507250735074507550765077507850795080508150825083508450855086508750885089509050915092509350945095509650975098509951005101510251035104510551065107510851095110511151125113511451155116511751185119512051215122512351245125512651275128512951305131513251335134513551365137513851395140514151425143514451455146514751485149515051515152515351545155515651575158515951605161516251635164516551665167516851695170517151725173517451755176517751785179518051815182518351845185518651875188518951905191519251935194519551965197519851995200520152025203520452055206520752085209521052115212521352145215521652175218521952205221522252235224522552265227522852295230523152325233523452355236523752385239 
  1. # -*- coding: utf-8 -*-

  2. """

  3. Tests for /api/v2/users subpath endpoints.

  4. """

  5. from time import sleep

  6. import pytest

  7. import requests

  8. import transaction

  9. 

  10. from tracim_backend import models

  11. from tracim_backend.extensions import app_list

  12. from tracim_backend.lib.core.application import ApplicationApi

  13. from tracim_backend.lib.core.content import ContentApi

  14. from tracim_backend.lib.core.user import UserApi

  15. from tracim_backend.lib.core.group import GroupApi

  16. from tracim_backend.lib.core.userworkspace import RoleApi

  17. from tracim_backend.lib.core.workspace import WorkspaceApi

  18. from tracim_backend.models import get_tm_session

  19. from tracim_backend.app_models.contents import CONTENT_TYPES

  20. from tracim_backend.models.data import UserRoleInWorkspace

  21. from tracim_backend.models.revision_protection import new_revision

  22. from tracim_backend.tests import FunctionalTest

  23. from tracim_backend.fixtures.content import Content as ContentFixtures

  24. from tracim_backend.fixtures.users_and_groups import Base as BaseFixture

  25. 

  26. 

  27. class TestUserRecentlyActiveContentEndpoint(FunctionalTest):

  28.     """

  29.     Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/contents/recently_active # nopep8

  30.     """

  31.     fixtures = [BaseFixture]

  32. 

  33.     def test_api__get_recently_active_content__ok__200__admin(self):

  34. 

  35.         # init DB

  36.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  37.         admin = dbsession.query(models.User) \

  38.             .filter(models.User.email == 'admin@admin.admin') \

  39.             .one()

  40.         workspace_api = WorkspaceApi(

  41.             current_user=admin,

  42.             session=dbsession,

  43.             config=self.app_config

  44. 

  45.         )

  46.         workspace = WorkspaceApi(

  47.             current_user=admin,

  48.             session=dbsession,

  49.             config=self.app_config,

  50.         ).create_workspace(

  51.             'test workspace',

  52.             save_now=True

  53.         )

  54.         workspace2 = WorkspaceApi(

  55.             current_user=admin,

  56.             session=dbsession,

  57.             config=self.app_config,

  58.         ).create_workspace(

  59.             'test workspace2',

  60.             save_now=True

  61.         )

  62.         uapi = UserApi(

  63.             current_user=admin,

  64.             session=dbsession,

  65.             config=self.app_config,

  66.         )

  67.         gapi = GroupApi(

  68.             current_user=admin,

  69.             session=dbsession,

  70.             config=self.app_config,

  71.         )

  72.         groups = [gapi.get_one_with_name('users')]

  73.         test_user = uapi.create_user(

  74.             email='test@test.test',

  75.             password='pass',

  76.             name='bob',

  77.             groups=groups,

  78.             timezone='Europe/Paris',

  79.             lang='fr',

  80.             do_save=True,

  81.             do_notify=False,

  82.         )

  83.         rapi = RoleApi(

  84.             current_user=admin,

  85.             session=dbsession,

  86.             config=self.app_config,

  87.         )

  88.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  89.         api = ContentApi(

  90.             current_user=admin,

  91.             session=dbsession,

  92.             config=self.app_config,

  93.         )

  94.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  95.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  96.         # creation order test

  97.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  98.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  99.         # update order test

  100.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  101.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  102.         with new_revision(

  103.             session=dbsession,

  104.             tm=transaction.manager,

  105.             content=firstly_created_but_recently_updated,

  106.         ):

  107.             firstly_created_but_recently_updated.description = 'Just an update'

  108.         api.save(firstly_created_but_recently_updated)

  109.         # comment change order

  110.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  111.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  112.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  113.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  114.         dbsession.flush()

  115.         transaction.commit()

  116. 

  117.         self.testapp.authorization = (

  118.             'Basic',

  119.             (

  120.                 'admin@admin.admin',

  121.                 'admin@admin.admin'

  122.             )

  123.         )

  124.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/recently_active'.format(   # nopep8

  125.             user_id=test_user.user_id,

  126.             workspace_id=workspace.workspace_id

  127.         ), status=200)

  128.         res = res.json_body

  129.         assert len(res) == 7

  130.         for elem in res:

  131.             assert isinstance(elem['content_id'], int)

  132.             assert isinstance(elem['content_type'], str)

  133.             assert elem['content_type'] != 'comments'

  134.             assert isinstance(elem['is_archived'], bool)

  135.             assert isinstance(elem['is_deleted'], bool)

  136.             assert isinstance(elem['label'], str)

  137.             assert isinstance(elem['parent_id'], int) or elem['parent_id'] is None

  138.             assert isinstance(elem['show_in_ui'], bool)

  139.             assert isinstance(elem['slug'], str)

  140.             assert isinstance(elem['status'], str)

  141.             assert isinstance(elem['sub_content_types'], list)

  142.             for sub_content_type in elem['sub_content_types']:

  143.                 assert isinstance(sub_content_type, str)

  144.             assert isinstance(elem['workspace_id'], int)

  145.         # comment is newest than page2

  146.         assert res[0]['content_id'] == firstly_created_but_recently_commented.content_id

  147.         assert res[1]['content_id'] == secondly_created_but_not_commented.content_id

  148.         # last updated content is newer than other one despite creation

  149.         # of the other is more recent

  150.         assert res[2]['content_id'] == firstly_created_but_recently_updated.content_id

  151.         assert res[3]['content_id'] == secondly_created_but_not_updated.content_id

  152.         # creation order is inverted here as last created is last active

  153.         assert res[4]['content_id'] == secondly_created.content_id

  154.         assert res[5]['content_id'] == firstly_created.content_id

  155.         # folder subcontent modification does not change folder order

  156.         assert res[6]['content_id'] == main_folder.content_id

  157. 

  158.     def test_api__get_recently_active_content__err__400__no_access_to_workspace(self):

  159. 

  160.         # init DB

  161.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  162.         admin = dbsession.query(models.User) \

  163.             .filter(models.User.email == 'admin@admin.admin') \

  164.             .one()

  165.         workspace_api = WorkspaceApi(

  166.             current_user=admin,

  167.             session=dbsession,

  168.             config=self.app_config

  169. 

  170.         )

  171.         workspace = WorkspaceApi(

  172.             current_user=admin,

  173.             session=dbsession,

  174.             config=self.app_config,

  175.         ).create_workspace(

  176.             'test workspace',

  177.             save_now=True

  178.         )

  179.         workspace2 = WorkspaceApi(

  180.             current_user=admin,

  181.             session=dbsession,

  182.             config=self.app_config,

  183.         ).create_workspace(

  184.             'test workspace2',

  185.             save_now=True

  186.         )

  187.         uapi = UserApi(

  188.             current_user=admin,

  189.             session=dbsession,

  190.             config=self.app_config,

  191.         )

  192.         gapi = GroupApi(

  193.             current_user=admin,

  194.             session=dbsession,

  195.             config=self.app_config,

  196.         )

  197.         groups = [gapi.get_one_with_name('users')]

  198.         test_user = uapi.create_user(

  199.             email='test@test.test',

  200.             password='pass',

  201.             name='bob',

  202.             groups=groups,

  203.             timezone='Europe/Paris',

  204.             lang='fr',

  205.             do_save=True,

  206.             do_notify=False,

  207.         )

  208.         api = ContentApi(

  209.             current_user=admin,

  210.             session=dbsession,

  211.             config=self.app_config,

  212.         )

  213.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  214.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  215.         # creation order test

  216.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  217.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  218.         # update order test

  219.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  220.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  221. 

  222.         with new_revision(

  223.             session=dbsession,

  224.             tm=transaction.manager,

  225.             content=firstly_created_but_recently_updated,

  226.         ):

  227.             firstly_created_but_recently_updated.description = 'Just an update'

  228.         api.save(firstly_created_but_recently_updated)

  229.         # comment change order

  230.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  231.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  232.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  233.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  234.         dbsession.flush()

  235.         transaction.commit()

  236. 

  237.         self.testapp.authorization = (

  238.             'Basic',

  239.             (

  240.                 'admin@admin.admin',

  241.                 'admin@admin.admin'

  242.             )

  243.         )

  244.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/recently_active'.format(   # nopep8

  245.             user_id=test_user.user_id,

  246.             workspace_id=workspace.workspace_id

  247.         ), status=400)

  248. 

  249.     def test_api__get_recently_active_content__ok__200__user_itself(self):

  250. 

  251.         # init DB

  252.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  253.         admin = dbsession.query(models.User) \

  254.             .filter(models.User.email == 'admin@admin.admin') \

  255.             .one()

  256.         workspace_api = WorkspaceApi(

  257.             current_user=admin,

  258.             session=dbsession,

  259.             config=self.app_config

  260. 

  261.         )

  262.         workspace = WorkspaceApi(

  263.             current_user=admin,

  264.             session=dbsession,

  265.             config=self.app_config,

  266.         ).create_workspace(

  267.             'test workspace',

  268.             save_now=True

  269.         )

  270.         workspace2 = WorkspaceApi(

  271.             current_user=admin,

  272.             session=dbsession,

  273.             config=self.app_config,

  274.         ).create_workspace(

  275.             'test workspace2',

  276.             save_now=True

  277.         )

  278. 

  279.         uapi = UserApi(

  280.             current_user=admin,

  281.             session=dbsession,

  282.             config=self.app_config,

  283.         )

  284.         gapi = GroupApi(

  285.             current_user=admin,

  286.             session=dbsession,

  287.             config=self.app_config,

  288.         )

  289.         groups = [gapi.get_one_with_name('users')]

  290.         test_user = uapi.create_user(

  291.             email='test@test.test',

  292.             password='pass',

  293.             name='bob',

  294.             groups=groups,

  295.             timezone='Europe/Paris',

  296.             lang='fr',

  297.             do_save=True,

  298.             do_notify=False,

  299.         )

  300.         rapi = RoleApi(

  301.             current_user=admin,

  302.             session=dbsession,

  303.             config=self.app_config,

  304.         )

  305.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  306.         api = ContentApi(

  307.             current_user=admin,

  308.             session=dbsession,

  309.             config=self.app_config,

  310.         )

  311.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  312.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  313.         # creation order test

  314.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  315.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  316.         # update order test

  317.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  318.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  319.         with new_revision(

  320.             session=dbsession,

  321.             tm=transaction.manager,

  322.             content=firstly_created_but_recently_updated,

  323.         ):

  324.             firstly_created_but_recently_updated.description = 'Just an update'

  325.         api.save(firstly_created_but_recently_updated)

  326.         # comment change order

  327.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  328.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  329.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  330.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  331.         dbsession.flush()

  332.         transaction.commit()

  333. 

  334.         self.testapp.authorization = (

  335.             'Basic',

  336.             (

  337.                 'test@test.test',

  338.                 'pass'

  339.             )

  340.         )

  341.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/recently_active'.format(   # nopep8

  342.             user_id=test_user.user_id,

  343.             workspace_id=workspace.workspace_id

  344.         ), status=200)

  345.         res = res.json_body

  346.         assert len(res) == 7

  347.         for elem in res:

  348.             assert isinstance(elem['content_id'], int)

  349.             assert isinstance(elem['content_type'], str)

  350.             assert elem['content_type'] != 'comments'

  351.             assert isinstance(elem['is_archived'], bool)

  352.             assert isinstance(elem['is_deleted'], bool)

  353.             assert isinstance(elem['label'], str)

  354.             assert isinstance(elem['parent_id'], int) or elem['parent_id'] is None

  355.             assert isinstance(elem['show_in_ui'], bool)

  356.             assert isinstance(elem['slug'], str)

  357.             assert isinstance(elem['status'], str)

  358.             assert isinstance(elem['sub_content_types'], list)

  359.             for sub_content_type in elem['sub_content_types']:

  360.                 assert isinstance(sub_content_type, str)

  361.             assert isinstance(elem['workspace_id'], int)

  362.         # comment is newest than page2

  363.         assert res[0]['content_id'] == firstly_created_but_recently_commented.content_id

  364.         assert res[1]['content_id'] == secondly_created_but_not_commented.content_id

  365.         # last updated content is newer than other one despite creation

  366.         # of the other is more recent

  367.         assert res[2]['content_id'] == firstly_created_but_recently_updated.content_id

  368.         assert res[3]['content_id'] == secondly_created_but_not_updated.content_id

  369.         # creation order is inverted here as last created is last active

  370.         assert res[4]['content_id'] == secondly_created.content_id

  371.         assert res[5]['content_id'] == firstly_created.content_id

  372.         # folder subcontent modification does not change folder order

  373.         assert res[6]['content_id'] == main_folder.content_id

  374. 

  375.     def test_api__get_recently_active_content__ok__200__other_user(self):

  376. 

  377.         # init DB

  378.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  379.         admin = dbsession.query(models.User) \

  380.             .filter(models.User.email == 'admin@admin.admin') \

  381.             .one()

  382.         workspace_api = WorkspaceApi(

  383.             current_user=admin,

  384.             session=dbsession,

  385.             config=self.app_config

  386. 

  387.         )

  388.         workspace = WorkspaceApi(

  389.             current_user=admin,

  390.             session=dbsession,

  391.             config=self.app_config,

  392.         ).create_workspace(

  393.             'test workspace',

  394.             save_now=True

  395.         )

  396.         workspace2 = WorkspaceApi(

  397.             current_user=admin,

  398.             session=dbsession,

  399.             config=self.app_config,

  400.         ).create_workspace(

  401.             'test workspace2',

  402.             save_now=True

  403.         )

  404. 

  405.         uapi = UserApi(

  406.             current_user=admin,

  407.             session=dbsession,

  408.             config=self.app_config,

  409.         )

  410.         gapi = GroupApi(

  411.             current_user=admin,

  412.             session=dbsession,

  413.             config=self.app_config,

  414.         )

  415.         groups = [gapi.get_one_with_name('users')]

  416.         test_user = uapi.create_user(

  417.             email='test@test.test',

  418.             password='pass',

  419.             name='bob',

  420.             groups=groups,

  421.             timezone='Europe/Paris',

  422.             lang='fr',

  423.             do_save=True,

  424.             do_notify=False,

  425.         )

  426.         rapi = RoleApi(

  427.             current_user=admin,

  428.             session=dbsession,

  429.             config=self.app_config,

  430.         )

  431.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  432.         api = ContentApi(

  433.             current_user=admin,

  434.             session=dbsession,

  435.             config=self.app_config,

  436.         )

  437.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  438.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  439.         # creation order test

  440.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  441.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  442.         # update order test

  443.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  444.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  445.         with new_revision(

  446.             session=dbsession,

  447.             tm=transaction.manager,

  448.             content=firstly_created_but_recently_updated,

  449.         ):

  450.             firstly_created_but_recently_updated.description = 'Just an update'

  451.         api.save(firstly_created_but_recently_updated)

  452.         # comment change order

  453.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  454.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  455.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  456.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  457.         dbsession.flush()

  458.         transaction.commit()

  459. 

  460.         self.testapp.authorization = (

  461.             'Basic',

  462.             (

  463.                 'test@test.test',

  464.                 'pass'

  465.             )

  466.         )

  467.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/recently_active'.format(   # nopep8

  468.             user_id=admin.user_id,

  469.             workspace_id=workspace.workspace_id

  470.         ), status=403)

  471. 

  472.     def test_api__get_recently_active_content__ok__200__limit_2_multiple(self):

  473.         # TODO - G.M - 2018-07-20 - Better fix for this test, do not use sleep()

  474.         # anymore to fix datetime lack of precision.

  475. 

  476.         # init DB

  477.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  478.         admin = dbsession.query(models.User) \

  479.             .filter(models.User.email == 'admin@admin.admin') \

  480.             .one()

  481.         workspace_api = WorkspaceApi(

  482.             current_user=admin,

  483.             session=dbsession,

  484.             config=self.app_config

  485. 

  486.         )

  487.         workspace = WorkspaceApi(

  488.             current_user=admin,

  489.             session=dbsession,

  490.             config=self.app_config,

  491.         ).create_workspace(

  492.             'test workspace',

  493.             save_now=True

  494.         )

  495.         workspace2 = WorkspaceApi(

  496.             current_user=admin,

  497.             session=dbsession,

  498.             config=self.app_config,

  499.         ).create_workspace(

  500.             'test workspace2',

  501.             save_now=True

  502.         )

  503. 

  504.         api = ContentApi(

  505.             current_user=admin,

  506.             session=dbsession,

  507.             config=self.app_config,

  508.         )

  509.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  510.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  511.         # creation order test

  512.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  513.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  514.         # update order test

  515.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  516.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  517.         with new_revision(

  518.             session=dbsession,

  519.             tm=transaction.manager,

  520.             content=firstly_created_but_recently_updated,

  521.         ):

  522.             firstly_created_but_recently_updated.description = 'Just an update'

  523.         api.save(firstly_created_but_recently_updated)

  524.         # comment change order

  525.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  526.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  527.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  528.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  529.         dbsession.flush()

  530.         transaction.commit()

  531. 

  532.         self.testapp.authorization = (

  533.             'Basic',

  534.             (

  535.                 'admin@admin.admin',

  536.                 'admin@admin.admin'

  537.             )

  538.         )

  539.         params = {

  540.             'limit': 2,

  541.         }

  542.         res = self.testapp.get(

  543.             '/api/v2/users/1/workspaces/{}/contents/recently_active'.format(workspace.workspace_id),  # nopep8

  544.             status=200,

  545.             params=params

  546.         ) # nopep8

  547.         res = res.json_body

  548.         assert len(res) == 2

  549.         for elem in res:

  550.             assert isinstance(elem['content_id'], int)

  551.             assert isinstance(elem['content_type'], str)

  552.             assert elem['content_type'] != 'comments'

  553.             assert isinstance(elem['is_archived'], bool)

  554.             assert isinstance(elem['is_deleted'], bool)

  555.             assert isinstance(elem['label'], str)

  556.             assert isinstance(elem['parent_id'], int) or elem['parent_id'] is None

  557.             assert isinstance(elem['show_in_ui'], bool)

  558.             assert isinstance(elem['slug'], str)

  559.             assert isinstance(elem['status'], str)

  560.             assert isinstance(elem['sub_content_types'], list)

  561.             for sub_content_type in elem['sub_content_types']:

  562.                 assert isinstance(sub_content_type, str)

  563.             assert isinstance(elem['workspace_id'], int)

  564.         # comment is newest than page2

  565.         assert res[0]['content_id'] == firstly_created_but_recently_commented.content_id

  566.         assert res[1]['content_id'] == secondly_created_but_not_commented.content_id

  567. 

  568.         params = {

  569.             'limit': 2,

  570.             'before_content_id': secondly_created_but_not_commented.content_id,  # nopep8

  571.         }

  572.         res = self.testapp.get(

  573.             '/api/v2/users/1/workspaces/{}/contents/recently_active'.format(workspace.workspace_id),  # nopep8

  574.             status=200,

  575.             params=params

  576.         )

  577.         res = res.json_body

  578.         assert len(res) == 2

  579.         # last updated content is newer than other one despite creation

  580.         # of the other is more recent

  581.         assert res[0]['content_id'] == firstly_created_but_recently_updated.content_id

  582.         assert res[1]['content_id'] == secondly_created_but_not_updated.content_id

  583. 

  584.     def test_api__get_recently_active_content__ok__200__bad_before_content_id_doesnt_exist(self):  # nopep8

  585.         # TODO - G.M - 2018-07-20 - Better fix for this test, do not use sleep()

  586.         # anymore to fix datetime lack of precision.

  587. 

  588.         # init DB

  589.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  590.         admin = dbsession.query(models.User) \

  591.             .filter(models.User.email == 'admin@admin.admin') \

  592.             .one()

  593.         workspace_api = WorkspaceApi(

  594.             current_user=admin,

  595.             session=dbsession,

  596.             config=self.app_config

  597. 

  598.         )

  599.         workspace = WorkspaceApi(

  600.             current_user=admin,

  601.             session=dbsession,

  602.             config=self.app_config,

  603.         ).create_workspace(

  604.             'test workspace',

  605.             save_now=True

  606.         )

  607.         workspace2 = WorkspaceApi(

  608.             current_user=admin,

  609.             session=dbsession,

  610.             config=self.app_config,

  611.         ).create_workspace(

  612.             'test workspace2',

  613.             save_now=True

  614.         )

  615. 

  616.         api = ContentApi(

  617.             current_user=admin,

  618.             session=dbsession,

  619.             config=self.app_config,

  620.         )

  621.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  622.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  623.         # creation order test

  624.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  625.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  626.         # update order test

  627.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  628.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  629.         with new_revision(

  630.             session=dbsession,

  631.             tm=transaction.manager,

  632.             content=firstly_created_but_recently_updated,

  633.         ):

  634.             firstly_created_but_recently_updated.description = 'Just an update'

  635.         api.save(firstly_created_but_recently_updated)

  636.         # comment change order

  637.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  638.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  639.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  640.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  641.         dbsession.flush()

  642.         transaction.commit()

  643. 

  644.         self.testapp.authorization = (

  645.             'Basic',

  646.             (

  647.                 'admin@admin.admin',

  648.                 'admin@admin.admin'

  649.             )

  650.         )

  651.         params = {

  652.             'before_content_id': 4000

  653.         }

  654.         res = self.testapp.get(

  655.             '/api/v2/users/1/workspaces/{}/contents/recently_active'.format(workspace.workspace_id),  # nopep8

  656.             status=400,

  657.             params=params

  658.         )

  659. 

  660. 

  661. class TestUserReadStatusEndpoint(FunctionalTest):

  662.     """

  663.     Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status # nopep8

  664.     """

  665.     def test_api__get_read_status__ok__200__admin(self):

  666. 

  667.         # init DB

  668.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  669.         admin = dbsession.query(models.User) \

  670.             .filter(models.User.email == 'admin@admin.admin') \

  671.             .one()

  672.         workspace_api = WorkspaceApi(

  673.             current_user=admin,

  674.             session=dbsession,

  675.             config=self.app_config

  676. 

  677.         )

  678.         workspace = WorkspaceApi(

  679.             current_user=admin,

  680.             session=dbsession,

  681.             config=self.app_config,

  682.         ).create_workspace(

  683.             'test workspace',

  684.             save_now=True

  685.         )

  686.         workspace2 = WorkspaceApi(

  687.             current_user=admin,

  688.             session=dbsession,

  689.             config=self.app_config,

  690.         ).create_workspace(

  691.             'test workspace2',

  692.             save_now=True

  693.         )

  694.         uapi = UserApi(

  695.             current_user=admin,

  696.             session=dbsession,

  697.             config=self.app_config,

  698.         )

  699.         gapi = GroupApi(

  700.             current_user=admin,

  701.             session=dbsession,

  702.             config=self.app_config,

  703.         )

  704.         groups = [gapi.get_one_with_name('users')]

  705.         test_user = uapi.create_user(

  706.             email='test@test.test',

  707.             password='pass',

  708.             name='bob',

  709.             groups=groups,

  710.             timezone='Europe/Paris',

  711.             lang='fr',

  712.             do_save=True,

  713.             do_notify=False,

  714.         )

  715.         rapi = RoleApi(

  716.             current_user=admin,

  717.             session=dbsession,

  718.             config=self.app_config,

  719.         )

  720.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  721.         api = ContentApi(

  722.             current_user=admin,

  723.             session=dbsession,

  724.             config=self.app_config,

  725.         )

  726.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  727.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  728.         # creation order test

  729.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  730.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  731.         # update order test

  732.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  733.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  734.         with new_revision(

  735.             session=dbsession,

  736.             tm=transaction.manager,

  737.             content=firstly_created_but_recently_updated,

  738.         ):

  739.             firstly_created_but_recently_updated.description = 'Just an update'

  740.         api.save(firstly_created_but_recently_updated)

  741.         # comment change order

  742.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  743.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  744.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  745.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  746.         dbsession.flush()

  747.         transaction.commit()

  748. 

  749.         self.testapp.authorization = (

  750.             'Basic',

  751.             (

  752.                 'admin@admin.admin',

  753.                 'admin@admin.admin'

  754.             )

  755.         )

  756.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(   # nopep8

  757.             user_id=admin.user_id,

  758.             workspace_id=workspace.workspace_id

  759.         ), status=200)

  760.         res = res.json_body

  761.         assert len(res) == 7

  762.         for elem in res:

  763.             assert isinstance(elem['content_id'], int)

  764.             assert isinstance(elem['read_by_user'], bool)

  765.         # comment is newest than page2

  766.         assert res[0]['content_id'] == firstly_created_but_recently_commented.content_id

  767.         assert res[1]['content_id'] == secondly_created_but_not_commented.content_id

  768.         # last updated content is newer than other one despite creation

  769.         # of the other is more recent

  770.         assert res[2]['content_id'] == firstly_created_but_recently_updated.content_id

  771.         assert res[3]['content_id'] == secondly_created_but_not_updated.content_id

  772.         # creation order is inverted here as last created is last active

  773.         assert res[4]['content_id'] == secondly_created.content_id

  774.         assert res[5]['content_id'] == firstly_created.content_id

  775.         # folder subcontent modification does not change folder order

  776.         assert res[6]['content_id'] == main_folder.content_id

  777. 

  778.     def test_api__get_read_status__ok__200__user_itself(self):

  779. 

  780.         # init DB

  781.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  782.         admin = dbsession.query(models.User) \

  783.             .filter(models.User.email == 'admin@admin.admin') \

  784.             .one()

  785.         workspace_api = WorkspaceApi(

  786.             current_user=admin,

  787.             session=dbsession,

  788.             config=self.app_config

  789. 

  790.         )

  791.         workspace = WorkspaceApi(

  792.             current_user=admin,

  793.             session=dbsession,

  794.             config=self.app_config,

  795.         ).create_workspace(

  796.             'test workspace',

  797.             save_now=True

  798.         )

  799.         workspace2 = WorkspaceApi(

  800.             current_user=admin,

  801.             session=dbsession,

  802.             config=self.app_config,

  803.         ).create_workspace(

  804.             'test workspace2',

  805.             save_now=True

  806.         )

  807.         uapi = UserApi(

  808.             current_user=admin,

  809.             session=dbsession,

  810.             config=self.app_config,

  811.         )

  812.         gapi = GroupApi(

  813.             current_user=admin,

  814.             session=dbsession,

  815.             config=self.app_config,

  816.         )

  817.         groups = [gapi.get_one_with_name('users')]

  818.         test_user = uapi.create_user(

  819.             email='test@test.test',

  820.             password='pass',

  821.             name='bob',

  822.             groups=groups,

  823.             timezone='Europe/Paris',

  824.             lang='fr',

  825.             do_save=True,

  826.             do_notify=False,

  827.         )

  828.         rapi = RoleApi(

  829.             current_user=admin,

  830.             session=dbsession,

  831.             config=self.app_config,

  832.         )

  833.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  834.         api = ContentApi(

  835.             current_user=admin,

  836.             session=dbsession,

  837.             config=self.app_config,

  838.         )

  839.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  840.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  841.         # creation order test

  842.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  843.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  844.         # update order test

  845.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  846.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  847.         with new_revision(

  848.             session=dbsession,

  849.             tm=transaction.manager,

  850.             content=firstly_created_but_recently_updated,

  851.         ):

  852.             firstly_created_but_recently_updated.description = 'Just an update'

  853.         api.save(firstly_created_but_recently_updated)

  854.         # comment change order

  855.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  856.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  857.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  858.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  859.         dbsession.flush()

  860.         transaction.commit()

  861. 

  862.         self.testapp.authorization = (

  863.             'Basic',

  864.             (

  865.                 'test@test.test',

  866.                 'pass'

  867.             )

  868.         )

  869.         selected_contents_id = [

  870.             firstly_created_but_recently_commented.content_id,

  871.             firstly_created_but_recently_updated.content_id,

  872.             firstly_created.content_id,

  873.             main_folder.content_id,

  874.         ]

  875.         url = '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status?contents_ids={cid1}&contents_ids={cid2}&contents_ids={cid3}&contents_ids={cid4}'.format(  # nopep8

  876.               workspace_id=workspace.workspace_id,

  877.               cid1=selected_contents_id[0],

  878.               cid2=selected_contents_id[1],

  879.               cid3=selected_contents_id[2],

  880.               cid4=selected_contents_id[3],

  881.               user_id=test_user.user_id,

  882.         )

  883.         res = self.testapp.get(

  884.             url=url,

  885.             status=200,

  886.         )

  887.         res = res.json_body

  888.         assert len(res) == 4

  889.         for elem in res:

  890.             assert isinstance(elem['content_id'], int)

  891.             assert isinstance(elem['read_by_user'], bool)

  892.         # comment is newest than page2

  893.         assert res[0]['content_id'] == firstly_created_but_recently_commented.content_id

  894.         # last updated content is newer than other one despite creation

  895.         # of the other is more recent

  896.         assert res[1]['content_id'] == firstly_created_but_recently_updated.content_id

  897.         # creation order is inverted here as last created is last active

  898.         assert res[2]['content_id'] == firstly_created.content_id

  899.         # folder subcontent modification does not change folder order

  900.         assert res[3]['content_id'] == main_folder.content_id

  901. 

  902.     def test_api__get_read_status__ok__200__other_user(self):

  903. 

  904.         # init DB

  905.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  906.         admin = dbsession.query(models.User) \

  907.             .filter(models.User.email == 'admin@admin.admin') \

  908.             .one()

  909.         workspace_api = WorkspaceApi(

  910.             current_user=admin,

  911.             session=dbsession,

  912.             config=self.app_config

  913. 

  914.         )

  915.         workspace = WorkspaceApi(

  916.             current_user=admin,

  917.             session=dbsession,

  918.             config=self.app_config,

  919.         ).create_workspace(

  920.             'test workspace',

  921.             save_now=True

  922.         )

  923.         workspace2 = WorkspaceApi(

  924.             current_user=admin,

  925.             session=dbsession,

  926.             config=self.app_config,

  927.         ).create_workspace(

  928.             'test workspace2',

  929.             save_now=True

  930.         )

  931.         uapi = UserApi(

  932.             current_user=admin,

  933.             session=dbsession,

  934.             config=self.app_config,

  935.         )

  936.         gapi = GroupApi(

  937.             current_user=admin,

  938.             session=dbsession,

  939.             config=self.app_config,

  940.         )

  941.         groups = [gapi.get_one_with_name('users')]

  942.         test_user = uapi.create_user(

  943.             email='test@test.test',

  944.             password='pass',

  945.             name='bob',

  946.             groups=groups,

  947.             timezone='Europe/Paris',

  948.             lang='fr',

  949.             do_save=True,

  950.             do_notify=False,

  951.         )

  952.         rapi = RoleApi(

  953.             current_user=admin,

  954.             session=dbsession,

  955.             config=self.app_config,

  956.         )

  957.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  958.         api = ContentApi(

  959.             current_user=admin,

  960.             session=dbsession,

  961.             config=self.app_config,

  962.         )

  963.         main_folder_workspace2 = api.create(CONTENT_TYPES.Folder.slug, workspace2, None, 'Hepla', '', True)  # nopep8

  964.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  965.         # creation order test

  966.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  967.         secondly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another creation_order_test', '', True)  # nopep8

  968.         # update order test

  969.         firstly_created_but_recently_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'update_order_test', '', True)  # nopep8

  970.         secondly_created_but_not_updated = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'another update_order_test', '', True)  # nopep8

  971.         with new_revision(

  972.             session=dbsession,

  973.             tm=transaction.manager,

  974.             content=firstly_created_but_recently_updated,

  975.         ):

  976.             firstly_created_but_recently_updated.description = 'Just an update'

  977.         api.save(firstly_created_but_recently_updated)

  978.         # comment change order

  979.         firstly_created_but_recently_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is randomized label content', '', True)  # nopep8

  980.         secondly_created_but_not_commented = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'this is another randomized label content', '', True)  # nopep8

  981.         comments = api.create_comment(workspace, firstly_created_but_recently_commented, 'juste a super comment', True)  # nopep8

  982.         content_workspace_2 = api.create(CONTENT_TYPES.Page.slug, workspace2,main_folder_workspace2, 'content_workspace_2', '',True)  # nopep8

  983.         dbsession.flush()

  984.         transaction.commit()

  985. 

  986.         self.testapp.authorization = (

  987.             'Basic',

  988.             (

  989.                 'test@test.test',

  990.                 'pass'

  991.             )

  992.         )

  993.         selected_contents_id = [

  994.             firstly_created_but_recently_commented.content_id,

  995.             firstly_created_but_recently_updated.content_id,

  996.             firstly_created.content_id,

  997.             main_folder.content_id,

  998.         ]

  999.         url = '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status?contents_ids={cid1}&contents_ids={cid2}&contents_ids={cid3}&contents_ids={cid4}'.format(  # nopep8

  1000.               workspace_id=workspace.workspace_id,

  1001.               cid1=selected_contents_id[0],

  1002.               cid2=selected_contents_id[1],

  1003.               cid3=selected_contents_id[2],

  1004.               cid4=selected_contents_id[3],

  1005.               user_id=admin.user_id,

  1006.         )

  1007.         res = self.testapp.get(

  1008.             url=url,

  1009.             status=403,

  1010.         )

  1011. 

  1012. 

  1013. class TestUserSetContentAsRead(FunctionalTest):

  1014.     """

  1015.     Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/read  # nopep8

  1016.     """

  1017.     def test_api_set_content_as_read__ok__200__admin(self):

  1018.         # init DB

  1019.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1020.         admin = dbsession.query(models.User) \

  1021.             .filter(models.User.email == 'admin@admin.admin') \

  1022.             .one()

  1023.         workspace_api = WorkspaceApi(

  1024.             current_user=admin,

  1025.             session=dbsession,

  1026.             config=self.app_config

  1027. 

  1028.         )

  1029.         workspace = WorkspaceApi(

  1030.             current_user=admin,

  1031.             session=dbsession,

  1032.             config=self.app_config,

  1033.         ).create_workspace(

  1034.             'test workspace',

  1035.             save_now=True

  1036.         )

  1037.         uapi = UserApi(

  1038.             current_user=admin,

  1039.             session=dbsession,

  1040.             config=self.app_config,

  1041.         )

  1042.         gapi = GroupApi(

  1043.             current_user=admin,

  1044.             session=dbsession,

  1045.             config=self.app_config,

  1046.         )

  1047.         groups = [gapi.get_one_with_name('users')]

  1048.         test_user = uapi.create_user(

  1049.             email='test@test.test',

  1050.             password='pass',

  1051.             name='bob',

  1052.             groups=groups,

  1053.             timezone='Europe/Paris',

  1054.             do_save=True,

  1055.             do_notify=False,

  1056.         )

  1057.         rapi = RoleApi(

  1058.             current_user=admin,

  1059.             session=dbsession,

  1060.             config=self.app_config,

  1061.         )

  1062.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1063.         api = ContentApi(

  1064.             current_user=admin,

  1065.             session=dbsession,

  1066.             config=self.app_config,

  1067.         )

  1068.         api2 = ContentApi(

  1069.             current_user=test_user,

  1070.             session=dbsession,

  1071.             config=self.app_config,

  1072.         )

  1073.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1074.         # creation order test

  1075.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1076.         api.mark_unread(firstly_created)

  1077.         api2.mark_unread(firstly_created)

  1078.         dbsession.flush()

  1079.         transaction.commit()

  1080. 

  1081.         self.testapp.authorization = (

  1082.             'Basic',

  1083.             (

  1084.                 'admin@admin.admin',

  1085.                 'admin@admin.admin'

  1086.             )

  1087.         )

  1088.         # before

  1089.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1090.             user_id=test_user.user_id,

  1091.             workspace_id=workspace.workspace_id

  1092.         ), status=200)

  1093.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1094.         assert res.json_body[0]['read_by_user'] is False

  1095. 

  1096.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1097.             user_id=admin.user_id,

  1098.             workspace_id=workspace.workspace_id

  1099.         ), status=200)

  1100.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1101.         assert res.json_body[0]['read_by_user'] is False

  1102.         # read

  1103.         self.testapp.put(

  1104.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/read'.format(  # nopep8

  1105.                 workspace_id=workspace.workspace_id,

  1106.                 content_id=firstly_created.content_id,

  1107.                 user_id=test_user.user_id,

  1108.             )

  1109.         )

  1110.         # after

  1111.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1112.             user_id=test_user.user_id,

  1113.             workspace_id=workspace.workspace_id

  1114.         ), status=200) # nopep8

  1115.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1116.         assert res.json_body[0]['read_by_user'] is True

  1117. 

  1118.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1119.             user_id=admin.user_id,

  1120.             workspace_id=workspace.workspace_id

  1121.         ), status=200) # nopep8

  1122.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1123.         assert res.json_body[0]['read_by_user'] is False

  1124. 

  1125.     def test_api_set_content_as_read__ok__200__admin_workspace_do_not_exist(self):

  1126.         # init DB

  1127.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1128.         admin = dbsession.query(models.User) \

  1129.             .filter(models.User.email == 'admin@admin.admin') \

  1130.             .one()

  1131.         workspace_api = WorkspaceApi(

  1132.             current_user=admin,

  1133.             session=dbsession,

  1134.             config=self.app_config

  1135. 

  1136.         )

  1137.         workspace = WorkspaceApi(

  1138.             current_user=admin,

  1139.             session=dbsession,

  1140.             config=self.app_config,

  1141.         ).create_workspace(

  1142.             'test workspace',

  1143.             save_now=True

  1144.         )

  1145.         uapi = UserApi(

  1146.             current_user=admin,

  1147.             session=dbsession,

  1148.             config=self.app_config,

  1149.         )

  1150.         gapi = GroupApi(

  1151.             current_user=admin,

  1152.             session=dbsession,

  1153.             config=self.app_config,

  1154.         )

  1155.         groups = [gapi.get_one_with_name('users')]

  1156.         test_user = uapi.create_user(

  1157.             email='test@test.test',

  1158.             password='pass',

  1159.             name='bob',

  1160.             groups=groups,

  1161.             timezone='Europe/Paris',

  1162.             lang='fr',

  1163.             do_save=True,

  1164.             do_notify=False,

  1165.         )

  1166.         rapi = RoleApi(

  1167.             current_user=admin,

  1168.             session=dbsession,

  1169.             config=self.app_config,

  1170.         )

  1171.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1172.         api = ContentApi(

  1173.             current_user=admin,

  1174.             session=dbsession,

  1175.             config=self.app_config,

  1176.         )

  1177.         api2 = ContentApi(

  1178.             current_user=test_user,

  1179.             session=dbsession,

  1180.             config=self.app_config,

  1181.         )

  1182.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1183.         # creation order test

  1184.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1185.         api.mark_unread(firstly_created)

  1186.         api2.mark_unread(firstly_created)

  1187.         dbsession.flush()

  1188.         transaction.commit()

  1189. 

  1190.         self.testapp.authorization = (

  1191.             'Basic',

  1192.             (

  1193.                 'admin@admin.admin',

  1194.                 'admin@admin.admin'

  1195.             )

  1196.         )

  1197.         # read

  1198.         self.testapp.put(

  1199.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/read'.format(  # nopep8

  1200.                 workspace_id=4000,

  1201.                 content_id=firstly_created.content_id,

  1202.                 user_id=test_user.user_id,

  1203.             ),

  1204.             status=400,

  1205.         )

  1206. 

  1207.     def test_api_set_content_as_read__ok__200__admin_content_do_not_exist(self):

  1208.         # init DB

  1209.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1210.         admin = dbsession.query(models.User) \

  1211.             .filter(models.User.email == 'admin@admin.admin') \

  1212.             .one()

  1213.         workspace_api = WorkspaceApi(

  1214.             current_user=admin,

  1215.             session=dbsession,

  1216.             config=self.app_config

  1217. 

  1218.         )

  1219.         workspace = WorkspaceApi(

  1220.             current_user=admin,

  1221.             session=dbsession,

  1222.             config=self.app_config,

  1223.         ).create_workspace(

  1224.             'test workspace',

  1225.             save_now=True

  1226.         )

  1227.         uapi = UserApi(

  1228.             current_user=admin,

  1229.             session=dbsession,

  1230.             config=self.app_config,

  1231.         )

  1232.         gapi = GroupApi(

  1233.             current_user=admin,

  1234.             session=dbsession,

  1235.             config=self.app_config,

  1236.         )

  1237.         groups = [gapi.get_one_with_name('users')]

  1238.         test_user = uapi.create_user(

  1239.             email='test@test.test',

  1240.             password='pass',

  1241.             name='bob',

  1242.             groups=groups,

  1243.             timezone='Europe/Paris',

  1244.             lang='fr',

  1245.             do_save=True,

  1246.             do_notify=False,

  1247.         )

  1248.         rapi = RoleApi(

  1249.             current_user=admin,

  1250.             session=dbsession,

  1251.             config=self.app_config,

  1252.         )

  1253.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1254.         api = ContentApi(

  1255.             current_user=admin,

  1256.             session=dbsession,

  1257.             config=self.app_config,

  1258.         )

  1259.         api2 = ContentApi(

  1260.             current_user=test_user,

  1261.             session=dbsession,

  1262.             config=self.app_config,

  1263.         )

  1264.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1265.         # creation order test

  1266.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1267.         api.mark_unread(firstly_created)

  1268.         api2.mark_unread(firstly_created)

  1269.         dbsession.flush()

  1270.         transaction.commit()

  1271. 

  1272.         self.testapp.authorization = (

  1273.             'Basic',

  1274.             (

  1275.                 'admin@admin.admin',

  1276.                 'admin@admin.admin'

  1277.             )

  1278.         )

  1279.         # read

  1280.         self.testapp.put(

  1281.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/read'.format(  # nopep8

  1282.                 workspace_id=workspace.workspace_id,

  1283.                 content_id=4000,

  1284.                 user_id=test_user.user_id,

  1285.             ),

  1286.             status=400,

  1287.         )

  1288. 

  1289.     def test_api_set_content_as_read__ok__200__user_itself(self):

  1290.         # init DB

  1291.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1292.         admin = dbsession.query(models.User) \

  1293.             .filter(models.User.email == 'admin@admin.admin') \

  1294.             .one()

  1295.         workspace_api = WorkspaceApi(

  1296.             current_user=admin,

  1297.             session=dbsession,

  1298.             config=self.app_config

  1299. 

  1300.         )

  1301.         workspace = WorkspaceApi(

  1302.             current_user=admin,

  1303.             session=dbsession,

  1304.             config=self.app_config,

  1305.         ).create_workspace(

  1306.             'test workspace',

  1307.             save_now=True

  1308.         )

  1309.         uapi = UserApi(

  1310.             current_user=admin,

  1311.             session=dbsession,

  1312.             config=self.app_config,

  1313.         )

  1314.         gapi = GroupApi(

  1315.             current_user=admin,

  1316.             session=dbsession,

  1317.             config=self.app_config,

  1318.         )

  1319.         groups = [gapi.get_one_with_name('users')]

  1320.         test_user = uapi.create_user(

  1321.             email='test@test.test',

  1322.             password='pass',

  1323.             name='bob',

  1324.             groups=groups,

  1325.             timezone='Europe/Paris',

  1326.             lang='fr',

  1327.             do_save=True,

  1328.             do_notify=False,

  1329.         )

  1330.         rapi = RoleApi(

  1331.             current_user=admin,

  1332.             session=dbsession,

  1333.             config=self.app_config,

  1334.         )

  1335.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1336.         api = ContentApi(

  1337.             current_user=admin,

  1338.             session=dbsession,

  1339.             config=self.app_config,

  1340.         )

  1341.         api2 = ContentApi(

  1342.             current_user=test_user,

  1343.             session=dbsession,

  1344.             config=self.app_config,

  1345.         )

  1346.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1347.         # creation order test

  1348.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1349.         api.mark_unread(firstly_created)

  1350.         api2.mark_unread(firstly_created)

  1351.         dbsession.flush()

  1352.         transaction.commit()

  1353. 

  1354.         self.testapp.authorization = (

  1355.             'Basic',

  1356.             (

  1357.                 'test@test.test',

  1358.                 'pass'

  1359.             )

  1360.         )

  1361.         # before

  1362.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1363.             user_id=test_user.user_id,

  1364.             workspace_id=workspace.workspace_id

  1365.             ),

  1366.             status=200

  1367.         )

  1368.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1369.         assert res.json_body[0]['read_by_user'] is False

  1370. 

  1371.         # read

  1372.         self.testapp.put(

  1373.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/read'.format(  # nopep8

  1374.                 workspace_id=workspace.workspace_id,

  1375.                 content_id=firstly_created.content_id,

  1376.                 user_id=test_user.user_id,

  1377.             )

  1378.         )

  1379.         # after

  1380.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1381.             user_id=test_user.user_id,

  1382.             workspace_id=workspace.workspace_id

  1383.             ),

  1384.             status=200

  1385.         )

  1386.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1387.         assert res.json_body[0]['read_by_user'] is True

  1388. 

  1389.     def test_api_set_content_as_read__ok__403__other_user(self):

  1390.         # init DB

  1391.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1392.         admin = dbsession.query(models.User) \

  1393.             .filter(models.User.email == 'admin@admin.admin') \

  1394.             .one()

  1395.         workspace_api = WorkspaceApi(

  1396.             current_user=admin,

  1397.             session=dbsession,

  1398.             config=self.app_config

  1399. 

  1400.         )

  1401.         workspace = WorkspaceApi(

  1402.             current_user=admin,

  1403.             session=dbsession,

  1404.             config=self.app_config,

  1405.         ).create_workspace(

  1406.             'test workspace',

  1407.             save_now=True

  1408.         )

  1409.         uapi = UserApi(

  1410.             current_user=admin,

  1411.             session=dbsession,

  1412.             config=self.app_config,

  1413.         )

  1414.         gapi = GroupApi(

  1415.             current_user=admin,

  1416.             session=dbsession,

  1417.             config=self.app_config,

  1418.         )

  1419.         groups = [gapi.get_one_with_name('users')]

  1420.         test_user = uapi.create_user(

  1421.             email='test@test.test',

  1422.             password='pass',

  1423.             name='bob',

  1424.             groups=groups,

  1425.             timezone='Europe/Paris',

  1426.             lang='fr',

  1427.             do_save=True,

  1428.             do_notify=False,

  1429.         )

  1430.         rapi = RoleApi(

  1431.             current_user=admin,

  1432.             session=dbsession,

  1433.             config=self.app_config,

  1434.         )

  1435.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1436.         api = ContentApi(

  1437.             current_user=admin,

  1438.             session=dbsession,

  1439.             config=self.app_config,

  1440.         )

  1441.         api2 = ContentApi(

  1442.             current_user=test_user,

  1443.             session=dbsession,

  1444.             config=self.app_config,

  1445.         )

  1446.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1447.         # creation order test

  1448.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1449.         api.mark_unread(firstly_created)

  1450.         api2.mark_unread(firstly_created)

  1451.         dbsession.flush()

  1452.         transaction.commit()

  1453. 

  1454.         self.testapp.authorization = (

  1455.             'Basic',

  1456.             (

  1457.                 'test@test.test',

  1458.                 'pass'

  1459.             )

  1460.         )

  1461.         # read

  1462.         self.testapp.put(

  1463.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/read'.format(  # nopep8

  1464.                 workspace_id=workspace.workspace_id,

  1465.                 content_id=firstly_created.content_id,

  1466.                 user_id=admin.user_id,

  1467.             ),

  1468.             status=403,

  1469.         )

  1470. 

  1471.     def test_api_set_content_as_read__ok__200__admin_with_comments(self):

  1472.         # init DB

  1473.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1474.         admin = dbsession.query(models.User) \

  1475.             .filter(models.User.email == 'admin@admin.admin') \

  1476.             .one()

  1477.         workspace_api = WorkspaceApi(

  1478.             current_user=admin,

  1479.             session=dbsession,

  1480.             config=self.app_config

  1481. 

  1482.         )

  1483.         workspace = WorkspaceApi(

  1484.             current_user=admin,

  1485.             session=dbsession,

  1486.             config=self.app_config,

  1487.         ).create_workspace(

  1488.             'test workspace',

  1489.             save_now=True

  1490.         )

  1491.         uapi = UserApi(

  1492.             current_user=admin,

  1493.             session=dbsession,

  1494.             config=self.app_config,

  1495.         )

  1496.         gapi = GroupApi(

  1497.             current_user=admin,

  1498.             session=dbsession,

  1499.             config=self.app_config,

  1500.         )

  1501.         groups = [gapi.get_one_with_name('users')]

  1502.         test_user = uapi.create_user(

  1503.             email='test@test.test',

  1504.             password='pass',

  1505.             name='bob',

  1506.             groups=groups,

  1507.             timezone='Europe/Paris',

  1508.             lang='fr',

  1509.             do_save=True,

  1510.             do_notify=False,

  1511.         )

  1512.         rapi = RoleApi(

  1513.             current_user=admin,

  1514.             session=dbsession,

  1515.             config=self.app_config,

  1516.         )

  1517.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1518.         api = ContentApi(

  1519.             current_user=admin,

  1520.             session=dbsession,

  1521.             config=self.app_config,

  1522.         )

  1523.         api2 = ContentApi(

  1524.             current_user=test_user,

  1525.             session=dbsession,

  1526.             config=self.app_config,

  1527.         )

  1528.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1529.         # creation order test

  1530.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1531.         comments = api.create_comment(workspace, firstly_created, 'juste a super comment', True)  # nopep8

  1532.         api.mark_unread(firstly_created)

  1533.         api.mark_unread(comments)

  1534.         dbsession.flush()

  1535.         transaction.commit()

  1536. 

  1537.         self.testapp.authorization = (

  1538.             'Basic',

  1539.             (

  1540.                 'admin@admin.admin',

  1541.                 'admin@admin.admin'

  1542.             )

  1543.         )

  1544.         # before

  1545.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1546.             user_id=test_user.user_id,

  1547.             workspace_id=workspace.workspace_id

  1548.         ), status=200) # nopep8

  1549.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1550.         assert res.json_body[0]['read_by_user'] is False

  1551. 

  1552.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1553.             user_id=admin.user_id,

  1554.             workspace_id=workspace.workspace_id

  1555.         ), status=200) # nopep8

  1556.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1557.         assert res.json_body[0]['read_by_user'] is False

  1558.         self.testapp.put(

  1559.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/read'.format(  # nopep8

  1560.                 workspace_id=workspace.workspace_id,

  1561.                 content_id=firstly_created.content_id,

  1562.                 user_id=test_user.user_id,

  1563.             )

  1564.         )

  1565.         # after

  1566.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1567.             user_id=test_user.user_id,

  1568.             workspace_id=workspace.workspace_id

  1569.         ), status=200) # nopep8

  1570.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1571.         assert res.json_body[0]['read_by_user'] is True

  1572.         # comment is also set as read

  1573.         assert comments.has_new_information_for(test_user) is False

  1574. 

  1575.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1576.             user_id=admin.user_id,

  1577.             workspace_id=workspace.workspace_id

  1578.         ), status=200) # nopep8

  1579.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1580.         assert res.json_body[0]['read_by_user'] is False

  1581.         # comment is also set as read

  1582.         assert comments.has_new_information_for(admin) is True

  1583. 

  1584. 

  1585. class TestUserSetContentAsUnread(FunctionalTest):

  1586.     """

  1587.     Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/unread  # nopep8

  1588.     """

  1589.     def test_api_set_content_as_unread__ok__200__admin(self):

  1590.         # init DB

  1591.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1592.         admin = dbsession.query(models.User) \

  1593.             .filter(models.User.email == 'admin@admin.admin') \

  1594.             .one()

  1595.         workspace_api = WorkspaceApi(

  1596.             current_user=admin,

  1597.             session=dbsession,

  1598.             config=self.app_config

  1599. 

  1600.         )

  1601.         workspace = WorkspaceApi(

  1602.             current_user=admin,

  1603.             session=dbsession,

  1604.             config=self.app_config,

  1605.         ).create_workspace(

  1606.             'test workspace',

  1607.             save_now=True

  1608.         )

  1609.         uapi = UserApi(

  1610.             current_user=admin,

  1611.             session=dbsession,

  1612.             config=self.app_config,

  1613.         )

  1614.         gapi = GroupApi(

  1615.             current_user=admin,

  1616.             session=dbsession,

  1617.             config=self.app_config,

  1618.         )

  1619.         groups = [gapi.get_one_with_name('users')]

  1620.         test_user = uapi.create_user(

  1621.             email='test@test.test',

  1622.             password='pass',

  1623.             name='bob',

  1624.             groups=groups,

  1625.             timezone='Europe/Paris',

  1626.             lang='fr',

  1627.             do_save=True,

  1628.             do_notify=False,

  1629.         )

  1630.         rapi = RoleApi(

  1631.             current_user=admin,

  1632.             session=dbsession,

  1633.             config=self.app_config,

  1634.         )

  1635.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1636.         api = ContentApi(

  1637.             current_user=admin,

  1638.             session=dbsession,

  1639.             config=self.app_config,

  1640.         )

  1641.         api2 = ContentApi(

  1642.             current_user=test_user,

  1643.             session=dbsession,

  1644.             config=self.app_config,

  1645.         )

  1646.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1647.         # creation order test

  1648.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1649.         api.mark_read(firstly_created)

  1650.         api2.mark_read(firstly_created)

  1651.         dbsession.flush()

  1652.         transaction.commit()

  1653. 

  1654.         self.testapp.authorization = (

  1655.             'Basic',

  1656.             (

  1657.                 'admin@admin.admin',

  1658.                 'admin@admin.admin'

  1659.             )

  1660.         )

  1661.         # before

  1662.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1663.             user_id=test_user.user_id,

  1664.             workspace_id=workspace.workspace_id

  1665.         ), status=200)

  1666.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1667.         assert res.json_body[0]['read_by_user'] is True

  1668. 

  1669.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1670.             user_id=admin.user_id,

  1671.             workspace_id=workspace.workspace_id

  1672.         ), status=200)

  1673.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1674.         assert res.json_body[0]['read_by_user'] is True

  1675. 

  1676.         # unread

  1677.         self.testapp.put(

  1678.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/unread'.format(  # nopep8

  1679.                 workspace_id=workspace.workspace_id,

  1680.                 content_id=firstly_created.content_id,

  1681.                 user_id=test_user.user_id,

  1682.             )

  1683.         )

  1684.         # after

  1685.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1686.             user_id=test_user.user_id,

  1687.             workspace_id=workspace.workspace_id

  1688.         ), status=200)

  1689.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1690.         assert res.json_body[0]['read_by_user'] is False

  1691. 

  1692.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1693.             user_id=admin.user_id,

  1694.             workspace_id=workspace.workspace_id

  1695.         ), status=200)

  1696.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1697.         assert res.json_body[0]['read_by_user'] is True

  1698. 

  1699.     def test_api_set_content_as_unread__err__400__admin_workspace_do_not_exist(self):

  1700.         # init DB

  1701.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1702.         admin = dbsession.query(models.User) \

  1703.             .filter(models.User.email == 'admin@admin.admin') \

  1704.             .one()

  1705.         workspace_api = WorkspaceApi(

  1706.             current_user=admin,

  1707.             session=dbsession,

  1708.             config=self.app_config

  1709. 

  1710.         )

  1711.         workspace = WorkspaceApi(

  1712.             current_user=admin,

  1713.             session=dbsession,

  1714.             config=self.app_config,

  1715.         ).create_workspace(

  1716.             'test workspace',

  1717.             save_now=True

  1718.         )

  1719.         uapi = UserApi(

  1720.             current_user=admin,

  1721.             session=dbsession,

  1722.             config=self.app_config,

  1723.         )

  1724.         gapi = GroupApi(

  1725.             current_user=admin,

  1726.             session=dbsession,

  1727.             config=self.app_config,

  1728.         )

  1729.         groups = [gapi.get_one_with_name('users')]

  1730.         test_user = uapi.create_user(

  1731.             email='test@test.test',

  1732.             password='pass',

  1733.             name='bob',

  1734.             groups=groups,

  1735.             timezone='Europe/Paris',

  1736.             lang='fr',

  1737.             do_save=True,

  1738.             do_notify=False,

  1739.         )

  1740.         rapi = RoleApi(

  1741.             current_user=admin,

  1742.             session=dbsession,

  1743.             config=self.app_config,

  1744.         )

  1745.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1746.         api = ContentApi(

  1747.             current_user=admin,

  1748.             session=dbsession,

  1749.             config=self.app_config,

  1750.         )

  1751.         api2 = ContentApi(

  1752.             current_user=test_user,

  1753.             session=dbsession,

  1754.             config=self.app_config,

  1755.         )

  1756.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1757.         # creation order test

  1758.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1759.         api.mark_read(firstly_created)

  1760.         api2.mark_read(firstly_created)

  1761.         dbsession.flush()

  1762.         transaction.commit()

  1763. 

  1764.         self.testapp.authorization = (

  1765.             'Basic',

  1766.             (

  1767.                 'admin@admin.admin',

  1768.                 'admin@admin.admin'

  1769.             )

  1770.         )

  1771.         # unread

  1772.         self.testapp.put(

  1773.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/unread'.format(  # nopep8

  1774.                 workspace_id=4000,

  1775.                 content_id=firstly_created.content_id,

  1776.                 user_id=test_user.user_id,

  1777.             ),

  1778.             status=400,

  1779.         )

  1780. 

  1781.     def test_api_set_content_as_unread__err__400__admin_content_do_not_exist(self):

  1782.         # init DB

  1783.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1784.         admin = dbsession.query(models.User) \

  1785.             .filter(models.User.email == 'admin@admin.admin') \

  1786.             .one()

  1787.         workspace_api = WorkspaceApi(

  1788.             current_user=admin,

  1789.             session=dbsession,

  1790.             config=self.app_config

  1791. 

  1792.         )

  1793.         workspace = WorkspaceApi(

  1794.             current_user=admin,

  1795.             session=dbsession,

  1796.             config=self.app_config,

  1797.         ).create_workspace(

  1798.             'test workspace',

  1799.             save_now=True

  1800.         )

  1801.         uapi = UserApi(

  1802.             current_user=admin,

  1803.             session=dbsession,

  1804.             config=self.app_config,

  1805.         )

  1806.         gapi = GroupApi(

  1807.             current_user=admin,

  1808.             session=dbsession,

  1809.             config=self.app_config,

  1810.         )

  1811.         groups = [gapi.get_one_with_name('users')]

  1812.         test_user = uapi.create_user(

  1813.             email='test@test.test',

  1814.             password='pass',

  1815.             name='bob',

  1816.             groups=groups,

  1817.             timezone='Europe/Paris',

  1818.             lang='fr',

  1819.             do_save=True,

  1820.             do_notify=False,

  1821.         )

  1822.         rapi = RoleApi(

  1823.             current_user=admin,

  1824.             session=dbsession,

  1825.             config=self.app_config,

  1826.         )

  1827.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1828.         api = ContentApi(

  1829.             current_user=admin,

  1830.             session=dbsession,

  1831.             config=self.app_config,

  1832.         )

  1833.         api2 = ContentApi(

  1834.             current_user=test_user,

  1835.             session=dbsession,

  1836.             config=self.app_config,

  1837.         )

  1838.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1839.         # creation order test

  1840.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1841.         api.mark_read(firstly_created)

  1842.         api2.mark_read(firstly_created)

  1843.         dbsession.flush()

  1844.         transaction.commit()

  1845. 

  1846.         self.testapp.authorization = (

  1847.             'Basic',

  1848.             (

  1849.                 'admin@admin.admin',

  1850.                 'admin@admin.admin'

  1851.             )

  1852.         )

  1853. 

  1854.         # unread

  1855.         self.testapp.put(

  1856.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/unread'.format(  # nopep8

  1857.                 workspace_id=workspace.workspace_id,

  1858.                 content_id=4000,

  1859.                 user_id=test_user.user_id,

  1860.             ),

  1861.             status=400,

  1862.         )

  1863. 

  1864.     def test_api_set_content_as_unread__ok__200__user_itself(self):

  1865.         # init DB

  1866.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1867.         admin = dbsession.query(models.User) \

  1868.             .filter(models.User.email == 'admin@admin.admin') \

  1869.             .one()

  1870.         workspace_api = WorkspaceApi(

  1871.             current_user=admin,

  1872.             session=dbsession,

  1873.             config=self.app_config

  1874. 

  1875.         )

  1876.         workspace = WorkspaceApi(

  1877.             current_user=admin,

  1878.             session=dbsession,

  1879.             config=self.app_config,

  1880.         ).create_workspace(

  1881.             'test workspace',

  1882.             save_now=True

  1883.         )

  1884.         uapi = UserApi(

  1885.             current_user=admin,

  1886.             session=dbsession,

  1887.             config=self.app_config,

  1888.         )

  1889.         gapi = GroupApi(

  1890.             current_user=admin,

  1891.             session=dbsession,

  1892.             config=self.app_config,

  1893.         )

  1894.         groups = [gapi.get_one_with_name('users')]

  1895.         test_user = uapi.create_user(

  1896.             email='test@test.test',

  1897.             password='pass',

  1898.             name='bob',

  1899.             groups=groups,

  1900.             timezone='Europe/Paris',

  1901.             lang='fr',

  1902.             do_save=True,

  1903.             do_notify=False,

  1904.         )

  1905.         rapi = RoleApi(

  1906.             current_user=admin,

  1907.             session=dbsession,

  1908.             config=self.app_config,

  1909.         )

  1910.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  1911.         api = ContentApi(

  1912.             current_user=admin,

  1913.             session=dbsession,

  1914.             config=self.app_config,

  1915.         )

  1916.         api2 = ContentApi(

  1917.             current_user=test_user,

  1918.             session=dbsession,

  1919.             config=self.app_config,

  1920.         )

  1921.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  1922.         # creation order test

  1923.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  1924.         api.mark_read(firstly_created)

  1925.         api2.mark_read(firstly_created)

  1926.         dbsession.flush()

  1927.         transaction.commit()

  1928. 

  1929.         self.testapp.authorization = (

  1930.             'Basic',

  1931.             (

  1932.                 'test@test.test',

  1933.                 'pass'

  1934.             )

  1935.         )

  1936.         # before

  1937.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1938.             user_id=test_user.user_id,

  1939.             workspace_id=workspace.workspace_id

  1940.         ), status=200)

  1941.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1942.         assert res.json_body[0]['read_by_user'] is True

  1943. 

  1944.         # unread

  1945.         self.testapp.put(

  1946.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/unread'.format(  # nopep8

  1947.                 workspace_id=workspace.workspace_id,

  1948.                 content_id=firstly_created.content_id,

  1949.                 user_id=test_user.user_id,

  1950.             )

  1951.         )

  1952.         # after

  1953.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  1954.             user_id=test_user.user_id,

  1955.             workspace_id=workspace.workspace_id

  1956.         ), status=200)

  1957.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  1958.         assert res.json_body[0]['read_by_user'] is False

  1959. 

  1960.     def test_api_set_content_as_unread__err__403__other_user(self):

  1961.         # init DB

  1962.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  1963.         admin = dbsession.query(models.User) \

  1964.             .filter(models.User.email == 'admin@admin.admin') \

  1965.             .one()

  1966.         workspace_api = WorkspaceApi(

  1967.             current_user=admin,

  1968.             session=dbsession,

  1969.             config=self.app_config

  1970. 

  1971.         )

  1972.         workspace = WorkspaceApi(

  1973.             current_user=admin,

  1974.             session=dbsession,

  1975.             config=self.app_config,

  1976.         ).create_workspace(

  1977.             'test workspace',

  1978.             save_now=True

  1979.         )

  1980.         uapi = UserApi(

  1981.             current_user=admin,

  1982.             session=dbsession,

  1983.             config=self.app_config,

  1984.         )

  1985.         gapi = GroupApi(

  1986.             current_user=admin,

  1987.             session=dbsession,

  1988.             config=self.app_config,

  1989.         )

  1990.         groups = [gapi.get_one_with_name('users')]

  1991.         test_user = uapi.create_user(

  1992.             email='test@test.test',

  1993.             password='pass',

  1994.             name='bob',

  1995.             groups=groups,

  1996.             timezone='Europe/Paris',

  1997.             lang='fr',

  1998.             do_save=True,

  1999.             do_notify=False,

  2000.         )

  2001.         rapi = RoleApi(

  2002.             current_user=admin,

  2003.             session=dbsession,

  2004.             config=self.app_config,

  2005.         )

  2006.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  2007.         api = ContentApi(

  2008.             current_user=admin,

  2009.             session=dbsession,

  2010.             config=self.app_config,

  2011.         )

  2012.         api2 = ContentApi(

  2013.             current_user=test_user,

  2014.             session=dbsession,

  2015.             config=self.app_config,

  2016.         )

  2017.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  2018.         # creation order test

  2019.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  2020.         api.mark_read(firstly_created)

  2021.         api2.mark_read(firstly_created)

  2022.         dbsession.flush()

  2023.         transaction.commit()

  2024. 

  2025.         self.testapp.authorization = (

  2026.             'Basic',

  2027.             (

  2028.                 'test@test.test',

  2029.                 'pass'

  2030.             )

  2031.         )

  2032. 

  2033.         # unread

  2034.         self.testapp.put(

  2035.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/unread'.format(  # nopep8

  2036.                 workspace_id=workspace.workspace_id,

  2037.                 content_id=firstly_created.content_id,

  2038.                 user_id=admin.user_id,

  2039.             ),

  2040.             status=403,

  2041.         )

  2042. 

  2043.     def test_api_set_content_as_unread__ok__200__with_comments(self):

  2044.         # init DB

  2045.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2046.         admin = dbsession.query(models.User) \

  2047.             .filter(models.User.email == 'admin@admin.admin') \

  2048.             .one()

  2049.         workspace_api = WorkspaceApi(

  2050.             current_user=admin,

  2051.             session=dbsession,

  2052.             config=self.app_config

  2053. 

  2054.         )

  2055.         workspace = WorkspaceApi(

  2056.             current_user=admin,

  2057.             session=dbsession,

  2058.             config=self.app_config,

  2059.         ).create_workspace(

  2060.             'test workspace',

  2061.             save_now=True

  2062.         )

  2063.         api = ContentApi(

  2064.             current_user=admin,

  2065.             session=dbsession,

  2066.             config=self.app_config,

  2067.         )

  2068.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  2069.         # creation order test

  2070.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  2071.         comments = api.create_comment(workspace, firstly_created, 'juste a super comment', True)  # nopep8

  2072.         api.mark_read(firstly_created)

  2073.         api.mark_read(comments)

  2074.         dbsession.flush()

  2075.         transaction.commit()

  2076. 

  2077.         self.testapp.authorization = (

  2078.             'Basic',

  2079.             (

  2080.                 'admin@admin.admin',

  2081.                 'admin@admin.admin'

  2082.             )

  2083.         )

  2084.         res = self.testapp.get('/api/v2/users/1/workspaces/{}/contents/read_status'.format(workspace.workspace_id), status=200) # nopep8

  2085.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  2086.         assert res.json_body[0]['read_by_user'] is True

  2087.         self.testapp.put(

  2088.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/{content_id}/unread'.format(  # nopep8

  2089.                 workspace_id=workspace.workspace_id,

  2090.                 content_id=firstly_created.content_id,

  2091.                 user_id=admin.user_id,

  2092.             )

  2093.         )

  2094.         res = self.testapp.get('/api/v2/users/1/workspaces/{}/contents/read_status'.format(workspace.workspace_id), status=200)  # nopep8

  2095.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  2096.         assert res.json_body[0]['read_by_user'] is False

  2097. 

  2098.         assert comments.has_new_information_for(admin) is True

  2099. 

  2100. 

  2101. class TestUserSetWorkspaceAsRead(FunctionalTest):

  2102.     """

  2103.     Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/read

  2104.     """

  2105.     def test_api_set_content_as_read__ok__200__admin(self):

  2106.         # init DB

  2107.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2108.         admin = dbsession.query(models.User) \

  2109.             .filter(models.User.email == 'admin@admin.admin') \

  2110.             .one()

  2111.         workspace_api = WorkspaceApi(

  2112.             current_user=admin,

  2113.             session=dbsession,

  2114.             config=self.app_config

  2115. 

  2116.         )

  2117.         workspace = WorkspaceApi(

  2118.             current_user=admin,

  2119.             session=dbsession,

  2120.             config=self.app_config,

  2121.         ).create_workspace(

  2122.             'test workspace',

  2123.             save_now=True

  2124.         )

  2125.         uapi = UserApi(

  2126.             current_user=admin,

  2127.             session=dbsession,

  2128.             config=self.app_config,

  2129.         )

  2130.         gapi = GroupApi(

  2131.             current_user=admin,

  2132.             session=dbsession,

  2133.             config=self.app_config,

  2134.         )

  2135.         groups = [gapi.get_one_with_name('users')]

  2136.         test_user = uapi.create_user(

  2137.             email='test@test.test',

  2138.             password='pass',

  2139.             name='bob',

  2140.             groups=groups,

  2141.             timezone='Europe/Paris',

  2142.             lang='fr',

  2143.             do_save=True,

  2144.             do_notify=False,

  2145.         )

  2146.         rapi = RoleApi(

  2147.             current_user=admin,

  2148.             session=dbsession,

  2149.             config=self.app_config,

  2150.         )

  2151.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  2152.         api = ContentApi(

  2153.             current_user=admin,

  2154.             session=dbsession,

  2155.             config=self.app_config,

  2156.         )

  2157.         api2 = ContentApi(

  2158.             current_user=test_user,

  2159.             session=dbsession,

  2160.             config=self.app_config,

  2161.         )

  2162.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  2163.         # creation order test

  2164.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  2165.         api.mark_unread(main_folder)

  2166.         api.mark_unread(firstly_created)

  2167.         api2.mark_unread(main_folder)

  2168.         api2.mark_unread(firstly_created)

  2169.         dbsession.flush()

  2170.         transaction.commit()

  2171. 

  2172.         self.testapp.authorization = (

  2173.             'Basic',

  2174.             (

  2175.                 'admin@admin.admin',

  2176.                 'admin@admin.admin'

  2177.             )

  2178.         )

  2179.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  2180.             user_id=test_user.user_id,

  2181.             workspace_id=workspace.workspace_id

  2182.         ), status=200)

  2183.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  2184.         assert res.json_body[0]['read_by_user'] is False

  2185.         assert res.json_body[1]['content_id'] == main_folder.content_id

  2186.         assert res.json_body[1]['read_by_user'] is False

  2187.         self.testapp.put(

  2188.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/read'.format(  # nopep8

  2189.                 workspace_id=workspace.workspace_id,

  2190.                 content_id=firstly_created.content_id,

  2191.                 user_id=test_user.user_id,

  2192.             )

  2193.         )

  2194.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  2195.             user_id=test_user.user_id,

  2196.             workspace_id=workspace.workspace_id

  2197.         ), status=200)

  2198.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  2199.         assert res.json_body[0]['read_by_user'] is True

  2200.         assert res.json_body[1]['content_id'] == main_folder.content_id

  2201.         assert res.json_body[1]['read_by_user'] is True

  2202. 

  2203.     def test_api_set_content_as_read__ok__200__user_itself(self):

  2204.         # init DB

  2205.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2206.         admin = dbsession.query(models.User) \

  2207.             .filter(models.User.email == 'admin@admin.admin') \

  2208.             .one()

  2209.         workspace_api = WorkspaceApi(

  2210.             current_user=admin,

  2211.             session=dbsession,

  2212.             config=self.app_config

  2213. 

  2214.         )

  2215.         workspace = WorkspaceApi(

  2216.             current_user=admin,

  2217.             session=dbsession,

  2218.             config=self.app_config,

  2219.         ).create_workspace(

  2220.             'test workspace',

  2221.             save_now=True

  2222.         )

  2223.         uapi = UserApi(

  2224.             current_user=admin,

  2225.             session=dbsession,

  2226.             config=self.app_config,

  2227.         )

  2228.         gapi = GroupApi(

  2229.             current_user=admin,

  2230.             session=dbsession,

  2231.             config=self.app_config,

  2232.         )

  2233.         groups = [gapi.get_one_with_name('users')]

  2234.         test_user = uapi.create_user(

  2235.             email='test@test.test',

  2236.             password='pass',

  2237.             name='bob',

  2238.             groups=groups,

  2239.             timezone='Europe/Paris',

  2240.             lang='fr',

  2241.             do_save=True,

  2242.             do_notify=False,

  2243.         )

  2244.         rapi = RoleApi(

  2245.             current_user=admin,

  2246.             session=dbsession,

  2247.             config=self.app_config,

  2248.         )

  2249.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  2250.         api = ContentApi(

  2251.             current_user=admin,

  2252.             session=dbsession,

  2253.             config=self.app_config,

  2254.         )

  2255.         api2 = ContentApi(

  2256.             current_user=test_user,

  2257.             session=dbsession,

  2258.             config=self.app_config,

  2259.         )

  2260.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  2261.         # creation order test

  2262.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  2263.         api.mark_unread(main_folder)

  2264.         api.mark_unread(firstly_created)

  2265.         api2.mark_unread(main_folder)

  2266.         api2.mark_unread(firstly_created)

  2267.         dbsession.flush()

  2268.         transaction.commit()

  2269. 

  2270.         self.testapp.authorization = (

  2271.             'Basic',

  2272.             (

  2273.                 'test@test.test',

  2274.                 'pass'

  2275.             )

  2276.         )

  2277.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  2278.             user_id=test_user.user_id,

  2279.             workspace_id=workspace.workspace_id

  2280.         ), status=200)

  2281.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  2282.         assert res.json_body[0]['read_by_user'] is False

  2283.         assert res.json_body[1]['content_id'] == main_folder.content_id

  2284.         assert res.json_body[1]['read_by_user'] is False

  2285.         self.testapp.put(

  2286.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/read'.format(  # nopep8

  2287.                 workspace_id=workspace.workspace_id,

  2288.                 content_id=firstly_created.content_id,

  2289.                 user_id=test_user.user_id,

  2290.             )

  2291.         )

  2292.         res = self.testapp.get('/api/v2/users/{user_id}/workspaces/{workspace_id}/contents/read_status'.format(  # nopep8

  2293.             user_id=test_user.user_id,

  2294.             workspace_id=workspace.workspace_id

  2295.         ), status=200)

  2296.         assert res.json_body[0]['content_id'] == firstly_created.content_id

  2297.         assert res.json_body[0]['read_by_user'] is True

  2298.         assert res.json_body[1]['content_id'] == main_folder.content_id

  2299.         assert res.json_body[1]['read_by_user'] is True

  2300. 

  2301.     def test_api_set_content_as_read__err__403__other_user(self):

  2302.         # init DB

  2303.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2304.         admin = dbsession.query(models.User) \

  2305.             .filter(models.User.email == 'admin@admin.admin') \

  2306.             .one()

  2307.         workspace_api = WorkspaceApi(

  2308.             current_user=admin,

  2309.             session=dbsession,

  2310.             config=self.app_config

  2311. 

  2312.         )

  2313.         workspace = WorkspaceApi(

  2314.             current_user=admin,

  2315.             session=dbsession,

  2316.             config=self.app_config,

  2317.         ).create_workspace(

  2318.             'test workspace',

  2319.             save_now=True

  2320.         )

  2321.         uapi = UserApi(

  2322.             current_user=admin,

  2323.             session=dbsession,

  2324.             config=self.app_config,

  2325.         )

  2326.         gapi = GroupApi(

  2327.             current_user=admin,

  2328.             session=dbsession,

  2329.             config=self.app_config,

  2330.         )

  2331.         groups = [gapi.get_one_with_name('users')]

  2332.         test_user = uapi.create_user(

  2333.             email='test@test.test',

  2334.             password='pass',

  2335.             name='bob',

  2336.             groups=groups,

  2337.             timezone='Europe/Paris',

  2338.             lang='fr',

  2339.             do_save=True,

  2340.             do_notify=False,

  2341.         )

  2342.         rapi = RoleApi(

  2343.             current_user=admin,

  2344.             session=dbsession,

  2345.             config=self.app_config,

  2346.         )

  2347.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  2348.         api = ContentApi(

  2349.             current_user=admin,

  2350.             session=dbsession,

  2351.             config=self.app_config,

  2352.         )

  2353.         api2 = ContentApi(

  2354.             current_user=test_user,

  2355.             session=dbsession,

  2356.             config=self.app_config,

  2357.         )

  2358.         main_folder = api.create(CONTENT_TYPES.Folder.slug, workspace, None, 'this is randomized folder', '', True)  # nopep8

  2359.         # creation order test

  2360.         firstly_created = api.create(CONTENT_TYPES.Page.slug, workspace, main_folder, 'creation_order_test', '', True)  # nopep8

  2361.         api.mark_unread(main_folder)

  2362.         api.mark_unread(firstly_created)

  2363.         api2.mark_unread(main_folder)

  2364.         api2.mark_unread(firstly_created)

  2365.         dbsession.flush()

  2366.         transaction.commit()

  2367. 

  2368.         self.testapp.authorization = (

  2369.             'Basic',

  2370.             (

  2371.                 'test@test.test',

  2372.                 'pass'

  2373.             )

  2374.         )

  2375.         self.testapp.put(

  2376.             '/api/v2/users/{user_id}/workspaces/{workspace_id}/read'.format(  # nopep8

  2377.                 workspace_id=workspace.workspace_id,

  2378.                 content_id=firstly_created.content_id,

  2379.                 user_id=admin.user_id,

  2380.             ),

  2381.             status=403,

  2382.         )

  2383. 

  2384. 

  2385. class TestUserEnableWorkspaceNotification(FunctionalTest):

  2386.     """

  2387.     Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/notify

  2388.     """

  2389.     def test_api_enable_user_workspace_notification__ok__200__admin(self):

  2390.         # init DB

  2391.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2392.         admin = dbsession.query(models.User) \

  2393.             .filter(models.User.email == 'admin@admin.admin') \

  2394.             .one()

  2395.         workspace_api = WorkspaceApi(

  2396.             current_user=admin,

  2397.             session=dbsession,

  2398.             config=self.app_config

  2399. 

  2400.         )

  2401.         workspace = WorkspaceApi(

  2402.             current_user=admin,

  2403.             session=dbsession,

  2404.             config=self.app_config,

  2405.         ).create_workspace(

  2406.             'test workspace',

  2407.             save_now=True

  2408.         )

  2409.         uapi = UserApi(

  2410.             current_user=admin,

  2411.             session=dbsession,

  2412.             config=self.app_config,

  2413.         )

  2414.         gapi = GroupApi(

  2415.             current_user=admin,

  2416.             session=dbsession,

  2417.             config=self.app_config,

  2418.         )

  2419.         groups = [gapi.get_one_with_name('users')]

  2420.         test_user = uapi.create_user(

  2421.             email='test@test.test',

  2422.             password='pass',

  2423.             name='bob',

  2424.             groups=groups,

  2425.             timezone='Europe/Paris',

  2426.             lang='fr',

  2427.             do_save=True,

  2428.             do_notify=False,

  2429.         )

  2430.         rapi = RoleApi(

  2431.             current_user=admin,

  2432.             session=dbsession,

  2433.             config=self.app_config,

  2434.         )

  2435.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8

  2436.         transaction.commit()

  2437.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2438.         assert role.do_notify is False

  2439.         self.testapp.authorization = (

  2440.             'Basic',

  2441.             (

  2442.                 'admin@admin.admin',

  2443.                 'admin@admin.admin'

  2444.             )

  2445.         )

  2446.         self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/notify'.format(  # nopep8

  2447.             user_id=test_user.user_id,

  2448.             workspace_id=workspace.workspace_id

  2449.         ), status=204)

  2450.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2451.         rapi = RoleApi(

  2452.             current_user=admin,

  2453.             session=dbsession,

  2454.             config=self.app_config,

  2455.         )

  2456.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2457.         assert role.do_notify is True

  2458. 

  2459.     def test_api_enable_user_workspace_notification__ok__200__user_itself(self):

  2460.         # init DB

  2461.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2462.         admin = dbsession.query(models.User) \

  2463.             .filter(models.User.email == 'admin@admin.admin') \

  2464.             .one()

  2465.         workspace_api = WorkspaceApi(

  2466.             current_user=admin,

  2467.             session=dbsession,

  2468.             config=self.app_config

  2469. 

  2470.         )

  2471.         workspace = WorkspaceApi(

  2472.             current_user=admin,

  2473.             session=dbsession,

  2474.             config=self.app_config,

  2475.         ).create_workspace(

  2476.             'test workspace',

  2477.             save_now=True

  2478.         )

  2479.         uapi = UserApi(

  2480.             current_user=admin,

  2481.             session=dbsession,

  2482.             config=self.app_config,

  2483.         )

  2484.         gapi = GroupApi(

  2485.             current_user=admin,

  2486.             session=dbsession,

  2487.             config=self.app_config,

  2488.         )

  2489.         groups = [gapi.get_one_with_name('users')]

  2490.         test_user = uapi.create_user(

  2491.             email='test@test.test',

  2492.             password='pass',

  2493.             name='bob',

  2494.             groups=groups,

  2495.             timezone='Europe/Paris',

  2496.             lang='fr',

  2497.             do_save=True,

  2498.             do_notify=False,

  2499.         )

  2500.         rapi = RoleApi(

  2501.             current_user=admin,

  2502.             session=dbsession,

  2503.             config=self.app_config,

  2504.         )

  2505.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8

  2506.         transaction.commit()

  2507.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2508.         assert role.do_notify is False

  2509.         self.testapp.authorization = (

  2510.             'Basic',

  2511.             (

  2512.                 'test@test.test',

  2513.                 'pass',

  2514.             )

  2515.         )

  2516.         self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/notify'.format(  # nopep8

  2517.             user_id=test_user.user_id,

  2518.             workspace_id=workspace.workspace_id

  2519.         ), status=204)

  2520. 

  2521.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2522.         rapi = RoleApi(

  2523.             current_user=admin,

  2524.             session=dbsession,

  2525.             config=self.app_config,

  2526.         )

  2527.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2528.         assert role.do_notify is True

  2529. 

  2530.     def test_api_enable_user_workspace_notification__err__403__other_user(self):

  2531.         # init DB

  2532.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2533.         admin = dbsession.query(models.User) \

  2534.             .filter(models.User.email == 'admin@admin.admin') \

  2535.             .one()

  2536.         workspace_api = WorkspaceApi(

  2537.             current_user=admin,

  2538.             session=dbsession,

  2539.             config=self.app_config

  2540. 

  2541.         )

  2542.         workspace = WorkspaceApi(

  2543.             current_user=admin,

  2544.             session=dbsession,

  2545.             config=self.app_config,

  2546.         ).create_workspace(

  2547.             'test workspace',

  2548.             save_now=True

  2549.         )

  2550.         uapi = UserApi(

  2551.             current_user=admin,

  2552.             session=dbsession,

  2553.             config=self.app_config,

  2554.         )

  2555.         gapi = GroupApi(

  2556.             current_user=admin,

  2557.             session=dbsession,

  2558.             config=self.app_config,

  2559.         )

  2560.         groups = [gapi.get_one_with_name('users')]

  2561.         test_user = uapi.create_user(

  2562.             email='test@test.test',

  2563.             password='pass',

  2564.             name='bob',

  2565.             groups=groups,

  2566.             timezone='Europe/Paris',

  2567.             lang='fr',

  2568.             do_save=True,

  2569.             do_notify=False,

  2570.         )

  2571.         test_user2 = uapi.create_user(

  2572.             email='test2@test2.test2',

  2573.             password='pass',

  2574.             name='boby',

  2575.             groups=groups,

  2576.             timezone='Europe/Paris',

  2577.             lang='fr',

  2578.             do_save=True,

  2579.             do_notify=False,

  2580.         )

  2581.         rapi = RoleApi(

  2582.             current_user=admin,

  2583.             session=dbsession,

  2584.             config=self.app_config,

  2585.         )

  2586.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8

  2587.         rapi.create_one(test_user2, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8

  2588.         transaction.commit()

  2589.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2590.         assert role.do_notify is False

  2591.         self.testapp.authorization = (

  2592.             'Basic',

  2593.             (

  2594.                 'test2@test2.test2',

  2595.                 'pass',

  2596.             )

  2597.         )

  2598.         self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/notify'.format(  # nopep8

  2599.             user_id=test_user.user_id,

  2600.             workspace_id=workspace.workspace_id

  2601.         ), status=403)

  2602. 

  2603. 

  2604. class TestUserDisableWorkspaceNotification(FunctionalTest):

  2605.     """

  2606.     Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify

  2607.     """

  2608.     def test_api_disable_user_workspace_notification__ok__200__admin(self):

  2609.         # init DB

  2610.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2611.         admin = dbsession.query(models.User) \

  2612.             .filter(models.User.email == 'admin@admin.admin') \

  2613.             .one()

  2614.         workspace_api = WorkspaceApi(

  2615.             current_user=admin,

  2616.             session=dbsession,

  2617.             config=self.app_config

  2618. 

  2619.         )

  2620.         workspace = WorkspaceApi(

  2621.             current_user=admin,

  2622.             session=dbsession,

  2623.             config=self.app_config,

  2624.         ).create_workspace(

  2625.             'test workspace',

  2626.             save_now=True

  2627.         )

  2628.         uapi = UserApi(

  2629.             current_user=admin,

  2630.             session=dbsession,

  2631.             config=self.app_config,

  2632.         )

  2633.         gapi = GroupApi(

  2634.             current_user=admin,

  2635.             session=dbsession,

  2636.             config=self.app_config,

  2637.         )

  2638.         groups = [gapi.get_one_with_name('users')]

  2639.         test_user = uapi.create_user(

  2640.             email='test@test.test',

  2641.             password='pass',

  2642.             name='bob',

  2643.             groups=groups,

  2644.             timezone='Europe/Paris',

  2645.             lang='fr',

  2646.             do_save=True,

  2647.             do_notify=True,

  2648.         )

  2649.         rapi = RoleApi(

  2650.             current_user=admin,

  2651.             session=dbsession,

  2652.             config=self.app_config,

  2653.         )

  2654.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=True)  # nopep8

  2655.         transaction.commit()

  2656.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2657.         assert role.do_notify is True

  2658.         self.testapp.authorization = (

  2659.             'Basic',

  2660.             (

  2661.                 'admin@admin.admin',

  2662.                 'admin@admin.admin'

  2663.             )

  2664.         )

  2665.         self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify'.format(  # nopep8

  2666.             user_id=test_user.user_id,

  2667.             workspace_id=workspace.workspace_id

  2668.         ), status=204)

  2669. 

  2670.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2671.         rapi = RoleApi(

  2672.             current_user=admin,

  2673.             session=dbsession,

  2674.             config=self.app_config,

  2675.         )

  2676.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2677.         assert role.do_notify is False

  2678. 

  2679.     def test_api_enable_user_workspace_notification__ok__200__user_itself(self):

  2680.         # init DB

  2681.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2682.         admin = dbsession.query(models.User) \

  2683.             .filter(models.User.email == 'admin@admin.admin') \

  2684.             .one()

  2685.         workspace_api = WorkspaceApi(

  2686.             current_user=admin,

  2687.             session=dbsession,

  2688.             config=self.app_config

  2689. 

  2690.         )

  2691.         workspace = WorkspaceApi(

  2692.             current_user=admin,

  2693.             session=dbsession,

  2694.             config=self.app_config,

  2695.         ).create_workspace(

  2696.             'test workspace',

  2697.             save_now=True

  2698.         )

  2699.         uapi = UserApi(

  2700.             current_user=admin,

  2701.             session=dbsession,

  2702.             config=self.app_config,

  2703.         )

  2704.         gapi = GroupApi(

  2705.             current_user=admin,

  2706.             session=dbsession,

  2707.             config=self.app_config,

  2708.         )

  2709.         groups = [gapi.get_one_with_name('users')]

  2710.         test_user = uapi.create_user(

  2711.             email='test@test.test',

  2712.             password='pass',

  2713.             name='bob',

  2714.             groups=groups,

  2715.             timezone='Europe/Paris',

  2716.             lang='fr',

  2717.             do_save=True,

  2718.             do_notify=False,

  2719.         )

  2720.         rapi = RoleApi(

  2721.             current_user=admin,

  2722.             session=dbsession,

  2723.             config=self.app_config,

  2724.         )

  2725.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=True)  # nopep8

  2726.         transaction.commit()

  2727.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2728.         assert role.do_notify is True

  2729.         self.testapp.authorization = (

  2730.             'Basic',

  2731.             (

  2732.                 'test@test.test',

  2733.                 'pass',

  2734.             )

  2735.         )

  2736.         self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify'.format(  # nopep8

  2737.             user_id=test_user.user_id,

  2738.             workspace_id=workspace.workspace_id

  2739.         ), status=204)

  2740.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2741.         rapi = RoleApi(

  2742.             current_user=admin,

  2743.             session=dbsession,

  2744.             config=self.app_config,

  2745.         )

  2746.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2747.         assert role.do_notify is False

  2748. 

  2749.     def test_api_disable_user_workspace_notification__err__403__other_user(self):

  2750.         # init DB

  2751.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2752.         admin = dbsession.query(models.User) \

  2753.             .filter(models.User.email == 'admin@admin.admin') \

  2754.             .one()

  2755.         workspace_api = WorkspaceApi(

  2756.             current_user=admin,

  2757.             session=dbsession,

  2758.             config=self.app_config

  2759. 

  2760.         )

  2761.         workspace = WorkspaceApi(

  2762.             current_user=admin,

  2763.             session=dbsession,

  2764.             config=self.app_config,

  2765.         ).create_workspace(

  2766.             'test workspace',

  2767.             save_now=True

  2768.         )

  2769.         uapi = UserApi(

  2770.             current_user=admin,

  2771.             session=dbsession,

  2772.             config=self.app_config,

  2773.         )

  2774.         gapi = GroupApi(

  2775.             current_user=admin,

  2776.             session=dbsession,

  2777.             config=self.app_config,

  2778.         )

  2779.         groups = [gapi.get_one_with_name('users')]

  2780.         test_user = uapi.create_user(

  2781.             email='test@test.test',

  2782.             password='pass',

  2783.             name='bob',

  2784.             groups=groups,

  2785.             timezone='Europe/Paris',

  2786.             lang='fr',

  2787.             do_save=True,

  2788.             do_notify=False,

  2789.         )

  2790.         test_user2 = uapi.create_user(

  2791.             email='test2@test2.test2',

  2792.             password='pass',

  2793.             name='boby',

  2794.             groups=groups,

  2795.             timezone='Europe/Paris',

  2796.             lang='fr',

  2797.             do_save=True,

  2798.             do_notify=False,

  2799.         )

  2800.         rapi = RoleApi(

  2801.             current_user=admin,

  2802.             session=dbsession,

  2803.             config=self.app_config,

  2804.         )

  2805.         rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=True)  # nopep8

  2806.         rapi.create_one(test_user2, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8

  2807.         transaction.commit()

  2808.         role = rapi.get_one(test_user.user_id, workspace.workspace_id)

  2809.         assert role.do_notify is True

  2810.         self.testapp.authorization = (

  2811.             'Basic',

  2812.             (

  2813.                 'test2@test2.test2',

  2814.                 'pass',

  2815.             )

  2816.         )

  2817.         self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify'.format(  # nopep8

  2818.             user_id=test_user.user_id,

  2819.             workspace_id=workspace.workspace_id

  2820.         ), status=403)

  2821. 

  2822. 

  2823. class TestUserWorkspaceEndpoint(FunctionalTest):

  2824.     """

  2825.     Tests for /api/v2/users/{user_id}/workspaces

  2826.     """

  2827.     fixtures = [BaseFixture, ContentFixtures]

  2828. 

  2829.     def test_api__get_user_workspaces__ok_200__nominal_case(self):

  2830.         """

  2831.         Check obtain all workspaces reachables for user with user auth.

  2832.         """

  2833.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2834.         admin = dbsession.query(models.User) \

  2835.             .filter(models.User.email == 'admin@admin.admin') \

  2836.             .one()

  2837. 

  2838.         workspace_api = WorkspaceApi(

  2839.             session=dbsession,

  2840.             current_user=admin,

  2841.             config=self.app_config,

  2842.         )

  2843.         workspace = workspace_api.get_one(1)

  2844.         app_api = ApplicationApi(

  2845.             app_list

  2846.         )

  2847. 

  2848.         default_sidebar_entry = app_api.get_default_workspace_menu_entry(workspace=workspace)  # nope8

  2849.         self.testapp.authorization = (

  2850.             'Basic',

  2851.             (

  2852.                 'admin@admin.admin',

  2853.                 'admin@admin.admin'

  2854.             )

  2855.         )

  2856.         res = self.testapp.get('/api/v2/users/1/workspaces', status=200)

  2857.         res = res.json_body

  2858.         workspace = res[0]

  2859.         assert workspace['workspace_id'] == 1

  2860.         assert workspace['label'] == 'Business'

  2861.         assert workspace['slug'] == 'business'

  2862.         assert workspace['is_deleted'] is False

  2863. 

  2864.         assert len(workspace['sidebar_entries']) == len(default_sidebar_entry)

  2865.         for counter, sidebar_entry in enumerate(default_sidebar_entry):

  2866.             workspace['sidebar_entries'][counter]['slug'] = sidebar_entry.slug

  2867.             workspace['sidebar_entries'][counter]['label'] = sidebar_entry.label

  2868.             workspace['sidebar_entries'][counter]['route'] = sidebar_entry.route

  2869.             workspace['sidebar_entries'][counter]['hexcolor'] = sidebar_entry.hexcolor  # nopep8

  2870.             workspace['sidebar_entries'][counter]['fa_icon'] = sidebar_entry.fa_icon  # nopep8

  2871. 

  2872.     def test_api__get_user_workspaces__err_403__unallowed_user(self):

  2873.         """

  2874.         Check obtain all workspaces reachables for one user

  2875.         with another non-admin user auth.

  2876.         """

  2877.         self.testapp.authorization = (

  2878.             'Basic',

  2879.             (

  2880.                 'lawrence-not-real-email@fsf.local',

  2881.                 'foobarbaz'

  2882.             )

  2883.         )

  2884.         res = self.testapp.get('/api/v2/users/1/workspaces', status=403)

  2885.         assert isinstance(res.json, dict)

  2886.         assert 'code' in res.json.keys()

  2887.         assert 'message' in res.json.keys()

  2888.         assert 'details' in res.json.keys()

  2889. 

  2890.     def test_api__get_user_workspaces__err_401__unregistered_user(self):

  2891.         """

  2892.         Check obtain all workspaces reachables for one user

  2893.         without correct user auth (user unregistered).

  2894.         """

  2895.         self.testapp.authorization = (

  2896.             'Basic',

  2897.             (

  2898.                 'john@doe.doe',

  2899.                 'lapin'

  2900.             )

  2901.         )

  2902.         res = self.testapp.get('/api/v2/users/1/workspaces', status=401)

  2903.         assert isinstance(res.json, dict)

  2904.         assert 'code' in res.json.keys()

  2905.         assert 'message' in res.json.keys()

  2906.         assert 'details' in res.json.keys()

  2907. 

  2908.     def test_api__get_user_workspaces__err_400__user_does_not_exist(self):

  2909.         """

  2910.         Check obtain all workspaces reachables for one user who does

  2911.         not exist

  2912.         with a correct user auth.

  2913.         """

  2914.         self.testapp.authorization = (

  2915.             'Basic',

  2916.             (

  2917.                 'admin@admin.admin',

  2918.                 'admin@admin.admin'

  2919.             )

  2920.         )

  2921.         res = self.testapp.get('/api/v2/users/5/workspaces', status=400)

  2922.         assert isinstance(res.json, dict)

  2923.         assert 'code' in res.json.keys()

  2924.         assert 'message' in res.json.keys()

  2925.         assert 'details' in res.json.keys()

  2926. 

  2927. 

  2928. class TestUserEndpoint(FunctionalTest):

  2929.     # -*- coding: utf-8 -*-

  2930.     """

  2931.     Tests for GET /api/v2/users/{user_id}

  2932.     """

  2933.     fixtures = [BaseFixture]

  2934. 

  2935.     def test_api__get_user__ok_200__admin(self):

  2936.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2937.         admin = dbsession.query(models.User) \

  2938.             .filter(models.User.email == 'admin@admin.admin') \

  2939.             .one()

  2940.         uapi = UserApi(

  2941.             current_user=admin,

  2942.             session=dbsession,

  2943.             config=self.app_config,

  2944.         )

  2945.         gapi = GroupApi(

  2946.             current_user=admin,

  2947.             session=dbsession,

  2948.             config=self.app_config,

  2949.         )

  2950.         groups = [gapi.get_one_with_name('users')]

  2951.         test_user = uapi.create_user(

  2952.             email='test@test.test',

  2953.             password='pass',

  2954.             name='bob',

  2955.             groups=groups,

  2956.             timezone='Europe/Paris',

  2957.             lang='fr',

  2958.             do_save=True,

  2959.             do_notify=False,

  2960.         )

  2961.         uapi.save(test_user)

  2962.         transaction.commit()

  2963.         user_id = int(test_user.user_id)

  2964. 

  2965.         self.testapp.authorization = (

  2966.             'Basic',

  2967.             (

  2968.                 'admin@admin.admin',

  2969.                 'admin@admin.admin'

  2970.             )

  2971.         )

  2972.         res = self.testapp.get(

  2973.             '/api/v2/users/{}'.format(user_id),

  2974.             status=200

  2975.         )

  2976.         res = res.json_body

  2977.         assert res['user_id'] == user_id

  2978.         assert res['created']

  2979.         assert res['is_active'] is True

  2980.         assert res['profile'] == 'users'

  2981.         assert res['email'] == 'test@test.test'

  2982.         assert res['public_name'] == 'bob'

  2983.         assert res['timezone'] == 'Europe/Paris'

  2984.         assert res['is_deleted'] is False

  2985.         assert res['lang'] == 'fr'

  2986. 

  2987.     def test_api__get_user__ok_200__user_itself(self):

  2988.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  2989.         admin = dbsession.query(models.User) \

  2990.             .filter(models.User.email == 'admin@admin.admin') \

  2991.             .one()

  2992.         uapi = UserApi(

  2993.             current_user=admin,

  2994.             session=dbsession,

  2995.             config=self.app_config,

  2996.         )

  2997.         gapi = GroupApi(

  2998.             current_user=admin,

  2999.             session=dbsession,

  3000.             config=self.app_config,

  3001.         )

  3002.         groups = [gapi.get_one_with_name('users')]

  3003.         test_user = uapi.create_user(

  3004.             email='test@test.test',

  3005.             password='pass',

  3006.             name='bob',

  3007.             groups=groups,

  3008.             timezone='Europe/Paris',

  3009.             lang='fr',

  3010.             do_save=True,

  3011.             do_notify=False,

  3012.         )

  3013.         uapi.save(test_user)

  3014.         transaction.commit()

  3015.         user_id = int(test_user.user_id)

  3016. 

  3017.         self.testapp.authorization = (

  3018.             'Basic',

  3019.             (

  3020.                 'test@test.test',

  3021.                 'pass'

  3022.             )

  3023.         )

  3024.         res = self.testapp.get(

  3025.             '/api/v2/users/{}'.format(user_id),

  3026.             status=200

  3027.         )

  3028.         res = res.json_body

  3029.         assert res['user_id'] == user_id

  3030.         assert res['created']

  3031.         assert res['is_active'] is True

  3032.         assert res['profile'] == 'users'

  3033.         assert res['email'] == 'test@test.test'

  3034.         assert res['public_name'] == 'bob'

  3035.         assert res['timezone'] == 'Europe/Paris'

  3036.         assert res['is_deleted'] is False

  3037. 

  3038.     def test_api__get_user__err_403__other_normal_user(self):

  3039.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3040.         admin = dbsession.query(models.User) \

  3041.             .filter(models.User.email == 'admin@admin.admin') \

  3042.             .one()

  3043.         uapi = UserApi(

  3044.             current_user=admin,

  3045.             session=dbsession,

  3046.             config=self.app_config,

  3047.         )

  3048.         gapi = GroupApi(

  3049.             current_user=admin,

  3050.             session=dbsession,

  3051.             config=self.app_config,

  3052.         )

  3053.         groups = [gapi.get_one_with_name('users')]

  3054.         test_user = uapi.create_user(

  3055.             email='test@test.test',

  3056.             password='pass',

  3057.             name='bob',

  3058.             groups=groups,

  3059.             timezone='Europe/Paris',

  3060.             do_save=True,

  3061.             do_notify=False,

  3062.         )

  3063.         test_user2 = uapi.create_user(

  3064.             email='test2@test2.test2',

  3065.             password='pass',

  3066.             name='bob2',

  3067.             groups=groups,

  3068.             timezone='Europe/Paris',

  3069.             lang='fr',

  3070.             do_save=True,

  3071.             do_notify=False,

  3072.         )

  3073.         uapi.save(test_user2)

  3074.         uapi.save(test_user)

  3075.         transaction.commit()

  3076.         user_id = int(test_user.user_id)

  3077. 

  3078.         self.testapp.authorization = (

  3079.             'Basic',

  3080.             (

  3081.                 'test2@test2.test2',

  3082.                 'pass'

  3083.             )

  3084.         )

  3085.         self.testapp.get(

  3086.             '/api/v2/users/{}'.format(user_id),

  3087.             status=403

  3088.         )

  3089. 

  3090.     def test_api__create_user__ok_200__full_admin(self):

  3091.         self.testapp.authorization = (

  3092.             'Basic',

  3093.             (

  3094.                 'admin@admin.admin',

  3095.                 'admin@admin.admin'

  3096.             )

  3097.         )

  3098.         params = {

  3099.             'email': 'test@test.test',

  3100.             'password': 'mysuperpassword',

  3101.             'profile': 'users',

  3102.             'timezone': 'Europe/Paris',

  3103.             'lang': 'fr',

  3104.             'public_name': 'test user',

  3105.             'email_notification': False,

  3106.         }

  3107.         res = self.testapp.post_json(

  3108.             '/api/v2/users',

  3109.             status=200,

  3110.             params=params,

  3111.         )

  3112.         res = res.json_body

  3113.         assert res['user_id']

  3114.         user_id = res['user_id']

  3115.         assert res['created']

  3116.         assert res['is_active'] is True

  3117.         assert res['profile'] == 'users'

  3118.         assert res['email'] == 'test@test.test'

  3119.         assert res['public_name'] == 'test user'

  3120.         assert res['timezone'] == 'Europe/Paris'

  3121.         assert res['lang'] == 'fr'

  3122.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3123.         admin = dbsession.query(models.User) \

  3124.             .filter(models.User.email == 'admin@admin.admin') \

  3125.             .one()

  3126.         uapi = UserApi(

  3127.             current_user=admin,

  3128.             session=dbsession,

  3129.             config=self.app_config,

  3130.         )

  3131.         user = uapi.get_one(user_id)

  3132.         assert user.email == 'test@test.test'

  3133.         assert user.validate_password('mysuperpassword')

  3134. 

  3135.     def test_api__create_user__ok_200__limited_admin(self):

  3136.         self.testapp.authorization = (

  3137.             'Basic',

  3138.             (

  3139.                 'admin@admin.admin',

  3140.                 'admin@admin.admin'

  3141.             )

  3142.         )

  3143.         params = {

  3144.             'email': 'test@test.test',

  3145.             'email_notification': False,

  3146.         }

  3147.         res = self.testapp.post_json(

  3148.             '/api/v2/users',

  3149.             status=200,

  3150.             params=params,

  3151.         )

  3152.         res = res.json_body

  3153.         assert res['user_id']

  3154.         user_id = res['user_id']

  3155.         assert res['created']

  3156.         assert res['is_active'] is True

  3157.         assert res['profile'] == 'users'

  3158.         assert res['email'] == 'test@test.test'

  3159.         assert res['public_name'] == 'test'

  3160.         assert res['timezone'] == ''

  3161.         assert res['lang'] is None

  3162. 

  3163.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3164.         admin = dbsession.query(models.User) \

  3165.             .filter(models.User.email == 'admin@admin.admin') \

  3166.             .one()

  3167.         uapi = UserApi(

  3168.             current_user=admin,

  3169.             session=dbsession,

  3170.             config=self.app_config,

  3171.         )

  3172.         user = uapi.get_one(user_id)

  3173.         assert user.email == 'test@test.test'

  3174.         assert user.password

  3175. 

  3176.     def test_api__create_user__err_400__email_already_in_db(self):

  3177.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3178.         admin = dbsession.query(models.User) \

  3179.             .filter(models.User.email == 'admin@admin.admin') \

  3180.             .one()

  3181.         uapi = UserApi(

  3182.             current_user=admin,

  3183.             session=dbsession,

  3184.             config=self.app_config,

  3185.         )

  3186.         gapi = GroupApi(

  3187.             current_user=admin,

  3188.             session=dbsession,

  3189.             config=self.app_config,

  3190.         )

  3191.         groups = [gapi.get_one_with_name('users')]

  3192.         test_user = uapi.create_user(

  3193.             email='test@test.test',

  3194.             password='pass',

  3195.             name='bob',

  3196.             groups=groups,

  3197.             timezone='Europe/Paris',

  3198.             lang='fr',

  3199.             do_save=True,

  3200.             do_notify=False,

  3201.         )

  3202.         uapi.save(test_user)

  3203.         transaction.commit()

  3204.         self.testapp.authorization = (

  3205.             'Basic',

  3206.             (

  3207.                 'admin@admin.admin',

  3208.                 'admin@admin.admin'

  3209.             )

  3210.         )

  3211.         params = {

  3212.             'email': 'test@test.test',

  3213.             'password': 'mysuperpassword',

  3214.             'profile': 'users',

  3215.             'timezone': 'Europe/Paris',

  3216.             'lang': 'fr',

  3217.             'public_name': 'test user',

  3218.             'email_notification': False,

  3219.         }

  3220.         res = self.testapp.post_json(

  3221.             '/api/v2/users',

  3222.             status=400,

  3223.             params=params,

  3224.         )

  3225. 

  3226.     def test_api__create_user__err_403__other_user(self):

  3227.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3228.         admin = dbsession.query(models.User) \

  3229.             .filter(models.User.email == 'admin@admin.admin') \

  3230.             .one()

  3231.         uapi = UserApi(

  3232.             current_user=admin,

  3233.             session=dbsession,

  3234.             config=self.app_config,

  3235.         )

  3236.         gapi = GroupApi(

  3237.             current_user=admin,

  3238.             session=dbsession,

  3239.             config=self.app_config,

  3240.         )

  3241.         groups = [gapi.get_one_with_name('users')]

  3242.         test_user = uapi.create_user(

  3243.             email='test@test.test',

  3244.             password='pass',

  3245.             name='bob',

  3246.             groups=groups,

  3247.             timezone='Europe/Paris',

  3248.             lang='fr',

  3249.             do_save=True,

  3250.             do_notify=False,

  3251.         )

  3252.         uapi.save(test_user)

  3253.         transaction.commit()

  3254.         self.testapp.authorization = (

  3255.             'Basic',

  3256.             (

  3257.                 'test@test.test',

  3258.                 'pass',

  3259.             )

  3260.         )

  3261.         params = {

  3262.             'email': 'test2@test2.test2',

  3263.             'password': 'mysuperpassword',

  3264.             'profile': 'users',

  3265.             'timezone': 'Europe/Paris',

  3266.             'public_name': 'test user',

  3267.             'lang': 'fr',

  3268.             'email_notification': False,

  3269.         }

  3270.         res = self.testapp.post_json(

  3271.             '/api/v2/users',

  3272.             status=403,

  3273.             params=params,

  3274.         )

  3275. 

  3276. 

  3277. class TestUserWithNotificationEndpoint(FunctionalTest):

  3278.     """

  3279.     Tests for POST /api/v2/users/{user_id}

  3280.     """

  3281.     config_section = 'functional_test_with_mail_test_sync'

  3282. 

  3283.     def test_api__create_user__ok_200__full_admin_with_notif(self):

  3284.         requests.delete('http://127.0.0.1:8025/api/v1/messages')

  3285.         self.testapp.authorization = (

  3286.             'Basic',

  3287.             (

  3288.                 'admin@admin.admin',

  3289.                 'admin@admin.admin'

  3290.             )

  3291.         )

  3292.         params = {

  3293.             'email': 'test@test.test',

  3294.             'password': 'mysuperpassword',

  3295.             'profile': 'users',

  3296.             'timezone': 'Europe/Paris',

  3297.             'public_name': 'test user',

  3298.             'lang': 'fr',

  3299.             'email_notification': True,

  3300.         }

  3301.         res = self.testapp.post_json(

  3302.             '/api/v2/users',

  3303.             status=200,

  3304.             params=params,

  3305.         )

  3306.         res = res.json_body

  3307.         assert res['user_id']

  3308.         user_id = res['user_id']

  3309.         assert res['created']

  3310.         assert res['is_active'] is True

  3311.         assert res['profile'] == 'users'

  3312.         assert res['email'] == 'test@test.test'

  3313.         assert res['public_name'] == 'test user'

  3314.         assert res['timezone'] == 'Europe/Paris'

  3315.         assert res['lang'] == 'fr'

  3316. 

  3317.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3318.         admin = dbsession.query(models.User) \

  3319.             .filter(models.User.email == 'admin@admin.admin') \

  3320.             .one()

  3321.         uapi = UserApi(

  3322.             current_user=admin,

  3323.             session=dbsession,

  3324.             config=self.app_config,

  3325.         )

  3326.         user = uapi.get_one(user_id)

  3327.         assert user.email == 'test@test.test'

  3328.         assert user.validate_password('mysuperpassword')

  3329. 

  3330.         # check mail received

  3331.         response = requests.get('http://127.0.0.1:8025/api/v1/messages')

  3332.         response = response.json()

  3333.         assert len(response) == 1

  3334.         headers = response[0]['Content']['Headers']

  3335.         assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>'  # nopep8

  3336.         assert headers['To'][0] == 'test user <test@test.test>'

  3337.         assert headers['Subject'][0] == '[TRACIM] Created account'

  3338. 

  3339.         # TODO - G.M - 2018-08-02 - Place cleanup outside of the test

  3340.         requests.delete('http://127.0.0.1:8025/api/v1/messages')

  3341. 

  3342.     def test_api__create_user__ok_200__limited_admin_with_notif(self):

  3343.         requests.delete('http://127.0.0.1:8025/api/v1/messages')

  3344.         self.testapp.authorization = (

  3345.             'Basic',

  3346.             (

  3347.                 'admin@admin.admin',

  3348.                 'admin@admin.admin'

  3349.             )

  3350.         )

  3351.         params = {

  3352.             'email': 'test@test.test',

  3353.             'email_notification': True,

  3354.         }

  3355.         res = self.testapp.post_json(

  3356.             '/api/v2/users',

  3357.             status=200,

  3358.             params=params,

  3359.         )

  3360.         res = res.json_body

  3361.         assert res['user_id']

  3362.         user_id = res['user_id']

  3363.         assert res['created']

  3364.         assert res['is_active'] is True

  3365.         assert res['profile'] == 'users'

  3366.         assert res['email'] == 'test@test.test'

  3367.         assert res['public_name'] == 'test'

  3368.         assert res['timezone'] == ''

  3369.         assert res['lang'] == None

  3370. 

  3371.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3372.         admin = dbsession.query(models.User) \

  3373.             .filter(models.User.email == 'admin@admin.admin') \

  3374.             .one()

  3375.         uapi = UserApi(

  3376.             current_user=admin,

  3377.             session=dbsession,

  3378.             config=self.app_config,

  3379.         )

  3380.         user = uapi.get_one(user_id)

  3381.         assert user.email == 'test@test.test'

  3382.         assert user.password

  3383. 

  3384.         # check mail received

  3385.         response = requests.get('http://127.0.0.1:8025/api/v1/messages')

  3386.         response = response.json()

  3387.         assert len(response) == 1

  3388.         headers = response[0]['Content']['Headers']

  3389.         assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>'  # nopep8

  3390.         assert headers['To'][0] == 'test <test@test.test>'

  3391.         assert headers['Subject'][0] == '[TRACIM] Created account'

  3392. 

  3393.         # TODO - G.M - 2018-08-02 - Place cleanup outside of the test

  3394.         requests.delete('http://127.0.0.1:8025/api/v1/messages')

  3395. 

  3396.     def test_api_delete_user__ok_200__admin(self):

  3397.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3398.         admin = dbsession.query(models.User) \

  3399.             .filter(models.User.email == 'admin@admin.admin') \

  3400.             .one()

  3401.         uapi = UserApi(

  3402.             current_user=admin,

  3403.             session=dbsession,

  3404.             config=self.app_config,

  3405.         )

  3406.         gapi = GroupApi(

  3407.             current_user=admin,

  3408.             session=dbsession,

  3409.             config=self.app_config,

  3410.         )

  3411.         groups = [gapi.get_one_with_name('users')]

  3412.         test_user = uapi.create_user(

  3413.             email='test@test.test',

  3414.             password='pass',

  3415.             name='bob',

  3416.             groups=groups,

  3417.             timezone='Europe/Paris',

  3418.             lang='fr',

  3419.             do_save=True,

  3420.             do_notify=False,

  3421.         )

  3422.         uapi.save(test_user)

  3423.         transaction.commit()

  3424.         user_id = int(test_user.user_id)

  3425. 

  3426.         self.testapp.authorization = (

  3427.             'Basic',

  3428.             (

  3429.                 'admin@admin.admin',

  3430.                 'admin@admin.admin'

  3431.             )

  3432.         )

  3433.         self.testapp.put(

  3434.             '/api/v2/users/{}/delete'.format(user_id),

  3435.             status=204

  3436.         )

  3437.         res = self.testapp.get(

  3438.             '/api/v2/users/{}'.format(user_id),

  3439.             status=200

  3440.         ).json_body

  3441.         assert res['is_deleted'] is True

  3442. 

  3443. 

  3444. class TestUsersEndpoint(FunctionalTest):

  3445.     # -*- coding: utf-8 -*-

  3446.     """

  3447.     Tests for GET /api/v2/users/{user_id}

  3448.     """

  3449.     fixtures = [BaseFixture]

  3450. 

  3451.     def test_api__get_user__ok_200__admin(self):

  3452.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3453.         admin = dbsession.query(models.User) \

  3454.             .filter(models.User.email == 'admin@admin.admin') \

  3455.             .one()

  3456.         uapi = UserApi(

  3457.             current_user=admin,

  3458.             session=dbsession,

  3459.             config=self.app_config,

  3460.         )

  3461.         gapi = GroupApi(

  3462.             current_user=admin,

  3463.             session=dbsession,

  3464.             config=self.app_config,

  3465.         )

  3466.         groups = [gapi.get_one_with_name('users')]

  3467.         test_user = uapi.create_user(

  3468.             email='test@test.test',

  3469.             password='pass',

  3470.             name='bob',

  3471.             groups=groups,

  3472.             timezone='Europe/Paris',

  3473.             lang='fr',

  3474.             do_save=True,

  3475.             do_notify=False,

  3476.         )

  3477.         uapi.save(test_user)

  3478.         transaction.commit()

  3479.         user_id = int(test_user.user_id)

  3480. 

  3481.         self.testapp.authorization = (

  3482.             'Basic',

  3483.             (

  3484.                 'admin@admin.admin',

  3485.                 'admin@admin.admin'

  3486.             )

  3487.         )

  3488.         res = self.testapp.get(

  3489.             '/api/v2/users',

  3490.             status=200

  3491.         )

  3492.         res = res.json_body

  3493.         assert len(res) == 2

  3494.         assert res[0]['user_id'] == admin.user_id

  3495.         assert res[0]['public_name'] == admin.display_name

  3496.         assert res[0]['avatar_url'] is None

  3497. 

  3498.         assert res[1]['user_id'] == test_user.user_id

  3499.         assert res[1]['public_name'] == test_user.display_name

  3500.         assert res[1]['avatar_url'] is None

  3501. 

  3502.     def test_api__get_user__err_403__normal_user(self):

  3503.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3504.         admin = dbsession.query(models.User) \

  3505.             .filter(models.User.email == 'admin@admin.admin') \

  3506.             .one()

  3507.         uapi = UserApi(

  3508.             current_user=admin,

  3509.             session=dbsession,

  3510.             config=self.app_config,

  3511.         )

  3512.         gapi = GroupApi(

  3513.             current_user=admin,

  3514.             session=dbsession,

  3515.             config=self.app_config,

  3516.         )

  3517.         groups = [gapi.get_one_with_name('users')]

  3518.         test_user = uapi.create_user(

  3519.             email='test@test.test',

  3520.             password='pass',

  3521.             name='bob',

  3522.             groups=groups,

  3523.             timezone='Europe/Paris',

  3524.             lang='fr',

  3525.             do_save=True,

  3526.             do_notify=False,

  3527.         )

  3528.         uapi.save(test_user)

  3529.         transaction.commit()

  3530.         user_id = int(test_user.user_id)

  3531. 

  3532.         self.testapp.authorization = (

  3533.             'Basic',

  3534.             (

  3535.                 'test@test.test',

  3536.                 'pass'

  3537.             )

  3538.         )

  3539.         self.testapp.get(

  3540.             '/api/v2/users',

  3541.             status=403

  3542.         )

  3543. 

  3544. 

  3545. class TestKnownMembersEndpoint(FunctionalTest):

  3546.     # -*- coding: utf-8 -*-

  3547.     """

  3548.     Tests for GET /api/v2/users/{user_id}

  3549.     """

  3550.     fixtures = [BaseFixture]

  3551. 

  3552.     def test_api__get_user__ok_200__admin__by_name(self):

  3553.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3554.         admin = dbsession.query(models.User) \

  3555.             .filter(models.User.email == 'admin@admin.admin') \

  3556.             .one()

  3557.         uapi = UserApi(

  3558.             current_user=admin,

  3559.             session=dbsession,

  3560.             config=self.app_config,

  3561.         )

  3562.         gapi = GroupApi(

  3563.             current_user=admin,

  3564.             session=dbsession,

  3565.             config=self.app_config,

  3566.         )

  3567.         groups = [gapi.get_one_with_name('users')]

  3568.         test_user = uapi.create_user(

  3569.             email='test@test.test',

  3570.             password='pass',

  3571.             name='bob',

  3572.             groups=groups,

  3573.             timezone='Europe/Paris',

  3574.             lang='fr',

  3575.             do_save=True,

  3576.             do_notify=False,

  3577.         )

  3578.         test_user2 = uapi.create_user(

  3579.             email='test2@test2.test2',

  3580.             password='pass',

  3581.             name='bob2',

  3582.             groups=groups,

  3583.             timezone='Europe/Paris',

  3584.             lang='fr',

  3585.             do_save=True,

  3586.             do_notify=False,

  3587.         )

  3588.         uapi.save(test_user)

  3589.         uapi.save(test_user2)

  3590.         transaction.commit()

  3591.         user_id = int(admin.user_id)

  3592. 

  3593.         self.testapp.authorization = (

  3594.             'Basic',

  3595.             (

  3596.                 'admin@admin.admin',

  3597.                 'admin@admin.admin'

  3598.             )

  3599.         )

  3600.         params = {

  3601.             'acp': 'bob',

  3602.         }

  3603.         res = self.testapp.get(

  3604.             '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),

  3605.             status=200,

  3606.             params=params,

  3607.         )

  3608.         res = res.json_body

  3609.         assert len(res) == 2

  3610.         assert res[0]['user_id'] == test_user.user_id

  3611.         assert res[0]['public_name'] == test_user.display_name

  3612.         assert res[0]['avatar_url'] is None

  3613. 

  3614.         assert res[1]['user_id'] == test_user2.user_id

  3615.         assert res[1]['public_name'] == test_user2.display_name

  3616.         assert res[1]['avatar_url'] is None

  3617. 

  3618.     def test_api__get_user__ok_200__admin__by_email(self):

  3619.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3620.         admin = dbsession.query(models.User) \

  3621.             .filter(models.User.email == 'admin@admin.admin') \

  3622.             .one()

  3623.         uapi = UserApi(

  3624.             current_user=admin,

  3625.             session=dbsession,

  3626.             config=self.app_config,

  3627.         )

  3628.         gapi = GroupApi(

  3629.             current_user=admin,

  3630.             session=dbsession,

  3631.             config=self.app_config,

  3632.         )

  3633.         groups = [gapi.get_one_with_name('users')]

  3634.         test_user = uapi.create_user(

  3635.             email='test@test.test',

  3636.             password='pass',

  3637.             name='bob',

  3638.             groups=groups,

  3639.             timezone='Europe/Paris',

  3640.             lang='fr',

  3641.             do_save=True,

  3642.             do_notify=False,

  3643.         )

  3644.         test_user2 = uapi.create_user(

  3645.             email='test2@test2.test2',

  3646.             password='pass',

  3647.             name='bob2',

  3648.             groups=groups,

  3649.             timezone='Europe/Paris',

  3650.             lang='fr',

  3651.             do_save=True,

  3652.             do_notify=False,

  3653.         )

  3654.         uapi.save(test_user)

  3655.         uapi.save(test_user2)

  3656.         transaction.commit()

  3657.         user_id = int(admin.user_id)

  3658. 

  3659.         self.testapp.authorization = (

  3660.             'Basic',

  3661.             (

  3662.                 'admin@admin.admin',

  3663.                 'admin@admin.admin'

  3664.             )

  3665.         )

  3666.         params = {

  3667.             'acp': 'test',

  3668.         }

  3669.         res = self.testapp.get(

  3670.             '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),

  3671.             status=200,

  3672.             params=params,

  3673.         )

  3674.         res = res.json_body

  3675.         assert len(res) == 2

  3676.         assert res[0]['user_id'] == test_user.user_id

  3677.         assert res[0]['public_name'] == test_user.display_name

  3678.         assert res[0]['avatar_url'] is None

  3679. 

  3680.         assert res[1]['user_id'] == test_user2.user_id

  3681.         assert res[1]['public_name'] == test_user2.display_name

  3682.         assert res[1]['avatar_url'] is None

  3683. 

  3684.     def test_api__get_user__err_403__admin__too_small_acp(self):

  3685.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3686.         admin = dbsession.query(models.User) \

  3687.             .filter(models.User.email == 'admin@admin.admin') \

  3688.             .one()

  3689.         uapi = UserApi(

  3690.             current_user=admin,

  3691.             session=dbsession,

  3692.             config=self.app_config,

  3693.         )

  3694.         gapi = GroupApi(

  3695.             current_user=admin,

  3696.             session=dbsession,

  3697.             config=self.app_config,

  3698.         )

  3699.         groups = [gapi.get_one_with_name('users')]

  3700.         test_user = uapi.create_user(

  3701.             email='test@test.test',

  3702.             password='pass',

  3703.             name='bob',

  3704.             groups=groups,

  3705.             timezone='Europe/Paris',

  3706.             lang='fr',

  3707.             do_save=True,

  3708.             do_notify=False,

  3709.         )

  3710.         test_user2 = uapi.create_user(

  3711.             email='test2@test2.test2',

  3712.             password='pass',

  3713.             name='bob2',

  3714.             groups=groups,

  3715.             timezone='Europe/Paris',

  3716.             lang='fr',

  3717.             do_save=True,

  3718.             do_notify=False,

  3719.         )

  3720.         uapi.save(test_user)

  3721.         transaction.commit()

  3722.         user_id = int(admin.user_id)

  3723. 

  3724.         self.testapp.authorization = (

  3725.             'Basic',

  3726.             (

  3727.                 'admin@admin.admin',

  3728.                 'admin@admin.admin'

  3729.             )

  3730.         )

  3731.         params = {

  3732.             'acp': 't',

  3733.         }

  3734.         res = self.testapp.get(

  3735.             '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),

  3736.             status=400,

  3737.             params=params

  3738.         )

  3739. 

  3740.     def test_api__get_user__ok_200__normal_user_by_email(self):

  3741.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3742.         admin = dbsession.query(models.User) \

  3743.             .filter(models.User.email == 'admin@admin.admin') \

  3744.             .one()

  3745.         uapi = UserApi(

  3746.             current_user=admin,

  3747.             session=dbsession,

  3748.             config=self.app_config,

  3749.         )

  3750.         gapi = GroupApi(

  3751.             current_user=admin,

  3752.             session=dbsession,

  3753.             config=self.app_config,

  3754.         )

  3755.         groups = [gapi.get_one_with_name('users')]

  3756.         test_user = uapi.create_user(

  3757.             email='test@test.test',

  3758.             password='pass',

  3759.             name='bob',

  3760.             groups=groups,

  3761.             timezone='Europe/Paris',

  3762.             lang='fr',

  3763.             do_save=True,

  3764.             do_notify=False,

  3765.         )

  3766.         test_user2 = uapi.create_user(

  3767.             email='test2@test2.test2',

  3768.             password='pass',

  3769.             name='bob2',

  3770.             groups=groups,

  3771.             timezone='Europe/Paris',

  3772.             lang='fr',

  3773.             do_save=True,

  3774.             do_notify=False,

  3775.         )

  3776.         test_user3 = uapi.create_user(

  3777.             email='test3@test3.test3',

  3778.             password='pass',

  3779.             name='bob3',

  3780.             groups=groups,

  3781.             timezone='Europe/Paris',

  3782.             lang='fr',

  3783.             do_save=True,

  3784.             do_notify=False,

  3785.         )

  3786.         uapi.save(test_user)

  3787.         uapi.save(test_user2)

  3788.         uapi.save(test_user3)

  3789.         workspace_api = WorkspaceApi(

  3790.             current_user=admin,

  3791.             session=dbsession,

  3792.             config=self.app_config

  3793. 

  3794.         )

  3795.         workspace = WorkspaceApi(

  3796.             current_user=admin,

  3797.             session=dbsession,

  3798.             config=self.app_config,

  3799.         ).create_workspace(

  3800.             'test workspace',

  3801.             save_now=True

  3802.         )

  3803.         role_api = RoleApi(

  3804.             current_user=admin,

  3805.             session=dbsession,

  3806.             config=self.app_config,

  3807.         )

  3808.         role_api.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)

  3809.         role_api.create_one(test_user2, workspace, UserRoleInWorkspace.READER, False)

  3810.         transaction.commit()

  3811.         user_id = int(test_user.user_id)

  3812. 

  3813.         self.testapp.authorization = (

  3814.             'Basic',

  3815.             (

  3816.                 'test@test.test',

  3817.                 'pass'

  3818.             )

  3819.         )

  3820.         params = {

  3821.             'acp': 'test',

  3822.         }

  3823.         res = self.testapp.get(

  3824.             '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),

  3825.             status=200,

  3826.             params=params

  3827.         )

  3828.         res = res.json_body

  3829.         assert len(res) == 2

  3830.         assert res[0]['user_id'] == test_user.user_id

  3831.         assert res[0]['public_name'] == test_user.display_name

  3832.         assert res[0]['avatar_url'] is None

  3833. 

  3834.         assert res[1]['user_id'] == test_user2.user_id

  3835.         assert res[1]['public_name'] == test_user2.display_name

  3836.         assert res[1]['avatar_url'] is None

  3837. 

  3838. 

  3839. class TestSetEmailEndpoint(FunctionalTest):

  3840.     # -*- coding: utf-8 -*-

  3841.     """

  3842.     Tests for PUT /api/v2/users/{user_id}/email

  3843.     """

  3844.     fixtures = [BaseFixture]

  3845. 

  3846.     def test_api__set_user_email__ok_200__admin(self):

  3847.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3848.         admin = dbsession.query(models.User) \

  3849.             .filter(models.User.email == 'admin@admin.admin') \

  3850.             .one()

  3851.         uapi = UserApi(

  3852.             current_user=admin,

  3853.             session=dbsession,

  3854.             config=self.app_config,

  3855.         )

  3856.         gapi = GroupApi(

  3857.             current_user=admin,

  3858.             session=dbsession,

  3859.             config=self.app_config,

  3860.         )

  3861.         groups = [gapi.get_one_with_name('users')]

  3862.         test_user = uapi.create_user(

  3863.             email='test@test.test',

  3864.             password='pass',

  3865.             name='bob',

  3866.             groups=groups,

  3867.             timezone='Europe/Paris',

  3868.             lang='fr',

  3869.             do_save=True,

  3870.             do_notify=False,

  3871.         )

  3872.         uapi.save(test_user)

  3873.         transaction.commit()

  3874.         user_id = int(test_user.user_id)

  3875. 

  3876.         self.testapp.authorization = (

  3877.             'Basic',

  3878.             (

  3879.                 'admin@admin.admin',

  3880.                 'admin@admin.admin'

  3881.             )

  3882.         )

  3883.         # check before

  3884.         res = self.testapp.get(

  3885.             '/api/v2/users/{}'.format(user_id),

  3886.             status=200

  3887.         )

  3888.         res = res.json_body

  3889.         assert res['email'] == 'test@test.test'

  3890. 

  3891.         # Set password

  3892.         params = {

  3893.             'email': 'mysuperemail@email.fr',

  3894.             'loggedin_user_password': 'admin@admin.admin',

  3895.         }

  3896.         self.testapp.put_json(

  3897.             '/api/v2/users/{}/email'.format(user_id),

  3898.             params=params,

  3899.             status=200,

  3900.         )

  3901.         # Check After

  3902.         res = self.testapp.get(

  3903.             '/api/v2/users/{}'.format(user_id),

  3904.             status=200

  3905.         )

  3906.         res = res.json_body

  3907.         assert res['email'] == 'mysuperemail@email.fr'

  3908. 

  3909.     def test_api__set_user_email__err_400__admin_same_email(self):

  3910.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3911.         admin = dbsession.query(models.User) \

  3912.             .filter(models.User.email == 'admin@admin.admin') \

  3913.             .one()

  3914.         uapi = UserApi(

  3915.             current_user=admin,

  3916.             session=dbsession,

  3917.             config=self.app_config,

  3918.         )

  3919.         gapi = GroupApi(

  3920.             current_user=admin,

  3921.             session=dbsession,

  3922.             config=self.app_config,

  3923.         )

  3924.         groups = [gapi.get_one_with_name('users')]

  3925.         test_user = uapi.create_user(

  3926.             email='test@test.test',

  3927.             password='pass',

  3928.             name='bob',

  3929.             groups=groups,

  3930.             timezone='Europe/Paris',

  3931.             lang='fr',

  3932.             do_save=True,

  3933.             do_notify=False,

  3934.         )

  3935.         uapi.save(test_user)

  3936.         transaction.commit()

  3937.         user_id = int(test_user.user_id)

  3938. 

  3939.         self.testapp.authorization = (

  3940.             'Basic',

  3941.             (

  3942.                 'admin@admin.admin',

  3943.                 'admin@admin.admin'

  3944.             )

  3945.         )

  3946.         # check before

  3947.         res = self.testapp.get(

  3948.             '/api/v2/users/{}'.format(user_id),

  3949.             status=200

  3950.         )

  3951.         res = res.json_body

  3952.         assert res['email'] == 'test@test.test'

  3953. 

  3954.         # Set password

  3955.         params = {

  3956.             'email': 'admin@admin.admin',

  3957.             'loggedin_user_password': 'admin@admin.admin',

  3958.         }

  3959.         self.testapp.put_json(

  3960.             '/api/v2/users/{}/email'.format(user_id),

  3961.             params=params,

  3962.             status=400,

  3963.         )

  3964.         # Check After

  3965.         res = self.testapp.get(

  3966.             '/api/v2/users/{}'.format(user_id),

  3967.             status=200

  3968.         )

  3969.         res = res.json_body

  3970.         assert res['email'] == 'test@test.test'

  3971. 

  3972.     def test_api__set_user_email__err_403__admin_wrong_password(self):

  3973.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  3974.         admin = dbsession.query(models.User) \

  3975.             .filter(models.User.email == 'admin@admin.admin') \

  3976.             .one()

  3977.         uapi = UserApi(

  3978.             current_user=admin,

  3979.             session=dbsession,

  3980.             config=self.app_config,

  3981.         )

  3982.         gapi = GroupApi(

  3983.             current_user=admin,

  3984.             session=dbsession,

  3985.             config=self.app_config,

  3986.         )

  3987.         groups = [gapi.get_one_with_name('users')]

  3988.         test_user = uapi.create_user(

  3989.             email='test@test.test',

  3990.             password='pass',

  3991.             name='bob',

  3992.             groups=groups,

  3993.             timezone='Europe/Paris',

  3994.             lang='fr',

  3995.             do_save=True,

  3996.             do_notify=False,

  3997.         )

  3998.         uapi.save(test_user)

  3999.         transaction.commit()

  4000.         user_id = int(test_user.user_id)

  4001. 

  4002.         self.testapp.authorization = (

  4003.             'Basic',

  4004.             (

  4005.                 'admin@admin.admin',

  4006.                 'admin@admin.admin'

  4007.             )

  4008.         )

  4009.         # check before

  4010.         res = self.testapp.get(

  4011.             '/api/v2/users/{}'.format(user_id),

  4012.             status=200

  4013.         )

  4014.         res = res.json_body

  4015.         assert res['email'] == 'test@test.test'

  4016. 

  4017.         # Set password

  4018.         params = {

  4019.             'email': 'mysuperemail@email.fr',

  4020.             'loggedin_user_password': 'badpassword',

  4021.         }

  4022.         self.testapp.put_json(

  4023.             '/api/v2/users/{}/email'.format(user_id),

  4024.             params=params,

  4025.             status=403,

  4026.         )

  4027.         # Check After

  4028.         res = self.testapp.get(

  4029.             '/api/v2/users/{}'.format(user_id),

  4030.             status=200

  4031.         )

  4032.         res = res.json_body

  4033.         assert res['email'] == 'test@test.test'

  4034. 

  4035.     def test_api__set_user_email__err_400__admin_string_is_not_email(self):

  4036.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4037.         admin = dbsession.query(models.User) \

  4038.             .filter(models.User.email == 'admin@admin.admin') \

  4039.             .one()

  4040.         uapi = UserApi(

  4041.             current_user=admin,

  4042.             session=dbsession,

  4043.             config=self.app_config,

  4044.         )

  4045.         gapi = GroupApi(

  4046.             current_user=admin,

  4047.             session=dbsession,

  4048.             config=self.app_config,

  4049.         )

  4050.         groups = [gapi.get_one_with_name('users')]

  4051.         test_user = uapi.create_user(

  4052.             email='test@test.test',

  4053.             password='pass',

  4054.             name='bob',

  4055.             groups=groups,

  4056.             timezone='Europe/Paris',

  4057.             lang='fr',

  4058.             do_save=True,

  4059.             do_notify=False,

  4060.         )

  4061.         uapi.save(test_user)

  4062.         transaction.commit()

  4063.         user_id = int(test_user.user_id)

  4064. 

  4065.         self.testapp.authorization = (

  4066.             'Basic',

  4067.             (

  4068.                 'admin@admin.admin',

  4069.                 'admin@admin.admin'

  4070.             )

  4071.         )

  4072.         # check before

  4073.         res = self.testapp.get(

  4074.             '/api/v2/users/{}'.format(user_id),

  4075.             status=200

  4076.         )

  4077.         res = res.json_body

  4078.         assert res['email'] == 'test@test.test'

  4079. 

  4080.         # Set password

  4081.         params = {

  4082.             'email': 'thatisnotandemail',

  4083.             'loggedin_user_password': 'admin@admin.admin',

  4084.         }

  4085.         self.testapp.put_json(

  4086.             '/api/v2/users/{}/email'.format(user_id),

  4087.             params=params,

  4088.             status=400,

  4089.         )

  4090.         # Check After

  4091.         res = self.testapp.get(

  4092.             '/api/v2/users/{}'.format(user_id),

  4093.             status=200

  4094.         )

  4095.         res = res.json_body

  4096.         assert res['email'] == 'test@test.test'

  4097. 

  4098.     def test_api__set_user_email__ok_200__user_itself(self):

  4099.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4100.         admin = dbsession.query(models.User) \

  4101.             .filter(models.User.email == 'admin@admin.admin') \

  4102.             .one()

  4103.         uapi = UserApi(

  4104.             current_user=admin,

  4105.             session=dbsession,

  4106.             config=self.app_config,

  4107.         )

  4108.         gapi = GroupApi(

  4109.             current_user=admin,

  4110.             session=dbsession,

  4111.             config=self.app_config,

  4112.         )

  4113.         groups = [gapi.get_one_with_name('users')]

  4114.         test_user = uapi.create_user(

  4115.             email='test@test.test',

  4116.             password='pass',

  4117.             name='bob',

  4118.             groups=groups,

  4119.             timezone='Europe/Paris',

  4120.             lang='fr',

  4121.             do_save=True,

  4122.             do_notify=False,

  4123.         )

  4124.         uapi.save(test_user)

  4125.         transaction.commit()

  4126.         user_id = int(test_user.user_id)

  4127. 

  4128.         self.testapp.authorization = (

  4129.             'Basic',

  4130.             (

  4131.                 'test@test.test',

  4132.                 'pass'

  4133.             )

  4134.         )

  4135.         # check before

  4136.         res = self.testapp.get(

  4137.             '/api/v2/users/{}'.format(user_id),

  4138.             status=200

  4139.         )

  4140.         res = res.json_body

  4141.         assert res['email'] == 'test@test.test'

  4142. 

  4143.         # Set password

  4144.         params = {

  4145.             'email': 'mysuperemail@email.fr',

  4146.             'loggedin_user_password': 'pass',

  4147.         }

  4148.         self.testapp.put_json(

  4149.             '/api/v2/users/{}/email'.format(user_id),

  4150.             params=params,

  4151.             status=200,

  4152.         )

  4153.         self.testapp.authorization = (

  4154.             'Basic',

  4155.             (

  4156.                 'mysuperemail@email.fr',

  4157.                 'pass'

  4158.             )

  4159.         )

  4160.         # Check After

  4161.         res = self.testapp.get(

  4162.             '/api/v2/users/{}'.format(user_id),

  4163.             status=200

  4164.         )

  4165.         res = res.json_body

  4166.         assert res['email'] == 'mysuperemail@email.fr'

  4167. 

  4168.     def test_api__set_user_email__err_403__other_normal_user(self):

  4169.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4170.         admin = dbsession.query(models.User) \

  4171.             .filter(models.User.email == 'admin@admin.admin') \

  4172.             .one()

  4173.         uapi = UserApi(

  4174.             current_user=admin,

  4175.             session=dbsession,

  4176.             config=self.app_config,

  4177.         )

  4178.         gapi = GroupApi(

  4179.             current_user=admin,

  4180.             session=dbsession,

  4181.             config=self.app_config,

  4182.         )

  4183.         groups = [gapi.get_one_with_name('users')]

  4184.         test_user = uapi.create_user(

  4185.             email='test@test.test',

  4186.             password='pass',

  4187.             name='bob',

  4188.             groups=groups,

  4189.             timezone='Europe/Paris',

  4190.             lang='fr',

  4191.             do_save=True,

  4192.             do_notify=False,

  4193.         )

  4194.         test_user2 = uapi.create_user(

  4195.             email='test2@test2.test2',

  4196.             password='pass',

  4197.             name='bob2',

  4198.             groups=groups,

  4199.             timezone='Europe/Paris',

  4200.             lang='fr',

  4201.             do_save=True,

  4202.             do_notify=False,

  4203.         )

  4204.         uapi.save(test_user2)

  4205.         uapi.save(test_user)

  4206.         transaction.commit()

  4207.         user_id = int(test_user.user_id)

  4208. 

  4209.         self.testapp.authorization = (

  4210.             'Basic',

  4211.             (

  4212.                 'test@test.test',

  4213.                 'pass'

  4214.             )

  4215.         )

  4216.         # Set password

  4217.         params = {

  4218.             'email': 'mysuperemail@email.fr',

  4219.             'loggedin_user_password': 'test2@test2.test2',

  4220.         }

  4221.         self.testapp.put_json(

  4222.             '/api/v2/users/{}/email'.format(user_id),

  4223.             params=params,

  4224.             status=403,

  4225.         )

  4226. 

  4227. 

  4228. class TestSetPasswordEndpoint(FunctionalTest):

  4229.     # -*- coding: utf-8 -*-

  4230.     """

  4231.     Tests for PUT /api/v2/users/{user_id}/password

  4232.     """

  4233.     fixtures = [BaseFixture]

  4234. 

  4235.     def test_api__set_user_password__ok_200__admin(self):

  4236.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4237.         admin = dbsession.query(models.User) \

  4238.             .filter(models.User.email == 'admin@admin.admin') \

  4239.             .one()

  4240.         uapi = UserApi(

  4241.             current_user=admin,

  4242.             session=dbsession,

  4243.             config=self.app_config,

  4244.         )

  4245.         gapi = GroupApi(

  4246.             current_user=admin,

  4247.             session=dbsession,

  4248.             config=self.app_config,

  4249.         )

  4250.         groups = [gapi.get_one_with_name('users')]

  4251.         test_user = uapi.create_user(

  4252.             email='test@test.test',

  4253.             password='pass',

  4254.             name='bob',

  4255.             groups=groups,

  4256.             timezone='Europe/Paris',

  4257.             lang='fr',

  4258.             do_save=True,

  4259.             do_notify=False,

  4260.         )

  4261.         uapi.save(test_user)

  4262.         transaction.commit()

  4263.         user_id = int(test_user.user_id)

  4264. 

  4265.         self.testapp.authorization = (

  4266.             'Basic',

  4267.             (

  4268.                 'admin@admin.admin',

  4269.                 'admin@admin.admin'

  4270.             )

  4271.         )

  4272.         # check before

  4273.         user = uapi.get_one(user_id)

  4274.         assert user.validate_password('pass')

  4275.         assert not user.validate_password('mynewpassword')

  4276.         # Set password

  4277.         params = {

  4278.             'new_password': 'mynewpassword',

  4279.             'new_password2': 'mynewpassword',

  4280.             'loggedin_user_password': 'admin@admin.admin',

  4281.         }

  4282.         self.testapp.put_json(

  4283.             '/api/v2/users/{}/password'.format(user_id),

  4284.             params=params,

  4285.             status=204,

  4286.         )

  4287.         # Check After

  4288.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4289.         uapi = UserApi(

  4290.             current_user=admin,

  4291.             session=dbsession,

  4292.             config=self.app_config,

  4293.         )

  4294.         user = uapi.get_one(user_id)

  4295.         assert not user.validate_password('pass')

  4296.         assert user.validate_password('mynewpassword')

  4297. 

  4298.     def test_api__set_user_password__err_403__admin_wrong_password(self):

  4299.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4300.         admin = dbsession.query(models.User) \

  4301.             .filter(models.User.email == 'admin@admin.admin') \

  4302.             .one()

  4303.         uapi = UserApi(

  4304.             current_user=admin,

  4305.             session=dbsession,

  4306.             config=self.app_config,

  4307.         )

  4308.         gapi = GroupApi(

  4309.             current_user=admin,

  4310.             session=dbsession,

  4311.             config=self.app_config,

  4312.         )

  4313.         groups = [gapi.get_one_with_name('users')]

  4314.         test_user = uapi.create_user(

  4315.             email='test@test.test',

  4316.             password='pass',

  4317.             name='bob',

  4318.             groups=groups,

  4319.             timezone='Europe/Paris',

  4320.             lang='fr',

  4321.             do_save=True,

  4322.             do_notify=False,

  4323.         )

  4324.         uapi.save(test_user)

  4325.         transaction.commit()

  4326.         user_id = int(test_user.user_id)

  4327. 

  4328.         self.testapp.authorization = (

  4329.             'Basic',

  4330.             (

  4331.                 'admin@admin.admin',

  4332.                 'admin@admin.admin'

  4333.             )

  4334.         )

  4335.         # check before

  4336.         user = uapi.get_one(user_id)

  4337.         assert user.validate_password('pass')

  4338.         assert not user.validate_password('mynewpassword')

  4339.         # Set password

  4340.         params = {

  4341.             'new_password': 'mynewpassword',

  4342.             'new_password2': 'mynewpassword',

  4343.             'loggedin_user_password': 'wrongpassword',

  4344.         }

  4345.         self.testapp.put_json(

  4346.             '/api/v2/users/{}/password'.format(user_id),

  4347.             params=params,

  4348.             status=403,

  4349.         )

  4350.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4351.         uapi = UserApi(

  4352.             current_user=admin,

  4353.             session=dbsession,

  4354.             config=self.app_config,

  4355.         )

  4356.         # Check After

  4357.         user = uapi.get_one(user_id)

  4358.         assert user.validate_password('pass')

  4359.         assert not user.validate_password('mynewpassword')

  4360. 

  4361.     def test_api__set_user_password__err_400__admin_passwords_do_not_match(self):  # nopep8

  4362.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4363.         admin = dbsession.query(models.User) \

  4364.             .filter(models.User.email == 'admin@admin.admin') \

  4365.             .one()

  4366.         uapi = UserApi(

  4367.             current_user=admin,

  4368.             session=dbsession,

  4369.             config=self.app_config,

  4370.         )

  4371.         gapi = GroupApi(

  4372.             current_user=admin,

  4373.             session=dbsession,

  4374.             config=self.app_config,

  4375.         )

  4376.         groups = [gapi.get_one_with_name('users')]

  4377.         test_user = uapi.create_user(

  4378.             email='test@test.test',

  4379.             password='pass',

  4380.             name='bob',

  4381.             groups=groups,

  4382.             timezone='Europe/Paris',

  4383.             lang='fr',

  4384.             do_save=True,

  4385.             do_notify=False,

  4386.         )

  4387.         uapi.save(test_user)

  4388.         transaction.commit()

  4389.         user_id = int(test_user.user_id)

  4390. 

  4391.         self.testapp.authorization = (

  4392.             'Basic',

  4393.             (

  4394.                 'admin@admin.admin',

  4395.                 'admin@admin.admin'

  4396.             )

  4397.         )

  4398.         # check before

  4399.         user = uapi.get_one(user_id)

  4400.         assert user.validate_password('pass')

  4401.         assert not user.validate_password('mynewpassword')

  4402.         assert not user.validate_password('mynewpassword2')

  4403.         # Set password

  4404.         params = {

  4405.             'new_password': 'mynewpassword',

  4406.             'new_password2': 'mynewpassword2',

  4407.             'loggedin_user_password': 'admin@admin.admin',

  4408.         }

  4409.         self.testapp.put_json(

  4410.             '/api/v2/users/{}/password'.format(user_id),

  4411.             params=params,

  4412.             status=400,

  4413.         )

  4414.         # Check After

  4415.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4416.         uapi = UserApi(

  4417.             current_user=admin,

  4418.             session=dbsession,

  4419.             config=self.app_config,

  4420.         )

  4421.         user = uapi.get_one(user_id)

  4422.         assert user.validate_password('pass')

  4423.         assert not user.validate_password('mynewpassword')

  4424.         assert not user.validate_password('mynewpassword2')

  4425. 

  4426.     def test_api__set_user_password__ok_200__user_itself(self):

  4427.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4428.         admin = dbsession.query(models.User) \

  4429.             .filter(models.User.email == 'admin@admin.admin') \

  4430.             .one()

  4431.         uapi = UserApi(

  4432.             current_user=admin,

  4433.             session=dbsession,

  4434.             config=self.app_config,

  4435.         )

  4436.         gapi = GroupApi(

  4437.             current_user=admin,

  4438.             session=dbsession,

  4439.             config=self.app_config,

  4440.         )

  4441.         groups = [gapi.get_one_with_name('users')]

  4442.         test_user = uapi.create_user(

  4443.             email='test@test.test',

  4444.             password='pass',

  4445.             name='bob',

  4446.             groups=groups,

  4447.             timezone='Europe/Paris',

  4448.             lang='fr',

  4449.             do_save=True,

  4450.             do_notify=False,

  4451.         )

  4452.         uapi.save(test_user)

  4453.         transaction.commit()

  4454.         user_id = int(test_user.user_id)

  4455. 

  4456.         self.testapp.authorization = (

  4457.             'Basic',

  4458.             (

  4459.                 'test@test.test',

  4460.                 'pass'

  4461.             )

  4462.         )

  4463.         # check before

  4464.         user = uapi.get_one(user_id)

  4465.         assert user.validate_password('pass')

  4466.         assert not user.validate_password('mynewpassword')

  4467.         # Set password

  4468.         params = {

  4469.             'new_password': 'mynewpassword',

  4470.             'new_password2': 'mynewpassword',

  4471.             'loggedin_user_password': 'pass',

  4472.         }

  4473.         self.testapp.put_json(

  4474.             '/api/v2/users/{}/password'.format(user_id),

  4475.             params=params,

  4476.             status=204,

  4477.         )

  4478.         # Check After

  4479.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4480.         uapi = UserApi(

  4481.             current_user=admin,

  4482.             session=dbsession,

  4483.             config=self.app_config,

  4484.         )

  4485.         user = uapi.get_one(user_id)

  4486.         assert not user.validate_password('pass')

  4487.         assert user.validate_password('mynewpassword')

  4488. 

  4489.     def test_api__set_user_email__err_403__other_normal_user(self):

  4490.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4491.         admin = dbsession.query(models.User) \

  4492.             .filter(models.User.email == 'admin@admin.admin') \

  4493.             .one()

  4494.         uapi = UserApi(

  4495.             current_user=admin,

  4496.             session=dbsession,

  4497.             config=self.app_config,

  4498.         )

  4499.         gapi = GroupApi(

  4500.             current_user=admin,

  4501.             session=dbsession,

  4502.             config=self.app_config,

  4503.         )

  4504.         groups = [gapi.get_one_with_name('users')]

  4505.         test_user = uapi.create_user(

  4506.             email='test@test.test',

  4507.             password='pass',

  4508.             name='bob',

  4509.             groups=groups,

  4510.             lang='fr',

  4511.             timezone='Europe/Paris',

  4512.             do_save=True,

  4513.             do_notify=False,

  4514.         )

  4515.         test_user2 = uapi.create_user(

  4516.             email='test2@test2.test2',

  4517.             password='pass',

  4518.             name='bob2',

  4519.             groups=groups,

  4520.             timezone='Europe/Paris',

  4521.             lang='fr',

  4522.             do_save=True,

  4523.             do_notify=False,

  4524.         )

  4525.         uapi.save(test_user2)

  4526.         uapi.save(test_user)

  4527.         transaction.commit()

  4528.         user_id = int(test_user.user_id)

  4529. 

  4530.         self.testapp.authorization = (

  4531.             'Basic',

  4532.             (

  4533.                 'test@test.test',

  4534.                 'pass'

  4535.             )

  4536.         )

  4537.         # Set password

  4538.         params = {

  4539.             'email': 'mysuperemail@email.fr',

  4540.             'loggedin_user_password': 'test2@test2.test2',

  4541.         }

  4542.         self.testapp.put_json(

  4543.             '/api/v2/users/{}/email'.format(user_id),

  4544.             params=params,

  4545.             status=403,

  4546.         )

  4547. 

  4548. 

  4549. class TestSetUserInfoEndpoint(FunctionalTest):

  4550.     # -*- coding: utf-8 -*-

  4551.     """

  4552.     Tests for PUT /api/v2/users/{user_id}

  4553.     """

  4554.     fixtures = [BaseFixture]

  4555. 

  4556.     def test_api__set_user_info__ok_200__admin(self):

  4557.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4558.         admin = dbsession.query(models.User) \

  4559.             .filter(models.User.email == 'admin@admin.admin') \

  4560.             .one()

  4561.         uapi = UserApi(

  4562.             current_user=admin,

  4563.             session=dbsession,

  4564.             config=self.app_config,

  4565.         )

  4566.         gapi = GroupApi(

  4567.             current_user=admin,

  4568.             session=dbsession,

  4569.             config=self.app_config,

  4570.         )

  4571.         groups = [gapi.get_one_with_name('users')]

  4572.         test_user = uapi.create_user(

  4573.             email='test@test.test',

  4574.             password='pass',

  4575.             name='bob',

  4576.             groups=groups,

  4577.             timezone='Europe/Paris',

  4578.             lang='fr',

  4579.             do_save=True,

  4580.             do_notify=False,

  4581.         )

  4582.         uapi.save(test_user)

  4583.         transaction.commit()

  4584.         user_id = int(test_user.user_id)

  4585. 

  4586.         self.testapp.authorization = (

  4587.             'Basic',

  4588.             (

  4589.                 'admin@admin.admin',

  4590.                 'admin@admin.admin'

  4591.             )

  4592.         )

  4593.         # check before

  4594.         res = self.testapp.get(

  4595.             '/api/v2/users/{}'.format(user_id),

  4596.             status=200

  4597.         )

  4598.         res = res.json_body

  4599.         assert res['user_id'] == user_id

  4600.         assert res['public_name'] == 'bob'

  4601.         assert res['timezone'] == 'Europe/Paris'

  4602.         assert res['lang'] == 'fr'

  4603.         # Set params

  4604.         params = {

  4605.             'public_name': 'updated',

  4606.             'timezone': 'Europe/London',

  4607.             'lang': 'en',

  4608.         }

  4609.         self.testapp.put_json(

  4610.             '/api/v2/users/{}'.format(user_id),

  4611.             params=params,

  4612.             status=200,

  4613.         )

  4614.         # Check After

  4615.         res = self.testapp.get(

  4616.             '/api/v2/users/{}'.format(user_id),

  4617.             status=200

  4618.         )

  4619.         res = res.json_body

  4620.         assert res['user_id'] == user_id

  4621.         assert res['public_name'] == 'updated'

  4622.         assert res['timezone'] == 'Europe/London'

  4623.         assert res['lang'] == 'en'

  4624. 

  4625.     def test_api__set_user_info__ok_200__user_itself(self):

  4626.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4627.         admin = dbsession.query(models.User) \

  4628.             .filter(models.User.email == 'admin@admin.admin') \

  4629.             .one()

  4630.         uapi = UserApi(

  4631.             current_user=admin,

  4632.             session=dbsession,

  4633.             config=self.app_config,

  4634.         )

  4635.         gapi = GroupApi(

  4636.             current_user=admin,

  4637.             session=dbsession,

  4638.             config=self.app_config,

  4639.         )

  4640.         groups = [gapi.get_one_with_name('users')]

  4641.         test_user = uapi.create_user(

  4642.             email='test@test.test',

  4643.             password='pass',

  4644.             name='bob',

  4645.             groups=groups,

  4646.             timezone='Europe/Paris',

  4647.             lang='fr',

  4648.             do_save=True,

  4649.             do_notify=False,

  4650.         )

  4651.         uapi.save(test_user)

  4652.         transaction.commit()

  4653.         user_id = int(test_user.user_id)

  4654. 

  4655.         self.testapp.authorization = (

  4656.             'Basic',

  4657.             (

  4658.                 'test@test.test',

  4659.                 'pass',

  4660.             )

  4661.         )

  4662.         # check before

  4663.         res = self.testapp.get(

  4664.             '/api/v2/users/{}'.format(user_id),

  4665.             status=200

  4666.         )

  4667.         res = res.json_body

  4668.         assert res['user_id'] == user_id

  4669.         assert res['public_name'] == 'bob'

  4670.         assert res['timezone'] == 'Europe/Paris'

  4671.         assert res['lang'] == 'fr'

  4672.         # Set params

  4673.         params = {

  4674.             'public_name': 'updated',

  4675.             'timezone': 'Europe/London',

  4676.             'lang': 'en',

  4677.         }

  4678.         self.testapp.put_json(

  4679.             '/api/v2/users/{}'.format(user_id),

  4680.             params=params,

  4681.             status=200,

  4682.         )

  4683.         # Check After

  4684.         res = self.testapp.get(

  4685.             '/api/v2/users/{}'.format(user_id),

  4686.             status=200

  4687.         )

  4688.         res = res.json_body

  4689.         assert res['user_id'] == user_id

  4690.         assert res['public_name'] == 'updated'

  4691.         assert res['timezone'] == 'Europe/London'

  4692.         assert res['lang'] == 'en'

  4693. 

  4694.     def test_api__set_user_email__err_403__other_normal_user(self):

  4695.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4696.         admin = dbsession.query(models.User) \

  4697.             .filter(models.User.email == 'admin@admin.admin') \

  4698.             .one()

  4699.         uapi = UserApi(

  4700.             current_user=admin,

  4701.             session=dbsession,

  4702.             config=self.app_config,

  4703.         )

  4704.         gapi = GroupApi(

  4705.             current_user=admin,

  4706.             session=dbsession,

  4707.             config=self.app_config,

  4708.         )

  4709.         groups = [gapi.get_one_with_name('users')]

  4710.         test_user = uapi.create_user(

  4711.             email='test@test.test',

  4712.             password='pass',

  4713.             name='bob',

  4714.             groups=groups,

  4715.             timezone='Europe/Paris',

  4716.             lang='fr',

  4717.             do_save=True,

  4718.             do_notify=False,

  4719.         )

  4720.         test_user2 = uapi.create_user(

  4721.             email='test2@test2.test2',

  4722.             password='pass',

  4723.             name='test',

  4724.             groups=groups,

  4725.             timezone='Europe/Paris',

  4726.             lang='fr',

  4727.             do_save=True,

  4728.             do_notify=False,

  4729.         )

  4730.         uapi.save(test_user2)

  4731.         uapi.save(test_user)

  4732.         transaction.commit()

  4733.         user_id = int(test_user.user_id)

  4734. 

  4735.         self.testapp.authorization = (

  4736.             'Basic',

  4737.             (

  4738.                 'test2@test2.test2',

  4739.                 'pass',

  4740.             )

  4741.         )

  4742.         # Set params

  4743.         params = {

  4744.             'public_name': 'updated',

  4745.             'timezone': 'Europe/London',

  4746.             'lang': 'en'

  4747.         }

  4748.         self.testapp.put_json(

  4749.             '/api/v2/users/{}'.format(user_id),

  4750.             params=params,

  4751.             status=403,

  4752.         )

  4753. 

  4754. 

  4755. class TestSetUserProfilEndpoint(FunctionalTest):

  4756.     # -*- coding: utf-8 -*-

  4757.     """

  4758.     Tests for PUT /api/v2/users/{user_id}/profile

  4759.     """

  4760.     fixtures = [BaseFixture]

  4761. 

  4762.     def test_api__set_user_info__ok_200__admin(self):

  4763.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4764.         admin = dbsession.query(models.User) \

  4765.             .filter(models.User.email == 'admin@admin.admin') \

  4766.             .one()

  4767.         uapi = UserApi(

  4768.             current_user=admin,

  4769.             session=dbsession,

  4770.             config=self.app_config,

  4771.         )

  4772.         gapi = GroupApi(

  4773.             current_user=admin,

  4774.             session=dbsession,

  4775.             config=self.app_config,

  4776.         )

  4777.         groups = [gapi.get_one_with_name('users')]

  4778.         test_user = uapi.create_user(

  4779.             email='test@test.test',

  4780.             password='pass',

  4781.             name='bob',

  4782.             groups=groups,

  4783.             timezone='Europe/Paris',

  4784.             lang='fr',

  4785.             do_save=True,

  4786.             do_notify=False,

  4787.         )

  4788.         uapi.save(test_user)

  4789.         transaction.commit()

  4790.         user_id = int(test_user.user_id)

  4791. 

  4792.         self.testapp.authorization = (

  4793.             'Basic',

  4794.             (

  4795.                 'admin@admin.admin',

  4796.                 'admin@admin.admin'

  4797.             )

  4798.         )

  4799.         # check before

  4800.         res = self.testapp.get(

  4801.             '/api/v2/users/{}'.format(user_id),

  4802.             status=200

  4803.         )

  4804.         res = res.json_body

  4805.         assert res['user_id'] == user_id

  4806.         assert res['profile'] == 'users'

  4807.         # Set params

  4808.         params = {

  4809.             'profile': 'administrators',

  4810.         }

  4811.         self.testapp.put_json(

  4812.             '/api/v2/users/{}/profile'.format(user_id),

  4813.             params=params,

  4814.             status=204,

  4815.         )

  4816.         # Check After

  4817.         res = self.testapp.get(

  4818.             '/api/v2/users/{}'.format(user_id),

  4819.             status=200

  4820.         )

  4821.         res = res.json_body

  4822.         assert res['user_id'] == user_id

  4823.         assert res['profile'] == 'administrators'

  4824. 

  4825.     def test_api__set_user_info__err_403__user_itself(self):

  4826.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4827.         admin = dbsession.query(models.User) \

  4828.             .filter(models.User.email == 'admin@admin.admin') \

  4829.             .one()

  4830.         uapi = UserApi(

  4831.             current_user=admin,

  4832.             session=dbsession,

  4833.             config=self.app_config,

  4834.         )

  4835.         gapi = GroupApi(

  4836.             current_user=admin,

  4837.             session=dbsession,

  4838.             config=self.app_config,

  4839.         )

  4840.         groups = [gapi.get_one_with_name('users')]

  4841.         test_user = uapi.create_user(

  4842.             email='test@test.test',

  4843.             password='pass',

  4844.             name='bob',

  4845.             groups=groups,

  4846.             timezone='Europe/Paris',

  4847.             lang='fr',

  4848.             do_save=True,

  4849.             do_notify=False,

  4850.         )

  4851.         uapi.save(test_user)

  4852.         transaction.commit()

  4853.         user_id = int(test_user.user_id)

  4854. 

  4855.         self.testapp.authorization = (

  4856.             'Basic',

  4857.             (

  4858.                 'test@test.test',

  4859.                 'pass',

  4860.             )

  4861.         )

  4862.         # check before

  4863.         res = self.testapp.get(

  4864.             '/api/v2/users/{}'.format(user_id),

  4865.             status=200

  4866.         )

  4867.         res = res.json_body

  4868.         assert res['user_id'] == user_id

  4869.         assert res['profile'] == 'users'

  4870.         # Set params

  4871.         params = {

  4872.             'profile': 'administrators',

  4873.         }

  4874.         self.testapp.put_json(

  4875.             '/api/v2/users/{}/profile'.format(user_id),

  4876.             params=params,

  4877.             status=403,

  4878.         )

  4879.         # Check After

  4880.         res = self.testapp.get(

  4881.             '/api/v2/users/{}'.format(user_id),

  4882.             status=200

  4883.         )

  4884.         res = res.json_body

  4885.         assert res['user_id'] == user_id

  4886.         assert res['profile'] == 'users'

  4887. 

  4888.     def test_api__set_user_email__err_403__other_normal_user(self):

  4889.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4890.         admin = dbsession.query(models.User) \

  4891.             .filter(models.User.email == 'admin@admin.admin') \

  4892.             .one()

  4893.         uapi = UserApi(

  4894.             current_user=admin,

  4895.             session=dbsession,

  4896.             config=self.app_config,

  4897.         )

  4898.         gapi = GroupApi(

  4899.             current_user=admin,

  4900.             session=dbsession,

  4901.             config=self.app_config,

  4902.         )

  4903.         groups = [gapi.get_one_with_name('users')]

  4904.         test_user = uapi.create_user(

  4905.             email='test@test.test',

  4906.             password='pass',

  4907.             name='bob',

  4908.             groups=groups,

  4909.             timezone='Europe/Paris',

  4910.             lang='fr',

  4911.             do_save=True,

  4912.             do_notify=False,

  4913.         )

  4914.         test_user2 = uapi.create_user(

  4915.             email='test2@test2.test2',

  4916.             password='pass',

  4917.             name='test',

  4918.             groups=groups,

  4919.             timezone='Europe/Paris',

  4920.             lang='fr',

  4921.             do_save=True,

  4922.             do_notify=False,

  4923.         )

  4924.         uapi.save(test_user2)

  4925.         uapi.save(test_user)

  4926.         transaction.commit()

  4927.         user_id = int(test_user.user_id)

  4928. 

  4929.         self.testapp.authorization = (

  4930.             'Basic',

  4931.             (

  4932.                 'test2@test2.test2',

  4933.                 'pass',

  4934.             )

  4935.         )

  4936.         # Set params

  4937.         params = {

  4938.             'profile': 'administrators',

  4939.         }

  4940.         self.testapp.put_json(

  4941.             '/api/v2/users/{}/profile'.format(user_id),

  4942.             params=params,

  4943.             status=403,

  4944.         )

  4945. 

  4946. 

  4947. class TestSetUserEnableDisableEndpoints(FunctionalTest):

  4948.     # -*- coding: utf-8 -*-

  4949.     """

  4950.     Tests for PUT /api/v2/users/{user_id}/enable

  4951.     and PUT /api/v2/users/{user_id}/disable

  4952.     """

  4953.     fixtures = [BaseFixture]

  4954. 

  4955.     def test_api_enable_user__ok_200__admin(self):

  4956.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  4957.         admin = dbsession.query(models.User) \

  4958.             .filter(models.User.email == 'admin@admin.admin') \

  4959.             .one()

  4960.         uapi = UserApi(

  4961.             current_user=admin,

  4962.             session=dbsession,

  4963.             config=self.app_config,

  4964.         )

  4965.         gapi = GroupApi(

  4966.             current_user=admin,

  4967.             session=dbsession,

  4968.             config=self.app_config,

  4969.         )

  4970.         groups = [gapi.get_one_with_name('users')]

  4971.         test_user = uapi.create_user(

  4972.             email='test@test.test',

  4973.             password='pass',

  4974.             name='bob',

  4975.             groups=groups,

  4976.             timezone='Europe/Paris',

  4977.             lang='fr',

  4978.             do_save=True,

  4979.             do_notify=False,

  4980.         )

  4981.         uapi.disable(test_user, do_save=True)

  4982.         uapi.save(test_user)

  4983.         transaction.commit()

  4984.         user_id = int(test_user.user_id)

  4985. 

  4986.         self.testapp.authorization = (

  4987.             'Basic',

  4988.             (

  4989.                 'admin@admin.admin',

  4990.                 'admin@admin.admin'

  4991.             )

  4992.         )

  4993.         # check before

  4994.         res = self.testapp.get(

  4995.             '/api/v2/users/{}'.format(user_id),

  4996.             status=200

  4997.         )

  4998.         res = res.json_body

  4999.         assert res['user_id'] == user_id

  5000.         assert res['is_active'] is False

  5001.         self.testapp.put_json(

  5002.             '/api/v2/users/{}/enable'.format(user_id),

  5003.             status=204,

  5004.         )

  5005.         # Check After

  5006.         res = self.testapp.get(

  5007.             '/api/v2/users/{}'.format(user_id),

  5008.             status=200

  5009.         )

  5010.         res = res.json_body

  5011.         assert res['user_id'] == user_id

  5012.         assert res['is_active'] is True

  5013. 

  5014.     def test_api_disable_user__ok_200__admin(self):

  5015.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  5016.         admin = dbsession.query(models.User) \

  5017.             .filter(models.User.email == 'admin@admin.admin') \

  5018.             .one()

  5019.         uapi = UserApi(

  5020.             current_user=admin,

  5021.             session=dbsession,

  5022.             config=self.app_config,

  5023.         )

  5024.         gapi = GroupApi(

  5025.             current_user=admin,

  5026.             session=dbsession,

  5027.             config=self.app_config,

  5028.         )

  5029.         groups = [gapi.get_one_with_name('users')]

  5030.         test_user = uapi.create_user(

  5031.             email='test@test.test',

  5032.             password='pass',

  5033.             name='bob',

  5034.             groups=groups,

  5035.             timezone='Europe/Paris',

  5036.             lang='fr',

  5037.             do_save=True,

  5038.             do_notify=False,

  5039.         )

  5040.         uapi.enable(test_user, do_save=True)

  5041.         uapi.save(test_user)

  5042.         transaction.commit()

  5043.         user_id = int(test_user.user_id)

  5044. 

  5045.         self.testapp.authorization = (

  5046.             'Basic',

  5047.             (

  5048.                 'admin@admin.admin',

  5049.                 'admin@admin.admin'

  5050.             )

  5051.         )

  5052.         # check before

  5053.         res = self.testapp.get(

  5054.             '/api/v2/users/{}'.format(user_id),

  5055.             status=200

  5056.         )

  5057.         res = res.json_body

  5058.         assert res['user_id'] == user_id

  5059.         assert res['is_active'] is True

  5060.         self.testapp.put_json(

  5061.             '/api/v2/users/{}/disable'.format(user_id),

  5062.             status=204,

  5063.         )

  5064.         # Check After

  5065.         res = self.testapp.get(

  5066.             '/api/v2/users/{}'.format(user_id),

  5067.             status=200

  5068.         )

  5069.         res = res.json_body

  5070.         assert res['user_id'] == user_id

  5071.         assert res['is_active'] is False

  5072. 

  5073.     def test_api_enable_user__err_403__other_account(self):

  5074.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  5075.         admin = dbsession.query(models.User) \

  5076.             .filter(models.User.email == 'admin@admin.admin') \

  5077.             .one()

  5078.         uapi = UserApi(

  5079.             current_user=admin,

  5080.             session=dbsession,

  5081.             config=self.app_config,

  5082.         )

  5083.         gapi = GroupApi(

  5084.             current_user=admin,

  5085.             session=dbsession,

  5086.             config=self.app_config,

  5087.         )

  5088.         groups = [gapi.get_one_with_name('users')]

  5089.         test_user = uapi.create_user(

  5090.             email='test@test.test',

  5091.             password='pass',

  5092.             name='bob',

  5093.             groups=groups,

  5094.             timezone='Europe/Paris',

  5095.             lang='fr',

  5096.             do_save=True,

  5097.             do_notify=False,

  5098.         )

  5099.         test_user2 = uapi.create_user(

  5100.             email='test2@test2.test2',

  5101.             password='pass',

  5102.             name='test2',

  5103.             groups=groups,

  5104.             timezone='Europe/Paris',

  5105.             lang='fr',

  5106.             do_save=True,

  5107.             do_notify=False,

  5108.         )

  5109.         uapi.disable(test_user, do_save=True)

  5110.         uapi.save(test_user2)

  5111.         uapi.save(test_user)

  5112.         transaction.commit()

  5113.         user_id = int(test_user.user_id)

  5114. 

  5115.         self.testapp.authorization = (

  5116.             'Basic',

  5117.             (

  5118.                 'test2@test2.test2',

  5119.                 'pass'

  5120.             )

  5121.         )

  5122.         self.testapp.put_json(

  5123.             '/api/v2/users/{}/enable'.format(user_id),

  5124.             status=403,

  5125.         )

  5126. 

  5127.     def test_api_disable_user__err_403__other_account(self):

  5128.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  5129.         admin = dbsession.query(models.User) \

  5130.             .filter(models.User.email == 'admin@admin.admin') \

  5131.             .one()

  5132.         uapi = UserApi(

  5133.             current_user=admin,

  5134.             session=dbsession,

  5135.             config=self.app_config,

  5136.         )

  5137.         gapi = GroupApi(

  5138.             current_user=admin,

  5139.             session=dbsession,

  5140.             config=self.app_config,

  5141.         )

  5142.         groups = [gapi.get_one_with_name('users')]

  5143.         test_user = uapi.create_user(

  5144.             email='test@test.test',

  5145.             password='pass',

  5146.             name='bob',

  5147.             groups=groups,

  5148.             timezone='Europe/Paris',

  5149.             lang='fr',

  5150.             do_save=True,

  5151.             do_notify=False,

  5152.         )

  5153.         test_user2 = uapi.create_user(

  5154.             email='test2@test2.test2',

  5155.             password='pass',

  5156.             name='test2',

  5157.             groups=groups,

  5158.             timezone='Europe/Paris',

  5159.             lang='fr',

  5160.             do_save=True,

  5161.             do_notify=False,

  5162.         )

  5163.         uapi.enable(test_user, do_save=True)

  5164.         uapi.save(test_user2)

  5165.         uapi.save(test_user)

  5166.         transaction.commit()

  5167.         user_id = int(test_user.user_id)

  5168. 

  5169.         self.testapp.authorization = (

  5170.             'Basic',

  5171.             (

  5172.                 'test2@test2.test2',

  5173.                 'pass'

  5174.             )

  5175.         )

  5176.         self.testapp.put_json(

  5177.             '/api/v2/users/{}/disable'.format(user_id),

  5178.             status=403,

  5179.         )

  5180. 

  5181.     def test_api_disable_user__ok_200__user_itself(self):

  5182.         dbsession = get_tm_session(self.session_factory, transaction.manager)

  5183.         admin = dbsession.query(models.User) \

  5184.             .filter(models.User.email == 'admin@admin.admin') \

  5185.             .one()

  5186.         uapi = UserApi(

  5187.             current_user=admin,

  5188.             session=dbsession,

  5189.             config=self.app_config,

  5190.         )

  5191.         gapi = GroupApi(

  5192.             current_user=admin,

  5193.             session=dbsession,

  5194.             config=self.app_config,

  5195.         )

  5196.         groups = [gapi.get_one_with_name('users')]

  5197.         test_user = uapi.create_user(

  5198.             email='test@test.test',

  5199.             password='pass',

  5200.             name='bob',

  5201.             groups=groups,

  5202.             timezone='Europe/Paris',

  5203.             lang='fr',

  5204.             do_save=True,

  5205.             do_notify=False,

  5206.         )

  5207.         uapi.enable(test_user, do_save=True)

  5208.         uapi.save(test_user)

  5209.         transaction.commit()

  5210.         user_id = int(test_user.user_id)

  5211. 

  5212.         self.testapp.authorization = (

  5213.             'Basic',

  5214.             (

  5215.                 'test@test.test',

  5216.                 'pass'

  5217.             )

  5218.         )

  5219.         # check before

  5220.         res = self.testapp.get(

  5221.             '/api/v2/users/{}'.format(user_id),

  5222.             status=200

  5223.         )

  5224.         res = res.json_body

  5225.         assert res['user_id'] == user_id

  5226.         assert res['is_active'] is True

  5227.         self.testapp.put_json(

  5228.             '/api/v2/users/{}/disable'.format(user_id),

  5229.             status=403,

  5230.         )

  5231.         # Check After

  5232.         res = self.testapp.get(

  5233.             '/api/v2/users/{}'.format(user_id),

  5234.             status=200

  5235.         )

  5236.         res = res.json_body

  5237.         assert res['user_id'] == user_id

  5238.         assert res['is_active'] is True