diff --git a/service/test/__init__.py b/service/test/__init__.py index 5e4aab3..00b6fc4 100644 --- a/service/test/__init__.py +++ b/service/test/__init__.py @@ -1,2 +1,3 @@ from .auth_tests import AuthTest +from .user_test import UserTest diff --git a/service/test/auth_tests.py b/service/test/auth_tests.py index 4138257..e4514ad 100644 --- a/service/test/auth_tests.py +++ b/service/test/auth_tests.py @@ -2,6 +2,7 @@ from rest_framework.test import APITestCase from django.urls import reverse from rest_framework import status +from rest_framework.test import APIClient class AuthTest(APITestCase): @@ -17,3 +18,23 @@ def test_user_auth(self): response = self.client.post(url, data, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertNotEqual(response.json().get('token', False), False) + + def test_api_authorization(self): + """ + Ensure that api could not be access + without auth + """ + url = reverse('user_api') + response = self.client.get(url, format='json') + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) + + auth_url = reverse('user_auth') + data = {"username": "shivam", "password": 12345} + # request without auth token + response = self.client.post(auth_url, data, format='json') + + client = APIClient() + client.credentials(HTTP_AUTHORIZATION='Token ' + response.json().get('token', False)) + # check request with header auth + response = client.get(url, format='json') + self.assertEqual(response.status_code, status.HTTP_200_OK) diff --git a/service/test/user_test.py b/service/test/user_test.py index e69de29..9545e33 100644 --- a/service/test/user_test.py +++ b/service/test/user_test.py @@ -0,0 +1,63 @@ +# User_test +from rest_framework.test import APITestCase +from django.urls import reverse +from rest_framework import status +from django.contrib.auth.models import User +from rest_framework.test import APIClient + + +class UserTest(APITestCase): + fixtures = ['service/fixture/users.json'] + + def test_user_count(self): + """ + Ensure the user count in db is correct + """ + user_count = 2 + self.assertEqual(user_count, User.objects.all().count()) + + def test_user_create(self): + """ + Ensure the user api post request is working + """ + auth_url = reverse('user_auth') + data = {"username": "shivam", "password": 12345} + response = self.client.post(auth_url, data, format='json') + + client = APIClient() + client.credentials(HTTP_AUTHORIZATION='Token ' + response.json().get('token', False)) + url = reverse('user_api') + # check for duplicate user + response = client.post(url, format='json', data={'username': 'shivam', 'password': 12345}) + self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) + + # check for weak validation + response = client.post(url, format='json', data={'username': 'shivam', 'password': 123}) + self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) + + # check for valid data + response = client.post(url, format='json', data={'username': 'admin1', 'password': 12345}) + self.assertEqual(response.status_code, status.HTTP_201_CREATED) + self.assertEqual(3, User.objects.all().count()) + self.assertEqual('admin1', User.objects.get(username='admin1').username) + + def test_user_update(self): + """ + Ensure the user update is working + """ + auth_url = reverse('user_auth') + data = {"username": "shivam", "password": 12345} + response = self.client.post(auth_url, data, format='json') + url = reverse('user_api_args', kwargs={'id': 10}) + client = APIClient() + client.credentials(HTTP_AUTHORIZATION='Token ' + response.json().get('token', False)) + client.put(url, format='json', data={'username': 'shivoham', 'password': 12345}) + self.assertEqual('shivoham', User.objects.get(pk=10).username) + + + + + + + + diff --git a/service/urls.py b/service/urls.py index e939b95..110bd6c 100644 --- a/service/urls.py +++ b/service/urls.py @@ -5,5 +5,5 @@ urlpatterns = [ path('user/auth', Auth.as_view(), name='user_auth'), path('user', User.as_view(), name="user_api"), - path('user/', User.as_view(), name="user_api"), + path('user/', User.as_view(), name="user_api_args"), ]