From 10aa1f46326fa5d36789db24ef453d9b7b0fa352 Mon Sep 17 00:00:00 2001 From: Sam Date: Tue, 8 May 2018 14:44:51 +0200 Subject: [PATCH] API: get only authenticated user activities API: get only authenticated user activities --- mpwo_api/mpwo_api/activities/activities.py | 4 +- mpwo_api/mpwo_api/tests/test_activities.py | 64 +++++++++++++++++++--- 2 files changed, 57 insertions(+), 11 deletions(-) diff --git a/mpwo_api/mpwo_api/activities/activities.py b/mpwo_api/mpwo_api/activities/activities.py index 5f5c71b7..23dc1b2b 100644 --- a/mpwo_api/mpwo_api/activities/activities.py +++ b/mpwo_api/mpwo_api/activities/activities.py @@ -17,8 +17,8 @@ activities_blueprint = Blueprint('activities', __name__) @activities_blueprint.route('/activities', methods=['GET']) @authenticate def get_activities(auth_user_id): - """Get all activities""" - activities = Activity.query.all() + """Get all activities for authenticated user""" + activities = Activity.query.filter_by(user_id=auth_user_id).all() activities_list = [] for activity in activities: activities_list.append(activity.serialize()) diff --git a/mpwo_api/mpwo_api/tests/test_activities.py b/mpwo_api/mpwo_api/tests/test_activities.py index 128b02fe..f128885a 100644 --- a/mpwo_api/mpwo_api/tests/test_activities.py +++ b/mpwo_api/mpwo_api/tests/test_activities.py @@ -26,7 +26,7 @@ gpx_file = ( ) -def test_get_all_activities(app): +def test_get_all_activities_for_authenticated_user(app): add_user('test', 'test@test.com', '12345678') add_user('toto', 'toto@toto.com', '12345678') add_sport('cycling') @@ -41,6 +41,11 @@ def test_get_all_activities(app): 1, datetime.datetime.strptime('23/01/2018', '%d/%m/%Y'), datetime.timedelta(seconds=3600)) + add_activity( + 1, + 1, + datetime.datetime.strptime('01/04/2018', '%d/%m/%Y'), + datetime.timedelta(seconds=6000)) client = app.test_client() resp_login = client.post( @@ -64,17 +69,58 @@ def test_get_all_activities(app): assert response.status_code == 200 assert 'success' in data['status'] assert len(data['data']['activities']) == 2 + assert 'creation_date' in data['data']['activities'][0] + assert 'Mon, 01 Jan 2018 00:00:00 GMT' == data['data']['activities'][0]['activity_date'] # noqa + assert 1 == data['data']['activities'][0]['user_id'] + assert 2 == data['data']['activities'][0]['sport_id'] + assert '0:17:04' == data['data']['activities'][0]['duration'] + assert 'creation_date' in data['data']['activities'][1] - assert 'Tue, 23 Jan 2018 00:00:00 GMT' == data['data']['activities'][0]['activity_date'] # noqa - assert 'Mon, 01 Jan 2018 00:00:00 GMT' == data['data']['activities'][1]['activity_date'] # noqa - assert 'creation_date' in data['data']['activities'][1] - assert 2 == data['data']['activities'][0]['user_id'] + assert 'Sun, 01 Apr 2018 00:00:00 GMT' == data['data']['activities'][1]['activity_date'] # noqa assert 1 == data['data']['activities'][1]['user_id'] - assert 1 == data['data']['activities'][0]['sport_id'] - assert 2 == data['data']['activities'][1]['sport_id'] - assert '1:00:00' == data['data']['activities'][0]['duration'] - assert '0:17:04' == data['data']['activities'][1]['duration'] + assert 1 == data['data']['activities'][1]['sport_id'] + assert '1:40:00' == data['data']['activities'][1]['duration'] + + +def test_get_activities_for_authenticated_user_no_activity(app): + add_user('test', 'test@test.com', '12345678') + add_user('toto', 'toto@toto.com', '12345678') + add_sport('cycling') + add_sport('running') + add_activity( + 1, + 2, + datetime.datetime.strptime('01/01/2018', '%d/%m/%Y'), + datetime.timedelta(seconds=1024)) + add_activity( + 1, + 1, + datetime.datetime.strptime('01/04/2018', '%d/%m/%Y'), + datetime.timedelta(seconds=6000)) + + client = app.test_client() + resp_login = client.post( + '/api/auth/login', + data=json.dumps(dict( + email='toto@toto.com', + password='12345678' + )), + content_type='application/json' + ) + response = client.get( + '/api/activities', + headers=dict( + Authorization='Bearer ' + json.loads( + resp_login.data.decode() + )['auth_token'] + ) + ) + data = json.loads(response.data.decode()) + + assert response.status_code == 200 + assert 'success' in data['status'] + assert len(data['data']['activities']) == 0 def test_add_an_activity(app):