Alexander/FitTrackee
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

API - init privacy policy

Browse Source
This commit is contained in:
Sam
2023-02-25 14:06:49 +01:00
parent 789aa4dddf
commit 4e3d2f98cf
11 changed files with 279 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
fittrackee/tests/application/test_app_config_api.py
View File

@ -1,5 +1,7 @@
import json
from datetime import datetime
from typing import Optional
from unittest.mock import Mock, patch
import pytest
from flask import Flask
@ -296,7 +298,7 @@ class TestUpdateConfig(ApiTestCaseMixin):
@pytest.mark.parametrize(
'input_description,input_email', [('input string', ''), ('None', None)]
)
def test_it_empties_error_if_admin_contact_is_an_empty(
def test_it_empties_contact_if_provided_admin_contact_is_an_empty(
self,
app: Flask,
user_1_admin: User,
@ -325,6 +327,66 @@ class TestUpdateConfig(ApiTestCaseMixin):
assert 'success' in data['status']
assert data['data']['admin_contact'] is None
def test_it_updates_about(
self,
app: Flask,
user_1_admin: User,
) -> None:
client, auth_token = self.get_test_client_and_auth_token(
app, user_1_admin.email
)
about = self.random_string()
response = client.patch(
'/api/config',
content_type='application/json',
data=json.dumps(
dict(
about=about,
)
),
headers=dict(Authorization=f'Bearer {auth_token}'),
)
assert response.status_code == 200
data = json.loads(response.data.decode())
assert 'success' in data['status']
assert data['data']['about'] == about
def test_it_updates_privacy_policy(
self,
app: Flask,
user_1_admin: User,
) -> None:
client, auth_token = self.get_test_client_and_auth_token(
app, user_1_admin.email
)
privacy_policy = self.random_string()
privacy_policy_date = datetime.utcnow()
with patch(
'fittrackee.application.app_config.datetime'
) as datetime_mock:
datetime_mock.utcnow = Mock(return_value=privacy_policy_date)
response = client.patch(
'/api/config',
content_type='application/json',
data=json.dumps(
dict(
privacy_policy=privacy_policy,
)
),
headers=dict(Authorization=f'Bearer {auth_token}'),
)
assert response.status_code == 200
data = json.loads(response.data.decode())
assert 'success' in data['status']
assert data['data']['privacy_policy'] == privacy_policy
assert data['data'][
'privacy_policy_date'
] == privacy_policy_date.strftime('%a, %d %b %Y %H:%M:%S GMT')
@pytest.mark.parametrize(
'client_scope, can_access',
[

27
fittrackee/tests/application/test_app_config_model.py
View File

@ -1,3 +1,5 @@
from datetime import datetime
import pytest
from flask import Flask
@ -5,6 +7,8 @@ from fittrackee import VERSION
from fittrackee.application.models import AppConfig
from fittrackee.users.models import User
from ..utils import random_string
class TestConfigModel:
def test_application_config(
@ -88,3 +92,26 @@ class TestConfigModel:
serialized_app_config['weather_provider']
== expected_weather_provider
)
def test_it_returns_privacy_policy(self, app: Flask) -> None:
app_config = AppConfig.query.first()
privacy_policy = random_string()
privacy_policy_date = datetime.now()
app_config.privacy_policy = privacy_policy
app_config.privacy_policy_date = privacy_policy_date
serialized_app_config = app_config.serialize()
assert serialized_app_config["privacy_policy"] == privacy_policy
assert (
serialized_app_config["privacy_policy_date"] == privacy_policy_date
)
def test_it_returns_about(self, app: Flask) -> None:
app_config = AppConfig.query.first()
about = random_string()
app_config.about = about
serialized_app_config = app_config.serialize()
assert serialized_app_config["about"] == about

9
fittrackee/tests/fixtures/fixtures_users.py vendored
View File

@ -13,6 +13,7 @@ from ..utils import random_string
def user_1() -> User:
user = User(username='test', email='test@test.com', password='12345678')
user.is_active = True
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user
@ -22,6 +23,7 @@ def user_1() -> User:
def user_1_upper() -> User:
user = User(username='TEST', email='TEST@TEST.COM', password='12345678')
user.is_active = True
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user
@ -34,6 +36,7 @@ def user_1_admin() -> User:
)
admin.admin = True
admin.is_active = True
admin.accepted_policy = datetime.datetime.utcnow()
db.session.add(admin)
db.session.commit()
return admin
@ -50,6 +53,7 @@ def user_1_full() -> User:
user.timezone = 'America/New_York'
user.birth_date = datetime.datetime.strptime('01/01/1980', '%d/%m/%Y')
user.is_active = True
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user
@ -60,6 +64,7 @@ def user_1_paris() -> User:
user = User(username='test', email='test@test.com', password='12345678')
user.timezone = 'Europe/Paris'
user.is_active = True
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user
@ -69,6 +74,7 @@ def user_1_paris() -> User:
def user_2() -> User:
user = User(username='toto', email='toto@toto.com', password='12345678')
user.is_active = True
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user
@ -79,6 +85,7 @@ def user_2_admin() -> User:
user = User(username='toto', email='toto@toto.com', password='12345678')
user.is_active = True
user.admin = True
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user
@ -89,6 +96,7 @@ def user_3() -> User:
user = User(username='sam', email='sam@test.com', password='12345678')
user.is_active = True
user.weekm = True
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user
@ -100,6 +108,7 @@ def inactive_user() -> User:
username='inactive', email='inactive@example.com', password='12345678'
)
user.confirmation_token = random_string()
user.accepted_policy = datetime.datetime.utcnow()
db.session.add(user)
db.session.commit()
return user

90
fittrackee/tests/users/test_auth_api.py
View File

@ -33,6 +33,48 @@ class TestUserRegistration(ApiTestCaseMixin):
self.assert_400(response)
def test_it_returns_error_if_accepted_policy_is_missing(
self, app: Flask
) -> None:
client = app.test_client()
response = client.post(
'/api/auth/register',
data=json.dumps(
dict(
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
)
),
content_type='application/json',
)
self.assert_400(response)
def test_it_returns_error_if_accepted_policy_is_false(
self, app: Flask
) -> None:
client = app.test_client()
response = client.post(
'/api/auth/register',
data=json.dumps(
dict(
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
accepted_policy=False,
)
),
content_type='application/json',
)
self.assert_400(
response,
'sorry, you must agree privacy policy to register',
)
def test_it_returns_error_if_username_is_missing(self, app: Flask) -> None:
client = app.test_client()
@ -42,6 +84,7 @@ class TestUserRegistration(ApiTestCaseMixin):
dict(
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -65,6 +108,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=self.random_string(length=input_username_length),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -91,6 +135,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=input_username,
email=self.random_email(),
password=self.random_email(),
accepted_policy=True,
)
),
content_type='application/json',
@ -121,6 +166,7 @@ class TestUserRegistration(ApiTestCaseMixin):
),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -137,6 +183,7 @@ class TestUserRegistration(ApiTestCaseMixin):
dict(
username=self.random_string(),
email=self.random_email(),
accepted_policy=True,
)
),
content_type='application/json',
@ -156,6 +203,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_email(),
password=self.random_string(length=7),
accepted_policy=True,
)
),
content_type='application/json',
@ -172,6 +220,7 @@ class TestUserRegistration(ApiTestCaseMixin):
dict(
username=self.random_string(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -189,6 +238,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_string(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -207,6 +257,7 @@ class TestUserRegistration(ApiTestCaseMixin):
dict(
username=self.random_string(),
email=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -224,6 +275,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -248,6 +300,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=username,
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -269,25 +322,30 @@ class TestUserRegistration(ApiTestCaseMixin):
client = app.test_client()
username = self.random_string()
email = self.random_email()
accepted_policy_date = datetime.utcnow()
client.post(
'/api/auth/register',
data=json.dumps(
dict(
username=username,
email=email,
password=self.random_string(),
language=input_language,
)
),
content_type='application/json',
)
with patch('fittrackee.users.auth.datetime.datetime') as datetime_mock:
datetime_mock.utcnow = Mock(return_value=accepted_policy_date)
client.post(
'/api/auth/register',
data=json.dumps(
dict(
username=username,
email=email,
password=self.random_string(),
language=input_language,
accepted_policy=True,
)
),
content_type='application/json',
)
new_user = User.query.filter_by(username=username).first()
assert new_user.email == email
assert new_user.password is not None
assert new_user.is_active is False
assert new_user.language == expected_language
assert new_user.accepted_policy_date == accepted_policy_date
@pytest.mark.parametrize(
'input_language,expected_language',
@ -314,6 +372,7 @@ class TestUserRegistration(ApiTestCaseMixin):
email=email,
password='12345678',
language=input_language,
accepted_policy=True,
)
),
content_type='application/json',
@ -353,6 +412,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=username,
email=email,
password='12345678',
accepted_policy=True,
)
),
content_type='application/json',
@ -381,6 +441,7 @@ class TestUserRegistration(ApiTestCaseMixin):
else user_1.email.lower()
),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -404,6 +465,7 @@ class TestUserRegistration(ApiTestCaseMixin):
username=self.random_string(),
email=user_1.email,
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -1983,6 +2045,7 @@ class TestRegistrationConfiguration(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -1995,6 +2058,7 @@ class TestRegistrationConfiguration(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -2015,6 +2079,7 @@ class TestRegistrationConfiguration(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -2027,6 +2092,7 @@ class TestRegistrationConfiguration(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',

6
fittrackee/tests/users/test_users_api.py
View File

@ -1624,7 +1624,7 @@ class TestDeleteUser(ApiTestCaseMixin):
'you can not delete your account, no other user has admin rights',
)
def test_it_enables_registration_after_user_delete(
def test_it_enables_registration_after_user_delete_when_users_count_is_below_limit( # noqa
self,
app_with_3_users_max: Flask,
user_1_admin: User,
@ -1646,6 +1646,7 @@ class TestDeleteUser(ApiTestCaseMixin):
username=self.random_string(),
email=self.random_email(),
password=self.random_string(),
accepted_policy=True,
)
),
content_type='application/json',
@ -1653,7 +1654,7 @@ class TestDeleteUser(ApiTestCaseMixin):
assert response.status_code == 200
def test_it_does_not_enable_registration_on_user_delete(
def test_it_does_not_enable_registration_on_user_delete_when_users_count_is_not_below_limit( # noqa
self,
app_with_3_users_max: Flask,
user_1_admin: User,
@ -1677,6 +1678,7 @@ class TestDeleteUser(ApiTestCaseMixin):
email='test@test.com',
password='12345678',
password_conf='12345678',
accepted_policy=True,
)
),
content_type='application/json',

17
fittrackee/tests/users/test_users_model.py
View File

@ -78,6 +78,16 @@ class TestUserSerializeAsAuthUser(UserModelAssertMixin):
self.assert_workouts_keys_are_present(serialized_user)
def test_it_returns_accepted_privacy_policy_date(
self, app: Flask, user_1: User
) -> None:
serialized_user = user_1.serialize(user_1)
assert (
serialized_user['accepted_policy_date']
== user_1.accepted_policy_date
)
def test_it_does_not_return_confirmation_token(
self, app: Flask, user_1_admin: User, user_2: User
) -> None:
@ -118,6 +128,13 @@ class TestUserSerializeAsAdmin(UserModelAssertMixin):
self.assert_workouts_keys_are_present(serialized_user)
def test_it_does_not_return_accepted_privacy_policy_date(
self, app: Flask, user_1_admin: User, user_2: User
) -> None:
serialized_user = user_2.serialize(user_1_admin)
assert 'accepted_policy_date' not in serialized_user
def test_it_does_not_return_confirmation_token(
self, app: Flask, user_1_admin: User, user_2: User
) -> None: