forked from hypothesis/h
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request hypothesis#5318 from hypothesis/add-update-user-pe…
…rmission Add update-user permission; use AuthClient auth'n for `PATCH /api/user/{username}`
- Loading branch information
Showing
10 changed files
with
134 additions
and
46 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -66,6 +66,46 @@ def test_it_returns_409_if_user_conflict(self, app, user_payload, auth_client_he | |
assert res.status_code == 409 | ||
|
||
|
||
@pytest.mark.functional | ||
class TestUpdateUser(object): | ||
|
||
def test_it_returns_http_200_when_successful(self, app, auth_client_header, user, patch_user_payload): | ||
url = "/api/users/{username}".format(username=user.username) | ||
|
||
res = app.patch_json(url, patch_user_payload, headers=auth_client_header) | ||
|
||
assert res.status_code == 200 | ||
|
||
def test_it_returns_updated_user_when_successful(self, app, auth_client_header, user, patch_user_payload): | ||
url = "/api/users/{username}".format(username=user.username) | ||
|
||
res = app.patch_json(url, patch_user_payload, headers=auth_client_header) | ||
|
||
assert res.json_body['email'] == patch_user_payload['email'] | ||
assert res.json_body['display_name'] == patch_user_payload['display_name'] | ||
|
||
def test_it_returns_http_404_if_auth_client_missing(self, app, user, patch_user_payload): | ||
url = "/api/users/{username}".format(username=user.username) | ||
|
||
res = app.patch_json(url, patch_user_payload, expect_errors=True) | ||
|
||
assert res.status_code == 404 | ||
|
||
def test_it_returns_http_404_if_user_not_in_client_authority(self, | ||
app, | ||
auth_client_header, | ||
user, | ||
patch_user_payload, | ||
db_session): | ||
user.authority = 'somewhere.com' | ||
db_session.commit() | ||
url = "/api/users/{username}".format(username=user.username) | ||
|
||
res = app.patch_json(url, patch_user_payload, headers=auth_client_header, expect_errors=True) | ||
|
||
assert res.status_code == 404 | ||
|
||
|
||
@pytest.fixture | ||
def user_payload(): | ||
return { | ||
|
@@ -75,6 +115,14 @@ def user_payload(): | |
} | ||
|
||
|
||
@pytest.fixture | ||
def patch_user_payload(): | ||
return { | ||
"email": "[email protected]", | ||
"display_name": "Filip Pilip", | ||
} | ||
|
||
|
||
@pytest.fixture | ||
def auth_client(db_session, factories): | ||
auth_client = factories.ConfidentialAuthClient(authority='example.com', | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,8 +5,6 @@ | |
import pytest | ||
import mock | ||
|
||
from pyramid.exceptions import HTTPNotFound | ||
|
||
from h.exceptions import PayloadError, ConflictError | ||
from h.models.auth_client import GrantType | ||
from h.schemas import ValidationError | ||
|
@@ -116,19 +114,18 @@ def valid_payload(self): | |
|
||
|
||
@pytest.mark.usefixtures('auth_client', | ||
'request_auth_client', | ||
'user_svc', | ||
'user') | ||
class TestUpdate(object): | ||
def test_it_updates_display_name(self, pyramid_request, valid_payload, user): | ||
pyramid_request.json_body = valid_payload | ||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
assert user.display_name == 'Jeremy Weyland' | ||
|
||
def test_it_updates_email(self, pyramid_request, valid_payload, user): | ||
pyramid_request.json_body = valid_payload | ||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
assert user.email == '[email protected]' | ||
|
||
|
@@ -141,7 +138,7 @@ def test_you_can_update_the_displayname_of_a_user_who_has_no_email( | |
valid_payload['display_name'] = 'new_display_name' | ||
pyramid_request.json_body = valid_payload | ||
|
||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
assert user.display_name == 'new_display_name' | ||
assert user.email is None | ||
|
@@ -155,51 +152,45 @@ def test_you_can_add_an_email_to_a_user_who_has_no_email( | |
valid_payload['email'] = '[email protected]' | ||
pyramid_request.json_body = valid_payload | ||
|
||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
assert user.email == '[email protected]' | ||
|
||
def test_it_presents_user(self, pyramid_request, valid_payload, user, presenter): | ||
pyramid_request.json_body = valid_payload | ||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
presenter.assert_called_once_with(user) | ||
|
||
def test_it_returns_presented_user(self, pyramid_request, valid_payload, presenter): | ||
pyramid_request.json_body = valid_payload | ||
result = update(pyramid_request) | ||
result = update(user, pyramid_request) | ||
|
||
assert result == presenter.return_value.asdict() | ||
|
||
def test_raises_404_when_user_not_found(self, pyramid_request, valid_payload): | ||
pyramid_request.matchdict['username'] = 'missing' | ||
|
||
with pytest.raises(HTTPNotFound): | ||
update(pyramid_request) | ||
|
||
def test_it_validates_the_input(self, pyramid_request, valid_payload, UpdateUserAPISchema): | ||
def test_it_validates_the_input(self, user, pyramid_request, valid_payload, UpdateUserAPISchema): | ||
update_schema = UpdateUserAPISchema.return_value | ||
update_schema.validate.return_value = valid_payload | ||
pyramid_request.json_body = valid_payload | ||
|
||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
update_schema.validate.assert_called_once_with(valid_payload) | ||
|
||
def test_raises_when_schema_validation_fails(self, pyramid_request, valid_payload, UpdateUserAPISchema): | ||
def test_raises_when_schema_validation_fails(self, user, pyramid_request, valid_payload, UpdateUserAPISchema): | ||
update_schema = UpdateUserAPISchema.return_value | ||
update_schema.validate.side_effect = ValidationError('validation failed') | ||
|
||
pyramid_request.json_body = valid_payload | ||
|
||
with pytest.raises(ValidationError): | ||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
def test_raises_for_invalid_json_body(self, pyramid_request, patch): | ||
def test_raises_for_invalid_json_body(self, user, pyramid_request, patch): | ||
type(pyramid_request).json_body = mock.PropertyMock(side_effect=ValueError()) | ||
|
||
with pytest.raises(PayloadError): | ||
update(pyramid_request) | ||
update(user, pyramid_request) | ||
|
||
@pytest.fixture | ||
def pyramid_request(self, pyramid_request, user): | ||
|
@@ -233,13 +224,6 @@ def auth_client(factories): | |
grant_type=GrantType.client_credentials) | ||
|
||
|
||
@pytest.fixture | ||
def request_auth_client(patch, auth_client): | ||
request_auth_client = patch('h.views.api.users.request_auth_client') | ||
request_auth_client.return_value = auth_client | ||
return request_auth_client | ||
|
||
|
||
@pytest.fixture | ||
def validate_auth_client_authority(patch): | ||
return patch('h.views.api.users.validate_auth_client_authority') | ||
|