From cdf9cfbf53052e87bcf0368cfc5a6db29f168604 Mon Sep 17 00:00:00 2001 From: Chrtorres Date: Tue, 29 Oct 2024 16:11:41 -0400 Subject: [PATCH 1/2] Saved Search tests skeleton --- .../xfd_api/tests/test_saved_searches.py | 351 ++++++++++++++++++ 1 file changed, 351 insertions(+) create mode 100644 backend/src/xfd_django/xfd_api/tests/test_saved_searches.py diff --git a/backend/src/xfd_django/xfd_api/tests/test_saved_searches.py b/backend/src/xfd_django/xfd_api/tests/test_saved_searches.py new file mode 100644 index 000000000..2be14806a --- /dev/null +++ b/backend/src/xfd_django/xfd_api/tests/test_saved_searches.py @@ -0,0 +1,351 @@ +# Standard Python Libraries +from datetime import datetime +import secrets + +# Third-Party Libraries +from fastapi.testclient import TestClient +import pytest +from xfd_api.models import User, SavedSearch, UserType +from xfd_django.asgi import app +from xfd_api.auth import create_jwt_token + +client = TestClient(app) + +@pytest.mark.django_db +def test_create_saved_search_by_user(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + name = f"test-{secrets.token_hex(4)}" + response = client.post( + "/saved-searches/", + json={ + "name": name, + "count": 3, + "sortDirection": "", + "sortField": "", + "searchTerm": "", + "searchPath": "", + "filters": [] + }, + headers={"Authorization": "Bearer " + create_jwt_token(user)}, + ) + assert response.status_code == 200 + data = response.json() + assert data["name"] == name + assert data["createdById"] == str(user.id) + +@pytest.mark.django_db +def test_update_saved_search_by_global_admin_fails(): + body = { + "name": f"test-{secrets.token_hex(4)}", + "count": 3, + "sortDirection": "", + "sortField": "", + "searchTerm": "", + "searchPath": "", + "filters": [] + } + search = SavedSearch.objects.create(**body) + body["name"] = f"test-{secrets.token_hex(4)}" + body["searchTerm"] = "123" + response = client.put( + f"/saved-searches/{search.id}", + json=body, + headers={"Authorization": "Bearer " + create_jwt_token(UserType.GLOBAL_ADMIN)}, + ) + assert response.status_code == 404 + +@pytest.mark.django_db +def test_update_saved_search_by_standard_user_with_access(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + body = { + "name": f"test-{secrets.token_hex(4)}", + "count": 3, + "sortDirection": "", + "sortField": "", + "searchTerm": "", + "searchPath": "", + "filters": [] + } + search = SavedSearch.objects.create(**body, createdById=user) + body["name"] = f"test-{secrets.token_hex(4)}" + body["searchTerm"] = "123" + response = client.put( + f"/saved-searches/{search.id}", + json=body, + headers={"Authorization": "Bearer " + create_jwt_token(user)}, + ) + assert response.status_code == 200 + data = response.json() + assert data["name"] == body["name"] + assert data["searchTerm"] == body["searchTerm"] + +@pytest.mark.django_db +def test_update_saved_search_by_standard_user_without_access_fails(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + user1 = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + body = { + "name": f"test-{secrets.token_hex(4)}", + "count": 3, + "sortDirection": "", + "sortField": "", + "searchTerm": "", + "searchPath": "", + "filters": [], + "createdById": user + } + search = SavedSearch.objects.create(**body) + response = client.put( + f"/saved-searches/{search.id}", + json=body, + headers={"Authorization": "Bearer " + create_jwt_token(user1)}, + ) + assert response.status_code == 404 + +@pytest.mark.django_db +def test_delete_saved_search_by_global_admin_fails(): + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[] + ) + response = client.delete( + f"/saved-searches/{search.id}", + headers={"Authorization": "Bearer " + create_jwt_token(UserType.GLOBAL_ADMIN)}, + ) + assert response.status_code == 404 + +@pytest.mark.django_db +def test_delete_saved_search_by_user_with_access(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[], + createdById=user + ) + response = client.delete( + f"/saved-searches/{search.id}", + headers={"Authorization": "Bearer " + create_jwt_token(user)}, + ) + assert response.status_code == 200 + assert response.json()["status"] == "success" + +@pytest.mark.django_db +def test_delete_saved_search_by_user_without_access_fails(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + user1 = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[], + createdById=user + ) + response = client.delete( + f"/saved-searches/{search.id}", + headers={"Authorization": "Bearer " + create_jwt_token(user1)}, + ) + assert response.status_code == 404 + +@pytest.mark.django_db +def test_list_saved_searches_by_global_view_returns_none(): + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[] + ) + response = client.get( + "/saved-searches", + headers={"Authorization": "Bearer " + create_jwt_token(UserType.GLOBAL_VIEW)}, + ) + assert response.status_code == 200 + assert response.json()["count"] == 0 + +@pytest.mark.django_db +def test_list_saved_searches_by_user_only_gets_their_search(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + user1 = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[], + createdById=user + ) + search2 = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[], + createdById=user1 + ) + response = client.get( + "/saved-searches", + headers={"Authorization": "Bearer " + create_jwt_token(user)}, + ) + assert response.status_code == 200 + assert response.json()["count"] == 1 + assert response.json()["result"][0]["id"] == str(search.id) + +@pytest.mark.django_db +def test_get_saved_search_by_global_view_fails(): + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[] + ) + response = client.get( + f"/saved-searches/{search.id}", + headers={"Authorization": "Bearer " + create_jwt_token(UserType.GLOBAL_VIEW)}, + ) + assert response.status_code == 404 + +@pytest.mark.django_db +def test_get_saved_search_by_user_passes(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[], + createdById=user + ) + response = client.get( + f"/saved-searches/{search.id}", + headers={"Authorization": "Bearer " + create_jwt_token(user)}, + ) + assert response.status_code == 200 + assert response.json()["name"] == search.name + +@pytest.mark.django_db +def test_get_saved_search_by_different_user_fails(): + user = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + user1 = User.objects.create( + firstName="", + lastName="", + email=f"{secrets.token_hex(4)}@example.com", + userType=UserType.STANDARD, + createdAt=datetime.now(), + updatedAt=datetime.now(), + ) + search = SavedSearch.objects.create( + name=f"test-{secrets.token_hex(4)}", + count=3, + sortDirection="", + sortField="", + searchTerm="", + searchPath="", + filters=[], + createdById=user1 + ) + response = client.get( + f"/saved-searches/{search.id}", + headers={"Authorization": "Bearer " + create_jwt_token(user)}, + ) + assert response.status_code == 404 + assert response.json() == {} \ No newline at end of file From aa217dcf688817c7959715441c57c184c48cbd6b Mon Sep 17 00:00:00 2001 From: Chrtorres Date: Wed, 30 Oct 2024 11:52:41 -0400 Subject: [PATCH 2/2] Code cleanup --- .../xfd_api/tests/test_saved_searches.py | 44 ++++++++++++------- 1 file changed, 28 insertions(+), 16 deletions(-) diff --git a/backend/src/xfd_django/xfd_api/tests/test_saved_searches.py b/backend/src/xfd_django/xfd_api/tests/test_saved_searches.py index 2be14806a..89d5a6a47 100644 --- a/backend/src/xfd_django/xfd_api/tests/test_saved_searches.py +++ b/backend/src/xfd_django/xfd_api/tests/test_saved_searches.py @@ -5,12 +5,13 @@ # Third-Party Libraries from fastapi.testclient import TestClient import pytest -from xfd_api.models import User, SavedSearch, UserType -from xfd_django.asgi import app from xfd_api.auth import create_jwt_token +from xfd_api.models import SavedSearch, User, UserType +from xfd_django.asgi import app client = TestClient(app) + @pytest.mark.django_db def test_create_saved_search_by_user(): user = User.objects.create( @@ -31,7 +32,7 @@ def test_create_saved_search_by_user(): "sortField": "", "searchTerm": "", "searchPath": "", - "filters": [] + "filters": [], }, headers={"Authorization": "Bearer " + create_jwt_token(user)}, ) @@ -40,6 +41,7 @@ def test_create_saved_search_by_user(): assert data["name"] == name assert data["createdById"] == str(user.id) + @pytest.mark.django_db def test_update_saved_search_by_global_admin_fails(): body = { @@ -49,7 +51,7 @@ def test_update_saved_search_by_global_admin_fails(): "sortField": "", "searchTerm": "", "searchPath": "", - "filters": [] + "filters": [], } search = SavedSearch.objects.create(**body) body["name"] = f"test-{secrets.token_hex(4)}" @@ -61,6 +63,7 @@ def test_update_saved_search_by_global_admin_fails(): ) assert response.status_code == 404 + @pytest.mark.django_db def test_update_saved_search_by_standard_user_with_access(): user = User.objects.create( @@ -78,7 +81,7 @@ def test_update_saved_search_by_standard_user_with_access(): "sortField": "", "searchTerm": "", "searchPath": "", - "filters": [] + "filters": [], } search = SavedSearch.objects.create(**body, createdById=user) body["name"] = f"test-{secrets.token_hex(4)}" @@ -93,6 +96,7 @@ def test_update_saved_search_by_standard_user_with_access(): assert data["name"] == body["name"] assert data["searchTerm"] == body["searchTerm"] + @pytest.mark.django_db def test_update_saved_search_by_standard_user_without_access_fails(): user = User.objects.create( @@ -119,7 +123,7 @@ def test_update_saved_search_by_standard_user_without_access_fails(): "searchTerm": "", "searchPath": "", "filters": [], - "createdById": user + "createdById": user, } search = SavedSearch.objects.create(**body) response = client.put( @@ -129,6 +133,7 @@ def test_update_saved_search_by_standard_user_without_access_fails(): ) assert response.status_code == 404 + @pytest.mark.django_db def test_delete_saved_search_by_global_admin_fails(): search = SavedSearch.objects.create( @@ -138,7 +143,7 @@ def test_delete_saved_search_by_global_admin_fails(): sortField="", searchTerm="", searchPath="", - filters=[] + filters=[], ) response = client.delete( f"/saved-searches/{search.id}", @@ -146,6 +151,7 @@ def test_delete_saved_search_by_global_admin_fails(): ) assert response.status_code == 404 + @pytest.mark.django_db def test_delete_saved_search_by_user_with_access(): user = User.objects.create( @@ -164,7 +170,7 @@ def test_delete_saved_search_by_user_with_access(): searchTerm="", searchPath="", filters=[], - createdById=user + createdById=user, ) response = client.delete( f"/saved-searches/{search.id}", @@ -173,6 +179,7 @@ def test_delete_saved_search_by_user_with_access(): assert response.status_code == 200 assert response.json()["status"] == "success" + @pytest.mark.django_db def test_delete_saved_search_by_user_without_access_fails(): user = User.objects.create( @@ -199,7 +206,7 @@ def test_delete_saved_search_by_user_without_access_fails(): searchTerm="", searchPath="", filters=[], - createdById=user + createdById=user, ) response = client.delete( f"/saved-searches/{search.id}", @@ -207,6 +214,7 @@ def test_delete_saved_search_by_user_without_access_fails(): ) assert response.status_code == 404 + @pytest.mark.django_db def test_list_saved_searches_by_global_view_returns_none(): search = SavedSearch.objects.create( @@ -216,7 +224,7 @@ def test_list_saved_searches_by_global_view_returns_none(): sortField="", searchTerm="", searchPath="", - filters=[] + filters=[], ) response = client.get( "/saved-searches", @@ -225,6 +233,7 @@ def test_list_saved_searches_by_global_view_returns_none(): assert response.status_code == 200 assert response.json()["count"] == 0 + @pytest.mark.django_db def test_list_saved_searches_by_user_only_gets_their_search(): user = User.objects.create( @@ -251,7 +260,7 @@ def test_list_saved_searches_by_user_only_gets_their_search(): searchTerm="", searchPath="", filters=[], - createdById=user + createdById=user, ) search2 = SavedSearch.objects.create( name=f"test-{secrets.token_hex(4)}", @@ -261,7 +270,7 @@ def test_list_saved_searches_by_user_only_gets_their_search(): searchTerm="", searchPath="", filters=[], - createdById=user1 + createdById=user1, ) response = client.get( "/saved-searches", @@ -271,6 +280,7 @@ def test_list_saved_searches_by_user_only_gets_their_search(): assert response.json()["count"] == 1 assert response.json()["result"][0]["id"] == str(search.id) + @pytest.mark.django_db def test_get_saved_search_by_global_view_fails(): search = SavedSearch.objects.create( @@ -280,7 +290,7 @@ def test_get_saved_search_by_global_view_fails(): sortField="", searchTerm="", searchPath="", - filters=[] + filters=[], ) response = client.get( f"/saved-searches/{search.id}", @@ -288,6 +298,7 @@ def test_get_saved_search_by_global_view_fails(): ) assert response.status_code == 404 + @pytest.mark.django_db def test_get_saved_search_by_user_passes(): user = User.objects.create( @@ -306,7 +317,7 @@ def test_get_saved_search_by_user_passes(): searchTerm="", searchPath="", filters=[], - createdById=user + createdById=user, ) response = client.get( f"/saved-searches/{search.id}", @@ -315,6 +326,7 @@ def test_get_saved_search_by_user_passes(): assert response.status_code == 200 assert response.json()["name"] == search.name + @pytest.mark.django_db def test_get_saved_search_by_different_user_fails(): user = User.objects.create( @@ -341,11 +353,11 @@ def test_get_saved_search_by_different_user_fails(): searchTerm="", searchPath="", filters=[], - createdById=user1 + createdById=user1, ) response = client.get( f"/saved-searches/{search.id}", headers={"Authorization": "Bearer " + create_jwt_token(user)}, ) assert response.status_code == 404 - assert response.json() == {} \ No newline at end of file + assert response.json() == {}