diff --git a/.gitignore b/.gitignore index 292ac9349..8c3b39d19 100644 --- a/.gitignore +++ b/.gitignore @@ -268,20 +268,5 @@ paket-files/ .idea/ *.sln.iml -## Secret Files -secrets.config -test_credentials.py -credentials.py - # Environment Specific app settings appsettings.*.json - -## Python -# Byte-compiled / optimized / DLL files -__pycache__/ -*.py[cod] -*$py.class - -## Virtual Env -venv/ -ENV/ diff --git a/Gordon360.sln b/Gordon360.sln index e7ba3d781..07b07ebf7 100644 --- a/Gordon360.sln +++ b/Gordon360.sln @@ -13,14 +13,14 @@ EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU - Gordon360|Any CPU = Gordon360|Any CPU + Release|Any CPU = Release|Any CPU EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {47DF568B-4E41-4398-BD88-B6BAB507334A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {47DF568B-4E41-4398-BD88-B6BAB507334A}.Debug|Any CPU.Build.0 = Debug|Any CPU - {47DF568B-4E41-4398-BD88-B6BAB507334A}.Gordon360|Any CPU.ActiveCfg = Release|Any CPU - {47DF568B-4E41-4398-BD88-B6BAB507334A}.Gordon360|Any CPU.Build.0 = Release|Any CPU - {47DF568B-4E41-4398-BD88-B6BAB507334A}.Gordon360|Any CPU.Deploy.0 = Release|Any CPU + {47DF568B-4E41-4398-BD88-B6BAB507334A}.Release|Any CPU.ActiveCfg = Release|Any CPU + {47DF568B-4E41-4398-BD88-B6BAB507334A}.Release|Any CPU.Build.0 = Release|Any CPU + {47DF568B-4E41-4398-BD88-B6BAB507334A}.Release|Any CPU.Deploy.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/Gordon360/.config/dotnet-tools.json b/Gordon360/.config/dotnet-tools.json new file mode 100644 index 000000000..e80b80ff0 --- /dev/null +++ b/Gordon360/.config/dotnet-tools.json @@ -0,0 +1,12 @@ +{ + "version": 1, + "isRoot": true, + "tools": { + "dotnet-ef": { + "version": "6.0.5", + "commands": [ + "dotnet-ef" + ] + } + } +} \ No newline at end of file diff --git a/Gordon360/Gordon360.csproj b/Gordon360/Gordon360.csproj index af29a2e8d..077aba1a3 100644 --- a/Gordon360/Gordon360.csproj +++ b/Gordon360/Gordon360.csproj @@ -1,6 +1,7 @@  Exe + Debug;Release bin\ @@ -11,22 +12,13 @@ bin\ - - Designer - + <_WebToolingArtifacts Remove="Properties\PublishProfiles\Production.pubxml" /> + <_WebToolingArtifacts Remove="Properties\PublishProfiles\Train.pubxml" /> + + Always - - Designer - - - Web.config - - - Web.config - Designer - @@ -40,11 +32,6 @@ - - - - - diff --git a/MakePublishProfiles.md b/MakePublishProfiles.md deleted file mode 100644 index 5102cdbcc..000000000 --- a/MakePublishProfiles.md +++ /dev/null @@ -1,27 +0,0 @@ -# How to create the Publish Profiles to publish the API to the Sites - -## Table of Contents - -- [Why we need Publish Profiles](#why-we-need-publish-profiles) -- [Why don't we have the publish profiles](#why-dont-we-have-the-publish-profiles) -- [How to create the Publish Profiles](#how-to-create-the-publish-profiles) - -## Why we need Publish Profiles - -The publish profiles are a tool used by Visual Studio to publish the latest build of a project (in this case, the API). While it is possible to publish manually, it takes more time, is harder to teach, and easier to mess up. - -## Why Don't we have the Publish Profiles - -There are a few possibilities: -1. You cloned the API into a new location. Since the publish profiles are tracked by Visual Studio and not Git, a new clone of the API won't include the profiles. -2. They somehow got deleted. - -## How to Create the Publish Profiles - -1. Follow the instructions for deploying to the API site [Deploying to the API site](README.md#deploying-to-the-api-site) until you have to choose a publish profile. If you see the publish page with a DEV or Prod profile, your profiles already exist. You're all set. Otherwise, you will either see the pop up window to pick a publish target, or else you can click start or new profile from the publish menu. -2. Within the "Pick a Publish Target" window, select Folder, and then browse the files. You want to select `Data (F:)` -> `Sites` -> `360Api` or `360ApiTrain` (the former for Prod, the latter for DEV). -3. Your Folder should now be set to `F:\Sites\360Api(Train)`. Select `Advanced` beneath the filepath. If you are making the DEV profile, set the configuration to Debug. Otherwise, leave it as Release for Prod. -4. Click `Create Profile`. -5. Finally, click the `Actions` drop down and rename profile to either DEV or Prod. - -Now, you have your publish profiles. Simply select the one you want to use and click `Publish`. diff --git a/Tests/ApiEndpoints/colors.py b/Tests/ApiEndpoints/colors.py deleted file mode 100644 index 508b8d297..000000000 --- a/Tests/ApiEndpoints/colors.py +++ /dev/null @@ -1,11 +0,0 @@ -# Printing in color. - -HEADER = '' -OKBLUE = '' -OKGREEN = '' -WARNING = '' -FAIL = '' -ENDC = '' -BOLD = '' -UNDERLINE = '' - diff --git a/Tests/ApiEndpoints/gordon_360_tests.py b/Tests/ApiEndpoints/gordon_360_tests.py deleted file mode 100644 index 4449220c3..000000000 --- a/Tests/ApiEndpoints/gordon_360_tests.py +++ /dev/null @@ -1,8 +0,0 @@ -import gordon_360_tests_member -import gordon_360_tests_leader - - -if __name__ == '__main__': - gordon_360_tests_member.main() - gordon_360_tests_leader.main() - diff --git a/Tests/ApiEndpoints/gordon_360_tests_leader.py b/Tests/ApiEndpoints/gordon_360_tests_leader.py deleted file mode 100644 index c3b29b6b2..000000000 --- a/Tests/ApiEndpoints/gordon_360_tests_leader.py +++ /dev/null @@ -1,1693 +0,0 @@ -# Activity Leader Test Suite for Project Raymond -# Some of the tests are replicates from the Regular member suite. -# This repetitions is intended. We want to make sure some permission don't accross roles. - - -from test_components import requests -from test_components import TestCase - -# Public configuration options -import test_config -# Private configuration options -import test_credentials -import test_components as api - -# Constants -LEADERSHIP_POSITIONS = test_config.leadership_positions -REQUEST_STATUS_APPROVED = 'Approved' -REQUEST_STATUS_DENIED = 'Denied' -REQUEST_STATUS_PENDING = 'Pending' - - -# Configuration Details -username = test_credentials.username_activity_leader -password = test_credentials.password_activity_leader -my_id_number = test_credentials.id_number_activity_leader -grant_payload = { 'username':username, 'password':password, 'grant_type':'password' } - -random_id_number = test_config.random_id_number # When we need to impersonate someone -activity_code = test_config.activity_code # The activity we are a leader of -hostURL = test_config.hostURL - - -# Runner -def main(): - """ Test Runner - - Runs all subclasses of the TestCase class. - """ - # Create an authorized session to test authorized calls. - r = requests.post(hostURL+'token',grant_payload) - access_token = r.json()["access_token"] - authorization_header = "Bearer " + access_token - authorized_session = requests.Session() - authorized_session.verify = True - authorized_session.headers.update({ "Authorization":authorization_header }) - - print ('****************************************') - print ('TESTING GORDON 360 AS ACTIVITY LEADER...') - print ('****************************************') - testCount = 0 - # Loop through all Test Cases and run tests. - for cls in TestCase.__subclasses__(): - if '___activity_leader' in cls.__name__: - if cls.__name__ == 'authenticate_with_valid_credentials': - testclass = cls() - testclass.runTest() - testCount += 1 - else: - testclass = cls(session=authorized_session) - testclass.runTest() - testCount += 1 - print ('Ran {0} tests.'.format(testCount)) - - -# # # # # # # # # # # # -# AUTHENTICATION TESTS # -# # # # # # # # # # # # - -class authenticate_with_valid_credentials___activity_leader(TestCase): - """ Given valid credentials, verify that authentication is successful. - - Expectations: - Endpoint -- token/ - Expected Status code -- 200 Ok - Expected Content -- Json Object with access_token attribute. - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'token' - self.token_payload = { 'username':username, 'password':password, 'grant_type':'password' } - - def test(self): - response = api.post(self.session, self.url, self.token_payload) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json, got {0}.'.format(response.text)) - else: - if not 'access_token' in response.json(): - self.log_error('Expected access token in response, got {0}.'.format(response.json())) - - -# # # # # # # # # # # -# MEMBERSHIP TESTS # -# # # # # # # # # # # -class get_all_memberships___activity_leader(TestCase): - """ Test retrieving all membership resources. - - Pre-conditions: - Valid Authentication Header. - Expectations: - Endpoint -- memberships/ - Expected Status code -- 200 Ok - Expected Content -- List - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Response was not a list') - - -class get_one_membership___activity_leader(TestCase): - """ Retrieve a specific membership resource. - - Pre-conditions: - Valid Authentication header - Expectations: - Endpoint -- api/memberships/:id - Expected Status Code -- 200 OK - Expected Content -- A Json Object with a MembershipID attribute. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - self.membershipID = -1 - - - def setup(self): - # Find a valid membership id - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Error in setup for {0}. Expected 200 OK, got {1}.'.format(self.test_name, response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Error in setup for {0}. Expected json response body, got {1}.'.format(self.test_name, response.text)) - else: - try: - self.membershipID = response.json()[0]['MembershipID'] - self.url = self.url + str(self.membershipID) - except KeyError: - self.log_error('Error in setup for {0}. Expected MembershipID in response body, got {1}.'.format(self.test_name, self.response.json())) - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not ('MembershipID' in response.json()): - self.log_error('Expected MembershipID in jsob object, got {0}.'.format(response.json())) - -class get_all_my_memberships___activity_leader(TestCase): - """ Verify that a regular member can fetch memberships associated with them. - - Pre-Conditions: - Valid Authentication Header. - Expectations: - Endpoints -- api/memberships/student/:id - Expected Status Code -- 200 OK - Expected Reponse Content -- A list of json objects - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/student/' + str(my_id_number) - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Response was not a list.') - - - -class get_all_memberships_for_someone_else___activity_leader(TestCase): - """ Verify that regular member can fetch someone else's memberships. - - Pre-Conditions: - Valid Authentication Header. - Authenticated as regular member. - Expectations - Endpoint -- api/memberships/student/:id - Expected Status Code -- 200 OK. - Expected Response Content -- A list of json objects. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/student/' + str(random_id_number) - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Response was not a list') - - - - -class get_memberships_for_an_activity___activity_leader(TestCase): - """ Verify that a regular member can fetch memberships for an activity. - - Pre-Conditions: - Valid Authentication Header. - Expectations: - Endpoint -- api/memberships/activity/:id - Expected Status Code -- 200 OK - Expected Response Content -- A list of json Objects. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/activity/' + activity_code - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Response was not a list.') - - - -class get_leader_memberships_for_an_activity___activity_leader(TestCase): - """ Verify that a regular member can fetch all leaders for a specific activity. - - Pre-Conditions: - Valid Authentication Header. - Authenticated as regular member. - Expectations: - Endpoint -- api/memberships/activity/:id/leaders - Expected Status Code -- 200 OK - Expected Response Content -- A list of json objects. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/activity/' + activity_code + '/leaders' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Response was not a list.') - - -class post_new_guest_membership_for_someone_else__activity_leader(TestCase): - """ Verify that an activity leader can create a Guest membership for someone. - - Pre-conditions: - Valid Authentication Header. - Expectations: - Endpoints -- api/memberships/ - Expected Statis Cpde -- 201 Created. - Expected Content -- A Json object with a MEMBERSHIP_ID attribute. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'GUEST', - 'BEGIN_DTE':'06/10/2016', - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - # We will get the actual id when we post. - # Setting it -1 to check later that we got an id from the post. - self.createdMembershipID = -1 - - def test(self): - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - self.log_error('Expected 201 Created, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not ('MEMBERSHIP_ID' in response.json()): - self.log_error('Expected MEMBERSHIP_ID in json response, got {0}.'.format(response.json())) - else: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - - def cleanup(self): - # We try to delete the membership we created - if self.createdMembershipID < 0: # The creation wasn't successfull - self.log_error('Expected valid membership ID, got {0}.'.format(self.createdMembershipID)) - else: - d = api.delete(self.session, self.url + str(self.createdMembershipID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}'.format(self.test_name)) - - return - -class post_new_membership_for_someone___activity_leader(TestCase): - """ Verify that an activity leader can create a membership for someone. - - Pre-Conditions: - Valid Authentication Header - Authenticated as Activity Leader - Expectations: - Endpoint -- api/memberships/ - Expected Status Code -- 200 OK - Expected Content -- A json response with the created membership - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - self.data = {} - self.createdMembershipID = -1 - - def setup(self): - # Add a new participant - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'PART', - 'BEGIN_DTE':'06/10/2016', - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - - } - - def test(self): - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - self.log_error('Expected 201 Created, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - except KeyError: - self.log_error('Expected MEMBERSHIP ID in response, got {0}.'.format(response.json())) - - def cleanup(self): - # We try to delete the membership we created - if self.createdMembershipID < 0: # The creation was not successfull - self.log_error('Expected valid memberhsip ID, got {0}.'.format(self.createdMembershipID)) - else: - d = api.delete(self.session, self.url + str(self.createdMembershipID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}. Expected , got {1}.'.format(self.test_name, d.status_code)) - - -class post_new_leader_membership_for_someone___activity_leader(TestCase): - """ Verify that an activity leader can assign a new leader - - Pre-Conditions: - Valid Authentication Header - Authenticated as Activity Leader - Expectations: - Endpoint -- api/memberships/ - Expected Status Code -- 200 OK - Expected Content -- A json response with the created membership - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - self.data = {} - self.createdMembershipID = -1 - - def setup(self): - # Add a new leader - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'DIREC', - 'BEGIN_DTE':'06/10/2016', - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - - def test(self): - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - self.log_error('Expected 201 Created, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - except KeyError: - self.log_error('Expected MEMBERSHIP_ID in response, got {0}.'.format(response.json())) - - def cleanup(self): - # We try to delete the membership we created - if self.createdMembershipID < 0: # The creation was not successful - self.log_error('Expected valid memberhsip ID, got {0}.'.format(self.createdMembershipID)) - else: - d = api.delete(self.session, self.url + str(self.createdMembershipID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}. Expected , got {1}.'.format(self.test_name, d.status_code)) - - -class put_edited_membership_member_to_leader___activity_leader(TestCase): - """ Verify that an activity leader can upgrade a normal membership to leader status. - - Pre-Conditions: - Valid Authentication Header - Authenticated as Activity Leader - Expectations: - Endpoint -- api/memberships/:id - Expected Status Code -- 200 OK - Expected Content -- A json object with a MEMBERSHIP_ID attribute. - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - self.data = {} - self.createdMembershipID = -1 - - def setup(self): - # The membership to modify - self.predata = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'PART', # Is a participant at first. - 'BEGIN_DTE':'06/10/2016', # Old start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - r = api.postAsJson(self.session, self.url, self.predata) - try: - self.createdMembershipID = r.json()["MEMBERSHIP_ID"] - # Updated Data - self.data = { - 'MEMBERSHIP_ID' : self.createdMembershipID, - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'DIREC', # Upgrade him to director. - 'BEGIN_DTE':'02/10/2016', # New start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - except (KeyError, ValueError): - self.log_error('Error in setup for {0}.'.format(self.test_name)) - - def test(self): - response = api.putAsJson(self.session, self.url + str(self.createdMembershipID), self.data) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - response.json()['MEMBERSHIP_ID'] - except KeyError: - self.log_error('Expected MEMBERSHIP_ID in json response, got {0}.'.format(response.json())) - - - def cleanup(self): - # We try to delete the membership we created - if self.createdMembershipID < 0: # The Creation wasn't successfull. ID is still -1. - self.log_error('Expected valid membership ID, got {0}.'.format(self.createdMembershipID)) - else: - d = api.delete(self.session, self.url + str(self.createdMembershipID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}'.format(self.test_name)) - -class put_edited_membership_leader_to_member___activity_leader(TestCase): - """ Verify that an activity leader can demote a leader membership. - - Pre-Conditions: - Valid Authentication Header - Authenticated as Activity Leader - Expectations: - Endpoint -- api/memberships/:id - Expected Status Code -- 200 OK - Expected Content -- A json object with a MEMBERSHIP_ID attribute. - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - self.data = {} - self.createdMembershipID = -1 - - def setup(self): - # The membership to modify - self.predata = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'DIREC', # Is a leader at first - 'BEGIN_DTE':'06/10/2016', # Old start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - r = api.postAsJson(self.session, self.url, self.predata) - try: - self.createdMembershipID = r.json()["MEMBERSHIP_ID"] - # Updated Data - self.data = { - 'MEMBERSHIP_ID' : self.createdMembershipID, - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'PART', # Demote him to participant - 'BEGIN_DTE':'02/10/2016', # New start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - except (KeyError, ValueError): - self.log_error('Error in setup for {0}.'.format(self.test_name)) - - def test(self): - response = api.putAsJson(self.session, self.url + str(self.createdMembershipID), self.data) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - response.json()['MEMBERSHIP_ID'] - except KeyError: - self.log_error('Expected MEMBERSHIP_ID in json response, got {0}.'.format(response.json())) - - - def cleanup(self): - # We try to delete the membership we created - if self.createdMembershipID < 0: # The Creation wasn't successfull. ID is still -1. - self.log_error('Expected valid membership ID, got {0}.'.format(self.createdMembershipID)) - else: - d = api.delete(self.session, self.url + str(self.createdMembershipID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}'.format(self.test_name)) - - - -class delete_valid_membership___activity_leader(TestCase): - """ Verify that a an activity leader can delete someone else's membership. - - Pre-Conditions: - Valid Authentication header. - Authenticated as regular member for the activity. - Expectations: - Endpoint -- api/memberships/ - Expected Status Code -- 200 OK - Expected Response Content -- The membership resource that wad delteed. - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/' - self.createdMembershipID = -1 - - def setup(self): - # Create a Memerships that we'll eventually delete - self.predata = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'PART', - 'BEGIN_DTE':'06/10/2016', - 'END_DTE':'07/16/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - r = api.postAsJson(self.session, self.url, self.predata) - try: - self.createdMembershipID = r.json()['MEMBERSHIP_ID'] - except (ValueError, KeyError): - self.log_error('Error doing setup for {0}'.format(self.test_name)) - - def test(self): - response = api.delete(self.session, self.url + str(self.createdMembershipID)) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not ('MEMBERSHIP_ID' in response.json()): - self.log_error(self.log_error('Expected MEMBERSHIP_ID in response, got {0}.'.format(response.json()))) - - - -# # # # # # # # # # # # # # -# MEMBERSHIP REQUEST TESTS # -# # # # # # # # # # # # # # - -class get_all_membership_requests___activity_leader(TestCase): - """ Verify that an activity leader cannot access all membership requests. - - Pre-Conditions: - Valid Authentication Header. - Authenticated as activity leader. - Expectations: - Endpoint -- api/requests/ - Expected Status Code -- 401 Unauthorized - Expected Response Content -- Empty response content. - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response body, got {0}.'.format(response.text)) - -class get_membership_requests_for_activity___activity_leader(TestCase): - """ Verify that the activity leader can get requests to join the activity he/she is leading - - Pre-Conditions: - Valid Authentication Header. - Authenticated as activity leader. - Expectations: - Endpoint -- api/requests/activity/:id - Expected Status Code -- 200 OK - Expected Response Body -- List of json objects representing the membership requests. - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/activity/' + activity_code - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list in response body, got {0}.'.format(response.json())) - - -class get_membership_requests_for_someone_else___activity_leader(TestCase): - """ Verify that an activity leader cannot get the membership requests of someone else. - - Pre-Conditions: - Valid Authentication Header - Authenticated as activity leader - Expectations: - Endpoint -- api/requests/student/:id - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/student/' + str(random_id_number) - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response bodty, got {0}.'.format(response.text)) - -class get_all_my_membership_requests___activity_leader(TestCase): - """ Verify that an activity leader can retrieve all requests belonging to them. - - Pre-Conditions: - Valid Authentication Header. - Authenticated as regular member. - Expectations: - Endpoint -- api/requests/student/:id - Expected Status Code -- 200 OK - Expected Response Body -- A list of membership requests - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/student/' + str(my_id_number) - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class post_valid_membership_request___activity_leader(TestCase): - """ Verify that we can create a membership request. - - Pre-conditions: - Valid Authentication Header. - Expectations: - Endpoints -- api/requests/ - Expected Status Cpde -- 201 Created. - Expected Content -- A Json object with a REQUEST_ID attribute. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - # We will get the actual id when we post. - # Setting it -1 to check later that we got an id from the post. - self.requestID = -1 - - def test(self): - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - self.log_error('Expected 201 Created, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected json response, got {0}.'.format(response.text)) - else: - try: - self.requestID = response.json()['REQUEST_ID'] - if not response.json()['STATUS'] == REQUEST_STATUS_PENDING: - self.log_error('Expected Pending status , got {0}.'.format(response.json())) - except KeyError: - self.log_error('Expected REQUEST_ID in response body, got {0}.'.format(response.json())) - - def cleanup(self): - # We try to delete the request we created - if self.requestID < 0: # The creation wasn't successfull - self.log_error('Could not delete request with id of {0}'.format(self.requestID)) - else: - d = api.delete(self.session, self.url + str(self.requestID)) - if not d.status_code == 200: - self.log_error('There was a problem performing cleanup for {0}'.format(self.test_name)) - -class post_membership_request_for_someone_else___activity_leader(TestCase): - """ Verify that we can't create a membership request for someone else. - - Pre-conditions: - Valid Authentication Header. - Authenticated as Activity Leader member. - Expectations: - Endpoints -- api/requests/ - Expected Status Code -- 401 Unauthorized. - Expected Response Content -- Empty Response. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - # We will get the actual id when we post. - self.requestID = -1 - - def test(self): - response = api.post(self.session, self.url, self.data) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response, got {0}.'.format(response.text)) - if response.status_code == 201: - self.log_error('Will try to delete resource...') - try: - self.requestID = response.json()['REQUEST_ID'] - except (ValueError, KeyError): - self.log_error('Error in test for {0}.'.format(self.test_name)) - - def cleanup(self): - # If the creation went through, let's delete the resource - if self.requestID >= 0: - self.log_error('Request {0} was created even though it was supposed to be unauthorized'.format(self.requestID)) - d = api.delete(self.session, self.url + str(self.requestID)) - if d.status_code == 200: - self.log_error('Unauthorized resource deleted.') - else: - self.log_error('Error deleting unauthorized resource.') - - -class put_membership_request___activity_leader(TestCase): - """ Verify that an activity leader can't edit a membership request through a put request. - - Pre-Conditions: - Valid Authorization Header. - Authenticated as activity leader. - Expectations: - Endpoint -- api/requests/:id - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + '/api/requests/' - self.predata = {} - self.data = {} - self.requestID = -1 - - def setup(self): - self.predata = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - response = api.postAsJson(self.session, self.url, self.predata) - try: - self.requestID = response.json()['REQUEST_ID'] - self.data = { - 'REQUEST_ID': self.requestID, - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, #Changing values to emulate attacker muhahah - 'PART_CDE':'PART', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - except ValueError: - self.log_error('Error performing setup for {0}.'.format(self.test_name)) - - - def test(self): - response = api.putAsJson(self.session, self.url + str(self.requestID), self.data) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response body, got {0}.'.format(response.text)) - - def cleanup(self): - d = api.delete(self.session, self.url + str(self.requestID)) - if not d.status_code == 200: - self.log_error('There was error performing cleanup for {0}.'.format(self.test_name)) - - -class delete_memberhsip_request___activity_leader(TestCase): - """ Verify that an activity leader can delete a membership request for his activity - - Pre-Conditions: - - Expectations: - Endpoints -- api/requests/:id - Expected Status Code -- 200 OK - Expected Response Body -- The request that was deleted - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - self.predata = {} - self.requestID = -1 - - def setup(self): - self.predata = { - 'ACT_CDE': activity_code, - 'SESS_CDE': '201501', - 'PART_CDE': 'PART', - 'ID_NUM': my_id_number, - 'DATE_SENT': '07/19/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - response = api.postAsJson(self.session, self.url, self.predata) - if not response.status_code == 201: - self.log_error('Error in setup for {0}. Expected 201 Created, got {1}.'.format(self.test_name, response.status_code)) - else: - self.requestID = response.json()['REQUEST_ID'] - - def test(self): - response = api.delete(self.session, self.url + '/' + str(self.requestID)) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - response.json()['REQUEST_ID'] - except KeyError: - self.log_error('Expected REQUEST_ID in response body, got {0}.'.format(response.json())) - - - - - -class allow_someone_to_join_my_activity___activity_leader(TestCase): - """ Verify that the activity leader can accept a request directed at their activity. - - Pre-Conditions: - Valid Authentication Header - Authenticated as Activity Leader - Expectations: - Endpoints -- api/requests/:id/approve - Expected Status Code -- 200 OK - Expected Response Body -- Json response with the request that was accepted. - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - self.data = {} - self.requestID = -1 - self.membershipID = -1 - - def setup(self): - #Create a memberships request for the trash club. - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - self.log_error('Error in setup for {0}. Expected 201 Created, got {1}.'.format(self.test_name, response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Error in setup for {0}. Expected json response, got {1}.'.format(self.test_name, response.text)) - else: - try: - self.requestID = response.json()['REQUEST_ID'] - except KeyError: - self.log_error('Error in setup for {0}. Expected REQUEST_ID in response, got {1}.'.format(self.test_name, response.json())) - - def test(self): - response = api.postAsJson(self.session, self.url + str(self.requestID) + '/approve', None) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - self.membershipID = response.json()['MEMBERSHIP_ID'] - except KeyError: - self.log_error('Expected MEMBERSHIP_ID in response bady, got {0}.'.format(response.json())) - - - def cleanup(self): - # We try to delete the request we made - if self.requestID < 0: # The request was not successful - self.log_error('Error in cleanup for {0}. Expected valid request ID, got {1}.'.format(self.test_name, self.requestID)) - else: - d = api.delete(self.session, self.url + str(self.requestID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}. Expected 200 OK when deleting request, got {1}.'.format(self.test_name, d.status_code)) - # We try to delete the membership we created - if self.membershipID < 0: # membership creatino was not successful - self.log_error('Error in cleanup for {0}. Expected valid membership ID, got {1}.'.format(self.test_name, self.membershipID)) - else: - d = api.delete(self.session, hostURL + 'api/memberships/' + str(self.membershipID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}. Expected 200 OK when deleting membership, got {1}.'.format(self.test_name, d.status_code)) - - - -class deny_someone_joining_my_activity___activity_leader(TestCase): - """ Verify that the activity leader can deny a request directed at their activity. - - Pre-Conditions: - Valid Authentication Header - Authenticated as Activity Leader - Expectations: - Endpoints -- api/requests/:id/deny - Expected Status Code -- 200 OK - Expected Response Body -- Json response with the request that was denied - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - self.data = {} - self.requestID = -1 - - def setup(self): - #Create a memberships request for the trash club. - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - self.log_error('Error in setup for {0}. Expected 201 Created, got {1}.'.format(self.test_name, response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Error in setup for {0}. Expected json response, got {1}.'.format(self.test_name, response.text)) - else: - try: - self.requestID = response.json()['REQUEST_ID'] - except KeyError: - self.log_error('Error in setup for {0}. Expected REQUEST_ID in response, got {1}.'.format(self.test_name, response.json())) - - def test(self): - response = api.postAsJson(self.session, self.url + str(self.requestID) + '/deny', None) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - if not response.json()['STATUS'] == REQUEST_STATUS_DENIED: - self.log_error('Expected approved request, got {0}.'.format(response.json())) - except KeyError: - self.log_error('Expected STATUS in response bady, got {0}.'.format(response.json())) - - def cleanup(self): - # We try to delete the request we made - if self.requestID < 0: # The request was not successful - self.log_error('Error in cleanup for {0}. Expected valid request ID, got {1}.'.format(self.test_name, self.requestID)) - else: - d = api.delete(self.session, self.url + str(self.requestID)) - if not d.status_code == 200: - self.log_error('Error in cleanup for {0}. Expected 200 OK, got {1}.'.format(self.test_name, d.status_code)) - - -# # # # # # # # # # # -# SUPERVISOR TESTS # -# # # # # # # # # # - -class get_all_supervisors___activity_leader(TestCase): - """ Verify that an activity leader cannot view all supervisors. - - Pre-Conditions: - Valid Authentication Header. - Authenticated as Activity leader - Expectations: - Endpoint -- api/supervisors/ - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/supervisors/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 401: - self.log_error('Expected Status Code 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Got non-empty response body.') - - -class get_supervisors_for_activity___activity_leader(TestCase): - """ Verify that an activity leader can get supervisors for activity - - Pre-Conditions: - Valid Authentication Header. - Authenticated as activity leader. - Expectations: - Endpoint -- api/supervisors/activity/:id - Expected Status Code -- 200 OK - Expected Response Body -- list of json objects - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/supervisors/activity/' + activity_code - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - -class post_supervisor___activity_leader(TestCase): - """ verify that an activity leader can't add a supervisor - - Pre-Conditions: - Valid Authentication Header. - Authenticated as activity leader. - Expectations: - Endpoint -- api/supervisors/ - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/supervisors/' - self.data = {} - self.supervisorID = -1 - - def setup(self): - self.data = { - 'ID_NUM' : my_id_number, - 'ACT_CDE' : activity_code, - 'SESS_CDE' : '201501' - } - - def test(self): - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response body, got {0}.'.format(response.text)) - if response.status_code == 201: - self.log_error('Delete the unauthorized resource...') - try: - self.supervisorID = response.json()['SUP_ID'] - except ValueError: - self.log_error('Problem accessing compromised resource.') - - - def cleanup(self): - if self.supervisorID > 0: # Unauthorized creation took place - d = api.delete(self.session, self.url + str(self.supervisorID)) - if response.status_code == 200: # Deletion was not successful - self.log_error('Unauthorized resource deleted.') - else: - self.log_error('Error deleting Unauthorized resource.') - -class put_supervisor___activity_leader(TestCase): - """ Verify that an activity leader can't edit an existing supervisor - - Pre-Conditions: - Valid Authentication Header. - Authenticated as regular member. - Expectations: - Endpoint -- api/supervisors/:id - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - def __init__(self , session=None): - super().__init__(session) - # Trying to update a random supervisor - self.url = hostURL + 'api/supervisors/' - tempID = 0 - # Iterate until we find a valud supervisor - response = api.get(self.session,self.url + str(tempID)) - while response.status_code == 404: - tempID = tempID + 1 - response = api.get(self.session, self.url + str(tempID)) - - self.data = { - 'SUP_ID' : tempID, - 'ACT_CDE' : activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM' : my_id_number - } - self.supervisorID = -1 - - def test(self): - response = api.putAsJson(self.session, self.url + str(self.data['SUP_ID']), self.data) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty respone body, got {0}.'.format(response.text)) - if response.status_code == 200: # If supervisor was updated - self.log_error('Unauthorized update. Attempting to delete...') - try: - self.supervisorID = response.json()['SUP_ID'] - except (ValueError, KeyError): - self.log_error('Error accessing compromised supervisor.') - - def cleanup(self): - if self.supervisorID > 0: # The supervisor was updated. - d = api.delete(self.session, self.url) - if d.status_code == 200: - self.log_error('Compromised resource deleted.') - else: - self.log_error('Unable to delete compromised resource.') - -# This test might need to be removed if the authorization process for supervisors is altered. -class delete_supervisor___activity_leader(TestCase): - """ Verify that an activity leader can't delete a supervisor - - Pre-Conditions: - Valid Authentication Header - Authenticated as activity leader - Expectations: - Endpoint -- api/supervisors/:id - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/supervisors/2' - - def test(self): - response = api.delete(self.session, self.url) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty body, got {0}.'.format(response.text)) - -# # # # # # # # # -# ACTIVITY TESTS # -# # # # # # # # # - -class get_all_activities___activity_leader(TestCase): - """ Verify that an activity leader can get all activities. - - Pre-Conditions: - Valid Authentication Header. - Expectations: - Endpoint -- api/activities/ - Expected Status Code -- 200 OK - Expected Response Body -- List of activities - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/activities/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK , got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(respons.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - -class get_one_activity___activity_leader(TestCase): - """ Verify that an activity leader can a single activity. - - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/activities - Expected Status Code -- 200 OK - Expected Response Body -- Json object with activity resource - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/activities/' + activity_code - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - response.json()['ActivityCode'] - except KeyError: - self.log_error('Expected ACT_CDE in response, got {0}.'.format(response.json())) - -class get_activities_for_session___activity_leader(TestCase): - """ Verify that an activity leader can get all activities for specific session. - - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/activities/session/:id - Expected Status Code -- 200 OK - Expected Response Body -- list of activities - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/activities/session/' - self.sessionID = -1 - - def setup(self): - response = api.get(self.session, hostURL + 'api/sessions/current') - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Error in setup for {0}. Expected json in response body, got {1}.'.format(self.test_name, response.text)) - else: - try: - self.sessionID = response.json()['SessionCode'] - except KeyError: - self.log_error('Error in setup for {0}. Expected SessionCode in response body, got {1}.'.format(self.test_name, response.json())) - - def test(self): - response = api.get(self.session, self.url + str(self.sessionID)) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.json())) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - -class update_activity___activity_leader(TestCase): - """ Verify that an activity leader can update activity information. - - Pre-Conditions: - Valid Authentication Header - Authenticated as activity leader - Expectations: - Endpoints -- api/activities/:id - Expected Status Code -- 200 Ok - Expected Response Body -- Updated activity information - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/activities/' + activity_code - self.data = {} - - def setup(self): - self.data = { - "ACT_CDE" : activity_code, - "ACT_BLURB" : 'BLURB GENERATED BY THE TEST SUITE.IGNORE', - "ACT_URL" : 'http://www.lolcats.com/' - } - - def test(self): - response = api.putAsJson(self.session, self.url , self.data) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected json in response body, got {0}.'.format(response.text)) - else: - try: - response.json()['ACT_CDE'] - except ValueError: - self.log_error('Expected ACT_CDE in response body, got {0}.'.format(response.json())) - -class update_activity_image___activity_leader(TestCase): - """ Verify that an activity leader can update the activity image. - - Pre-Conditions: - Valid Authentication Header - Authenticated as an activity leader - Expectations: - Endpoint -- api/activities/:id/image - Expected Status Code -- 200 OK - Expected Json response -- Empty respons body. - """ - def __init___(self, session=None): - pass - def setup(self): - pass - def test(self): - pass - -# # # # # # # # # # # # -# PARTICIPATIONS TEST # -# # # # # # # # # # # # - - -class get_all_participations___activity_leader(TestCase): - """ Verify that an activity leader can get all participations - - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/participations - Expected Status Code -- 200 OK - Expected Response Body -- List of all participations - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/participations' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - -class get_one_participation___activity_leader(TestCase): - """ Verify that an activity leader can get a specific participation object - - Pre-Conditions: - Valud Authentication Header - Expectations: - Endpoint -- api/participations - Expected Status Code -- 200 OK - Expected Response Body -- A participation object - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/participations/MEMBR' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueErrror: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - response.json()['ParticipationCode'] - except KeyError: - self.log_error('Expected ParticipationCode in response, got {0}.'.format(response.json())) - - -# # # # # # # # # -# SESSIONS TEST # -# # # # # # # # # - - -class get_all_sessions___activity_leader(TestCase): - """ Verify that an activity leader can get all session objects - - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/sessions/ - Expected Status Code -- 200 OK - Expected Response Body -- List of session resources - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/sessions/' - - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.json())) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_one_session___activity_leader(TestCase): - """ Verify that an activity leader can get a session object - - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/sessions/:id - Expected Status Code -- 200 OK - Expected Response Body -- A session resource. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/sessions/201501' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - response.json()['SessionCode'] - except KeyError: - self.log_error('Expected SessionCode in response, got {0}.'.format(response.json())) - - -# # # # # # # # # -# STUDENTS TEST # -# # # # # # # # # - - -class get_all_students___activity_leader(TestCase): - """ Verify that an activity leader cannot list all students - - Pre-Conditions: - Valid Authentications Header - Expectations: - Endpoint -- api/students - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/students/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response body, got {0}.'.format(response.text)) - - -class get_student_by_id___activity_leader(TestCase): - """ Verify that an activity leader can get a student resource - - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/students/:id - Expected Status Code -- 200 Ok - Expected Response Body -- A json response with the student resource - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/students/' + str(random_id_number) - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got{0}.'.format(response.text)) - else: - try: - response.json()['StudentID'] - except KeyError: - self.log_error('Expected StudentID in response, got{0}.'.format(response.json())) - - -class get_student_by_email___activity_leader(TestCase): - """ Verify that an activity leader get a student resource by email. - - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/students/email/:email - Expected Status Code -- 200 OK - Expected Response Body -- A json response with the student resource - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/students/email/ezeanyinabia.anyanwu@gordon.edu/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got{0}.'.format(response.text)) - else: - try: - response.json()['StudentID'] - except KeyError: - self.log_error('Expected StudentID in response, got{0}.'.format(response.json())) - - - - -# # # # # # # # -# EMAIL TEST # -# # # # # # # # - - -class get_emails_for_activity___activity_leader(TestCase): - """ Verify that an activity leader can get the emails for the members of an activity - - Pre-conditions: - Valid Authentication Header - Authenticated as Activity leader - Expectations: - Endpoint -- api/emails/activity/:id - Expected Status Code -- 200 OK - Expected Response Body -- A list of json objects - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/emails/activity/' + activity_code - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json in response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json)) - - -class get_emails_for_leaders___activity_leader(TestCase): - """ Verify that a supervisor can get the emails for any activity leader - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/emails/activity/:id/leaders - Expected Status Code -- 200 OK - Expected Respones Body -- Json response with a list of emails - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/emails/activity/' + activity_code + '/leaders' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - try: - response.json()[0]['Email'] - except KeyError: - self.log_error('Expected Email in response, got{0}.'.format(response.json())) - - - - - - -if __name__ == '__main__': - main() diff --git a/Tests/ApiEndpoints/gordon_360_tests_member.py b/Tests/ApiEndpoints/gordon_360_tests_member.py deleted file mode 100644 index 9cf00a39f..000000000 --- a/Tests/ApiEndpoints/gordon_360_tests_member.py +++ /dev/null @@ -1,2238 +0,0 @@ -# Regular Member Test Suite for Project Raymond -from test_components import requests -from test_components import TestCase - -# Public configuration options -import test_config -# Private configuration options -import test_credentials -import test_components as api - -# Constants -LEADERSHIP_POSITIONS = test_config.leadership_positions - - -# Configuration Details -username = test_credentials.username -password = test_credentials.password -my_id_number = test_credentials.id_number -grant_payload = { 'username':username, 'password':password, 'grant_type':'password' } - -random_id_number = test_config.random_id_number -activity_code = test_config.activity_code -hostURL = test_config.hostURL - - - -# Runner -def main(): - """ Test Runner - - Runs all subclasses of the TestCase class. - """ - - # Create an authorized session to test authorized calls. - r = requests.post(hostURL+'token',grant_payload) - print(hostURL+'token') - print(grant_payload) - print(r) - access_token = r.json()["access_token"] - authorization_header = "Bearer " + access_token - authorized_session = requests.Session() - authorized_session.verify = True - authorized_session.headers.update({ "Authorization":authorization_header }) - - # Loop through all Test Cases and run tests. - print ('***************************************') - print ('TESTING GORDON 360 AS REGULAR MEMBER...') - print ('***************************************') - testCounter = 0 - for cls in TestCase.__subclasses__(): - if '___regular_member' in cls.__name__: - if cls.__name__ == 'authenticate_with_valid_credentials': - testclass = cls() - testclass.runTest() - testCounter += 1 - else: - testclass = cls(session=authorized_session) - testclass.runTest() - testCounter += 1 - print ('Ran {0} tests.'.format(testCounter)) - -# Test Cases -# # # # # # # # # # # # -# AUTHENTICATION TESTS # -# # # # # # # # # # # # - -class authenticate_with_valid_credentials___regular_member(TestCase): - """ Given valid credentials, verify that authentication is successful. - - Expectations: - Endpoint -- token/ - Expected Status code -- 200 Ok - Expected Content -- Json Object with access_token attribute. - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'token' - self.token_payload = { 'username':username, 'password':password, 'grant_type':'password' } - - def test(self): - response = api.post(self.session, self.url, self.token_payload) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json, got {0}.'.format(response.text)) - else: - if not 'access_token' in response.json(): - self.log_error('Expected access token in response, got {0}.'.format(response.json())) - - -# # # # # # # # # # # # -# EVENTS & CLAW TESTS # -# # # # # # # # # # # # - -class get_all_events___regular_member(TestCase): - """ Verify that a regular member can get all events by type_ID - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/25Live/type/:Event_OR_Type_ID - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/25Live/type/10' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_all_events_multiple___regular_member(TestCase): - """ Verify that a regular member can get all events by multiple type_ID - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/25Live/type/:Event_OR_Type_ID - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/25Live/type/10$11$12$14' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_all_claw___regular_member(TestCase): - """ Verify that a regular member can get all upcoming chapel events (category_ID = 85) - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/25Live/CLAW - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/25Live/CLAW' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_all_25Live___regular_member(TestCase): - """ Verify that a regular member can get all events in 25Live under predefined categories - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/25Live/All - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/25Live/All' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_all_25Live_by_event_id___regular_member(TestCase): - """ Verify that a regular member can get information on specific event on 25Live - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/25Live/All - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/25Live/2911' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_all_25Live_by_multiple_event_id___regular_member(TestCase): - """ Verify that a regular member can get information on specific event on 25Live - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/25Live/All - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/25Live/2911$2964$3030' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_all_chapel___regular_member(TestCase): - """ Verify that a regular member can get information on chapel events attended - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/chapel/:user_name - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/chapel/sam.nguyen/' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -class get_all_chapel_by_term___regular_member(TestCase): - """ Verify that a regular member can get information on chapel events attended by specific school term - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/events/chapel/:user_name - Expected Status Code -- 200 OK - Expected Respones Body -- list of all events resources - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/events/chapel/matthew.felgate/FA16' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Expected list, got {0}.'.format(response.json())) - - -# # # # # # # # # # # -# MEMBERSHIP TESTS # -# # # # # # # # # # # -# class get_all_memberships___regular_member(TestCase): -# """ Verify that a regular member can retrieve all memberships - -# Pre-conditions: -# Valid Authentication Header. -# Expectations: -# Endpoint -- memberships/ -# Expected Status code -- 200 Ok -# Expected Content -- List -# """ -# def __init__(self, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' - -# def test(self): -# response = api.get(self.session, self.url) -# print (response) -# print (api.get(self.session, self.url)) -# if not response.status_code == 401: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response, got >{0}<.'.format(response.text)) -# else: -# if not (type(response.json()) is list): -# self.log_error('Response was not a list') - - -# class get_one_membership___regular_member(TestCase): -# """ Retrieve a specific membership resource. - -# Pre-conditions: -# Valid Authentication header -# Expectations: -# Endpoint -- api/memberships/:id -# Expected Status Code -- 200 OK -# Expected Content -- A Json Object with a MembershipID attribute. -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.membershipID = -1 - - -# def setup(self): -# # Find a valid membership id -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Error in setup for {0}. Expected 200 OK, got {1}.'.format(self.test_name, response.status_code)) - -# try: -# response.json() -# except ValueError: -# self.log_error('Error in setup for {0}. Expected json response body, got {1}.'.format(self.test_name, response.text)) -# else: -# try: -# self.membershipID = response.json()[0]['MembershipID'] -# self.url = self.url + str(self.membershipID) -# except KeyError: -# self.log_error('Error in setup for {0}. Expected MembershipID in response body, got {1}.'.format(self.test_name, self.response.json())) -# #exit(1) -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not ('MembershipID' in response.json()): -# self.log_error('Expected MembershipID in jsob object, got {0}.'.format(response.json())) - -# class get_all_my_memberships___regular_member(TestCase): -# """ Verify that a regular member cannot fetch memberships associated with them. -# This is because they can only see the members if they are part of the group. - -# Pre-Conditions: -# Valid Authentication Header. -# Expectations: -# Endpoints -- api/memberships/student/:id -# Expected Status Code -- 401 Server Error -# Expected Reponse Content -- A list of json objects -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/student/' + str(my_id_number) - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 401: -# self.log_error('Expected 401, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not (type(response.json()) is list): -# self.log_error('Response was not a list.') - - - -# class get_all_memberships_for_someone_else___regular_member(TestCase): -# """ Verify that regular member can fetch someone else's memberships. - -# Pre-Conditions: -# Valid Authentication Header. -# Authenticated as regular member. -# Expectations -# Endpoint -- api/memberships/student/:id -# Expected Status Code -- 200 OK. -# Expected Response Content -- A list of json objects. -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/student/' + str(random_id_number) - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not (type(response.json()) is list): -# self.log_error('Response was not a list') - - - - -# class get_memberships_for_an_activity___regular_member(TestCase): -# """ Verify that a regular member can fetch memberships for an activity. - -# Pre-Conditions: -# Valid Authentication Header. -# Expectations: -# Endpoint -- api/memberships/activity/:id -# Expected Status Code -- 200 OK -# Expected Response Content -- A list of json Objects. -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/activity/' + activity_code - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not (type(response.json()) is list): -# self.log_error('Response was not a list.') - - - -class get_leader_memberships_for_an_activity___regular_member(TestCase): - """ Verify that a regular member can fetch all leaders for a specific activity. - - Pre-Conditions: - Valid Authentication Header. - Authenticated as regular member. - Expectations: - Endpoint -- api/memberships/activity/:id/leaders - Expected Status Code -- 200 OK - Expected Response Content -- A list of json objects. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/memberships/activity/' + activity_code + '/leaders' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - else: - if not (type(response.json()) is list): - self.log_error('Response was not a list.') - - - -# class post_valid_membership___regular_member(TestCase): -# """ Given valid membership, verify that post works. - -# Pre-conditions: -# Valid Authentication Header. -# Expectations: -# Endpoints -- api/memberships/ -# Expected Statis Cpde -- 201 Created. -# Expected Content -- A Json object with a MEMBERSHIP_ID attribute. -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.data = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'GUEST', -# 'BEGIN_DTE':'06/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# # We will get the actual id when we post. -# # Setting it -1 to check later that we got an id from the post. -# self.createdMembershipID = -1 - -# def test(self): -# response = api.postAsJson(self.session, self.url, self.data) -# if not response.status_code == 201: -# self.log_error('Expected 201 Created, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# try: -# self.createdMembershipID = response.json()['MEMBERSHIP_ID'] -# except KeyError: -# self.log_error('Expected MEMBERSHIP_ID in json response, got {0}.'.format(response.json())) - - -# def cleanup(self): -# # We try to delete the membership we created -# if self.createdMembershipID < 0: # The creation wasn't successful -# self.log_error('Expected valid membership ID, got {0}.'.format(self.createdMembershipID)) -# else: -# d = api.delete(self.session, self.url + str(self.createdMembershipID)) -# if not d.status_code == 200: -# self.log_error('Error in cleanup for {0}'.format(self.test_name)) - -# return - -# class post_membership_with_id_that_is_not_you___regular_member(TestCase): -# """ Verify that regular member can't create a membership for someone else. - -# Pre-Conditions: -# Valid Authentication Header. -# Authenticated as a regular member for this Activity. -# Expectations: -# Endpoint -- api/memberships/ -# Expected Status Code -- 401 Unauthorized -# Expected Content -- No Content -# """ - -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.data = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': random_id_number, -# 'PART_CDE':'GUEST', -# 'BEGIN_DTE':'06/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# self.membershipID = -1 - -# def setup(self): -# # Report if there any current memberships for the Club to avoid false negatives. -# # If I am currently a director of the club, this test should fail. -# response = api.get(self.session, self.url + 'student/' + str(my_id_number)) -# try: -# for membership in response.json(): -# if(membership['ActivityCode'] == activity_code and membership['Participation'] in LEADERSHIP_POSITIONS): -# self.log_error('False Negative: This user is a leader for the activity we are testing.') -# except (ValueError, KeyError): -# self.log_error('Error in setup for {0}'.format(self.test_name)) - -# def test(self): -# response = api.post(self.session, self.url, self.data) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) -# # If the unauthorized operation went through, try to recover. -# if response.status_code == 201: -# self.log_error('Expected 401 Unauthorized, got 201. Will try to delete the data ...') -# try: -# self.membershipID = response.json()['MEMBERSHIP_ID'] -# except (KeyError, ValueError): -# self.log_error('Error in test for {0}'.format(self.test_name)) - -# def cleanup(self): -# if self.membershipID > 0: # The creation went through even though it wasn't supposed to. -# d = api.delete(self.session, self.url + str(self.membershipID)) -# if d.status_code == 200: -# self.log_error('Unauthorized resource was deleted.') -# else: -# self.log_error('Error deleting unauthorized resource.') - - - -# class post_non_guest_membership___regular_member(TestCase): -# """ Verify that regular member can not create a non-guest membership. - -# Pre-Conditions: -# Authentication Header is Valid. -# Authenticated as a regular member for this Activity. -# Expectations: -# Endpoint -- apo/memberships -# Expected Status Code -- 401 Unauthorized -# Expected Content -- No Content -# """ - -# def __init__(self, -# SSLVerify=False, -# session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.data = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'DIREC', #A regular user cannot do this directly. -# 'BEGIN_DTE':'06/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# self.membershipID = -1 - -# def setup(self): -# # Report if there any current memberships for the Club to avoid false negatives. -# # If I am currently a director of the club, this test should fail. -# response = api.get(self.session, self.url + 'student/' + str(my_id_number)) -# try: -# for membership in response.json(): -# if(membership['ActivityCode'] == activity_code and membership['Participation'] in LEADERSHIP_POSITIONS): -# self.log_error('False Negative: This user is a leader for the activity we are testing.') -# except (KeyError, ValueError): -# self.log_error('Error in setup for {0}.'.format(self.test_name)) - - -# def test(self): -# response = api.post(self.session, self.url, self.data) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) -# if response.status_code == 201: -# self.log_error('Expected 401 Unauthorized, got 201 Created. Will try to delete data ...') -# try: -# self.membershipID = response.json()['MEMBERSHIP_ID'] -# except (KeyError, ValueError): -# self.log_error('Error in test for {0}.'.format(self.test_name)) - -# def cleanup(self): -# if self.membershipID > 0: # The creation went through even though it wasn't supposed to. -# d = api.delete(self.session, self.url + str(self.membershipID)) -# if d.status_code == 200: -# self.log_error('Unauthorized resource was deleted.') -# else: -# self.log_error('Error deleting unauthorized resource.') - - - - -# class put_valid_membership___regular_member(TestCase): -# """ Verify that a membership can be updated by the owner. - -# Pre-Conditions: -# Authenticated as Regular member. -# Expectations: -# Endpoint -- api/memberships/ -# Expected Status Code -- 200 OK -# Expected Content -- A json object with a MEMBERSHIP_ID attribute. -# """ - -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.data = {} -# self.createdMembershipID = -1 - -# def setup(self): -# # The membership to modify -# self.predata = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'GUEST', -# 'BEGIN_DTE':'06/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# r = api.post(self.session, self.url, self.predata) -# try: -# self.createdMembershipID = r.json()["MEMBERSHIP_ID"] -# # Updated Data -# self.data = { -# 'MEMBERSHIP_ID' : self.createdMembershipID, -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'GUEST', -# 'BEGIN_DTE':'02/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# except (KeyError, ValueError): -# self.log_error('Error in setup for {0}.'.format(self.test_name)) - -# def test(self): -# response = api.putAsJson(self.session, self.url + str(self.createdMembershipID), self.data) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not ('MEMBERSHIP_ID' in response.json()): -# self.log_error('Expected MEMBERSHIP_ID in response body, got {0}.'.format(response.json())) - -# def cleanup(self): -# # We try to delete the membership we created -# if self.createdMembershipID < 0: # The Creation wasn't successfull. ID is still -1. -# self.log_error('Expected valid membership ID, got {0}.'.format(self.createdMembershipID)) -# else: -# d = api.delete(self.session, self.url + str(self.createdMembershipID)) -# if not d.status_code == 200: -# self.log_error('Error in cleanup for {0}'.format(self.test_name)) - -# class put_non_guest_membership___regular_member(TestCase): -# """ Verify that regular member can't update their membership level. - -# Pre-Conditions: -# Valid Authentication Header. -# Authenticated as a regular member for the activity. -# Expectations: -# Endpoint -- api/memberships/ -# Expected Status Code -- 401 Unauthorized -# Expected Content -- No Content -# """ - -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.data = {} -# self.createdMembershipID = -1 - -# def setup(self): -# # Report if there any current leader memberships under my name to avoid false negatives. -# # If I am currently a director of the club, this test should fail. -# response = api.get(self.session, self.url + 'student/' + str(my_id_number)) -# try: -# for membership in response.json(): -# if(membership['ActivityCode'] == activity_code and membership['Participation'] in LEADERSHIP_POSITIONS): -# self.log_error('False Negative: This user is a leader for the activity we are testing.') -# except (KeyError, ValueError): -# self.log_error('Error in setup for {0}'.format(self.test_name)) - - -# self.predata = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'GUEST', -# 'BEGIN_DTE':'06/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated the Raymond Test Suite. IGNORE' -# } -# r = api.postAsJson(self.session, self.url, self.predata) -# try: -# self.createdMembershipID = r.json()['MEMBERSHIP_ID'] -# self.data = { -# 'MEMBERSHIP_ID' : self.createdMembershipID, -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'DIREC', #This is not allowed -# 'BEGIN_DTE':'02/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } - -# except (KeyError, ValueError): -# self.log_error('Error in setup for {0}'.format(self.test_name)) - -# def test(self): -# response = api.putAsJson(self.session, self.url + str(self.createdMembershipID),self.data) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) - -# def cleanup(self): -# if self.createdMembershipID < 0: -# self.log_error('Expected valid membership ID, got {0}.'.format(self.createdMembershipID)) -# else: -# d = api.delete(self.session, self.url + str(self.createdMembershipID)) -# if not d.status_code == 200: -# self.log_error('Error in cleanup for {0}'.format(self.test_name)) - - -# class delete_membership_for_someone_else___regular_member(TestCase): -# """ Verify that a regular member cannot delete someone else's membership. - -# Pre-Conditions: -# Valid Authentication Header -# Authenticated as Regular Member -# Expectations: -# Endpoint -- api/memberships/:id -# Expected Status Code -- 401 Unauthorized. -# Expected Response Body -- Empty. -# """ - -# def __init__(self, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.membershipID = -1 - -# def setup(self): -# # Get all memberships and pick first one that doesn't belong to me -# response = api.get(self.session, self.url) -# try: -# memberships = response.json() -# except ValueError: -# self.log_error('Error in setup for {0}. Expected a json response, got {1}.'.format(self.test_name, response.text)) -# else: -# try: -# for membership in memberships: -# if not membership['IDNumber'] == str(my_id_number): -# self.membershipID = membership['MembershipID'] -# break -# except KeyError: -# self.log_error('Error in setup for {0}. Expected MembershipID in json response, got {1}.'.format(self.test_name, response.json())) - -# def test(self): -# response = api.delete(self.session, self.url + str(self.membershipID)) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) - - -# class delete_valid_membership___regular_member(TestCase): -# """ Verify that a regular member can delete their membership. - -# Pre-Conditions: -# Valid Authentication header. -# Authenticated as regular member for the activity. -# Expectations: -# Endpoint -- api/memberships/ -# Expected Status Code -- 200 OK -# Expected Response Content -- The membership resource that wad delteed. -# """ - -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/memberships/' -# self.createdMembershipID = -1 - -# def setup(self): -# # Create a Memerships that we'll eventually delete -# self.predata = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'GUEST', -# 'BEGIN_DTE':'06/10/2016', -# 'END_DTE':'07/16/2016', -# 'COMMENT_TXT':'Generated the Raymond Test Suite. IGNORE' -# } -# r = api.postAsJson(self.session, self.url, self.predata) -# try: -# self.createdMembershipID = r.json()['MEMBERSHIP_ID'] -# except ValueError: -# self.log_error('Error doing setup for {0}'.format(self.test_name)) - -# def test(self): -# response = api.delete(self.session, self.url + str(self.createdMembershipID)) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not ('MEMBERSHIP_ID' in response.json()): -# self.log_error(self.log_error('Expected MEMBERSHIP_ID in response, got {0}.'.format(response.json()))) - - - -# # # # # # # # # # # # # # # -# # MEMBERSHIP REQUEST TESTS # -# # # # # # # # # # # # # # # - -class get_all_membership_requests___regular_member(TestCase): - """ Verify that a regular member cannot access all membership requests. - - Pre-Conditions: - Valid Authentication Header. - Authenticated as regular member. - Expectations: - Endpoint -- api/requests/ - Expected Status Code -- 401 Unauthorized - Expected Response Content -- Empty response content. - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response body, got {0}.'.format(response.text)) - -# class get_my_membership_request___regular_member(TestCase): -# """ Verify that a member can create a request and view it. - -# Pre-Conditions: -# Valid Authentication Header -# Authenticated as regular member -# Expectations: -# Endpoint -- api/requests/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- Json with my membership Request. -# """ - -# def __init__(self,SSLVerify=False, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/requests/' -# self.requestID = -1 - -# def setup(self): -# self.predata = { -# 'SESS_CDE' : '201501', -# 'ACT_CDE' : activity_code, -# 'ID_NUM' : random_id_number, -# 'DATE_SENT' : '07/06/2016', -# 'PART_CDE' : 'MEMBR', -# 'COMMENT_TXT' : 'Generated by the Raymond Test Suite. IGNORE' -# } -# r = api.postAsJson(self.session, self.url, self.predata) -# try: -# self.requestID = r.json()['REQUEST_ID'] -# except (KeyError, ValueError): -# self.log_error('Error in setup for {0}.'.format(self.test_name)) - -# def test(self): -# response = api.get(self.session, self.url + str(self.requestID)) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not ('RequestID' in response.json()): -# self.log_error('Expected RequestID in response, got {0}.'.format(response.json())) - -# def cleanup(self): -# if self.requestID < 0: # ID is still -1 -# self.log_error('Expected valid request id, got {0}.'.format(self.requestID)) -# else: -# d = api.delete(self.session, self.url + str(self.requestID)) -# if not d.status_code == 200: -# self.log_error('Error in cleanup for {0}'.format(self.test_name)) - - -# class get_all_my_membership_requests___regular_member(TestCase): -# """ Verify that a regular member can retrieve all requests belonging to them. - -# Pre-Conditions: -# Valid Authentication Header. -# Authenticated as regular member. -# Expectations: -# Endpoint -- api/requests/student/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of membership requests -# """ - -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/requests/student/' + str(my_id_number) - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not (type(response.json()) is list): -# self.log_error('Expected list, got {0}.'.format(response.json())) - -class get_membership_requests_for_someone_else___regular_member(TestCase): - """ Verify that a regular member cannot get the membership requests of somone else. - - Pre-Conditions: - Valid Authentication Header - Authenticated as regular member - Expectations: - Endpoint -- api/requests/student/:id - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/student/' + str(random_id_number) - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response bodty, got {0}.'.format(response.text)) - -class get_membership_requests_for_activity___regular_member(TestCase): - """ Verify that a regular member can't access memberships requests for activity. - - Pre-Conditions: - Valid Authentication Header - Authenticated as regular member - Expectations: - Endpoint -- api/requests/activity/:id - Expected Status Code -- 401 Unauthorized - Expected Response Body -- Empty - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/activity/' + activity_code - - def setup(self): - # Report if there any current memberships for the Club to avoid false negatives. - # If I am currently a director of the club, this test should fail. - response = api.get(self.session, hostURL + 'api/memberships/student/' + str(my_id_number)) - try: - for membership in response.json(): - if(membership['ActivityCode'] == activity_code and membership['Participation'] in LEADERSHIP_POSITIONS): - self.log_error('False Negative: This user is a leader for the activity we are testing.') - except ValueError: - self.log_error('We did not get a json response back during setup.') - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 401: - self.log_error('We did not get 401 Unauthorized.') - if response.text: - self.log_error('We got a non-empty response body.') - - -class post_valid_membership_request___regular_member(TestCase): - """ Verify that we can create a membership request. - - Pre-conditions: - Valid Authentication Header. - Expectations: - Endpoints -- api/requests/ - Expected Status Cpde -- 201 Created. - Expected Content -- A Json object with a REQUEST_ID attribute. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - # We will get the actual id when we post. - # Setting it -1 to check later that we got an id from the post. - self.requestID = -1 - - def test(self): - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - self.log_error('Expected 201 Created, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected json response, got {0}.'.format(response.text)) - else: - try: - self.requestID = response.json()['REQUEST_ID'] - except KeyError: - self.log_error('Expected REQUEST_ID in response body, got {0}.'.format(response.json())) - - def cleanup(self): - # We try to delete the request we created - if self.requestID < 0: # The creation wasn't successful - self.log_error('Could not delete request with id of {0}'.format(self.requestID)) - else: - d = api.delete(self.session, self.url + str(self.requestID)) - if not d.status_code == 200: - self.log_error('There was a problem performing cleanup for {0}'.format(self.test_name)) - -class post_membership_request_for_someone_else___regular_member(TestCase): - """ Verify that we can't create a membership request for someone else. - - Pre-conditions: - Valid Authentication Header. - Authenticated as Regular member. - Expectations: - Endpoints -- api/requests/ - Expected Status Code -- 401 Unauthorized. - Expected Response Content -- Empty Response. - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': activity_code, - 'SESS_CDE' : '201501', - 'ID_NUM': random_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' - } - # We will get the actual id when we post. - self.requestID = -1 - - def test(self): - response = api.post(self.session, self.url, self.data) - if not response.status_code == 401: - self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) - if response.text: - self.log_error('Expected empty response, got {0}.'.format(response.text)) - if response.status_code == 201: - self.log_error('Will try to delete resource...') - try: - self.requestID = response.json()['REQUEST_ID'] - except (ValueError, KeyError): - self.log_error('Error in test for {0}.'.format(self.test_name)) - - def cleanup(self): - # If the creation went through, let's delete the resource - if self.requestID >= 0: - self.log_error('Request {0} was created even though it was supposed to be unauthorized'.format(self.requestID)) - d = api.delete(self.session, self.url + str(self.requestID)) - if d.status_code == 200: - self.log_error('Unauthorized resource deleted.') - else: - self.log_error('Error deleting unauthorized resource.') - -# class put_membership_request___regular_member(TestCase): -# """ Verify that regular member can't edit a membership request. - -# Pre-Conditions: -# Valid Authorization Header. -# Authenticated as regular member. -# Expectations: -# Endpoint -- api/requests/:id -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + '/api/requests/' -# self.predata = {} -# self.data = {} -# self.requestID = -1 - -# def setup(self): -# self.predata = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'MEMBR', -# 'DATE_SENT' : '07/06/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# response = api.postAsJson(self.session, self.url, self.predata) -# try: -# self.requestID = response.json()['REQUEST_ID'] -# self.data = { -# 'REQUEST_ID': self.requestID, -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'MEMBR', -# 'DATE_SENT' : '07/06/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# except ValueError: -# self.log_error('Error performing setup for {0}.'.format(self.test_name)) - - -# def test(self): -# response = api.putAsJson(self.session, self.url + str(self.requestID), self.data) -# if not response.status_code == 401: -# self.log_error('We did not get a 401 Unauthorized.') -# if response.text: -# self.log_error('We got a non-empty response body.') - -# def cleanup(self): -# d = api.delete(self.session, self.url + str(self.requestID)) -# if not d.status_code == 200: -# self.log_error('There was error performing cleanup for {0}.'.format(self.test_name)) - - -# class approve_my_request___regular_member(TestCase): -# """ Verify that a regular member cannot approve his/her request - -# Pre-Conditions: -# Valid Authentication Header -# Authenticated as a regular member -# Expectations: -# Endpoints -- api/requests/:id/approve -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/requests/' -# self.data = {} -# self.requestID = -1 - -# def setup(self): -# #Create a memberships request for the trash club. -# self.data = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'MEMBR', -# 'DATE_SENT' : '07/06/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# response = api.postAsJson(self.session, self.url, self.data) -# if not response.status_code == 201: -# self.log_error('Error in setup for {0}. Expected 201 Created, got {1}.'.format(self.test_name, response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Error in setup for {0}. Expected json response, got {1}.'.format(self.test_name, response.text)) -# else: -# try: -# self.requestID = response.json()['REQUEST_ID'] -# except KeyError: -# self.log_error('Error in setup for {0}. Expected REQUEST_ID in response, got {1}.'.format(self.test_name, response.json())) - -# def test(self): -# response = api.postAsJson(self.session, self.url + str(self.requestID) + '/approve', None) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) - -# def cleanup(self): -# # We try to delete the request we made -# if self.requestID < 0: # The request was not successful -# self.log_error('Error in cleanup for {0}. Expected valid request ID, got {1}.'.format(self.test_name, self.requestID)) -# else: -# d = api.delete(self.session, self.url + str(self.requestID)) -# if not d.status_code == 200: -# self.log_error('Error in cleanup for {0}. Expected 200 OK, got {1}.'.format(self.test_name, d.status_code)) - - -# class deny_my_request___regular_member(TestCase): -# """ Verify that a regular member cannot deny his/her request - -# Pre-Conditions: -# Valid Authentication Header -# Authenticated as a regular member -# Expectations: -# Endpoints -- api/requests/:id/deny -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/requests/' -# self.data = {} -# self.requestID = -1 - -# def setup(self): -# #Create a memberships request for the trash club. -# self.data = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'MEMBR', -# 'DATE_SENT' : '07/06/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# response = api.postAsJson(self.session, self.url, self.data) -# if not response.status_code == 201: -# self.log_error('Error in setup for {0}. Expected 201 Created, got {1}.'.format(self.test_name, response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Error in setup for {0}. Expected json response, got {1}.'.format(self.test_name, response.text)) -# else: -# try: -# self.requestID = response.json()['REQUEST_ID'] -# except KeyError: -# self.log_error('Error in setup for {0}. Expected REQUEST_ID in response, got {1}.'.format(self.test_name, response.json())) - -# def test(self): -# response = api.postAsJson(self.session, self.url + str(self.requestID) + '/deny', None) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) - -# def cleanup(self): -# # We try to delete the request we made -# if self.requestID < 0: # The request was not successful -# self.log_error('Error in cleanup for {0}. Expected valid request ID, got {1}.'.format(self.test_name, self.requestID)) -# else: -# d = api.delete(self.session, self.url + str(self.requestID)) -# if not d.status_code == 200: -# self.log_error('Error in cleanup for {0}. Expected 200 OK, got {1}.'.format(self.test_name, d.status_code)) - - - - -# class delete_my_membership_request___regular_member(TestCase): -# """ Verify that regular member can delete his/her membership request - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/requests/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- Json object with deleted resource -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/requests/' -# self.predata = {} -# self.requestID = -1 - -# def setup(self): -# self.predata = { -# 'ACT_CDE': activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM': my_id_number, -# 'PART_CDE':'MEMBR', -# 'DATE_SENT' : '07/06/2016', -# 'COMMENT_TXT':'Generated by the Raymond Test Suite. IGNORE' -# } -# response = api.postAsJson(self.session, self.url, self.predata) -# try: -# self.requestID = response.json()['REQUEST_ID'] -# except ValueError: -# self.log_error('Error on setup for {0}.'.format(self.test_name)) - -# def test(self): -# response = api.delete(self.session, self.url + str(self.requestID)) -# if not response.status_code == 200: -# self.log_error('Expected Status Code 200, got {0}.'.format(response.status_code)) -# if not response.text: -# self.log_error('We got an empty response body.') -# try: -# deletedData = response.json() -# deletedDataID = deletedData['REQUEST_ID'] -# except ValueError: -# self.log_error('We did not get a json response.') -# else: -# if not deletedDataID == self.requestID: -# self.log_error('The resource we deleted is different from the one we created.') - - -# # # # # # # # # # # -# # SUPERVISOR TESTS # -# # # # # # # # # # # - - -# class get_all_supervisors___regular_member(TestCase): -# """ Verify that a regular member cannot view all supervisors. - -# Pre-Conditions: -# Valid Authentication Header. -# Authenticated as Regular member -# Expectations: -# Endpoint -- api/supervisors/ -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/supervisors/' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 401: -# self.log_error('Expected Status Code 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Got non-empty response body.') - -# class get_supervisors_for_activity___regular_member(TestCase): -# """ Verify that a regular member can get supervisors for activity - -# Pre-Conditions: -# Valid Authentication Header. -# Authenticated as regular member. -# Expectations: -# Endpoint -- api/supervisors/activity/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- list of json objects -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/supervisors/activity/' + activity_code - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# if not response.text: -# self.log_error('Got an empty response body.') -# try: -# response.json() -# except ValueError: -# self.log_error('Did not get a json response.') -# else: -# if not (type(response.json()) is list): -# self.log_error('Did not get a list.') - -# # class post_supervisor___regular_member(TestCase): -# # """ verify that a regular member can't add a supervisor - -# # Pre-Conditions: -# # Valid Authentication Header. -# # Authenticated as a regular member -# # Expectations: -# # Endpoint -- api/supervisors/ -# # Expected Status Code -- 401 Unauthorized -# # Expected Response Body -- Empty -# # """ -# # def __init__(self , session=None): -# # super().__init__(session) -# # self.url = hostURL + 'api/supervisors/' -# # self.data = {} -# # self.supervisorID = -1 - -# # def setup(self): -# # self.data = { -# # 'ID_NUM' : my_id_number, -# # 'ACT_CDE' : activity_code, -# # 'SESS_CDE' : '201501' -# # } - -# # def test(self): -# # response = api.postAsJson(self.session, self.url, self.data) -# # if not response.status_code == 401: -# # self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# # if response.text: -# # self.log_error('Expected empty response body, got {0}.'.format(response.text)) -# # if response.status_code == 201: -# # self.log_error('Delete the unauthorized resource...') -# # try: -# # self.supervisorID = response.json()['SUP_ID'] -# # except ValueError: -# # self.log_error('Problem accessing compromised resource.') - - -# # def cleanup(self): -# # if self.supervisorID > 0: # Unauthorized creation took place -# # d = api.delete(self.session, self.url + str(self.supervisorID)) -# # if response.status_code == 200: # Deletion was not successful -# # self.log_error('Unauthorized resource deleted.') -# # else: -# # self.log_error('Error deleting Unauthorized resource.') - -# class put_supervisor___regular_member(TestCase): -# """ Verify that a regular member can't edit an existing supervisor - -# Pre-Conditions: -# Valid Authentication Header. -# Authenticated as regular member. -# Expectations: -# Endpoint -- api/supervisors/:id -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self , session=None): -# super().__init__(session) -# # Trying to update a random supervisor -# self.url = hostURL + 'api/supervisors/' - -# tempID = 0 -# response = api.get(self.session, self.url + str(tempID)) -# # Iterate until we find an actual supervisor. -# while response.status_code == 404: -# tempID = tempID + 1 -# response = api.get(self.session, self.url + str(tempID)) - -# self.data = { -# 'SUP_ID' : tempID, -# 'ACT_CDE' : activity_code, -# 'SESS_CDE' : '201501', -# 'ID_NUM' : my_id_number -# } - -# self.supervisorID = -1 - -# def test(self): -# response = api.putAsJson(self.session, self.url + str(self.data['SUP_ID']), self.data) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) -# if response.status_code == 200: # If supervisor was updated -# self.log_error('Unauthorized update. Attempting to delete...') -# try: -# self.supervisorID = response.json()['SUP_ID'] -# except (ValueError, KeyError): -# self.log_error('Error accessing compromised supervisor.') - -# def cleanup(self): -# if self.supervisorID > 0: # The supervisor was updated. -# d = api.delete(self.session, self.url) -# if d.status_code == 200: -# self.log_error('Compromised resource deleted.') -# else: -# self.log_error('Unable to delete compromised resource.') - - -# class delete_supervisor___regular_member(TestCase): -# """ Verify that regular member can't delete a supervisor - -# Pre-Conditions: -# Valid Authentication Header -# Authenticated as regular member -# Expectations: -# Endpoint -- api/supervisors/:id -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/supervisors/2' - -# def test(self): -# response = api.delete(self.session, self.url) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty body, got {0}.'.format(response.text)) - - -# # # # # # # # # # -# # ACTIVITY TESTS # -# # # # # # # # # # - -# class get_all_activities___regular_member(TestCase): -# """ Verify that a regular member can get all activities. - -# Pre-Conditions: -# Valid Authentication Header. -# Expectations: -# Endpoint -- api/activities/ -# Expected Status Code -- 200 OK -# Expected Response Body -- List of activities -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/activities/' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK , got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(respons.text)) -# else: -# if not (type(response.json()) is list): -# self.log_error('Expected list, got {0}.'.format(response.json())) - -# class get_one_activity___regular_member(TestCase): -# """ Verify that a regular member can a single activity. - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/activities -# Expected Status Code -- 200 OK -# Expected Response Body -- Json object with activity resource -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/activities/' + activity_code - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# try: -# response.json()['ActivityCode'] -# except KeyError: -# self.log_error('Expected ACT_CDE in response, got {0}.'.format(response.json())) - -# class get_activities_for_session___regular_member(TestCase): -# """ Verify that a regular member can get all activities for specific session. - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/activities/session/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- list of activities -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/activities/session/201501' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.json())) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.json())) -# else: -# if not (type(response.json()) is list): -# self.log_error('Expected list, got {0}.'.format(response.json())) - -# class update_activity___regular_member(TestCase): -# """ Verify that a regular member cannot update activity information. - -# Pre-Conditions: -# Valid Authentication Header -# Authenticated as regular member -# Expectations: -# Endpoints -- api/activities/:id -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ - -# def __init__(self, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/activities/' + activity_code -# self.data = {} - -# def setup(self): -# # Report if there any current memberships for the Club to avoid false negatives. -# # If I am currently a director of the club, this test should fail. -# response = api.get(self.session, hostURL + 'api/memberships/student/' + str(my_id_number)) -# try: -# for membership in response.json(): -# if(membership['ActivityCode'] == activity_code and membership['Participation'] in LEADERSHIP_POSITIONS): -# self.log_error('False Negative: This user is a leader for the activity we are testing.') -# except ValueError: -# self.log_error('We did not get a json response back during setup.') -# else: -# self.data = { -# "ACT_CDE" : activity_code, -# "ACT_IMG" : "HACKING INTO SYSTEM AS REGULAR MEMBER", -# "ACT_BLURB" : "HACKING INTO SYSTEM AS REGULAR MEMBER", -# "ACT_URL" : "HACKING INTO SYSTEM AS REGULAR MEMBER" -# } - -# def test(self): -# response = api.putAsJson(self.session, self.url , self.data) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) - -# def cleanup(self): -# # Don't delete activity even if it was updated. That's too drastic. -# pass - - -################# -# PROFILE TESTS # -################# - -class get_my_profile___regular_member(TestCase): - """ Verify that a regular member can get a profile of the current user - - Pre-Conditions: - Valid Authentication header - Expectaions: - Endpoint -- api/profiles/ - Expected Status Code -- 200 OK - Expected Respones Body -- A json object of information on own profile - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/' - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got {0}.'.format(response.text)) - - -class get_profile_by_username___regular_member(TestCase): - """ Verify that a regular member can get another person's profile, filtering private information - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/profiles/:username - Expected Status Code -- 200 Ok - Expected Response Body -- list of information on the user without private info - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/' + username - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got{0}.'.format(response.text)) - - -class get_college_role_by_username___regular_member(TestCase): - """ Verify that a regular member can get a college role of the current user - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/profiles/role/:username - Expected Status Code -- 200 Ok - Expected Response Body -- list of information on the user without private info - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/role/' + username - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got{0}.'.format(response.text)) - - - -class get_image___regular_member(TestCase): - """ Verify that a regular member can get a profile image of the current user - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/profiles/image - Expected Status Code -- 200 Ok - Expected Response Body -- image path of the current user - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/image/' - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got{0}.'.format(response.text)) - - - -class get_image_by_username___regular_member(TestCase): - """ Verify that a regular member can get a profile image of someone else - Pre-Conditions: - Valid Authentication Header - Expectations: - Endpoint -- api/profiles/image/:username - Expected Status Code -- 200 Ok - Expected Response Body -- image path of another user - """ - def __init__(self , session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/image/' + username - - def test(self): - response = api.get(self.session, self.url) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - self.log_error('Expected Json response body, got{0}.'.format(response.text)) - - -# Often does not PASS due to permission issue to the image columns in WebSQL/CCT databases -class post_image___regular_member(TestCase): - """ Verify that a user can upload a profile image - Pre-Conditions: - Authenticated as Regular member. - Expectations: - Endpoint -- api/profiles/image/ - Expected Status Code -- 200 OK - Expected Content -- - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/image/' - self.data = { - 'ID': my_id_number, - 'FILE_PATH': #File path of the image on the user's computer, - 'FILE_NAME': #Barcode ID of the user - } - - def test(self): - response = api.post(self.session, self.url, self.data) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - - def cleanup(self): - self.data = { - 'ID': my_id_number, - 'FILE_PATH': None, - 'FILE_NAME': None - } - d = api.post(self.session, self.url + 'reset/', self.data) - if not d.status_code == 200: - self.log_error('There was a problem performing cleanup for {0}'.format(self.test_name)) - - - -class post_reset_image___regular_member(TestCase): - """ Verify that a user can reset a profile image - Pre-Conditions: - Authenticated as Regular member. - Expectations: - Endpoint -- api/profiles/image/reset/ - Expected Status Code -- 200 OK - Expected Content -- - """ - - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/image/reset/' - self.data = { - 'ID': my_id_number, - 'FILE_PATH': None, - 'FILE_NAME': None - } - self.requestID = -1 - - def test(self): - response = api.post(self.session, self.url, self.data) - if not response.status_code == 200: - self.log_error('Expected 200 Created, got {0}.'.format(response.status_code)) - - - -class put_social_media_links___regular_member(TestCase): - """ Verify that a user can add and edit social media links - Pre-Conditions: - Authenticated as Regular member. - Expectations: - Endpoint -- api/profiles/:type - Expected Status Code -- 200 OK - Expected Content -- - """ - - # Any other SNS names can be used to replace 'facebook' to test - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/facebook/' - self.data = { - 'facebook': #'URL of any SNS including the domain name' - } - - def test(self): - response = api.put(self.session, self.url, self.data) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - - def cleanup(self): - self.resetdata = { - 'facebook': '' - } - d = api.put(self.session, self.url, self.resetdata) - if not d.status_code == 200: - self.log_error('There was a problem performing cleanup for {0}'.format(self.test_name)) - - - -class put_mobile_privacy___regular_member(TestCase): - """ Verify that a user can add and edit social media links - Pre-Conditions: - Authenticated as Regular member. - Expectations: - Endpoint -- api/profiles/mobile_privacy/:value (Y or N) - Expected Status Code -- 200 OK - Expected Content -- - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/mobile_privacy/Y/' - self.data = { - 'IsMobilePhonePrivate': 'Y' - } - - def test(self): - response = api.put(self.session, self.url, self.data) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - - def cleanup(self): - self.resetdata = { - 'IsMobilePhonePrivate': 'N' - } - d = api.put(self.session, self.url, self.resetdata) - if not d.status_code == 200: - self.log_error('There was a problem performing cleanup for {0}'.format(self.test_name)) - - -class put_image_privacy___regular_member(TestCase): - """ Verify that a user can add and edit social media links - Pre-Conditions: - Authenticated as Regular member. - Expectations: - Endpoint -- api/profiles/image_privacy/:value (Y or N) - Expected Status Code -- 200 OK - Expected Content -- - """ - def __init__(self, session=None): - super().__init__(session) - self.url = hostURL + 'api/profiles/image_privacy/Y/' - self.data = { - 'show_pic': 'Y' - } - - def test(self): - response = api.put(self.session, self.url, self.data) - if not response.status_code == 200: - self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) - - def cleanup(self): - self.resetdata = { - 'show_pic': 'N' - } - d = api.put(self.session, self.url, self.resetdata) - if not d.status_code == 200: - self.log_error('There was a problem performing cleanup for {0}'.format(self.test_name)) - - - -# # # # # # # # # # # # # -# # PARTICIPATIONS TEST # -# # # # # # # # # # # # # - - -# class get_all_participations___regular_member(TestCase): -# """ Verify that a regular member can get all participations - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/participations -# Expected Status Code -- 200 OK -# Expected Response Body -- List of all participations -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/participations' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# if not (type(response.json()) is list): -# self.log_error('Expected list, got {0}.'.format(response.json())) - -# class get_one_participation___regular_member(TestCase): -# """ Verify that a regular member can get a specific participation object - -# Pre-Conditions: -# Valud Authentication Header -# Expectations: -# Endpoint -- api/participations -# Expected Status Code -- 200 OK -# Expected Response Body -- A participation object -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/participations/MEMBR' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueErrror: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# try: -# response.json()['ParticipationCode'] -# except KeyError: -# self.log_error('Expected ParticipationCode in response, got {0}.'.format(response.json())) - - -# # # # # # # # # # -# # SESSIONS TEST # -# # # # # # # # # # - - -# class get_all_sessions___regular_member(TestCase): -# """ Verify that a regular member can get all session objects - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/sessions/ -# Expected Status Code -- 200 OK -# Expected Response Body -- List of session resources -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/sessions/' - - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.json())) -# else: -# if not (type(response.json()) is list): -# self.log_error('Expected list, got {0}.'.format(response.json())) - - -# class get_one_session___regular_member(TestCase): -# """ Verify that a regular member can get a session object - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/sessions/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- A session resource. -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/sessions/201501' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# try: -# response.json()['SessionCode'] -# except KeyError: -# self.log_error('Expected SessionCode in response, got {0}.'.format(response.json())) - -# # # # # # # # # # -# # STUDENTS TEST # -# # # # # # # # # # - - -# class get_all_students___regular_member(TestCase): -# """ Verify that a regular member cannot list all students - -# Pre-Conditions: -# Valid Authentications Header -# Expectations: -# Endpoint -- api/students -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/students/' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) - - -# class get_student_by_id___regular_member(TestCase): -# """ Verify that a regular member can get a student resource - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/students/:id -# Expected Status Code -- 200 Ok -# Expected Response Body -- A json response with the student resource -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/students/' + str(random_id_number) - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got{0}.'.format(response.text)) -# else: -# try: -# response.json()['StudentID'] -# except KeyError: -# self.log_error('Expected StudentID in response, got{0}.'.format(response.json())) - - -# class get_student_by_email___regular_member(TestCase): -# """ Verify that a regular member cannot get a student resource by email. - -# Pre-Conditions: -# Valid Authentication Header -# Expectations: -# Endpoint -- api/students/email/:email -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with the student resource -# """ - -# def __init__(self, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/students/email/ezeanyinabia.anyanwu@gordon.edu/' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got{0}.'.format(response.text)) -# else: -# try: -# response.json()['StudentID'] -# except KeyError: -# self.log_error('Expected StudentID in response, got{0}.'.format(response.json())) - - -# # # # # # # # # -# # EMAIL TEST # -# # # # # # # # # - - -# class get_emails_for_activity___regular_member(TestCase): -# """ Verify that a regular member cannot get the emails for the members of an activity - -# Pre-conditions: -# Valid Authentication Header -# Authenticated as Regular Member -# Expectations: -# Endpoint -- api/emails/activity/:id -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# """ -# def __init__(self , session=None): -# super().__init__(session) -# self.url = hostURL + 'api/emails/activity/' + activity_code - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 401: -# self.log_error('Expected 401 Unauthorized, got {0}.'.format(response.status_code)) -# if response.text: -# self.log_error('Expected empty response body, got {0}.'.format(response.text)) - - - -# class get_emails_for_leaders___regular_member(TestCase): -# """ Verify that a regular member can get the emails for any activity leader - -# Pre-Conditions: -# Valid Authentication header -# Expectaions: -# Endpoint -- api/emails/activity/:id/leaders -# Expected Status Code -- 200 OK -# Expected Respones Body -- Json response with a list of emails -# """ -# def __init__(self, session=None): -# super().__init__(session) -# self.url = hostURL + 'api/emails/activity/' + activity_code + '/leaders' - -# def test(self): -# response = api.get(self.session, self.url) -# if not response.status_code == 200: -# self.log_error('Expected 200 OK, got {0}.'.format(response.status_code)) -# try: -# response.json() -# except ValueError: -# self.log_error('Expected Json response body, got {0}.'.format(response.text)) -# else: -# try: -# response.json()[0]['Email'] -# except KeyError: -# self.log_error('Expected Email in response, got{0}.'.format(response.json())) - -if __name__ == '__main__': - main() diff --git a/Tests/ApiEndpoints/profile.jpg b/Tests/ApiEndpoints/profile.jpg deleted file mode 100644 index ea180581c..000000000 Binary files a/Tests/ApiEndpoints/profile.jpg and /dev/null differ diff --git a/Tests/ApiEndpoints/pytest_components.py b/Tests/ApiEndpoints/pytest_components.py deleted file mode 100644 index d19d742b5..000000000 --- a/Tests/ApiEndpoints/pytest_components.py +++ /dev/null @@ -1,45 +0,0 @@ -import requests - -# Test Components - -def get(session, url): - response = session.get(url) - return response - -def post(session, url, resource): - response = session.post(url, resource) - return response - -def postAsJson(session, url, resource): - response = session.post(url, json=resource) - return response - -def postAsFormData(session, url, resource): - response = session.post(url, files=resource) - return response - -def put(session, url, resource): - response = session.put(url, resource) - return response - -def putAsJson(session, url, resource): - response = session.put(url, json=resource) - return response - -def delete(session, url): - response = session.delete(url) - return response - - -# Test Case Base Class - -TEST_PASS = "PASS" -TEST_FAIL = "FAIL" - - - - - - - - diff --git a/Tests/ApiEndpoints/test_admin_pytest.py b/Tests/ApiEndpoints/test_admin_pytest.py deleted file mode 100644 index eb201dce4..000000000 --- a/Tests/ApiEndpoints/test_admin_pytest.py +++ /dev/null @@ -1,131 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -site_admin = {'ADMIN_ID': 1, 'ID_NUM': 8330171, 'USER_NAME': 'Chris.Carlson', 'EMAIL': 'Chris.Carlson@gordon.edu', 'SUPER_ADMIN': True} - - -class Test_AdminTest(control.testCase): - -# # # # # # # # -# ADMIN TEST # -# # # # # # # # - -# Verify that a super admin get information of a specific admin via GordonId. -# Endpoint -- api/admins -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with the student resource - def test_get_all_admin_as_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/admins/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - admins = response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(admins) is list): - pytest.fail('Expected list, got {0}.'.format(response.text)) - print(admins) - assert [admin for admin in admins if admin['EMAIL'] == "360.facultytest@gordon.edu"] - assert [admin for admin in admins if admin == site_admin] - -# Verify that a guest can't get information of a specific admin via GordonId. -# Endpoint -- api/admins -# Expected Status Code -- 401 Unauthorized Error - def test_get_all_admin_as_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/admins/' - response = api.get(self.session, self.url) - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a student can't get information of a specific admin via -# GordonId. -# Pre-condition -- unknown -# Endpoint -- api/admins -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_all_admin_as_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/admins/' - response = api.get(self.session, self.url) - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a super admin get information of all admins. -# Endpoint -- api/admin/_id -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with the student resource - def test_get_admin(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/admins/8330171/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - admin = response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert admin == site_admin - -# Verify that a guest can't get information of all admins. -# Endpoint -- api/admin/_id -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_guest_admin(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/admins/8330171/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a student can't get information of all admins. -# Pre-condition -- unknown -# Endpoint -- api/admin/_id -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_student_admin(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/admins/8330171' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allaccount_pytest.py b/Tests/ApiEndpoints/test_allaccount_pytest.py deleted file mode 100644 index d5402f79e..000000000 --- a/Tests/ApiEndpoints/test_allaccount_pytest.py +++ /dev/null @@ -1,109 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllAccountTest(control.testCase): -# # # # # # # # # -# ACCOUNT TESTS # -# # # # # # # # # - -# Verify that a user can get account by email -# Endpoint -- api/accounts/email/{email} -# Expected Status Code -- 200 OK -# Expected Response Body -- profile of the email person - def test_get_student_by_email(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/accounts/email/' + control._email + '/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()["FirstName"] == control.activity_code_360 - assert response.json()["LastName"] == "StudentTest" - assert response.json()["Email"] == "360.StudentTest@gordon.edu" - assert response.json()["ADUserName"] == "360.StudentTest" - assert response.json()["AccountType"] == "STUDENT" - assert response.json()["Barcode"] == "21607000485992" - assert response.json()["show_pic"] == 0 - assert response.json()["ReadOnly"] == 0 - assert response.json()["account_id"] == 30578 - if "GordonID" in response.json(): - warnings.warn("Security fault, Gordon ID leak") - -# Verify that a user can search someone by a word -# Endpoint -- api/accounts/search/:word -# Expected Status Code -- 200 OK -# Expected Response Body -- any info that has the word - def test_get_search_by_string(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/accounts/search/' + control.searchString + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()[0]["FirstName"].lower() == control.searchString.lower() - -# Verify that a user can search someone by two words -# Endpoint -- api/accounts/search/:word/:word2 -# Expected Status Code -- 200 OK -# Expected Response Body -- any info that has both of words - def test_get_search_by_two_string(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/accounts/search/' + control.searchString + '/' + \ - control.searchString2 + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert control.searchString in response.json()[0]["FirstName"].lower() - assert control.searchString2 in response.json()[0]["LastName"].lower() - -# Verify that a user can search by username -# Endpoint -- api/accounts/username/{username} -# Expected Status Code -- 200 OK -# Expected Response Body -- profile info of {username} - def test_get_search_by_username(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/accounts/username/' + control.leader_username + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()["ADUserName"].lower() == control.leader_username.lower() - assert response.json()["FirstName"] == control.activity_code_360 - assert response.json()["LastName"] == control.activity_code_360 - assert response.json()["Email"] == "360.FacultyTest@gordon.edu" - assert response.json()["ADUserName"] == "360.FacultyTest" - assert response.json()["AccountType"] == "FACULTY" - assert response.json()["Barcode"] == "21607000486016" - assert response.json()["show_pic"] == 1 - assert response.json()["ReadOnly"] == 0 - assert response.json()["account_id"] == 30580 - if "GordonID" in response.json(): - warnings.warn("Security fault, Gordon ID leak") \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allactivities_pytest.py b/Tests/ApiEndpoints/test_allactivities_pytest.py deleted file mode 100644 index 0799992ea..000000000 --- a/Tests/ApiEndpoints/test_allactivities_pytest.py +++ /dev/null @@ -1,315 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllActivities(control.testCase): -# # # # # # # # # # -# ACTIVITY TESTS # -# # # # # # # # # # - -# Verify that an activity leader can get all activities. -# Endpoint -- api/activities/ -# Expected Status Code -- 200 OK -# Expected Response Body -- List of activities - def test_get_all_activities___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK , got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - assert response.json()[0]["ActivityCode"] == control.activity_code_360 - assert response.json()[0]["ActivityDescription"] == \ - control.activity_description_360 - assert response.json()[0]["ActivityImagePath"] == \ - control.activity_image_path_360 - assert response.json()[0]["ActivityBlurb"] == \ - control.activity_blurb_360 - assert response.json()[0]["ActivityURL"] == control.activity_URL_360 - assert response.json()[0]["ActivityType"] == control.activity_type_360 - assert response.json()[0]["ActivityTypeDescription"] == \ - control.activity_type_description_360 - assert response.json()[0]["Privacy"] == False - assert response.json()[0]["ActivityJoinInfo"] == \ - control.activity_join_info_360 - -# Verify that a Guest can get all information for a public activity. -# Endpoint -- api/activities/ -# Expected Status Code -- 200 OK -# Expected Response Body -- List of activities - def test_get_all_activities___Guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/activities/360' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK , got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()["ActivityCode"] == control.activity_code_360 - assert response.json()["ActivityDescription"] == \ - control.activity_description_360 - assert response.json()["ActivityImagePath"] == \ - control.activity_image_path_360 - assert response.json()["ActivityBlurb"] == \ - control.activity_blurb_360 - assert response.json()["ActivityURL"] == control.activity_URL_360 - assert response.json()["ActivityType"] == control.activity_type_360 - assert response.json()["ActivityTypeDescription"] == \ - control.activity_type_description_360 - assert response.json()["Privacy"] == False - assert response.json()["ActivityJoinInfo"] == \ - control.activity_join_info_360 - -# Verify that an activity leader can get all information for a single -# activity. -# Endpoint -- api/activities/{activityCode} -# Expected Status Code -- 200 OK -# Expected Response Body -- Json object with activity resource - def test_get_one_activity___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/AJG/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - response.json()['ActivityCode'] - except KeyError: - pytest.fail('Expected ACT_CDE in response, got {0}.'\ - .format(response.json())) - assert response.json()["ActivityCode"] == "AJG" - assert response.json()["ActivityDescription"] == \ - control.activity_description_AJG - assert response.json()["ActivityImagePath"] == \ - control.activity_image_path_AJG - assert response.json()["ActivityBlurb"] == control.activity_blurb_AJG - assert response.json()["ActivityURL"] == control.activity_URL_AJG - assert response.json()["ActivityType"] == control.activity_type_AJG - assert response.json()["ActivityTypeDescription"] == \ - control.activity_type_description_AJG - assert response.json()["Privacy"] == True - assert response.json()["ActivityJoinInfo"] == control.activity_join_info_AJG - -# Verify that an activity leader can get all activities for specific session. -# Endpoint -- api/activities/session/{sessionCode} -# Expected Status Code -- 200 OK -# Expected Response Body -- list of activities - def test_get_activities_for_session___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/session/201809/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.json())) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - assert response.json()[1]["ActivityCode"] == control.activity_code_AJG - assert response.json()[1]["ActivityDescription"] == \ - control.activity_description_AJG - assert response.json()[1]["ActivityImagePath"] == \ - control.activity_image_path_AJG - assert response.json()[1]["ActivityBlurb"] == \ - control.activity_blurb_AJG - assert response.json()[1]["ActivityURL"] == control.activity_URL_AJG - assert response.json()[1]["ActivityType"] == control.activity_type_AJG - assert response.json()[1]["ActivityTypeDescription"] == \ - control.activity_type_description_AJG - assert response.json()[1]["Privacy"] == None - assert response.json()[1]["ActivityJoinInfo"] == \ - control.activity_join_info_AJG - -# Verify that an activity leader can get all activity types for specific -# session in a list -# Endpoint -- api/activities/session/{sessionCode}/types -# Expected Status Code -- 200 OK -# Expected Response Body -- list of activities - def test_get_activities_for_session_list___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/session/201809/types/' - self.sessionID = -1 - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.json())) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - assert "Student Club" == response.json()[6] - assert "Scholarship" == response.json()[4] - assert "Service Learning Project" == response.json()[5] - assert "Student Ministry" == response.json()[10] - assert "Athletic Club" == response.json()[0] - assert "Leadership Program" == response.json()[1] - assert "Music Group" == response.json()[2] - assert "Residence Life" == response.json()[3] - assert "Student Life" == response.json()[8] - assert "Student Organization" == response.json()[11] - assert "Theatre Production" == response.json()[12] - assert "Student Media" == response.json()[9] - assert "Student Government" == response.json()[7] - -# Verify that an activity leader can get the status of activity in a session -# Endpoint -- api/activities/{sessionCode}/{id}/status -# Expected Status Code -- 200 OK -# Expected Response Body -- "closed" or "open" - def test_get_activities_for_session_status___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/201809/AJG/status/' - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - pytest.fail('Expected string response body, got {0}.'\ - .format(response.json())) - assert response.json() == "CLOSED" - -# Verify that an activity leader can get all open status activities -# Endpoint -- api/activities/open -# Expected Status Code -- 200 OK -# Expected Response Body -- a list of open activities - def test_get_activities_for_session_open___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/open/' - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - pytest.fail('Expected string response body, got {0}.'\ - .format(response.json())) - assert response.json()[0]["ActivityCode"] == control.activity_code_360 - assert response.json()[0]["ActivityDescription"] == \ - control.activity_description_360 - assert response.json()[0]["ActivityImagePath"] == \ - control.activity_image_path_360 - assert response.json()[0]["ActivityBlurb"] == control.activity_blurb_360 - assert response.json()[0]["ActivityURL"] == control.activity_URL_360 - -# Verify that an activity leader can get all closed status activities -# Endpoint -- api/activities/closed -# Expected Status Code -- 200 OK -# Expected Response Body -- "closed" activities - def test_get_activities_for_session_closed___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/closed/' - self.sessionID = -1 - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - pytest.fail('Expected string response body, got {0}.'\ - .format(response.json())) - -# Verify that an activity leader can get all open status activities per -# session -# Endpoint -- api/activities/sessioncode}/open -# Expected Status Code -- 200 OK -# Expected Response Body -- activities that are open - def test_get_open_activities_for_session___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/201809/open/' - self.sessionID = -1 - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - pytest.fail('Expected string response body, got {0}.'\ - .format(response.json())) - -# Verify that an activity leader can get all closed status activities per -# session -# Endpoint -- api/activities/sessioncode}/closed -# Expected Status Code -- 200 OK -# Expected Response Body -- activities that are closed - def test_get_closed_activities_for_session___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/' + control.session_code + '/open/' - self.sessionID = -1 - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'.format(response.json())) - try: - response.json() - except ValueError: - pytest.fail('Expected string response body, got {0}.'\ - .format(response.json())) - -# Verify that an activity leader can update activity information. -# Endpoints -- api/activities/:id -# Expected Status Code -- 200 Ok -# Expected Response Body -- Updated activity information - def test_update_activity___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/activities/' + control.activity_code_AJG + '/' - self.data = { - "ACT_CDE" : control.activity_code_AJG, - "ACT_BLURB" : control.activity_blurb_AJG, - "ACT_URL" : control.activity_URL_AJG - } - - response = api.putAsJson(self.session, self.url , self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected json in response body, got {0}.'\ - .format(response.text)) - try: - response.json()['ACT_CDE'] - except ValueError: - pytest.fail('Expected ACT_CDE in response body, got {0}.'\ - .format(response.json())) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allauthentication_pytest.py b/Tests/ApiEndpoints/test_allauthentication_pytest.py deleted file mode 100644 index b9e3f9364..000000000 --- a/Tests/ApiEndpoints/test_allauthentication_pytest.py +++ /dev/null @@ -1,60 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllAuthenticationTest(control.testCase): -# # # # # # # # # # # # # -# AUTHENTICATION TESTS # -# # # # # # # # # # # # # - -# Given valid credentials, verify that authentication is successful for a -# student/member. -# Endpoint -- token/ -# Expected Status code -- 200 Ok -# Expected Content -- Json Object with access_token attribute. - def test_authenticate_with_valid_credentials_as_student(self): - self.session = requests.Session() - self.url = control.hostURL + 'token' - self.token_payload = { 'username':control.username, 'password':control.password, \ - 'grant_type':'password' } - response = api.post(self.session, self.url, self.token_payload) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - if not 'access_token' in response.json(): - pytest.fail('Expected access token in response, got {0}.'\ - .format(response.json())) - assert response.json()["token_type"] == "bearer" - -# Given valid credentials, verify that authentication is successful for a -# faculty/leader/god. -# Endpoint -- token/ -# Expected Status code -- 200 Ok -# Expected Content -- Json Object with access_token attribute. - def test_authenticate_with_valid_credentials___activity_leader(self): - self.session = requests.Session() - self.url = control.hostURL + 'token' - self.token_payload = { 'username':control.leader_username, \ - 'password':control.leader_password, 'grant_type':'password' } - response = api.post(self.session, self.url, self.token_payload) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - if not 'access_token' in response.json(): - pytest.fail('Expected access token in response, got {0}.'\ - .format(response.json())) - assert response.json()["token_type"] == "bearer" \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_alldining_pytest.py b/Tests/ApiEndpoints/test_alldining_pytest.py deleted file mode 100644 index 04580f16a..000000000 --- a/Tests/ApiEndpoints/test_alldining_pytest.py +++ /dev/null @@ -1,70 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllDiningTest(control.testCase): -# # # # # # # # # -# DINING TESTS # -# # # # # # # # # - -# Verify that a student user can get meal plan data. -# Endpoint -- api/dining/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with dict containing the -# student mealplan data - def test_dining_plan_for_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/dining/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json() == "0" - -# Verify that a faculty user can get meal plan data. -# Endpoint -- api/dining/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with dict containing the -# student mealplan data - def test_dining_plan_for_faculty(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/dining/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json() == "0" - -# Verify that a guest user can't get meal plan data. -# Endpoint -- api/dining/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied message - def test_dining_plan_for_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/dining/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allemail_pytest.py b/Tests/ApiEndpoints/test_allemail_pytest.py deleted file mode 100644 index e8e27c3b4..000000000 --- a/Tests/ApiEndpoints/test_allemail_pytest.py +++ /dev/null @@ -1,168 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllEmailTest(control.testCase): -# # # # # # # # -# EMAIL TEST # -# # # # # # # # - -# Verify that a student member can get a list of the emails for all members -# in the activity. -# Endpoint -- api/emails/activity/{activity_ID} -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with the student resource - def test_get_list_of_emails(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/emails/activity/' + control.activity_code_AJG + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - assert response.json()[0]["FirstName"] == "Christopher" - assert response.json()[0]["LastName"] == "Carlson" - assert response.json()[0]["Email"] == "Chris.Carlson@gordon.edu" - -# Verify that an activity leader can get the emails for the members of an -# activity in specific session code -# Endpoint -- api/emails/activity/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of json objects - def test_get_emails_for_activity___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/emails/activity/' + control.activity_code_AJG + \ - '/session/201809/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json in response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json)) - assert response.json()[0]['Email'] == "Chris.Carlson@gordon.edu" - assert response.json()[1]['Email'] == "Emmy.Short@gordon.edu" - -# Verify that a supervisor can get the emails for any activity leader based -# on a session code -# Endpoint -- api/emails/activity/:id/leaders/session/:sessionCode -# Expected Status Code -- 200 OK -# Expected Response Body -- Json response with a list of emails - def test_get_emails_for_leaders___supervisor(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/emails/activity/' + control.activity_code_AJG + \ - '/leaders/session/201809/' - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()[0]['Email'] == "Emmy.Short@gordon.edu" - assert response.json()[0]['FirstName'] == "Emmy" - assert response.json()[0]['LastName'] == "Short" - -# Verify that a leader can get the advisor for a student's involvement based -# on activity code and session code. -# Endpoint -- api/emails/activity/AJG/advisors/session/201809 -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with the student resource - def test_get_student_by_email___advisor(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/emails/activity/' + control.activity_code_AJG + \ - '/advisors/session/201809' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - assert response.json()[0]['Email'] == "Chris.Carlson@gordon.edu" - assert response.json()[0]['FirstName'] == "Christopher" - assert response.json()[0]['LastName'] == "Carlson" - -# Verify that a supervisor can get the emails for any advisor -# Endpoint -- api/emails/activity/:id/advisor -# Expected Status Code -- 200 OK -# Expected Response Body -- Json response with a list of emails - def test_get_all_advisor_emails___supervisor(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/emails/activity/' + control.activity_code_AJG + \ - '/advisors/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()[0]['Email'] == "Chris.Carlson@gordon.edu" - assert response.json()[0]['FirstName'] == "Christopher" - assert response.json()[0]['LastName'] == "Carlson" - -# Verify that a supervisor can get the emails for any advisors based on -# session code -# Endpoint -- api/emails/activity/:id/advisors/session/{sessioncode} -# Expected Status Code -- 200 OK -# Expected Response Body -- Json response with a list of emails - def test_get_emails_for_group_admin___supervisor(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/emails/activity/' + control.activity_code_AJG + \ - '/advisors/session/201809/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()[0]['Email'] == "Chris.Carlson@gordon.edu" - assert response.json()[0]['FirstName'] == "Christopher" - assert response.json()[0]['LastName'] == "Carlson" - -# Verify that a 404 Not Found error message will be returned based on a -# bad session code -# Precondition -- Shouldn't return anything if activity id isn't valid -# Endpoint -- api/emails/activity/:id -# Expected Status Code -- 404 Not Found -# Expected Response Body -- Not Found error message - @pytest.mark.skipif(not control.unknownPrecondition, reason = "Shouldn't allow access"\ - " because the activity id doesn't exist") - def test_get_emails_for_activity_404(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/emails/activity/thisIsATest' - response = api.get(self.session, self.url) - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - #try: Don't know exact error message yet \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allevents_pytest.py b/Tests/ApiEndpoints/test_allevents_pytest.py deleted file mode 100644 index dd1580387..000000000 --- a/Tests/ApiEndpoints/test_allevents_pytest.py +++ /dev/null @@ -1,196 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllEventsTest(control.testCase): -# # # # # # # # # # # # -# EVENTS & CLAW TESTS # -# # # # # # # # # # # # - -# Verify that a student can get all their own chapel events -# Endpoint -- api/events/chapel -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all chapel events attended by the user - def test_get_all_chapel_events(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/chapel/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - -# Verify that a user can get all chapel events in specific term (ex: FA16) -# Endpoint -- api/events/chapel/:term -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all chapel events attended by the user -# during term - def test_get_all_chapel_events_during_term(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/chapel/' + control.term_code + '/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - -# Verify that a 404 Not Found Error message will be shown when an invalid -# term code is used -# Precondition -- Will still give 200 OK when term code is fake -# Endpoint -- api/events/chapel/{term} -# Expected Status Code -- 404 Not Found -# Expected Response Body -- Not Found error message - @pytest.mark.skipif(not control.unknownPrecondition, reason = "Still returns" + \ - "200 OK regardless of term code") - def test_get_all_chapel_events_fake_term(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/chapel/thisIsAFakeTermCode/' - response = api.get(self.session, self.url) - - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - #try: Not sure of error message yet - -# Verify that a user can get all events by type_ID -# Endpoint -- api/events/25Live/type/:Event_OR_Type_ID -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all events resources - def test_get_all_events___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/25Live/type/10' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - -# Verify that a user can get all events by multiple type_ID -# Endpoint -- api/events/25Live/type/:Event_OR_Type_ID -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all events resources - def test_get_all_events_multiple(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/25Live/type/10$11$12$14' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - -# Verify that a regular member can get all upcoming chapel events -# (category_ID = 85) -# Endpoint -- api/events/25Live/CLAW -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all events resources - def test_get_all_claw(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/25Live/CLAW' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - -# Verify that a user can get all events in 25Live under predefined -# categories -# Endpoint -- api/events/25Live/All -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all events resources - def test_get_all_25Live(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/25Live/All' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - -# Verify that a user can get information on specific event on 25Live -# Endpoint -- api/events/25Live/:Event_ID (2911 = Chapel) -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all events resources -# This endpoint doesn't seem to be active - def test_get_all_25Live_by_event_id(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/events/25Live/2911' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - assert response.json()[0]['Organization'] == "Chapel Office" - assert response.json()[0]['Event_ID'] == '2911' - assert response.json()[0]['Event_Name'] == 'Chapel' - assert response.json()[0]['Event_Title'] == 'Chapel: David Kirika' - assert response.json()[0]['Event_Type_Name'] == 'Chapel/Worship' - -# Verify that a Guest can only get the public events on 25Live -# Endpoint -- api/events/25Live/Public -# Expected Status Code -- 200 OK -# Expected Response Body -- list of all guest events resources - def test_get_all_public_events(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/events/25Live/Public' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expect 200 OK, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - for i in range(len(response.json())): - assert response.json()[i]['Requirement_Id'] == '3' \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allhousingapp_pytest.py b/Tests/ApiEndpoints/test_allhousingapp_pytest.py deleted file mode 100644 index 5aea07c2c..000000000 --- a/Tests/ApiEndpoints/test_allhousingapp_pytest.py +++ /dev/null @@ -1,280 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllHousingAppTest(control.testCase): -# # # # # # # # # # # -# HOUSING APP TESTS # -# # # # # # # # # # # - -# Verify that a student can get their current information -# Endpoint -- api/housing/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of one dictionary with user answer - def test_get_all_for_apartment_app(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/apartmentInfo' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json respone body, got {0}.'\ - .format(response.text)) - assert response.json()[0]["OnOffCampus"] == None - assert response.json()[0]["OnCampusRoom"] == '210' - -# Verify that a user can submit a housing application -# Endpoint -- 'api/housing/putApartmentApplication' -# Expected Status Code -- 200 OK -# Expected Content -- - def test_put_apartment_application(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/putApartmentApplication' - self.data = { - 'ID': control.my_id_number - } - self.requestID = -1 - response = api.put(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a user who is on the admin whitelist gets the OK to access staff features -# Endpoint -- 'api/housing/admin' -# Expected Status Code -- 200 OK -# Expected Content -- Empty response content - def test_is_on_whitelist(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/admin' - # add test user to whitelist - self.data = { } - api.post(self.session, self.url + '/' + str(control.my_id_number) + '/', self.data) - # check that user is on the whitelist - response = api.get(self.session, self.url) - # remove - api.delete(self.session, self.url + '/' + str(control.my_id_number) + '/') - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a user who is not on the admin whitelist gets the response Not Found -# Endpoint -- 'api/housing/admin' -# Expected Status Code -- 404 Not Found -# Expected Content -- Empty Response content - def test_not_on_whitelist(self): - self.session = self.createAuthorizedSession(control.username, control.password) - # the test user should not be an admin unless it is added in one of these tests - self.url = control.hostURL + 'api/housing/admin' - response = api.get(self.session, self.url) - - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - -# Verify that an application and all rows that reference are deleted successfully -# Endpoint -- 'api/housing/apartment/applications/{applicationID}' -# Expected Status Code -- 200 OK and 404 Not Found -# Expected Content -- Empty Response content - def test_application_deleted(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/apartment/applications' - self.data = { - 'ApplicationID' : -1, - 'EditorProfile' : { - 'AD_Username' : control.leader_username, - }, - 'Applicants' : [ - { - 'Profile' : { - 'AD_Username' : control.leader_username, - 'Class' : 'Junior', - }, - }, - { - 'Profile' : { - 'AD_Username' : control.username, - 'Class' : 'Senior', - }, - }, - ], - 'ApartmentChoices' : [ - { - 'HallRank' : 1, - 'HallName' : 'Tavilla' - }, - { - 'HallRank' : 2, - 'HallName' : 'Conrad' - }, - { - 'HallRank' : 3, - 'HallName' : 'Hilton' - } - ], - } - appIDResponse = api.postAsJson(self.session, self.url, self.data) - - appID = appIDResponse.content - - self.url = control.hostURL + 'api/housing/apartment/applications/' + str(appID) - response = api.delete(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - - # make sure the referenced rows have been deleted too - # (no endpoint exists to just get a list of hall choices, - # it is not verified here that the application hall choices are deleted) - - self.url = control.hostURL + 'api/housing/apartment/' + control.leader_username - response = api.get(self.session, self.url) - - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - - self.url = control.hostURL + 'api/housing/apartment/' + control.username - response = api.get(self.session, self.url) - - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - -# Verify that the list of apartment-style halls is retrieved correctly -# Endpoint -- 'api/housing/halls' -# Expected Status Code -- 200 OK -# Expected Content -- - def test_get_apartment_halls(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/halls/apartments' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that nothing is found if the current user is not on an application -# Endpoint -- 'api/housing/apartment' -# Expected Status Code -- 404 Not Found -# Expected Content -- - def test_get_application_user_not_found(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/apartment' - response = api.get(self.session, self.url) - - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - -# Verify that nothing is found if a given id is not on an application -# (Not necessarily the current user's id) -# Endpoint -- 'api/housing/apartment/{username}' -# Expected Status Code -- 404 Not Found -# Expected Content -- - def test_get_application_id_not_found(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/apartment' + "/" + str(control.leader_username) - response = api.get(self.session, self.url) - - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - -# Verify that an application's date submitted is changed successfully -# Endpoint -- 'api/housing/apartment/applications/{applicationID}/submit' -# Expected Status Code -- 200 OK -# Expected Content -- a non-null value for dateSubmitted - def test_date_submitted_changed(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/apartment/applications' - self.data = { - 'ApplicationID' : -1, - 'EditorProfile' : { - 'AD_Username' : control.leader_username, - }, - 'Applicants' : [ - { - 'Profile' : { - 'AD_Username' : control.leader_username, - 'Class' : 'Junior', - }, - }, - ], - 'ApartmentChoices' : [ - { - 'HallRank' : 1, - 'HallName' : 'Tavilla' - }, - ], - } - appIDResponse = api.postAsJson(self.session, self.url, self.data) - - appID = appIDResponse.content - - self.url = control.hostURL + 'api/housing/apartment/applications/' + str(appID) + '/submit' - self.data = {} - response = api.put(self.session, self.url, self.data) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - - # clean up - self.url = control.hostURL + 'api/housing/apartment/applications/' + str(appID) - response = api.delete(self.session, self.url) - - -# Verify that the editor (primary applicant) can save the application -# Endpoint -- 'api/housing/apartment/save' -# Expected Status Code -- 201 Created -# Expected Content -- - # def test_post_save_apartment_application__editor(self): - # self.session = self.createAuthorizedSession(control.username, control.password) - # self.url = control.hostURL + 'api/housing/apartment/save' - # self.data = { - # 'ID': control.my_id_number - # } - # self.requestID = -1 - # response = api.post(self.session, self.url, self.data) - - # # - # # PLACE HOLDER - # # Put pytest codes here - # # - - # if not response.status_code == 201: - # pytest.fail('Expected 201 Created, got {0}.'\ - # .format(response.status_code)) - -# Verify that the editor (primary applicant) can edit the application -# Endpoint -- 'api/housing/apartment/save' -# Expected Status Code -- 201 Created -# Expected Content -- - def test_put_edit_apartment_application__editor(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/housing/apartment/save' - self.data = { - 'ID': control.my_id_number - } - - response = api.put(self.session, self.url, self.data) - # Sudo code - # First, create an authorized session and check if the student is the editor - # If editor, call the save api to save the application. (accesses the database) - # No additional applicant or hall preference is added. - - if not response.status_code == 201: - pytest.fail('Expected 201 Created, got {0}.'\ - .format(response.status_code)) - diff --git a/Tests/ApiEndpoints/test_allmembership_pytest.py b/Tests/ApiEndpoints/test_allmembership_pytest.py deleted file mode 100644 index 9cd83e758..000000000 --- a/Tests/ApiEndpoints/test_allmembership_pytest.py +++ /dev/null @@ -1,639 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllMembershipTest(control.testCase): -# # # # # # # # # # # -# MEMBERSHIP TESTS # -# # # # # # # # # # # - -# Test retrieving all membership resources as a leader -# Endpoint -- memberships/ -# Expected Status code -- 200 Ok -# Expected Content -- List of all memberships - def test_get_all_memberships___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list') - assert response.json()[0]["ActivityCode"] == control.activity_code_360 - assert response.json()[0]["ActivityDescription"] == \ - control.activity_description_360 - -# Test retrieving all membership resources as a member -# Endpoint -- memberships/ -# Expected Status code -- 401 Unauthorized - def test_get_all_memberships___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized, got {0}.'\ - .format(response.status_code)) - -# Retrieve a specific membership resource as a leader -# Endpoint -- api/memberships/:id -# Expected Status Code -- 200 OK -# Expected Content -- A Json Object with a MembershipID attribute. - def test_get_one_membership___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - self.membershipID = -1 - # Find a valid membership id - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected json response body, got {0}.'\ - .format(response.text)) - if "IDNumber" in response.json()[0]: - warnings.warn("Security fault, Gordon ID leak") - -# Verify that a leader can fetch memberships for an activity. -# Endpoint -- api/memberships/activity/{activityId} -# Expected Status Code -- 200 OK -# Expected Response Content -- A list of json Objects. - def test_get_memberships_for_an_activity___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/activity/' + control.activity_code_AJG + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list.') - assert response.json()[0]["ActivityCode"] == control.activity_code_AJG - if "IDNumber" in response.json()[0]: - warnings.warn("Security fault, Gordon ID leak") - -# Verify that a member can fetch memberships for an activity. -# Endpoint -- api/memberships/activity/{activityId} -# Expected Status Code -- 200 OK -# Expected Response Content -- A list of json Objects. - def test_get_memberships_for_an_activity___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/' + control.activity_code_AJG + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - warnings.warn("Security fault") - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a member can get all group admins -# Endpoint -- api/memberships/activity/{activityId}/group-admin -# Expected Status Code -- 200 OK -# Expected Response Content -- A list of json Objects. - def test_get_admins_for_an_activity___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/' + control.activity_code_AJG + \ - '/group-admin/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list.') - assert response.json()[0]["ActivityCode"] == control.activity_code_AJG - if "IDNumber" in response.json()[0]: - warnings.warn("Security fault, Gordon ID leak") - -# Verify that a regular member can fetch all leaders for a specific activity. -# Endpoint -- api/memberships/activity/:id/leaders -# Expected Status Code -- 200 OK -# Expected Response Content -- A list of json objects. - def test_get_leader_memberships_for_an_activity___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/' + control.activity_code_AJG + \ - '/leaders/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - assert response.json()[0]['Participation'] == "LEAD" - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list.') - if "IDNumber" in response.json()[0]: - warnings.warn("Security fault, Gordon ID leak") - -# Verify that a regular member can fetch all advisors for a specific activity. -# Endpoint -- api/memberships/activity/:id/advisors -# Expected Status Code -- 200 OK -# Expected Response Content -- A list of json objects. - def test_get_advisors_memberships_for_an_activity___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/' + control.activity_code_AJG + \ - '/advisors/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list.') - if "IDNumber" in response.json()[0]: - warnings.warn("Security fault, Gordon ID leak") - -# Verify that a regular member can fetch number of followers for a specific -# activity. -# Endpoint -- api/memberships/activity/:id/advisors -# Expected Status Code -- 200 OK -# Expected Response Content -- An integer - def test_get_followers_memberships_for_an_activity___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/' + control.activity_code_AJG + \ - '/followers/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - -# Verify that a regular member can fetch number of followers for a specific -# activity in a given session -# Endpoint -- api/memberships/activity/:id/advisors -# Expected Status Code -- 200 OK -# Expected Response Content -- An integer - def test_get_followers_memberships_for_an_activity_session___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/AJG/followers/201809/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json() == 0 - -# Verify that a regular member can fetch number of members for a specific -# activity in a given session -# Endpoint -- api/memberships/activity/:id/advisors -# Expected Status Code -- 200 OK -# Expected Response Content -- An integer - def test_get_members_for_an_activity_session___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/AJG/members/201809/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json() == 3 - -# Verify that a regular member can fetch number of members for a -# specific activity. -# Endpoint -- api/memberships/activity/:id/members -# Expected Status Code -- 200 OK -# Expected Response Content -- An integer - def test_get_members_for_an_activity___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/memberships/activity/' + control.activity_code_AJG + \ - '/members/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json() == 88 - -# Verify that a leader can fetch memberships associated with them. -# Endpoints -- api/memberships/student/:id -# Expected Status Code -- 200 OK -# Expected Reponse Content -- A list of json objects - def test_get_all_my_memberships___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = \ - control.hostURL + 'api/memberships/student/' + str(control.my_id_number) + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list.') - if control.my_id_number != response.json()[0]["IDNumber"]: - warnings.warn("Security fault, not the user's Gordon ID") - -# Verify that a member can fetch memberships based on username -# Endpoints -- api/memberships/student/:id -# Expected Status Code -- 200 OK -# Expected Reponse Content -- A list of json objects - def test_get_memberships_username___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = \ - control.hostURL + 'api/memberships/student/username/' + control.username + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list.') - if control.my_id_number != response.json()[0]["IDNumber"]: - warnings.warn("Security fault, not the user's ID") - -# Verify that leader can fetch someone else's memberships. -# Endpoint -- api/memberships/student/:id -# Expected Status Code -- 200 OK. -# Expected Response Content -- A list of json objects. - def test_get_all_memberships_for_someone_else___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/student/' + str(control.valid_id_number) - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Response was not a list') - if control.valid_id_number != response.json()[0]["IDNumber"]: - warnings.warn("Security fault, not the user's ID") - -# Verify that an activity leader can create a Guest membership for someone. -# Precondition -- unknown -# Endpoints -- api/memberships/ -# Expected Status Code -- 201 Created. -# Expected Content -- A Json object with a MEMBERSHIP_ID attribute. - @pytest.mark.skipif(not control.unknownPrecondition, reason = "409 Error") - def test_post_new_guest_membership_for_someone_else__activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE': control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE': 'GUEST', - 'BEGIN_DTE': '06/10/2016', - 'END_DTE': '07/16/2016', - 'COMMENT_TXT': control.comments - } - # We will get the actual id when we post. - # Setting it -1 to check later that we got an id from the post. - self.createdMembershipID = -1 - response = api.postAsJson(self.session, self.url, self.data) - if response.status_code == 201: - if not ('MEMBERSHIP_ID' in response.json()): - pytest.fail('Expected MEMBERSHIP_ID in json response, got {0}.'\ - .format(response.json())) - else: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - else: - pytest.fail('Expected 201 Created, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()['PART_CDE'] =='GUEST' - api.delete(self.session, self.url + str(self.createdMembershipID)) - -# Verify that an activity leader can create a membership for someone. -# Precondition -- unknown -# Endpoint -- api/memberships/ -# Expected Status Code -- 200 OK -# Expected Content -- A json response with the created membership - @pytest.mark.skipif(not control.unknownPrecondition, reason = "409 Error") - def test_post_new_membership_for_someone___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - self.createdMembershipID = -1 - # Add a new participant - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE': control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE': 'MEMBR', - 'BEGIN_DTE': '06/10/2016', - 'END_DTE': '07/16/2016', - 'COMMENT_TXT': control.comments - } - - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 Created, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - except KeyError: - pytest.fail('Expected MEMBERSHIP ID in response, got {0}.'\ - .format(response.json())) - - #checking the correctness of post - getResponse = api.get(self.session, control.hostURL + \ - 'api/memberships/activity/' + str(control.activity_code_AJG)) - self.membershipID = response.json()['MEMBERSHIP_ID'] - req = getResponse.json() - found = False - for dic in req: - reqID = dic['MembershipID'] - if (reqID == self.membershipID): - found = True - try: - assert dic['ActivityCode'] == control.activity_code_AJG - assert dic['SessionCode'] == control.session_code - assert dic['IDNumber'] == control.valid_id_number - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(getResponse.json)) - if not found: - pytest.fail('requestID not found: {0}.'.format(response.json())) - - if self.createdMembershipID >= 0: - api.delete(self.session, self.url + str(self.createdMembershipID)) - -# Verify that an activity leader can assign a new leader -# Precondition -- unknown -# Endpoint -- api/memberships/ -# Expected Status Code -- 200 OK -# Expected Content -- A json response with the created membership - @pytest.mark.skipif(not control.unknownPrecondition, reason = "409 Error") - def test_post_new_leader_membership_for_someone___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - self.createdMembershipID = -1 - # Add a new leader - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE': control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE':'LEAD', - 'BEGIN_DTE': control.begin_date, - 'END_DTE': control.end_date, - 'COMMENT_TXT': control.comments - } - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201, got {0}.'.format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - if self.createdMembershipID < 0: # The creation was not successful - pytest.fail('Expected valid memberhsip ID, got {0}.'\ - .format(self.createdMembershipID)) - else: - #checking if the correctness of post - getResponse = api.get(self.session, control.hostURL + \ - 'api/memberships/activity/' + str(control.activity_code_AJG)) - self.membershipID = response.json()['MEMBERSHIP_ID'] - req = getResponse.json() - found = False - for dic in req: - reqID = dic['MembershipID'] - if (reqID == self.membershipID): - found = True - try: - assert dic['ActivityCode'] == control.activity_code_AJG - assert dic['SessionCode'] == control.session_code - assert dic['IDNumber'] == control.valid_id_number - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(getResponse.json)) - if not found: - pytest.fail('MembershipID not found:', self.membershipID) - d = api.delete(self.session, self.url + \ - str(self.createdMembershipID)) - if not d.status_code == 200: - pytest.fail('Error in cleanup. Expected , got {0}.'\ - .format(d.status_code)) - except KeyError: - pytest.fail('Expected MEMBERSHIP ID in response, got {0}.'\ - .format(response.json())) - - - -# Verify that an activity leader can upgrade a normal membership to leader -# status. -# Precondition -- unknown -# Endpoint -- api/memberships/:id -# Expected Status Code -- 200 OK -# Expected Content -- A json object with a MEMBERSHIP_ID attribute. - @pytest.mark.skipif(not control.unknownPrecondition, reason = "Error in setup") - def test_put_edited_membership_member_to_leader___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - self.createdMembershipID = -1 - - # The membership to modify - self.predata = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE':'MEMBR', # Is a participant at first. - 'BEGIN_DTE':'06/10/2016', # Old start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT': control.comments - } - r = api.postAsJson(self.session, self.url, self.predata) - try: - self.createdMembershipID = r.json()["MEMBERSHIP_ID"] - # Updated Data - self.data = { - 'MEMBERSHIP_ID' : self.createdMembershipID, - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE':'LEAD', # Upgrade him to director. - 'BEGIN_DTE':'02/10/2016', # New start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT': control.comments - } - except (KeyError, ValueError): - pytest.fail('Error in setup.') - response = api.putAsJson(self.session, self.url + \ - str(self.createdMembershipID), self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - except KeyError: - pytest.fail('Expected MEMBERSHIP_ID in json response, got {0}.'\ - .format(response.json())) - assert response.json()['PART_CDE'] == 'LEAD' - if self.createdMembershipID >= 0: - api.delete(self.session, self.url + str(self.createdMembershipID)) - -# Verify that an activity leader can demote a leader membership. -# Precondition -- unknown -# Endpoint -- api/memberships/:id -# Expected Status Code -- 200 OK -# Expected Content -- A json object with a MEMBERSHIP_ID attribute. - @pytest.mark.skipif(not control.unknownPrecondition, reason = "Error in setup.") - def test_put_edited_membership_leader_to_member___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - self.createdMembershipID = -1 - # The membership to modify - self.predata = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE':'LEAD', # Is a leader at first - 'BEGIN_DTE':'06/10/2016', # Old start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT': control.comments - } - r = api.postAsJson(self.session, self.url, self.predata) - try: - self.createdMembershipID = r.json()["MEMBERSHIP_ID"] - # Updated Data - self.data = { - 'MEMBERSHIP_ID' : self.createdMembershipID, - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE':'MEMBR', # Demote him to member - 'BEGIN_DTE':'02/10/2016', # New start date - 'END_DTE':'07/16/2016', - 'COMMENT_TXT': control.comments - } - except (KeyError, ValueError): - pytest.fail('Error in setup.') - response = api.putAsJson(self.session, self.url + \ - str(self.createdMembershipID), self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - self.createdMembershipID = response.json()['MEMBERSHIP_ID'] - except KeyError: - pytest.fail('Expected MEMBERSHIP_ID in json response, got {0}.'\ - .format(response.json())) - assert response.json()['PART_CDE'] == 'MEMBR' - if self.createdMembershipID >= 0: - api.delete(self.session, self.url + str(self.createdMembershipID)) - -# Verify that an activity leader can delete someone else's membership. -# Predcondition -- unknown -# Endpoint -- api/memberships/ -# Expected Status Code -- 200 OK -# Expected Response Content -- The membership resource that wad deleted. - @pytest.mark.skipif(not control.unknownPrecondition, reason = "Error doing setup.") - def test_delete_valid_membership___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/memberships/' - self.createdMembershipID = -1 - - # Create a Memerships that we'll eventually delete - self.predata = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE':'MEMBR', - 'BEGIN_DTE': control.begin_date, - 'END_DTE': control.end_date, - 'COMMENT_TXT': control.comments - } - r = api.postAsJson(self.session, self.url, self.predata) - try: - self.createdMembershipID = r.json()['MEMBERSHIP_ID'] - except (ValueError, KeyError): - pytest.fail('Error doing setup') - response = \ - api.delete(self.session, self.url + str(self.createdMembershipID)) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not ('MEMBERSHIP_ID' in response.json()): - pytest.fail('Expected MEMBERSHIP_ID in response, got {0}.'\ - .format(response.json())) diff --git a/Tests/ApiEndpoints/test_allmembershiprequest_pytest.py b/Tests/ApiEndpoints/test_allmembershiprequest_pytest.py deleted file mode 100644 index 02266d911..000000000 --- a/Tests/ApiEndpoints/test_allmembershiprequest_pytest.py +++ /dev/null @@ -1,577 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllMembershipRequestTest(control.testCase): -# # # # # # # # # # # # # # -# MEMBERSHIP REQUEST TEST # -# # # # # # # # # # # # # # - -# Verify that a regular member cannot access all membership requests. -# Endpoint -- api/requests/ -# Expected Status Code -- 401 Unauthorized -# Expected Response Content -- Empty response content. - def test_not_get_all_membership_requests(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/requests/' - response = api.get(self.session, self.url) - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized, got {0}.'\ - .format(response.status_code)) - if response.text: - pytest.fail('Expected empty response body, got {0}.'\ - .format(response.text)) - - -# Verify that a regular member cannot get the membership requests of somone -# else. -# Endpoint -- api/requests/student/:id -# Expected Status Code -- 404 Not Found -# Expected Response Body -- Empty - def test_not_get_membership_requests_for_someone_else(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/requests/student/' + str(control.valid_id_number) - response = api.get(self.session, self.url) - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'.format(response.status_code)) - - -# Verify that a regular member can't access memberships requests for -# activity. -# Endpoint -- api/requests/activity/:id -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# Passed with activity code 'TRAS', but not AJG because studenttest is a -# leader for AJG - def test_not_get_membership_requests_for_activity(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/requests/activity/' + 'TRAS' - # Report if there any current memberships for the Club to avoid false - # negatives. - # If I am currently a director of the club, this test should fail. - response = api.get(self.session, control.hostURL + 'api/memberships/student/' \ - + str(control.my_id_number)) - try: - for membership in response.json(): - if(membership['ActivityCode'] == control.activity_code_AJG and \ - membership['Participation'] in control.LEADERSHIP_POSITIONS): - pytest.fail('False Negative: This user is a leader for' + \ - 'the activity we are testing.') - except ValueError: - pytest.fail('We did not get a json response back during setup.') - - response = api.get(self.session, self.url) - if not response.status_code == 401: - pytest.fail('We did not get 401 Unauthorized.') - if response.text: - pytest.fail('We got a non-empty response body.') - - -# Verify that we can create a membership request. -# Precondition -- unknown -# Endpoints -- api/requests/ -# Expected Status Cpde -- 201 Created. -# Expected Content -- A Json object with a REQUEST_ID attribute. -# session code 201510 does not work - @pytest.mark.skipif(not control.unknownPrecondition, reason = "409 Error") - def test_post_valid_membership_request__as_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '06/27/2019', - 'COMMENT_TXT': control.comments - } - # We will get the actual id when we post. - # Setting it -1 to check later that we got an id from the post. - self.requestID = -1 - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 Created, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected json response, got {0}.'\ - .format(response.text)) - - #checking if the correctness of post\ - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - getResponse = api.get(self.session, control.hostURL + \ - 'api/requests/activity/' + str(control.activity_code_AJG)) - self.requestID = response.json()['REQUEST_ID'] - req = getResponse.json() - found = False - for dic in req: - reqID = dic['RequestID'] - if (reqID == self.requestID): - found = True - try: - assert dic['ActivityCode'] == control.activity_code_AJG - assert dic['SessionCode'] == control.session_code - assert dic['IDNumber'] == control.my_id_number - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(getResponse.json)) - if not found: - pytest.fail('requestID not found:', self.requestID) - - #delete the test post - try: - self.requestID = response.json()['REQUEST_ID'] - print(self.requestID) - if self.requestID >= 0: - api.delete(self.session, self.url + str(self.requestID)) - except KeyError: - pytest.fail('Expected REQUEST_ID in response body, got {0}.'\ - .format(response.json())) - - -# Verify that we can't create a membership request for someone else as a -# member. -# Endpoints -- api/requests/ -# Expected Status Code -- 401 Unauthorized. -# Expected Response Content -- Empty Response. -# look up for configuration.py for the data configuration - def test_not_post_membership_request_for_someone_else(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE': control.member_positions, - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT': control.comments - } - # We will get the actual id when we post. - self.requestID = -1 - response = api.post(self.session, self.url, self.data) - - if response.status_code == 201: - try: - self.requestID = response.json()['REQUEST_ID'] - if self.requestID >= 0: - api.delete(self.session, self.url + str(self.requestID)) - pytest.fail('Request {0} was created even though it was supposed to be unauthorized'.format(self.requestID)) - except (ValueError, KeyError): - pytest.fail('Error in test') - elif not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized, got {0}.'\ - .format(response.status_code)) - - -# Verify that an activity leader can access all membership requests. -# Endpoint -- api/requests/ -# Expected Status Code -- 200 OK -# Expected Response Content -- List of json objects representing the -# membership requests for all. - def test_get_all_membership_requests(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()[0]['ActivityCode'] == control.activity_code_360 - assert response.json()[1]['ActivityCode'] == "BADM" - assert response.json()[2]['ActivityCode'] == "ACS" - assert response.json()[3]['ActivityCode'] == "SCOTTIE" - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list in response body, got {0}.'\ - .format(response.json())) - - -# Verify that the activity leader can get requests to join the activity -# he/she is leading -# Endpoint -- api/requests/activity/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- List of json objects representing the membership -# requests for an activity. - def test_get_membership_requests_for_activity(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/activity/' + control.activity_code_AJG + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()[0]['ActivityCode'] == control.activity_code_AJG - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list in response body, got {0}.'\ - .format(response.json())) - if control.activity_code_AJG != response.json()[0]["ActivityCode"]: - warnings.warn("Security fault, wrong activity") - - -# Verify that an activity leader cannot get the membership requests of -# someone else. -# Endpoint -- api/requests/student/:id -# Expected Status Code -- 404 Not Found -# Expected Response Body -- Empty - def test_get_membership_requests_for_someone_else___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/student/' + str(control.valid_id_number) - response = api.get(self.session, self.url) - if not response.status_code == 404: - pytest.fail('Expected 404 Not Found, got {0}.'\ - .format(response.status_code)) - - -# Verify that we can create a membership request as leader. -# Precondition -- unknown -# Endpoints -- api/requests/ -# Expected Status Cpde -- 201 Created. -# Expected Content -- A Json object with a REQUEST_ID attribute. - @pytest.mark.skipif(not control.unknownPrecondition, reason = "409 Error") - def test_post_valid_membership_request__as_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT': control.comments - } - # We will get the actual id when we post. - # Setting it -1 to check later that we got an id from the post. - self.requestID = -1 - - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 Created, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected json response, got {0}.'\ - .format(response.text)) - - #checking if the correctness of post\ - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - getResponse = api.get(self.session, control.hostURL + \ - 'api/requests/activity/' + str(control.activity_code_AJG)) - self.requestID = response.json()['REQUEST_ID'] - req = getResponse.json() - found = False - for dic in req: - reqID = dic['RequestID'] - if (reqID == self.requestID): - found = True - try: - assert dic['ActivityCode'] == control.activity_code_AJG - assert dic['SessionCode'] == control.session_code - assert dic['IDNumber'] == control.my_id_number - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(getResponse.json())) - if not found: - pytest.fail('requestID not found:', self.requestID) - - #try: - # self.requestID = response.json()['REQUEST_ID'] - # if not response.json()['STATUS'] == REQUEST_STATUS_PENDING: - # pytest.fail('Expected Pending status , got {0}.'.format(resposne.json())) - # except KeyError: - # pytest.fail('Expected REQUEST_ID in response body, got {0}.'.format(response.json())) - # We try to delete the request we created - if self.requestID >= 0: - api.delete(self.session, self.url + str(self.requestID)) - -# Verify that we can create a membership request for someone else as leader. -# Precondition -- unknown -# Endpoints -- api/requests/ -# Expected Status Code -- 401 Unauthorized. -# Expected Response Content -- Empty Response. - @pytest.mark.skipif(not control.unknownPrecondition, reason = "get request") - def test_post_membership_request_for_someone_else(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/' - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.valid_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT': control.comments - } - # We will get the actual id when we post. - self.requestID = -1 - response = api.post(self.session, self.url, self.data) - if response.status_code == 201: - try: - self.requestID = response.json()['REQUEST_ID'] - except (ValueError, KeyError): - pytest.fail('Error in test') - - #checking if the correctness of post\ - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - getResponse = api.get(self.session, control.hostURL + \ - 'api/requests/activity/' + str(control.activity_code_AJG)) - self.requestID = response.json()['REQUEST_ID'] - req = getResponse.json() - found = False - for dic in req: - reqID = dic['RequestID'] - if (reqID == self.requestID): - found = True - try: - assert dic['ActivityCode'] == control.activity_code_AJG - assert dic['SessionCode'] == control.session_code - assert dic['IDNumber'] == control.valid_id_number - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(getResponse.json())) - if not found: - pytest.fail('requestID not found:', self.requestID) - - - #delete the test post - d = api.delete(self.session, self.url + str(self.requestID)) - if d.status_code != 200: - pytest.fail('Unauthorized resource not deleted.') - - -# Verify that an activity leader can't edit a membership request through a -# put request. -# Pre-Conditions: -# Valid Authorization Header. -# Authenticated as activity leader. -# Expectations: -# Endpoint -- api/requests/:id -# Expected Status Code -- 401 Unauthorized -# Expected Response Body -- Empty -# -# def test_put_membership_request___activity_leader(self): -# self.session = \ -# self.createAuthorizedSession(control.leader_username, control.leader_password) -# self.url = control.hostURL + '/api/requests/' -# self.requestID = -1 -# -# self.predata = { -# 'ACT_CDE': control.activity_code_AJG, -# 'SESS_CDE' : control.session_code, -# 'ID_NUM': control.my_id_number, -# 'PART_CDE':'MEMBR', -# 'DATE_SENT' : '07/06/2016', -# 'COMMENT_TXT': control.comments -# } -# response = api.postAsJson(self.session, self.url, self.predata) -# try: -# self.requestID = response.json()['REQUEST_ID'] -# self.data = { -# 'REQUEST_ID': self.requestID, -# 'ACT_CDE': control.activity_code_AJG, -# 'SESS_CDE' : '201501', -# 'ID_NUM': control.valid_id_number, #Changing values to emulate attacker muhahah -# 'PART_CDE':'PART', -# 'DATE_SENT' : '07/06/2016', -# 'COMMENT_TXT': control.comments -# } -# except ValueError: -# pytest.fail('Error performing setup') -# -# response = api.putAsJson(self.session, self.url + \ -# str(self.requestID), self.data) -# if not response.status_code == 401: -# pytest.fail('Expected 401 Unauthorized, got {0}.'\ -# .format(response.status_code)) -# if response.text: -# pytest.fail('Expected empty response body, got {0}.' -# .format(response.text)) -# api.delete(self.session, self.url + str(self.requestID)) - - -# Verify that an activity leader can delete a membership request for his -# activity -# Endpoints -- api/requests/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- The request that was deleted - def test_delete_membership_request(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/' - self.predata = {} - self.requestID = -1 - - self.predata = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE': control.session_code, - 'PART_CDE': 'MEMBR', - 'ID_NUM': control.leader_id_number, - 'DATE_SENT': '07/19/2016', - 'COMMENT_TXT': control.comments - } - response = api.postAsJson(self.session, self.url, self.predata) - if not response.status_code == 201: - pytest.fail('Error in setup. Expected 201 Created, got {0}.'\ - .format(response.status_code)) - else: - self.requestID = response.json()['REQUEST_ID'] - response = \ - api.delete(self.session, self.url + '/' + str(self.requestID)) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - response.json()['REQUEST_ID'] - except KeyError: - pytest.fail('Expected REQUEST_ID in response body, got {0}.'\ - .format(response.json())) - -# Verify that the activity leader can accept a request directed at their -# activity. -# Endpoints -- api/requests/:id/approve -# Expected Status Code -- 200 OK -# Expected Response Body -- Json response with the request that was accepted. - def Test_Allow_someone_to_join_my_activity___activity_leader(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/' - self.requestID = -1 - self.membershipID = -1 - - #Create a memberships request for the trash club. - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT': control.comments - } - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Error in setup. Expected 201 Created, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Error in setup. Expected json response, got {0}.'\ - .format(response.text)) - try: - self.requestID = response.json()['REQUEST_ID'] - except KeyError: - pytest.fail('Error in setup. Expected REQUEST_ID in response, ' + \ - 'got {0}.'.format(response.json())) - - response = api.postAsJson(self.session, self.url + \ - str(self.requestID) + '/approve', None) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - self.membershipID = response.json()['MEMBERSHIP_ID'] - if self.requestID < 0: - pytest.fail('Error in cleanup for {0}. Expected valid ' + \ - 'request ID, got {1}.'.format(self.requestID)) - else: - d = api.delete(self.session, self.url + str(self.requestID)) - if not d.status_code == 200: - pytest.fail('Error in cleanup for {0}. Expected 200 OK ' + \ - 'when deleting request, got {1}.'\ - .format(d.status_code)) - if self.membershipID < 0: # membership creation was not successful - pytest.fail('Error in cleanup. Expected valid membership ID' + \ - ', got {0}.'.format(self.membershipID)) - else: - api.delete(self.session, control.hostURL + 'api/memberships/' + \ - str(self.membershipID)) - if not d.status_code == 200: - pytest.fail('Error in cleanup. Expected 200 OK when ' + \ - 'deleting membership, got {0}.'.format(d.status_code)) - except KeyError: - pytest.fail('Expected MEMBERSHIP_ID in response bady, got {0}.'\ - .format(response.json())) - -# Verify that the activity leader can deny a request directed at their -# activity. -# Precondition -- unknown -# Endpoints -- api/requests/:id/deny -# Expected Status Code -- 200 OK -# Expected Response Body -- Json response with the request that was denied - @pytest.mark.skipif(not control.unknownPrecondition, reason = "409 Error") - def test_deny_someone_joining_my_activity(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/requests/' - self.requestID = -1 - - #Create a memberships request for the trash club. - self.data = { - 'ACT_CDE': control.activity_code_AJG, - 'SESS_CDE' : control.session_code, - 'ID_NUM': control.my_id_number, - 'PART_CDE':'MEMBR', - 'DATE_SENT' : '07/06/2016', - 'COMMENT_TXT': control.comments - } - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 Created, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected json response, got {0}.'\ - .format(response.text)) - else: - try: - self.requestID = response.json()['REQUEST_ID'] - except KeyError: - pytest.fail('Error in setup. Expected REQUEST_ID in response' + \ - ', got {0}.'.format(response.json())) - response = api.postAsJson(self.session, self.url + \ - str(self.requestID) + '/deny', None) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - else: - try: - if not response.json()['STATUS'] == control.REQUEST_STATUS_DENIED: - pytest.fail('Expected approved request, got {0}.'\ - .format(response.json())) - except KeyError: - pytest.fail('Expected STATUS in response bady, got {0}.'\ - .format(response.json())) - api.delete(self.session, self.url + str(self.requestID)) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allmyschedule_pytest.py b/Tests/ApiEndpoints/test_allmyschedule_pytest.py deleted file mode 100644 index c8121a282..000000000 --- a/Tests/ApiEndpoints/test_allmyschedule_pytest.py +++ /dev/null @@ -1,162 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllMyScheduleTest(control.testCase): -# # # # # # # # # # # -# MYSCHEDULE TESTS # -# # # # # # # # # # # - -# Get all custom events from the schedule of the currently logged in user. -# Endpoint -- api/myschedule/ -# Expected Status code -- 200 Ok -# Expected Content -- all custom events of the currently logged in user. - def test_get_all_myschedule_objects_of_current_user(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/myschedule/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - assert response.json()[0]["EVENT_ID"] == control.event_id - assert response.json()[0]["LOCATION"] == control.location - assert response.json()[0]["DESCRIPTION"] == control.put_description - assert response.json()[0]["BEGIN_TIME"] == control.begintime - assert response.json()[0]["END_TIME"] == control.endtime - -# Get all custom events of a user with username `username` as a parameter. -# Endpoint -- api/myschedule/{username} -# Expected Status code -- 200 Ok -# Expected Content -- all custom events of a user with username `username` -# as a parameter - def test_get_all_myschedule_objects_of_user(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/myschedule/' + control.leader_username + '/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - assert response.json()[0]["EVENT_ID"] == '1100' - assert response.json()[0]["GORDON_ID"] == str(control.leader_id_number) - assert response.json()[0]["LOCATION"] == control.location - -# Get a specific custom event of the currently logged in user with `eventId` -# as a parameter -# Endpoint -- api/myschedule/event/{eventID} -# Expected Status code -- 200 Ok -# Expected Content -- a specific custom event of the currently logged in user -# with `eventId` as a parameter - def test_get_myschedule_objects_of_id(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/myschedule/event/' + control.event_id + '/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - assert response.json()["EVENT_ID"] == control.event_id - assert response.json()["LOCATION"] == control.location - assert response.json()["DESCRIPTION"] == control.put_description - assert response.json()["BEGIN_TIME"] == control.begintime - assert response.json()["END_TIME"] == control.endtime - -# Create a custom event of the currently logged in user. -# Expectations: -# Endpoints -- api/myschedule/ -# Expected Status Code -- 201 Created. -# Expected Content -- a custom event with the data in the test - def test_myschedule_post(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/myschedule/' - self.data = { - 'GORDON_ID' : str(control.my_id_number), - 'LOCATION' : control.location, - 'DESCRIPTION' : control.description, - 'TUE_CDE' : 'T', - 'IS_ALLDAY' : 1, - } - response = api.postAsJson(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 Created, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()["GORDON_ID"] == str(control.my_id_number) - assert response.json()["LOCATION"] == control.location - assert response.json()["DESCRIPTION"] == control.description - - # delete the test post - # Expected Status Code -- 200 OK. - try: - self.GordonID = response.json()["GORDON_ID"] - if self.GordonID == str(control.my_id_number): - response = api.delete(self.session, self.url + \ - str(response.json()["EVENT_ID"])) - except KeyError: - pytest.fail('Expected REQUEST_ID in response body, got {0}.'\ - .format(response.json())) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - -# Update a custom event of the currently logged in user. -# Endpoints -- api/myschedule/ -# Expected Status Code -- 200 OK. -# Expected Content -- The Json object (custom event) with a -# GORDON_ID attribute. - def test_myschedule_put(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/myschedule/' - try: - self.data = { - 'EVENT_ID' : control.event_id, - 'GORDON_ID' : str(control.my_id_number), - 'LOCATION' : control.location, - 'DESCRIPTION' : control.put_description, - 'MON_CDE' : 'M', - 'TUE_CDE' : 'T', - 'WED_CDE' : None, # Showing the options of the value - 'THU_CDE' : 'R', - 'FRI_CDE' : 'F', - 'IS_ALLDAY' : 0, - 'BEGIN_TIME' : control.begintime, - 'END_TIME' : control.endtime, - } - except (KeyError, ValueError): - pytest.fail('Error in setup.') - response = api.putAsJson(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - assert response.json()["GORDON_ID"] == str(control.my_id_number) - assert response.json()["LOCATION"] == control.location - assert response.json()["DESCRIPTION"] == control.put_description - assert response.json()["BEGIN_TIME"] == control.begintime - assert response.json()["END_TIME"] == control.endtime \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allnews_pytest.py b/Tests/ApiEndpoints/test_allnews_pytest.py deleted file mode 100644 index 9e77214dc..000000000 --- a/Tests/ApiEndpoints/test_allnews_pytest.py +++ /dev/null @@ -1,175 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllNewsTest(control.testCase): -# # # # # # # -# NEWS TEST # -# # # # # # # - -# Verify that a student can get the full list of category names, category ids -# , and sort order of student news. -# Endpoint -- api/news/category -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of category names, ids and sort order - def test_get_news_category_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/news/category/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a student can get the list of news that hasn't expired -# Endpoint -- api/news/not-expired -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of student news entries that have not -# expired - def test_get_news_not_expired_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/news/not-expired/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - if response.json(): - assert response.json()[0].has_key('categoryName') - assert response.json()[0].has_key('ManualExpirationDate') - assert response.json()[0].has_key('SortOrder') - -# Verify that a student can get student news entries that have been accepted -# and not expired, and is new since 10am the day before. -# Endpoint -- api/news/new -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of student news entries that have been -# accepted, are not expired, and are new since 10 am the day before. - def test_get_news_new_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/news/new/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - if not response.json(): - print("Find out the content to add") - -# Verify that a faculty user can get the full list of category names, category ids -# , and sort order of student news. -# Endpoint -- api/news/category -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of category names, ids and sort order - def test_get_news_category_faculty(self): - self.session = self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/news/category/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a faculty user can get the list of news that hasn't expired -# Endpoint -- api/news/not-expired -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of student news entries that have not -# expired - def test_get_news_not_expired_faculty(self): - self.session = self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/news/not-expired/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - if response.json(): - assert response.json()[0].has_key('categoryName') - assert response.json()[0].has_key('ManualExpirationDate') - assert response.json()[0].has_key('SortOrder') - -# Verify that a faculty user can get student news entries that have been accepted -# and not expired, and is new since 10am the day before. -# Endpoint -- api/news/new -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of student news entries that have been -# accepted, are not expired, and are new since 10 am the day before. - def test_get_news_new_faculty(self): - self.session = self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/news/new/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - if not response.json(): - print("Find out the content to add") - -# Verify that a guest can't get the full list of category names, category ids -# , and sort order of student news. -# Endpoint -- api/news/category -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_news_category_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/news/category/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a guest can't get the list of news that hasn't expired -# Endpoint -- api/news/not-expired -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_news_not_expired_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/news/not-expired/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a guest can't get student news entries that have been accepted -# and not expired, and is new since 10am the day before. -# Endpoint -- api/news/new -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_news_new_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/news/new/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) diff --git a/Tests/ApiEndpoints/test_allprofile_pytest.py b/Tests/ApiEndpoints/test_allprofile_pytest.py deleted file mode 100644 index e43aeb16f..000000000 --- a/Tests/ApiEndpoints/test_allprofile_pytest.py +++ /dev/null @@ -1,383 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllProfileTest(control.testCase): -################# -# PROFILE TESTS # -################# - -# Verify that a user can get their own profile -# Endpoint -- api/profiles/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A json object of information on own profile - def test_get_my_profile(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['AD_Username'] == '360.StudentTest' - assert response.json()['ID'] == '999999097' - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - -# Verify that a user can get their own profile -# Endpoint -- api/profiles/ -# Expected Status Code -- 401 Authorization Error -# Expected Response Body -- An authorization denied message - def test_get_guest_my_profile(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/' - response = api.get(self.session, self.url) - if not response.status_code == 401: - pytest.fail('Expected 401 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - -# Verify that a user can get another person's profile, filtering -# private information -# Endpoint -- api/profiles/:username -# Expected Status Code -- 200 Ok -# Expected Response Body -- list of information on the user without private -# info - def test_get_profile_by_username(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/' + control.leader_username +'/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['AD_Username'] == '360.FacultyTest' - assert "ID" not in response.json() - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a guest can't get another person's profile -# Endpoint -- api/profiles/:username -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied message - def test_get_guest_profile_by_username(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/' + control.leader_username +'/' - response = api.get(self.session, self.url) - print(response.json()) - if not response.status_code == 401: - pytest.fail('Expected 401 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a user can get a profile image of the current user -# Endpoint -- api/profiles/image -# Expected Status Code -- 200 Ok -# Expected Response Body -- image path of the current user - def test_get_image(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/image/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a guest can't get a profile image of the current user -# Endpoint -- api/profiles/image -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied message - def test_get_guest_image(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/image/' - response = api.get(self.session, self.url) - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - - -# Verify that a user can get a profile image of someone else -# Endpoint -- api/profiles/image/:username -# Expected Status Code -- 200 Ok -# Expected Response Body -- image path of another user - def test_get_image_by_username(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/image/' + control.leader_username + '/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a guest can't get a profile image of someone else -# Endpoint -- api/profiles/image/:username -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied message - def test_get_guest_image_by_username(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/image/' + control.username + '/' - response = api.get(self.session, self.url) - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a user can upload a profile image -# Endpoint -- api/profiles/image/ -# Expected Status Code -- 200 OK -# Expected Content -- updated profile image - def test_post_profile_image(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/image/' - self.data = { - 'file': open(control.FILE_PATH_PROFILE, 'r') - } - - response = api.postAsFormData(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - #self.data = { - # 'ID': my_id_number, - # 'FILE_PATH': FILE_PATH, - # 'FILE_NAME': FILE_NAME - #} - d = api.post(self.session, self.url + 'reset/', self.data) - if not d.status_code == 200: - pytest.fail('There was a problem performing cleanup') - -# Verify that a guest cannot upload a profile image -# Endpoint -- api/profiles/image/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Content -- An authorization denied message - def test_post_guest_profile_image(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/image/' - self.data = { - 'file': open(control.FILE_PATH_PROFILE, 'r') - } - - response = api.postAsFormData(self.session, self.url, self.data) - print(response.json()) - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a user can upload an ID image -# Pre-conditions -- unknown -# Endpoint -- api/profiles/IDimage/ -# Expected Status Code -- 200 OK -# Expected Content -- upload ID photo - @pytest.mark.skipif(not control.unknownPrecondition, reason = \ - "Unknown reason for error") - def test_post_ID_image(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/IDimage/' - self.data = { - 'file': open(control.FILE_PATH_ID, 'r') - } - - response = api.postAsFormData(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - - d = api.post(self.session, self.url + 'reset/', self.data) - if not d.status_code == 200: - pytest.fail('There was a problem performing cleanup') - -# Verify that a guest can't upload an ID image -# Endpoint -- api/profiles/IDimage/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Content -- An authorization denied message - def test_post_guest_ID_image(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/IDimage/' - self.data = { - 'file': open(control.FILE_PATH_ID, 'r') - } - response = api.postAsFormData(self.session, self.url, self.data) - if not response.status_code == 401: - pytest.fail('Expected 401 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a user can reset a profile image -# Endpoint -- api/profiles/image/reset/ -# Expected Status Code -- 200 OK -# Expected Content -- - def test_post_reset_image(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/image/reset/' - self.data = { - 'ID': control.my_id_number, - 'FILE_PATH': control.FILE_PATH_PROFILE, - 'FILE_NAME': "" - } - self.requestID = -1 - response = api.post(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 Created, got {0}.'\ - .format(response.status_code)) - -# Verify that a guest can't reset a profile image -# Endpoint -- api/profiles/image/reset/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Content -- An authorization denied message - def test_post_guest_reset_image(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/image/reset/' - self.data = { - 'ID': control.my_id_number, - 'FILE_PATH': control.FILE_PATH_PROFILE, - 'FILE_NAME': "" - } - self.requestID = -1 - response = api.post(self.session, self.url, self.data) - if not response.status_code == 401: - pytest.fail('Expected 401 Created, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a user can add and edit social media links -# Endpoint -- api/profiles/:type -# Expected Status Code -- 200 OK -# Expected Content -- - def test_put_social_media_links(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/facebook/' - self.data = { - 'facebook': 'https://www.facebook.com/360.studenttest' - #'URL of any SNS including the domain name' - } - response = api.put(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - self.resetdata = { - 'facebook': 'Changed for testing' - } - d = api.put(self.session, self.url, self.resetdata) - if not d.status_code == 200: - pytest.fail('There was a problem performing cleanup') - -# Verify that a guest can't add and edit social media links -# Endpoint -- api/profiles/:type -# Expected Status Code -- 401 Unauthorized Error -# Expected Content -- An authorization denied message - def test_put_guest_social_media_links(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/profiles/facebook/' - self.data = { - 'facebook': 'https://www.facebook.com/360.studenttest' - } - response = api.put(self.session, self.url, self.data) - if not response.status_code == 401: - pytest.fail('Expected 401 OK, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - - -# Verify that a user can turn on and off mobile privacy -# Endpoint -- api/profiles/mobile_privacy/:value (Y or N) -# Expected Status Code -- 200 OK -# Expected Content -- Make mobile privacy 0 or 1 - def test_put_mobile_privacy(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/mobile_privacy/Y/' - self.data = { - 'IsMobilePhonePrivate': 'Y' - } - response = api.put(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - profile_url = control.hostURL + 'api/profiles/' - check_response = api.get(self.session,profile_url) - assert check_response.json()['IsMobilePhonePrivate'] == 1 - self.url = control.hostURL + 'api/profiles/mobile_privacy/N/' - self.resetdata = { - 'IsMobilePhonePrivate': 'N' - } - d = api.put(self.session, self.url, self.resetdata) - if not d.status_code == 200: - pytest.fail('There was a problem performing cleanup') - check_response = api.get(self.session,profile_url) - assert check_response.json()['IsMobilePhonePrivate'] == 0 - -# Verify that a user can edit image privacy -# Endpoint -- api/profiles/image_privacy/:value (Y or N) -# Expected Status Code -- 200 OK -# Expected Content -- - def test_put_image_privacy(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/profiles/image_privacy/Y/' - self.data = { - 'show_pic': 'Y' - } - response = api.put(self.session, self.url, self.data) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - profile_url = control.hostURL + 'api/profiles/' - check_response = api.get(self.session,profile_url) - assert check_response.json()['show_pic'] == 1 - self.url = control.hostURL + 'api/profiles/image_privacy/N/' - self.resetdata = { - 'show_pic': 'N' - } - d = api.put(self.session, self.url, self.resetdata) - if not d.status_code == 200: - pytest.fail('There was a problem performing cleanup') - - check_response = api.get(self.session,profile_url) - assert check_response.json()['show_pic'] == 0 \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allschedule_pytest.py b/Tests/ApiEndpoints/test_allschedule_pytest.py deleted file mode 100644 index e39d92579..000000000 --- a/Tests/ApiEndpoints/test_allschedule_pytest.py +++ /dev/null @@ -1,58 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllScheduleTest(control.testCase): -# # # # # # # # # # -# SCHEDULE TESTS # -# # # # # # # # # # - -# Get all schedule objects of the currently logged in user. -# Pre-condition -- student must be enrolled in summer practicum -# Endpoint -- api/schedule/:username -# Expected Status code -- 200 Ok -# Expected Content -- all schedule objects of the currently logged in user. - @pytest.mark.skipif(not control.enrolledInPracticum, reason = \ - "Student not enrolled in Practicum") - def test_get_all_schedule_objects_of_current_user(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/schedule/' + control.username + '/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - assert response.json()[0]["CRS_TITLE"] == \ - "SUMMER PRACTICUM COMPUTER SCIENCE" - -# Get all schedule objects of a user with username `username` as a parameter. -# Pre-condition -- unknown -# Endpoint -- api/schedule/:username -# Expected Status code -- 200 Ok -# Expected Content -- all schedule objects of a user with username `username` -# as a parameter -# Normal faculty works, student's don't work, facultytest doesn't work - @pytest.mark.skipif(not control.unknownPrecondition, reason = \ - "Unknown reason for error") - def test_get_all_schedule_objects_of_user(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/schedule/' + control.leader_username + '/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - assert response.json()[0]["GORDON_ID"] == str(control.leader_id_number) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allschedulecontrol_pytest.py b/Tests/ApiEndpoints/test_allschedulecontrol_pytest.py deleted file mode 100644 index 309b121d1..000000000 --- a/Tests/ApiEndpoints/test_allschedulecontrol_pytest.py +++ /dev/null @@ -1,107 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllScheduleControlTest(control.testCase): -# # # # # # # # # # # # # -# SCHEDULECONTROL TESTS # -# # # # # # # # # # # # # - -# Get the privacy status and description of the currently logged in user. -# Endpoint -- api/schedulecontrol -# Expected Status code -- 200 Ok -# Expected Content -- all schedule objects of the currently logged in user. - def test_get_all_schedulecontrol_objects_of_current_user(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/schedulecontrol/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'\ - .format(response.text)) - assert response.json()['IsSchedulePrivate'] == True - assert response.json()['Description'] == control.put_description - -# Get the privacy, description, and ID of a user's schedule with username -# `leader_username` as a parameter. -# Endpoint -- api/schedulecontrol/{username} -# Expected Status code -- 200 Ok -# Expected Content -- all schedule objects of the currently logged in user. - def test_get_all_schedulecontrol_objects_of_user(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/schedulecontrol/' + control.leader_username + '/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json, got {0}.'.format(response.text)) - assert response.json()['IsSchedulePrivate'] == False - assert response.json()['Description'] == \ - 'httpsCoLnSlShSlShgithubdOTcomSlSh' - -# Update schedule privacy of the currently logged in user to 1. -# Endpoint -- api/schedulecontrol/privacy/{value} -# Expected Status code -- 200 Ok -# Expected Content -- schedule privacy of the currently logged in user. - def test_schedulecontrol_put_privacy(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/schedulecontrol/privacy/N/' - response = api.put(self.session, self.url, 'N') - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - - self.url = control.hostURL + 'api/schedulecontrol/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - assert response.json()["IsSchedulePrivate"] == False - - self.url = self.url + 'privacy/Y/' - response = api.put(self.session, self.url, 'Y') - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - - self.url = control.hostURL + 'api/schedulecontrol/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - assert response.json()["IsSchedulePrivate"] == True - -# Update the schedule description of the currently logged in user. -# Endpoint -- api/schedulecontrol/description/{value} -# Expected Status code -- 200 Ok -# Expected Content -- schedule description of the currently logged in user. - def test_schedulecontrol_put_description(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/schedulecontrol/description/' + \ - control.put_description + '/' - response = api.put(self.session, self.url, control.put_description) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - self.url = control.hostURL + 'api/schedulecontrol/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - assert response.json()["Description"] == control.put_description \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allsession_pytest.py b/Tests/ApiEndpoints/test_allsession_pytest.py deleted file mode 100644 index a637e3c71..000000000 --- a/Tests/ApiEndpoints/test_allsession_pytest.py +++ /dev/null @@ -1,118 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllSessionTest(control.testCase): - -# # # # # # # # # -# SESSIONS TEST # -# # # # # # # # # - -# Verify that an activity leader can get all session objects -# Endpoint -- api/sessions/ -# Expected Status Code -- 200 OK -# Expected Response Body -- List of all session resources - def test_get_all_sessions(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/sessions/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.json())) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json())) - assert response.json()[0]["SessionCode"] == "201209" - assert response.json()[0]["SessionDescription"] == \ - "Fall 12-13 Academic Year" - assert response.json()[0]["SessionBeginDate"] == "2012-08-29T00:00:00" - assert response.json()[0]["SessionEndDate"] == "2012-12-21T00:00:00" - - self.url = control.hostURL + 'api/sessions/current/' - current = api.get(self.session, self.url) - assert response.json()[-2]["SessionCode"] == \ - current.json()["SessionCode"] - assert response.json()[-2]["SessionDescription"] == \ - current.json()["SessionDescription"] - assert response.json()[-2]["SessionBeginDate"] == \ - current.json()["SessionBeginDate"] - assert response.json()[-2]["SessionEndDate"] == \ - current.json()["SessionEndDate"] - -# Verify that an activity leader can get a session object -# Endpoint -- api/sessions/:id -# Expected Status Code -- 200 OK -# Expected Response Body -- A session resource. - def test_get_one_session(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/sessions/' + control.session_code + '/' - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - response.json()['SessionCode'] - except KeyError: - pytest.fail('Expected SessionCode in response, got {0}.'\ - .format(response.json())) - assert response.json()['SessionCode'] == control.session_code - -# Verify that a user can get the current session -# Endpoint -- api/sessions/current/ -# Expected Status Code -- 200 OK -# Expected Response Body -- the current session - def test_get_current_session(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/sessions/current/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - response.json()['SessionCode'] - except KeyError: - pytest.fail('Expected SessionCode in response, got {0}.'\ - .format(response.json())) - -# Verify that a user can get the days left of the session -# Endpoint -- api/sessions/daysLeft/ -# Expected Status Code -- 200 OK -# Expected Response Body -- numbers of days left - def test_get_daysLeft_session(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/sessions/daysLeft/' - - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - try: - response.json() - except KeyError: - pytest.fail('Expected SessionCode in response, got {0}.'\ - .format(response.json())) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allstudentemployment_pytest.py b/Tests/ApiEndpoints/test_allstudentemployment_pytest.py deleted file mode 100644 index 9eca73d90..000000000 --- a/Tests/ApiEndpoints/test_allstudentemployment_pytest.py +++ /dev/null @@ -1,36 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllStudentEmploymentTest(control.testCase): - -# # # # # # # # # # # # # # -# STUDENT EMPLOYMENT TEST # -# # # # # # # # # # # # # # - -# Verify that a student user can get their own student employment information -# Pre-Conditions: Need to be logged in as cct.service in visual studio -# Endpoint -- api/studentemployment/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with student employment info - @pytest.mark.skipif(not control.cctService, reason = \ - "Not logged in as cct.service.") - def test_student_employment___regular_member(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/studentemployment/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is dict): - pytest.fail('Expected dict, got {0}.'.format(response.json())) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allvictorypromise_pytest.py b/Tests/ApiEndpoints/test_allvictorypromise_pytest.py deleted file mode 100644 index 5c93244eb..000000000 --- a/Tests/ApiEndpoints/test_allvictorypromise_pytest.py +++ /dev/null @@ -1,80 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllVictoryPromiseTest(control.testCase): - -# # # # # # # # # # # # # -# VICTORY PROMISE TEST # -# # # # # # # # # # # # # - -# Verify that a student user can get their own victory promise information -# Endpoint -- api/studentemployment/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with victory promise points - def test_victory_promise(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/vpscore/' - response = api.get(self.session, self.url) - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json)) - assert response.json()[0]["TOTAL_VP_IM_SCORE"] == 0 - assert response.json()[0]["TOTAL_VP_CC_SCORE"] == 0 - assert response.json()[0]["TOTAL_VP_LS_SCORE"] == 0 - assert response.json()[0]["TOTAL_VP_LW_SCORE"] == 0 - -# Verify that a guest can't get victory promise information -# Endpoint -- api/studentemployment/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied message - def test_guest_victory_promise(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/vpscore/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a faculty user's victory promise information is always 0. -# Endpoint -- api/studentemployment/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A json response with victory promise points all 0 - def test_faculty_victory_promise(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/vpscore/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - pytest.fail('Expected list, got {0}.'.format(response.json)) - assert response.json()[0]["TOTAL_VP_IM_SCORE"] == 0 - assert response.json()[0]["TOTAL_VP_CC_SCORE"] == 0 - assert response.json()[0]["TOTAL_VP_LS_SCORE"] == 0 - assert response.json()[0]["TOTAL_VP_LW_SCORE"] == 0 \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_allwellnesscheck_pytest.py b/Tests/ApiEndpoints/test_allwellnesscheck_pytest.py deleted file mode 100644 index dfcf63f45..000000000 --- a/Tests/ApiEndpoints/test_allwellnesscheck_pytest.py +++ /dev/null @@ -1,321 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import pytest_components as api -import test_gordon360_pytest as control - -class Test_AllWellnessCheckTest(control.testCase): -# # # # # # # # # # # # -# WELLNESS CHECK TEST # -# # # # # # # # # # # # - -# Verify that a student can get their current status -# Endpoint -- api/wellness/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of one dictionary with user answer - def test_get_wellness_asymptomatic_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/wellness/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json respone body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - assert response.json()[0]["answerValid"] == True - assert response.json()[0]["userAnswer"] == True or \ - response.json()[0]["userAnswer"] == False - -# Verify that a student can get the wellness check question -# Endpoint -- api/wellness/Question -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of a dictionary of questions -# and prompts. - def test_get_wellness_question_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/wellness/question/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - assert response.json()[0].has_key('yesPrompt') - assert response.json()[0].has_key('noPrompt') - assert response.json()[0].has_key('question') - -# Verify that a student can answer if they are symptomatic (true) -# Endpoint -- api/wellness/ -# Expected Status Code -- 201 Created -# Expected Response Body -- none - def test_post_wellness_symptomatic_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/wellness/' - self.data = { - 'answerValid': True, - 'timestamp': datetime, - 'userAnswer': True - } - response = api.post(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a student can answer if they are asymptomatic (false) -# Endpoint -- api/wellness/ -# Expected Status Code -- 201 Created -# Expected Response Body -- none - def test_post_wellness_asymptomatic_student(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/wellness/' - self.data = { - 'answerValid': True, - 'timestamp': datetime, - 'userAnswer': False - } - response = api.post(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a student can't change the questions -# Endpoint -- api/wellness/question -# Expected Status Code -- 404 Method Not Allowed -# Expected Response Body -- A method not allowed error message - def test_post_wellness_question_session(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/wellness/question' - self.data = { - 'yesPrompt': 'Trying to change', - 'question': 'No questions', - 'noPrompt': 'Have a nice day of testing' - } - response = api.post(self.session, self.url, self.data) - if not response.status_code == 405: - pytest.fail('Expected 405 Not Found, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == \ - "The requested resource does not support http method 'POST'." - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - -# Verify that a faculty user can get their current status -# Endpoint -- api/wellness/ -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of one dictionary with user answer - def test_get_wellness_asymptomatic_faculty(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/wellness/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - try: - response.json() - except ValueError: - pytest.fail('Expected Json respone body, got {0}.'\ - .format(response.text)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - assert response.json()[0]["answerValid"] == True - assert response.json()[0]["userAnswer"] == True or \ - response.json()[0]["userAnswer"] == False - -# Verify that a faculty user can get the wellness check question -# Endpoint -- api/wellness/Question -# Expected Status Code -- 200 OK -# Expected Response Body -- A list of a dictionary of questions -# and prompts. - def test_get_wellness_question_faculty(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/wellness/question/' - response = api.get(self.session, self.url) - - if not response.status_code == 200: - pytest.fail('Expected 200 OK, got {0}.'\ - .format(response.status_code)) - if not (type(response.json()) is list): - warnings.warn("Response is not a list.") - assert response.json()[0].has_key('yesPrompt') - assert response.json()[0].has_key('noPrompt') - assert response.json()[0].has_key('question') - -# Verify that a faculty user can answer if they are symptomatic (true) -# Endpoint -- api/wellness/ -# Expected Status Code -- 201 Created -# Expected Response Body -- none - def test_post_wellness_symptomatic_faculty(self): - self.session = self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/wellness/' - self.data = { - 'answerValid': True, - 'timestamp': datetime, - 'userAnswer': True - } - response = api.post(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a faculty user can answer if they are asymptomatic (false) -# Endpoint -- api/wellness/ -# Expected Status Code -- 201 Created -# Expected Response Body -- none - def test_post_wellness_asymptomatic_faculty(self): - self.session = self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/wellness/' - self.data = { - 'answerValid': True, - 'timestamp': datetime, - 'userAnswer': False - } - response = api.post(self.session, self.url, self.data) - if not response.status_code == 201: - pytest.fail('Expected 201 OK, got {0}.'\ - .format(response.status_code)) - -# Verify that a faculty user can't change the questions -# Endpoint -- api/wellness/question -# Expected Status Code -- 405 Method Not Allowed -# Expected Response Body -- A method not allowed error message - def test_post_wellness_question_faculty(self): - self.session = \ - self.createAuthorizedSession(control.leader_username, control.leader_password) - self.url = control.hostURL + 'api/wellness/question' - self.data = { - 'yesPrompt': 'Trying to change', - 'question': 'No questions', - 'noPrompt': 'Have a nice day of testing' - } - response = api.post(self.session, self.url, self.data) - if not response.status_code == 405: - pytest.fail('Expected 405 Not Found, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == \ - "The requested resource does not support http method 'POST'." - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) - -# Verify that a guest can't get their current status -# Endpoint -- api/wellness/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_wellness_asymptomatic_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/wellness/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a guest can't get the wellness check question -# Endpoint -- api/wellness/Question -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_get_wellness_question_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/wellness/question/' - response = api.get(self.session, self.url) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - -# Verify that a guest can't answer if they are symptomatic (true) -# Endpoint -- api/wellness/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_post_wellness_symptomatic_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/wellness/' - self.data = { - 'answerValid': True, - 'timestamp': datetime, - 'userAnswer': True - } - response = api.post(self.session, self.url, self.data) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - - -# Verify that a guest can't answer if they are asymptomatic (false) -# Endpoint -- api/wellness/ -# Expected Status Code -- 401 Unauthorized Error -# Expected Response Body -- An authorization denied error - def test_post_wellness_asymptomatic_guest(self): - self.session = self.createGuestSession() - self.url = control.hostURL + 'api/wellness/' - self.data = { - 'answerValid': True, - 'timestamp': datetime, - 'userAnswer': False - } - response = api.post(self.session, self.url, self.data) - - if not response.status_code == 401: - pytest.fail('Expected 401 Unauthorized Error, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == control.AUTHORIZATION_DENIED - except ValueError: - pytest.fail('Expected Json response body, got{0}.'\ - .format(response.text)) - - -# Verify that a guest can't change the questions -# Endpoint -- api/wellness/question -# Expected Status Code -- 404 Method Not Allowed -# Expected Response Body -- A method not allowed error message - def test_post_wellness_question_guest(self): - self.session = self.createAuthorizedSession(control.username, control.password) - self.url = control.hostURL + 'api/wellness/question' - self.data = { - 'yesPrompt': 'Trying to change', - 'question': 'No questions', - 'noPrompt': 'Have a nice day of testing' - } - response = api.post(self.session, self.url, self.data) - if not response.status_code == 405: - pytest.fail('Expected 405 Not Found, got {0}.'\ - .format(response.status_code)) - try: - assert response.json()['Message'] == \ - "The requested resource does not support http method 'POST'." - except ValueError: - pytest.fail('Expected Json response body, got {0}.'\ - .format(response.text)) \ No newline at end of file diff --git a/Tests/ApiEndpoints/test_gordon360_pytest.py b/Tests/ApiEndpoints/test_gordon360_pytest.py deleted file mode 100644 index 762f692d2..000000000 --- a/Tests/ApiEndpoints/test_gordon360_pytest.py +++ /dev/null @@ -1,129 +0,0 @@ -import pytest -import warnings -import string -from pytest_components import requests -from datetime import datetime - -import credentials -import pytest_components as api - - -# # # # # # # # # -# Configuration # -# # # # # # # # # - -# Membership -# Activity to use for testing -activity_code_AJG = 'AJG' -activity_code_360 = '360' -# Description to use for testing -activity_description_AJG = 'A. J. Gordon Scholars Program' -activity_description_360 = '360.gordon.edu' -# Image path to use for testing -activity_image_path_AJG = \ - 'https://360apitrain.gordon.edu/browseable/uploads/AJG/canvasImage.png' -activity_image_path_360 = \ - 'https://360apitrain.gordon.edu/browseable/uploads/360/canvasImage.png' -# Blurb to use for testing -activity_blurb_AJG = 'DOING TESTS, IGNORE' -activity_blurb_360 = 'This is me changing the description' -# URL to use for testing -activity_URL_AJG = 'http://www.lolcats.com/' -activity_URL_360 = 'http://360.gordon.edu' -# Type to use for testing -activity_type_AJG = 'LEA' -activity_type_360 = 'STU' -# Type description to use for testing -activity_type_description_AJG = 'Leadership Program' -activity_type_description_360 = 'Student Life' -# Join info to use for testing -activity_join_info_AJG = '' -activity_join_info_360 = 'me adding special information' -# Id number to use for testing -valid_id_number = 50146557 -# Session to use for testing -session_code = '201809' -# Specific term to use for testing -term_code = 'FA18' -# Participation Code that correspond to member: -member_positions = ['MEMBR', 'GUEST', 'PART'] -# Date -begin_date = '06/10/2016' -end_date = '07/16/2016' - -_email = '360.studenttest@gordon.edu' -# Comments -comments = 'Generated by 360-Gordon-Test. IGNORE' -# comments = 'Generated by Gordon 360 API Test Suite. IGNORE' -searchString = 'michael' -searchString2 = 'lindsay' -# Event or Type ID used for events testing -Event_OR_Type_ID = '10' - -# Profile image path -FILE_PATH_PROFILE = r'..\..\Gordon360\browseable\profile\Default\profile.png' -FILE_PATH_ID = r'..\..\Gordon360\browseable\profile\Default\ID.png' - -# API. Choose only 1. -# localhost set up using Visual Studio to enable local testing. -hostURL = 'https://360ApiTrain.gordon.edu/' -# hostURL = 'http://localhost:2477/' - -# Constants -LEADERSHIP_POSITIONS = ['CAPT','CODIR','CORD','DIREC','PRES','VICEC','VICEP'] -REQUEST_STATUS_APPROVED = 'Approved' -REQUEST_STATUS_DENIED = 'Denied' -REQUEST_STATUS_PENDING = 'Pending' -AUTHORIZATION_DENIED = 'Authorization has been denied for this request.' - -# Configuration Details -username = credentials.username -password = credentials.password -my_id_number = credentials.id_number -grant_payload = \ - { 'username':username, 'password':password, 'grant_type':'password' } - -leader_username = credentials.username_activity_leader -leader_password = credentials.password_activity_leader -leader_id_number = credentials.id_number_activity_leader -leader_grant_payload = { 'username':leader_username, \ - 'password':leader_password, 'grant_type':'password' } - -# Global variables for myschedule test events -event_id = '10000' -location = 'KOSC 244' -description = 'Summer Practicum' -begintime = '09:00:00' -endtime = '17:00:00' - -# Global variable for new description for test events -put_description = 'DOING TESTS - IGNORE' -shortened_begintime = '09:00:00' -shortened_endtime = '17:00:00' - -# Pre-conditions. -# Statically disabled/enabled tests that have yet to be resolved. -cctService = False -enrolledInPracticum = False -unknownPrecondition = False - - -# Logins -class testCase: - - # Create an authorized session to test authorized calls. - def createAuthorizedSession(self, userLogin, userPassword): - r = requests.post(hostURL+'token', { 'username':userLogin, \ - 'password':userPassword, 'grant_type':'password' }) - access_token = r.json()["access_token"] - authorization_header = "Bearer " + access_token - authorized_session = requests.Session() - authorized_session.verify = True - authorized_session.headers.update({ \ - "Authorization":authorization_header }) - return authorized_session - - # Create a guest session to test guest calls. - def createGuestSession(self): - authorized_session = requests.Session() - return authorized_session diff --git a/get-route-list.py b/get-route-list.py deleted file mode 100644 index 4fdc3ce0f..000000000 --- a/get-route-list.py +++ /dev/null @@ -1,70 +0,0 @@ -#!/usr/bin/env python3 - -"""Prints list of API routes to standard output. - -Usage: - [python3] get-route-list.py [FILE_LIST] - -Finds all routes in the API controller source files. The route type -('HttpGet', 'HttpPut', etc.) must appear BEFORE the 'Route(...)' statement. - -FILE_LIST, if supplied, is a whitespace-delimited list of controller file -paths. If not supplied then all controller files in Gordon360/ApiControllers/ -directory will be used. -""" - -def findRoutes(controllerFileName, tag="HttpGet"): - """Returns list of routes matching specified type. - - Args: - controllerFileName (str): name of controller source file. - tag (str): route type. - - Returns: - list of str: list of routes that match the specfied type. - """ - with open(controllerFileName, "r") as controllerFile: - text = controllerFile.read() - routePrefix = "/" + getRoutePrefix(text) - routes = [] - tagStart = text.find(tag) - while tagStart >= 0: - routeStart = text.find("[Route", tagStart+1) - if routeStart >= 0: - routeEnd = text.find("]", routeStart+1) - route = getDoubleQuotedText(text[routeStart:routeEnd+1]) - routes.append(f" {routePrefix}/{route}") - tagStart = text.find(tag, routeStart+1) - return routes - -def getRoutePrefix(text): - """Return the contents of RoutePrefix() stored in text.""" - start = text.find("[RoutePrefix") - end = text.find("]", start+1) - return getDoubleQuotedText(text[start:end+1]) - -def getDoubleQuotedText(text): - """Return first substring of text delimited by double quotes.""" - start = text.find('"') - end = text.find('"', start+1) - return text[start+1:end] - -import os, sys -if __name__ == "__main__": - fileList = sys.argv[1:] - if len(fileList) == 0: - controllerDir = "Gordon360/ApiControllers/" - dirList = os.listdir(controllerDir) - dirList.sort() - fileList = [f"{controllerDir}{f}" for f in dirList] - for controllerFileName in fileList: - #print(f"\x1b[31m\x1b[1m{os.path.basename(controllerFileName)}\x1b[0m") - print(os.path.basename(controllerFileName)) - for tag in 'HttpGet', 'HttpPut', 'HttpPost', 'HttpDelete': - routes = findRoutes(controllerFileName, tag=tag) - if len(routes) > 0: - #print(f"\x1b[32m {tag}\x1b[0m") - print(f" {tag}") - for route in routes: - print(route) - diff --git a/get-route-list.sh b/get-route-list.sh deleted file mode 100755 index c2453e9b2..000000000 --- a/get-route-list.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -# 2019-06-28 -# -# Grabs API routes from the API controllers and displays them in a list. -# Route prefixes are indented 4 spaces and subroutes are indented 8 spaces. -# Actual routes are composed of a prefix followed by a subroute. - -find ./Gordon360/ApiControllers/ -type f -exec grep -H '\[Route' {} \; |\ - awk '{print $2,$3,$4,$5}' |\ - sed -e 's/\[RoutePrefix(/ &/g' -e 's/\[Route(/ &/g' -e 's/ *$//g'