diff --git a/backend/secfit/comments/permissions.py b/backend/secfit/comments/permissions.py
index b863cc7782ff295afe3ca1b2cc95519c70eb48eb..9fb2e015d88dcfc40a968dbfe6bfc850b99e77cc 100644
--- a/backend/secfit/comments/permissions.py
+++ b/backend/secfit/comments/permissions.py
@@ -19,3 +19,4 @@ class IsCommentVisibleToUser(permissions.BasePermission):
or (obj.workout.visibility == "CO" and obj.owner.coach == request.user)
or obj.workout.owner == request.user
)
+
\ No newline at end of file
diff --git a/backend/secfit/comments/views.py b/backend/secfit/comments/views.py
index b74d0f208c9bcf06ee49817541d47742767f0b7d..c55e227cf17a0af1aaf9061d8fccb9a7343d99ea 100644
--- a/backend/secfit/comments/views.py
+++ b/backend/secfit/comments/views.py
@@ -12,7 +12,6 @@ from rest_framework.filters import OrderingFilter
class CommentList(
mixins.ListModelMixin, mixins.CreateModelMixin, generics.GenericAPIView
):
- # queryset = Comment.objects.all()
serializer_class = CommentSerializer
permission_classes = [permissions.IsAuthenticated]
filter_backends = [OrderingFilter]
diff --git a/backend/secfit/secfit/djangoHeroku.py b/backend/secfit/secfit/djangoHeroku.py
index 9046bb726b49a350ee44771dd6dca11300cf57f7..33ed96081b96ac004bc457ea0cf2ecceb583e236 100644
--- a/backend/secfit/secfit/djangoHeroku.py
+++ b/backend/secfit/secfit/djangoHeroku.py
@@ -1,16 +1,13 @@
-#import logging
import os
import dj_database_url
from django.test.runner import DiscoverRunner
-
MAX_CONN_AGE = 600
def settings(config, *, db_colors=False, databases=True, test_runner=True, staticfiles=True, allowed_hosts=True, logging=True, secret_key=True):
# Database configuration.
- # TODO: support other database (e.g. TEAL, AMBER, etc, automatically.)
if databases:
# Integrity check.
if 'DATABASES' not in config:
@@ -20,30 +17,21 @@ def settings(config, *, db_colors=False, databases=True, test_runner=True, stati
if db_colors:
# Support all Heroku databases.
- # TODO: This appears to break TestRunner.
for (env, url) in os.environ.items():
if env.startswith('HEROKU_POSTGRESQL'):
db_color = env[len('HEROKU_POSTGRESQL_'):].split('_')[0]
- #logger.info('Adding ${} to DATABASES Django setting ({}).'.format(env, db_color))
-
config['DATABASES'][db_color] = dj_database_url.parse(url, conn_max_age=conn_max_age, ssl_require=True)
if 'DATABASE_URL' in os.environ:
- #logger.info('Adding $DATABASE_URL to default DATABASE Django setting.')
# Configure Django for DATABASE_URL environment variable.
config['DATABASES']['default'] = dj_database_url.config(conn_max_age=conn_max_age, ssl_require=True)
- #logger.info('Adding $DATABASE_URL to TEST default DATABASE Django setting.')
-
# Enable test database if found in CI environment.
if 'CI' in os.environ:
config['DATABASES']['default']['TEST'] = config['DATABASES']['default']
- #else:
- #logger.info('$DATABASE_URL not found, falling back to previous settings!')
-
if test_runner:
# Enable test runner if found in CI environment.
if 'CI' in os.environ:
@@ -51,7 +39,6 @@ def settings(config, *, db_colors=False, databases=True, test_runner=True, stati
# Staticfiles configuration.
if staticfiles:
- #logger.info('Applying Heroku Staticfiles configuration to Django settings.')
config['STATIC_ROOT'] = os.path.join(config['BASE_DIR'], 'staticfiles')
config['STATIC_URL'] = '/static/'
@@ -69,48 +56,10 @@ def settings(config, *, db_colors=False, databases=True, test_runner=True, stati
config['STATICFILES_STORAGE'] = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
if allowed_hosts:
- #logger.info('Applying Heroku ALLOWED_HOSTS configuration to Django settings.')
config['ALLOWED_HOSTS'] = ['*']
- """
- if logging:
- logger.info('Applying Heroku logging configuration to Django settings.')
-
- config['LOGGING'] = {
- 'version': 1,
- 'disable_existing_loggers': False,
- 'formatters': {
- 'verbose': {
- 'format': ('%(asctime)s [%(process)d] [%(levelname)s] ' +
- 'pathname=%(pathname)s lineno=%(lineno)s ' +
- 'funcname=%(funcName)s %(message)s'),
- 'datefmt': '%Y-%m-%d %H:%M:%S'
- },
- 'simple': {
- 'format': '%(levelname)s %(message)s'
- }
- },
- 'handlers': {
- 'null': {
- 'level': 'DEBUG',
- 'class': 'logging.NullHandler',
- },
- 'console': {
- 'level': 'DEBUG',
- 'class': 'logging.StreamHandler',
- 'formatter': 'verbose'
- }
- },
- 'loggers': {
- 'testlogger': {
- 'handlers': ['console'],
- 'level': 'INFO',
- }
- }
- }
- """
+
# SECRET_KEY configuration.
if secret_key:
if 'SECRET_KEY' in os.environ:
- #logger.info('Adding $SECRET_KEY to SECRET_KEY Django setting.')
# Set the Django setting from the environment variable.
config['SECRET_KEY'] = os.environ['SECRET_KEY']
diff --git a/backend/secfit/secfit/settings.py b/backend/secfit/secfit/settings.py
index 67c0e22309e1f49bec2da6d1a8e68b47f2c36625..fff3d90033dfe01adbb05b9f6342f76e2350e700 100644
--- a/backend/secfit/secfit/settings.py
+++ b/backend/secfit/secfit/settings.py
@@ -106,7 +106,6 @@ if is_prod:
if 'DATABASE_URL' in os.environ:
import dj_database_url
- print("\n\n\n\n\nHEI\n\n\n\n\n\n")
DATABASES = {'default': dj_database_url.config()}
else:
DATABASES = {
diff --git a/backend/secfit/users/admin.py b/backend/secfit/users/admin.py
index fc0af23c4473e29bcc06045aebfdd0d21989d22d..60666860b2dfc658839567779109f2b1cf20ab1c 100644
--- a/backend/secfit/users/admin.py
+++ b/backend/secfit/users/admin.py
@@ -6,16 +6,13 @@ from .forms import CustomUserChangeForm, CustomUserCreationForm
# Register your models here.
-
class CustomUserAdmin(UserAdmin):
add_form = CustomUserCreationForm
form = CustomUserChangeForm
model = get_user_model()
- # list_display = UserAdmin.list_display + ('coach',)
fieldsets = UserAdmin.fieldsets + ((None, {"fields": ("coach",)}),)
add_fieldsets = UserAdmin.add_fieldsets + ((None, {"fields": ("coach",)}),)
-
admin.site.register(get_user_model(), CustomUserAdmin)
admin.site.register(Offer)
admin.site.register(AthleteFile)
diff --git a/backend/secfit/users/serializers.py b/backend/secfit/users/serializers.py
index 0e1a83ba88f61b5fd0b3c8ff34ed7e9fee668b63..72a5576977154b20bd538daa4bad3a681a4d01ea 100644
--- a/backend/secfit/users/serializers.py
+++ b/backend/secfit/users/serializers.py
@@ -32,7 +32,6 @@ class UserSerializer(serializers.HyperlinkedModelSerializer):
data = self.get_initial()
password = data.get("password")
- password1 = data.get("password1")
try:
password_validation.validate_password(password)
diff --git a/backend/secfit/users/tests.py b/backend/secfit/users/tests.py
deleted file mode 100644
index 1b46f65fdcb59d631e32caf40e39d0161cb6bbd5..0000000000000000000000000000000000000000
--- a/backend/secfit/users/tests.py
+++ /dev/null
@@ -1,178 +0,0 @@
-import json
-
-from django.test import TestCase, RequestFactory, Client
-from users.serializers import UserSerializer
-from users.models import User
-from django.core.exceptions import ValidationError
-
-
-class RegistrationTestCase(TestCase):
- def setUp(self):
- self.client = Client()
-
- def test_registration(self):
- data = {"username": "Test", "email": "test@test.no",
- "password": "strong_pwd", "password1": "strong_pwd",
- "phone_number": "12345678", "country": "Norway",
- "city": "Trondheim", "street_address": "Trondheimsvegen 1"}
-
- response = self.client.post('/api/users/', data)
- self.assertEqual(response.status_code, 201)
-
-
-### Test boundary values of registration ###
-class BoundaryValuesOfRegistrationTestCase(TestCase):
- def setUp(self):
- self.client = Client()
-
- def test_minimumData(self):
- data = {"username": "t", "email": "",
- "password": "1", "password1": "1",
- "phone_number": "", "country": "",
- "city": "", "street_address": ""}
- response = self.client.post("/api/users/", data)
- self.assertEqual(response.status_code, 201) #should work at one char pwd and username
-
- def test_blankPassword(self):
- data = {"username": "test", "email": "",
- "password": "", "password1": "",
- "phone_number": "", "country": "",
- "city": "", "street_address": ""}
- response = self.client.post("/api/users/", data)
- self.assertEqual(response.status_code, 400) #should fail at blank pwd
-
- def test_blankUsername(self):
- data = {"username": "", "email": "",
- "password": "1", "password1": "1",
- "phone_number": "", "country": "",
- "city": "", "street_address": ""}
- response = self.client.post("/api/users/", data)
- self.assertEqual(response.status_code, 400) #should fail at blank username
-
- def test_invalidEmail(self):
- data = {"username": "Test", "email": "test.no",
- "password": "1", "password1": "1",
- "phone_number": "", "country": "",
- "city": "", "street_address": ""}
- response = self.client.post("/api/users/", data)
- self.assertEqual(response.status_code, 400) #should fail if email does not conatin @
-
-
-
-### Test the class UserSerializer ###
-
-class UserSerializerTestCase(TestCase):
- def setUp(self):
- self.user1 = User.objects.create(username="user1")
- self.user2 = User.objects.create(username="user2", coach=self.user1)
- self.factory = RequestFactory()
-
- def test_validate_passwordValid(self):
- password = "some_very_strong_pwd"
- serializer = UserSerializer(data = {'password': password,'password1': password})
-
- validated_password = serializer.validate_password(password)
- self.assertEqual(validated_password, password)
-
- def test_validate_passwordInValid(self):
- password = "some_very_strong_pwd"
- password1 = "Some_wrong_pwd"
- serializer = UserSerializer(data = {'password': password,'password1': password})
-
- validated_password = serializer.validate_password(password1)
- self.assertRaises(ValidationError)
-
- def test_create(self):
- data = {"username": "Test", "email": "test@test.no",
- "password": "strong_pwd", "password1": "strong_pwd",
- "phone_number": "12345678", "country": "Norway",
- "city": "Trondheim", "street_address": "Trondheimsvegen 1"}
-
- serializer = UserSerializer(data)
- user = serializer.create(data)
-
- self.assertEqual(user.username, "Test")
- self.assertEqual(user.email, "test@test.no")
- self.assertEqual(user.phone_number, "12345678")
- self.assertEqual(user.country, "Norway")
- self.assertEqual(user.city, "Trondheim")
- self.assertEqual(user.street_address, "Trondheimsvegen 1")
-
-
-
-### 2-way domain testing of registration ###
-
-test_cases = [
- {'email':'wrong', 'username':'wrong', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'empty', 'city':'empty', 'street_address':'normal'},
- {'email':'wrong', 'username':'normal', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'normal', 'city':'normal', 'street_address':'empty'},
- {'email':'wrong', 'username':'empty', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'empty', 'city':'normal', 'street_address':'normal'},
- {'email':'wrong', 'username':'normal', 'password':'empty', 'password1':'empty', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'normal'},
- {'email':'wrong', 'username':'normal', 'password':'normal', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'empty', 'street_address':'empty'},
- {'email':'normal','username':'wrong', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'normal'},
- {'email':'normal','username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
- {'email':'normal','username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
- {'email':'normal','username':'wrong', 'password':'empty', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'normal'},
- {'email':'empty', 'username':'empty', 'password':'empty', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'normal'},
- {'email':'empty', 'username':'wrong', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
- {'email':'empty', 'username':'normal', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'empty', 'street_address':'normal'},
- {'email':'empty', 'username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
- {'email':'empty', 'username':'empty', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'normal'},
- {'email':'empty', 'username':'wrong', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'empty'},
- {'email':'empty', 'username':'normal', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'empty', 'city':'normal', 'street_address':'normal'},
- {'email':'wrong', 'username':'wrong', 'password':'empty', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'normal', 'street_address':'normal'},
- {'email':'wrong', 'username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'empty'},
- {'email':'wrong', 'username':'wrong', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'empty', 'city':'normal', 'street_address':'normal'},
- {'email':'wrong', 'username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'empty', 'city':'empty', 'street_address':'normal'},
- {'email':'normal','username':'normal', 'password':'empty', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'empty', 'street_address':'normal'},
- {'email':'normal','username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'empty'},
- {'email':'normal','username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'empty', 'street_address':'normal'},
- {'email':'normal','username':'wrong', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'empty'},
- {'email':'normal','username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'normal'},
- {'email':'normal','username':'empty', 'password':'empty', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
- {'email':'normal','username':'wrong', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'normal'}
-]
-
-case_data = {
- 'normal': {
- 'email': 'test@test.no',
- 'username': 'test',
- 'password': 'test123',
- 'password1': 'test123',
- 'phone_number': 12354678,
- 'country': 'Norway',
- 'city': 'Trondheim',
- 'street_address': 'Trondheimsvegen',
- },
- 'empty': {
- 'email': '',
- 'username': '',
- 'password': '',
- 'password1': '',
- 'phone_number': '',
- 'country': '',
- 'city': '',
- 'street_address': '',
- },
- 'wrong': {
- 'email': 'test.no',
- 'username': 'test]',
- }
-}
-
-class TwoWayDomainTestOfRegistrationTestCase(TestCase):
- def setUp(self):
- self.client = Client()
-
- def test_domainRegistration(self):
- for case in test_cases:
- data = {}
-
- for key, value in case.items():
- data[key] = case_data[value][key]
- code = 201
-
- if case['email'] == 'wrong' or case['username'] == 'wrong' or case['password'] == 'empty' or case['username'] == 'empty' or case['password1'] == 'empty':
- code = 400
-
- response = self.client.post('/api/users/', data)
- self.assertEqual(response.status_code, code)
\ No newline at end of file
diff --git a/backend/secfit/users/tests/__init__.py b/backend/secfit/users/tests/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..c55e9171bc009b91e52d75b41583c1b64798bd19
--- /dev/null
+++ b/backend/secfit/users/tests/__init__.py
@@ -0,0 +1,4 @@
+from users.tests.registration import *
+from users.tests.userserializer import *
+from users.tests.twowaydomain import *
+from users.tests.rememberme import *
\ No newline at end of file
diff --git a/backend/secfit/users/tests/__pycache__/__init__.cpython-39.pyc b/backend/secfit/users/tests/__pycache__/__init__.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..6921f31b1d86262ba73498c36a1637a08351a9bd
Binary files /dev/null and b/backend/secfit/users/tests/__pycache__/__init__.cpython-39.pyc differ
diff --git a/backend/secfit/users/tests/__pycache__/registration.cpython-39.pyc b/backend/secfit/users/tests/__pycache__/registration.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..bc6227c0e731a32fab3c1a4ff7131f6f1e198459
Binary files /dev/null and b/backend/secfit/users/tests/__pycache__/registration.cpython-39.pyc differ
diff --git a/backend/secfit/users/tests/__pycache__/rememberme.cpython-39.pyc b/backend/secfit/users/tests/__pycache__/rememberme.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..20eb26f0d456f0966e2f57e0f32353a25dbe396c
Binary files /dev/null and b/backend/secfit/users/tests/__pycache__/rememberme.cpython-39.pyc differ
diff --git a/backend/secfit/users/tests/__pycache__/twowaydomain.cpython-39.pyc b/backend/secfit/users/tests/__pycache__/twowaydomain.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..16babb841fce3253a4b540c322badfa015c94119
Binary files /dev/null and b/backend/secfit/users/tests/__pycache__/twowaydomain.cpython-39.pyc differ
diff --git a/backend/secfit/users/tests/__pycache__/userserializer.cpython-39.pyc b/backend/secfit/users/tests/__pycache__/userserializer.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..4b2288fb5c7e81515fb240ce4b75e652f3758fc0
Binary files /dev/null and b/backend/secfit/users/tests/__pycache__/userserializer.cpython-39.pyc differ
diff --git a/backend/secfit/users/tests/registration.py b/backend/secfit/users/tests/registration.py
new file mode 100644
index 0000000000000000000000000000000000000000..ea159533ce9ee33fa0ee5c3bb56e1b1c87362315
--- /dev/null
+++ b/backend/secfit/users/tests/registration.py
@@ -0,0 +1,73 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from users.models import User
+
+url = "/api/users/"
+
+class RegistrationTestCase(TestCase):
+ """Django test for regestering a new user.
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_registration: Register new user
+ """
+
+ def setUp(self):
+ self.client = Client()
+
+ def test_registration(self):
+ data = {"username": "Test", "email": "test@t.no",
+ "password": "strong_pwd", "password1": "strong_pwd",
+ "phone_number": "12345678", "country": "Norway",
+ "city": "Trondheim", "street_address": "Trondheimsvegen 123"}
+
+ response = self.client.post(url, data)
+ self.assertEqual(response.status_code, 201)
+
+
+class BoundaryValuesOfRegistrationTestCase(TestCase):
+ """Django test for boundary values of regestering a new user.
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_minimum_data: Register new user with as little data as possible
+ test_blank_password: Register new user without password
+ test_blank_username: Register new user without username
+ test_invalid_email: Register new user without valid email
+ """
+
+ def set_up(self):
+ self.client = Client()
+
+ def test_minimum_data(self):
+ data = {"username": "t", "email": "",
+ "password": "1", "password1": "1",
+ "phone_number": "", "country": "",
+ "city": "", "street_address": ""}
+ response = self.client.post(url, data)
+ self.assertEqual(response.status_code, 201)
+
+ def test_blank_password(self):
+ data = {"username": "test", "email": "",
+ "password": "", "password1": "",
+ "phone_number": "", "country": "",
+ "city": "", "street_address": ""}
+ response = self.client.post(url, data)
+ self.assertEqual(response.status_code, 400)
+
+ def test_blank_username(self):
+ data = {"username": "", "email": "",
+ "password": "1", "password1": "1",
+ "phone_number": "", "country": "",
+ "city": "", "street_address": ""}
+ response = self.client.post(url, data)
+ self.assertEqual(response.status_code, 400)
+
+ def test_invalid_email(self):
+ data = {"username": "Test", "email": "test.no",
+ "password": "1", "password1": "1",
+ "phone_number": "", "country": "",
+ "city": "", "street_address": ""}
+ response = self.client.post(url, data)
+ self.assertEqual(response.status_code, 400)
\ No newline at end of file
diff --git a/backend/secfit/users/tests/rememberme.py b/backend/secfit/users/tests/rememberme.py
new file mode 100644
index 0000000000000000000000000000000000000000..476a28713415b8e97f725ebe2f5effdccde88d81
--- /dev/null
+++ b/backend/secfit/users/tests/rememberme.py
@@ -0,0 +1,28 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from rest_framework.test import APIRequestFactory, APIClient
+from users.serializers import UserSerializer
+from users.models import User
+from workouts.views import RememberMe
+
+url = '/api/remember_me/'
+
+class RemembermeTestCase(TestCase):
+ """Django test for the rememberme functionality
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_rememberme: Tests creation of rememberme for authenticated user
+ """
+
+ def setUp(self):
+ self.client = APIClient()
+ self.user = User.objects.create(username="user",password="test")
+ self.client.force_authenticate(user=self.user)
+
+ def test_rememberme(self):
+ data = {"username": "user", "password": "test"}
+ response = self.client.get(url, data)
+ self.assertEqual(response.status_code, 200)
+
\ No newline at end of file
diff --git a/backend/secfit/users/tests/twowaydomain.py b/backend/secfit/users/tests/twowaydomain.py
new file mode 100644
index 0000000000000000000000000000000000000000..cf4375868a2595f411f582f0b1276d6fe9237ad2
--- /dev/null
+++ b/backend/secfit/users/tests/twowaydomain.py
@@ -0,0 +1,90 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from users.serializers import UserSerializer
+from users.models import User
+
+url = "/api/users/"
+
+test_cases = [
+ {'email':'wrong', 'username':'wrong', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'empty', 'city':'empty', 'street_address':'normal'},
+ {'email':'wrong', 'username':'normal', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'normal', 'city':'normal', 'street_address':'empty'},
+ {'email':'wrong', 'username':'empty', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'empty', 'city':'normal', 'street_address':'normal'},
+ {'email':'wrong', 'username':'normal', 'password':'empty', 'password1':'empty', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'normal'},
+ {'email':'wrong', 'username':'normal', 'password':'normal', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'empty', 'street_address':'empty'},
+ {'email':'normal','username':'wrong', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'normal'},
+ {'email':'normal','username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
+ {'email':'normal','username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
+ {'email':'normal','username':'wrong', 'password':'empty', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'normal'},
+ {'email':'empty', 'username':'empty', 'password':'empty', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'normal'},
+ {'email':'empty', 'username':'wrong', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
+ {'email':'empty', 'username':'normal', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'empty', 'street_address':'normal'},
+ {'email':'empty', 'username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
+ {'email':'empty', 'username':'empty', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'normal'},
+ {'email':'empty', 'username':'wrong', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'empty'},
+ {'email':'empty', 'username':'normal', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'empty', 'city':'normal', 'street_address':'normal'},
+ {'email':'wrong', 'username':'wrong', 'password':'empty', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'normal', 'street_address':'normal'},
+ {'email':'wrong', 'username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'empty'},
+ {'email':'wrong', 'username':'wrong', 'password':'normal', 'password1':'empty', 'phone_number':'empty', 'country':'empty', 'city':'normal', 'street_address':'normal'},
+ {'email':'wrong', 'username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'empty', 'city':'empty', 'street_address':'normal'},
+ {'email':'normal','username':'normal', 'password':'empty', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'empty', 'street_address':'normal'},
+ {'email':'normal','username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'empty'},
+ {'email':'normal','username':'empty', 'password':'normal', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'empty', 'street_address':'normal'},
+ {'email':'normal','username':'wrong', 'password':'empty', 'password1':'normal', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'empty'},
+ {'email':'normal','username':'normal', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'normal', 'city':'empty', 'street_address':'normal'},
+ {'email':'normal','username':'empty', 'password':'empty', 'password1':'normal', 'phone_number':'empty', 'country':'normal', 'city':'normal', 'street_address':'empty'},
+ {'email':'normal','username':'wrong', 'password':'normal', 'password1':'empty', 'phone_number':'normal', 'country':'empty', 'city':'normal', 'street_address':'normal'}
+ ]
+
+case_data = {
+ 'normal': {
+ 'email': 'test@test.no',
+ 'username': 'test',
+ 'password': 'test123',
+ 'password1': 'test123',
+ 'phone_number': 12354678,
+ 'country': 'Norway',
+ 'city': 'Trondheim',
+ 'street_address': 'Trondheimsvegen',
+ },
+ 'empty': {
+ 'email': '',
+ 'username': '',
+ 'password': '',
+ 'password1': '',
+ 'phone_number': '',
+ 'country': '',
+ 'city': '',
+ 'street_address': '',
+ },
+ 'wrong': {
+ 'email': 'test.no',
+ 'username': 'test]',
+ }
+ }
+
+class TwoWayDomainTestOfRegistrationTestCase(TestCase):
+ """Django two-way domain test for registration of new user.
+
+ tests:
+ set_up: Set up everything needed for the test and define test cases
+ test_domain_registration Tests all test cases and evalutes them against expected responses
+ """
+
+ def set_up(self):
+ self.client = Client()
+
+ def test_domain_registration(self):
+ for case in test_cases:
+ data = {}
+
+ for key, value in case.items():
+ data[key] = case_data[value][key]
+ code = 201
+
+ if case['email'] == 'wrong' or case['username'] == 'wrong' or case['password'] == 'empty' or case['username'] == 'empty' or case['password1'] == 'empty':
+ code = 400
+
+ response = self.client.post(url, data)
+ self.assertEqual(response.status_code, code)
+
\ No newline at end of file
diff --git a/backend/secfit/users/tests/userserializer.py b/backend/secfit/users/tests/userserializer.py
new file mode 100644
index 0000000000000000000000000000000000000000..3565b9395113e1383abf5ee5b6e2b9f648e68247
--- /dev/null
+++ b/backend/secfit/users/tests/userserializer.py
@@ -0,0 +1,54 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from users.serializers import UserSerializer
+from users.models import User
+from django.core.exceptions import ValidationError
+
+url = "/api/users/"
+
+class UserSerializerTestCase(TestCase):
+ """Django test for the UserSerializer class.
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_validate_password_valid: Test the validate password method with valid input
+ test_validate_password_invalid: Test the validate password mothod with invalid input
+ test_create: Test creating a new user with the create method
+ """
+
+ def set_up(self):
+ self.user1 = User.objects.create(username="user1")
+ self.user2 = User.objects.create(username="user2", coach=self.user1)
+ self.factory = RequestFactory()
+
+ def test_validate_password_valid(self):
+ password = "some_very_strong_pwd"
+ serializer = UserSerializer(data = {'password': password,'password1': password})
+
+ validated_password = serializer.validate_password(password)
+ self.assertEqual(validated_password, password)
+
+ def test_validate_password_invalid(self):
+ password = "some_very_strong_pwd"
+ password1 = "Some_wrong_pwd"
+ serializer = UserSerializer(data = {'password': password,'password1': password})
+
+ serializer.validate_password(password1)
+ self.assertRaises(ValidationError)
+
+ def test_create(self):
+ data = {"username": "Test", "email": "test@test.no",
+ "password": "strong_pwd", "password1": "strong_pwd",
+ "phone_number": "12345678", "country": "Norway",
+ "city": "Trondheim", "street_address": "Trondheimsvegen 1"}
+
+ serializer = UserSerializer(data)
+ user = serializer.create(data)
+
+ self.assertEqual(user.username, "Test")
+ self.assertEqual(user.email, "test@test.no")
+ self.assertEqual(user.phone_number, "12345678")
+ self.assertEqual(user.country, "Norway")
+ self.assertEqual(user.city, "Trondheim")
+ self.assertEqual(user.street_address, "Trondheimsvegen 1")
\ No newline at end of file
diff --git a/backend/secfit/users/views.py b/backend/secfit/users/views.py
index f5efef5c2ce82566ab380cecad344e3143c31813..56bd1be3500c682c720850c441a2d9a5e4df23a8 100644
--- a/backend/secfit/users/views.py
+++ b/backend/secfit/users/views.py
@@ -98,7 +98,6 @@ class OfferList(
serializer.save(owner=self.request.user)
def get_queryset(self):
- qs = Offer.objects.none()
result = Offer.objects.none()
if self.request.user:
diff --git a/backend/secfit/workouts/serializers.py b/backend/secfit/workouts/serializers.py
index 26e6f25c6eeb3e944849ec7805d543cf188f6c4a..423a74c0cd0339df7254af96bc49c2408d4bd14a 100644
--- a/backend/secfit/workouts/serializers.py
+++ b/backend/secfit/workouts/serializers.py
@@ -133,10 +133,6 @@ class WorkoutSerializer(serializers.HyperlinkedModelSerializer):
instance.save()
# Handle ExerciseInstances
-
- # This updates existing exercise instances without adding or deleting object.
- # zip() will yield n 2-tuples, where n is
- # min(len(exercise_instance), len(exercise_instance_data))
for exercise_instance, exercise_instance_data in zip(
exercise_instances.all(), exercise_instances_data
):
@@ -158,13 +154,17 @@ class WorkoutSerializer(serializers.HyperlinkedModelSerializer):
ExerciseInstance.objects.create(
workout=instance, **exercise_instance_data
)
+
# Else if exercise instances have been removed from the workout, then delete them
elif len(exercise_instances_data) < len(exercise_instances.all()):
for i in range(len(exercise_instances_data), len(exercise_instances.all())):
exercise_instances.all()[i].delete()
+
+ self.handle_workout_files(instance, validated_data)
- # Handle WorkoutFiles
+ return instance
+ def handle_workout_files(self, instance, validated_data):
if "files" in validated_data:
files_data = validated_data.pop("files")
files = instance.files
@@ -183,9 +183,8 @@ class WorkoutSerializer(serializers.HyperlinkedModelSerializer):
# Else if files have been removed, delete WorkoutFiles
elif len(files_data) < len(files.all()):
for i in range(len(files_data), len(files.all())):
- files.all()[i].delete()
+ files.all()[i].delete()
- return instance
def get_owner_username(self, obj):
"""Returns the owning user's username
diff --git a/backend/secfit/workouts/tests.py b/backend/secfit/workouts/tests.py
deleted file mode 100644
index d656a7334d960e9993453e723e16f80fb899847a..0000000000000000000000000000000000000000
--- a/backend/secfit/workouts/tests.py
+++ /dev/null
@@ -1,481 +0,0 @@
-import json
-
-from django.test import TestCase, RequestFactory, Client
-from rest_framework.test import APIRequestFactory, APIClient
-from workouts.permissions import (
- IsOwner,
- IsOwnerOfWorkout,
- IsCoachAndVisibleToCoach,
- IsCoachOfWorkoutAndVisibleToCoach,
- IsPublic,
- IsWorkoutPublic,
- IsReadOnly
-)
-from workouts.models import Workout, Exercise, ExerciseInstance, WorkoutFile
-from users.models import User
-from comments.models import Comment
-
-
-
-### Test boundary values of new workout ###
-
-class BoundaryValuesOfNewWorkout(TestCase):
- def setUp(self):
- self.client = APIClient()
- self.user = User.objects.create(username="user",password="user")
- self.client.force_authenticate(user=self.user)
- self.request = json.loads('{"name": "test", "date": "2021-03-06T18:00:00.000Z", "notes": "note", "visibility": "PU", "exercise_instances": [], "filename": []}')
-
- def test_name(self):
- self.request["name"] = ""
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #Blank should fail
-
- self.request["name"] = "test"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,201)
-
- self.request["name"] = "@€xrgrdh"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,201) #Wierd signs should propably fail, but app is faulty
-
- self.request["name"] = "1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111" #100
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,201)
-
- self.request["name"] = "11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111" #101
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #More than 100 chars should fail
-
-
- def test_date(self):
- self.request["date"] = ""
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #Blank should fail
-
- self.request["date"] = "2021-32-32T18:00:00.000Z"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #Not valid date should fail
-
- self.request["date"] = "2021-03-08T18:00:00.000Z"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,201)
-
- def test_notes(self):
- self.request["notes"] = ""
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #Blank should fail
-
- self.request["notes"] = "test"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,201)
-
- # No upper value for notes
-
- def test_visibility(self):
- self.request["visibility"] = ""
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #Blank should fail
-
- self.request["visibility"] = "XX"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #Not one of the three cases should fail
-
- self.request["visibility"] = "PRI"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,400) #More than 2 chars should fail
-
- self.request["visibility"] = "PR"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,201)
-
-
-
-### Test FR5 - Visibility of details, files and comments for Athletes, Coaches and other users ###
-
-class AthleteAccessTestCase(TestCase):
- def setUp(self):
- self.client = Client()
-
- # Create user
- self.athlete = User.objects.create(username="user")
- self.athlete.set_password('user')
- self.athlete.save()
-
- # Authenticate athlete
- response = self.client.post('/api/token/', {'username': 'user', 'password': 'user'})
- content = json.loads(response.content)
- self.client.defaults['HTTP_AUTHORIZATION'] = 'Bearer ' + content['access']
-
- def test_visibilityOnPrivateContent(self):
- workout = Workout.objects.create(name="workout", date="2021-03-06T18:00:00Z", notes="notes", owner=self.athlete, visibility="PR")
- comment = Comment.objects.create(content="comment", timestamp="2021-03-06T18:00:00Z", owner=self.athlete, workout=workout)
- file = WorkoutFile.objects.create(file='/path/', owner=self.athlete, workout=workout)
-
- response = self.client.get('/api/workouts/'+str(workout.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- response = self.client.get('/api/comments/'+str(comment.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- response = self.client.get('/api/workout-files/'+str(file.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- def test_visibilityOnPublicContent(self):
- workout = Workout.objects.create(name="workout", date="2021-03-06T18:00:00Z", notes="notes", owner=self.athlete, visibility="PU")
- comment = Comment.objects.create(content="comment", timestamp="2021-03-06T18:00:00Z", owner=self.athlete, workout=workout)
- file = WorkoutFile.objects.create(file='/path/', owner=self.athlete, workout=workout)
-
- response = self.client.get('/api/workouts/'+str(workout.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- response = self.client.get('/api/comments/'+str(comment.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- response = self.client.get('/api/workout-files/'+str(file.id)+'/')
- self.assertEqual(response.status_code, 200)
-
-
-class CoachAccessTestCase(TestCase):
- def setUp(self):
- self.client = Client()
-
- # Create coach
- self.coach = User.objects.create(username="user1")
- self.coach.set_password('user1')
- self.coach.save()
-
- # Create user
- self.athlete = User.objects.create(username="user2", coach = self.coach)
- self.athlete.set_password('user2')
- self.athlete.save()
-
- # Authenticate coach
- response = self.client.post('/api/token/', {'username': 'user1', 'password': 'user1'})
- content = json.loads(response.content)
- self.client.defaults['HTTP_AUTHORIZATION'] = 'Bearer ' + content['access']
-
- def test_visibilityOnPrivateContent(self):
- workout = Workout.objects.create(name="workout", date="2021-03-06T18:00:00Z", notes="notes", owner=self.athlete, visibility="PR")
- comment = Comment.objects.create(content="comment", timestamp="2021-03-06T18:00:00Z", owner=self.athlete, workout=workout)
- file = WorkoutFile.objects.create(file='/path/', owner=self.athlete, workout=workout)
-
- response = self.client.get('/api/workouts/'+str(workout.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- response = self.client.get('/api/comments/'+str(comment.id)+'/')
- self.assertEqual(response.status_code, 403)
-
- response = self.client.get('/api/workout-files/'+str(file.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- def test_visibilityOnCoachContent(self):
- workout = Workout.objects.create(name="workout", date="2021-03-06T18:00:00Z", notes="notes", owner=self.athlete, visibility="CO")
- comment = Comment.objects.create(content="comment", timestamp="2021-03-06T18:00:00Z", owner=self.athlete, workout=workout)
- file = WorkoutFile.objects.create(file='/path/', owner=self.athlete, workout=workout)
-
- response = self.client.get('/api/workouts/'+str(workout.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- response = self.client.get('/api/comments/'+str(comment.id)+'/')
- self.assertEqual(response.status_code, 200)
-
- response = self.client.get('/api/workout-files/'+str(file.id)+'/')
- self.assertEqual(response.status_code, 200)
-
-
-class UserAccessTestCase(TestCase):
- def setUp(self):
- self.client = Client()
-
- # Create user
- self.athlete = User.objects.create(username="user1")
- self.athlete.set_password('user1')
- self.athlete.save()
-
- self.other = User.objects.create(username="user2")
- self.other.set_password('user2')
- self.other.save()
-
- # Authenticate user
- response = self.client.post('/api/token/', {'username': 'user2', 'password': 'user2'})
- content = json.loads(response.content)
- self.client.defaults['HTTP_AUTHORIZATION'] = 'Bearer ' + content['access']
-
- def test_visibilityOnPrivateContent(self):
- workout = Workout.objects.create(name="workout", date="2021-03-06T18:00:00Z", notes="notes", owner=self.athlete, visibility="PR")
- comment = Comment.objects.create(content="comment", timestamp="2021-03-06T18:00:00Z", owner=self.athlete, workout=workout)
- file = WorkoutFile.objects.create(file='/path/', owner=self.athlete, workout=workout)
-
- response = self.client.get('/api/workouts/'+str(workout.id)+'/')
- self.assertEqual(response.status_code, 403)
-
- response = self.client.get('/api/comments/'+str(comment.id)+'/')
- self.assertEqual(response.status_code, 403)
-
- response = self.client.get('/api/workout-files/'+str(file.id)+'/')
- self.assertEqual(response.status_code, 403)
-
- def test_visibilityOnCoachContent(self):
- workout = Workout.objects.create(name="workout", date="2021-03-06T18:00:00Z", notes="notes", owner=self.athlete, visibility="CO")
- comment = Comment.objects.create(content="comment", timestamp="2021-03-06T18:00:00Z", owner=self.athlete, workout=workout)
- file = WorkoutFile.objects.create(file='/path/', owner=self.athlete, workout=workout)
-
- response = self.client.get('/api/workouts/'+str(workout.id)+'/')
- self.assertEqual(response.status_code, 403)
-
- response = self.client.get('/api/comments/'+str(comment.id)+'/')
- self.assertEqual(response.status_code, 403)
-
- response = self.client.get('/api/workout-files/'+str(file.id)+'/')
- self.assertEqual(response.status_code, 403)
-
-
-
-### Test create workout for athlete as coach ###
-
-class CreateWorkoutForAthleteTestCase(TestCase):
- def setUp(self):
- self.client = APIClient()
- self.coach = User.objects.create(username="coach",password="coach")
- self.athlete = User.objects.create(username="athlete",password="athlete", coach=self.coach)
- self.client.force_authenticate(user=self.coach)
- self.request = json.loads('{"name": "test", "date": "2021-03-06T18:00:00.000Z", "notes": "note", "visibility": "PU", "exercise_instances": [], "filename": []}')
-
- def test_createWorkoutAsCoach(self):
- self.request["owner"] = "athlete"
- request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
- self.assertEquals(request.status_code,201)
-
- def test_checkCoach(self):
- workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.athlete, visibility="PU")
- self.assertEqual(self.athlete, workout.owner)
-
-
-
-### Test categorize exercise ###
-
-class CategorizeExerciseTestCase(TestCase):
- def setUp(self):
- self.client = Client()
-
- # Create user
- self.user = User.objects.create(username="user")
- self.user.set_password('user')
- self.user.save()
-
- # Authenticate user
- response = self.client.post('/api/token/', {'username': 'user', 'password': 'user'})
- content = json.loads(response.content)
- self.client.defaults['HTTP_AUTHORIZATION'] = 'Bearer ' + content['access']
-
- def test_createCategorizedEcercise(self):
- data = {"name": "Test", "description": "Test",
- "category": "Endurance", "unit": "kg"}
-
- response = self.client.post("/api/exercises/", data)
- self.assertEqual(response.status_code, 201)
-
- def test_checkCategorizedExercise(self):
- exercise = Exercise.objects.create(name="test", description="test", category="Endurance", unit="kg")
- self.assertEqual("Endurance", exercise.category)
-
-
-
-### Test permission-classes in workout/permissions ###
-
-class IsOwnerTestCase(TestCase):
- def setUp(self):
- self.user1 = User.objects.create(username="user1")
- self.user2 = User.objects.create(username="user2")
- self.factory = RequestFactory()
- self.isOwner = IsOwner()
- self.workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="PU")
-
- def test_isOwnerValid(self):
- request = self.factory.get('/')
- request.user = self.user1
- has_permission = self.isOwner.has_object_permission(request, None, self.workout)
- self.assertTrue(has_permission)
-
- def test_isOwnerInValid(self):
- request = self.factory.get('/')
- request.user = self.user2
- has_permission = self.isOwner.has_object_permission(request, None, self.workout)
- self.assertFalse(has_permission)
-
-
-class IsOwnerOfWorkoutTestCase(TestCase):
- def setUp(self):
- self.user1 = User.objects.create(username="user1")
- self.user2 = User.objects.create(username="user2")
- self.factory = RequestFactory()
- self.isOwnerOfWorkout = IsOwnerOfWorkout()
- self.workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="PU")
-
- def test_has_permissionValid(self):
- request = self.factory.get('/')
- request.user = self.user1
- request.data = { 'workout' : '/api/workouts/1/'}
- has_permission = self.isOwnerOfWorkout.has_permission(request, None)
- self.assertTrue(has_permission)
-
- request = self.factory.post('/')
- request.user = self.user1
- request.data = { 'workout' : '/api/workouts/1/'}
- has_permission = self.isOwnerOfWorkout.has_permission(request, None)
- self.assertTrue(has_permission)
-
- def test_has_permissionInValid(self):
- request = self.factory.post('/')
- request.user = self.user2
- request.data = { 'workout' : '/api/workouts/1/'}
- has_permission = self.isOwnerOfWorkout.has_permission(request, None)
- self.assertFalse(has_permission)
-
- request = self.factory.post('/')
- request.user = self.user1
- request.data = { 'workout' : None}
- has_permission = self.isOwnerOfWorkout.has_permission(request, None)
- self.assertFalse(has_permission)
-
- def test_has_object_permissionValid(self):
- request = self.factory.get('/')
- request.user = self.user1
- exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
- instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
-
- has_permission = self.isOwnerOfWorkout.has_object_permission(request, None, instance)
- self.assertTrue(has_permission)
-
- def test_has_object_permissionInValid(self):
- request = self.factory.get('/')
- request.user = self.user2
- exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
- instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
- has_permission = self.isOwnerOfWorkout.has_object_permission(request, None, instance)
- self.assertFalse(has_permission)
-
-
-class IsCoachAndVisibleToCoachTestCase(TestCase):
- def setUp(self):
- self.user3 = User.objects.create(username="user3")
- self.user2 = User.objects.create(username="user2")
- self.user1 = User.objects.create(username="user1", coach=self.user2)
-
- self.factory = RequestFactory()
- self.isCoachAndVisibleToCoach = IsCoachAndVisibleToCoach()
- self.workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="PU")
-
- def test_IsCoachAndVisibleToCoachValid(self):
- request = self.factory.get('/')
- request.user = self.user2
- has_permission = self.isCoachAndVisibleToCoach.has_object_permission(request, None, self.workout)
- self.assertTrue(has_permission)
-
- def test_IsCoachAndVisibleToCoachInValid(self):
- request = self.factory.get('/')
- request.user = self.user3
- has_permission = self.isCoachAndVisibleToCoach.has_object_permission(request, None, self.workout)
- self.assertFalse(has_permission)
-
-class IsCoachOfWorkoutAndVisibleToCoachTestCase(TestCase):
- def setUp(self):
- self.user3 = User.objects.create(username="user3")
- self.user2 = User.objects.create(username="user2")
- self.user1 = User.objects.create(username="user1", coach=self.user2)
-
- self.factory = RequestFactory()
- self.isCoachOfWorkoutAndVisibleToCoach = IsCoachOfWorkoutAndVisibleToCoach()
- self.workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="PU")
-
- def test_IsCoachOfWorkoutAndVisibleToCoachValid(self):
- request = self.factory.get('/')
- request.user = self.user2
- exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
- instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
- has_permission = self.isCoachOfWorkoutAndVisibleToCoach.has_object_permission(request, None, instance)
- self.assertTrue(has_permission)
-
- def test_IsCoachOfWorkoutAndVisibleToCoachInValid(self):
- request = self.factory.get('/')
- request.user = self.user3
- exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
- instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
- has_permission = self.isCoachOfWorkoutAndVisibleToCoach.has_object_permission(request, None, instance)
- self.assertFalse(has_permission)
-
-class IsPublicTestCase(TestCase):
- def setUp(self):
- self.user1 = User.objects.create(username="user1")
- self.user2 = User.objects.create(username="user2")
-
- self.factory = RequestFactory()
- self.isPublic = IsPublic()
-
- def test_isPublicValid(self):
- request = self.factory.get('/')
- request.user = self.user1
- workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="PU")
-
- is_public = self.isPublic.has_object_permission(request, None, workout)
- self.assertTrue(is_public)
-
- def test_isPublicInValid(self):
- request = self.factory.get('/')
- request.user = self.user1
- workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="CO")
-
- is_public = self.isPublic.has_object_permission(request, None, workout)
- self.assertFalse(is_public)
-
-class IsWorkoutPublicTestCase(TestCase):
- def setUp(self):
- self.user1 = User.objects.create(username="user1")
- self.user2 = User.objects.create(username="user2")
-
- self.factory = RequestFactory()
- self.isWorkoutPublic = IsWorkoutPublic()
-
- def test_isWorkoutPublicValid(self):
- request = self.factory.get('/')
- request.user = self.user1
- workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="PU")
- exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
- instance = ExerciseInstance.objects.create(workout=workout, exercise=exercise, sets=1, number=1)
-
- is_public = self.isWorkoutPublic.has_object_permission(request, None, instance)
- self.assertTrue(is_public)
-
- def test_isWorkoutPublicInValid(self):
- request = self.factory.get('/')
- request.user = self.user1
- workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="CO")
- exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
- instance = ExerciseInstance.objects.create(workout=workout, exercise=exercise, sets=1, number=1)
-
- is_public = self.isWorkoutPublic.has_object_permission(request, None, instance)
- self.assertFalse(is_public)
-
-class IsReadOnlyTestCase(TestCase):
- def setUp(self):
- self.user1 = User.objects.create(username="user1")
- self.user2 = User.objects.create(username="user2")
-
- self.factory = RequestFactory()
- self.isReadOnly = IsReadOnly()
- self.workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.user1, visibility="PU")
-
- def test_isReadOnlyValid(self):
- request = self.factory.get('/')
- request.user = self.user1
-
- is_readonly = self.isReadOnly.has_object_permission(request, None, self.workout)
- self.assertTrue(is_readonly)
-
- def test_isReadOnlyInValid(self):
- request = self.factory.post('/')
- request.user = self.user1
-
- is_readonly = self.isReadOnly.has_object_permission(request, None, self.workout)
- self.assertFalse(is_readonly)
\ No newline at end of file
diff --git a/backend/secfit/workouts/tests/__init__.py b/backend/secfit/workouts/tests/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..40c1f2dad94087bdfc5e5b7bc6918235bef0d1b1
--- /dev/null
+++ b/backend/secfit/workouts/tests/__init__.py
@@ -0,0 +1,5 @@
+from workouts.tests.permissions import *
+from workouts.tests.workouts import *
+from workouts.tests.visibility import *
+from workouts.tests.features import *
+from workouts.tests.workoutfiles import *
diff --git a/backend/secfit/workouts/tests/__pycache__/__init__.cpython-39.pyc b/backend/secfit/workouts/tests/__pycache__/__init__.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..bf6672fde4fc32647b1984a518b592a3c3328abe
Binary files /dev/null and b/backend/secfit/workouts/tests/__pycache__/__init__.cpython-39.pyc differ
diff --git a/backend/secfit/workouts/tests/__pycache__/features.cpython-39.pyc b/backend/secfit/workouts/tests/__pycache__/features.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..50625fcbe48c55f13915e8a6a03ae3661b62d6a5
Binary files /dev/null and b/backend/secfit/workouts/tests/__pycache__/features.cpython-39.pyc differ
diff --git a/backend/secfit/workouts/tests/__pycache__/permissions.cpython-39.pyc b/backend/secfit/workouts/tests/__pycache__/permissions.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..fd99adea274c2087cd1054eb2b8f3af461d65fb1
Binary files /dev/null and b/backend/secfit/workouts/tests/__pycache__/permissions.cpython-39.pyc differ
diff --git a/backend/secfit/workouts/tests/__pycache__/visibility.cpython-39.pyc b/backend/secfit/workouts/tests/__pycache__/visibility.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..bf81702d0c6ecdcfd6c2e74261229bccc49a178e
Binary files /dev/null and b/backend/secfit/workouts/tests/__pycache__/visibility.cpython-39.pyc differ
diff --git a/backend/secfit/workouts/tests/__pycache__/workoutfiles.cpython-39.pyc b/backend/secfit/workouts/tests/__pycache__/workoutfiles.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..70699ee7da46968f6914bda16cefe9bb5e83966d
Binary files /dev/null and b/backend/secfit/workouts/tests/__pycache__/workoutfiles.cpython-39.pyc differ
diff --git a/backend/secfit/workouts/tests/__pycache__/workouts.cpython-39.pyc b/backend/secfit/workouts/tests/__pycache__/workouts.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..80291826b23e56c82d4f7a9ed3f78cf3e29f5fea
Binary files /dev/null and b/backend/secfit/workouts/tests/__pycache__/workouts.cpython-39.pyc differ
diff --git a/backend/secfit/workouts/tests/features.py b/backend/secfit/workouts/tests/features.py
new file mode 100644
index 0000000000000000000000000000000000000000..b8f2de5ab141c44d632ca7584c7fdcf8091d9445
--- /dev/null
+++ b/backend/secfit/workouts/tests/features.py
@@ -0,0 +1,64 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from rest_framework.test import APIRequestFactory, APIClient
+from workouts.models import Workout, Exercise, ExerciseInstance, WorkoutFile
+from users.models import User
+
+class CreateWorkoutForAthleteTestCase(TestCase):
+ """Django test for UC1 - create workout for athlete as coach
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_create_workout_as_coach: Creates a workout as coach
+ test_check_coach: Checks that athlete is set as owner
+ """
+
+ def setUp(self):
+ self.client = APIClient()
+ self.coach = User.objects.create(username="coach",password="coach")
+ self.athlete = User.objects.create(username="athlete",password="athlete", coach=self.coach)
+ self.client.force_authenticate(user=self.coach)
+ self.request = json.loads('{"name": "test", "date": "2021-03-06T18:00:00.000Z", "notes": "note", "visibility": "PU", "exercise_instances": [], "filename": []}')
+
+ def test_create_workout_as_coach(self):
+ self.request["owner"] = "athlete"
+ request = self.client.post('/api/workouts/', json.dumps(self.request), content_type='application/json')
+ self.assertEquals(request.status_code,201)
+
+ def test_check_coach(self):
+ workout = Workout.objects.create(name="test", date="2021-03-02T18:00:00Z", notes="note", owner=self.athlete, visibility="PU")
+ self.assertEqual(self.athlete, workout.owner)
+
+class CategorizeExerciseTestCase(TestCase):
+ """Django test for UC4 - categorize exercise
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_create_categorized_excercise: Creates categorized exercise
+ test_check_categorized_exercise: Checks category of exercise
+ """
+
+ def setUp(self):
+ self.client = Client()
+
+ # Create user
+ self.user = User.objects.create(username="user")
+ self.user.set_password('user')
+ self.user.save()
+
+ # Authenticate user
+ response = self.client.post('/api/token/', {'username': 'user', 'password': 'user'})
+ content = json.loads(response.content)
+ self.client.defaults['HTTP_AUTHORIZATION'] = 'Bearer ' + content['access']
+
+ def test_create_categorized_exercise(self):
+ data = {"name": "Test", "description": "Test",
+ "category": "Endurance", "unit": "kg"}
+
+ response = self.client.post("/api/exercises/", data)
+ self.assertEqual(response.status_code, 201)
+
+ def test_check_categorized_exercise(self):
+ exercise = Exercise.objects.create(name="test", description="test", category="Endurance", unit="kg")
+ self.assertEqual("Endurance", exercise.category)
diff --git a/backend/secfit/workouts/tests/permissions.py b/backend/secfit/workouts/tests/permissions.py
new file mode 100644
index 0000000000000000000000000000000000000000..5a9c1b14fd1953ea0d4f8b261f29b4358a2e7041
--- /dev/null
+++ b/backend/secfit/workouts/tests/permissions.py
@@ -0,0 +1,271 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from workouts.permissions import (
+ IsOwner,
+ IsOwnerOfWorkout,
+ IsCoachAndVisibleToCoach,
+ IsCoachOfWorkoutAndVisibleToCoach,
+ IsPublic,
+ IsWorkoutPublic,
+ IsReadOnly
+)
+from workouts.models import Workout, Exercise, ExerciseInstance, WorkoutFile
+from users.models import User
+
+url_workout1 = '/api/workouts/1/'
+date = "2021-03-02T18:00:00Z"
+
+class IsOwnerTestCase(TestCase):
+ """Django test for the permission-class IsOwner in workout/permissions
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_is_owner_valid: Test a input where user is owner
+ test_is_owner_invalid: Test a input where user is not owner
+ """
+
+ def setUp(self):
+ self.user1 = User.objects.create(username="user1")
+ self.user2 = User.objects.create(username="user2")
+ self.factory = RequestFactory()
+ self.isOwner = IsOwner()
+ self.workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="PU")
+
+ def test_is_owner_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+ has_permission = self.isOwner.has_object_permission(request, None, self.workout)
+ self.assertTrue(has_permission)
+
+ def test_is_owner_invalid(self):
+ request = self.factory.get('/')
+ request.user = self.user2
+ has_permission = self.isOwner.has_object_permission(request, None, self.workout)
+ self.assertFalse(has_permission)
+
+class IsOwnerOfWorkoutTestCase(TestCase):
+ """Django test for the permission-class IsOwnerOfWorkout in workout/permissions
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_has_permission_valid: Test a input where user should have permission
+ test_has_permission_invalid: Input where user should not have permission
+ test_has_object_permission_valid: Test a input where user should have permission
+ test_has_object_permission_invalid: Input where user should not have permission
+ """
+
+ def setUp(self):
+ self.user1 = User.objects.create(username="user1")
+ self.user2 = User.objects.create(username="user2")
+ self.factory = RequestFactory()
+ self.isOwnerOfWorkout = IsOwnerOfWorkout()
+ self.workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="PU")
+
+ def test_has_permission_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+ request.data = { 'workout' : url_workout1}
+ has_permission = self.isOwnerOfWorkout.has_permission(request, None)
+ self.assertTrue(has_permission)
+
+ request = self.factory.post('/')
+ request.user = self.user1
+ request.data = { 'workout' : url_workout1}
+ has_permission = self.isOwnerOfWorkout.has_permission(request, None)
+ self.assertTrue(has_permission)
+
+ def test_has_permission_invalid(self):
+ request = self.factory.post('/')
+ request.user = self.user2
+ request.data = { 'workout' : url_workout1}
+ has_permission = self.isOwnerOfWorkout.has_permission(request, None)
+ self.assertFalse(has_permission)
+
+ request = self.factory.post('/')
+ request.user = self.user1
+ request.data = { 'workout' : None}
+ has_permission = self.isOwnerOfWorkout.has_permission(request, None)
+ self.assertFalse(has_permission)
+
+ def test_has_object_permission_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+ exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
+ instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
+
+ has_permission = self.isOwnerOfWorkout.has_object_permission(request, None, instance)
+ self.assertTrue(has_permission)
+
+ def test_has_object_permission_invalid(self):
+ request = self.factory.get('/')
+ request.user = self.user2
+ exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
+ instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
+ has_permission = self.isOwnerOfWorkout.has_object_permission(request, None, instance)
+ self.assertFalse(has_permission)
+
+class IsCoachAndVisibleToCoachTestCase(TestCase):
+ """Django test for the permission-class IsCoachAndVisibleToCoach in workout/permissions
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_is_coach_and_visible_to_coach_valid: Test where user is coach and checks that it is visible
+ test_is_coach_and_visible_to_coach_invalid: Test where user is not coach and checks that it is not visible
+ """
+
+ def setUp(self):
+ self.user3 = User.objects.create(username="user3")
+ self.user2 = User.objects.create(username="user2")
+ self.user1 = User.objects.create(username="user1", coach=self.user2)
+
+ self.factory = RequestFactory()
+ self.isCoachAndVisibleToCoach = IsCoachAndVisibleToCoach()
+ self.workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="PU")
+
+ def test_is_coach_and_visible_to_coach_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user2
+ has_permission = self.isCoachAndVisibleToCoach.has_object_permission(request, None, self.workout)
+ self.assertTrue(has_permission)
+
+ def test_is_coach_and_visible_to_coach_invalid(self):
+ request = self.factory.get('/')
+ request.user = self.user3
+ has_permission = self.isCoachAndVisibleToCoach.has_object_permission(request, None, self.workout)
+ self.assertFalse(has_permission)
+
+
+
+class IsCoachOfWorkoutAndVisibleToCoachTestCase(TestCase):
+ """Django test for the permission-class IsCoachOfWorkoutAndVisibleToCoach in workout/permissions
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_is_coach_of_workout_and_visible_to_coach_valid: Names describes itself
+ test_is_coach_of_workout_and_visible_to_coach_invalid: Names describes itself
+ """
+
+ def setUp(self):
+ self.user3 = User.objects.create(username="user3")
+ self.user2 = User.objects.create(username="user2")
+ self.user1 = User.objects.create(username="user1", coach=self.user2)
+
+ self.factory = RequestFactory()
+ self.isCoachOfWorkoutAndVisibleToCoach = IsCoachOfWorkoutAndVisibleToCoach()
+ self.workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="PU")
+
+ def test_is_coach_of_workout_and_visible_to_coach_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user2
+ exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
+ instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
+ has_permission = self.isCoachOfWorkoutAndVisibleToCoach.has_object_permission(request, None, instance)
+ self.assertTrue(has_permission)
+
+ def test_is_coach_of_workout_and_visible_to_coach_invalid(self):
+ request = self.factory.get('/')
+ request.user = self.user3
+ exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
+ instance = ExerciseInstance.objects.create(workout=self.workout, exercise=exercise, sets=1, number=1)
+ has_permission = self.isCoachOfWorkoutAndVisibleToCoach.has_object_permission(request, None, instance)
+ self.assertFalse(has_permission)
+
+class IsPublicTestCase(TestCase):
+ """Django test for the permission-class IsPublic in workout/permissions
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_is_public_valid: Test if public workout is public
+ test_is_public_invalid: Test if not public workout is not public
+ """
+
+ def setUp(self):
+ self.user1 = User.objects.create(username="user1")
+ self.user2 = User.objects.create(username="user2")
+
+ self.factory = RequestFactory()
+ self.isPublic = IsPublic()
+
+ def test_is_public_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+ workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="PU")
+
+ is_public = self.isPublic.has_object_permission(request, None, workout)
+ self.assertTrue(is_public)
+
+ def test_is_public_invalid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+ workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="CO")
+
+ is_public = self.isPublic.has_object_permission(request, None, workout)
+ self.assertFalse(is_public)
+
+class IsWorkoutPublicTestCase(TestCase):
+ """Django test for the permission-class IsWorkoutPublic in workout/permissions
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_is_workout_public_valid: Test if public workout is public
+ test_is_workout_public_invalid: Test if not public workout is not public
+ """
+
+ def setUp(self):
+ self.user1 = User.objects.create(username="user1")
+ self.user2 = User.objects.create(username="user2")
+
+ self.factory = RequestFactory()
+ self.isWorkoutPublic = IsWorkoutPublic()
+
+ def test_is_workout_public_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+ workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="PU")
+ exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
+ instance = ExerciseInstance.objects.create(workout=workout, exercise=exercise, sets=1, number=1)
+
+ is_public = self.isWorkoutPublic.has_object_permission(request, None, instance)
+ self.assertTrue(is_public)
+
+ def test_is_workout_public_invalid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+ workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="CO")
+ exercise = Exercise.objects.create(name="Test", description="Test", unit="Test")
+ instance = ExerciseInstance.objects.create(workout=workout, exercise=exercise, sets=1, number=1)
+
+ is_public = self.isWorkoutPublic.has_object_permission(request, None, instance)
+ self.assertFalse(is_public)
+
+class IsReadOnlyTestCase(TestCase):
+ """Django test for the permission-class IsWorkoutPublic in workout/permissions
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_is_read_only_valid: Test if workout is readonly not owner user
+ test_is_read_only_invalid: Test if workout is not readonly for owner
+ """
+
+ def setUp(self):
+ self.user1 = User.objects.create(username="user1")
+ self.user2 = User.objects.create(username="user2")
+
+ self.factory = RequestFactory()
+ self.isReadOnly = IsReadOnly()
+ self.workout = Workout.objects.create(name="test", date=date, notes="note", owner=self.user1, visibility="PU")
+
+ def test_is_read_only_valid(self):
+ request = self.factory.get('/')
+ request.user = self.user1
+
+ is_readonly = self.isReadOnly.has_object_permission(request, None, self.workout)
+ self.assertTrue(is_readonly)
+
+ def test_is_read_only_invalid(self):
+ request = self.factory.post('/')
+ request.user = self.user1
+
+ is_readonly = self.isReadOnly.has_object_permission(request, None, self.workout)
+ self.assertFalse(is_readonly)
diff --git a/backend/secfit/workouts/tests/visibility.py b/backend/secfit/workouts/tests/visibility.py
new file mode 100644
index 0000000000000000000000000000000000000000..3bf86e3ec385e8e5d77f794cc68378b516431aa2
--- /dev/null
+++ b/backend/secfit/workouts/tests/visibility.py
@@ -0,0 +1,173 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from workouts.models import Workout, Exercise, ExerciseInstance, WorkoutFile
+from users.models import User
+from comments.models import Comment
+
+url_workouts = '/api/workouts/'
+url_workout_files = '/api/workout-files/'
+url_comments = '/api/comments/'
+url_token = '/api/token/'
+url_path = '/path/'
+bearer = 'Bearer '
+date = "2021-03-06T18:00:00Z"
+
+class AthleteAccessTestCase(TestCase):
+ """Django test for FR5 - visibility of details, files and comments for Athletes
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_visibility_on_private_content: Test vilibility on private content
+ test_visibility_on_public_content: Test visibility on public content
+ """
+
+ def setUp(self):
+ self.client = Client()
+
+ # Create user
+ self.athlete = User.objects.create(username="user")
+ self.athlete.set_password('user')
+ self.athlete.save()
+
+ # Authenticate athlete
+ response = self.client.post(url_token, {'username': 'user', 'password': 'user'})
+ content = json.loads(response.content)
+ self.client.defaults['HTTP_AUTHORIZATION'] = bearer + content['access']
+
+ def test_visibility_on_private_content(self):
+ workout = Workout.objects.create(name="workout", date=date, notes="notes", owner=self.athlete, visibility="PR")
+ comment = Comment.objects.create(content="comment", timestamp=date, owner=self.athlete, workout=workout)
+ file = WorkoutFile.objects.create(file=url_path, owner=self.athlete, workout=workout)
+
+ response = self.client.get(url_workouts+str(workout.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ response = self.client.get(url_comments+str(comment.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ response = self.client.get(url_workout_files+str(file.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ def test_visibility_on_public_content(self):
+ workout = Workout.objects.create(name="workout", date=date, notes="notes", owner=self.athlete, visibility="PU")
+ comment = Comment.objects.create(content="comment", timestamp=date, owner=self.athlete, workout=workout)
+ file = WorkoutFile.objects.create(file=url_path, owner=self.athlete, workout=workout)
+
+ response = self.client.get(url_workouts+str(workout.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ response = self.client.get(url_comments+str(comment.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ response = self.client.get(url_workout_files+str(file.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+class CoachAccessTestCase(TestCase):
+ """Django test for FR5 - visibility of details, files and comments for Coaches
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_visibility_on_private_content: Test vilibility on private content
+ test_visibility_on_coach_content: Test visibility on coach content
+ """
+
+ def setUp(self):
+ self.client = Client()
+
+ # Create coach
+ self.coach = User.objects.create(username="user1")
+ self.coach.set_password('user1')
+ self.coach.save()
+
+ # Create user
+ self.athlete = User.objects.create(username="user2", coach = self.coach)
+ self.athlete.set_password('user2')
+ self.athlete.save()
+
+ # Authenticate coach
+ response = self.client.post(url_token, {'username': 'user1', 'password': 'user1'})
+ content = json.loads(response.content)
+ self.client.defaults['HTTP_AUTHORIZATION'] = bearer + content['access']
+
+ def test_visibility_on_private_content(self):
+ workout = Workout.objects.create(name="workout", date=date, notes="notes", owner=self.athlete, visibility="PR")
+ comment = Comment.objects.create(content="comment", timestamp=date, owner=self.athlete, workout=workout)
+ file = WorkoutFile.objects.create(file=url_path, owner=self.athlete, workout=workout)
+
+ response = self.client.get(url_workouts+str(workout.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ response = self.client.get(url_comments+str(comment.id)+'/')
+ self.assertEqual(response.status_code, 403)
+
+ response = self.client.get(url_workout_files+str(file.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ def test_visibility_on_coach_content(self):
+ workout = Workout.objects.create(name="workout", date=date, notes="notes", owner=self.athlete, visibility="CO")
+ comment = Comment.objects.create(content="comment", timestamp=date, owner=self.athlete, workout=workout)
+ file = WorkoutFile.objects.create(file=url_path, owner=self.athlete, workout=workout)
+
+ response = self.client.get(url_workouts+str(workout.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ response = self.client.get(url_comments+str(comment.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+ response = self.client.get(url_workout_files+str(file.id)+'/')
+ self.assertEqual(response.status_code, 200)
+
+class UserAccessTestCase(TestCase):
+ """Django test for FR5 - visibility of details, files and comments for other users
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_visibility_on_private_content: Test vilibility on private content
+ test_visibility_on_coach_content: Test visibility on coach content
+ """
+
+ def setUp(self):
+ self.client = Client()
+
+ # Create user
+ self.athlete = User.objects.create(username="user1")
+ self.athlete.set_password('user1')
+ self.athlete.save()
+
+ self.other = User.objects.create(username="user2")
+ self.other.set_password('user2')
+ self.other.save()
+
+ # Authenticate user
+ response = self.client.post(url_token, {'username': 'user2', 'password': 'user2'})
+ content = json.loads(response.content)
+ self.client.defaults['HTTP_AUTHORIZATION'] = bearer + content['access']
+
+ def test_visibility_on_private_content(self):
+ workout = Workout.objects.create(name="workout", date=date, notes="notes", owner=self.athlete, visibility="PR")
+ comment = Comment.objects.create(content="comment", timestamp=date, owner=self.athlete, workout=workout)
+ file = WorkoutFile.objects.create(file=url_path, owner=self.athlete, workout=workout)
+
+ response = self.client.get(url_workouts+str(workout.id)+'/')
+ self.assertEqual(response.status_code, 403)
+
+ response = self.client.get(url_comments+str(comment.id)+'/')
+ self.assertEqual(response.status_code, 403)
+
+ response = self.client.get(url_workout_files+str(file.id)+'/')
+ self.assertEqual(response.status_code, 403)
+
+ def test_visibility_on_coach_content(self):
+ workout = Workout.objects.create(name="workout", date=date, notes="notes", owner=self.athlete, visibility="CO")
+ comment = Comment.objects.create(content="comment", timestamp=date, owner=self.athlete, workout=workout)
+ file = WorkoutFile.objects.create(file=url_path, owner=self.athlete, workout=workout)
+
+ response = self.client.get(url_workouts+str(workout.id)+'/')
+ self.assertEqual(response.status_code, 403)
+
+ response = self.client.get(url_comments+str(comment.id)+'/')
+ self.assertEqual(response.status_code, 403)
+
+ response = self.client.get(url_workout_files+str(file.id)+'/')
+ self.assertEqual(response.status_code, 403)
diff --git a/backend/secfit/workouts/tests/workoutfiles.py b/backend/secfit/workouts/tests/workoutfiles.py
new file mode 100644
index 0000000000000000000000000000000000000000..c56e3f8edc318244646c5cbe6142dfa5033a5f13
--- /dev/null
+++ b/backend/secfit/workouts/tests/workoutfiles.py
@@ -0,0 +1,34 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from rest_framework.test import APIRequestFactory, APIClient
+from workouts.models import Workout, Exercise, ExerciseInstance, WorkoutFile
+from workouts.serializers import WorkoutSerializer
+from users.models import User
+
+class WorkoutFilesTestCase(TestCase):
+ """Django test for perserving the functionality of workout-files
+
+ tests:
+ set_up: Set up everything needed for the test
+ """
+ def setUp(self):
+ self.user = User.objects.create(username="user")
+ self.workout = Workout.objects.create(name="workout", date="2021-03-06T18:00:00Z", notes="note",
+ owner=self.user, visibility="PU")
+ self.exercise = Exercise.objects.create(name="exercise", description="test", unit="test")
+
+ def test_workout_files(self):
+ data = {'name': 'workout', 'notes': 'note', 'visibility': 'PU',
+ 'date': '2021-03-06T18:00:00.000Z',
+ 'exercise_instances': [{'exercise': self.exercise, 'sets':12, 'number':12}],
+ 'files': [{'owner': self.user, 'file':'workouts/1/document.pdf'}]
+ }
+ WorkoutSerializer(data).update(self.workout, data)
+
+ instance = ExerciseInstance.objects.filter(workout=self.workout).first()
+ self.assertEqual(instance.exercise, self.exercise)
+
+ files = WorkoutFile.objects.filter(workout=self.workout).first()
+ self.assertEqual(files.owner, self.user)
+ self.assertEqual(files.file, 'workouts/1/document.pdf')
diff --git a/backend/secfit/workouts/tests/workouts.py b/backend/secfit/workouts/tests/workouts.py
new file mode 100644
index 0000000000000000000000000000000000000000..01d62b1b7f7bd5990599b00914f5fbf01fcb34a9
--- /dev/null
+++ b/backend/secfit/workouts/tests/workouts.py
@@ -0,0 +1,87 @@
+import json
+
+from django.test import TestCase, RequestFactory, Client
+from rest_framework.test import APIRequestFactory, APIClient
+from workouts.models import Workout, Exercise, ExerciseInstance, WorkoutFile
+from users.models import User
+
+url_workout = '/api/workouts/'
+content_type = 'application/json'
+
+class BoundaryValuesOfNewWorkout(TestCase):
+ """Django test for boundary values of registering a new workout.
+
+ tests:
+ set_up: Set up everything needed for the test
+ test_name: Test boundary values of name field
+ test_date: Test boundary values of date field
+ test_notes: Test boundary values of notes field
+ test_visibility: Test boundary values of visibility field
+ """
+
+ def setUp(self):
+ self.client = APIClient()
+ self.user = User.objects.create(username="user",password="user")
+ self.client.force_authenticate(user=self.user)
+ self.request = json.loads('{"name": "test", "date": "2021-03-06T18:00:00.000Z", "notes": "note", "visibility": "PU", "exercise_instances": [], "filename": []}')
+
+ def test_name(self):
+ self.request["name"] = ""
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+ self.request["name"] = "test"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,201)
+
+ self.request["name"] = "@€xrgrdh"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,201)
+
+ self.request["name"] = "1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111" #100
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,201)
+
+ self.request["name"] = "11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111" #101
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+
+ def test_date(self):
+ self.request["date"] = ""
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+ self.request["date"] = "2021-32-32T18:00:00.000Z"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+ self.request["date"] = "2021-03-08T18:00:00.000Z"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,201)
+
+ def test_notes(self):
+ self.request["notes"] = ""
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+ self.request["notes"] = "test"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,201)
+
+ def test_visibility(self):
+ self.request["visibility"] = ""
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+ self.request["visibility"] = "XX"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+ self.request["visibility"] = "PRI"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,400)
+
+ self.request["visibility"] = "PR"
+ request = self.client.post(url_workout, json.dumps(self.request), content_type=content_type)
+ self.assertEquals(request.status_code,201)
diff --git a/backend/secfit/workouts/urls.py b/backend/secfit/workouts/urls.py
index 7c46a3f1ff311edc25dd455bb85780c1a1644738..a337905610097c2f337db1f54c0d636e3262d965 100644
--- a/backend/secfit/workouts/urls.py
+++ b/backend/secfit/workouts/urls.py
@@ -6,7 +6,6 @@ from rest_framework_simplejwt.views import (
TokenRefreshView,
)
-# This is a bit messy and will need to change
urlpatterns = format_suffix_patterns(
[
path("", views.api_root),
diff --git a/backend/secfit/workouts/views.py b/backend/secfit/workouts/views.py
index a4119b8c0f90698d5ffe6c721d8c5b22988bff83..bc80c843cbe9398a95df4fe894c8993e4577801c 100644
--- a/backend/secfit/workouts/views.py
+++ b/backend/secfit/workouts/views.py
@@ -65,17 +65,19 @@ class RememberMe(
serializer_class = RememberMeSerializer
+
def get(self, request):
if request.user.is_authenticated == False:
raise PermissionDenied
+
else:
- return Response({"remember_me": self.rememberme()})
+ return Response({"remember_me": self.create_rememberme()})
def post(self, request):
- cookieObject = namedtuple("Cookies", request.COOKIES.keys())(
+ cookie_object = namedtuple("Cookies", request.COOKIES.keys())(
*request.COOKIES.values()
)
- user = self.get_user(cookieObject)
+ user = self.get_user(cookie_object)
refresh = RefreshToken.for_user(user)
return Response(
{
@@ -84,15 +86,15 @@ class RememberMe(
}
)
- def get_user(self, cookieObject):
- decode = base64.b64decode(cookieObject.remember_me)
+ def get_user(self, cookie_object):
+ decode = base64.b64decode(cookie_object.remember_me)
user, sign = pickle.loads(decode)
# Validate signature
if sign == self.sign_user(user):
return user
- def rememberme(self):
+ def create_rememberme(self):
creds = [self.request.user, self.sign_user(str(self.request.user))]
return base64.b64encode(pickle.dumps(creds))
@@ -131,8 +133,8 @@ class WorkoutList(
def perform_create(self, serializer):
if(self.request.POST.get("owner")):
owner = self.request.POST.get("owner")
- User = get_user_model()
- user = User.objects.get(username=owner)
+ user_model = get_user_model()
+ user = user_model.objects.get(username=owner)
serializer.save(owner=user)
else:
serializer.save(owner=self.request.user)