sachet/sachet-server
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

/users: fix wrong URL returned when POSTing

Browse Source
This commit is contained in:
dogeystamp 2023-05-21 17:28:51 -04:00
parent 5fd8fada2c
commit 076dc758df
Signed by: dogeystamp
GPG Key ID: 7225FE3592EFFA38
3 changed files with 45 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sachet/server/models.py
View File

@ -91,7 +91,7 @@ class User(db.Model):
password, current_app.config.get("BCRYPT_LOG_ROUNDS") password, current_app.config.get("BCRYPT_LOG_ROUNDS")
).decode() ).decode()
self.username = username self.username = username
self.url = url_for("users_blueprint.user_list_api", username=self.username) self.url = url_for("users_blueprint.user_api", username=self.username)
self.register_date = datetime.datetime.now() self.register_date = datetime.datetime.now()
def encode_token(self, jti=None): def encode_token(self, jti=None):

10
tests/conftest.py
View File

@ -125,6 +125,16 @@ def users(client):
Permissions.READ, Permissions.READ,
), ),
), ),
no_admin_user=dict(
password="password",
permissions=Bitmask(
Permissions.CREATE,
Permissions.MODIFY,
Permissions.DELETE,
Permissions.LOCK,
Permissions.READ,
),
),
administrator=dict(password="4321", permissions=Bitmask(Permissions.ADMIN)), administrator=dict(password="4321", permissions=Bitmask(Permissions.ADMIN)),
) )

34
tests/test_user.py Normal file
View File

@ -0,0 +1,34 @@
import pytest
def test_post(client, users, auth):
"""Test registering a user, then logging in to it."""
# register without adequate permissions
resp = client.post(
"/users",
headers=auth("no_admin_user"),
json={"username": "claire", "permissions": [], "password": "claire123"},
)
assert resp.status_code == 403
# properly register
resp = client.post(
"/users",
headers=auth("administrator"),
json={"username": "claire", "permissions": [], "password": "claire123"},
)
assert resp.status_code == 201
data = resp.get_json()
url = data.get("url")
assert url is not None
assert url == "/users/claire"
# try logging in now
resp = client.post(
"/users/login", json={"username": "claire", "password": "claire123"}
)
assert resp.status_code == 200
data = resp.get_json()
assert data.get("status") == "success"
assert data.get("username") == "claire"
token = data.get("auth_token")
assert token is not None and token != ""