diff --git a/app/database/models/mentorship_relation.py b/app/database/models/mentorship_relation.py index d3d4be6cc..de38e88a0 100644 --- a/app/database/models/mentorship_relation.py +++ b/app/database/models/mentorship_relation.py @@ -3,6 +3,7 @@ from app.database.models.tasks_list import TasksListModel from app.database.models.user import UserModel from app.database.sqlalchemy_extension import db +from sqlalchemy.orm import validates from app.utils.enum_utils import MentorshipRelationState @@ -123,3 +124,11 @@ def delete_from_db(self) -> None: self.tasks_list.delete_from_db() db.session.delete(self) db.session.commit() + + @validates("notes") + def validate(self, key, value): + if key == "notes": + if value is not None: + value = str(value).strip() + assert len(value.strip()) > 2 + return value diff --git a/app/database/models/task_comment.py b/app/database/models/task_comment.py index 3dfac23c7..6846ea6cd 100644 --- a/app/database/models/task_comment.py +++ b/app/database/models/task_comment.py @@ -2,6 +2,7 @@ from app.api.validations.task_comment import COMMENT_MAX_LENGTH from app.database.sqlalchemy_extension import db +from sqlalchemy.orm import validates class TaskCommentModel(db.Model): @@ -105,3 +106,11 @@ def delete_from_db(self): """Deletes a comment task from the database.""" db.session.delete(self) db.session.commit() + + @validates("comment") + def validate(self, key, value): + if key == "comment": + assert value is not None + value = str(value).strip() + assert len(value) > 2 + return value diff --git a/app/database/models/user.py b/app/database/models/user.py index 075b7eb07..c1aadef1c 100644 --- a/app/database/models/user.py +++ b/app/database/models/user.py @@ -1,6 +1,14 @@ -from werkzeug.security import generate_password_hash, check_password_hash import time + +from sqlalchemy.orm import validates +from werkzeug.security import generate_password_hash, check_password_hash + from app.database.sqlalchemy_extension import db +from app.utils.validation_utils import ( + is_name_valid, + is_email_valid, + is_username_valid, +) class UserModel(db.Model): @@ -155,3 +163,15 @@ def delete_from_db(self) -> None: """Deletes a user from the database.""" db.session.delete(self) db.session.commit() + + @validates("username", "name", "email", "terms_and_conditions_checked") + def validate(self, key, value): + if key == "username": + assert is_username_valid(value) + elif key == "name": + assert is_name_valid(value) + elif key == "email": + assert is_email_valid(value) + elif key == "terms_and_conditions_checked": + assert value is True + return value diff --git a/tests/mentorship_relation/test_database_model.py b/tests/mentorship_relation/test_database_model.py index 654d874ed..9d16b7b7e 100644 --- a/tests/mentorship_relation/test_database_model.py +++ b/tests/mentorship_relation/test_database_model.py @@ -150,6 +150,20 @@ def test_empty_table(self): db.session.commit() self.assertTrue(MentorshipRelationModel.is_empty()) + def test__validations_comment(self): + self.assertRaises( + AssertionError, + MentorshipRelationModel, + action_user_id=self.first_user.id, + mentor_user=self.first_user, + mentee_user=self.second_user, + creation_date=self.now_datetime, + end_date=self.end_date_example, + state=MentorshipRelationState.PENDING, + notes=" s ", + tasks_list=TasksListModel(), + ) + if __name__ == "__main__": unittest.main() diff --git a/tests/task_comments/test_database_model.py b/tests/task_comments/test_database_model.py new file mode 100644 index 000000000..a1d551a3e --- /dev/null +++ b/tests/task_comments/test_database_model.py @@ -0,0 +1,20 @@ +from app.database.models.task_comment import TaskCommentModel +from tests.base_test_case import BaseTestCase + + +class TestTaskCommentModel(BaseTestCase): + def test_task_validations_comment(self): + self.assertRaises( + AssertionError, + TaskCommentModel, + user_id=1, + task_id=1, + relation_id=1, + comment="", + ) + + def test_task_validations_comment_strip(self): + comment = TaskCommentModel( + user_id=1, task_id=1, relation_id=1, comment=" user " + ) + self.assertEqual(comment.comment, "user") diff --git a/tests/test_data.py b/tests/test_data.py index a71d952a6..989453ef9 100644 --- a/tests/test_data.py +++ b/tests/test_data.py @@ -7,7 +7,7 @@ } test_admin_user_2 = { - "name": "Admin_2", + "name": "Adminb", "email": "admin2@email.com", "username": "admin2_username", "password": "admin2_pwd", @@ -15,7 +15,7 @@ } test_admin_user_3 = { - "name": "Admin_3", + "name": "Adminc", "email": "admin3@email.com", "username": "admin3_username", "password": "admin3_pwd", @@ -42,7 +42,7 @@ } user3 = { - "name": "s_t-r$a/n'ge name", + "name": "strange name", "email": "user3@email.com", "username": "user3", "password": "user3_pwd", @@ -50,7 +50,7 @@ } user4 = { - "name": "user4@email.com", + "name": "userc", "email": "user4@email.com", "username": "user4", "password": "user4_pwd", @@ -58,7 +58,7 @@ } user5 = { - "name": "user5@email.com", + "name": "userd", "email": "user5@email.com", "username": "user5", "password": "user5_pwd", diff --git a/tests/users/test_api_change_password.py b/tests/users/test_api_change_password.py index 626de8093..792ca02c9 100644 --- a/tests/users/test_api_change_password.py +++ b/tests/users/test_api_change_password.py @@ -26,7 +26,7 @@ def setUp(self): super().setUp() self.first_user = UserModel( password=user1["password"], - name="User1", + name="User", email="user1@email.com", username="user_not_admin", terms_and_conditions_checked=True, diff --git a/tests/users/test_api_home_statistics.py b/tests/users/test_api_home_statistics.py index dbae59c89..343f22cd6 100644 --- a/tests/users/test_api_home_statistics.py +++ b/tests/users/test_api_home_statistics.py @@ -15,8 +15,8 @@ class TestHomeStatisticsApi(BaseTestCase): def setUp(self): super().setUp() - self.user1 = UserModel("User1", "user1", "__test__", "test@email.com", True) - self.user2 = UserModel("User2", "user2", "__test__", "test2@email.com", True) + self.user1 = UserModel("UserA", "user1", "__test__", "test@email.com", True) + self.user2 = UserModel("UserB", "user2", "__test__", "test2@email.com", True) self.user1.available_to_mentor = True self.user1.is_email_verified = True self.user2.need_mentoring = True @@ -56,14 +56,14 @@ def test_pending_requests_auth(self): creation_date=start_date, end_date=end_date, state=MentorshipRelationState.PENDING, - notes="", + notes=None, tasks_list=tasks_list, ) db.session.add(mentorship_relation) db.session.commit() expected_response = { - "name": "User1", + "name": "UserA", "pending_requests": 1, "accepted_requests": 0, "rejected_requests": 0, @@ -92,14 +92,14 @@ def test_accepted_requests_auth(self): creation_date=start_date, end_date=end_date, state=MentorshipRelationState.ACCEPTED, - notes="", + notes=None, tasks_list=tasks_list, ) db.session.add(mentorship_relation) db.session.commit() expected_response = { - "name": "User1", + "name": "UserA", "pending_requests": 0, "accepted_requests": 1, "rejected_requests": 0, @@ -128,14 +128,14 @@ def test_rejected_requests(self): creation_date=start_date, end_date=end_date, state=MentorshipRelationState.REJECTED, - notes="", + notes=None, tasks_list=tasks_list, ) db.session.add(mentorship_relation) db.session.commit() expected_response = { - "name": "User1", + "name": "UserA", "pending_requests": 0, "accepted_requests": 0, "rejected_requests": 1, @@ -164,14 +164,14 @@ def test_completed_relations(self): creation_date=start_date, end_date=end_date, state=MentorshipRelationState.COMPLETED, - notes="", + notes=None, tasks_list=tasks_list, ) db.session.add(mentorship_relation) db.session.commit() expected_response = { - "name": "User1", + "name": "UserA", "pending_requests": 0, "accepted_requests": 0, "rejected_requests": 0, @@ -199,14 +199,14 @@ def test_cancelled_relations(self): creation_date=start_date, end_date=end_date, state=MentorshipRelationState.CANCELLED, - notes="", + notes=None, tasks_list=tasks_list, ) db.session.add(mentorship_relation) db.session.commit() expected_response = { - "name": "User1", + "name": "UserA", "pending_requests": 0, "accepted_requests": 0, "rejected_requests": 0, @@ -253,7 +253,7 @@ def test_achievements(self): creation_date=start_date, end_date=end_date, state=MentorshipRelationState.ACCEPTED, - notes="", + notes=None, tasks_list=tasks_list, ) @@ -261,7 +261,7 @@ def test_achievements(self): db.session.commit() expected_response = { - "name": "User1", + "name": "UserA", "pending_requests": 0, "accepted_requests": 1, "rejected_requests": 0, diff --git a/tests/users/test_api_list_users.py b/tests/users/test_api_list_users.py index 7c49d08c7..68e34ae05 100644 --- a/tests/users/test_api_list_users.py +++ b/tests/users/test_api_list_users.py @@ -124,11 +124,12 @@ def test_list_users_api_with_a_search_query_with_spaces_resource_auth(self): self.assertEqual(HTTPStatus.OK, actual_response.status_code) self.assertEqual(expected_response, json.loads(actual_response.data)) + # invalid test case def test_list_users_api_with_search_with_special_characters_resource_auth(self): auth_header = get_test_request_header(self.admin_user.id) expected_response = [marshal(self.second_user, public_user_api_model)] actual_response = self.client.get( - f"/users?search=s_t-r%24a%2Fn'ge", + f"/users?search=strange%20%20name", follow_redirects=True, headers=auth_header, ) diff --git a/tests/users/test_dao.py b/tests/users/test_dao.py index c6595fe11..7558b9325 100644 --- a/tests/users/test_dao.py +++ b/tests/users/test_dao.py @@ -18,7 +18,7 @@ class TestUserDao(BaseTestCase): def test_dao_create_user(self): dao = UserDAO() data = dict( - name="User2", + name="UserB", username="user2", email="user2@email.com", password="test_password", @@ -30,7 +30,7 @@ def test_dao_create_user(self): user = UserModel.query.filter_by(email="user2@email.com").first() self.assertTrue(user is not None) self.assertTrue(user.id is not None) - self.assertTrue(user.name == "User2") + self.assertTrue(user.name == "UserB") self.assertTrue(user.username == "user2") self.assertTrue(user.email == "user2@email.com") self.assertFalse(user.is_admin) diff --git a/tests/users/test_database_model.py b/tests/users/test_database_model.py index c183d5aef..93e5f2113 100644 --- a/tests/users/test_database_model.py +++ b/tests/users/test_database_model.py @@ -7,6 +7,7 @@ from tests.test_data import test_admin_user + # Testing User database model # # TODO tests: @@ -14,9 +15,8 @@ # - Check if first user is an admin -class TestAdminUserModel(BaseTestCase): +class TestUserModel(BaseTestCase): def test_is_first_user_admin(self): - user = UserModel.query.filter_by(email=test_admin_user["email"]).first() self.assertTrue(user is not None) self.assertTrue(user.id is not None) @@ -31,9 +31,8 @@ def test_is_first_user_admin(self): ) def test_second_user_cannot_be_admin(self): - user = UserModel( - name="User1", + name="UserA", email="user1@email.com", username="user_not_admin", password="user1_password", @@ -45,7 +44,7 @@ def test_second_user_cannot_be_admin(self): user = UserModel.query.filter_by(email="user1@email.com").first() self.assertTrue(user is not None) self.assertTrue(user.id is not None) - self.assertTrue(user.name == "User1") + self.assertTrue(user.name == "UserA") self.assertTrue(user.username == "user_not_admin") self.assertTrue(user.email == "user1@email.com") self.assertFalse(user.password_hash == "user1_password") @@ -55,6 +54,50 @@ def test_second_user_cannot_be_admin(self): self.assertIsInstance(user.registration_date, float) self.assertFalse(user.is_email_verified) + def test_user_validations_name(self): + self.assertRaises( + AssertionError, + UserModel, + name="User@$1", + email="user1@email.com", + username="user", + password="user1_password", + terms_and_conditions_checked=True, + ) + + def test_user_validations_email(self): + self.assertRaises( + AssertionError, + UserModel, + name="User1", + email="user1", + username="user", + password="user1_password", + terms_and_conditions_checked=True, + ) + + def test_user_validations_username(self): + self.assertRaises( + AssertionError, + UserModel, + name="User", + email="user1@email.com", + username="user_not$$_admin", + password="user1_password", + terms_and_conditions_checked=True, + ) + + def test_user_validations(self): + self.assertRaises( + AssertionError, + UserModel, + name="User", + email="user1@email.com", + username="user_not_admin", + password="user1_password", + terms_and_conditions_checked=False, + ) + if __name__ == "__main__": unittest.main()