Add PUT method and tests

6 files changed, 97 insertions, 70 deletions

diff --git a/opendc/api/v2/simulations/simulationId/authorizations/userId/endpoint.py b/opendc/api/v2/simulations/simulationId/authorizations/userId/endpoint.py
index edc86c88..19d13a65 100644
--- a/opendc/api/v2/simulations/simulationId/authorizations/userId/endpoint.py
+++ b/opendc/api/v2/simulations/simulationId/authorizations/userId/endpoint.py
@@ -11,7 +11,7 @@ def DELETE(request):
     # Make sure required parameters are there
 
     try:
-        request.check_required_parameters(path={'simulationId': 'int', 'userId': 'int'})
+        request.check_required_parameters(path={'simulationId': 'int', 'userId': 'string'})
 
     except exceptions.ParameterError as e:
         return Response(400, str(e))
@@ -43,7 +43,7 @@ def GET(request):
     # Make sure required parameters are there
 
     try:
-        request.check_required_parameters(path={'simulationId': 'int', 'userId': 'int'})
+        request.check_required_parameters(path={'simulationId': 'int', 'userId': 'string'})
 
     except exceptions.ParameterError as e:
         return Response(400, str(e))
@@ -73,7 +73,7 @@ def POST(request):
 
     try:
         request.check_required_parameters(path={
-            'userId': 'int',
+            'userId': 'string',
             'simulationId': 'int'
         },
                                           body={'authorization': {
@@ -135,7 +135,7 @@ def PUT(request):
     try:
         request.check_required_parameters(path={
             'simulationId': 'int',
-            'userId': 'int'
+            'userId': 'string'
         },
                                           body={'authorization': {
                                               'authorizationLevel': 'string'
diff --git a/opendc/api/v2/users/endpoint.py b/opendc/api/v2/users/endpoint.py
index 6a99d2b3..245ea49b 100644
--- a/opendc/api/v2/users/endpoint.py
+++ b/opendc/api/v2/users/endpoint.py
@@ -12,12 +12,11 @@ def GET(request):
         return Response(400, str(e))
 
     user = DB.fetch_one({'email': request.params_query['email']}, 'users')
-    print(user)
 
     if user is None:
         return Response(404, f'User with email {request.params_query["email"]} not found')
 
-    return Response(200, 'Successfully retrieved {}.'.format(user), user)
+    return Response(200, f'Successfully retrieved {user}.', user)
 
 
 def POST(request):
@@ -33,11 +32,11 @@ def POST(request):
     existing_user = DB.fetch_one({'googleId': user['googleId']}, 'users')
 
     if existing_user is not None:
-        return Response(409, '{} already exists.'.format(existing_user))
+        return Response(409, f'{existing_user} already exists.')
 
     if not request.google_id == user['googleId']:
         return Response(403, 'Forbidden from creating this User.')
 
     user = DB.insert(user, 'users')
 
-    return Response(200, 'Successfully created {}'.format(user), user)
+    return Response(200, f'Successfully created {user}.', user)
diff --git a/opendc/api/v2/users/test_endpoint.py b/opendc/api/v2/users/test_endpoint.py
index dd6680a8..d60429b3 100644
--- a/opendc/api/v2/users/test_endpoint.py
+++ b/opendc/api/v2/users/test_endpoint.py
@@ -1,18 +1,20 @@
 from opendc.util.database import DB
 
 
-def test_get_user_missing_parameter(client):
+def test_get_user_by_email_missing_parameter(client):
     assert '400' in client.get('/api/v2/users').status
 
 
-def test_get_user_non_existing(client, mocker):
+def test_get_user_by_email_non_existing(client, mocker):
     mocker.patch.object(DB, 'fetch_one', return_value=None)
     assert '404' in client.get('/api/v2/users?email=test@test.com').status
 
 
-def test_get_user(client, mocker):
+def test_get_user_by_email(client, mocker):
     mocker.patch.object(DB, 'fetch_one', return_value={'email': 'test@test.com'})
-    assert '200' in client.get('/api/v2/users?email=test@test.com').status
+    res = client.get('/api/v2/users?email=test@test.com')
+    assert 'email' in res.json['content']
+    assert '200' in res.status
 
 
 def test_add_user_missing_parameter(client):
@@ -27,4 +29,6 @@ def test_add_user_existing(client, mocker):
 def test_add_user(client, mocker):
     mocker.patch.object(DB, 'fetch_one', return_value=None)
     mocker.patch.object(DB, 'insert', return_value={'email': 'test@test.com'})
-    assert '200' in client.post('/api/v2/users', json={'user': {'email': 'test@test.com'}}).status
+    res = client.post('/api/v2/users', json={'user': {'email': 'test@test.com'}})
+    assert 'email' in res.json['content']
+    assert '200' in res.status
diff --git a/opendc/api/v2/users/userId/authorizations/endpoint.py b/opendc/api/v2/users/userId/authorizations/endpoint.py
index 161034e1..75bde5fb 100644
--- a/opendc/api/v2/users/userId/authorizations/endpoint.py
+++ b/opendc/api/v2/users/userId/authorizations/endpoint.py
@@ -10,7 +10,7 @@ def GET(request):
     # Make sure required parameters are there
 
     try:
-        request.check_required_parameters(path={'userId': 'int'})
+        request.check_required_parameters(path={'userId': 'string'})
 
     except exceptions.ParameterError as e:
         return Response(400, str(e))
diff --git a/opendc/api/v2/users/userId/endpoint.py b/opendc/api/v2/users/userId/endpoint.py
index b7519973..bfed3fe5 100644
--- a/opendc/api/v2/users/userId/endpoint.py
+++ b/opendc/api/v2/users/userId/endpoint.py
@@ -1,78 +1,61 @@
 from opendc.models.user import User
 from opendc.util import exceptions
+from opendc.util.database import DB
 from opendc.util.rest import Response
 
 
-def DELETE(request):
-    """Delete this user."""
-
-    # Make sure required parameters are there
+def GET(request):
+    """Get this User."""
 
     try:
-        request.check_required_parameters(path={'userId': 'int'})
-
+        request.check_required_parameters(path={'userId': 'string'})
     except exceptions.ParameterError as e:
         return Response(400, str(e))
 
-    # Instantiate a User and make sure they exist
+    user = DB.fetch_one({'_id': request.params_path['userId']}, 'users')
 
-    user = User.from_primary_key((request.params_path['userId'], ))
+    if user is None:
+        return Response(404, f'User with ID {request.params_path["userId"]} not found.')
 
-    if not user.exists():
-        return Response(404, '{} not found'.format(user))
+    return Response(200, f'Successfully retrieved {user}.', user)
 
-    # Make sure this User is allowed to delete this User
-
-    if not user.google_id_has_at_least(request.google_id, 'OWN'):
-        return Response(403, 'Forbidden from deleting {}.'.format(user))
-
-    # Delete this User
-
-    user.delete()
-
-    # Return this User
-
-    return Response(200, 'Successfully deleted {}'.format(user), user.to_JSON())
-
-
-def GET(request):
-    """Get this User."""
 
-    # Make sure required parameters are there
+def PUT(request):
+    """Update this User's given name and/or family name."""
 
     try:
-        request.check_required_parameters(path={'userId': 'int'})
-
+        request.check_required_parameters(body={'user': {
+            'givenName': 'string',
+            'familyName': 'string'
+        }},
+                                          path={'userId': 'string'})
     except exceptions.ParameterError as e:
         return Response(400, str(e))
 
-    # Instantiate a User and make sure they exist
+    user_id = request.params_path['userId']
+    user = DB.fetch_one({'_id': user_id}, 'users')
 
-    user = User.from_primary_key((request.params_path['userId'], ))
+    if user is None:
+        return Response(404, f'User with ID {user_id} not found.')
 
-    if not user.exists():
-        return Response(404, '{} not found.'.format(user))
+    if user['googleId'] != request.google_id:
+        return Response(403, f'Forbidden from editing {user}.')
 
-    # Return this User
+    user['givenName'] = request.params_body['user']['givenName']
+    user['familyName'] = request.params_body['user']['familyName']
 
-    return Response(
-        200,
-        'Successfully retrieved {}'.format(user),
-        user.to_JSON(),
-    )
+    DB.update(user_id, user, 'users')
 
+    return Response(200, f'Successfully updated {user}.', user)
 
-def PUT(request):
-    """Update this User's given name and/ or family name."""
 
-    # Make sure the required parameters are there
+def DELETE(request):
+    """Delete this user."""
+
+    # Make sure required parameters are there
 
     try:
-        request.check_required_parameters(body={'user': {
-            'givenName': 'string',
-            'familyName': 'string'
-        }},
-                                          path={'userId': 'int'})
+        request.check_required_parameters(path={'userId': 'string'})
 
     except exceptions.ParameterError as e:
         return Response(400, str(e))
@@ -82,20 +65,17 @@ def PUT(request):
     user = User.from_primary_key((request.params_path['userId'], ))
 
     if not user.exists():
-        return Response(404, '{} not found.'.format(user))
+        return Response(404, '{} not found'.format(user))
 
-    # Make sure this User is allowed to edit this User
+    # Make sure this User is allowed to delete this User
 
     if not user.google_id_has_at_least(request.google_id, 'OWN'):
-        return Response(403, 'Forbidden from editing {}.'.format(user))
-
-    # Update this User
+        return Response(403, 'Forbidden from deleting {}.'.format(user))
 
-    user.given_name = request.params_body['user']['givenName']
-    user.family_name = request.params_body['user']['familyName']
+    # Delete this User
 
-    user.update()
+    user.delete()
 
     # Return this User
 
-    return Response(200, 'Successfully updated {}.'.format(user), user.to_JSON())
+    return Response(200, 'Successfully deleted {}'.format(user), user.to_JSON())
diff --git a/opendc/api/v2/users/userId/test_endpoint.py b/opendc/api/v2/users/userId/test_endpoint.py
new file mode 100644
index 00000000..4ba6d9af
--- /dev/null
+++ b/opendc/api/v2/users/userId/test_endpoint.py
@@ -0,0 +1,44 @@
+from opendc.util.database import DB
+
+
+def test_get_user_non_existing(client, mocker):
+    mocker.patch.object(DB, 'fetch_one', return_value=None)
+    assert '404' in client.get('/api/v2/users/1').status
+
+
+def test_get_user(client, mocker):
+    mocker.patch.object(DB, 'fetch_one', return_value={'email': 'test@test.com'})
+    res = client.get('/api/v2/users/1')
+    assert 'email' in res.json['content']
+    assert '200' in res.status
+
+
+def test_update_user_missing_parameter(client):
+    assert '400' in client.put('/api/v2/users/1').status
+
+
+def test_update_user_non_existing(client, mocker):
+    mocker.patch.object(DB, 'fetch_one', return_value=None)
+    assert '404' in client.put('/api/v2/users/1', json={'user': {'givenName': 'A', 'familyName': 'B'}}).status
+
+
+def test_update_user_different_user(client, mocker):
+    mocker.patch.object(DB, 'fetch_one', return_value=None)
+    assert '404' in client.put('/api/v2/users/1',
+                               json={
+                                   'user': {
+                                       'givenName': 'A',
+                                       'familyName': 'B'
+                                   }
+                               },
+                               headers={
+                                   'google_id': 'other_token'
+                               }).status
+
+
+def test_update_user(client, mocker):
+    mocker.patch.object(DB, 'fetch_one', return_value={'googleId': 'test'})
+    mocker.patch.object(DB, 'update', return_value=None)
+    res = client.put('/api/v2/users/1', json={'user': {'givenName': 'A', 'familyName': 'B'}})
+    assert 'givenName' in res.json['content']
+    assert '200' in res.status