1 # -*- coding: utf-8 -*-
2 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
3 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
5 from base64 import b64encode
10 from StringIO import StringIO
12 from urllib import quote, urlencode
13 from urlparse import parse_qs
15 from django.contrib.auth.models import User
16 from django.core.files.uploadedfile import SimpleUploadedFile
17 from django.test import TestCase
18 from django.test.utils import override_settings
19 from mock import patch
20 from piston.models import Consumer, Token
22 from catalogue.models import Book, Tag
23 from picture.forms import PictureImportForm
24 from picture.models import Picture
31 'BACKEND': 'django.core.cache.backends.dummy.DummyCache'}},
33 class ApiTest(TestCase):
34 def load_json(self, url):
35 content = self.client.get(url).content
37 data = json.loads(content)
39 self.fail('No JSON could be decoded: %s' % content)
42 def assert_response(self, url, name):
43 content = self.client.get(url).content.rstrip()
44 filename = path.join(path.dirname(__file__), 'res', 'responses', name)
45 with open(filename) as f:
46 good_content = f.read().rstrip()
47 self.assertEqual(content, good_content, content)
49 def assert_json_response(self, url, name):
50 data = self.load_json(url)
51 filename = path.join(path.dirname(__file__), 'res', 'responses', name)
52 with open(filename) as f:
53 good_data = json.load(f)
54 self.assertEqual(data, good_data, json.dumps(data, indent=4))
56 def assert_slugs(self, url, slugs):
57 have_slugs = [x['slug'] for x in self.load_json(url)]
58 self.assertEqual(have_slugs, slugs, have_slugs)
61 class BookTests(ApiTest):
64 self.tag = Tag.objects.create(category='author', slug='joe')
65 self.book = Book.objects.create(title='A Book', slug='a-book')
66 self.book_tagged = Book.objects.create(
67 title='Tagged Book', slug='tagged-book')
68 self.book_tagged.tags = [self.tag]
69 self.book_tagged.save()
71 def test_book_list(self):
72 books = self.load_json('/api/books/')
73 self.assertEqual(len(books), 2,
76 def test_tagged_books(self):
77 books = self.load_json('/api/authors/joe/books/')
79 self.assertEqual([b['title'] for b in books], [self.book_tagged.title],
80 'Wrong tagged book list.')
82 def test_detail(self):
83 book = self.load_json('/api/books/a-book/')
84 self.assertEqual(book['title'], self.book.title,
85 'Wrong book details.')
88 class TagTests(ApiTest):
91 self.tag = Tag.objects.create(
92 category='author', slug='joe', name='Joe')
93 self.book = Book.objects.create(title='A Book', slug='a-book')
94 self.book.tags = [self.tag]
97 def test_tag_list(self):
98 tags = self.load_json('/api/authors/')
99 self.assertEqual(len(tags), 1,
102 def test_tag_detail(self):
103 tag = self.load_json('/api/authors/joe/')
104 self.assertEqual(tag['name'], self.tag.name,
105 'Wrong tag details.')
108 class PictureTests(ApiTest):
109 def test_publish(self):
110 slug = "kandinsky-composition-viii"
111 xml = SimpleUploadedFile(
114 picture.tests.__path__[0], "files", slug + ".xml"
116 img = SimpleUploadedFile(
119 picture.tests.__path__[0], "files", slug + ".png"
122 import_form = PictureImportForm({}, {
123 'picture_xml_file': xml,
124 'picture_image_file': img
127 assert import_form.is_valid()
128 if import_form.is_valid():
131 Picture.objects.get(slug=slug)
134 class BooksTests(ApiTest):
135 fixtures = ['test-books.yaml']
137 def test_books(self):
138 self.assert_json_response('/api/books/', 'books.json')
139 self.assert_json_response('/api/books/?new_api=true', 'books.json')
140 self.assert_response('/api/books/?format=xml', 'books.xml')
142 self.assert_slugs('/api/audiobooks/', ['parent'])
143 self.assert_slugs('/api/daisy/', ['parent'])
144 self.assert_slugs('/api/newest/', ['parent'])
145 self.assert_slugs('/api/parent_books/', ['parent'])
146 self.assert_slugs('/api/recommended/', ['parent'])
149 self.assert_slugs('/api/books/after/grandchild/count/1/', ['parent'])
151 '/api/books/?new_api=true&after=$grandchild$3&count=1', ['parent'])
154 self.assert_slugs('/api/authors/john-doe/books/', ['parent'])
156 '/api/genres/sonet/books/?authors=john-doe',
158 # It is probably a mistake that this doesn't filter:
160 '/api/books/?authors=john-doe',
161 ['child', 'grandchild', 'parent'])
163 # Parent books by tag.
164 # Notice this contains a grandchild, if a child doesn't have the tag.
165 # This probably isn't really intended behavior and should be redefined.
167 '/api/genres/sonet/parent_books/',
168 ['grandchild', 'parent'])
170 def test_ebooks(self):
171 self.assert_json_response('/api/ebooks/', 'ebooks.json')
173 def test_filter_books(self):
174 self.assert_json_response('/api/filter-books/', 'filter-books.json')
176 '/api/filter-books/?lektura=false',
177 ['child', 'grandchild', 'parent'])
179 '/api/filter-books/?lektura=true',
183 '/api/filter-books/?preview=true',
186 '/api/filter-books/?preview=false',
190 '/api/filter-books/?audiobook=true',
193 '/api/filter-books/?audiobook=false',
194 ['child', 'grandchild'])
196 self.assert_slugs('/api/filter-books/?genres=wiersz', ['child'])
198 self.assert_slugs('/api/filter-books/?search=parent', ['parent'])
200 def test_collections(self):
201 self.assert_json_response('/api/collections/', 'collections.json')
202 self.assert_json_response(
203 '/api/collections/a-collection/',
207 self.assert_json_response('/api/books/parent/', 'books-parent.json')
208 self.assert_json_response('/api/books/child/', 'books-child.json')
209 self.assert_json_response(
210 '/api/books/grandchild/',
211 'books-grandchild.json')
214 # List of tags by category.
215 self.assert_json_response('/api/genres/', 'tags.json')
217 def test_fragments(self):
218 # This is not supported, though it probably should be.
219 # self.assert_json_response(
220 # '/api/books/child/fragments/',
223 self.assert_json_response(
224 '/api/genres/wiersz/fragments/',
226 self.assert_json_response(
227 '/api/books/child/fragments/an-anchor/',
231 class BlogTests(ApiTest):
233 self.assertEqual(self.load_json('/api/blog/'), [])
236 class PreviewTests(ApiTest):
238 self.assert_json_response('/api/preview/', 'preview.json')
241 class OAuth1Tests(ApiTest):
244 cls.user = User.objects.create(username='test')
245 cls.consumer_secret = 'len(quote(consumer secret))>=32'
246 Consumer.objects.create(
248 secret=cls.consumer_secret
252 def tearDownClass(cls):
253 User.objects.all().delete()
255 def test_create_token(self):
256 base_query = ("oauth_consumer_key=client&oauth_nonce=123&"
257 "oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&"
258 "oauth_version=1.0".format(int(time())))
261 quote('http://testserver/api/oauth/request_token/', safe=''),
262 quote(base_query, safe='')
265 quote(self.consumer_secret) + '&', raw, hashlib.sha1
267 h = b64encode(h).rstrip('\n')
269 query = "{}&oauth_signature={}".format(base_query, sign)
270 response = self.client.get('/api/oauth/request_token/?' + query)
271 request_token = parse_qs(response.content)
273 Token.objects.filter(
274 key=request_token['oauth_token'][0], token_type=Token.REQUEST
275 ).update(user=self.user, is_approved=True)
277 base_query = ("oauth_consumer_key=client&oauth_nonce=123&"
278 "oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&"
279 "oauth_token={}&oauth_version=1.0".format(
280 int(time()), request_token['oauth_token'][0]))
283 quote('http://testserver/api/oauth/access_token/', safe=''),
284 quote(base_query, safe='')
287 quote(self.consumer_secret) + '&' +
288 quote(request_token['oauth_token_secret'][0], safe=''),
292 h = b64encode(h).rstrip('\n')
294 query = u"{}&oauth_signature={}".format(base_query, sign)
295 response = self.client.get(u'/api/oauth/access_token/?' + query)
296 access_token = parse_qs(response.content)
299 Token.objects.filter(
300 key=access_token['oauth_token'][0],
301 token_type=Token.ACCESS,
306 class AuthorizedTests(ApiTest):
307 fixtures = ['test-books.yaml']
311 super(AuthorizedTests, cls).setUpClass()
312 cls.user = User.objects.create(username='test')
313 cls.consumer = Consumer.objects.create(
314 key='client', secret='12345678901234567890123456789012')
315 cls.token = Token.objects.create(
316 key='123456789012345678',
317 secret='12345678901234567890123456789012',
319 consumer=cls.consumer,
320 token_type=Token.ACCESS,
322 cls.key = cls.consumer.secret + '&' + cls.token.secret
325 def tearDownClass(cls):
327 cls.consumer.delete()
328 super(AuthorizedTests, cls).tearDownClass()
330 def signed(self, url, method='GET', params=None):
332 "oauth_consumer_key": self.consumer.key,
333 "oauth_nonce": "%f" % time(),
334 "oauth_signature_method": "HMAC-SHA1",
335 "oauth_timestamp": int(time()),
336 "oauth_token": self.token.key,
337 "oauth_version": "1.0",
342 sign_params.update(params)
343 sign_params.update(auth_params)
346 quote('http://testserver' + url, safe=''),
348 quote(str(k)) + "=" + quote(str(v))
349 for (k, v) in sorted(sign_params.items())))
351 auth_params["oauth_signature"] = quote(b64encode(hmac.new(
352 self.key, raw, hashlib.sha1).digest()).rstrip('\n'))
353 auth = 'OAuth realm="API", ' + ', '.join(
354 '{}="{}"'.format(k, v) for (k, v) in auth_params.items())
357 url = url + '?' + urlencode(params)
358 return getattr(self.client, method.lower())(
360 HTTP_AUTHORIZATION=auth
363 def signed_json(self, url, method='GET', params=None):
364 return json.loads(self.signed(url, method, params).content)
366 def test_books(self):
368 [b['liked'] for b in self.signed_json('/api/books/')],
369 [False, False, False]
371 # This one fails in the legacy implementation
372 # data = self.signed_json('/api/books/child/')
373 # self.assertFalse(data['parent']['liked'])
374 # self.assertFalse(data['children'][0]['liked'])
377 self.signed_json('/api/like/parent/'),
380 self.signed('/api/like/parent/', 'POST')
382 self.signed_json('/api/like/parent/'),
385 # There are several endpoints where 'liked' appears.
386 self.assertTrue(self.signed_json('/api/parent_books/')[0]['liked'])
387 self.assertTrue(self.signed_json(
388 '/api/filter-books/', params={"search": "parent"})[0]['liked'])
390 # This one fails in the legacy implementation.
391 #self.assertTrue(self.signed_json(
392 # '/api/books/child/')['parent']['liked'])
393 # Liked books go on shelf.
395 [x['slug'] for x in self.signed_json('/api/shelf/likes/')],
398 self.signed('/api/like/parent/', 'POST', {"action": "unlike"})
400 self.signed_json('/api/like/parent/'),
403 self.assertFalse(self.signed_json('/api/parent_books/')[0]['liked'])
405 def test_reading(self):
407 self.signed_json('/api/reading/parent/'),
408 {"state": "not_started"}
410 self.signed('/api/reading/parent/reading/', 'post')
412 self.signed_json('/api/reading/parent/'),
416 [x['slug'] for x in self.signed_json('/api/shelf/reading/')],
419 def test_subscription(self):
420 self.assert_slugs('/api/preview/', ['grandchild'])
422 self.signed_json('/api/username/'),
423 {"username": "test", "premium": False})
425 self.signed('/api/epub/grandchild/').status_code,
428 with patch('api.fields.user_is_subscribed', return_value=True):
430 self.signed_json('/api/username/'),
431 {"username": "test", "premium": True})
432 with patch('paypal.permissions.user_is_subscribed', return_value=True):
433 with patch('django.core.files.storage.Storage.open',
434 return_value=StringIO("<epub>")):
436 self.signed('/api/epub/grandchild/').content,