Created
December 12, 2015 20:40
-
-
Save AmirTugi/3404571ac0f47af07608 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class AccountSerializer(serializers.ModelSerializer): | |
| password = serializers.CharField(write_only=True, required=False) | |
| confirm_password = serializers.CharField(write_only=True, required=False) | |
| class Meta: | |
| model = Account | |
| fields = ('id', 'username', 'first_name', 'last_name', 'email', 'gender', 'avatar', | |
| 'is_admin', 'last_login', 'date_joined', 'password', 'confirm_password', 'updated_at') | |
| def create(self, validated_data): | |
| password = validated_data['password'] | |
| confirm_password = validated_data['confirm_password'] | |
| if password == confirm_password: | |
| del validated_data['confirm_password'] | |
| # Create the user using create_user, and not serializer.create (IMPORTANT - Would not authenticate in the | |
| # API if not in create_user) | |
| return Account.objects.create_user(**validated_data) | |
| raise serializers.ValidationError(PASSWORDS_DID_NOT_MATCH) | |
| def update(self, instance, validated_data): | |
| # Update every field except passwords | |
| for attr, value in validated_data.items(): | |
| if attr in ['password', 'confirm_password']: | |
| continue | |
| setattr(instance, attr, validated_data.get(attr, value)) | |
| password = validated_data.get('password', None) | |
| confirm_password = validated_data.get('confirm_password', None) | |
| # Update password only if the passwords are filled | |
| if password and confirm_password: | |
| if password == confirm_password: | |
| instance.set_password(password) | |
| else: | |
| raise serializers.ValidationError(PASSWORDS_DID_NOT_MATCH) | |
| instance.save() | |
| update_session_auth_hash(self.context.get('request'), instance) | |
| return instance |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class PermissionsTest(APITestCase): | |
| def setUp(self): | |
| self.user_password = PASSWORD | |
| self.user_username = USERNAME | |
| self.jwt_header = JWT_HEADER | |
| self.data = { | |
| "username": self.user_username, | |
| "password": self.user_password, | |
| # Since it's the view, and not the regular API, we need to confirm the password. | |
| "confirm_password": self.user_password | |
| } | |
| # Create a new user for the testing | |
| Account.objects.create_user( | |
| username=self.user_username, | |
| password=self.user_password, | |
| ) | |
| def test_update_user_with_owner(self): | |
| """ | |
| Given a user | |
| When the owner wants to change information | |
| Then he will be allowed | |
| """ | |
| response = self.client.post('/api-token-auth/', self.data) | |
| token = response.json()['token'] | |
| token_decoded = utils.jwt_decode_handler(token) | |
| user_id = token_decoded['user_id'] | |
| email = '[email protected]' | |
| # TODO: Find out why serializer.update is not called. | |
| self.jwt_header['HTTP_AUTHORIZATION'] = self.jwt_header['HTTP_AUTHORIZATION'].format(token=token) | |
| put_response = self.client.put('/users/{user_id}/'.format(user_id=user_id), | |
| data={'email': email}, | |
| **self.jwt_header | |
| ) | |
| print put_response |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment