return explicite errors (#14967)

2017-02-15 08:57:25 +01:00 · 2017-02-15 08:57:25 +01:00 · bf13a76532
parent ab720fc59b
commit bf13a76532
2 changed files with 84 additions and 5 deletions
--- a/mandayejs/views.py
+++ b/mandayejs/views.py
@ -20,8 +20,6 @@ import logging
 import requests

 from django.contrib.auth.models import User
-from django.shortcuts import get_object_or_404
-
 from rest_framework import status
 from rest_framework.views import APIView
 from rest_framework.response import Response
@ -41,8 +39,19 @@ class ArchimedAccountDetails(APIView):
            app_settings.SITE_WS_ENDPOINT['account_details'])

        username = kwargs['username']
-        user = get_object_or_404(User, username=username)
-        credentials = get_object_or_404(UserCredentials, user=user)
+
+        try:
+            user = User.objects.get(username=username)
+        except (User.DoesNotExist,):
+            return Response({'message': 'User %s does not exist' % username,
+                            'success': False}, status=status.HTTP_404_NOT_FOUND)
+
+        try:
+            credentials = UserCredentials.objects.get(user=user)
+        except (UserCredentials.DoesNotExist,):
+            return Response({
+                'message': 'User %s is not associated' % username,
+                'success': False}, status=status.HTTP_404_NOT_FOUND)

        login_url = request.build_absolute_uri(
            '/DEFAULT/Ermes/Recherche/logon.svc/logon')
@ -53,7 +62,8 @@ class ArchimedAccountDetails(APIView):
            response = session.post(login_url, data=login_info)
            logger.debug("Archimed login response {}".format(response.json()))
            if not response.json()['success']:
-                return Response('Authentication failed', status=status.HTTP_401_UNAUTHORIZED)
+                return Response({'message': 'Authentication failed',
+                                'success': False}, status=status.HTTP_401_UNAUTHORIZED)

            content = {
                'codeConfig': '',
--- a/tests/test_archimed.py
+++ b/tests/test_archimed.py
@ -0,0 +1,69 @@
+import os
+import json
+
+import pytest
+import mock
+from rest_framework.test import APIClient as Client
+
+from mandayejs.applications import Archimed
+from utils import create_user, create_credentials
+
+pytestmark = pytest.mark.django_db
+
+
+def get_base_dir(filename):
+    return file(os.path.join(os.path.dirname(__file__), 'data', filename)).read()
+
+
+class MokcedRequestsResponse(mock.Mock):
+
+    def json(self):
+        return json.loads(self.content)
+
+
+MOCKED_RESPONSES_LIST = [
+    MokcedRequestsResponse(content=get_base_dir('archimed_auth_failure_response.json')),
+    MokcedRequestsResponse(content=get_base_dir('archimed_auth_success_response.json')),
+    MokcedRequestsResponse(content=get_base_dir('archimed_account_detail_response.json'))
+]
+
+
+@mock.patch('mandayejs.views.requests.Session.post')
+@mock.patch('mandayejs.applications.get_app_settings')
+def test_archimed_ws(mocked_get_app_settings, mocked_requests_post):
+    mocked_get_app_settings.return_value = Archimed
+    mocked_requests_post.side_effect = MOCKED_RESPONSES_LIST
+
+    user = create_user(username='kevin', password='kevin')
+
+    # test with invalid username
+    client = Client()
+    client.login(username='kevin', password='kevin')
+    response = client.get('/_mandaye/ws/account/whatever/')
+    assert response.status_code == 404
+    assert json.loads(response.content)['message'] == 'User whatever does not exist'
+    assert json.loads(response.content)['success'] is False
+
+    # test with unlinked user
+    client = Client()
+    client.login(username='kevin', password='kevin')
+    response = client.get('/_mandaye/ws/account/kevin/')
+    assert response.status_code == 404
+    assert json.loads(response.content)['message'] == 'User kevin is not associated'
+    assert json.loads(response.content)['success'] is False
+
+    create_credentials(user, {'carte': 'kevin', 'code': 'whatever'})
+    # test with wrong credentials
+    client = Client()
+    client.login(username='kevin', password='kevin')
+    response = client.get('/_mandaye/ws/account/kevin/')
+    assert response.status_code == 401
+    assert json.loads(response.content)['message'] == 'Authentication failed'
+    assert json.loads(response.content)['success'] is False
+
+    # test with good credentials
+    client.login(username='kevin', password='kevin')
+    response = client.get('/_mandaye/ws/account/kevin/')
+    assert response.status_code == 200
+    assert json.loads(response.content)['message'] == 'Whatever is whatever'
+    assert json.loads(response.content)['success'] is True