update api for change user profile and get user profile, add test cases (#3394)

* update api for change user profile and get user profile, add test cases
2025-09-15 23:00:57 +00:00 · 2019-04-30 17:14:49 +08:00
parent 7d22cc958d
commit b44d1ef870
3 changed files with 219 additions and 15 deletions
--- a/seahub/api2/endpoints/user.py
+++ b/seahub/api2/endpoints/user.py
@@ -6,13 +6,16 @@ from rest_framework.authentication import SessionAuthentication
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
+from django.utils.translation import ugettext as _

+from seahub.utils import is_valid_email
 from seahub.api2.authentication import TokenAuthentication
 from seahub.api2.throttling import UserRateThrottle
 from seahub.api2.utils import api_error
 from seahub.base.templatetags.seahub_tags import email2nickname, \
        email2contact_email
-from seahub.profile.models import Profile
+from seahub.profile.models import Profile, DetailedProfile
+from seahub.settings import ENABLE_UPDATE_USER_INFO, ENABLE_USER_SET_CONTACT_EMAIL

 logger = logging.getLogger(__name__)
 json_content_type = 'application/json; charset=utf-8'
@@ -27,26 +30,35 @@ class User(APIView):

    def _get_user_info(self, email):
        profile = Profile.objects.get_profile_by_user(email)
+        d_profile = DetailedProfile.objects.get_detailed_profile_by_user(email)

        info = {}
        info['email'] = email
        info['name'] = email2nickname(email)
        info['contact_email'] = email2contact_email(email)
+        info['telephone'] = d_profile.telephone if d_profile else ''
+        info['login_id'] = profile.login_id if profile else ''
        info['list_in_address_book'] = profile.list_in_address_book if profile else False

        return info

-    def _update_user_additional_info(self, request, email):
+    def _update_user_info(self, info_dict, email):
+
+        # update nickname
+        if info_dict['name']:
+            Profile.objects.add_or_update(email, nickname=info_dict['name'])
+
+        # update account contact email
+        if info_dict['contact_email']:
+            Profile.objects.add_or_update(email, contact_email=info_dict['contact_email'])
+
+        # update account telephone
+        if info_dict['telephone']:
+            DetailedProfile.objects.add_or_update(email, department=None , telephone=info_dict['telephone'])

        # update user list_in_address_book
-        list_in_address_book = request.data.get("list_in_address_book", None)
-        if list_in_address_book is not None:
-            profile = Profile.objects.get_profile_by_user(email)
-            if profile is None:
-                profile = Profile(user=email)
-
-            profile.list_in_address_book = list_in_address_book.lower() == 'true'
-            profile.save()
+        if info_dict['list_in_address_book']:
+            Profile.objects.add_or_update(email, list_in_address_book=info_dict['list_in_address_book'])

    def get(self, request):
        email = request.user.username
@@ -57,15 +69,63 @@ class User(APIView):

        email = request.user.username

+        if not ENABLE_UPDATE_USER_INFO:
+            error_msg = _(u'Feature disabled.')
+            return api_error(status.HTTP_403_FORBIDDEN, error_msg)
+
+        # argument check for name
+        name = request.data.get("name", None)
+        if name:
+            name = name.strip()
+            if len(name) > 64:
+                error_msg = _(u'Name is too long (maximum is 64 characters)')
+                return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+            if "/" in name:
+                error_msg = _(u"Name should not include '/'.")
+                return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        # argument check for contact_email
+        contact_email = request.data.get("contact_email", None)
+        if contact_email:
+            if not ENABLE_USER_SET_CONTACT_EMAIL:
+                error_msg = _(u'Feature disabled.')
+                return api_error(status.HTTP_403_FORBIDDEN, error_msg)
+
+            contact_email = contact_email.strip()
+            if not is_valid_email(contact_email):
+                error_msg = 'contact_email invalid.'
+                return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+            if Profile.objects.get_profile_by_contact_email(contact_email):
+                error_msg = _('Contact email %s already exists.' % contact_email)
+                return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        # agrument check for telephone
+        telephone = request.data.get('telephone', None)
+        if telephone:
+            telephone = telephone.strip()
+            if len(telephone) > 100:
+                error_msg = _('telephone is too long (maximum is 100 characters).')
+                return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
        # argument check for list_in_address_book
        list_in_address_book = request.data.get("list_in_address_book", None)
        if list_in_address_book is not None:
            if list_in_address_book.lower() not in ('true', 'false'):
                error_msg = 'list_in_address_book invalid.'
                return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        info_dict = {
+            'name': name,
+            'contact_email': contact_email,
+            'telephone': telephone,
+            'list_in_address_book': list_in_address_book,
+        }
+
+        # update user profile and user additionnal info
        try:
-            # update user additional info
-            self._update_user_additional_info(request, email)
+            self._update_user_info(info_dict, email)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
--- a/seahub/profile/models.py
+++ b/seahub/profile/models.py
@@ -22,7 +22,7 @@ class DuplicatedContactEmailError(Exception):

 class ProfileManager(models.Manager):
    def add_or_update(self, username, nickname=None, intro=None, lang_code=None,
-                      login_id=None, contact_email=None, institution=None):
+                      login_id=None, contact_email=None, institution=None, list_in_address_book=None):
        """Add or update user profile.
        """
        try:
@@ -46,6 +46,8 @@ class ProfileManager(models.Manager):
        if institution is not None:
            institution = institution.strip()
            profile.institution = institution
+        if list_in_address_book is not None:
+            profile.list_in_address_book = list_in_address_book.lower() == 'true'

        try:
            profile.save(using=self._db)
@@ -180,8 +182,12 @@ class DetailedProfileManager(models.Manager):
    def add_or_update(self, username, department, telephone):
        try:
            d_profile = self.get(user=username)
+
+            if department is not None:
                d_profile.department = department
+            if telephone is not None:
                d_profile.telephone = telephone
+
        except DetailedProfile.DoesNotExist:
            d_profile = self.model(user=username, department=department,
                                   telephone=telephone)
--- a/tests/api/endpoints/test_user.py
+++ b/tests/api/endpoints/test_user.py
@@ -1,8 +1,47 @@
 import json
+import random
+import string
+from mock import patch
+
 from django.core.urlresolvers import reverse
+
 from seahub.test_utils import BaseTestCase
 from seahub.base.templatetags.seahub_tags import email2nickname, \
        email2contact_email
+from seahub.profile.models import Profile, DetailedProfile
+from seahub.base.accounts import UserManager
+
+
+def generate_random_parammeter(min_len, max_len, param_type):
+
+    if param_type == 'nickname':
+        random_nickname_length = random.randint(min_len, max_len)
+        random_nickname = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(random_nickname_length))
+        return random_nickname, random_nickname_length
+
+    elif param_type == 'telephone':
+        random_telephone_length = random.randint(min_len,max_len)
+        random_telephone = ''.join(random.choice(string.digits) for _ in range(random_telephone_length))
+        return random_telephone, random_telephone_length
+
+    elif param_type == 'contact_email':
+        random_pre_length = random.randint(1,50)
+        random_post_length = random.randint(1,20)
+        random_contact_email = ''.join(random.choice(string.digits + string.ascii_letters) for _ in range(random_pre_length))\
+            + '@' \
+            + ''.join(random.choice(string.digits + string.ascii_letters) for _ in range(random_pre_length))\
+            + '.com'
+        return random_contact_email
+
+    elif param_type == 'contact_email_invalid':
+        random_contact_email_length = random.randint(1,100)
+        random_contact_email = ''.join(random.choice(string.digits + string.ascii_letters) for _ in range(random_contact_email_length))
+        return random_contact_email
+
+    elif param_type == 'login_id':
+        random_loginid_length = random.randint(1, 225)
+        random_loginid = ''.join(random.choice(string.digits + string.ascii_letters) for _ in range(random_loginid_length))
+        return random_loginid

 class AccountTest(BaseTestCase):

@@ -17,13 +56,112 @@ class AccountTest(BaseTestCase):

        self.login_as(self.user)

+        random_login_id = generate_random_parammeter(0,0,'login_id')
+        random_telephone, _ = generate_random_parammeter(1, 100, 'telephone')
+
+        Profile.objects.add_or_update(
+            self.user_name,
+            login_id=random_login_id
+        )
+        d_profile = DetailedProfile.objects.add_or_update(
+            self.user_name,
+            department='',
+            telephone=random_telephone
+        )
+        profile = Profile.objects.get_profile_by_user(self.user_name)
+
        resp = self.client.get(self.url)
        json_resp = json.loads(resp.content)
        assert json_resp['email'] == self.user_name
        assert json_resp['name'] == email2nickname(self.user_name)
        assert json_resp['contact_email'] == email2contact_email(self.user_name)
+        assert json_resp['telephone'] == d_profile.telephone
+        assert json_resp['login_id'] == profile.login_id
        assert json_resp.has_key('list_in_address_book')

+    def test_update_user_nickname(self):
+
+        self.login_as(self.user)
+
+        # test can successfully change nickname
+        random_nickname, _ = generate_random_parammeter(1, 64, 'nickname')
+        data = 'name=%s' % random_nickname
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        json_resp = json.loads(resp.content)
+        assert json_resp['name'] == random_nickname
+
+        # nickname too long
+        random_nickname, _ = generate_random_parammeter(65, 1024, 'nickname')
+        data = 'name=%s' % random_nickname
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(400, resp.status_code)
+
+        # invalid nickname with '/'
+        random_nickname, random_nickname_length = generate_random_parammeter(1, 64, 'nickname')
+        random_nickname = random_nickname.replace(random_nickname[random.randint(0, random_nickname_length) - 1], '/')
+        data = 'name=%s' % random_nickname
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(400, resp.status_code)
+
+    def test_update_user_telephone(self):
+
+        self.login_as(self.user)
+        Profile.objects.add_or_update(self.user_name)
+        DetailedProfile.objects.add_or_update(self.user_name, department='' ,telephone='')
+
+        # test can successfully change telephone
+        random_telephone, _ = generate_random_parammeter(1, 100, 'telephone')
+        data = 'telephone=%s' % random_telephone
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        json_resp = json.loads(resp.content)
+        assert json_resp['telephone'] == random_telephone
+
+        # telephone too long
+        random_telephone, _ = generate_random_parammeter(101, 500, 'telephone')
+        data = 'telephone=%s' % random_telephone
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(400, resp.status_code)
+
+    def test_update_user_contact_email_feature_disabled(self):
+        self.login_as(self.user)
+        Profile.objects.add_or_update(self.user_name, contact_email='2@2.com')
+
+        # test can successfully change contact email
+        random_contact_email = generate_random_parammeter(0, 0, 'contact_email')
+        data = 'contact_email=%s' % random_contact_email
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        json_resp = json.loads(resp.content)
+        self.assertEqual(403, resp.status_code)
+
+
+    @patch('seahub.api2.endpoints.user.ENABLE_USER_SET_CONTACT_EMAIL', True)
+    def test_update_user_contact_email(self):
+
+        self.login_as(self.user)
+        Profile.objects.add_or_update(self.user_name, contact_email='2@2.com')
+
+        # test can successfully change contact email
+        random_contact_email = generate_random_parammeter(0, 0, 'contact_email')
+        data = 'contact_email=%s' % random_contact_email
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        json_resp = json.loads(resp.content)
+        assert json_resp['contact_email'] == random_contact_email
+
+        # test invalid contact email
+        random_contact_email = generate_random_parammeter(0, 0, 'contact_email_invalid')
+        data = 'contact_email=%s' % random_contact_email
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(400, resp.status_code)
+
+        # same contact email already exists
+        random_contact_email = generate_random_parammeter(0, 0, 'contact_email')
+        new_user1 = UserManager().create_user(email='1@1.com', password='1')
+        Profile.objects.add_or_update(new_user1.username, contact_email=random_contact_email)
+        data = 'contact_email=%s' % random_contact_email
+        resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(400, resp.status_code)
+        new_user1.delete()
+
    def test_update_list_in_address_book(self):

        self.login_as(self.user)