TelegramAktienBot/api/tests/functional/test_user.py

"""
This file (test_user.py) contains the functional tests for the `users` blueprint.
"""
import json
from tests.functional.helper_functions import get_token


def test_login_with_valid_data(test_client, init_database):
    """
    Test POST '/api/user/login'

    Valid data
    """
    response = test_client.post('/api/user/login', data=json.dumps(dict(email="user1@example.com", password="password")), content_type='application/json')
    assert response.status_code == 200
    assert b'Successfully logged in' in response.data


def test_login_with_wrong_password(test_client, init_database):
    """
    Test POST '/api/user/login'

    Wrong password
    """
    response = test_client.post('/api/user/login', data=json.dumps(dict(email="user2@example.com", password="password2")), content_type='application/json')
    assert response.status_code == 500
    assert b'Unable to login' in response.data


def test_login_user_not_exist(test_client, init_database):
    """
    Test POST '/api/user/login'

    User doesn't exist
    """
    response = test_client.post('/api/user/login', data=json.dumps(dict(email="notexistinguser@example.com", password="password")), content_type='application/json')
    assert response.status_code == 500
    assert b'Unable to login' in response.data


def test_login_email_missing(test_client, init_database):
    """
    Test POST '/api/user/login'

    Email missing
    """
    response = test_client.post('/api/user/login', data=json.dumps(dict(password="password")), content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_login_password_missing(test_client, init_database):
    """
    Test POST '/api/user/login'

    Password missing
    """
    response = test_client.post('/api/user/login', data=json.dumps(dict(email="user1@example.com")), content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_register_valid_data(test_client, init_database):
    """
    Test POST '/api/user/register'

    Valid data
    """
    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    assert response.status_code == 200
    assert b'Successfully registered user' in response.data


def test_register_user_exists_already(test_client, init_database):
    """
    Test POST '/api/user/register'

    User exists already
    """
    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    assert response.status_code == 500
    assert b'Email already exist' in response.data


def test_register_email_missing(test_client, init_database):
    """
    Test POST '/api/user/register'

    Email missing
    """
    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="user3")), content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_register_email_empty(test_client, init_database):
    """
    Test POST '/api/user/register'

    Email empty
    """
    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="user3", email="")), content_type='application/json')
    assert response.status_code == 400
    assert b'Not a valid email address' in response.data


def test_register_password_missing(test_client, init_database):
    """
    Test POST '/api/user/register'

    Password missing
    """
    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", username="user3")), content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_register_password_empty(test_client, init_database):
    """
    Test POST '/api/user/register'

    password empty
    """
    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", username="user3", password="")), content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_register_username_missing(test_client, init_database):
    """
    Test POST '/api/user/register'

    Username missing
    """
    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", email="user3@example.com")), content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_register_username_empty(test_client, init_database):
    """
    Test POST '/api/user/register'

    Username empty
    """
    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="", email="user3@example.com")), content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_delete_user_not_logged_in(test_client, init_database):
    """
    Test DELETE '/api/user'

    User is not logged in
    """
    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    response = test_client.delete('/api/user', data=json.dumps(dict(email="user3@example.com")), content_type='application/json')
    assert response.status_code == 401
    assert b'Unauthorized' in response.data


def test_delete_user_same_user_logged_in(test_client, init_database):
    """
    Test DELETE '/api/user'

    User3 is logged in
    """
    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    response = test_client.delete('/api/user',
                                  data=json.dumps(dict(email="user3@example.com")),
                                  content_type='application/json',
                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})
    assert response.status_code == 200
    assert b'Successfully removed user' in response.data


def test_delete_user_different_user_logged_in_no_admin(test_client, init_database):
    """
    Test DELETE '/api/user'

    Different user is logged in -> no admin
    """
    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    response = test_client.delete('/api/user',
                                  data=json.dumps(dict(email="user3@example.com")),
                                  content_type='application/json',
                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
    assert response.status_code == 401
    assert b'Only admin users can access this' in response.data


def test_delete_user_different_user_logged_in_admin(test_client, init_database):
    """
    Test DELETE '/api/user'

    Different user is logged in -> admin
    """
    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    response = test_client.delete('/api/user',
                                  data=json.dumps(dict(email="user3@example.com")),
                                  content_type='application/json',
                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))})
    assert response.status_code == 200
    assert b'Successfully removed user' in response.data


def test_delete_user_email_missing(test_client, init_database):
    """
    Test DELETE '/api/user'

    Email missing
    """
    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    response = test_client.delete('/api/user',
                                  data=json.dumps(dict()),
                                  content_type='application/json',
                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})
    assert response.status_code == 400
    assert b'missing' in response.data


def test_delete_user_email_empty(test_client, init_database):
    """
    Test DELETE '/api/user'

    Email empty
    """
    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
    response = test_client.delete('/api/user',
                                  data=json.dumps(dict(email="")),
                                  content_type='application/json',
                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})
    assert response.status_code == 400
    assert b'Not a valid email address' in response.data


def test_get_current_user_user_not_logged_in(test_client, init_database):
    """
    Test GET '/api/user'

    User is not logged in
    """
    response = test_client.get('/api/user')
    assert response.status_code == 401
    assert b'Unauthorized' in response.data


def test_get_current_user_user1_logged_in(test_client, init_database):
    """
    Test GET '/api/user'

    User1 is logged in
    """
    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
    assert response.status_code == 200
    assert b'user1' in response.data
    assert b'user2' not in response.data


def test_get_current_user_bot_logged_in_user_exists(test_client, init_database):
    """
    Test GET '/api/user'

    Bot1 is logged in and requests user 12345678
    """
    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "bot1@example.com", "bot1") + ":12345678")})
    assert response.status_code == 200
    assert b'user1' in response.data
    assert b'bot' not in response.data


def test_get_current_user_bot_logged_in_user_not_exists(test_client, init_database):
    """
    Test GET '/api/user'

    Bot1 is logged in and requests user 1234 (not existing)
    """
    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "bot1@example.com", "bot1") + ":1234")})
    assert response.status_code == 401
    assert b'Unable to login' in response.data


def test_get_current_user_user1_logged_in_but_no_bot(test_client, init_database):
    """
    Test GET '/api/user'

    User1 is logged in and requests user 1234 (not existing)
    Fails because user1 is not a bot
    """
    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password") + ":12345678")})
    assert response.status_code == 401
    assert b'Unable to login' in response.data


def test_get_current_user_invalid_token(test_client, init_database):
    """
    Test GET '/api/user'

    Invalid Bearer token
    """
    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format("invalidtoken:12345678")})
    assert response.status_code == 401
    assert b'Unauthorized' in response.data


def test_update_user_not_logged_in(test_client, init_database):
    """
    Test PUT '/api/user'

    User is not logged in
    """
    response = test_client.put('/api/user')
    assert response.status_code == 401
    assert b'Unauthorized' in response.data


def test_update_user1_logged_in_password_username(test_client, init_database):
    """
    Test PUT '/api/user'

    User1 is logged in
    Change Username and Password
    """
    test_client.put('/api/user', data=json.dumps(dict(username="user4", password="password")),
                    headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
                    content_type='application/json')
    response = test_client.get('/api/user',
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
                               content_type='application/json')
    assert response.status_code == 200
    assert b'user4' in response.data


def test_update_user1_logged_in_password(test_client, init_database):
    """
    Test PUT '/api/user'

    User1 is logged in
    Change Password
    """
    response = test_client.put('/api/user', data=json.dumps(dict(password="password123")),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
    assert response.status_code == 200
    assert b'Successfully updated user' in response.data


def test_update_user1_logged_in_username(test_client, init_database):
    """
    Test PUT '/api/user'

    User1 is logged in
    Change Username
    """
    response = test_client.put('/api/user', data=json.dumps(dict(username="user1")),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
    assert response.status_code == 200
    assert b'Successfully updated user' in response.data


def test_set_admin_user_not_logged_in(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    User is not logged in
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)), content_type='application/json')
    assert response.status_code == 401
    assert b'Unauthorized' in response.data


def test_set_admin_user1_logged_in(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    User1 is logged in (no admin)
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
                               content_type='application/json')
    assert response.status_code == 401
    assert b'Only admin users can access this' in response.data


def test_set_admin_admin1_logged_in(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    Admin1 is logged in (admin)
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
                               content_type='application/json')
    assert response.status_code == 200
    assert b'Successfully updated users admin rights' in response.data


def test_set_admin_admin1_logged_in_user_not_exist(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    Admin1 is logged in (admin)
    notexistinguser@example.com does not exist
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="notexistinguser@example.com", admin=True)),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
                               content_type='application/json')
    assert response.status_code == 500
    assert b'Unable to update user' in response.data


def test_set_admin_admin1_logged_in_email_missing(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    Admin1 is logged in (admin)
    email missing
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(admin=True)),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
                               content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_set_admin_admin1_logged_in_email_empty(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    Admin1 is logged in (admin)
    email missing
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="", admin=True)),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
                               content_type='application/json')
    assert response.status_code == 400
    assert b'Not a valid email address.' in response.data


def test_set_admin_admin1_logged_in_admin_missing(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    Admin1 is logged in (admin)
    admin data missing
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com")),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
                               content_type='application/json')
    assert response.status_code == 400
    assert b'missing' in response.data


def test_set_admin_admin1_logged_in_admin_empty(test_client, init_database):
    """
    Test PUT '/api/user/setAdmin'

    Admin1 is logged in (admin)
    admin data missing
    """
    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=None)),
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
                               content_type='application/json')
    assert response.status_code == 400
    assert b'Field may not be null' in response.data


def test_get_users_not_logged_in(test_client, init_database):
    """
    Test GET '/api/users'

    User is not logged in
    """
    response = test_client.get('/api/users')
    assert response.status_code == 401
    assert b'Unauthorized' in response.data


def test_get_users_user1_logged_in(test_client, init_database):
    """
    Test GET '/api/users'

    User1 is logged in (not admin)
    """
    response = test_client.get('/api/users',
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
                               content_type='application/json')

    assert response.status_code == 401
    assert b'Only admin users can access this' in response.data


def test_get_users_admin1_logged_in(test_client, init_database):
    """
    Test GET '/api/users'

    Admin1 is logged in (admin)
    """
    response = test_client.get('/api/users',
                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
                               content_type='application/json')
    assert response.status_code == 200
    assert b'Successfully received all users' in response.data
Tests - Improved directory structure - Added functional and unit tests 2022-03-30 08:46:54 +00:00			`"""`
			This file (test_user.py) contains the functional tests for the `users` blueprint.
			`"""`
			`import json`
Refactoring 2022-03-30 09:10:48 +00:00			`from tests.functional.helper_functions import get_token`
Tests - Improved directory structure - Added functional and unit tests 2022-03-30 08:46:54 +00:00

			`def test_login_with_valid_data(test_client, init_database):`
			`"""`
			`Test POST '/api/user/login'`

			`Valid data`
			`"""`
			`response = test_client.post('/api/user/login', data=json.dumps(dict(email="user1@example.com", password="password")), content_type='application/json')`
			`assert response.status_code == 200`
			`assert b'Successfully logged in' in response.data`


			`def test_login_with_wrong_password(test_client, init_database):`
			`"""`
			`Test POST '/api/user/login'`

			`Wrong password`
			`"""`
			`response = test_client.post('/api/user/login', data=json.dumps(dict(email="user2@example.com", password="password2")), content_type='application/json')`
			`assert response.status_code == 500`
			`assert b'Unable to login' in response.data`


			`def test_login_user_not_exist(test_client, init_database):`
			`"""`
			`Test POST '/api/user/login'`

			`User doesn't exist`
			`"""`
			`response = test_client.post('/api/user/login', data=json.dumps(dict(email="notexistinguser@example.com", password="password")), content_type='application/json')`
			`assert response.status_code == 500`
			`assert b'Unable to login' in response.data`


			`def test_login_email_missing(test_client, init_database):`
			`"""`
			`Test POST '/api/user/login'`

			`Email missing`
			`"""`
			`response = test_client.post('/api/user/login', data=json.dumps(dict(password="password")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_login_password_missing(test_client, init_database):`
			`"""`
			`Test POST '/api/user/login'`

			`Password missing`
			`"""`
			`response = test_client.post('/api/user/login', data=json.dumps(dict(email="user1@example.com")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_register_valid_data(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`Valid data`
			`"""`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`assert response.status_code == 200`
			`assert b'Successfully registered user' in response.data`


			`def test_register_user_exists_already(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`User exists already`
			`"""`
			`test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`assert response.status_code == 500`
			`assert b'Email already exist' in response.data`


			`def test_register_email_missing(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`Email missing`
			`"""`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="user3")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_register_email_empty(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`Email empty`
			`"""`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="user3", email="")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'Not a valid email address' in response.data`


			`def test_register_password_missing(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`Password missing`
			`"""`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", username="user3")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_register_password_empty(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`password empty`
			`"""`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", username="user3", password="")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_register_username_missing(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`Username missing`
			`"""`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", email="user3@example.com")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_register_username_empty(test_client, init_database):`
			`"""`
			`Test POST '/api/user/register'`

			`Username empty`
			`"""`
			`response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="", email="user3@example.com")), content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_delete_user_not_logged_in(test_client, init_database):`
			`"""`
			`Test DELETE '/api/user'`

			`User is not logged in`
			`"""`
			`test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`response = test_client.delete('/api/user', data=json.dumps(dict(email="user3@example.com")), content_type='application/json')`
			`assert response.status_code == 401`
			`assert b'Unauthorized' in response.data`


			`def test_delete_user_same_user_logged_in(test_client, init_database):`
			`"""`
			`Test DELETE '/api/user'`

			`User3 is logged in`
			`"""`
			`test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`response = test_client.delete('/api/user',`
			`data=json.dumps(dict(email="user3@example.com")),`
			`content_type='application/json',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})`
			`assert response.status_code == 200`
			`assert b'Successfully removed user' in response.data`


			`def test_delete_user_different_user_logged_in_no_admin(test_client, init_database):`
			`"""`
			`Test DELETE '/api/user'`

			`Different user is logged in -> no admin`
			`"""`
			`test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`response = test_client.delete('/api/user',`
			`data=json.dumps(dict(email="user3@example.com")),`
			`content_type='application/json',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})`
			`assert response.status_code == 401`
			`assert b'Only admin users can access this' in response.data`


			`def test_delete_user_different_user_logged_in_admin(test_client, init_database):`
			`"""`
			`Test DELETE '/api/user'`

			`Different user is logged in -> admin`
			`"""`
			`test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`response = test_client.delete('/api/user',`
			`data=json.dumps(dict(email="user3@example.com")),`
			`content_type='application/json',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))})`
			`assert response.status_code == 200`
			`assert b'Successfully removed user' in response.data`


			`def test_delete_user_email_missing(test_client, init_database):`
			`"""`
			`Test DELETE '/api/user'`

			`Email missing`
			`"""`
			`test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`response = test_client.delete('/api/user',`
			`data=json.dumps(dict()),`
			`content_type='application/json',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_delete_user_email_empty(test_client, init_database):`
			`"""`
			`Test DELETE '/api/user'`

			`Email empty`
			`"""`
			`test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')`
			`response = test_client.delete('/api/user',`
			`data=json.dumps(dict(email="")),`
			`content_type='application/json',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})`
			`assert response.status_code == 400`
			`assert b'Not a valid email address' in response.data`


			`def test_get_current_user_user_not_logged_in(test_client, init_database):`
			`"""`
			`Test GET '/api/user'`

			`User is not logged in`
			`"""`
			`response = test_client.get('/api/user')`
			`assert response.status_code == 401`
			`assert b'Unauthorized' in response.data`


			`def test_get_current_user_user1_logged_in(test_client, init_database):`
			`"""`
			`Test GET '/api/user'`

			`User1 is logged in`
			`"""`
			`response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})`
			`assert response.status_code == 200`
			`assert b'user1' in response.data`
			`assert b'user2' not in response.data`


			`def test_get_current_user_bot_logged_in_user_exists(test_client, init_database):`
			`"""`
			`Test GET '/api/user'`

			`Bot1 is logged in and requests user 12345678`
			`"""`
			`response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "bot1@example.com", "bot1") + ":12345678")})`
			`assert response.status_code == 200`
			`assert b'user1' in response.data`
			`assert b'bot' not in response.data`


			`def test_get_current_user_bot_logged_in_user_not_exists(test_client, init_database):`
			`"""`
			`Test GET '/api/user'`

			`Bot1 is logged in and requests user 1234 (not existing)`
			`"""`
			`response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "bot1@example.com", "bot1") + ":1234")})`
			`assert response.status_code == 401`
			`assert b'Unable to login' in response.data`


			`def test_get_current_user_user1_logged_in_but_no_bot(test_client, init_database):`
			`"""`
			`Test GET '/api/user'`

			`User1 is logged in and requests user 1234 (not existing)`
			`Fails because user1 is not a bot`
			`"""`
			`response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password") + ":12345678")})`
			`assert response.status_code == 401`
			`assert b'Unable to login' in response.data`


			`def test_get_current_user_invalid_token(test_client, init_database):`
			`"""`
			`Test GET '/api/user'`

			`Invalid Bearer token`
			`"""`
			`response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format("invalidtoken:12345678")})`
			`assert response.status_code == 401`
			`assert b'Unauthorized' in response.data`


			`def test_update_user_not_logged_in(test_client, init_database):`
			`"""`
			`Test PUT '/api/user'`

			`User is not logged in`
			`"""`
			`response = test_client.put('/api/user')`
			`assert response.status_code == 401`
			`assert b'Unauthorized' in response.data`


			`def test_update_user1_logged_in_password_username(test_client, init_database):`
			`"""`
			`Test PUT '/api/user'`

			`User1 is logged in`
			`Change Username and Password`
			`"""`
			`test_client.put('/api/user', data=json.dumps(dict(username="user4", password="password")),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},`
			`content_type='application/json')`
			`response = test_client.get('/api/user',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},`
			`content_type='application/json')`
			`assert response.status_code == 200`
			`assert b'user4' in response.data`


			`def test_update_user1_logged_in_password(test_client, init_database):`
			`"""`
			`Test PUT '/api/user'`

			`User1 is logged in`
			`Change Password`
			`"""`
			`response = test_client.put('/api/user', data=json.dumps(dict(password="password123")),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})`
			`assert response.status_code == 200`
			`assert b'Successfully updated user' in response.data`


			`def test_update_user1_logged_in_username(test_client, init_database):`
			`"""`
			`Test PUT '/api/user'`

			`User1 is logged in`
			`Change Username`
			`"""`
			`response = test_client.put('/api/user', data=json.dumps(dict(username="user1")),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})`
			`assert response.status_code == 200`
			`assert b'Successfully updated user' in response.data`


			`def test_set_admin_user_not_logged_in(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`User is not logged in`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)), content_type='application/json')`
			`assert response.status_code == 401`
			`assert b'Unauthorized' in response.data`


			`def test_set_admin_user1_logged_in(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`User1 is logged in (no admin)`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},`
			`content_type='application/json')`
			`assert response.status_code == 401`
			`assert b'Only admin users can access this' in response.data`


			`def test_set_admin_admin1_logged_in(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`Admin1 is logged in (admin)`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},`
			`content_type='application/json')`
			`assert response.status_code == 200`
			`assert b'Successfully updated users admin rights' in response.data`


			`def test_set_admin_admin1_logged_in_user_not_exist(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`Admin1 is logged in (admin)`
			`notexistinguser@example.com does not exist`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="notexistinguser@example.com", admin=True)),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},`
			`content_type='application/json')`
			`assert response.status_code == 500`
			`assert b'Unable to update user' in response.data`


			`def test_set_admin_admin1_logged_in_email_missing(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`Admin1 is logged in (admin)`
			`email missing`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(admin=True)),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},`
			`content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_set_admin_admin1_logged_in_email_empty(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`Admin1 is logged in (admin)`
			`email missing`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="", admin=True)),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},`
			`content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'Not a valid email address.' in response.data`


			`def test_set_admin_admin1_logged_in_admin_missing(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`Admin1 is logged in (admin)`
			`admin data missing`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com")),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},`
			`content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'missing' in response.data`


			`def test_set_admin_admin1_logged_in_admin_empty(test_client, init_database):`
			`"""`
			`Test PUT '/api/user/setAdmin'`

			`Admin1 is logged in (admin)`
			`admin data missing`
			`"""`
			`response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=None)),`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},`
			`content_type='application/json')`
			`assert response.status_code == 400`
			`assert b'Field may not be null' in response.data`


			`def test_get_users_not_logged_in(test_client, init_database):`
			`"""`
			`Test GET '/api/users'`

			`User is not logged in`
			`"""`
			`response = test_client.get('/api/users')`
			`assert response.status_code == 401`
			`assert b'Unauthorized' in response.data`


			`def test_get_users_user1_logged_in(test_client, init_database):`
			`"""`
			`Test GET '/api/users'`

			`User1 is logged in (not admin)`
			`"""`
			`response = test_client.get('/api/users',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},`
			`content_type='application/json')`

			`assert response.status_code == 401`
			`assert b'Only admin users can access this' in response.data`


			`def test_get_users_admin1_logged_in(test_client, init_database):`
			`"""`
			`Test GET '/api/users'`

			`Admin1 is logged in (admin)`
			`"""`
			`response = test_client.get('/api/users',`
			`headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},`
			`content_type='application/json')`
			`assert response.status_code == 200`
			`assert b'Successfully received all users' in response.data`