Tests

- Improved directory structure
- Added functional and unit tests

api/tests/functional/test_keyword.py

@@ -0,0 +1,191 @@
+"""
+This file (test_keyword.py) contains the functional tests for the `keyword` blueprint.
+"""
+import json
+
+
+def test_add_keyword_not_logged_in(test_client, init_database):
+    """
+    Test POST '/api/keyword'
+
+    User is not logged in
+    """
+    response = test_client.post('/api/keyword')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_add_keyword_user1_logged_in(test_client, init_database):
+    """
+    Test POST '/api/keyword'
+
+    User1 is logged in
+    """
+    response = test_client.post('/api/keyword', data=json.dumps(dict(keyword="DTEGY")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully added keyword' in response.data
+
+
+def test_add_keyword_user1_logged_in_but_keyword_exist(test_client, init_database):
+    """
+    Test POST '/api/keyword'
+
+    User1 is logged in
+    Add keyword two times
+    """
+    test_client.post('/api/keyword', data=json.dumps(dict(keyword="DTEGY")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+    response = test_client.post('/api/keyword', data=json.dumps(dict(keyword="DTEGY")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 500
+    assert b'Keyword already exist for this user' in response.data
+
+
+def test_add_keyword_user1_logged_in_but_keyword_missing(test_client, init_database):
+    """
+    Test POST '/api/keyword'
+
+    User1 is logged in
+    Keyword is missing in post data
+    """
+    response = test_client.post('/api/keyword', data=json.dumps(dict()),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_add_keyword_user1_logged_in_but_keyword_empty(test_client, init_database):
+    """
+    Test POST '/api/keyword'
+
+    User1 is logged in
+    Keyword is empty in post data
+    """
+    response = test_client.post('/api/keyword', data=json.dumps(dict(keyword="")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_get_keyword_not_logged_in(test_client, init_database):
+    """
+    Test GET '/api/keyword'
+
+    User is not logged in
+    """
+    response = test_client.get('/api/keywords')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_get_keyword_user1_logged_in_empty_response(test_client, init_database):
+    """
+    Test GET '/api/keyword'
+
+    User1 is logged in
+    Empty response
+    """
+    response = test_client.get('/api/keywords', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'"data":[' in response.data
+
+
+def test_get_keyword_user1_logged_in_response_data(test_client, init_database):
+    """
+    Test GET '/api/keyword'
+
+    User1 is logged in
+    Create some keywords for user1
+    """
+    test_client.post('/api/keyword', data=json.dumps(dict(keyword="DTEGY")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+    response = test_client.get('/api/keywords', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'"data":[' in response.data
+
+
+def test_delete_keyword_not_logged_in(test_client, init_database):
+    """
+    Test DELETE '/api/keyword'
+
+    User is not logged in
+    """
+    response = test_client.delete('/api/keyword')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_delete_keyword_user1_logged_in_but_empty_keyword(test_client, init_database):
+    """
+    Test DELETE '/api/keyword'
+
+    User1 is logged in
+    Keyword empty in in delete data
+    """
+    response = test_client.delete('/api/keyword', data=json.dumps(dict(keyword="")),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_delete_keyword_user1_logged_in_but_missing_keyword(test_client, init_database):
+    """
+    Test DELETE '/api/keyword'
+
+    User1 is logged in
+    Keyword missing in in delete data
+    """
+    response = test_client.delete('/api/keyword', data=json.dumps(dict()),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_delete_keyword_user1_logged_in_keyword_exists(test_client, init_database):
+    """
+    Test DELETE '/api/keyword'
+
+    User1 is logged in
+    Keyword exists
+    """
+    test_client.post('/api/keyword', data=json.dumps(dict(keyword="DTEGY")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+    response = test_client.delete('/api/keyword', data=json.dumps(dict(keyword="DTEGY")),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully removed keyword' in response.data
+
+
+def test_delete_keyword_user1_logged_in_keyword_not_exists(test_client, init_database):
+    """
+    Test DELETE '/api/keyword'
+
+    User1 is logged in
+    Keyword doesn't exists
+    """
+    response = test_client.delete('/api/keyword', data=json.dumps(dict(keyword="DTEGY")),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 500
+    assert b'Keyword doesn\'t exist for this user' in response.data
+
+
+def get_token(test_client, email, password):
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email=email, password=password)), content_type='application/json')
+
+    if "data" in json.loads(response.data):
+        if "token" in json.loads(response.data)["data"]:
+            return json.loads(response.data)["data"]["token"]
+
+    return ""

api/tests/functional/test_portfolio.py

@@ -0,0 +1,59 @@
+"""
+This file (test_portfolio.py) contains the functional tests for the `portfolio` blueprint.
+"""
+import json
+
+
+def test_get_portfolio_not_logged_in_empty_response(test_client, init_database):
+    """
+    Test GET '/api/portfolio'
+
+    User is not logged in
+    """
+    response = test_client.get('/api/portfolio')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_get_portfolio_user1_logged_in_empty_response(test_client, init_database):
+    """
+    Test GET '/api/portfolio'
+
+    User1 is logged in
+    Empty response
+    """
+    response = test_client.get('/api/portfolio',
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                               content_type='application/json')
+    assert response.status_code == 200
+    assert b'"data":[]' in response.data
+    assert b'Successfully loaded symbols' in response.data
+
+
+def test_get_portfolio_user1_logged_in_response_data(test_client, init_database):
+    """
+    Test GET '/api/portfolio'
+
+    User1 is logged in
+    Create transaction data
+    """
+    test_client.post('/api/transaction', data=json.dumps(dict(count=5, price=9.99, symbol="DTEGY", time="2022-03-29T10:00:00.000Z")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+
+    response = test_client.get('/api/portfolio',
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                               content_type='application/json')
+    assert response.status_code == 200
+    assert b'"data":[]' not in response.data
+    assert b'"data":[' in response.data
+
+
+def get_token(test_client, email, password):
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email=email, password=password)), content_type='application/json')
+
+    if "data" in json.loads(response.data):
+        if "token" in json.loads(response.data)["data"]:
+            return json.loads(response.data)["data"]["token"]
+
+    return ""

api/tests/functional/test_share.py

@@ -0,0 +1,191 @@
+"""
+This file (test_share.py) contains the functional tests for the `share` blueprint.
+"""
+import json
+
+
+def test_add_share_not_logged_in(test_client, init_database):
+    """
+    Test POST '/api/share'
+
+    User is not logged in
+    """
+    response = test_client.post('/api/share')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_add_share_user1_logged_in(test_client, init_database):
+    """
+    Test POST '/api/share'
+
+    User1 is logged in
+    """
+    response = test_client.post('/api/share', data=json.dumps(dict(symbol="DTEGY")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully added symbol' in response.data
+
+
+def test_add_share_user1_logged_in_but_symbol_exist(test_client, init_database):
+    """
+    Test POST '/api/share'
+
+    User1 is logged in
+    Add symbol two times
+    """
+    test_client.post('/api/share', data=json.dumps(dict(symbol="DTEGY")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+    response = test_client.post('/api/share', data=json.dumps(dict(symbol="DTEGY")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 500
+    assert b'Symbol already exist for this user' in response.data
+
+
+def test_add_share_user1_logged_in_but_symbol_missing(test_client, init_database):
+    """
+    Test POST '/api/share'
+
+    User1 is logged in
+    Symbol is missing in post data
+    """
+    response = test_client.post('/api/share', data=json.dumps(dict()),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_add_share_user1_logged_in_but_symbol_empty(test_client, init_database):
+    """
+    Test POST '/api/share'
+
+    User1 is logged in
+    Symbol is empty in post data
+    """
+    response = test_client.post('/api/share', data=json.dumps(dict(symbol="")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_get_share_not_logged_in(test_client, init_database):
+    """
+    Test GET '/api/share'
+
+    User is not logged in
+    """
+    response = test_client.get('/api/shares')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_get_share_user1_logged_in_empty_response(test_client, init_database):
+    """
+    Test GET '/api/share'
+
+    User1 is logged in
+    Empty response
+    """
+    response = test_client.get('/api/shares', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'"data":[' in response.data
+
+
+def test_get_share_user1_logged_in_response_data(test_client, init_database):
+    """
+    Test GET '/api/share'
+
+    User1 is logged in
+    Create some symbols for user1
+    """
+    test_client.post('/api/share', data=json.dumps(dict(symbol="DTEGY")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+    response = test_client.get('/api/shares', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'"data":[' in response.data
+
+
+def test_delete_share_not_logged_in(test_client, init_database):
+    """
+    Test DELETE '/api/share'
+
+    User is not logged in
+    """
+    response = test_client.delete('/api/share')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_delete_share_user1_logged_in_but_empty_symbol(test_client, init_database):
+    """
+    Test DELETE '/api/share'
+
+    User1 is logged in
+    Symbol empty in in delete data
+    """
+    response = test_client.delete('/api/share', data=json.dumps(dict(symbol="")),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_delete_share_user1_logged_in_but_missing_symbol(test_client, init_database):
+    """
+    Test DELETE '/api/share'
+
+    User1 is logged in
+    Symbol missing in in delete data
+    """
+    response = test_client.delete('/api/share', data=json.dumps(dict()),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_delete_share_user1_logged_in_symbol_exists(test_client, init_database):
+    """
+    Test DELETE '/api/share'
+
+    User1 is logged in
+    Symbol exists
+    """
+    test_client.post('/api/share', data=json.dumps(dict(symbol="DTEGY")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+    response = test_client.delete('/api/share', data=json.dumps(dict(symbol="DTEGY")),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully removed symbol' in response.data
+
+
+def test_delete_share_user1_logged_in_symbol_not_exists(test_client, init_database):
+    """
+    Test DELETE '/api/share'
+
+    User1 is logged in
+    Symbol doesn't exists
+    """
+    response = test_client.delete('/api/share', data=json.dumps(dict(symbol="DTEGY")),
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                  content_type='application/json')
+    assert response.status_code == 500
+    assert b'Symbol doesn\'t exist for this user' in response.data
+
+
+def get_token(test_client, email, password):
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email=email, password=password)), content_type='application/json')
+
+    if "data" in json.loads(response.data):
+        if "token" in json.loads(response.data)["data"]:
+            return json.loads(response.data)["data"]["token"]
+
+    return ""

api/tests/functional/test_telegram.py

@@ -0,0 +1,66 @@
+"""
+This file (test_telegram.py) contains the functional tests for the `telegram` blueprint.
+"""
+import json
+
+
+def test_add_telegram_not_logged_in(test_client, init_database):
+    """
+    Test POST '/api/telegram'
+
+    User is not logged in
+    """
+    response = test_client.post('/api/telegram')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_add_telegram_user1_logged_in(test_client, init_database):
+    """
+    Test POST '/api/telegram'
+
+    User1 is logged in
+    """
+    response = test_client.post('/api/telegram', data=json.dumps(dict(telegram_user_id="12345678")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully connected telegram user' in response.data
+
+
+def test_add_telegram_user1_logged_in_user_data_missing(test_client, init_database):
+    """
+    Test POST '/api/telegram'
+
+    User1 is logged in
+    telegram_user_id is missing
+    """
+    response = test_client.post('/api/telegram', data=json.dumps(dict()),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_add_telegram_user1_logged_in_user_data_empty(test_client, init_database):
+    """
+    Test POST '/api/telegram'
+
+    User1 is logged in
+    telegram_user_id is empty
+    """
+    response = test_client.post('/api/telegram', data=json.dumps(dict(telegram_user_id="")),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def get_token(test_client, email, password):
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email=email, password=password)), content_type='application/json')
+
+    if "data" in json.loads(response.data):
+        if "token" in json.loads(response.data)["data"]:
+            return json.loads(response.data)["data"]["token"]
+
+    return ""

api/tests/functional/test_transaction.py

@@ -0,0 +1,103 @@
+"""
+This file (test_transaction.py) contains the functional tests for the `transaction` blueprint.
+"""
+import json
+
+
+def test_add_transaction_not_logged_in(test_client, init_database):
+    """
+    Test POST '/api/transaction'
+
+    User is not logged in
+    """
+    response = test_client.get('/api/portfolio')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_add_transaction_user1_logged_in_missing_data(test_client, init_database):
+    """
+    Test POST '/api/transaction'
+
+    User1 is logged in
+    Data missing
+    """
+    # symbol missing
+    response = test_client.post('/api/transaction', data=json.dumps(dict(time="2022-03-29T10:00:00.000Z", count=10, price=9.99)),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+    # time missing
+    response = test_client.post('/api/transaction', data=json.dumps(dict(symbol="DTEGY", count=10, price=9.99)),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+    # count missing
+    response = test_client.post('/api/transaction', data=json.dumps(dict(symbol="DTEGY", time="2022-03-29T10:00:00.000Z", price=9.99)),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+    # price missing
+    response = test_client.post('/api/transaction', data=json.dumps(dict(symbol="DTEGY", time="2022-03-29T10:00:00.000Z", count=10)),
+                                headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                                content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_get_transaction_not_logged_in(test_client, init_database):
+    """
+    Test GET '/api/transaction'
+
+    User is not logged in
+    """
+    response = test_client.get('/api/transactions')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_get_transaction_user1_logged_in_empty_response(test_client, init_database):
+    """
+    Test GET '/api/transaction'
+
+    User1 is logged in
+    """
+    response = test_client.get('/api/transactions',
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                               content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully loaded transactions' in response.data
+
+
+def test_get_transaction_user1_logged_in_response_data(test_client, init_database):
+    """
+    Test GET '/api/transaction'
+
+    User1 is logged in
+    Create transaction
+    """
+    test_client.post('/api/transaction', data=json.dumps(dict(count=5, price=9.99, symbol="DTEGY", time="2022-03-29T10:00:00.000Z")),
+                     headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                     content_type='application/json')
+
+    response = test_client.get('/api/transactions',
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                               content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully loaded transactions' in response.data
+
+
+def get_token(test_client, email, password):
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email=email, password=password)), content_type='application/json')
+
+    if "data" in json.loads(response.data):
+        if "token" in json.loads(response.data)["data"]:
+            return json.loads(response.data)["data"]["token"]
+
+    return ""

api/tests/functional/test_user.py

@@ -0,0 +1,513 @@
+"""
+This file (test_user.py) contains the functional tests for the `users` blueprint.
+"""
+import json
+
+
+def test_login_with_valid_data(test_client, init_database):
+    """
+    Test POST '/api/user/login'
+
+    Valid data
+    """
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email="user1@example.com", password="password")), content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully logged in' in response.data
+
+
+def test_login_with_wrong_password(test_client, init_database):
+    """
+    Test POST '/api/user/login'
+
+    Wrong password
+    """
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email="user2@example.com", password="password2")), content_type='application/json')
+    assert response.status_code == 500
+    assert b'Unable to login' in response.data
+
+
+def test_login_user_not_exist(test_client, init_database):
+    """
+    Test POST '/api/user/login'
+
+    User doesn't exist
+    """
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email="notexistinguser@example.com", password="password")), content_type='application/json')
+    assert response.status_code == 500
+    assert b'Unable to login' in response.data
+
+
+def test_login_email_missing(test_client, init_database):
+    """
+    Test POST '/api/user/login'
+
+    Email missing
+    """
+    response = test_client.post('/api/user/login', data=json.dumps(dict(password="password")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_login_password_missing(test_client, init_database):
+    """
+    Test POST '/api/user/login'
+
+    Password missing
+    """
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email="user1@example.com")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_register_valid_data(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    Valid data
+    """
+    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully registered user' in response.data
+
+
+def test_register_user_exists_already(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    User exists already
+    """
+    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    assert response.status_code == 500
+    assert b'Email already exist' in response.data
+
+
+def test_register_email_missing(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    Email missing
+    """
+    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="user3")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_register_email_empty(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    Email empty
+    """
+    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="user3", email="")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'Not a valid email address' in response.data
+
+
+def test_register_password_missing(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    Password missing
+    """
+    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", username="user3")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_register_password_empty(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    password empty
+    """
+    response = test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", username="user3", password="")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_register_username_missing(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    Username missing
+    """
+    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", email="user3@example.com")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_register_username_empty(test_client, init_database):
+    """
+    Test POST '/api/user/register'
+
+    Username empty
+    """
+    response = test_client.post('/api/user/register', data=json.dumps(dict(password="password", username="", email="user3@example.com")), content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_delete_user_not_logged_in(test_client, init_database):
+    """
+    Test DELETE '/api/user'
+
+    User is not logged in
+    """
+    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    response = test_client.delete('/api/user', data=json.dumps(dict(email="user3@example.com")), content_type='application/json')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_delete_user_same_user_logged_in(test_client, init_database):
+    """
+    Test DELETE '/api/user'
+
+    User3 is logged in
+    """
+    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    response = test_client.delete('/api/user',
+                                  data=json.dumps(dict(email="user3@example.com")),
+                                  content_type='application/json',
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'Successfully removed user' in response.data
+
+
+def test_delete_user_different_user_logged_in_no_admin(test_client, init_database):
+    """
+    Test DELETE '/api/user'
+
+    Different user is logged in -> no admin
+    """
+    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    response = test_client.delete('/api/user',
+                                  data=json.dumps(dict(email="user3@example.com")),
+                                  content_type='application/json',
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 401
+    assert b'Only admin users can access this' in response.data
+
+
+def test_delete_user_different_user_logged_in_admin(test_client, init_database):
+    """
+    Test DELETE '/api/user'
+
+    Different user is logged in -> admin
+    """
+    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    response = test_client.delete('/api/user',
+                                  data=json.dumps(dict(email="user3@example.com")),
+                                  content_type='application/json',
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))})
+    assert response.status_code == 200
+    assert b'Successfully removed user' in response.data
+
+
+def test_delete_user_email_missing(test_client, init_database):
+    """
+    Test DELETE '/api/user'
+
+    Email missing
+    """
+    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    response = test_client.delete('/api/user',
+                                  data=json.dumps(dict()),
+                                  content_type='application/json',
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_delete_user_email_empty(test_client, init_database):
+    """
+    Test DELETE '/api/user'
+
+    Email empty
+    """
+    test_client.post('/api/user/register', data=json.dumps(dict(email="user3@example.com", password="password", username="user3")), content_type='application/json')
+    response = test_client.delete('/api/user',
+                                  data=json.dumps(dict(email="")),
+                                  content_type='application/json',
+                                  headers={"Authorization": "Bearer {}".format(get_token(test_client, "user3@example.com", "password"))})
+    assert response.status_code == 400
+    assert b'Not a valid email address' in response.data
+
+
+def test_get_current_user_user_not_logged_in(test_client, init_database):
+    """
+    Test GET '/api/user'
+
+    User is not logged in
+    """
+    response = test_client.get('/api/user')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_get_current_user_user1_logged_in(test_client, init_database):
+    """
+    Test GET '/api/user'
+
+    User1 is logged in
+    """
+    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'user1' in response.data
+    assert b'user2' not in response.data
+
+
+def test_get_current_user_bot_logged_in_user_exists(test_client, init_database):
+    """
+    Test GET '/api/user'
+
+    Bot1 is logged in and requests user 12345678
+    """
+    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "bot1@example.com", "bot1") + ":12345678")})
+    assert response.status_code == 200
+    assert b'user1' in response.data
+    assert b'bot' not in response.data
+
+
+def test_get_current_user_bot_logged_in_user_not_exists(test_client, init_database):
+    """
+    Test GET '/api/user'
+
+    Bot1 is logged in and requests user 1234 (not existing)
+    """
+    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "bot1@example.com", "bot1") + ":1234")})
+    assert response.status_code == 401
+    assert b'Unable to login' in response.data
+
+
+def test_get_current_user_user1_logged_in_but_no_bot(test_client, init_database):
+    """
+    Test GET '/api/user'
+
+    User1 is logged in and requests user 1234 (not existing)
+    Fails because user1 is not a bot
+    """
+    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password") + ":12345678")})
+    assert response.status_code == 401
+    assert b'Unable to login' in response.data
+
+
+def test_get_current_user_invalid_token(test_client, init_database):
+    """
+    Test GET '/api/user'
+
+    Invalid Bearer token
+    """
+    response = test_client.get('/api/user', headers={"Authorization": "Bearer {}".format("invalidtoken:12345678")})
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_update_user_not_logged_in(test_client, init_database):
+    """
+    Test PUT '/api/user'
+
+    User is not logged in
+    """
+    response = test_client.put('/api/user')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_update_user1_logged_in_password_username(test_client, init_database):
+    """
+    Test PUT '/api/user'
+
+    User1 is logged in
+    Change Username and Password
+    """
+    test_client.put('/api/user', data=json.dumps(dict(username="user4", password="password")),
+                    headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                    content_type='application/json')
+    response = test_client.get('/api/user',
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                               content_type='application/json')
+    assert response.status_code == 200
+    assert b'user4' in response.data
+
+
+def test_update_user1_logged_in_password(test_client, init_database):
+    """
+    Test PUT '/api/user'
+
+    User1 is logged in
+    Change Password
+    """
+    response = test_client.put('/api/user', data=json.dumps(dict(password="password123")),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'Successfully updated user' in response.data
+
+
+def test_update_user1_logged_in_username(test_client, init_database):
+    """
+    Test PUT '/api/user'
+
+    User1 is logged in
+    Change Username
+    """
+    response = test_client.put('/api/user', data=json.dumps(dict(username="user1")),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))})
+    assert response.status_code == 200
+    assert b'Successfully updated user' in response.data
+
+
+def test_set_admin_user_not_logged_in(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    User is not logged in
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)), content_type='application/json')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_set_admin_user1_logged_in(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    User1 is logged in (no admin)
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                               content_type='application/json')
+    assert response.status_code == 401
+    assert b'Only admin users can access this' in response.data
+
+
+def test_set_admin_admin1_logged_in(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    Admin1 is logged in (admin)
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=True)),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
+                               content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully updated users admin rights' in response.data
+
+
+def test_set_admin_admin1_logged_in_user_not_exist(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    Admin1 is logged in (admin)
+    notexistinguser@example.com does not exist
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="notexistinguser@example.com", admin=True)),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
+                               content_type='application/json')
+    assert response.status_code == 500
+    assert b'Unable to update user' in response.data
+
+
+def test_set_admin_admin1_logged_in_email_missing(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    Admin1 is logged in (admin)
+    email missing
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(admin=True)),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
+                               content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_set_admin_admin1_logged_in_email_empty(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    Admin1 is logged in (admin)
+    email missing
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="", admin=True)),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
+                               content_type='application/json')
+    assert response.status_code == 400
+    assert b'Not a valid email address.' in response.data
+
+
+def test_set_admin_admin1_logged_in_admin_missing(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    Admin1 is logged in (admin)
+    admin data missing
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com")),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
+                               content_type='application/json')
+    assert response.status_code == 400
+    assert b'missing' in response.data
+
+
+def test_set_admin_admin1_logged_in_admin_empty(test_client, init_database):
+    """
+    Test PUT '/api/user/setAdmin'
+
+    Admin1 is logged in (admin)
+    admin data missing
+    """
+    response = test_client.put('/api/user/setAdmin', data=json.dumps(dict(email="user1@example.com", admin=None)),
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
+                               content_type='application/json')
+    assert response.status_code == 400
+    assert b'Field may not be null' in response.data
+
+
+def test_get_users_not_logged_in(test_client, init_database):
+    """
+    Test GET '/api/users'
+
+    User is not logged in
+    """
+    response = test_client.get('/api/users')
+    assert response.status_code == 401
+    assert b'Unauthorized' in response.data
+
+
+def test_get_users_user1_logged_in(test_client, init_database):
+    """
+    Test GET '/api/users'
+
+    User1 is logged in (not admin)
+    """
+    response = test_client.get('/api/users',
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "user1@example.com", "password"))},
+                               content_type='application/json')
+
+    assert response.status_code == 401
+    assert b'Only admin users can access this' in response.data
+
+
+def test_get_users_admin1_logged_in(test_client, init_database):
+    """
+    Test GET '/api/users'
+
+    Admin1 is logged in (admin)
+    """
+    response = test_client.get('/api/users',
+                               headers={"Authorization": "Bearer {}".format(get_token(test_client, "admin1@example.com", "admin1"))},
+                               content_type='application/json')
+    assert response.status_code == 200
+    assert b'Successfully received all users' in response.data
+
+
+def get_token(test_client, email, password):
+    response = test_client.post('/api/user/login', data=json.dumps(dict(email=email, password=password)), content_type='application/json')
+
+    if "data" in json.loads(response.data):
+        if "token" in json.loads(response.data)["data"]:
+            return json.loads(response.data)["data"]["token"]
+
+    return ""