Scribd
Upload
21 views26 pages

Team 17 Milestone 5

The document outlines Milestone 5 of a software engineering project focused on API tests conducted by Team 17 from IITM. It includes detailed test cases for various API endpoints related to authentication, user profiles, projects, and project milestones, with expected and actual outputs for each test. The tests ensure functionality such as user registration, login, profile management, and project operations, confirming that the API behaves as intended.

Uploaded by

mukherjeesounath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
21 views26 pages

Team 17 Milestone 5

The document outlines Milestone 5 of a software engineering project focused on API tests conducted by Team 17 from IITM. It includes detailed test cases for various API endpoints related to authentication, user profiles, projects, and project milestones, with expected and actual outputs for each test. The tests ensure functionality such as user registration, login, profile management, and project operations, confirming that the API behaves as intended.

Uploaded by

mukherjeesounath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 26

Software Engineering Project

Milestone 5: API Tests

Submitted by:
Sept ‘24 - Team 17

Name Roll Number

Abhinandan Godara 22f2000080

Arjun B 22f2000797

Vanessa Amanna 21f3000075

Ravi Krishnan U B 21f1000845

Aditi Manthripragada 21f1002399

Karan Patil 22f2001061

Submitted on:
27/11/2024

IITM Online BS Degree Program,


Indian Institute of Technology, Madras, Chennai Tamil Nadu, India, 600036
Table of Contents

Table of Contents 1
Authentication API Tests 3
Profile API Tests 8
Projects API Tests 12
Project Details API Tests 14
Project Milestones API Tests 17
Project Submissions API Tests 20
Project Teams API Tests 21
Instructor Projects API Tests 22
GitHub Integration API Tests 23
Github Team API Tests 25
Authentication API Tests
Description: These tests validate the endpoints related to user authentication, including
registration and login.

Endpoint:
- URL: http://127.0.0.1:5000/api/v1/auth/register
- Method: POST

Test Cases:
1. test_user_register_student
Tests registering a student user.

- Inputs:

Unset
{
"email": "student@ds.study.iitm.ac.in",
"password": "securepassword",
"name": "Test Student"
}

- Expected Output:
- Status code: 201
- JSON:

Unset
{
"id": "<generated_user_id>",
"name": "Test Student",
"email": "student@ds.study.iitm.ac.in",
"roles": ["Student"],
"profile_picture": null
}

- Actual Output: Matches expected output


- Result: Passed
- Code:
Python
def test_user_register_student(self, client, db):
payload = {
"email": "student@ds.study.iitm.ac.in",
"password": "securepassword",
"name": "Test Student"
}
response = client.post("/api/v1/auth/register", json=payload)
assert response.status_code == 201
assert response.get_json()["email"] == payload["email"]

2. test_user_register_instructor
Tests registering an instructor user.

- Inputs:

Unset
{
"email": "instructor@study.iitm.ac.in",
"password": "password123",
"name": "Test Instructor"
}

- Expected Output:
- Status code: 201
- JSON:

Unset
{
"id": "<generated_user_id>",
"name": "Test Instructor",
"email": "instructor@study.iitm.ac.in",
"roles": ["Instructor"],
"profile_picture": null
}

- Actual Output: Matches expected output


- Result: Passed
- Code:
Python
def test_user_register_instructor(self, client, db):
payload = {
"email": "instructor@study.iitm.ac.in",
"password": "password123",
"name": "Test Instructor"
}
response = client.post("/api/v1/auth/register", json=payload)
assert response.status_code == 201
assert response.get_json()["email"] == payload["email"]

Endpoint:
- URL: http://127.0.0.1:5000/api/v1/auth/login
- Method: POST

Test Cases:
1. test_user_login_success
Tests successful login with valid credentials.

- Inputs:

Unset
{
"email": "test@example.com",
"password": "password"
}

- Expected Output:
- Status code: 200
- JSON:

Unset
{
"access_token": "<generated_token>",
"user_info": {
"id": "<user_id>",
"name": "Test Student",
"email": "test@example.com",
"roles": ["Student"]
}
}

- Actual Output: Matches expected output


- Result: Passed
- Code:

Python
def test_user_login_success(self, client, db, sample_student):
payload = {"email": "test@example.com", "password": "password"}
sample_student.user.save_password_hash(payload["password"])
response = client.post("/api/v1/auth/login", json=payload)
assert response.status_code == 200
assert "access_token" in response.get_json()

2. test_user_login_invalid_credentials
Tests login with invalid credentials.

- Inputs:

Unset
{
"email": "invalid@example.com",
"password": "wrongpassword"
}

- Expected Output:
- Status code: 401
- JSON:

Unset
{
"message": "Invalid email or password"
}
- Actual Output: Matches expected output
- Result: Passed
- Code:

Python
def test_user_login_invalid_credentials(self, client):
payload = {"email": "invalid@example.com", "password": "wrongpassword"}
response = client.post("/api/v1/auth/login", json=payload)
assert response.status_code == 401
assert response.get_json()["message"] == "Invalid email or password"

3. test_user_register_invalid_email_domain
Tests registration with an invalid email domain.

- Inputs:

Unset
{
"email": "user@invalid.com",
"password": "password",
"name": "Invalid User"
}

- Expected Output:
- Status code: 400
- JSON:

Unset
{
"message": "Email must end with the domain 'iitm.ac.in'."
}

- Actual Output: Matches expected output


- Result: Passed
- Code:
Python
def test_user_register_invalid_email_domain(self, client):
payload = {"email": "user@invalid.com", "password": "password", "name":
"Invalid User"}
response = client.post("/api/v1/auth/register", json=payload)
assert response.status_code == 400
assert response.get_json()["message"] == "Email must end with the domain
'iitm.ac.in'."

Profile API Tests


Description: These tests validate the endpoints related to user profiles, including fetching and
updating profile details.

Endpoint:
- URL: http://127.0.0.1:5000/api/v1/profile
- Method: GET

Test Cases:
1. test_get_profile_student
Tests fetching the profile details of a student.

- Inputs: None (authenticated user via JWT)


- Expected Output:
- Status code: 200
- JSON:

Unset
{
"id": "<user_id>",
"email": "22f2000001ds.study.iitm.ac.in",
"name": "Test Student",
"profile_picture": null,
"is_active": true,
"roll_number": "22f2000001",
"github_username": "teststudent",
"team_name": null
}
- Actual Output: Matches expected output
- Result: Passed
- Code:

Python
def test_get_profile_student(self, client, db, sample_student, auth_headers):
response = client.get("/api/v1/profile", headers=auth_headers)
assert response.status_code == 200
assert response.get_json()["email"] == sample_student.user.email

2. test_get_profile_instructor
Tests fetching the profile details of an instructor.

- Inputs: None (authenticated user via JWT)


- Expected Output:
- Status code: 200
- JSON:

Unset
{
"id": "<user_id>",
"email": "instructor@study.iitm.ac.in",
"name": "Test Instructor",
"profile_picture": null,
"is_active": true,
"projects": []
}

- Actual Output: Matches expected output


- Result: Passed
- Code:

Python
def test_get_profile_instructor(self, client, db, sample_instructor):
access_token = create_access_token(
identity=sample_instructor.user.email,
additional_claims={"user_id": sample_instructor.user.id, "roles":
["Instructor"]}
)
headers = {"Authorization": f"Bearer {access_token}"}
response = client.get("/api/v1/profile", headers=headers)
assert response.status_code == 200
assert response.get_json()["email"] == sample_instructor.user.email

Endpoint:
- URL: http://127.0.0.1:5000/api/v1/profile
- Method: PUT

Test Cases:
1. test_put_profile_student
Tests updating the profile details of a student.

- Inputs:

Unset
{
"name": "Updated Student",
"roll_number": "UPDATED001",
"github_username": "updatedstudent"
}

- Expected Output:
- Status code: 200
- JSON:

Unset
{
"message": "Profile updated successfully."
}

- Actual Output: Matches expected output


- Result: Passed
- Code:
Python
def test_put_profile_student(self, client, db, sample_student, auth_headers):
payload = {
"name": "Updated Student",
"roll_number": "UPDATED001",
"github_username": "updatedstudent"
}
response = client.put("/api/v1/profile", json=payload,
headers=auth_headers)
assert response.status_code == 200
assert response.get_json()["message"] == "Profile updated successfully."

2. test_put_profile_invalid_user
Tests updating profile details without authentication.

- Inputs:

Unset
{
"name": "Fake User"
}

- Expected Output:
- Status code: 401
- JSON:

Unset
{
"message": "Unauthorized access."
}

- Actual Output: Matches expected output


- Result: Passed
- Code:

Python
def test_put_profile_invalid_user(self, client):
response = client.put("/api/v1/profile", json={"name": "Fake User"})
assert response.status_code == 401
assert response.get_json()["message"] == "Unauthorized access."

3. test_get_profile_unauthenticated
Tests fetching profile details without authentication.

- Inputs: None
- Expected Output:
- Status code: 401
- JSON:

Unset
{
"message": "Unauthorized access."
}

- Actual Output: Matches expected output


- Result: Passed
- Code:

Python
def test_get_profile_unauthenticated(self, client):
response = client.get("/api/v1/profile")
assert response.status_code == 401
assert response.get_json()["message"] == "Unauthorized access."

Projects API Tests


Description: These tests validate the endpoints related to project management, including
fetching, creating, updating, and deleting projects.

Endpoint:
- URL: /api/v1/projects
- Method: GET
Test Cases:
1. test_get_projects Tests the retrieval of all projects.
- Inputs: None
- Expected Output: List of projects with HTTP-Status Code 200
- Actual Output: List of projects with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_get_projects(self, client, sample_project):
response = client.get('/api/v1/projects')
assert response.status_code == 200
data = response.get_json()
assert isinstance(data, list)
assert len(data) == 1
assert data[0]['title'] == "Test Project"
assert data[0]['description'] == "Test Description"

Endpoint:
- URL: /api/v1/projects
- Method: POST

Test Cases:
1. test_create_project Tests the creation of a new project.

- Inputs:

Unset
{
"title": "New Project",
"description": "New Description",
"status": "active"
}

- Expected Output: Project created successfully with HTTP-Status Code 201


- Actual Output: Project created successfully with HTTP-Status Code 201
- Result: Passed
- Code:
Python
def test_create_project(self, client):
project_data = {
"title": "New Project",
"description": "New Description",
"status": "active"
}
response = client.post('/api/v1/projects', json=project_data)
assert response.status_code == 201
data = response.get_json()
assert data['title'] == "New Project"
assert data['description'] == "New Description"

2. test_create_project_missing_fields Tests the creation of a project with


missing required fields.

- Inputs:

Unset
{
"description": "Missing Title"
}

- Expected Output: HTTP-Status Code 400 for bad request


- Actual Output: HTTP-Status Code 400
- Result: Passed
- Code:

Python
def test_create_project_missing_fields(self, client):
project_data = {
"description": "Missing Title"
}
response = client.post('/api/v1/projects', json=project_data)
assert response.status_code == 400

Project Details API Tests


Description: These tests validate fetching, updating, and deleting individual projects.
Endpoint:
- URL: /api/v1/projects/{project_id}
- Method: GET

Test Cases:
1. test_get_project Tests fetching a specific project.

- Inputs: {project_id: sample_project.id}


- Expected Output: Project details with HTTP-Status Code 200
- Actual Output: Project details with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_get_project(self, client, sample_project):
response = client.get(f'/api/v1/projects/{sample_project.id}')
assert response.status_code == 200
data = response.get_json()
assert data['title'] == "Test Project"

2. test_get_nonexistent_project Tests fetching a project that does not exist.

- Inputs: {project_id: 999}


- Expected Output: HTTP-Status Code 404
- Actual Output: HTTP-Status Code 404
- Result: Passed
- Code:

Python
def test_get_nonexistent_project(self, client):
response = client.get('/api/v1/projects/999')
assert response.status_code == 404

Endpoint:
- URL: /api/v1/projects/{project_id}
- Method: PUT
Test Cases:
1. test_update_project Tests updating a project's details.
- Inputs:

Unset
{
"title": "Updated Project",
"description": "Updated Description"
}

- Expected Output: Project updated successfully with HTTP-Status Code 200


- Actual Output: Project updated successfully with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_update_project(self, client, sample_project):
update_data = {
"title": "Updated Project",
"description": "Updated Description"
}
response = client.put(
f'/api/v1/projects/{sample_project.id}',
json=update_data
)
assert response.status_code == 200
data = response.get_json()
assert data['title'] == "Updated Project"

Endpoint:
- URL: /api/v1/projects/{project_id}
- Method: DELETE

Test Cases:
1. test_delete_project Tests deleting a project.
- Inputs: {project_id: sample_project.id}
- Expected Output: Project deleted successfully with HTTP-Status Code 200
- Actual Output: Project deleted successfully with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_delete_project(self, client, sample_project):
response = client.delete(f'/api/v1/projects/{sample_project.id}')
assert response.status_code == 200

Project Milestones API Tests


Description: These tests validate endpoints for managing milestones within a project.

Endpoint:
- URL: /api/v1/projects/{project_id}/milestones
- Method: GET

Test Cases:
1. test_get_milestones Tests fetching all milestones for a specific project.
- Inputs: {project_id: sample_project.id}
- Expected Output: List of milestones with HTTP-Status Code 200
- Actual Output: List of milestones with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_get_milestones(self, client, sample_project, sample_milestone):
response = client.get(f'/api/v1/projects/{sample_project.id}/milestones')
assert response.status_code == 200
data = response.get_json()
assert isinstance(data, list)
assert len(data) == 1
assert data[0]['title'] == "Test Milestone"

Endpoint:
- URL: /api/v1/projects/{project_id}/milestones
- Method: POST
Test Cases:
1. test_create_milestone Tests creating a new milestone.
- Inputs:

Unset
{
"title": "New Milestone",
"description": "New Description",
"dueDate": "30-06-2024",
"status": "Active"
}

- Expected Output: Milestone created successfully with HTTP-Status Code 201


- Actual Output: Milestone created successfully with HTTP-Status Code 201
- Result: Passed
- Code:

Python
def test_create_milestone(self, client, sample_project):
milestone_data = {
"title": "New Milestone",
"description": "New Description",
"dueDate": "30-06-2024",
"status": "Active"
}
response = client.post(
f'/api/v1/projects/{sample_project.id}/milestones',
json=milestone_data
)
assert response.status_code == 201
data = response.get_json()
assert data['title'] == "New Milestone"

Endpoint:
- URL: /api/v1/projects/{project_id}/milestones/{milestone_id}
- Method: GET
1. test_get_single_milestone Tests fetching a single milestone by ID.
- Inputs: {project_id: sample_project.id, milestone_id:
sample_milestone.id}
- Expected Output: Milestone details with HTTP-Status Code 200
- Actual Output: Milestone details with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_get_single_milestone(self, client, sample_project, sample_milestone):
response = client.get(

f'/api/v1/projects/{sample_project.id}/milestones/{sample_milestone.id}'
)
assert response.status_code == 200
data = response.get_json()
assert data['title'] == "Test Milestone"

Endpoint:
- URL: /api/v1/projects/{project_id}/milestones/{milestone_id}
- Method: PUT
1. test_update_milestone Tests updating an existing milestone.
- Inputs:

Unset
{
"title": "Updated Milestone",
"description": "Updated Description",
"due_date": "2024-07-01",
"status": "In Progress"
}

- Expected Output: Milestone updated successfully with HTTP-Status Code 200


- Actual Output: Milestone updated successfully with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_update_milestone(self, client, sample_project, sample_milestone):
update_data = {
"title": "Updated Milestone",
"description": "Updated Description",
"due_date": "2024-07-01",
"status": "In Progress"
}
response = client.put(

f'/api/v1/projects/{sample_project.id}/milestones/{sample_milestone.id}',
json=update_data
)
assert response.status_code == 200
data = response.get_json()
assert data['title'] == "Updated Milestone"

Project Submissions API Tests


Description: These tests validate endpoints for managing project submissions by teams.

Endpoint:
- URL: /api/v1/instructor/projects/{project_id}/teams
- Method: GET

Test Cases:
1. test_get_teams Tests fetching all teams and their submissions for a specific project.
- Inputs: {project_id: sample_project.id}
- Expected Output: List of teams with their submissions and HTTP-Status Code
200
- Actual Output: List of teams with their submissions and HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_get_teams(self, client, sample_project):
response =
client.get(f'/api/v1/instructor/projects/{sample_project.id}/teams')
assert response.status_code == 200
data = response.get_json()
assert isinstance(data, list)
for submission in data:
assert 'team' in submission
assert 'submissions' in submission
assert isinstance(submission['submissions'], list)

Project Teams API Tests


Description: These tests validate endpoints for managing teams associated with a project.

Endpoint:
- URL: /api/v1/instructor/projects/{project_id}/teams/{team_id}
- Method: GET

Test Cases:
1. test_get_team Tests fetching a specific team by ID.

- Inputs: {project_id: sample_project.id, team_id:


sample_team.id}
- Expected Output: Team details with HTTP-Status Code 200
- Actual Output: Team details with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_get_team(self, client, sample_project, sample_team, sample_student):
response = client.get(

f'/api/v1/instructor/projects/{sample_project.id}/teams/{sample_team.id}'
)
assert response.status_code == 200
data = response.get_json()
assert data['name'] == "Test Team"
assert 'students' in data

2. test_get_nonexistent_team Tests fetching a team that does not exist.

- Inputs: {project_id: sample_project.id, team_id: 999}


- Expected Output: HTTP-Status Code 404
- Actual Output: HTTP-Status Code 404
- Result: Passed
- Code:

Python
def test_get_nonexistent_team(self, client, sample_project):
response =
client.get(f'/api/v1/instructor/projects/{sample_project.id}/teams/999')
assert response.status_code == 404

Instructor Projects API Tests


Description: These tests validate endpoints for fetching projects associated with an instructor.

Endpoint:
- URL: /api/v1/instructor/{instructor_id}/projects
- Method: GET

Test Cases:
1. test_get_instructor_projects Tests fetching all projects associated with a
specific instructor.
- Inputs: {instructor_id: sample_instructor.id}
- Expected Output: List of projects with HTTP-Status Code 200
- Actual Output: List of projects with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_get_instructor_projects(self, client, sample_instructor):
response =
client.get(f'/api/v1/instructor/{sample_instructor.id}/projects')
assert response.status_code == 200
data = response.get_json()
assert isinstance(data, list)
GitHub Integration API Tests
Description: These tests handle Github integration functionalities

Endpoint:
- URL: http://127.0.0.1:5000/api/v1/teams/{team_id}/integration
- Methods: GET, POST, PUT

Test Cases:
1. test_github_integration_get_success Tests successful retrieval of GitHub integration
details

- Inputs: team_id: (sample team ID)


- Expected Output: GitHub repo details with HTTP-Status Code 200
- Actual Output: GitHub repo details with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_github_integration_get_success(client, sample_team,
sample_repository):
response = client.get(f'api/v1/teams/{sample_team.id}/integration')
assert response.status_code == 200
data = response.get_json()
assert data['repo_owner'] == 'test-owner'
assert data['repo_name'] == 'test-repo'

2. test_github_integration_get_not_found Tests retrieval of GitHub integration for a


non-existent team

- Inputs: team_id: 9999


- Expected Output: HTTP-Status Code 404
- Actual Output: HTTP-Status Code 404
- Result: Passed
- Code:

Python
def test_github_integration_get_not_found(client):
response = client.get('api/v1/teams/9999/integration')
assert response.status_code == 404
assert 'No integration found' in response.get_json()['message']

3. test_github_integration_post_success Tests successful creation of a new GitHub


integration

- Inputs:
- team_id: sample_team.id
- { 'repo_owner': 'new-owner', 'repo_name': 'new-repo',
'auth_token': 'new-token', 'project_id':
sample_project.id }
- Expected Output: HTTP-Status Code: 200
- Actual Output: HTTP-Status Code: 200
- Result: Passed
- Code:

Python
def test_github_integration_post_success(client, sample_project, sample_team):
integration_data = {
'repo_owner': 'new-owner',
'repo_name': 'new-repo',
'auth_token': 'new-token',
'project_id': sample_project.id
}
response = client.post(
f'api/v1/teams/{sample_team.id}/integration',
json=integration_data
)
assert response.status_code == 200

4. test_github_integration_put_success Tests successful update of an existing GitHub


integration

- Inputs:
- team_id: sample_team.id
- { 'repo_owner': 'updated-owner', 'repo_name':
'updated-repo', 'auth_token': 'updated-token',
'project_id': sample_project.id }
- Expected Output: HTTP-Status Code: 200
- Actual Output: HTTP-Status Code: 200
- Result: Passed
- Code:

Python
def test_github_integration_put_success(client, sample_project, sample_team,
sample_repository):
update_data = {
'repo_owner': 'updated-owner',
'repo_name': 'updated-repo',
'auth_token': 'updated-token',
'project_id': sample_project.id
}
response = client.put(
f'api/v1/teams/{sample_team.id}/integration',
json=update_data
)
assert response.status_code == 200

Github Team API Tests


Description These tests handle GitHub integation/commit functionalities for teams

Endpoint:
- URL: http://127.0.0.1:5000/api/v1/teams/{team_id}/commits
- Methods: GET, POST

Test Cases:
1. test_github_team_get_commits Tests retrieval of team commits

- Inputs: team_id: (sample team ID)


- Expected Output: List of Commits with HTTP-Status Code 200
- Actual Output: List of Commits with HTTP-Status Code 200
- Result: Passed
- Code:

Python
def test_github_team_get_commits(client, sample_team, sample_commit):
response = client.get(f'/api/v1/teams/{sample_team.id}/commits')
assert response.status_code == 200
data = response.get_json()
assert len(data) == 3
assert all('commit_hash' in commit for commit in data)

2. test_github_team_post_commits Tests fetching and updating team commits

- Inputs: {milestone_id: sample_milestone.id, team_id:


sample_team.id}
- Expected Output: HTTP-Status Code: 200
- Actual Output: HTTP-Status Code: 200
- Result: Passed
- Code:

Python
def test_github_team_post_commits(client, sample_repository, sample_team,
sample_milestone):
response = client.post(
f'/api/v1/teams/{sample_team.id}/commits',
json={'milestone_id': sample_milestone.id}
)
assert response.status_code == 200

data = response.get_json()
assert data['status'] == 'success'
assert data['added'] == 1

You might also like