diff --git a/server/Pipfile b/server/Pipfile index 86b2189..ba49ae6 100644 --- a/server/Pipfile +++ b/server/Pipfile @@ -23,6 +23,7 @@ pylint = ">=2.0,<2.1" pydocstyle = ">=2.1,<2.2" sphinx = ">=1.7,<1.8" sphinx-rtd-theme = ">=0.4,<0.5" +sphinxcontrib-httpdomain = ">=1.7,<1.8" [requires] python_version = "3.6" diff --git a/server/Pipfile.lock b/server/Pipfile.lock index 3f41eff..09c1089 100644 --- a/server/Pipfile.lock +++ b/server/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "d7f09008c17b9be991ced36644c754f92109844febb8a84df3d2823b6b57618e" + "sha256": "2d44286a15539f26e69e12737247e8f490fa6c5e1f35a28f5c322cbd525d5eda" }, "pipfile-spec": 6, "requires": { @@ -547,6 +547,14 @@ "index": "pypi", "version": "==0.4.1" }, + "sphinxcontrib-httpdomain": { + "hashes": [ + "sha256:1fb5375007d70bf180cdd1c79e741082be7aa2d37ba99efe561e1c2e3f38191e", + "sha256:ac40b4fba58c76b073b03931c7b8ead611066a6aebccafb34dc19694f4eb6335" + ], + "index": "pypi", + "version": "==1.7.0" + }, "sphinxcontrib-websupport": { "hashes": [ "sha256:68ca7ff70785cbe1e7bccc71a48b5b6d965d79ca50629606c7861a21b206d9dd", @@ -580,7 +588,6 @@ "sha256:edb04bdd45bfd76c8292c4d9654568efaedf76fe78eb246dde69bdb13b2dad87", "sha256:f19f2a4f547505fe9072e15f6f4ae714af51b5a681a97f187971f50c283193b6" ], - "markers": "python_version < '3.7' and implementation_name == 'cpython'", "version": "==1.1.0" }, "urllib3": { diff --git a/server/README.md b/server/README.md index cd9d569..12b310c 100644 --- a/server/README.md +++ b/server/README.md @@ -8,8 +8,8 @@ ## Installation ```bash -git clone -cd +git clone https://gitlab.com/WarrickSothr/Atheneum.git +cd Atheneum/server pipenv install pipenv shell ``` @@ -28,6 +28,8 @@ docker run -d atheneum:local-test ### Local Development Version ```bash +FLASK_APP=atheneum:atheneum flask db upgrade +python manage.py user register-admin FLASK_APP=atheneum:atheneum flask run ``` diff --git a/server/atheneum/__init__.py b/server/atheneum/__init__.py index e22228e..4679e5e 100644 --- a/server/atheneum/__init__.py +++ b/server/atheneum/__init__.py @@ -6,7 +6,8 @@ from flask import Flask from flask_migrate import Migrate from atheneum.db import db -from atheneum.errors import BaseError, handle_atheneum_base_error +from atheneum.errors import BaseError, handle_atheneum_base_error, \ + handle_atheneum_404_error from atheneum.utility import json_utility, session_utility dictConfig({ @@ -92,6 +93,7 @@ def register_error_handlers(app: Flask) -> None: :param app: :return: """ + app.register_error_handler(404, handle_atheneum_404_error) app.register_error_handler(BaseError, handle_atheneum_base_error) diff --git a/server/atheneum/api/authentication_api.py b/server/atheneum/api/authentication_api.py index 762bfc5..410782a 100644 --- a/server/atheneum/api/authentication_api.py +++ b/server/atheneum/api/authentication_api.py @@ -2,7 +2,7 @@ from flask import Blueprint, g from atheneum.api.decorators import return_json -from atheneum.api.model import APIResponse +from atheneum.api.model import APIMessage, APIResponse from atheneum.middleware import authentication_middleware from atheneum.service import ( user_token_service, @@ -37,7 +37,7 @@ def login_bump() -> APIResponse: :return: A time stamp for the bumped login """ user_service.update_last_login_time(g.user) - return APIResponse({'lastLoginTime': g.user.last_login_time}, 200) + return APIResponse(g.user, 200, ['lastLoginTime']) @AUTH_BLUEPRINT.route('/logout', methods=['POST']) @@ -50,4 +50,4 @@ def logout() -> APIResponse: :return: """ authentication_service.logout(g.user_token) - return APIResponse(None, 200) + return APIResponse(APIMessage(True, None), 200) diff --git a/server/atheneum/api/model.py b/server/atheneum/api/model.py index fb84b49..9226e75 100644 --- a/server/atheneum/api/model.py +++ b/server/atheneum/api/model.py @@ -1,5 +1,5 @@ """Model definitions for the api module.""" -from typing import Any, List, Optional +from typing import Any, List, Optional, Dict class APIResponse: # pylint: disable=too-few-public-methods @@ -13,3 +13,26 @@ class APIResponse: # pylint: disable=too-few-public-methods self.payload = payload self.status = status self.options = options + + +class APIMessage: # pylint: disable=too-few-public-methods + """Simple class to encapsulate response messages.""" + + success: bool + message: Optional[str] + + def __init__(self, + success: bool, + message: Optional[str]) -> None: + """Construct an APIMessage.""" + self.success = success + self.message = message + + def to_dict(self) -> dict: + """Serialize an APIMessage to a dict.""" + obj: Dict[str, Any] = { + 'success': self.success + } + if self.message is not None: + obj['message'] = self.message + return obj diff --git a/server/atheneum/api/user_api.py b/server/atheneum/api/user_api.py index 8330895..556ba13 100644 --- a/server/atheneum/api/user_api.py +++ b/server/atheneum/api/user_api.py @@ -2,7 +2,7 @@ from flask import Blueprint, abort, request, g from atheneum.api.decorators import return_json -from atheneum.api.model import APIResponse +from atheneum.api.model import APIResponse, APIMessage from atheneum.middleware import authentication_middleware from atheneum.model import User from atheneum.service import ( @@ -47,12 +47,9 @@ def patch_user(name: str) -> APIResponse: if user is not None: user_patch: User = transformation_service.deserialize_model( User, request.json) - try: - patched_user = patch_service.patch( - g.user, user, user_patch, get_patch_fields(request.json)) - return APIResponse(patched_user, 200) - except ValueError: - return abort(400) + patched_user = patch_service.patch( + g.user, user, user_patch, get_patch_fields(request.json)) + return APIResponse(patched_user, 200) return abort(404) @@ -68,9 +65,32 @@ def register_user() -> APIResponse: """ new_user: User = transformation_service.deserialize_model( User, request.json) + + requested_password = None + if 'password' in request.json: + requested_password = request.json['password'].strip() + registered_user = user_service.register( name=new_user.name, - password=None, + password=requested_password, role=new_user.role ) return APIResponse(payload=registered_user, status=200) + + +@USER_BLUEPRINT.route('/', methods=['DELETE']) +@return_json +@authentication_middleware.require_token_auth +@authentication_middleware.require_role(required_role=Role.ADMIN) +def delete_user(name: str) -> APIResponse: + """ + Delete a user with the service. + + :return: The newly registered User + """ + user = user_service.find_by_name(name) + if user is not None: + user_service.delete(user) + return APIResponse( + APIMessage(True, 'Successfully Deleted'), status=200) + return abort(404) diff --git a/server/atheneum/errors.py b/server/atheneum/errors.py index 5a579ba..1e88a86 100644 --- a/server/atheneum/errors.py +++ b/server/atheneum/errors.py @@ -1,8 +1,10 @@ """Error definitions for Atheneum.""" from typing import Dict +from werkzeug.exceptions import HTTPException + from atheneum.api.decorators import return_json -from atheneum.api.model import APIResponse +from atheneum.api.model import APIResponse, APIMessage class BaseError(Exception): @@ -44,6 +46,13 @@ class ValidationError(ClientError): pass +@return_json +def handle_atheneum_404_error(exception: HTTPException) -> APIResponse: + """Error handler for 404 Atheneum errors.""" + return APIResponse( + payload=APIMessage(False, 'Not Found'), status=exception.code) + + @return_json def handle_atheneum_base_error(error: BaseError) -> APIResponse: """Error handler for basic Atheneum raised errors.""" diff --git a/server/atheneum/service/authentication_service.py b/server/atheneum/service/authentication_service.py index f3c2683..c46b549 100644 --- a/server/atheneum/service/authentication_service.py +++ b/server/atheneum/service/authentication_service.py @@ -1,14 +1,40 @@ """Service to handle authentication.""" +import re from datetime import datetime from typing import Optional from nacl import pwhash from nacl.exceptions import InvalidkeyError +from atheneum import errors from atheneum.model import User, UserToken from atheneum.service import user_token_service +def validate_password_strength(proposed_password: str) -> str: + """Validate that a password meets minimum strength requirements.""" + # calculating the length + length_error = len(proposed_password) < 8 + + # searching for digits + digit_error = re.search(r"\d", proposed_password) is None + + # searching for uppercase + uppercase_error = re.search(r"[A-Z]", proposed_password) is None + + # searching for lowercase + lowercase_error = re.search(r"[a-z]", proposed_password) is None + + if length_error or digit_error or uppercase_error or lowercase_error: + raise errors.ValidationError( + ' '.join(['The password must be at least 8 characters long.', + 'Contain one or more digits,', + 'one or more uppercase characters,', + 'and one or more lowercase characters'])) + + return proposed_password + + def is_valid_password(user: User, password: str) -> bool: """ User password must pass pwhash verify. diff --git a/server/atheneum/service/patch_service.py b/server/atheneum/service/patch_service.py index 1a42cff..42c55f8 100644 --- a/server/atheneum/service/patch_service.py +++ b/server/atheneum/service/patch_service.py @@ -2,6 +2,7 @@ from typing import Type, Set, Optional, Any, Dict from atheneum import db +from atheneum import errors from atheneum.model import User from atheneum.service import transformation_service from atheneum.service import validation_service @@ -39,7 +40,7 @@ def perform_patch(request_user: User, setattr(original_model, attribute, value) db.session.commit() else: - raise ValueError( + raise errors.ValidationError( 'Restricted attributes modified. Invalid Patch Set.') return original_model @@ -73,7 +74,8 @@ def versioning_aware_patch(request_user: User, patch_model, model_attributes, patched_fields) - raise ValueError('Versions do not match. Concurrent edit in progress.') + raise errors.ValidationError( + 'Versions do not match. Concurrent edit in progress.') def patch( @@ -94,7 +96,7 @@ def patch( model_attributes = validation_service.get_changable_attribute_names( original_model) if patch_model.id is not None and original_model.id != patch_model.id: - raise ValueError('Cannot change ids through patching') + raise errors.ValidationError('Cannot change ids through patching') if 'version' in model_attributes: return versioning_aware_patch( request_user, @@ -108,7 +110,7 @@ def patch( patch_model, model_attributes, patched_fields) - raise ValueError( + raise errors.ValidationError( 'Model types "{}" and "{}" do not match'.format( original_model.__class__.__name__, patch_model.__class__.__name__ diff --git a/server/atheneum/service/user_service.py b/server/atheneum/service/user_service.py index 92962ed..a83ec11 100644 --- a/server/atheneum/service/user_service.py +++ b/server/atheneum/service/user_service.py @@ -11,6 +11,7 @@ from atheneum import errors from atheneum.db import db from atheneum.model import User from atheneum.service import role_service +from atheneum.service.authentication_service import validate_password_strength from atheneum.service.transformation_service import ( BaseTransformer, register_transformer @@ -157,17 +158,25 @@ def find_by_name(name: str) -> Optional[User]: return User.query.filter_by(name=name).first() -def register(name: str, password: Optional[str], role: Optional[str]) -> User: +def register( + name: str, + password: Optional[str], + role: Optional[str], + validate_password: bool = True) -> User: """ Register a new user. :param name: Desired user name. Must be unique and not already registered :param password: Password to be hashed and stored for the user :param role: Role to assign the user [ROLE_USER, ROLE_ADMIN] + :param validate_password: Perform password validation :return: """ + if validate_password and password is not None: + validate_password_strength(password) password = password if password is not None else ''.join( random.choices(string.ascii_letters + string.digits, k=32)) + role = role if role is not None else User.ROLE_USER if find_by_name(name=name) is not None: diff --git a/server/atheneum/utility/json_utility.py b/server/atheneum/utility/json_utility.py index c527a26..283a0f0 100644 --- a/server/atheneum/utility/json_utility.py +++ b/server/atheneum/utility/json_utility.py @@ -5,7 +5,7 @@ from typing import Any import rfc3339 from flask.json import JSONEncoder -from atheneum.api.model import APIResponse +from atheneum.api.model import APIResponse, APIMessage from atheneum.db import db from atheneum.errors import BaseError from atheneum.service.transformation_service import serialize_model @@ -25,6 +25,8 @@ class CustomJSONEncoder(JSONEncoder): return serialize_model(o.payload, o.options) if isinstance(payload, BaseError): return payload.to_dict() + if isinstance(payload, APIMessage): + return payload.to_dict() return payload if isinstance(o, db.Model): return serialize_model(o) diff --git a/server/documentation/api/authentication.rst b/server/documentation/api/authentication.rst new file mode 100644 index 0000000..dcad473 --- /dev/null +++ b/server/documentation/api/authentication.rst @@ -0,0 +1,98 @@ +Authentication API +================== + +.. http:post:: /auth/login + + Authenticate with the server and receive a userToken for requests. + + **Example request**: + + .. sourcecode:: http + + POST /auth/login HTTP/1.1 + Host: example.tld + Accept: application/json + Authorization: Basic + + **Example response**: + + .. sourcecode:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "creationTime": "2018-07-29T11:59:29-05:00", + "enabled": true, + "token": "b94cf5c7-cddc-4610-9d4c-6b8e04088ae8", + "version": 0 + } + + :reqheader Accept: the response content type depends on :mailheader:`Accept` header + :reqheader Authorization: The encoded basic authorization + :resheader Content-Type: this depends on :mailheader:`Accept` header of request + :statuscode 200: user successfully logged in + :statuscode 401: authorization failed + +.. http:post:: /auth/bump + + Bump user login information. + + **Example request**: + + .. sourcecode:: http + + POST /auth/bump HTTP/1.1 + Host: example.tld + Accept: application/json + Authorization: Token + + **Example response**: + + .. sourcecode:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "lastLoginTime": "2018-07-29T12:15:51-05:00" + } + + :reqheader Accept: the response content type depends on :mailheader:`Accept` header + :reqheader Authorization: The encoded basic authorization + :resheader Content-Type: this depends on :mailheader:`Accept` header of request + :statuscode 200: user last_login_time successfully bumped + :statuscode 401: authorization failed + +.. http:post:: /auth/logout + + Logout a user and remove the provided userToken from valid tokens. + + **Example request**: + + .. sourcecode:: http + + POST /auth/logout HTTP/1.1 + Host: example.tld + Accept: application/json + Authorization: Token + + **Example response**: + + .. sourcecode:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "success": true + } + + :reqheader Accept: the response content type depends on :mailheader:`Accept` header + :reqheader Authorization: The encoded basic authorization + :resheader Content-Type: this depends on :mailheader:`Accept` header of request + :statuscode 200: user successfully logged out + :statuscode 401: authorization failed diff --git a/server/documentation/api/index.rst b/server/documentation/api/index.rst new file mode 100644 index 0000000..3d2882f --- /dev/null +++ b/server/documentation/api/index.rst @@ -0,0 +1,9 @@ +Atheneum API documentation +========================== + +.. toctree:: + :maxdepth: 2 + :caption: Contents: + + authentication + user diff --git a/server/documentation/api/user.rst b/server/documentation/api/user.rst new file mode 100644 index 0000000..3a7e390 --- /dev/null +++ b/server/documentation/api/user.rst @@ -0,0 +1,158 @@ +User API +======== + +.. http:get:: /user/(str:user_name) + + Find a user by name. + + **Example request**: + + .. sourcecode:: http + + GET /user/atheneum_administrator HTTP/1.1 + Host: example.tld + Accept: application/json + Authorization: Token + + **Example response**: + + .. sourcecode:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "creationTime": "2018-07-29T11:58:17-05:00", + "lastLoginTime": "2018-07-29T12:43:27-05:00", + "name": "atheneum_administrator", + "role": "ADMIN", + "version": 0 + } + + :reqheader Accept: the response content type depends on :mailheader:`Accept` header + :reqheader Authorization: The encoded basic authorization + :resheader Content-Type: this depends on :mailheader:`Accept` header of request + :statuscode 200: user successfully logged in + :statuscode 401: authorization failed + :statuscode 404: user doesn't exist + +.. http:patch:: /user/(str:user_name) + + Patch a user. + + **Example request**: + + .. sourcecode:: http + + PATCH /user/atheneum_administrator HTTP/1.1 + Host: example.tld + Accept: application/json + Authorization: Token + Content-Type: application/json + + { + "lastLoginTime": "2019-07-29T12:43:27-05:00", + "version": 0 + } + + **Example response**: + + .. sourcecode:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "creationTime": "2018-07-29T11:58:17-05:00", + "lastLoginTime": "2019-07-29T12:43:27-05:00", + "name": "atheneum_administrator", + "role": "ADMIN", + "version": 1 + } + + :reqheader Accept: the response content type depends on :mailheader:`Accept` header + :reqheader Authorization: The encoded basic authorization + :reqheader Content-Type: application/json + :resheader Content-Type: this depends on :mailheader:`Accept` header of request + :statuscode 200: user successfully logged in + :statuscode 400: an issue in the payload was discovered + :statuscode 401: authorization failed + :statuscode 404: user doesn't exist + +.. http:post:: /user/ + + Register a new user with the service. + + **Example request**: + + .. sourcecode:: http + + POST /user/ HTTP/1.1 + Host: example.tld + Accept: application/json + Authorization: Token + Content-Type: application/json + + { + "name": "test_user", + "password": "JvZ9bm79", + "role": "USER" + } + + **Example response**: + + .. sourcecode:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "creationTime": "2018-07-29T14:16:48-05:00", + "name": "test_user", + "role": "USER", + "version": 0 + } + + :reqheader Accept: the response content type depends on :mailheader:`Accept` header + :reqheader Authorization: The encoded basic authorization + :reqheader Content-Type: application/json + :resheader Content-Type: this depends on :mailheader:`Accept` header of request + :statuscode 200: user successfully logged in + :statuscode 400: an issue in the payload was discovered + :statuscode 401: authorization failed + +.. http:delete:: /user/(str:user_name) + + Register a new user with the service. + + **Example request**: + + .. sourcecode:: http + + DELETE /user/test_user HTTP/1.1 + Host: example.tld + Accept: application/json + Authorization: Token + + **Example response**: + + .. sourcecode:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "message": "Successfully Deleted", + "success": true + } + + :reqheader Accept: the response content type depends on :mailheader:`Accept` header + :reqheader Authorization: The encoded basic authorization + :resheader Content-Type: this depends on :mailheader:`Accept` header of request + :statuscode 200: user successfully logged in + :statuscode 401: authorization failed + :statuscode 404: user doesn't exist diff --git a/server/documentation/conf.py b/server/documentation/conf.py index ffd5639..900cd8b 100644 --- a/server/documentation/conf.py +++ b/server/documentation/conf.py @@ -39,6 +39,7 @@ release = '2018.8.1' # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # ones. extensions = [ + 'sphinxcontrib.httpdomain' ] # Add any paths that contain templates here, relative to this directory. diff --git a/server/documentation/index.rst b/server/documentation/index.rst index 42b57fb..ebf6edf 100644 --- a/server/documentation/index.rst +++ b/server/documentation/index.rst @@ -10,11 +10,11 @@ Welcome to Atheneum's documentation! :maxdepth: 2 :caption: Contents: - + introduction + api/index Indices and tables ================== * :ref:`genindex` -* :ref:`modindex` * :ref:`search` diff --git a/server/documentation/introduction.rst b/server/documentation/introduction.rst new file mode 100644 index 0000000..15061b5 --- /dev/null +++ b/server/documentation/introduction.rst @@ -0,0 +1,4 @@ +Introduction To Atheneum +======================== + +TODO diff --git a/server/manage.py b/server/manage.py index 5604d12..bc08d54 100644 --- a/server/manage.py +++ b/server/manage.py @@ -56,7 +56,7 @@ def register_user( if existing_user is None: user_password = password if password else ''.join( random.choices(string.ascii_letters + string.digits, k=24)) - new_user = user_service.register(name, user_password, role) + new_user = user_service.register(name, user_password, role, False) logging.warning( 'Created new user: \'%s\' with password \'%s\' and role %s', new_user.name, diff --git a/server/run_tests.sh b/server/run_tests.sh index b3d6c89..92b6d41 100755 --- a/server/run_tests.sh +++ b/server/run_tests.sh @@ -6,7 +6,6 @@ set -x python3 --version python3 -m pip --version -python3 -m pipenv --version pylint --version mypy --version diff --git a/server/tests/api/test_authentication_api.py b/server/tests/api/test_authentication_api.py index b3d3341..ba1b5c0 100644 --- a/server/tests/api/test_authentication_api.py +++ b/server/tests/api/test_authentication_api.py @@ -19,4 +19,4 @@ def test_logout_happy_path(auth: AuthActions): auth.login() result = auth.logout() assert result.status_code == 200 - assert result.json is None + assert result.json['success'] diff --git a/server/tests/api/test_user_api.py b/server/tests/api/test_user_api.py index acb66d5..febd3a0 100644 --- a/server/tests/api/test_user_api.py +++ b/server/tests/api/test_user_api.py @@ -64,6 +64,25 @@ def test_register_user_happy_path(auth: AuthActions, client: FlaskClient): assert result.json['name'] == 'test_registered_user' +def test_register_user_invalid_password( + auth: AuthActions, client: FlaskClient): + auth.login() + auth_header = auth.get_authorization_header_token() + result = client.post( + '/user/', + data=json.dumps({ + 'name': 'test_registered_user', + 'password': '' + }), + headers={ + auth_header[0]: auth_header[1], + 'Content-Type': 'application/json' + }) + assert 400 == result.status_code + assert result.json is not None + assert 'message' in result.json + + def test_register_user_twice_failure(auth: AuthActions, client: FlaskClient): auth.login() auth_header = auth.get_authorization_header_token() @@ -91,3 +110,28 @@ def test_register_user_twice_failure(auth: AuthActions, client: FlaskClient): assert 400 == result2.status_code assert result2.json is not None assert result2.json['message'] == 'User name is already taken.' + + +def test_delete_user_happy_path(auth: AuthActions, client: FlaskClient): + auth.login() + auth_header = auth.get_authorization_header_token() + result1 = client.post( + '/user/', + data=json.dumps({ + 'name': 'test_registered_user' + }), + headers={ + auth_header[0]: auth_header[1], + 'Content-Type': 'application/json' + }) + result2 = client.delete( + '/user/'+result1.json['name'], + headers={ + auth_header[0]: auth_header[1] + }) + assert 200 == result1.status_code + assert result1.json is not None + assert result1.json['name'] == 'test_registered_user' + assert 200 == result2.status_code + assert result2.json is not None + assert 'message' in result2.json diff --git a/server/tests/conftest.py b/server/tests/conftest.py index 9b6310d..243f02b 100644 --- a/server/tests/conftest.py +++ b/server/tests/conftest.py @@ -21,7 +21,7 @@ def add_test_user() -> Tuple[str, str]: random.choices(string.ascii_letters + string.digits, k=17)).strip() test_password = ''.join( random.choices(string.ascii_letters + string.digits, k=32)).strip() - user_service.register(test_username, test_password, User.ROLE_ADMIN) + user_service.register(test_username, test_password, User.ROLE_ADMIN, False) return test_username, test_password diff --git a/server/tests/service/test_patch_service.py b/server/tests/service/test_patch_service.py index 63adda7..a0d0a12 100644 --- a/server/tests/service/test_patch_service.py +++ b/server/tests/service/test_patch_service.py @@ -3,6 +3,7 @@ from datetime import datetime, timedelta import pytest from mock import MagicMock, patch +from atheneum import errors from atheneum.model import UserToken, User from atheneum.service import patch_service, role_service @@ -38,7 +39,7 @@ def test_patch_of_different_types(): user = User() user_token = UserToken() - with pytest.raises(ValueError) as error_info: + with pytest.raises(errors.ValidationError) as error_info: patch_service.patch(request_user, user, user_token) @@ -52,7 +53,7 @@ def test_patch_different_ids(): user2 = User() user2.id = 2 - with pytest.raises(ValueError) as error_info: + with pytest.raises(errors.ValidationError) as error_info: patch_service.patch(request_user, user1, user2) @@ -66,7 +67,7 @@ def test_patch_different_versions(): user2 = User() user2.version = 2 - with pytest.raises(ValueError) as error_info: + with pytest.raises(errors.ValidationError) as error_info: patch_service.patch(request_user, user1, user2) @@ -82,5 +83,5 @@ def test_patch_restricted_attributes(): user2.version = 1 user2.name = 'Chris' - with pytest.raises(ValueError) as error_info: + with pytest.raises(errors.ValidationError) as error_info: patch_service.patch(request_user, user1, user2)