From 69b2fccac60e304d7e0bbed1992095ef2ae9b99e Mon Sep 17 00:00:00 2001
From: Sander Roosendaal <sanderroosendaal@proton.me>
Date: Tue, 3 Dec 2024 23:21:26 +0100
Subject: [PATCH] passing basic new tests

---
 rowers/dataprep.py           |  5 ++-
 rowers/tests/test_api.py     | 83 ++++++++++++++++++++++++++++++------
 rowers/views/workoutviews.py |  2 +-
 3 files changed, 76 insertions(+), 14 deletions(-)

diff --git a/rowers/dataprep.py b/rowers/dataprep.py
index 8d6ed877..bfd4921a 100644
--- a/rowers/dataprep.py
+++ b/rowers/dataprep.py
@@ -1304,8 +1304,11 @@ def save_workout_database(f2, r, dosmooth=True, workouttype='rower',
 
     if makeprivate:  # pragma: no cover
         privacy = 'hidden'
-    else:
+    elif workoutsource != 'strava':
         privacy = 'visible'
+    else:
+        privacy = 'hidden'
+        
 
     # checking for inf values
 
diff --git a/rowers/tests/test_api.py b/rowers/tests/test_api.py
index d120c8b2..aaccbaa2 100644
--- a/rowers/tests/test_api.py
+++ b/rowers/tests/test_api.py
@@ -22,6 +22,9 @@ from rowers.opaque import encoder
 
 from rest_framework.test import APIRequestFactory, force_authenticate
 
+UPLOAD_SERVICE_URL = '/rowers/workout/api/upload/'
+UPLOAD_SERVICE_SECRET = "FoYezZWLSyfAVimumpHEeYsJjsNCerxV"
+
 import json
 
 # import BeautifulSoup
@@ -60,11 +63,6 @@ class StravaPrivacy(TestCase):
         self.r.save()
 
         self.c = Client()
-        self.user_workouts = WorkoutFactory.create_batch(5, user=self.r)
-        for w in self.user_workouts:
-            w.workoutsource = 'strava'
-            w.privacy = 'hidden'
-            w.save()
 
         self.factory = RequestFactory()
         self.password = faker.word()
@@ -101,6 +99,17 @@ class StravaPrivacy(TestCase):
         add_member(self.team.id, self.r2)
         add_member(self.team.id, self.r3)
 
+        self.user_workouts = WorkoutFactory.create_batch(5, user=self.r)
+        for w in self.user_workouts:
+            if w.id <= 3:
+                w.workoutsource = 'strava'
+                w.privacy = 'hidden'
+            else:
+                w.workoutsource = 'concept2'
+                w.privacy = 'visible'
+            w.team.add(self.team)
+            w.save()
+
         # r2 coaches r
         add_coach(self.r2, self.r)
 
@@ -178,7 +187,7 @@ class StravaPrivacy(TestCase):
         workouts = set([w for w in workouts if w not in [
             'upload', 'addmanual', 'c2import', 'polarimport', 'rp3import', 'nkimport', 'stravaimport', 'concept2import', 'sporttracksimport']])
         
-        self.assertEqual(len(workouts),0)
+        self.assertEqual(len(workouts),2)
 
     # same test as the previous one but with self.r2 and the number of workouts found should 0
     def test_list_workouts_team_coach(self):
@@ -199,7 +208,7 @@ class StravaPrivacy(TestCase):
         workouts = set([w for w in workouts if w not in [
             'upload', 'addmanual', 'c2import', 'polarimport', 'rp3import', 'nkimport', 'stravaimport', 'concept2import', 'sporttracksimport']])
         
-        self.assertEqual(len(workouts),0)
+        self.assertEqual(len(workouts),2)
 
     # same test as the previous one but with self.r3 and the number of workouts found should 0
     def test_list_workouts_team_member(self):
@@ -220,7 +229,7 @@ class StravaPrivacy(TestCase):
         workouts = set([w for w in workouts if w not in [
             'upload', 'addmanual', 'c2import', 'polarimport', 'rp3import', 'nkimport', 'stravaimport', 'concept2import', 'sporttracksimport']])
         
-        self.assertEqual(len(workouts),0)
+        self.assertEqual(len(workouts),2)
 
     # now test strava import and test if the created workout has workoutsource strava and privacy hidden
     @patch('rowers.utils.requests.get', side_effect=mocked_requests)
@@ -233,10 +242,10 @@ class StravaPrivacy(TestCase):
         # remove all self.workouts
         Workout.objects.filter(user=self.r).delete()
 
-        # get the strava data like in test_strava_import in test_imports.py
-        response = self.c.get('/rowers/workout/stravaimport/12', follow=True)
-        expected_url = reverse('workout_import_view', kwargs={'source':'strava'})
-        self.assertRedirects(response, expected_url, status_code=301, target_status_code=200)
+        # create a workout using dataprep.new_workout_from_file with workoutsource = strava
+        result = get_random_file(filename='rowers/tests/testdata/thyro.csv')
+        workout_id, message, filename = dataprep.new_workout_from_file(self.r, result['filename'],
+                                                                       workoutsource='strava', makeprivate=True)
 
         # check if the workout was created
         ws = Workout.objects.filter(user=self.r)
@@ -245,6 +254,56 @@ class StravaPrivacy(TestCase):
         self.assertEqual(w.workoutsource,'strava')
         self.assertEqual(w.privacy,'hidden')
 
+    # same as test above but makeprivate = False
+    @patch('rowers.utils.requests.get', side_effect=mocked_requests)
+    @patch('rowers.integrations.strava.requests.post', side_effect=mocked_requests)
+    @patch('rowers.dataprep.read_data')
+    def test_stravaimport_public(self, mock_get, mock_post, mocked_read_data):
+        login = self.c.login(username=self.u.username, password=self.password)
+        self.assertTrue(login)
+
+        # remove all self.workouts
+        Workout.objects.filter(user=self.r).delete()
+
+        # create a workout using dataprep.new_workout_from_file with workoutsource = strava
+        result = get_random_file(filename='rowers/tests/testdata/thyro.csv')
+        workout_id, message, filename = dataprep.new_workout_from_file(self.r, result['filename'],
+                                                                       workoutsource='strava', makeprivate=False)
+
+        # check if the workout was created
+        ws = Workout.objects.filter(user=self.r)
+        self.assertEqual(len(ws),1)
+        w = ws[0]
+        self.assertEqual(w.workoutsource,'strava')
+        self.assertEqual(w.privacy,'hidden')
+
+
+    # test ownapi with stravaid = '122'
+    def test_ownapi(self):
+        # remove all self.workouts
+        Workout.objects.filter(user=self.r).delete()
+        
+        result = get_random_file(filename='rowers/tests/testdata/thyro.csv')
+        uploadoptions = {
+            'workouttype': 'water',
+            'boattype': '1x',
+            'notes': 'A test file upload',
+            'stravaid': '122',
+            'secret': UPLOAD_SERVICE_SECRET,
+            'user': self.u.id,
+            'file': result['filename'],
+        }
+        url = reverse('workout_upload_api')
+        response = self.c.post(url, uploadoptions)
+        self.assertEqual(response.status_code,200)
+
+        # check if the workout was created
+        ws = Workout.objects.filter(user=self.r)
+        self.assertEqual(len(ws),1)
+        w = ws[0]
+        self.assertEqual(w.workoutsource,'strava')
+        self.assertEqual(w.privacy,'hidden')
+               
         
     
 
diff --git a/rowers/views/workoutviews.py b/rowers/views/workoutviews.py
index eb0aed30..063e4751 100644
--- a/rowers/views/workoutviews.py
+++ b/rowers/views/workoutviews.py
@@ -4934,7 +4934,7 @@ def workout_upload_api(request):
 
     # only allow local host
     hostt = request.get_host().split(':')
-    if hostt[0] not in ['localhost', '127.0.0.1', 'dev.rowsandall.com', 'rowsandall.com']:
+    if hostt[0] not in ['localhost', '127.0.0.1', 'dev.rowsandall.com', 'rowsandall.com','testserver']:
         message = {'status': 'false',
                    'message': 'permission denied for host '+hostt[0]}
         return JSONResponse(status=403, data=message)