From d405e0417812835c9dc1766cddc92482240cdbd5 Mon Sep 17 00:00:00 2001 From: Sam Date: Fri, 22 Jan 2021 13:28:39 +0000 Subject: [PATCH] working tests for geo app --- companies/tests.py | 3 +- geo/tests.py | 501 +++++++++++++++++++++++++++------------------ 2 files changed, 300 insertions(+), 204 deletions(-) diff --git a/companies/tests.py b/companies/tests.py index 20c474c..9a4a264 100644 --- a/companies/tests.py +++ b/companies/tests.py @@ -11,8 +11,7 @@ from companies.factories import CompanyFactory from companies.models import Company from core.factories import CustomUserFactory - -from core.utils import get_auth_token, create_active_user, get_tokens_for_user +from core.utils import get_tokens_for_user # Create your tests here. diff --git a/geo/tests.py b/geo/tests.py index 5d44fc0..b267a05 100644 --- a/geo/tests.py +++ b/geo/tests.py @@ -1,5 +1,7 @@ import random import datetime +import string +import json from django.urls import reverse from django.test import TestCase @@ -9,6 +11,7 @@ from rest_framework.test import APITestCase from rest_framework import status from core.factories import CustomUserFactory +from core.utils import get_tokens_for_user from . import models from . import factories @@ -107,7 +110,7 @@ class CityTest(TestCase): # Define instance data data = { 'name': 'city name _test_ data', - 'region': factories.RegionFactory(), + 'province': factories.ProvinceFactory(), } # Create instance @@ -130,17 +133,20 @@ class CountryViewSetTest(APITestCase): self.endpoint = '/api/v1/countries/' self.factory = factories.CountryFactory self.model = models.Country + # create user + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.user = CustomUserFactory(password=self.password) - def test_not_logged_user_cannot_create_country(self): + def test_anon_user_cannot_create_country(self): """Not logged-in user cannot create new country """ # Query endpoint response = self.client.post(self.endpoint, data={}) # Assert access is forbidden - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) - def test_not_logged_user_cannot_modify_existing_country(self): + def test_anon_user_cannot_modify_existing_country(self): """Not logged-in user cannot modify existing country """ # Create instance @@ -151,9 +157,9 @@ class CountryViewSetTest(APITestCase): response = self.client.put(url, {}, format='json') # Assert forbidden code - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) - def test_not_logged_user_cannot_delete_existing_country(self): + def test_anon_user_cannot_delete_existing_country(self): """Not logged-in user cannot delete existing country """ # Create instances @@ -166,100 +172,83 @@ class CountryViewSetTest(APITestCase): # Assert instance still exists on db self.assertTrue(self.model.objects.get(id=instance.pk)) - def test_not_logged_user_cannot_list_country(self): + def test_anon_user_can_list_country(self): """Not logged-in user can't read country """ # Request list - # url = reverse(self.endpoint+'list') response = self.client.get(self.endpoint) # Assert access is forbidden - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(response.status_code, status.HTTP_200_OK) - def test_logged_user_can_list_country(self): + def test_auth_user_can_list_country(self): """Regular logged-in user can list country """ # Create instances - user = CustomUserFactory() instances = [self.factory() for n in range(random.randint(1,5))] # Authenticate user - user.db = 'default' - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Request list response = self.client.get(self.endpoint) # Assert access is allowed self.assertEqual(response.status_code, status.HTTP_200_OK) - # Assert all instances are returned - self.assertEqual(len(instances), len(response.data['results'])) + self.assertEqual(len(instances), len(response.data)) - def test_logged_user_can_create_country(self): + def test_auth_user_cannot_create_country(self): """Regular logged-in user can create new country """ - # Define request data - data = { - 'name': 'country name _test_ data', - } # Authenticate user - user = CustomUserFactory() - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint - response = self.client.post(self.endpoint, data=data) - # Assert endpoint returns created status - self.assertEqual(response.status_code, status.HTTP_201_CREATED) + response = self.client.post(self.endpoint, data={}) - # Assert instance exists on db - self.assertTrue(self.model.objects.get(id=response.data['id'])) + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_logged_user_can_modify_existing_country(self): + def test_auth_user_cannot_modify_existing_country(self): """Regular logged-in user can modify existing country """ # Create instances instance = self.factory() - # Define request data - data = { - 'name': 'country name _test_ data', - } - - # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) - # Query endpoint url = self.endpoint + f'{instance.pk}/' - response = self.client.put(url, data=data, format='json') - # Assert endpoint returns OK code - self.assertEqual(response.status_code, status.HTTP_200_OK) - # Assert instance has been modified - for key in data: - self.assertEqual(data[key], response.data[key]) + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") - def test_logged_user_can_delete_existing_country(self): + # Query endpoint + response = self.client.post(url, data={}) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_auth_user_cannot_delete_existing_country(self): """Regular logged-in user can delete existing country """ # Create instances instance = self.factory() # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint url = self.endpoint + f'{instance.pk}/' - response = self.client.delete(url) - # assert 204 no content - self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) - # Assert instance doesn't exists anymore on db - self.assertFalse(self.model.objects.filter(id=instance.pk).exists()) + # Query endpoint + response = self.client.post(url, data={}) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) class RegionViewSetTest(APITestCase): @@ -269,143 +258,265 @@ class RegionViewSetTest(APITestCase): def setUp(self): """Tests setup """ - self.endpoint = 'api-v1:region-' + self.endpoint = '/api/v1/regions/' self.factory = factories.RegionFactory self.model = models.Region + # create user + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.user = CustomUserFactory(password=self.password) - def test_not_logged_user_cannot_create_region(self): + def test_not_logged_user_cannot_create_instance(self): """Not logged-in user cannot create new region """ # Query endpoint - url = reverse(self.endpoint+'list') - response = self.client.post(url, data={}) + response = self.client.post(self.endpoint, data={}) # Assert access is forbidden - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) - def test_not_logged_user_cannot_modify_existing_region(self): + def test_not_logged_user_cannot_modify_existing_instance(self): """Not logged-in user cannot modify existing region """ # Create instance instance = self.factory() # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) + url = f"{self.endpoint}{instance.pk}/" response = self.client.put(url, {}, format='json') # Assert forbidden code - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) - def test_not_logged_user_cannot_delete_existing_region(self): + def test_not_logged_user_cannot_delete_existing_instance(self): """Not logged-in user cannot delete existing region """ # Create instances instance = self.factory() # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) + url = f"{self.endpoint}{instance.pk}" response = self.client.delete(url) + # assert response status code + self.assertEqual(response.status_code, status.HTTP_301_MOVED_PERMANENTLY) # Assert instance still exists on db self.assertTrue(self.model.objects.get(id=instance.pk)) - def test_not_logged_user_cant_list_region(self): - """Not logged-in user can't read region - """ - # Request list - url = reverse(self.endpoint+'list') - response = self.client.get(url) - - # Assert access is forbidden - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_logged_user_can_list_region(self): - """Regular logged-in user can list region + def test_not_logged_user_can_list_instance(self): + """Not logged-in user can list instances """ # Create instances - user = TenantUserFactory() instances = [self.factory() for n in range(random.randint(1,5))] - - # Authenticate user - user.db = 'default' - self.client.force_authenticate(user=user) - # Request list - url = reverse(self.endpoint+'list') - response = self.client.get(url) + response = self.client.get(self.endpoint) # Assert access is allowed self.assertEqual(response.status_code, status.HTTP_200_OK) # Assert all instances are returned - self.assertEqual(len(instances), len(response.data['results'])) + self.assertEqual(len(instances), len(response.data)) - def test_logged_user_can_create_region(self): - """Regular logged-in user can create new region + def test_logged_user_can_list_instances(self): + """Regular logged-in user can list instances """ - # Define request data - data = { - 'name': 'country name _test_ data', - 'country': factories.CountryFactory().pk, - } + # Create instances + instances = [self.factory() for n in range(random.randint(1,5))] # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Request list + response = self.client.get(self.endpoint) + + # Assert access is allowed + self.assertEqual(response.status_code, status.HTTP_200_OK) + # Assert all instances are returned + self.assertEqual(len(instances), len(response.data)) + + def test_logged_user_cannot_create_instance(self): + """Regular logged-in user can create new region + """ + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint - url = reverse(self.endpoint+'list') - response = self.client.post(url, data=data) + response = self.client.post(self.endpoint, data={}) - # Assert endpoint returns created status - self.assertEqual(response.status_code, status.HTTP_201_CREATED) + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - # Assert instance exists on db - self.assertTrue(self.model.objects.get(id=response.data['id'])) - - def test_logged_user_can_modify_existing_region(self): + def test_logged_user_cannot_modify_existing_instance(self): """Regular logged-in user can modify existing region """ # Create instances instance = self.factory() - # Define request data - data = { - 'name': 'country name _test_ data', - 'country': factories.CountryFactory().pk, - } + # Query endpoint + url = self.endpoint + f'{instance.pk}/' # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) - response = self.client.put(url, data, format='json') - # Assert endpoint returns OK code - self.assertEqual(response.status_code, status.HTTP_200_OK) + response = self.client.post(url, data={}) - def test_logged_user_can_delete_existing_region(self): + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_logged_user_cannot_delete_existing_instance(self): """Regular logged-in user can delete existing region """ # Create instances instance = self.factory() # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) + url = self.endpoint + f'{instance.pk}/' + # Query endpoint + response = self.client.post(url, data={}) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + +class ProvinceViewSetTest(APITestCase): + """Province viewset tests + """ + + def setUp(self): + """Tests setup + """ + self.endpoint = '/api/v1/provinces/' + self.factory = factories.ProvinceFactory + self.model = models.Province + # create user + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.user = CustomUserFactory(password=self.password) + + def test_not_logged_user_cannot_create_instance(self): + """Not logged-in user cannot create new instance + """ + # Query endpoint + response = self.client.post(self.endpoint, data={}) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) + + def test_not_logged_user_cannot_modify_existing_instance(self): + """Not logged-in user cannot modify existing instance + """ + # Create instance + instance = self.factory() + + # Query endpoint + url = f"{self.endpoint}{instance.pk}/" + response = self.client.put(url, {}, format='json') + + # Assert forbidden code + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) + + def test_not_logged_user_cannot_delete_existing_instance(self): + """Not logged-in user cannot delete existing instance + """ + # Create instances + instance = self.factory() + + # Query endpoint + url = f"{self.endpoint}{instance.pk}" response = self.client.delete(url) - # assert 204 no content - self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) - # Assert instance not exists anymore on db - self.assertFalse(self.model.objects.filter(id=instance.pk).exists()) + # assert response status code + self.assertEqual(response.status_code, status.HTTP_301_MOVED_PERMANENTLY) + # Assert instance still exists on db + self.assertTrue(self.model.objects.get(id=instance.pk)) + + def test_not_logged_user_can_list_instance(self): + """Not logged-in user can list instances + """ + # Create instances + instances = [self.factory() for n in range(random.randint(1,5))] + # Request list + response = self.client.get(self.endpoint) + + # Assert access is allowed + self.assertEqual(response.status_code, status.HTTP_200_OK) + + # Assert all instances are returned + self.assertEqual(len(instances), len(response.data)) + + def test_logged_user_can_list_instances(self): + """Regular logged-in user can list instances + """ + # Create instances + instances = [self.factory() for n in range(random.randint(1,5))] + + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Request list + response = self.client.get(self.endpoint) + + # Assert access is allowed + self.assertEqual(response.status_code, status.HTTP_200_OK) + # Assert all instances are returned + self.assertEqual(len(instances), len(response.data)) + + def test_logged_user_cannot_create_instance(self): + """Regular logged-in user can create new instance + """ + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Query endpoint + response = self.client.post(self.endpoint, data={}) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_logged_user_cannot_modify_existing_instance(self): + """Regular logged-in user can modify existing instance + """ + # Create instances + instance = self.factory() + + # Query endpoint + url = self.endpoint + f'{instance.pk}/' + + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Query endpoint + response = self.client.post(url, data={}) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_logged_user_cannot_delete_existing_instance(self): + """Regular logged-in user can delete existing instance + """ + # Create instances + instance = self.factory() + + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Query endpoint + url = self.endpoint + f'{instance.pk}/' + # Query endpoint + response = self.client.post(url, data={}) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) class CityViewSetTest(APITestCase): @@ -415,19 +526,21 @@ class CityViewSetTest(APITestCase): def setUp(self): """Tests setup """ - self.endpoint = 'api-v1:city-' + self.endpoint = '/api/v1/cities/' self.factory = factories.CityFactory self.model = models.City + # create user + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.user = CustomUserFactory(password=self.password) def test_not_logged_user_cannot_create_city(self): """Not logged-in user cannot create new city """ # Query endpoint - url = reverse(self.endpoint+'list') - response = self.client.post(url, data={}) + response = self.client.post(self.endpoint, data={}) # Assert access is forbidden - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_not_logged_user_cannot_modify_existing_city(self): """Not logged-in user cannot modify existing city @@ -436,11 +549,11 @@ class CityViewSetTest(APITestCase): instance = self.factory() # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) + url = f"{self.endpoint}{instance.pk}/" response = self.client.put(url, {}, format='json') # Assert forbidden code - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_not_logged_user_cannot_delete_existing_city(self): """Not logged-in user cannot delete existing city @@ -449,107 +562,91 @@ class CityViewSetTest(APITestCase): instance = self.factory() # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) + url = f"{self.endpoint}{instance.pk}/" response = self.client.delete(url) # Assert instance still exists on db self.assertTrue(self.model.objects.get(id=instance.pk)) - def test_not_logged_user_cant_list_city(self): + def test_not_logged_user_can_list_city(self): """Not logged-in user can't read city """ + # Create instances + instances = [self.factory() for n in range(random.randint(1,5))] + # Request list - url = reverse(self.endpoint+'list') - response = self.client.get(url) + response = self.client.get(self.endpoint) + + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_200_OK) + # Assert all instances are returned + self.assertEqual(len(instances), len(response.data)) + + def test_logged_user_can_list_instances(self): + """Regular logged-in user can list instances + """ + # Create instances + instances = [self.factory() for n in range(random.randint(1,5))] + + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Request list + response = self.client.get(self.endpoint) + + # Assert access is allowed + self.assertEqual(response.status_code, status.HTTP_200_OK) + # Assert all instances are returned + self.assertEqual(len(instances), len(response.data)) + + def test_logged_user_cannot_create_instance(self): + """Regular logged-in user can create new instance + """ + # Authenticate user + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Query endpoint + response = self.client.post(self.endpoint, data={}) # Assert access is forbidden self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_logged_user_can_list_city(self): - """Regular logged-in user can list city - """ - # Create instances - user = TenantUserFactory() - instances = [self.factory() for n in range(random.randint(1,5))] - - # Authenticate user - user.db = 'default' - self.client.force_authenticate(user=user) - - # Request list - url = reverse(self.endpoint+'list') - response = self.client.get(url) - - # Assert access is allowed - self.assertEqual(response.status_code, status.HTTP_200_OK) - - # Assert all instances are returned - self.assertEqual(len(instances), len(response.data['results'])) - - def test_logged_user_can_create_city(self): - """Regular logged-in user can create new city - """ - # Define request data - data = { - 'name': 'country name _test_ data', - 'region': factories.RegionFactory().pk, - } - - # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) - - # Query endpoint - url = reverse(self.endpoint+'list') - response = self.client.post(url, data=data) - # Assert endpoint returns created status - self.assertEqual(response.status_code, status.HTTP_201_CREATED) - - # Assert instance exists on db - self.assertTrue(self.model.objects.get(id=response.data['id'])) - - def test_logged_user_can_modify_existing_city(self): - """Regular logged-in user can modify existing citycity + def test_logged_user_cannot_modify_existing_instance(self): + """Regular logged-in user can modify existing instance """ # Create instances instance = self.factory() - # Define request data - data = { - 'name': 'country name _test_ data', - 'region': factories.RegionFactory().pk, - } + # Query endpoint + url = self.endpoint + f'{instance.pk}/' # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) - response = self.client.put(url, data, format='json') + response = self.client.post(url, data={}) - # Assert endpoint returns OK code - self.assertEqual(response.status_code, status.HTTP_200_OK) + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_logged_user_can_delete_existing_city(self): - """Regular logged-in user can delete existing city + def test_logged_user_cannot_delete_existing_instance(self): + """Regular logged-in user can delete existing instance """ # Create instances instance = self.factory() # Authenticate user - user = TenantUserFactory() - user.db = 'default' - self.client.force_authenticate(user=user) + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") # Query endpoint - url = reverse(self.endpoint+'detail', args=[instance.pk]) - response = self.client.delete(url) + url = self.endpoint + f'{instance.pk}/' + # Query endpoint + response = self.client.post(url, data={}) - # Assert 204 no content - self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) - # Assert instance doesn't exists on db anymore - self.assertFalse(self.model.objects.filter(id=instance.pk).exists()) + # Assert access is forbidden + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)