working tests for geo app
This commit is contained in:
Sam
@@ -11,8 +11,7 @@ from companies.factories import CompanyFactory
|
|||||||
from companies.models import Company
|
from companies.models import Company
|
||||||
|
|
||||||
from core.factories import CustomUserFactory
|
from core.factories import CustomUserFactory
|
||||||
|
from core.utils import get_tokens_for_user
|
||||||
from core.utils import get_auth_token, create_active_user, get_tokens_for_user
|
|
||||||
|
|
||||||
|
|
||||||
# Create your tests here.
|
# Create your tests here.
|
||||||
|
|||||||
501
geo/tests.py
501
geo/tests.py
@@ -1,5 +1,7 @@
|
|||||||
import random
|
import random
|
||||||
import datetime
|
import datetime
|
||||||
|
import string
|
||||||
|
import json
|
||||||
|
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
@@ -9,6 +11,7 @@ from rest_framework.test import APITestCase
|
|||||||
from rest_framework import status
|
from rest_framework import status
|
||||||
|
|
||||||
from core.factories import CustomUserFactory
|
from core.factories import CustomUserFactory
|
||||||
|
from core.utils import get_tokens_for_user
|
||||||
|
|
||||||
from . import models
|
from . import models
|
||||||
from . import factories
|
from . import factories
|
||||||
@@ -107,7 +110,7 @@ class CityTest(TestCase):
|
|||||||
# Define instance data
|
# Define instance data
|
||||||
data = {
|
data = {
|
||||||
'name': 'city name _test_ data',
|
'name': 'city name _test_ data',
|
||||||
'region': factories.RegionFactory(),
|
'province': factories.ProvinceFactory(),
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create instance
|
# Create instance
|
||||||
@@ -130,17 +133,20 @@ class CountryViewSetTest(APITestCase):
|
|||||||
self.endpoint = '/api/v1/countries/'
|
self.endpoint = '/api/v1/countries/'
|
||||||
self.factory = factories.CountryFactory
|
self.factory = factories.CountryFactory
|
||||||
self.model = models.Country
|
self.model = models.Country
|
||||||
|
# create user
|
||||||
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
||||||
|
self.user = CustomUserFactory(password=self.password)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_create_country(self):
|
def test_anon_user_cannot_create_country(self):
|
||||||
"""Not logged-in user cannot create new country
|
"""Not logged-in user cannot create new country
|
||||||
"""
|
"""
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
response = self.client.post(self.endpoint, data={})
|
response = self.client.post(self.endpoint, data={})
|
||||||
|
|
||||||
# Assert access is forbidden
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_modify_existing_country(self):
|
def test_anon_user_cannot_modify_existing_country(self):
|
||||||
"""Not logged-in user cannot modify existing country
|
"""Not logged-in user cannot modify existing country
|
||||||
"""
|
"""
|
||||||
# Create instance
|
# Create instance
|
||||||
@@ -151,9 +157,9 @@ class CountryViewSetTest(APITestCase):
|
|||||||
response = self.client.put(url, {}, format='json')
|
response = self.client.put(url, {}, format='json')
|
||||||
|
|
||||||
# Assert forbidden code
|
# Assert forbidden code
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_delete_existing_country(self):
|
def test_anon_user_cannot_delete_existing_country(self):
|
||||||
"""Not logged-in user cannot delete existing country
|
"""Not logged-in user cannot delete existing country
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
@@ -166,100 +172,83 @@ class CountryViewSetTest(APITestCase):
|
|||||||
# Assert instance still exists on db
|
# Assert instance still exists on db
|
||||||
self.assertTrue(self.model.objects.get(id=instance.pk))
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
||||||
|
|
||||||
def test_not_logged_user_cannot_list_country(self):
|
def test_anon_user_can_list_country(self):
|
||||||
"""Not logged-in user can't read country
|
"""Not logged-in user can't read country
|
||||||
"""
|
"""
|
||||||
# Request list
|
# Request list
|
||||||
# url = reverse(self.endpoint+'list')
|
|
||||||
response = self.client.get(self.endpoint)
|
response = self.client.get(self.endpoint)
|
||||||
|
|
||||||
# Assert access is forbidden
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
def test_logged_user_can_list_country(self):
|
def test_auth_user_can_list_country(self):
|
||||||
"""Regular logged-in user can list country
|
"""Regular logged-in user can list country
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
user = CustomUserFactory()
|
|
||||||
instances = [self.factory() for n in range(random.randint(1,5))]
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user.db = 'default'
|
token = get_tokens_for_user(self.user)
|
||||||
self.client.force_authenticate(user=user)
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
# Request list
|
# Request list
|
||||||
response = self.client.get(self.endpoint)
|
response = self.client.get(self.endpoint)
|
||||||
|
|
||||||
# Assert access is allowed
|
# Assert access is allowed
|
||||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
# Assert all instances are returned
|
# Assert all instances are returned
|
||||||
self.assertEqual(len(instances), len(response.data['results']))
|
self.assertEqual(len(instances), len(response.data))
|
||||||
|
|
||||||
def test_logged_user_can_create_country(self):
|
def test_auth_user_cannot_create_country(self):
|
||||||
"""Regular logged-in user can create new country
|
"""Regular logged-in user can create new country
|
||||||
"""
|
"""
|
||||||
# Define request data
|
|
||||||
data = {
|
|
||||||
'name': 'country name _test_ data',
|
|
||||||
}
|
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user = CustomUserFactory()
|
token = get_tokens_for_user(self.user)
|
||||||
self.client.force_authenticate(user=user)
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
response = self.client.post(self.endpoint, data=data)
|
response = self.client.post(self.endpoint, data={})
|
||||||
# Assert endpoint returns created status
|
|
||||||
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
|
||||||
|
|
||||||
# Assert instance exists on db
|
# Assert access is forbidden
|
||||||
self.assertTrue(self.model.objects.get(id=response.data['id']))
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
def test_logged_user_can_modify_existing_country(self):
|
def test_auth_user_cannot_modify_existing_country(self):
|
||||||
"""Regular logged-in user can modify existing country
|
"""Regular logged-in user can modify existing country
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Define request data
|
|
||||||
data = {
|
|
||||||
'name': 'country name _test_ data',
|
|
||||||
}
|
|
||||||
|
|
||||||
# Authenticate user
|
|
||||||
user = TenantUserFactory()
|
|
||||||
user.db = 'default'
|
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = self.endpoint + f'{instance.pk}/'
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
response = self.client.put(url, data=data, format='json')
|
|
||||||
# Assert endpoint returns OK code
|
|
||||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
||||||
|
|
||||||
# Assert instance has been modified
|
# Authenticate user
|
||||||
for key in data:
|
token = get_tokens_for_user(self.user)
|
||||||
self.assertEqual(data[key], response.data[key])
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
def test_logged_user_can_delete_existing_country(self):
|
# Query endpoint
|
||||||
|
response = self.client.post(url, data={})
|
||||||
|
|
||||||
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
def test_auth_user_cannot_delete_existing_country(self):
|
||||||
"""Regular logged-in user can delete existing country
|
"""Regular logged-in user can delete existing country
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user = TenantUserFactory()
|
token = get_tokens_for_user(self.user)
|
||||||
user.db = 'default'
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = self.endpoint + f'{instance.pk}/'
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
response = self.client.delete(url)
|
# Query endpoint
|
||||||
# assert 204 no content
|
response = self.client.post(url, data={})
|
||||||
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
|
|
||||||
# Assert instance doesn't exists anymore on db
|
# Assert access is forbidden
|
||||||
self.assertFalse(self.model.objects.filter(id=instance.pk).exists())
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
|
||||||
class RegionViewSetTest(APITestCase):
|
class RegionViewSetTest(APITestCase):
|
||||||
@@ -269,143 +258,265 @@ class RegionViewSetTest(APITestCase):
|
|||||||
def setUp(self):
|
def setUp(self):
|
||||||
"""Tests setup
|
"""Tests setup
|
||||||
"""
|
"""
|
||||||
self.endpoint = 'api-v1:region-'
|
self.endpoint = '/api/v1/regions/'
|
||||||
self.factory = factories.RegionFactory
|
self.factory = factories.RegionFactory
|
||||||
self.model = models.Region
|
self.model = models.Region
|
||||||
|
# create user
|
||||||
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
||||||
|
self.user = CustomUserFactory(password=self.password)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_create_region(self):
|
def test_not_logged_user_cannot_create_instance(self):
|
||||||
"""Not logged-in user cannot create new region
|
"""Not logged-in user cannot create new region
|
||||||
"""
|
"""
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'list')
|
response = self.client.post(self.endpoint, data={})
|
||||||
response = self.client.post(url, data={})
|
|
||||||
|
|
||||||
# Assert access is forbidden
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_modify_existing_region(self):
|
def test_not_logged_user_cannot_modify_existing_instance(self):
|
||||||
"""Not logged-in user cannot modify existing region
|
"""Not logged-in user cannot modify existing region
|
||||||
"""
|
"""
|
||||||
# Create instance
|
# Create instance
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
url = f"{self.endpoint}{instance.pk}/"
|
||||||
response = self.client.put(url, {}, format='json')
|
response = self.client.put(url, {}, format='json')
|
||||||
|
|
||||||
# Assert forbidden code
|
# Assert forbidden code
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_delete_existing_region(self):
|
def test_not_logged_user_cannot_delete_existing_instance(self):
|
||||||
"""Not logged-in user cannot delete existing region
|
"""Not logged-in user cannot delete existing region
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
url = f"{self.endpoint}{instance.pk}"
|
||||||
response = self.client.delete(url)
|
response = self.client.delete(url)
|
||||||
|
|
||||||
|
# assert response status code
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_301_MOVED_PERMANENTLY)
|
||||||
# Assert instance still exists on db
|
# Assert instance still exists on db
|
||||||
self.assertTrue(self.model.objects.get(id=instance.pk))
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
||||||
|
|
||||||
def test_not_logged_user_cant_list_region(self):
|
def test_not_logged_user_can_list_instance(self):
|
||||||
"""Not logged-in user can't read region
|
"""Not logged-in user can list instances
|
||||||
"""
|
|
||||||
# Request list
|
|
||||||
url = reverse(self.endpoint+'list')
|
|
||||||
response = self.client.get(url)
|
|
||||||
|
|
||||||
# Assert access is forbidden
|
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
||||||
|
|
||||||
def test_logged_user_can_list_region(self):
|
|
||||||
"""Regular logged-in user can list region
|
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
user = TenantUserFactory()
|
|
||||||
instances = [self.factory() for n in range(random.randint(1,5))]
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
||||||
|
|
||||||
# Authenticate user
|
|
||||||
user.db = 'default'
|
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Request list
|
# Request list
|
||||||
url = reverse(self.endpoint+'list')
|
response = self.client.get(self.endpoint)
|
||||||
response = self.client.get(url)
|
|
||||||
|
|
||||||
# Assert access is allowed
|
# Assert access is allowed
|
||||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
# Assert all instances are returned
|
# Assert all instances are returned
|
||||||
self.assertEqual(len(instances), len(response.data['results']))
|
self.assertEqual(len(instances), len(response.data))
|
||||||
|
|
||||||
def test_logged_user_can_create_region(self):
|
def test_logged_user_can_list_instances(self):
|
||||||
"""Regular logged-in user can create new region
|
"""Regular logged-in user can list instances
|
||||||
"""
|
"""
|
||||||
# Define request data
|
# Create instances
|
||||||
data = {
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
||||||
'name': 'country name _test_ data',
|
|
||||||
'country': factories.CountryFactory().pk,
|
|
||||||
}
|
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user = TenantUserFactory()
|
token = get_tokens_for_user(self.user)
|
||||||
user.db = 'default'
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
# Request list
|
||||||
|
response = self.client.get(self.endpoint)
|
||||||
|
|
||||||
|
# Assert access is allowed
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
# Assert all instances are returned
|
||||||
|
self.assertEqual(len(instances), len(response.data))
|
||||||
|
|
||||||
|
def test_logged_user_cannot_create_instance(self):
|
||||||
|
"""Regular logged-in user can create new region
|
||||||
|
"""
|
||||||
|
# Authenticate user
|
||||||
|
token = get_tokens_for_user(self.user)
|
||||||
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'list')
|
response = self.client.post(self.endpoint, data={})
|
||||||
response = self.client.post(url, data=data)
|
|
||||||
|
|
||||||
# Assert endpoint returns created status
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
# Assert instance exists on db
|
def test_logged_user_cannot_modify_existing_instance(self):
|
||||||
self.assertTrue(self.model.objects.get(id=response.data['id']))
|
|
||||||
|
|
||||||
def test_logged_user_can_modify_existing_region(self):
|
|
||||||
"""Regular logged-in user can modify existing region
|
"""Regular logged-in user can modify existing region
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Define request data
|
# Query endpoint
|
||||||
data = {
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
'name': 'country name _test_ data',
|
|
||||||
'country': factories.CountryFactory().pk,
|
|
||||||
}
|
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user = TenantUserFactory()
|
token = get_tokens_for_user(self.user)
|
||||||
user.db = 'default'
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
response = self.client.post(url, data={})
|
||||||
response = self.client.put(url, data, format='json')
|
|
||||||
# Assert endpoint returns OK code
|
|
||||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
||||||
|
|
||||||
def test_logged_user_can_delete_existing_region(self):
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
def test_logged_user_cannot_delete_existing_instance(self):
|
||||||
"""Regular logged-in user can delete existing region
|
"""Regular logged-in user can delete existing region
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user = TenantUserFactory()
|
token = get_tokens_for_user(self.user)
|
||||||
user.db = 'default'
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
|
# Query endpoint
|
||||||
|
response = self.client.post(url, data={})
|
||||||
|
|
||||||
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
|
||||||
|
class ProvinceViewSetTest(APITestCase):
|
||||||
|
"""Province viewset tests
|
||||||
|
"""
|
||||||
|
|
||||||
|
def setUp(self):
|
||||||
|
"""Tests setup
|
||||||
|
"""
|
||||||
|
self.endpoint = '/api/v1/provinces/'
|
||||||
|
self.factory = factories.ProvinceFactory
|
||||||
|
self.model = models.Province
|
||||||
|
# create user
|
||||||
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
||||||
|
self.user = CustomUserFactory(password=self.password)
|
||||||
|
|
||||||
|
def test_not_logged_user_cannot_create_instance(self):
|
||||||
|
"""Not logged-in user cannot create new instance
|
||||||
|
"""
|
||||||
|
# Query endpoint
|
||||||
|
response = self.client.post(self.endpoint, data={})
|
||||||
|
|
||||||
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
|
def test_not_logged_user_cannot_modify_existing_instance(self):
|
||||||
|
"""Not logged-in user cannot modify existing instance
|
||||||
|
"""
|
||||||
|
# Create instance
|
||||||
|
instance = self.factory()
|
||||||
|
|
||||||
|
# Query endpoint
|
||||||
|
url = f"{self.endpoint}{instance.pk}/"
|
||||||
|
response = self.client.put(url, {}, format='json')
|
||||||
|
|
||||||
|
# Assert forbidden code
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
|
def test_not_logged_user_cannot_delete_existing_instance(self):
|
||||||
|
"""Not logged-in user cannot delete existing instance
|
||||||
|
"""
|
||||||
|
# Create instances
|
||||||
|
instance = self.factory()
|
||||||
|
|
||||||
|
# Query endpoint
|
||||||
|
url = f"{self.endpoint}{instance.pk}"
|
||||||
response = self.client.delete(url)
|
response = self.client.delete(url)
|
||||||
|
|
||||||
# assert 204 no content
|
# assert response status code
|
||||||
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
|
self.assertEqual(response.status_code, status.HTTP_301_MOVED_PERMANENTLY)
|
||||||
# Assert instance not exists anymore on db
|
# Assert instance still exists on db
|
||||||
self.assertFalse(self.model.objects.filter(id=instance.pk).exists())
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
||||||
|
|
||||||
|
def test_not_logged_user_can_list_instance(self):
|
||||||
|
"""Not logged-in user can list instances
|
||||||
|
"""
|
||||||
|
# Create instances
|
||||||
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
||||||
|
# Request list
|
||||||
|
response = self.client.get(self.endpoint)
|
||||||
|
|
||||||
|
# Assert access is allowed
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
|
# Assert all instances are returned
|
||||||
|
self.assertEqual(len(instances), len(response.data))
|
||||||
|
|
||||||
|
def test_logged_user_can_list_instances(self):
|
||||||
|
"""Regular logged-in user can list instances
|
||||||
|
"""
|
||||||
|
# Create instances
|
||||||
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
||||||
|
|
||||||
|
# Authenticate user
|
||||||
|
token = get_tokens_for_user(self.user)
|
||||||
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
|
# Request list
|
||||||
|
response = self.client.get(self.endpoint)
|
||||||
|
|
||||||
|
# Assert access is allowed
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
# Assert all instances are returned
|
||||||
|
self.assertEqual(len(instances), len(response.data))
|
||||||
|
|
||||||
|
def test_logged_user_cannot_create_instance(self):
|
||||||
|
"""Regular logged-in user can create new instance
|
||||||
|
"""
|
||||||
|
# Authenticate user
|
||||||
|
token = get_tokens_for_user(self.user)
|
||||||
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
|
# Query endpoint
|
||||||
|
response = self.client.post(self.endpoint, data={})
|
||||||
|
|
||||||
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
def test_logged_user_cannot_modify_existing_instance(self):
|
||||||
|
"""Regular logged-in user can modify existing instance
|
||||||
|
"""
|
||||||
|
# Create instances
|
||||||
|
instance = self.factory()
|
||||||
|
|
||||||
|
# Query endpoint
|
||||||
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
|
|
||||||
|
# Authenticate user
|
||||||
|
token = get_tokens_for_user(self.user)
|
||||||
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
|
# Query endpoint
|
||||||
|
response = self.client.post(url, data={})
|
||||||
|
|
||||||
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
def test_logged_user_cannot_delete_existing_instance(self):
|
||||||
|
"""Regular logged-in user can delete existing instance
|
||||||
|
"""
|
||||||
|
# Create instances
|
||||||
|
instance = self.factory()
|
||||||
|
|
||||||
|
# Authenticate user
|
||||||
|
token = get_tokens_for_user(self.user)
|
||||||
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
|
# Query endpoint
|
||||||
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
|
# Query endpoint
|
||||||
|
response = self.client.post(url, data={})
|
||||||
|
|
||||||
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
|
||||||
class CityViewSetTest(APITestCase):
|
class CityViewSetTest(APITestCase):
|
||||||
@@ -415,19 +526,21 @@ class CityViewSetTest(APITestCase):
|
|||||||
def setUp(self):
|
def setUp(self):
|
||||||
"""Tests setup
|
"""Tests setup
|
||||||
"""
|
"""
|
||||||
self.endpoint = 'api-v1:city-'
|
self.endpoint = '/api/v1/cities/'
|
||||||
self.factory = factories.CityFactory
|
self.factory = factories.CityFactory
|
||||||
self.model = models.City
|
self.model = models.City
|
||||||
|
# create user
|
||||||
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
||||||
|
self.user = CustomUserFactory(password=self.password)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_create_city(self):
|
def test_not_logged_user_cannot_create_city(self):
|
||||||
"""Not logged-in user cannot create new city
|
"""Not logged-in user cannot create new city
|
||||||
"""
|
"""
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'list')
|
response = self.client.post(self.endpoint, data={})
|
||||||
response = self.client.post(url, data={})
|
|
||||||
|
|
||||||
# Assert access is forbidden
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_modify_existing_city(self):
|
def test_not_logged_user_cannot_modify_existing_city(self):
|
||||||
"""Not logged-in user cannot modify existing city
|
"""Not logged-in user cannot modify existing city
|
||||||
@@ -436,11 +549,11 @@ class CityViewSetTest(APITestCase):
|
|||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
url = f"{self.endpoint}{instance.pk}/"
|
||||||
response = self.client.put(url, {}, format='json')
|
response = self.client.put(url, {}, format='json')
|
||||||
|
|
||||||
# Assert forbidden code
|
# Assert forbidden code
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
||||||
|
|
||||||
def test_not_logged_user_cannot_delete_existing_city(self):
|
def test_not_logged_user_cannot_delete_existing_city(self):
|
||||||
"""Not logged-in user cannot delete existing city
|
"""Not logged-in user cannot delete existing city
|
||||||
@@ -449,107 +562,91 @@ class CityViewSetTest(APITestCase):
|
|||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
url = f"{self.endpoint}{instance.pk}/"
|
||||||
response = self.client.delete(url)
|
response = self.client.delete(url)
|
||||||
|
|
||||||
# Assert instance still exists on db
|
# Assert instance still exists on db
|
||||||
self.assertTrue(self.model.objects.get(id=instance.pk))
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
||||||
|
|
||||||
def test_not_logged_user_cant_list_city(self):
|
def test_not_logged_user_can_list_city(self):
|
||||||
"""Not logged-in user can't read city
|
"""Not logged-in user can't read city
|
||||||
"""
|
"""
|
||||||
|
# Create instances
|
||||||
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
||||||
|
|
||||||
# Request list
|
# Request list
|
||||||
url = reverse(self.endpoint+'list')
|
response = self.client.get(self.endpoint)
|
||||||
response = self.client.get(url)
|
|
||||||
|
# Assert access is forbidden
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
# Assert all instances are returned
|
||||||
|
self.assertEqual(len(instances), len(response.data))
|
||||||
|
|
||||||
|
def test_logged_user_can_list_instances(self):
|
||||||
|
"""Regular logged-in user can list instances
|
||||||
|
"""
|
||||||
|
# Create instances
|
||||||
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
||||||
|
|
||||||
|
# Authenticate user
|
||||||
|
token = get_tokens_for_user(self.user)
|
||||||
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
|
# Request list
|
||||||
|
response = self.client.get(self.endpoint)
|
||||||
|
|
||||||
|
# Assert access is allowed
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
# Assert all instances are returned
|
||||||
|
self.assertEqual(len(instances), len(response.data))
|
||||||
|
|
||||||
|
def test_logged_user_cannot_create_instance(self):
|
||||||
|
"""Regular logged-in user can create new instance
|
||||||
|
"""
|
||||||
|
# Authenticate user
|
||||||
|
token = get_tokens_for_user(self.user)
|
||||||
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
|
|
||||||
|
# Query endpoint
|
||||||
|
response = self.client.post(self.endpoint, data={})
|
||||||
|
|
||||||
# Assert access is forbidden
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
def test_logged_user_can_list_city(self):
|
def test_logged_user_cannot_modify_existing_instance(self):
|
||||||
"""Regular logged-in user can list city
|
"""Regular logged-in user can modify existing instance
|
||||||
"""
|
|
||||||
# Create instances
|
|
||||||
user = TenantUserFactory()
|
|
||||||
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
||||||
|
|
||||||
# Authenticate user
|
|
||||||
user.db = 'default'
|
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Request list
|
|
||||||
url = reverse(self.endpoint+'list')
|
|
||||||
response = self.client.get(url)
|
|
||||||
|
|
||||||
# Assert access is allowed
|
|
||||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
||||||
|
|
||||||
# Assert all instances are returned
|
|
||||||
self.assertEqual(len(instances), len(response.data['results']))
|
|
||||||
|
|
||||||
def test_logged_user_can_create_city(self):
|
|
||||||
"""Regular logged-in user can create new city
|
|
||||||
"""
|
|
||||||
# Define request data
|
|
||||||
data = {
|
|
||||||
'name': 'country name _test_ data',
|
|
||||||
'region': factories.RegionFactory().pk,
|
|
||||||
}
|
|
||||||
|
|
||||||
# Authenticate user
|
|
||||||
user = TenantUserFactory()
|
|
||||||
user.db = 'default'
|
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Query endpoint
|
|
||||||
url = reverse(self.endpoint+'list')
|
|
||||||
response = self.client.post(url, data=data)
|
|
||||||
# Assert endpoint returns created status
|
|
||||||
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
|
||||||
|
|
||||||
# Assert instance exists on db
|
|
||||||
self.assertTrue(self.model.objects.get(id=response.data['id']))
|
|
||||||
|
|
||||||
def test_logged_user_can_modify_existing_city(self):
|
|
||||||
"""Regular logged-in user can modify existing citycity
|
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Define request data
|
# Query endpoint
|
||||||
data = {
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
'name': 'country name _test_ data',
|
|
||||||
'region': factories.RegionFactory().pk,
|
|
||||||
}
|
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user = TenantUserFactory()
|
token = get_tokens_for_user(self.user)
|
||||||
user.db = 'default'
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
response = self.client.post(url, data={})
|
||||||
response = self.client.put(url, data, format='json')
|
|
||||||
|
|
||||||
# Assert endpoint returns OK code
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
def test_logged_user_can_delete_existing_city(self):
|
def test_logged_user_cannot_delete_existing_instance(self):
|
||||||
"""Regular logged-in user can delete existing city
|
"""Regular logged-in user can delete existing instance
|
||||||
"""
|
"""
|
||||||
# Create instances
|
# Create instances
|
||||||
instance = self.factory()
|
instance = self.factory()
|
||||||
|
|
||||||
# Authenticate user
|
# Authenticate user
|
||||||
user = TenantUserFactory()
|
token = get_tokens_for_user(self.user)
|
||||||
user.db = 'default'
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
||||||
self.client.force_authenticate(user=user)
|
|
||||||
|
|
||||||
# Query endpoint
|
# Query endpoint
|
||||||
url = reverse(self.endpoint+'detail', args=[instance.pk])
|
url = self.endpoint + f'{instance.pk}/'
|
||||||
response = self.client.delete(url)
|
# Query endpoint
|
||||||
|
response = self.client.post(url, data={})
|
||||||
|
|
||||||
# Assert 204 no content
|
# Assert access is forbidden
|
||||||
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
# Assert instance doesn't exists on db anymore
|
|
||||||
self.assertFalse(self.model.objects.filter(id=instance.pk).exists())
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user