653 lines
20 KiB
Python
653 lines
20 KiB
Python
import random
|
|
import datetime
|
|
import string
|
|
import json
|
|
|
|
from django.urls import reverse
|
|
from django.test import TestCase
|
|
from django.utils import timezone
|
|
|
|
from rest_framework.test import APITestCase
|
|
from rest_framework import status
|
|
|
|
from core.factories import CustomUserFactory
|
|
from core.utils import get_tokens_for_user
|
|
|
|
from . import models
|
|
from . import factories
|
|
|
|
|
|
# Model Tests
|
|
class CountryTest(TestCase):
|
|
"""Country model tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.model = models.Country
|
|
|
|
def test_content(self):
|
|
"""Test content correctly set
|
|
"""
|
|
# Define instance data
|
|
data = {
|
|
'name': 'country name _test_ data'
|
|
}
|
|
|
|
# Create instance
|
|
instance = self.model.objects.create(**data)
|
|
|
|
# Assert content correctly set
|
|
for field in data.keys():
|
|
self.assertEqual(getattr(instance, field), data[field])
|
|
|
|
|
|
class RegionTest(TestCase):
|
|
"""Region model tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.model = models.Region
|
|
|
|
def test_content(self):
|
|
"""Test content correctly set
|
|
"""
|
|
# Define instance data
|
|
data = {
|
|
'name': 'region name _test_ data',
|
|
'country': factories.CountryFactory(),
|
|
}
|
|
|
|
# Create instance
|
|
instance = self.model.objects.create(**data)
|
|
|
|
# Assert content correctly set
|
|
for field in data.keys():
|
|
self.assertEqual(getattr(instance, field), data[field])
|
|
|
|
|
|
class ProvinceTest(TestCase):
|
|
"""Province model tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.model = models.Province
|
|
|
|
def test_content(self):
|
|
"""Test content correctly set
|
|
"""
|
|
# Define instance data
|
|
data = {
|
|
'name': 'region name _test_ data',
|
|
'region': factories.RegionFactory(),
|
|
}
|
|
|
|
# Create instance
|
|
instance = self.model.objects.create(**data)
|
|
|
|
# Assert content correctly set
|
|
for field in data.keys():
|
|
self.assertEqual(getattr(instance, field), data[field])
|
|
|
|
|
|
class CityTest(TestCase):
|
|
"""City model tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.model = models.City
|
|
|
|
def test_content(self):
|
|
"""Test content correctly set
|
|
"""
|
|
# Define instance data
|
|
data = {
|
|
'name': 'city name _test_ data',
|
|
'province': factories.ProvinceFactory(),
|
|
}
|
|
|
|
# Create instance
|
|
instance = self.model.objects.create(**data)
|
|
|
|
# Assert content correctly set
|
|
for field in data.keys():
|
|
self.assertEqual(getattr(instance, field), data[field])
|
|
|
|
|
|
|
|
# ViewSet Tests
|
|
class CountryViewSetTest(APITestCase):
|
|
"""Country viewset tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.endpoint = '/api/v1/countries/'
|
|
self.factory = factories.CountryFactory
|
|
self.model = models.Country
|
|
# create user
|
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
|
self.user = CustomUserFactory(password=self.password)
|
|
|
|
def test_anon_user_cannot_create_country(self):
|
|
"""Not logged-in user cannot create new country
|
|
"""
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_anon_user_cannot_modify_existing_country(self):
|
|
"""Not logged-in user cannot modify existing country
|
|
"""
|
|
# Create instance
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
response = self.client.put(url, {}, format='json')
|
|
|
|
# Assert forbidden code
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_anon_user_cannot_delete_existing_country(self):
|
|
"""Not logged-in user cannot delete existing country
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
response = self.client.delete(url)
|
|
|
|
# Assert instance still exists on db
|
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
|
|
|
def test_anon_user_can_list_country(self):
|
|
"""Not logged-in user can't read country
|
|
"""
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
|
|
def test_auth_user_can_list_country(self):
|
|
"""Regular logged-in user can list country
|
|
"""
|
|
# Create instances
|
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is allowed
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
# Assert all instances are returned
|
|
self.assertEqual(len(instances), len(response.data))
|
|
|
|
def test_auth_user_cannot_create_country(self):
|
|
"""Regular logged-in user can create new country
|
|
"""
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_auth_user_cannot_modify_existing_country(self):
|
|
"""Regular logged-in user can modify existing country
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_auth_user_cannot_delete_existing_country(self):
|
|
"""Regular logged-in user can delete existing country
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
|
|
class RegionViewSetTest(APITestCase):
|
|
"""Region viewset tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.endpoint = '/api/v1/regions/'
|
|
self.factory = factories.RegionFactory
|
|
self.model = models.Region
|
|
# create user
|
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
|
self.user = CustomUserFactory(password=self.password)
|
|
|
|
def test_not_logged_user_cannot_create_instance(self):
|
|
"""Not logged-in user cannot create new region
|
|
"""
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_not_logged_user_cannot_modify_existing_instance(self):
|
|
"""Not logged-in user cannot modify existing region
|
|
"""
|
|
# Create instance
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = f"{self.endpoint}{instance.pk}/"
|
|
response = self.client.put(url, {}, format='json')
|
|
|
|
# Assert forbidden code
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_not_logged_user_cannot_delete_existing_instance(self):
|
|
"""Not logged-in user cannot delete existing region
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = f"{self.endpoint}{instance.pk}"
|
|
response = self.client.delete(url)
|
|
|
|
# assert response status code
|
|
self.assertEqual(response.status_code, status.HTTP_301_MOVED_PERMANENTLY)
|
|
# Assert instance still exists on db
|
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
|
|
|
def test_not_logged_user_can_list_instance(self):
|
|
"""Not logged-in user can list instances
|
|
"""
|
|
# Create instances
|
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is allowed
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
|
|
# Assert all instances are returned
|
|
self.assertEqual(len(instances), len(response.data))
|
|
|
|
def test_logged_user_can_list_instances(self):
|
|
"""Regular logged-in user can list instances
|
|
"""
|
|
# Create instances
|
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is allowed
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
# Assert all instances are returned
|
|
self.assertEqual(len(instances), len(response.data))
|
|
|
|
def test_logged_user_cannot_create_instance(self):
|
|
"""Regular logged-in user can create new region
|
|
"""
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_logged_user_cannot_modify_existing_instance(self):
|
|
"""Regular logged-in user can modify existing region
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_logged_user_cannot_delete_existing_instance(self):
|
|
"""Regular logged-in user can delete existing region
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
|
|
class ProvinceViewSetTest(APITestCase):
|
|
"""Province viewset tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.endpoint = '/api/v1/provinces/'
|
|
self.factory = factories.ProvinceFactory
|
|
self.model = models.Province
|
|
# create user
|
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
|
self.user = CustomUserFactory(password=self.password)
|
|
|
|
def test_not_logged_user_cannot_create_instance(self):
|
|
"""Not logged-in user cannot create new instance
|
|
"""
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_not_logged_user_cannot_modify_existing_instance(self):
|
|
"""Not logged-in user cannot modify existing instance
|
|
"""
|
|
# Create instance
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = f"{self.endpoint}{instance.pk}/"
|
|
response = self.client.put(url, {}, format='json')
|
|
|
|
# Assert forbidden code
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_not_logged_user_cannot_delete_existing_instance(self):
|
|
"""Not logged-in user cannot delete existing instance
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = f"{self.endpoint}{instance.pk}"
|
|
response = self.client.delete(url)
|
|
|
|
# assert response status code
|
|
self.assertEqual(response.status_code, status.HTTP_301_MOVED_PERMANENTLY)
|
|
# Assert instance still exists on db
|
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
|
|
|
def test_not_logged_user_can_list_instance(self):
|
|
"""Not logged-in user can list instances
|
|
"""
|
|
# Create instances
|
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is allowed
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
|
|
# Assert all instances are returned
|
|
self.assertEqual(len(instances), len(response.data))
|
|
|
|
def test_logged_user_can_list_instances(self):
|
|
"""Regular logged-in user can list instances
|
|
"""
|
|
# Create instances
|
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is allowed
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
# Assert all instances are returned
|
|
self.assertEqual(len(instances), len(response.data))
|
|
|
|
def test_logged_user_cannot_create_instance(self):
|
|
"""Regular logged-in user can create new instance
|
|
"""
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_logged_user_cannot_modify_existing_instance(self):
|
|
"""Regular logged-in user can modify existing instance
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_logged_user_cannot_delete_existing_instance(self):
|
|
"""Regular logged-in user can delete existing instance
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
|
|
class CityViewSetTest(APITestCase):
|
|
"""City viewset tests
|
|
"""
|
|
|
|
def setUp(self):
|
|
"""Tests setup
|
|
"""
|
|
self.endpoint = '/api/v1/cities/'
|
|
self.factory = factories.CityFactory
|
|
self.model = models.City
|
|
# create user
|
|
self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
|
|
self.user = CustomUserFactory(password=self.password)
|
|
|
|
def test_not_logged_user_cannot_create_city(self):
|
|
"""Not logged-in user cannot create new city
|
|
"""
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_not_logged_user_cannot_modify_existing_city(self):
|
|
"""Not logged-in user cannot modify existing city
|
|
"""
|
|
# Create instance
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = f"{self.endpoint}{instance.pk}/"
|
|
response = self.client.put(url, {}, format='json')
|
|
|
|
# Assert forbidden code
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
|
|
|
|
def test_not_logged_user_cannot_delete_existing_city(self):
|
|
"""Not logged-in user cannot delete existing city
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = f"{self.endpoint}{instance.pk}/"
|
|
response = self.client.delete(url)
|
|
|
|
# Assert instance still exists on db
|
|
self.assertTrue(self.model.objects.get(id=instance.pk))
|
|
|
|
def test_not_logged_user_can_list_city(self):
|
|
"""Not logged-in user can't read city
|
|
"""
|
|
# Create instances
|
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
# Assert all instances are returned
|
|
self.assertEqual(len(instances), len(response.data))
|
|
|
|
def test_logged_user_can_list_instances(self):
|
|
"""Regular logged-in user can list instances
|
|
"""
|
|
# Create instances
|
|
instances = [self.factory() for n in range(random.randint(1,5))]
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Request list
|
|
response = self.client.get(self.endpoint)
|
|
|
|
# Assert access is allowed
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
# Assert all instances are returned
|
|
self.assertEqual(len(instances), len(response.data))
|
|
|
|
def test_logged_user_cannot_create_instance(self):
|
|
"""Regular logged-in user can create new instance
|
|
"""
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(self.endpoint, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_logged_user_cannot_modify_existing_instance(self):
|
|
"""Regular logged-in user can modify existing instance
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_logged_user_cannot_delete_existing_instance(self):
|
|
"""Regular logged-in user can delete existing instance
|
|
"""
|
|
# Create instances
|
|
instance = self.factory()
|
|
|
|
# Authenticate user
|
|
token = get_tokens_for_user(self.user)
|
|
self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
|
|
|
|
# Query endpoint
|
|
url = self.endpoint + f'{instance.pk}/'
|
|
# Query endpoint
|
|
response = self.client.post(url, data={})
|
|
|
|
# Assert access is forbidden
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|