def create(request):
""" Expect a post """
user = _auth(request)
if user:
data = json.loads(request.POST.get('data', '{}'))
data['status'] = 'published'
form = SnippetForm(data)
if not form.is_valid():
return HttpResponse('VALIDATION')
try:
lexer_obj = guess_lexer(data['body'])
for lex in LEXERS.itervalues():
if lexer_obj.name == lex[1]:
lexer = lex[2][0].lower()
break
except ClassNotFound:
lexer = u'text'
try:
snippet = Snippet(
author = user,
title = data['title'],
description = data['description'],
body=data['body'],
tags=data['tags'],
lexer=lexer,
via=data['via'],
privacy = data['privacy'],
status = data['status']
)
snippet.save()
return HttpResponse('SUCCESS')
except:
return HttpResponse('ERROR')
else:
return HttpResponse('NOT_AUTHORIZED')
def new(self, content, title='', author='', expires=60*60):
new_snippet = Snippet(
title=title,
author=author,
content=content,
expires=datetime.datetime.now() + datetime.timedelta(seconds=expires)
)
new_snippet.save()
return new_snippet.get_absolute_url()
def create_snippet(request, form):
if not form.is_valid():
return None
text = form.cleaned_data['text']
title = form.cleaned_data['title']
is_public = form.cleaned_data['is_public']
snippet = Snippet(title=title, text=text)
snippet.save()
add_tags(snippet, form.cleaned_data['tags'])
pub = Publication(content=snippet, reply_to_pub=None, is_public=is_public, published_by=request.user.get_profile())
pub.save()
return pub
class TestSnippetAPIViewsUsingAPIRequestFactory(APITestCase):
"""Test the SnippetViewSet using APIRequestFactory"""
fixtures = ['initial_data']
def setUp(self):
self.factory = APIRequestFactory()
self.test_snippet = Snippet(title="test snippet", code="some code",
owner=User.objects.get(username="******"))
self.test_snippet.save()
def test_highlight(self):
"""Test the 'highlight' action."""
view = SnippetViewSet.as_view({'get': 'highlight'})
request = self.factory.get('/snippets/000/highlight')
response = view(request, pk=self.test_snippet.pk)
self.assertEqual(response.status_code, 200)
self.assertIn("<html>", response.data)
self.assertIn(self.test_snippet.title, response.data)
def test_detail(self):
"""Snippet details may be retrieved without logging in."""
view = SnippetViewSet.as_view({'get': 'retrieve'})
request = self.factory.get('/snippets/000')
response = view(request, pk=self.test_snippet.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['owner'],
self.test_snippet.owner.username)
def test_list(self):
"""Snippet list may be retrieved without logging in"""
view = SnippetViewSet.as_view({'get': 'list'})
request = self.factory.get('/snippets')
response = view(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['count'], 1)
def test_create_snippet_not_logged_in(self):
"""Must be logged in to create a snippet"""
view = SnippetViewSet.as_view({'post': 'create'})
request = self.factory.post('/snippets',
data={'title': 'should fail',
'code': 'asdf'})
response = view(request)
self.assertEqual(response.status_code, 403)
def test_create_snippet_logged_in(self):
"""Logged in users may create snippets"""
view = SnippetViewSet.as_view({'post': 'create'})
request = self.factory.post('/snippets',
data={'title': 'should work',
'code': 'some code'})
force_authenticate(request, user=User.objects.get(username="******"))
response = view(request)
self.assertEqual(response.status_code, 201)
self.assertEqual(response.data['code'], 'some code')
def test_delete_snippet_not_logged_in(self):
"""Only the owner may delete a snippet"""
view = SnippetViewSet.as_view({'delete': 'destroy'})
request = self.factory.delete('/snippets/000')
response = view(request, pk=self.test_snippet.pk)
self.assertEqual(response.status_code, 403)
def test_delete_snippet_owner_logged_in(self):
"""The owner of a snippet may delete it"""
view = SnippetViewSet.as_view({'delete': 'destroy'})
request = self.factory.delete('/snippets/000')
force_authenticate(request, user=User.objects.get(username="******"))
response = view(request, pk=self.test_snippet.pk)
self.assertEqual(response.status_code, 204)
def test_delete_snippet_wrong_user(self):
"""Users may not delete another users snippets"""
view = SnippetViewSet.as_view({'delete': 'destroy'})
request = self.factory.delete('/snippets/000')
force_authenticate(request, user=User.objects.get(username="******"))
response = view(request, pk=self.test_snippet.pk)
self.assertEqual(response.status_code, 403)
class TestSnippetAPIViewsUsingAPIClient(APITestCase):
"""
Test the SnippetViewSet using APIClient
Note: self.client is an instance of the rest framework's APIClient
"""
fixtures = ['initial_data']
def setUp(self):
self.test_snippet = Snippet(title="test snippet", code="some code",
owner=User.objects.get(username="******"))
self.test_snippet.save()
def test_highlight(self):
"""Test the 'highlight' action."""
url = reverse('snippet-highlight', args=[self.test_snippet.pk])
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertIn("<html>", response.data)
self.assertIn(self.test_snippet.title, response.data)
def test_detail(self):
"""Snippet details may be retrieved without logging in"""
url = reverse('snippet-detail', args=[self.test_snippet.pk])
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['owner'],
self.test_snippet.owner.username)
def test_list(self):
"""Snippet list may be retrieved without logging in"""
url = reverse('snippet-list')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['count'], 1)
def test_create_snippet_not_logged_in(self):
"""Must be logged in to create a snippet"""
url = reverse('snippet-list')
response = self.client.post(url,
{'title': 'should fail', 'code': 'asdf'},
format='json')
self.assertEqual(response.status_code, 403)
def test_create_snippet_logged_in(self):
"""Logged in users may create snippets"""
url = reverse('snippet-list')
self.client.force_authenticate(user=User.objects.get(username="******"))
response = self.client.post(url, {'title': 'should work',
'code': 'some code'})
self.assertEqual(response.status_code, 201)
self.assertEqual(response.data['code'], 'some code')
def test_delete_snippet_not_logged_in(self):
"""Only the owner may delete a snippet"""
url = reverse('snippet-detail', args=[self.test_snippet.pk])
response = self.client.delete(url)
self.assertEqual(response.status_code, 403)
def test_delete_snippet_owner_logged_in(self):
"""The owner of a snippet may delete it"""
url = reverse('snippet-detail', args=[self.test_snippet.pk])
self.client.force_authenticate(user=User.objects.get(username="******"))
response = self.client.delete(url)
self.assertEqual(response.status_code, 204)
def test_delete_snippet_wrong_user(self):
"""Users may not delete another users snippets"""
url = reverse('snippet-detail', args=[self.test_snippet.pk])
self.client.force_authenticate(user=User.objects.get(username="******"))
response = self.client.delete(url)
self.assertEqual(response.status_code, 403)
