def test_usercode_permission(self):
client = APIClient()
users = [
UserFactory(),
UserFactory(is_staff=True),
UserFactory(is_superuser=True),
]
UserCodeFactory.create_batch(30, user_id=users[0])
UserCodeFactory.create_batch(30, user_id=users[1])
UserCodeFactory.create_batch(30, user_id=users[2])
usercodes = UserCode.objects.all()
for user in users:
client.force_authenticate(user=user)
for usercode in usercodes:
usercode_detail_url = reverse("api:usercode-detail",
kwargs={"pk": usercode.pk})
response = client.get(usercode_detail_url)
if user == usercode.user:
assert response.status_code == status.HTTP_200_OK
else:
assert response.status_code == status.HTTP_404_NOT_FOUND
response = client.patch(usercode_detail_url,
{"code": "Hello world!"})
if user == usercode.user:
assert response.status_code == status.HTTP_200_OK
else:
assert response.status_code == status.HTTP_404_NOT_FOUND
def test_add_post(self):
client = APIClient()
users = [
UserFactory(),
UserFactory(is_staff=True),
UserFactory(is_superuser=True),
]
BlogFactory.create_batch(100)
for user in users:
client.force_authenticate(user=user)
blogs = Blog.objects.all()
for blog in blogs:
url = reverse("api:blog-add-post",
kwargs={"category": blog.category})
response = client.post(
url,
data={
"title": "Hello",
"content": "How are you?"
},
)
if blog.permission <= user.level:
# 블로그 권한이 더 낮을 시 201
assert response.status_code == status.HTTP_201_CREATED
else:
# 블로그 권한이 더 높을 시 쿼리 불가 404
assert response.status_code == status.HTTP_404_NOT_FOUND
def test_judgementcode_permission(self):
client = APIClient()
users = [
UserFactory(),
UserFactory(is_staff=True),
UserFactory(is_superuser=True),
]
for user in users[:1]:
client.force_authenticate(user=user)
list_url = reverse("api:judgementcode-list")
gameinfo = GameInfoFactory()
language = ProgrammingLanguageFactory()
response = client.post(
list_url,
{
"gameinfo_id": gameinfo.id,
"programming_language": language.pk,
"code": "adfsadfasdf",
},
)
if user.is_admin:
assert response.status_code == status.HTTP_201_CREATED
else:
assert response.status_code == status.HTTP_403_FORBIDDEN
judgementcode = JudgementCodeFactory()
detail_url = reverse("api:judgementcode-detail",
kwargs={"pk": judgementcode.pk})
response = client.get(detail_url, {"code": "Hello world!"})
assert response.status_code == status.HTTP_200_OK
def test_blogapp(self):
blog = BlogFactory()
post = PostFactory(blog_id=blog)
comments = CommentFactory.create_batch(
20,
post_id=post,
user_id=post.user,
)
for c in post.get_comments():
assert c in comments
comment = comments[0]
recomments = CommentFactory.create_batch(
20,
parent_id=comment,
user_id=UserFactory(),
)
assert post == comment.post
assert blog == post.blog
for c in comment.get_childs():
assert c in recomments
assert c.parent == comment
def test_deleted_comment_permission(self):
client = APIClient()
user = UserFactory()
client.force_authenticate(user=user)
comment = CommentFactory(user_id=user)
url = reverse("api:comment-detail", kwargs={"pk": comment.pk})
# Delete
response = client.delete(url)
assert response.status_code == status.HTTP_204_NO_CONTENT
# 삭제 후 수정, 삭제 불가
response = client.get(url)
assert response.status_code == status.HTTP_200_OK
response = client.delete(url)
assert response.status_code == status.HTTP_403_FORBIDDEN
response = client.put(url, {"content": "Are you deleted?"})
assert response.status_code == status.HTTP_403_FORBIDDEN
response = client.patch(url, {"content": "Are you deleted?"})
assert response.status_code == status.HTTP_403_FORBIDDEN
def test_clean_username(self):
# A user with proto_user params does not exist yet.
proto_user = UserFactory.build()
form = UserCreationForm({
"username": proto_user.username,
"password1": proto_user._password,
"password2": proto_user._password,
})
assert form.is_valid()
assert form.clean_username() == proto_user.username
# Creating a user.
form.save()
# The user with proto_user params already exists,
# hence cannot be created.
form = UserCreationForm({
"username": proto_user.username,
"password1": proto_user._password,
"password2": proto_user._password,
})
assert not form.is_valid()
assert len(form.errors) == 1
assert "username" in form.errors
def test_get_queryset(self):
# 기본 세팅
view = UserCodeViewSet()
rf = APIRequestFactory()
request = rf.get("/fake-url/")
users = [
UserFactory(),
UserFactory(),
]
for user in users:
usercodes = UserCodeFactory.create_batch(100, user_id=user)
request.user = user
view.request = request
assert view.get_queryset().count() == len(usercodes)
def test_is_owner_or_readonly(self):
client = APIClient()
users = [
UserFactory(),
UserFactory(),
]
owner = users[0]
another = users[1]
post = PostFactory(user_id=owner)
url = reverse("api:post-detail", kwargs={"pk": post.pk})
views = [
(
client.put,
{
"title": "Hello",
"content": "put method~"
},
status.HTTP_200_OK,
),
(
client.patch,
{
"title": "Hello2"
},
status.HTTP_200_OK,
),
(
client.delete,
None,
status.HTTP_204_NO_CONTENT,
),
]
for method, param, sts in views:
client.force_authenticate(user=another)
response = method(url, param)
assert response.status_code == status.HTTP_403_FORBIDDEN
for method, param, sts in views:
client.force_authenticate(user=owner)
response = method(url, param)
assert response.status_code == sts
def test_add_comment(self):
client = APIClient()
BlogFactory.create_batch(100)
user = UserFactory()
client.force_authenticate(user=user)
post = PostFactory(user_id=user)
url = reverse("api:post-add-comment", kwargs={"pk": post.pk})
response = client.post(url, data={"content": "Hello! This is Comment"})
assert response.status_code == status.HTTP_201_CREATED
user2 = UserFactory()
client.force_authenticate(user=user2)
response = client.post(url, data={"content": "Hello! This is Comment"})
assert response.status_code == status.HTTP_201_CREATED
def test_me(self):
client = APIClient()
users = UserFactory.create_batch(10)
user_me_url = reverse("api:user-me")
for user in users:
client.force_authenticate(user=user)
response = client.get(user_me_url)
serializer = UserSerializer(instance=user)
assert serializer.data == response.json()
def test_get_queryset(self):
view = UserViewSet()
user = UserFactory()
rf = APIRequestFactory()
request = rf.get("/fake-url/")
request.user = user
view.request = request
assert user in view.get_queryset()
def test_list(self):
client = APIClient()
users = [
UserFactory(),
UserFactory(is_staff=True),
UserFactory(is_superuser=True),
]
BlogFactory.create_batch(100)
for user in users:
client.force_authenticate(user=user)
blog_list_url = reverse("api:blog-list")
response = client.get(blog_list_url)
blogs = Blog.objects.all().filter(
permission__lte=user.level).count()
allowed_blogs = len(response.json())
assert blogs == allowed_blogs
def test_comment_delete(self):
client = APIClient()
user = UserFactory()
client.force_authenticate(user=user)
comment = CommentFactory(user_id=user)
url = reverse("api:comment-detail", kwargs={"pk": comment.pk})
response = client.delete(url)
assert response.status_code == status.HTTP_204_NO_CONTENT
def test_get_queryset(self, rf: RequestFactory):
# 기본 세팅
view = BlogViewSet()
request = rf.get("/fake-url/")
users = [
UserFactory(is_superuser=True),
UserFactory(is_staff=True),
UserFactory(),
]
BlogFactory.create_batch(100)
for user in users:
request.user = user
view.request = request
permissions = view.get_queryset().values_list("permission",
flat=True)
for permission in permissions:
assert permission <= user.level
def test_get_querset(self):
view = CommentViewSet()
user = UserFactory()
rf = APIRequestFactory()
request = rf.get("/fake_url/")
request.user = user
view.request = request
post = PostFactory()
parent_size = 10
CommentFactory.create_batch(parent_size, post_id=post)
assert view.get_queryset().count() == parent_size
def test_add_recomment(self):
client = APIClient()
client2 = APIClient()
user = UserFactory()
user2 = UserFactory()
client.force_authenticate(user=user)
client2.force_authenticate(user=user2)
comments = CommentFactory.create_batch(3, user_id=user)
recomment_sizes = random.sample(range(5, 30), len(comments))
for recomment_size, comment in zip(recomment_sizes, comments):
url = reverse("api:comment-add-recomment", kwargs={"pk": comment.pk})
# Comment 객체의 실제 recomment 수와 기대하는 recomment 수 비교
for _ in range(recomment_size):
response = client.post(url, data={"content": "Hello! This is Comment"})
assert response.status_code == status.HTTP_201_CREATED
response = client2.post(url, data={"content": "Hello! This is Comment"})
assert response.status_code == status.HTTP_201_CREATED
assert comment.get_childs().count() == recomment_size * 2
# Comment detail로 요청을 보냈을 때 오는 recomment 수와 기대하는 recomment 수 비교
detail_url = reverse("api:comment-detail", kwargs={"pk": comment.pk})
response = client.get(detail_url)
assert len(response.data["recomments"]) == recomment_size * 2
# ReRecomment 불가능하도록 막기
recomment = comments[0].get_childs()[0]
url = reverse("api:comment-add-recomment", kwargs={"pk": recomment.pk})
response = client.post(url, data={"content": "RereComment is not allowed!"})
assert response.status_code == status.HTTP_404_NOT_FOUND
def user() -> User:
return UserFactory()