def test_get_with_user(self): view = ProjectCreate.as_view() url = reverse('admin:project_create') request = APIRequestFactory().get(url) request.user = UserFactory.create() response = view(request).render() self.assertEqual(response.status_code, 200)
def test_encoding(self): payment_method = PaymentMethodFactory.create() factory = APIRequestFactory() url = reverse('payment-method-detail', kwargs={'payment_method_id': payment_method.pk, 'customer_pk': payment_method.customer.pk}) request = factory.get(url, format='json') serializer = PaymentMethodSerializer(payment_method, context={ 'request': request }) expected_data = OrderedDict([ ('url', 'http://testserver/customers/{}/payment_methods/{}/'.format(payment_method.customer.pk, payment_method.pk)), ('transactions', None), ('customer', 'http://testserver/customers/{}/'.format(payment_method.customer.pk)), ('payment_processor', 'http://testserver/payment_processors/Manual/'), ('added_at', payment_method.added_at), ('verified_at', None), ('state', 'uninitialized') ]) json = JSONRenderer().render(serializer.data) self.assertEqual(json, JSONRenderer().render(expected_data))
def test_get_with_unconnected_user(self): view = ApplicationDisconnect.as_view() url = reverse('admin:app_disconnect', kwargs={'app_id': self.app.id}) request = APIRequestFactory().get(url) request.user = UserFactory.create() response = view(request, app_id=self.app.id) self.assertTrue(isinstance(response, HttpResponseRedirect))
def test_get_with_anonymous(self): view = ProjectCreate.as_view() url = reverse('admin:project_create') request = APIRequestFactory().get(url) request.user = AnonymousUser() response = view(request) self.assertTrue(isinstance(response, HttpResponseRedirect))
class CreateProjectTests(APITestCase): def setUp(self): self.anonymous_user = AnonymousUserFactory() self.user = UserFactory.create() self.group = GroupFactory.create(name=self.user.username) self.project = ProjectFactory.build(owner=self.group) self.view = ProjectViewSet.as_view({"post": "create"}) self.factory = APIRequestFactory() self.url = reverse("api:v2:project-list") self.request = self.factory.post(self.url, {"name": self.project.name, "description": self.project.description}) def test_anonymous_user_cannot_create_project(self): force_authenticate(self.request, user=self.anonymous_user) response = self.view(self.request) self.assertEquals(response.status_code, 403) def test_required_fields(self): bad_request = self.factory.post(self.url) force_authenticate(bad_request, user=self.user) response = self.view(bad_request) data = response.data self.assertEquals(response.status_code, 400) self.assertEquals(len(data), 1) self.assertIn("name", data) def test_authenticated_user_can_create_project(self): self.assertEquals(Project.objects.count(), 0) force_authenticate(self.request, user=self.user) response = self.view(self.request) self.assertEquals(response.status_code, 201) self.assertEquals(Project.objects.count(), 1) project = Project.objects.first() self.assertEquals(project.owner, self.group)
def test_get_with_anonymous(self): view = ApplicationDelete.as_view() url = reverse('admin:app_delete', kwargs={'app_id': self.app.id}) request = APIRequestFactory().get(url) request.user = AnonymousUser() response = view(request, app_id=self.app.id) self.assertTrue(isinstance(response, HttpResponseRedirect))
def test_get_with_anonymous(self): view = ApplicationConnected.as_view() url = reverse('admin:app_connected') request = APIRequestFactory().get(url) request.user = AnonymousUser() response = view(request) self.assertTrue(isinstance(response, HttpResponseRedirect))
def test_post_with_user(self): data = { 'name': 'test app', 'description': '', 'download_url': 'http://example.com/download', 'redirect_uris': 'http://example.com/redirect', 'authorization_grant_type': 'password' } view = ApplicationSettings.as_view() url = reverse('admin:app_settings', kwargs={'app_id': self.app.id}) request = APIRequestFactory().post(url, data) request.user = UserFactory.create() response = view(request, app_id=self.app.id).render() self.assertEqual(response.status_code, 200) self.assertContains( response, 'You are not the owner of this application and therefore not ' 'allowed to access this app.' ) ref = Application.objects.get(pk=self.app.id) self.assertNotEqual(ref.name, data.get('name')) self.assertNotEqual(ref.description, data.get('description')) self.assertNotEqual(ref.download_url, data.get('download_url')) self.assertNotEqual(ref.redirect_uris, data.get('redirect_uris')) self.assertNotEqual( ref.authorization_grant_type, data.get('authorization_grant_type') )
def test_post_with_anonymous(self): data = { 'name': 'test app', 'description': '', 'download_url': 'http://example.com/download', 'redirect_uris': 'http://example.com/redirect', 'authorization_grant_type': 'password' } view = ApplicationSettings.as_view() url = reverse('admin:app_settings', kwargs={'app_id': self.app.id}) request = APIRequestFactory().post(url, data) request.user = AnonymousUser() response = view(request, app_id=self.app.id) self.assertTrue(isinstance(response, HttpResponseRedirect)) ref = Application.objects.get(pk=self.app.id) self.assertNotEqual(ref.name, data.get('name')) self.assertNotEqual(ref.description, data.get('description')) self.assertNotEqual(ref.download_url, data.get('download_url')) self.assertNotEqual(ref.redirect_uris, data.get('redirect_uris')) self.assertNotEqual( ref.authorization_grant_type, data.get('authorization_grant_type') )
def test_post_with_creator(self): data = { 'name': 'test app', 'description': '', 'download_url': 'http://example.com', 'redirect_uris': 'http://example.com', 'authorization_grant_type': 'password' } view = ApplicationSettings.as_view() url = reverse('admin:app_settings', kwargs={'app_id': self.app.id}) request = APIRequestFactory().post(url, data) request.user = self.creator from django.contrib.messages.storage.fallback import FallbackStorage setattr(request, 'session', 'session') messages = FallbackStorage(request) setattr(request, '_messages', messages) response = view(request, app_id=self.app.id).render() self.assertEqual(response.status_code, 200) self.assertNotContains( response, 'You are not the owner of this application and therefore not' 'allowed to access this app.' ) ref = Application.objects.get(pk=self.app.id) self.assertEqual(ref.name, data.get('name')) self.assertEqual(ref.description, data.get('description')) self.assertEqual(ref.download_url, data.get('download_url')) self.assertEqual(ref.redirect_uris, data.get('redirect_uris')) self.assertEqual( ref.authorization_grant_type, data.get('authorization_grant_type') )
def test_get_with_user(self): view = ApplicationOverview.as_view() url = reverse('admin:app_overview') request = APIRequestFactory().get(url) request.user = UserFactory.create() response = view(request).render() self.assertEqual(response.status_code, 200)
def test_VersatileImageFieldSerializer_output(self): """Ensures VersatileImageFieldSerializer serializes correctly""" factory = APIRequestFactory() request = factory.get('/admin/') serializer = VersatileImageTestModelSerializer( self.jpg, context={'request': request} ) self.assertEqual( serializer.data.get('image'), { 'test_crop': ( 'http://testserver/media/__sized__/python-logo-crop' '-c0-25__0-25-100x100.jpg' ), 'test_invert_crop': ( 'http://testserver/media/__sized__/__filtered__/' 'python-logo__invert__-crop-c0-25__0-25-100x100.jpg' ), 'test_invert_thumb': ( 'http://testserver/media/__sized__/__filtered__/' 'python-logo__invert__-thumbnail-100x100.jpg' ), 'test_invert': ( 'http://testserver/media/__filtered__/' 'python-logo__invert__.jpg' ), 'test_thumb': ( 'http://testserver/media/__sized__/python-logo-thumbnail' '-100x100.jpg' ) } )
def test_post_with_superuser_when_updating(self): """Test POST with superuser.""" data = {"client_id": "xxxxxxxxxxxxxxxxxx", "secret": "xxxxxxxxxxxxxxxxxx", "key": ""} view = ProviderOverview.as_view() request = APIRequestFactory().post(self.url, data) request.user = UserFactory.create(**{"is_superuser": True}) social_app = SocialApp.objects.create( provider="google", name="Google", client_id="yyyyyyyyyyyyyyyyyy", secret="yyyyyyyyyyyyyyyyyy", key="" ) social_app.sites.add(get_current_site(request)) setattr(request, "session", "session") messages = FallbackStorage(request) setattr(request, "_messages", messages) response = view(request, provider_id="google").render() self.assertEqual(response.status_code, 200) self.assertContains(response, "Provider has been updated.") self.assertEqual(SocialApp.objects.latest("id"), social_app) reference = SocialApp.objects.get(pk=social_app.id) self.assertEqual(reference.client_id, data.get("client_id")) self.assertEqual(reference.secret, data.get("secret")) self.assertEqual(reference.key, data.get("key"))
class TestPOSTAccessed(TestCase): def setUp(self): self.factory = APIRequestFactory() def test_post_accessed_in_post_method(self): django_request = self.factory.post('/', {'foo': 'bar'}) request = Request(django_request, parsers=[FormParser(), MultiPartParser()]) django_request.POST assert request.POST == {'foo': ['bar']} assert request.data == {'foo': ['bar']} def test_post_accessed_in_post_method_with_json_parser(self): django_request = self.factory.post('/', {'foo': 'bar'}) request = Request(django_request, parsers=[JSONParser()]) django_request.POST assert request.POST == {} assert request.data == {} def test_post_accessed_in_put_method(self): django_request = self.factory.put('/', {'foo': 'bar'}) request = Request(django_request, parsers=[FormParser(), MultiPartParser()]) django_request.POST assert request.POST == {'foo': ['bar']} assert request.data == {'foo': ['bar']} def test_request_read_before_parsing(self): django_request = self.factory.put('/', {'foo': 'bar'}) request = Request(django_request, parsers=[FormParser(), MultiPartParser()]) django_request.read() with pytest.raises(RawPostDataException): request.POST with pytest.raises(RawPostDataException): request.POST request.data
def test_actions(self): class ExampleView(views.APIView): """Example view.""" def post(self, request): pass # pragma: nocover def get_serializer(self): return PersonSerializer() def _choices(response, key): """Helper method for unpacking response JSON.""" return response.data["actions"]["POST"][key]["choices"] view = ExampleView.as_view() factory = APIRequestFactory() request = factory.options("/") response = view(request=request) country_choices = _choices(response, "country") fantasy_choices_en = _choices(response, "fantasy_country") self.assertEqual(response.status_code, 200) self.assertEqual(country_choices, countries_display(countries)) self.assertEqual(fantasy_choices_en, countries_display(FantasyCountries())) with override_settings(LANGUAGE_CODE="fr"): response = view(request=request) fantasy_choices_fr = _choices(response, "fantasy_country") self.assertNotEqual(fantasy_choices_en, fantasy_choices_fr)
class TestCustomPageNumberPagination(TestCase): def setUp(self): self.factory = APIRequestFactory() self.view = generics.ListAPIView.as_view( serializer_class=PassThroughSerializer, queryset=range(1, 101), pagination_class=CustomPageNumberPagination ) def test_metadata_with_page_size(self): request = self.factory.get('/', {'page_size': 10, 'page': 2}) response = self.view(request) assert response.status_code == status.HTTP_200_OK assert response.data == { 'page_size': 10, 'page_count': 10, 'results': range(11, 21), 'previous': 'http://testserver/?page_size=10', 'next': 'http://testserver/?page=3&page_size=10', 'count': 100 } def test_metadata_with_default_page_size(self): request = self.factory.get('/') response = self.view(request) assert response.status_code == status.HTTP_200_OK assert response.data == { 'page_size': 25, 'page_count': 4, 'results': range(1, 26), 'previous': None, 'next': 'http://testserver/?page=2', 'count': 100 }
def test_builtin_license(self): addon = addon_factory() self.version = addon.current_version license = self.version.license license.update(builtin=18) assert license._constant == LICENSES_BY_BUILTIN[18] result = LicenseSerializer( context={'request': self.request}).to_representation(license) assert result['id'] == license.pk # A request with no ?lang gets you the site default l10n in a dict to # match how non-constant values are returned. assert result['name'] == { 'en-US': unicode(LICENSES_BY_BUILTIN[18].name)} accept_request = APIRequestFactory().get('/') accept_request.LANG = 'de' result = LicenseSerializer( context={'request': accept_request}).to_representation(license) # An Accept-Language should result in a different default though. assert result['name'] == { 'de': unicode(LICENSES_BY_BUILTIN[18].name)} # But a requested lang returns a flat string lang_request = APIRequestFactory().get('/?lang=fr') result = LicenseSerializer( context={'request': lang_request}).to_representation(license) assert result['name'] == unicode(LICENSES_BY_BUILTIN[18].name)
def test_log_ip_remote(self): request = APIRequestFactory().get('/logging') request.META['REMOTE_ADDR'] = '127.0.0.9' MockLoggingView.as_view()(request).render() log = APIRequestLog.objects.first() self.assertEqual(log.remote_addr, '127.0.0.9')
def test_log_ip_xforwarded(self): request = APIRequestFactory().get('/logging') request.META['HTTP_X_FORWARDED_FOR'] = '127.0.0.8' MockLoggingView.as_view()(request).render() log = APIRequestLog.objects.first() self.assertEqual(log.remote_addr, '127.0.0.8')
class ChoiceDetail(APITestCase): def setUp(self): self.factory = APIRequestFactory() self.client = APIClient() self.user = setup_user() self.view = views.PollList.as_view() self.uri = '/choices/pk/' def test_unauthenticated_uri(self): """ If not authorized access not allowed """ request = self.factory.get(self.uri) response = self.view(request, pk='2') self.assertEqual(response.status_code, 401, 'Expected Response Code 401, received {0} instead.' .format(response.status_code)) def test_authenticated_uri(self): """ GET """ request = self.factory.get(self.uri) force_authenticate(request, self.user) response = self.view(request, pk='2') self.assertEqual(response.status_code, 200, 'Expected Response Code 200, received {0} instead.' .format(response.status_code))
def setUp(self): self.view = ViewSet.as_view({'get': 'retrieve'}) self.anonymous_user = AnonymousUserFactory() self.user = UserFactory.create() self.group = GroupFactory.create(name=self.user.username) self.leadership = LeadershipFactory.create( user=self.user, group=self.group ) self.staff_user = UserFactory.create(is_staff=True) self.provider = ProviderFactory.create() self.identity = IdentityFactory.create( provider=self.provider, created_by=self.user) self.quota = QuotaFactory.create() self.allocation = AllocationFactory.create() IdentityMembershipFactory.create( member=self.group, identity=self.identity, quota=self.quota ) factory = APIRequestFactory() url = reverse('api:v2:identity-detail', args=(self.identity.id,)) self.request = factory.get(url) force_authenticate(self.request, user=self.user) self.response = self.view(self.request, pk=self.identity.id)
def test_VersatileImageFieldSerializer_output(self): """Ensure VersatileImageFieldSerializer serializes correctly""" factory = APIRequestFactory() request = factory.get('/admin/') serializer = VersatileImageTestModelSerializer( self.jpg, context={'request': request} ) self.assertEqual( serializer.data.get('optional_image'), { 'test_crop': ( 'http://testserver/media/__sized__/__placeholder__/placeholder-crop' '-c0-5__0-5-100x100.png' ), 'test_invert_crop': ( 'http://testserver/media/__sized__/__placeholder__/__filtered__/placeholder__invert__' '-crop-c0-5__0-5-100x100.png' ), 'test_invert_thumb': ( 'http://testserver/media/__sized__/__placeholder__/__filtered__/placeholder__invert__' '-thumbnail-100x100.png' ), 'test_invert': ( 'http://testserver/media/__placeholder__/__filtered__/placeholder' '__invert__.png' ), 'test_thumb': ( 'http://testserver/media/__sized__/__placeholder__/placeholder-thumbnail' '-100x100.png' ) } )
def test_post_first_turn(self): """ Post output of game return back to django. Authenticated user on their turn only. Same url as get: /play/<session_id>/ag """ test_session = GameSession.objects.get(id=1) test_session.set_turn_data(test_json_data_global, "V") factory = APIRequestFactory() user = User.objects.get(username='******') view = GameREST.as_view() url = 'play/' + str(test_session.id) + '/ag/' request = factory.post(url, {'virus_player': '{"test": 1}', 'health_player': '{"test2": 2}', 'starting_from': 'india', 'testing': True, 'choice_outcome': '{"test3": 3}', 'virus_tech': '{"dog": 1}', 'health_tech': '{"cat": 2}', 'change': '{"frog": "monkey"}' }, format='json') force_authenticate(request, user=user) response = view(request, test_session.id) # for the tests, reload the session from the DB test_session = GameSession.objects.get(id=1) self.assertNotEqual(response.data, test_json_data_global) self.assertEqual(response.data, 'complete') self.assertEqual(test_session.turn_data, '{"dog": "india"}') self.assertEqual(test_session.next_to_play, 'H')
def test_authenticated_or_scoped_permission_allow(self): self.access_token.scope = 'scope1' self.access_token.save() # correct token and correct scope auth = self._create_authorization_header(self.access_token.token) response = self.client.get("/oauth2-authenticated-or-scoped-test/", HTTP_AUTHORIZATION=auth) self.assertEqual(response.status_code, 200) auth = self._create_authorization_header("fake-token") # incorrect token but authenticated factory = APIRequestFactory() request = factory.get("/oauth2-authenticated-or-scoped-test/") request.auth = auth force_authenticate(request, self.test_user) response = AuthenticatedOrScopedView.as_view()(request) self.assertEqual(response.status_code, 200) # correct token but not authenticated request = factory.get("/oauth2-authenticated-or-scoped-test/") request.auth = auth self.access_token.scope = 'scope1' self.access_token.save() force_authenticate(request, token=self.access_token) response = AuthenticatedOrScopedView.as_view()(request) self.assertEqual(response.status_code, 200)
def test_get_game_data_player(self): """ Should return game session data for authenticated user upon GET request to /play/<session_id>/ag Should only return when its that users turn to play. """ test_session = GameSession.objects.get(id=1) test_session.set_turn_data(test_json_data_global, "V") factory = APIRequestFactory() user = User.objects.get(username='******') view = GameREST.as_view() url = 'play/' + str(test_session.id) + '/ag/' request = factory.get(url) force_authenticate(request, user=user) response = view(request, test_session.id) self.assertEqual(response.data['turn_data'], test_json_data_global) # This test is not the user that should play next user2 = User.objects.get(username='******') request2 = factory.get(url) force_authenticate(request2, user=user2) response2 = view(request2, test_session.id) self.assertEqual(response2.data['detail'], 'You do not have permission to perform this action.')
def test_any_post_view(self): factory = APIRequestFactory() request = factory.get('/posts/3/', format='json') force_authenticate(request, user=User.objects.get_by_natural_key('admin')) view = AnyPostDetail.as_view() response = view(request, pk=3) self.assertEqual(response.data['contents'], 'Cool post!')
def test_trailing_slash(self): factory = APIRequestFactory() urlpatterns = format_suffix_patterns([ url(r'^test/$', dummy_view), ]) resolver = RegexURLResolver(r'^/', urlpatterns) test_paths = [ (URLTestPath('/test.api', (), {'format': 'api'}), True), (URLTestPath('/test/.api', (), {'format': 'api'}), False), (URLTestPath('/test.api/', (), {'format': 'api'}), True), ] for test_path, expected_resolved in test_paths: request = factory.get(test_path.path) try: callback, callback_args, callback_kwargs = resolver.resolve(request.path_info) except Resolver404: callback, callback_args, callback_kwargs = (None, None, None) if not expected_resolved: assert callback is None continue assert callback_args == test_path.args assert callback_kwargs == test_path.kwargs
def test(self): admin = UserF.create() project = ProjectF(add_admins=[admin]) observation = ObservationFactory.create(**{ 'project': project }) comment = CommentFactory.create() factory = APIRequestFactory() request = factory.post( '/api/projects/%s/observations/%s/comments/' % (project.id, observation.id), { 'text': 'Response to a comment', 'respondsto': comment.id } ) force_authenticate(request, user=admin) view = AllContributionsCommentsAPIView.as_view() response = view( request, project_id=project.id, observation_id=observation.id ).render() self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual( json.loads(response.content).get('error'), 'The comment you try to respond to is not a comment to the ' 'observation.' )
def test_api_is_correct(self): factory = APIRequestFactory() request = factory.get('/topics/1/', format='json') force_authenticate(request, user=User.objects.get_by_natural_key('admin')) view = TopicDetail.as_view() response = view(request, pk=1) self.assertEqual(response.data['reply_count'], 2)
def setUp(self): self.tag = TagFactory.create() self.view = TagViewSet.as_view({'get': 'retrieve'}) self.anonymous_user = AnonymousUserFactory() factory = APIRequestFactory() url = reverse('api:v2:tag-detail', args=(self.tag.id,)) self.request = factory.get(url)
class BlogTests(APITestCase): """ Tests for Blog. """ factory = APIRequestFactory() def register(self, credentials): """ Registers a user given the credentials for test purposes. """ view = RegisterAPI.as_view() url = '/api/auth/register' request = self.factory.post(url, credentials) response = view(request) assert status.HTTP_200_OK == response.status_code return response def create_blog_request(self, create_blog_content): """ Creates a Blog Post. """ credentials = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } self.register(credentials) url = '/api/blog' request = self.factory.post(url, create_blog_content) return request def _create_blog(self): create_blog_content = { 'title': 'Test', 'description': 'This is a Test Blog.' } request = self.create_blog_request(create_blog_content) user = User.objects.get(username='******') view = BlogAPI.as_view({ 'post': 'create' }) force_authenticate(request, user=user) response = view(request) assert status.HTTP_201_CREATED == response.status_code return response def test_get_blog_list_authorized(self): """ Tests to get a list of Blog Post, authorized. """ credentials = { 'username': '******', 'email': '*****@*****.**', 'password': '******' } self.register(credentials) view = BlogAPI.as_view({ 'get': 'list' }) url = '/api/blog' user = User.objects.get(username='******') request = self.factory.get(url) force_authenticate(request, user=user) response = view(request) assert status.HTTP_200_OK == response.status_code def test_create_blog(self): """ Tests to create a Blog Post Successfully. """ response = self._create_blog() assert status.HTTP_201_CREATED == response.status_code assert 1 == Blog.objects.count() assert 'Test' == Blog.objects.get().title def test_create_blog_failed(self): """ Tests to create a Blog Post Unsuccessfully. """ create_blog_content = { 'title': 'This is a Test Blog.' } view = BlogAPI.as_view({ 'post': 'create' }) request = self.create_blog_request(create_blog_content) user = User.objects.get(username='******') force_authenticate(request, user=user) response = view(request) assert status.HTTP_400_BAD_REQUEST == response.status_code def test_delete_blog(self): """ Tests to delete a Blog Post. """ self._create_blog() user = User.objects.get(username='******') blog = Blog.objects.get() view = BlogAPI.as_view({ 'delete': 'destroy' }) url = '/api/blog' request = self.factory.delete(url) force_authenticate(request, user=user) response = view(request, slug=blog.slug) assert status.HTTP_204_NO_CONTENT == response.status_code def test_update_blog(self): """ Tests to update a Blog Post Successfully. """ self._create_blog() user = User.objects.get(username='******') blog = Blog.objects.get() update_blog_content = { 'title': 'Test101', 'description': 'This is a Test Blog. Amirite! :D' } url = '/api/blog/' request = self.factory.put(url, update_blog_content) view = BlogAPI.as_view({ 'put': 'update' }) force_authenticate(request, user=user) response = view(request, slug=blog.slug) assert status.HTTP_200_OK == response.status_code assert 1 == Blog.objects.count() assert update_blog_content['title'] == Blog.objects.get().title def test_search_blog_list(self): """ Tests to search Blog Posts Successfully. """ self._create_blog() keyword = 'Test' url = '/api/blog/?keyword=%s' % keyword request = self.factory.get(url) view = BlogAPI.as_view({ 'get': 'list' }) response = view(request) assert status.HTTP_200_OK == response.status_code assert 1 == response.data['count'] assert keyword == response.data['results'][0]['title'] def test_get_blog_list(self): """ Tests to get Blog Posts Successfully. """ url = '/api/blog/' request = self.factory.get(url) view = BlogAPI.as_view({ 'get': 'list' }) response = view(request) assert status.HTTP_200_OK == response.status_code assert 0 == response.data['count'] def test_blog_upvote(self): """ Tests Upvote functionality. """ self._create_blog() user = User.objects.get(username='******') blog = Blog.objects.get() url = '/api/blog/' request = self.factory.get(url) force_authenticate(request, user=user) view = BlogAPI.as_view({ 'get': 'upvote' }) response = view(request, slug=blog.slug) assert status.HTTP_200_OK == response.status_code assert 'You have successfully up voted this blog post.' == response.data response = view(request, slug=blog.slug) assert status.HTTP_200_OK == response.status_code assert 'You have already up voted this blog post.' == response.data def test_blog_downvote(self): """ Tests Downvote functionality. """ self._create_blog() user = User.objects.get(username='******') blog = Blog.objects.get() url = '/api/blog/' request = self.factory.get(url) force_authenticate(request, user=user) view = BlogAPI.as_view({ 'get': 'downvote' }) response = view(request, slug=blog.slug) assert status.HTTP_200_OK == response.status_code assert 'You have successfully down voted this blog post.' == response.data response = view(request, slug=blog.slug) assert status.HTTP_200_OK == response.status_code assert 'You have already down voted this blog post.' == response.data def test_post_a_comment(self): """ Tests a comment is successfully posted. """ response = self._create_blog() user = User.objects.get(username='******') blog = response.data['url'] comment_content = { 'blog': blog, 'description': 'This is a Test Comment.' } url = '/api/comment/' request = self.factory.post(url, comment_content) force_authenticate(request, user=user) view = CommentAPI.as_view({ 'post': 'create' }) response = view(request) assert status.HTTP_201_CREATED == response.status_code assert comment_content['description'] == response.data['description'] assert response.data['parent'] is None reply_content = { 'blog': blog, 'description': 'This is a Test Reply.', 'parent': response.data['id'] } request = self.factory.post(url, reply_content) force_authenticate(request, user=user) response = view(request) assert status.HTTP_201_CREATED == response.status_code assert reply_content['description'] == response.data['description'] assert reply_content['parent'] == response.data['parent']
def get_context(self, url): factory = APIRequestFactory() request = factory.get(url) return {'request': Request(request)}
from rest_framework import ( HTTP_HEADER_ENCODING, exceptions, permissions, renderers, status ) from rest_framework.authentication import ( BaseAuthentication, BasicAuthentication, RemoteUserAuthentication, SessionAuthentication, TokenAuthentication ) from rest_framework.authtoken.models import Token from rest_framework.authtoken.views import obtain_auth_token from rest_framework.response import Response from rest_framework.test import APIClient, APIRequestFactory from rest_framework.views import APIView from .models import CustomToken factory = APIRequestFactory() class CustomTokenAuthentication(TokenAuthentication): model = CustomToken class CustomKeywordTokenAuthentication(TokenAuthentication): keyword = 'Bearer' class MockView(APIView): permission_classes = (permissions.IsAuthenticated,) def get(self, request): return HttpResponse({'a': 1, 'b': 2, 'c': 3})
def setUp(self): self.request = APIRequestFactory().get('/') self.view = Mock(spec=['get_addon_object', 'should_include_flags']) self.view.get_addon_object.return_value = None self.view.should_include_flags.return_value = False self.user = user_factory()
class DSOApi50Tests(APITestCase): """ Test the error handling responses (API-50). """ maxDiff = None factory = APIRequestFactory() def assertErrorResponse(self, view, expected_data: dict): _view = view.as_view() # method doesn't matter since we're using `dispatch` request = self.factory.get("/some/irrelevant/url") response = _view(request) expected_status = expected_data["status"] self.assertEqual(response.status_code, expected_status) self.assertEqual(response["Content-Type"], "application/problem+json") # can't verify UUID... self.assertTrue(response.data["instance"].startswith("urn:uuid:")) del response.data["instance"] exc_class = view.exception.__class__.__name__ expected_data["type"] = f"http://testserver/ref/fouten/{exc_class}/" self.assertEqual(response.data, expected_data) def test_400_error(self): self.assertErrorResponse( views.ValidationErrorView, { "code": "invalid", "title": "Invalid input.", "status": 400, "detail": "", "invalid_params": [{ "name": "foo", "code": "validation-error", "reason": "Invalid data.", }], }, ) def test_401_error(self): self.assertErrorResponse( views.NotAuthenticatedView, { "code": "not_authenticated", "title": "Authenticatiegegevens zijn niet opgegeven.", "status": 401, "detail": "Authenticatiegegevens zijn niet opgegeven.", }, ) def test_403_error(self): self.assertErrorResponse( views.PermissionDeniedView, { "code": "permission_denied", "title": "Je hebt geen toestemming om deze actie uit te voeren.", "status": 403, "detail": "This action is not allowed", }, ) def test_404_error(self): self.assertErrorResponse( views.NotFoundView, { "code": "not_found", "title": "Niet gevonden.", "status": 404, "detail": "Some detail message", }, ) def test_405_error(self): self.assertErrorResponse( views.MethodNotAllowedView, { "code": "method_not_allowed", "title": 'Methode "{method}" niet toegestaan.', "status": 405, "detail": 'Methode "GET" niet toegestaan.', }, ) def test_406_error(self): self.assertErrorResponse( views.NotAcceptableView, { "code": "not_acceptable", "title": "Kan niet voldoen aan de opgegeven Accept header.", "status": 406, "detail": "Content negotation failed", }, ) def test_409_error(self): self.assertErrorResponse( views.ConflictView, { "code": "conflict", "title": "Er is een conflict", "status": 409, "detail": "The resource was updated, please retrieve it again", }, ) def test_410_error(self): self.assertErrorResponse( views.GoneView, { "code": "gone", "title": _("The resource is gone"), "status": 410, "detail": "The resource was destroyed", }, ) def test_412_error(self): self.assertErrorResponse( views.PreconditionFailed, { "code": "precondition_failed", "title": _("Precondition failed"), "status": 412, "detail": "Something about CRS", }, ) def test_415_error(self): self.assertErrorResponse( views.UnsupportedMediaTypeView, { "code": "unsupported_media_type", "title": 'Ongeldige media type "{media_type}" in aanvraag.', "status": 415, "detail": "This media type is not supported", }, ) def test_429_error(self): self.assertErrorResponse( views.ThrottledView, { "code": "throttled", "title": "Aanvraag was verstikt.", "status": 429, "detail": "Too many requests", }, ) def test_500_error(self): self.assertErrorResponse( views.InternalServerErrorView, { "code": "error", "title": "Er is een serverfout opgetreden.", "status": 500, "detail": "Everything broke", }, )
def setUp(self): self.factory = APIRequestFactory()
class ContactSerializerTest(TestCase): def setUp(self): self.factory = APIRequestFactory() def test_contains_expected_fields(self): contact = mfactories.Contact() request = self.factory.get('/') serializer_context = { 'request': Request(request), } serializer = ContactSerializer(instance=contact, context=serializer_context) data = serializer.data keys = [ 'uuid', 'id', 'first_name', 'last_name', 'middle_name', 'addresses', 'siteprofile_uuids', 'workflowlevel2_uuids', 'title', 'title_display', 'suffix', 'url', 'phones', 'company', 'contact_type', 'organization_uuid', 'customer_type', 'notes', 'workflowlevel1_uuids', 'emails', 'customer_id', ] self.assertEqual(set(data.keys()), set(keys)) def test_title_display_field(self): contact = mfactories.Contact(title='mr') request = self.factory.get('/') serializer_context = {'request': Request(request)} serializer = ContactSerializer(instance=contact, context=serializer_context) self.assertEqual(serializer['title_display'].value, "Mr.") def test_unique_customer_id_validate(self): organization_uuid = uuid.uuid4() mfactories.Contact(organization_uuid=organization_uuid, customer_id="abc") data = { 'organization_uuid': organization_uuid, 'customer_id': "abcd", 'workflowlevel1_uuids': [ str(uuid.uuid4()), ] } request = self.factory.get('/') request.user = mfactories.User() request.session = { 'jwt_organization_uuid': organization_uuid, } serializer_context = {'request': Request(request)} serializer = ContactSerializer(data=data, context=serializer_context) self.assertTrue(serializer.is_valid(raise_exception=True)) data['customer_id'] = "abc" serializer = ContactSerializer(data=data, context=serializer_context) self.assertFalse(serializer.is_valid()) with self.assertRaisesMessage( ValidationError, expected_message='customer_id is not unique in organization'): serializer.is_valid(raise_exception=True)
def setUp(self): self.factory = APIRequestFactory() self.user = User.objects.create_superuser(username='******') Activity.objects.create(name="swimming", calories_burned=600) Activity.objects.create(name="cycling", calories_burned=600)
def setUp(self): self.factory = APIRequestFactory() self.view = self.view_class.as_view()
class ActivityViewSetTest(APITestCase): def setUp(self): self.factory = APIRequestFactory() self.user = User.objects.create_superuser(username='******') Activity.objects.create(name="swimming", calories_burned=600) Activity.objects.create(name="cycling", calories_burned=600) def test_get_all_activities(self): request = self.factory.get('/api/v1/activities') force_authenticate(request, user=self.user) response = ActivityViewSet.as_view({'get': 'list'})(request) activities = Activity.objects.all() serializer = ActivitySerializer(activities, many=True) self.assertEqual(response.data, serializer.data) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_get_single_activity(self): swimming = Activity.objects.first() pk = swimming.pk request = self.factory.get('/api/v1/activities/{}'.format(pk), format='json') force_authenticate(request, user=self.user) view = ActivityViewSet.as_view(actions={'get': 'retrieve'}, detail=True) response = view(request, pk=pk) serializer = ActivitySerializer(swimming) response.render() self.assertEqual(json.loads(response.content), serializer.data) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_not_exisitng_activity(self): pks = [obj.pk for obj in Activity.objects.all()] not_existing = max(pks) + 1 request = self.factory.get( '/api/v1/activities/{}'.format(not_existing)) force_authenticate(request, user=self.user) view = ActivityViewSet.as_view(actions={'get': 'retrieve'}, detail=True) response = view(request, pk=not_existing) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) def test_post_activity(self): data = json.dumps({"name": "running", "calories_burned": 550}) client = APIClient() client.force_authenticate(user=self.user) response = client.post('/api/v1/activities/', data=data, content_type='application/json') self.assertEqual(response.status_code, status.HTTP_201_CREATED) apple = Activity.objects.filter(name="running").first() self.assertEqual(response.data.get('name'), apple.name) def test_wrong_post_activity(self): data = json.dumps({"name": "running"}) client = APIClient() client.force_authenticate(user=self.user) response = client.post('/api/v1/activities/', data=data, content_type='application/json') self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_put_activity(self): swimming = Activity.objects.first() pk = swimming.pk data = json.dumps({"name": "swimming", "calories_burned": 700}) client = APIClient() client.force_authenticate(user=self.user) response = client.put('/api/v1/activities/{}/'.format(pk), data=data, content_type='application/json') self.assertEqual(response.status_code, status.HTTP_200_OK) swimming = Activity.objects.filter(name="swimming").first() self.assertEqual(swimming.calories_burned, 700) def test_wrong_put_activity(self): swimming = Activity.objects.first() pk = swimming.pk data = json.dumps({"name": "Banana"}) client = APIClient() client.force_authenticate(user=self.user) response = client.put('/api/v1/activities/{}/'.format(pk), data=data, content_type='application/json') self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_delete_activity(self): swimming = Activity.objects.first() pk = swimming.pk client = APIClient() client.force_authenticate(user=self.user) response = client.delete('/api/v1/activities/{}/'.format(pk)) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertRaises(Activity.DoesNotExist, Activity.objects.get, pk=pk) def test_wrong_delete_activity(self): pks = [obj.pk for obj in Activity.objects.all()] not_existing = max(pks) + 1 client = APIClient() client.force_authenticate(user=self.user) response = client.delete('/api/v1/activities/{}/'.format(not_existing)) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
import json from django.test import TestCase from django.urls import reverse from rest_framework.test import APIClient, APIRequestFactory from rest_framework.request import Request from rest_framework.status import HTTP_200_OK, HTTP_404_NOT_FOUND, HTTP_405_METHOD_NOT_ALLOWED from data_sources.models import Posse, Gateway, GatewayStatus, GatewayTag from data_sources.serializers import ( PosseSerializer, GatewaySerializer, GatewayTagSerializer, GatewayStatusSerializer ) factory = APIRequestFactory() request = factory.get('/') serializer_context = { 'request': Request(request), } class GatewayTest(TestCase): def setUp(self): self.client = APIClient() self.posse_list = [ Posse.objects.create(label="Test Posse"), Posse.objects.create(label="Dummy Posse") ] self.gateway_list = ( Gateway.objects.create( label="Test Gateway", posse=self.posse_list[0],
class ProductViewTest(APITestCase): def setUp(self): self.user = User.objects.create_user(username='******', email='*****@*****.**', password='******', first_name='Gabriel', last_name='Renó', is_staff=True) self.factory = APIRequestFactory() self.view = ProductView.as_view() self.category = Category.objects.create(name='Prato') self.product = Product.objects.create(name='Product 1', description='Description 1', category=self.category) self.price = Price.objects.create(price=2.42, currency='BRL', product=self.product) def test_product_create(self): url = reverse('product') product_json = { "name": "Product Test", "description": "Product Description", "price": 2.42, "unit": "1 Porcao", "category": self.category.id } request = self.factory.post(url, product_json, format='json') force_authenticate(request, user=self.user) response = self.view(request) self.assertEquals(response.status_code, 201) def test_product_get(self): url = reverse('product-details', kwargs={'pk': self.product.id}) request = self.factory.get(url) force_authenticate(request, user=self.user) response = self.view(request, pk=self.product.id) expect_response = { 'id': self.product.id, 'name': self.product.name, 'description': self.product.description, 'highlighted': False, 'created_at': self.product.created_at.strftime('%Y-%m-%dT%H:%M:%S.%fZ'), 'price': self.product.price, 'currency': self.product.currency, 'unit': self.product.unit, 'category': self.category.id, 'photo': None } self.assertEquals(response.status_code, 200) self.assertEquals(response.data, expect_response) def test_product_patch(self): url = reverse('product-details', kwargs={'pk': self.product.id}) update_json = { 'name': 'Update Name', 'description': 'Update Description', } request = self.factory.patch(url, data=update_json, format='json') force_authenticate(request, user=self.user) response = self.view(request, pk=self.product.id) self.assertEquals(response.status_code, 204) request = self.factory.get(url) force_authenticate(request, user=self.user) response = self.view(request, pk=self.product.id) expect_response = { 'id': self.product.id, 'name': 'Update Name', 'description': 'Update Description', 'highlighted': False, 'created_at': self.product.created_at.strftime('%Y-%m-%dT%H:%M:%S.%fZ'), 'price': 2.42, 'currency': 'BRL', 'unit': '', 'category': 1, 'photo': None } self.assertEquals(response.data, expect_response) def test_product_delete(self): url = reverse('product-details', kwargs={'pk': self.product.id}) request = self.factory.delete(url) force_authenticate(request, user=self.user) response = self.view(request, pk=self.product.id) self.assertEquals(response.status_code, 204)
def test_no_unauth_access_to_sources(self): factory = APIRequestFactory() request = factory.get('/sources/') view = SourceViewSet.as_view({'get': 'list'}) response = view(request) self.assertEqual(response.status_code, 401)
def request_factory(): return APIRequestFactory()
def setUp(self): self.factory = APIRequestFactory() self.url = reverse("latestunitversionview-list") self.view = LatestUnitVersionViewSet() self.queryset_mock = MagicMock()
import json from rest_framework.test import APIRequestFactory # Using the standard RequestFactory API to create a form POST request factory = APIRequestFactory() request = factory.post('/api/posts/creating/', json.dumps({ 'author': 2, 'text': 'test post test' }), content_type='application/json')
# pylint: disable=missing-docstring from __future__ import absolute_import, division, print_function, unicode_literals import itertools import six from rest_framework.test import APIRequestFactory, force_authenticate from resolwe.flow.models import Data, Entity, Process from resolwe.flow.views import EntityViewSet from resolwe.test import TestCase factory = APIRequestFactory() # pylint: disable=invalid-name class ProjectionTest(TestCase): def setUp(self): super(ProjectionTest, self).setUp() self.entity = Entity.objects.create(name="Test entity", contributor=self.contributor) process = Process.objects.create( name="Test process", contributor=self.contributor, output_schema=[ {'name': 'foo', 'label': 'Foo', 'group': [ {'name': 'bar', 'label': 'Bar', 'type': 'basic:integer:'}, {'name': 'hello', 'label': 'Hello', 'type': 'basic:string:'}, ]}, {'name': 'another', 'label': 'Another', 'type': 'basic:integer:'}, ]
def setUp(self): self.factory = APIRequestFactory() self.view = MovieView.as_view({'get': 'list'}) self.uri = '/api/movies/'
class TemperatureReadingViewsetTests(APITestCase): """Tests for TemperatureReading Viewset. Methods: setUp: Create test data tearDown: Clear test database test_unauthenticated_user_permissions: Unauthenticated users should not be able to view, create, edit, or delete temperature readings test_authenticated_get: Users should be able to see their own temperature readings Staff should be able to see all temperature readings test_authenticated_post: Viewset should not allow post requests """ def setUp(self): """ Create test objects """ self.user = get_user_model().objects.create_user(username='******', password='******', email='*****@*****.**') self.thermometer = Thermometer.objects.create( display_name='test thermometer') self.thermometer.register(self.user) with transaction.atomic(): self.thermometer.save() for i in range(10): temp = TemperatureReading(degrees_c=i, thermometer=self.thermometer) with transaction.atomic(): temp.save() self.factory = APIRequestFactory() self.listview = TemperatureReadingViewset.as_view({ 'get': 'list', }) self.detailview = TemperatureReadingViewset.as_view({ 'get': 'retrieve', }) def tearDown(self): """ Clear test database """ for user in get_user_model().objects.all(): with transaction.atomic(): user.delete() self.assertEqual(len(TemperatureReading.objects.all()), 0) self.assertEqual(len(Thermometer.objects.all()), 0) def test_unauthenticated_user_permissions(self): """ Unauthenticated users should not be able to view, create, edit, or delete temperature readings """ self.client.logout() # list view url = reverse('temperaturereading-list') request = self.factory.get(url) response = self.listview(request) self.assertEquals(response.status_code, 403) request = self.factory.post(url, {'degrees_c': 23}) response = self.listview(request) self.assertEquals(response.status_code, 403) # detail view for temp in self.thermometer.temperatures.all(): url = reverse('temperaturereading-detail', args=[temp.pk]) request = self.factory.get(url) response = self.detailview(request, pk=temp.pk) self.assertEquals(response.status_code, 403) data = {'degrees_c': 12} request = self.factory.put(url, data=data, partial=True) response = self.detailview(request) self.assertEqual(response.status_code, 403) request = self.factory.delete(url) response = self.detailview(request) self.assertEqual(response.status_code, 403) def test_authenticated_get(self): """ Users should be able to see their own temperature readings Staff should be able to see all temperature readings """ # owner should see all temps created url = reverse('temperaturereading-list') request = self.factory.get(url) force_authenticate(request, user=self.user) response = self.listview(request) self.assertEquals(response.status_code, 200) self.assertEquals(len(response.data), len(TemperatureReading.objects.all())) # new user should see no temps user = get_user_model().objects.create_user(username='******', password='******', email='*****@*****.**') request = self.factory.get(url) force_authenticate(request, user=user) response = self.listview(request) self.assertEquals(response.status_code, 200) self.assertEquals(len(response.data), 0) # giving new user a thermometer with a temp should get 1 temp on get therm = Thermometer() therm.register(user) temp = TemperatureReading(thermometer=therm, degrees_c=1) with transaction.atomic(): temp.save() request = self.factory.get(url) force_authenticate(request, user=user) response = self.listview(request) self.assertEquals(response.status_code, 200) self.assertEquals(len(response.data), 1) superuser = get_user_model().objects.create_superuser( username='******', password='******', email='*****@*****.**') request = self.factory.get(url) force_authenticate(request, user=superuser) response = self.listview(request) self.assertEquals(response.status_code, 200) self.assertEquals(len(response.data), 11) def test_authenticated_post(self): """ post to temperature reading viewset should not create new readings. """ url = reverse('temperaturereading-list') data = { 'degrees_c': 1, } request = self.factory.post(url, data=data, format='json') force_authenticate(request, user=self.user) response = self.listview(request) self.assertEquals(response.status_code, 405) self.assertEquals(str(response.data['detail']), 'Method "POST" not allowed.') def test_authenticated_put(self): """ Put reqeusts should not be allowed """ temp = TemperatureReading(degrees_c=1, thermometer=self.thermometer) with transaction.atomic(): temp.save() url = reverse('temperaturereading-detail', args=[temp.pk]) data = {'degrees_c': 2} request = self.factory.put(url, data=data, format='json') force_authenticate(request, user=self.user) response = self.detailview(request) self.assertEquals(response.status_code, 405) self.assertEquals(str(response.data['detail']), 'Method "PUT" not allowed.') def test_authenticated_delete(self): """ Delete requests should not be allowed """ temp = TemperatureReading(degrees_c=1, thermometer=self.thermometer) with transaction.atomic(): temp.save() url = reverse('temperaturereading-detail', args=[temp.pk]) request = self.factory.delete(url, args=[temp.pk]) force_authenticate(request, self.user) response = self.detailview(request, pk=temp.pk) self.assertEquals(response.status_code, 405) self.assertEquals(str(response.data['detail']), 'Method "DELETE" not allowed.')
class LatestUnitVersionCleanTests(unittest.TestCase): """ Tests success cases for units.views.LatestUnitVersionViewSet. """ def setUp(self): self.factory = APIRequestFactory() self.url = reverse("latestunitversionview-list") self.view = LatestUnitVersionViewSet() self.queryset_mock = MagicMock() def test_no_query(self): """ Test queryset when no query params provided. """ # Given request = self.factory.get(self.url, {}) self.view.request = request self.view.queryset = self.queryset_mock expected_result = MagicMock() self.queryset_mock.filter.return_value = self.queryset_mock self.queryset_mock.exclude.return_value = expected_result # When result = LatestUnitVersionViewSet.get_queryset(self.view) # Then self.assertEqual(result, expected_result) self.queryset_mock.assert_has_calls([ call.filter(), call.exclude(), ]) def test_includes(self): """ Test queryset when only includes are provided. """ # Given request = self.factory.get(self.url, {"q": "gold=5"}) self.view.request = request self.view.queryset = self.queryset_mock expected_result = MagicMock() self.queryset_mock.filter.return_value = self.queryset_mock self.queryset_mock.exclude.return_value = expected_result # When result = LatestUnitVersionViewSet.get_queryset(self.view) # Then self.assertEqual(result, expected_result) self.queryset_mock.assert_has_calls([ call.filter(gold=5), call.exclude(), ]) def test_excludes(self): """ Test queryset when only excludes are provided. """ # Given request = self.factory.get(self.url, {"q": "gold!=5"}) self.view.request = request self.view.queryset = self.queryset_mock expected_result = MagicMock() self.queryset_mock.filter.return_value = self.queryset_mock self.queryset_mock.exclude.return_value = expected_result # When result = LatestUnitVersionViewSet.get_queryset(self.view) # Then self.assertEqual(result, expected_result) self.queryset_mock.assert_has_calls([ call.filter(), call.exclude(gold=5), ]) def test_both(self): """ Test queryset when both includes and excludes are provided. """ # Given request = self.factory.get(self.url, {"q": "gold=5,gold!=5"}) self.view.request = request self.view.queryset = self.queryset_mock expected_result = MagicMock() self.queryset_mock.filter.return_value = self.queryset_mock self.queryset_mock.exclude.return_value = expected_result # When result = LatestUnitVersionViewSet.get_queryset(self.view) # Then self.assertEqual(result, expected_result) self.queryset_mock.assert_has_calls([ call.filter(gold=5), call.exclude(gold=5), ]) def test_invalid_field(self): """ Test queryset when both includes and excludes are provided, and some of the fields are not valid. """ # Given request = self.factory.get( self.url, {"q": "gold=5,invalid=5,gold!=5,invalid<>5"}) self.view.request = request self.view.queryset = self.queryset_mock expected_result = MagicMock() self.queryset_mock.filter.return_value = self.queryset_mock self.queryset_mock.exclude.return_value = expected_result # When result = LatestUnitVersionViewSet.get_queryset(self.view) # Then self.assertEqual(result, expected_result) self.queryset_mock.assert_has_calls([ call.filter(gold=5), call.exclude(gold=5), ])
class APIPersonTests(AuthenticatedAPITestCase): """ Tests for Person resource endpoint """ def setUp(self): self.factory = APIRequestFactory() self.initial_data = {'first_name': 'Bobby', 'surname': 'Driller'} self.prov, _ = ProvinceStateCode.objects.get_or_create( province_state_code='BC', display_order=1) super().setUp() def test_create_person(self): url = reverse('person-list') data = {'first_name': 'Bobby', 'surname': 'Driller'} count_before = Person.objects.count() response = self.client.post(url, data, format='json') created_guid = response.data.get('person_guid') self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertEqual( data['first_name'], Person.objects.get(person_guid=created_guid).first_name) self.assertEqual(data['surname'], Person.objects.get(person_guid=created_guid).surname) self.assertEqual(Person.objects.count(), count_before + 1) def test_list_people(self): url = reverse('person-list') new_object = self.client.post(url, self.initial_data, format='json') created_guid = new_object.data['person_guid'] response = self.client.get(url, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(len(created_guid), 36) self.assertContains(response, created_guid) def test_retrieve_person(self): create_url = reverse('person-list') new_object = self.client.post(create_url, self.initial_data, format='json') created_guid = new_object.data['person_guid'] retrieve_url = reverse('person-detail', kwargs={'person_guid': created_guid}) response = self.client.get(retrieve_url, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data['first_name'], self.initial_data['first_name']) self.assertEqual(response.data['surname'], self.initial_data['surname']) def test_patch_person(self): new_data = {'surname': 'Wells'} create_url = reverse('person-list') new_object = self.client.post(create_url, self.initial_data, format='json') created_guid = new_object.data['person_guid'] object_url = reverse('person-detail', kwargs={'person_guid': created_guid}) # Apply a new city name with PATCH method self.client.patch(object_url, new_data, format='json') response = self.client.get(object_url, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data['first_name'], self.initial_data['first_name']) self.assertEqual(response.data['surname'], new_data['surname']) def test_update_person_by_put(self): initial_data = {'first_name': 'Bobby', 'surname': 'Driller'} new_data = {'first_name': 'Betty', 'surname': 'Wells'} create_url = reverse('person-list') new_object = self.client.post(create_url, self.initial_data, format='json') created_guid = new_object.data['person_guid'] object_url = reverse('person-detail', kwargs={'person_guid': created_guid}) # Apply a new name with PATCH method self.client.put(object_url, new_data, format='json') response = self.client.get(object_url, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data['first_name'], new_data['first_name']) self.assertEqual(response.data['surname'], new_data['surname']) def test_delete_person(self): # setup logger = logging.getLogger('django.request') previous_level = logger.getEffectiveLevel() logger.setLevel(logging.ERROR) initial_data = {'first_name': 'Bobby', 'surname': 'Driller'} create_url = reverse('person-list') new_object = self.client.post(create_url, self.initial_data, format='json') created_guid = new_object.data['person_guid'] retrieve_url = reverse('person-detail', kwargs={'person_guid': created_guid}) retrieve_response = self.client.get(retrieve_url, format='json') self.assertEqual(retrieve_response.status_code, status.HTTP_200_OK) self.assertEqual(retrieve_response.data['first_name'], self.initial_data['first_name']) self.assertEqual(retrieve_response.data['surname'], self.initial_data['surname']) delete_response = self.client.delete(retrieve_url, format='json') self.assertEqual(delete_response.status_code, status.HTTP_204_NO_CONTENT) get_after_delete_response = self.client.get(retrieve_url, format='json') self.assertEqual(get_after_delete_response.status_code, status.HTTP_404_NOT_FOUND) # teardown logger.setLevel(previous_level) def test_person_audit_fields(self): """ Test that AuditModel fields (create_user, create_date etc.) are updated when Person objects are created. """ view = PersonListView.as_view() post_url = reverse('person-list') request = self.factory.post(post_url, self.initial_data) request.user = self.user response = view(request) created_guid = response.data['person_guid'] person = Person.objects.get(person_guid=created_guid) self.assertEqual(person.create_user, self.user.username) def test_person_history(self): """ Test that a version history is created when Person objects are created. """ call_command('createinitialrevisions') view = PersonListView.as_view() post_url = reverse('person-list') request = self.factory.post(post_url, self.initial_data) request.user = self.user response = view(request) created_guid = response.data['person_guid'] person = Person.objects.get(person_guid=created_guid) self.assertEqual(person.history.count(), 1) def test_create_person_not_authenticated(self): """ Ensure that users who are not authenticated cannot create Person objects """ self.client.force_authenticate(user=None) url = reverse('person-list') data = {'first_name': 'Bobby', 'surname': 'Driller'} response = self.client.post(url, data, format='json') self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_create_person_wrong_role(self): user, created = User.objects.get_or_create(username='******') if created: Profile.objects.get_or_create(user=user) roles_to_groups(user, [ REGISTRIES_VIEWER_ROLE, ]) self.client.force_authenticate(user=user) url = reverse('person-list') data = {'first_name': 'Bobby', 'surname': 'Driller'} response = self.client.post(url, data, format='json') self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_unsafe_methods_by_unauthorized_users(self): """ Ensure that users who are not authenticated cannot perform "unsafe" actions like UPDATE, PUT, DELETE on an object that is already in database """ self.client.force_authenticate(user=None) person_object = Person.objects.create(first_name='Bobby', surname='Driller') object_url = reverse('person-detail', kwargs={'person_guid': person_object.person_guid}) update_response = self.client.patch(object_url, {'first_name': 'Billy'}, format='json') put_response = self.client.put(object_url, { 'person_guid': person_object.person_guid, 'first_name': 'Betty', 'surname': 'McDrillerson' }, format='json') delete_response = self.client.delete(object_url, format='json') self.assertEqual(update_response.status_code, status.HTTP_401_UNAUTHORIZED) self.assertEqual(put_response.status_code, status.HTTP_401_UNAUTHORIZED) self.assertEqual(delete_response.status_code, status.HTTP_401_UNAUTHORIZED)
class ThermometerViewsetTests(APITestCase): """Tests for Thermometer Viewset Methods: setUp: Create test data tearDown: Empty test database test_unauthenticated_requests: All unauthenticated requests should fail test_authenticated_get: Regular users should be able to see only their own thermometers. Staff should see all thermometers test_authenticated_post_valid: POST requests should create a new thermometer record registered to the authenticated user test_authenticated_post_invalid_data: POST requests with invalid data should return http code 400 bad request test_authenticated_put_valid_data: PUT requests should update all fields on an existing model test_authenticated_put_invalid_data: Invalid data in PUT requests should return 400 test_authenticated_path_valid_data: PATCH requests should update the correct fields test_authenticated_path_invalid_data: PATCH requests with invalid data should return 400 """ def setUp(self): """ create test data """ self.normal_user = get_user_model().objects.create_user( username='******', password='******', email='*****@*****.**') self.super_user = get_user_model().objects.create_superuser( username='******', password='******', email='*****@*****.**') self.therm = Thermometer(display_name='test thermometer') self.therm.register(self.normal_user) self.factory = APIRequestFactory() self.listview = ThermometerViewset.as_view({ 'get': 'list', 'post': 'create' }) self.detailview = ThermometerViewset.as_view({ 'get': 'retrieve', 'put': 'update', 'patch': 'partial_update', 'delete': 'destroy' }) def tearDown(self): """ empty test database """ with transaction.atomic(): for user in get_user_model().objects.all(): user.delete() self.assertEquals(len(get_user_model().objects.all()), 0) self.assertEquals(len(Thermometer.objects.all()), 0) self.assertEquals(len(TemperatureReading.objects.all()), 0) def test_unauthenticated_requests(self): """ This viewset should reject all unauthenticated requests """ self.client.logout() # ListView requests url = reverse('thermometer-list') request = self.factory.get(url) response = self.listview(request) self.assertEquals(response.status_code, 403) data = {'display_name': 'fred'} requet = self.factory.post(url, data) response = self.listview(request) self.assertEquals(response.status_code, 403) # DetailView requests url = reverse('thermometer-detail', args=[self.therm.pk]) request = self.factory.get(url) response = self.detailview(request, pk=self.therm.pk) self.assertEquals(response.status_code, 403) data = {'display_name': 'forky'} request = self.factory.patch(url, data=data, partial=True) response = self.detailview(request) self.assertEquals(response.status_code, 403) data['therm_id'] = 'sausage' request = self.factory.put(url, pk=self.therm.pk, data=data) response = self.detailview(request) self.assertEquals(response.status_code, 403) request = self.factory.delete(url, pk=self.therm.pk) response = self.detailview(request) self.assertEquals(response.status_code, 403) def test_authenticated_get(self): """ Regular users should be able to see their own thermometers Staff should be able to see all thermometers """ other_user = get_user_model().objects.create_user(username="******", password="******", email="*****@*****.**") normal_user_therms = [] for i in range(4): therm = Thermometer() therm.register(self.normal_user) normal_user_therms.append(therm) other_user_therms = [] for i in range(4): therm = Thermometer() therm.register(other_user) other_user_therms = [] normal_user_therms.append(self.therm) # Test list view url = reverse('thermometer-list') request = self.factory.get(url) force_authenticate(request, user=self.normal_user) response = self.listview(request) self.assertEquals(response.status_code, 200) self.assertEquals(len(response.data), 5) for therm_data in response.data: therm = Thermometer.objects.get(therm_id=therm_data['therm_id']) self.assertIn(therm, normal_user_therms) request = self.factory.get(url) force_authenticate(request, user=self.super_user) response = self.listview(request) self.assertEquals(response.status_code, 200) self.assertEquals(len(response.data), 9) # Test detail view url = reverse('thermometer-detail', args=[self.therm.pk]) request = self.factory.get(url) force_authenticate(request, self.normal_user) response = self.detailview(request, pk=self.therm.pk) self.assertEquals(response.status_code, 200) self.assertEquals(response.data['owner'][-2], str(self.normal_user.pk)) request = self.factory.get(url) force_authenticate(request, self.super_user) response = self.detailview(request, pk=self.therm.pk) self.assertEquals(response.status_code, 200) self.assertEquals(response.data['owner'][-2], str(self.normal_user.pk)) def test_authenticated_post_valid(self): """ POST requests should create a new thermometer registered to the current user """ def make_assertions_about_data(data, user): url = reverse('thermometer-list') request = self.factory.post(url, data=data, format='json') force_authenticate(request, user=user) response = self.listview(request) self.assertEquals(response.status_code, 201) self.assertEquals(int(response.data['owner'][-2]), user.pk) self.assertEquals(response.data['display_name'], data['display_name']) self.assertEquals(response.data['therm_id'], str(data['therm_id'])) data = {'display_name': 'new thermometer', 'therm_id': uuid.uuid4()} make_assertions_about_data(data, self.normal_user) data = {'display_name': 'newer thermometer', 'therm_id': uuid.uuid4()} make_assertions_about_data(data, self.super_user) def test_authenticated_post_invalid_data(self): """ POST requests with invalid data should return error code """ def make_assertions_with_data(data): url = reverse('thermometer-list') request = self.factory.post(url, data=data, format='json') force_authenticate(request, user=self.normal_user) response = self.listview(request) self.assertEquals(response.status_code, 400) data_sets = [{ 'temperatures': [{ 'degrees_c': 91 }] }, { 'display_name': 'thisnameiswaytoolongandwonteverbeacceptedbecausethelongestallowedis75characters' }, { 'display_name': 'valid', 'temperatures': [{ 'degrees_c': 40 }] }] for data in data_sets: make_assertions_with_data(data) def test_authenticated_put_valid_data(self): """ Authenticated put requests with valid data should overwrite existing records with new values """ def validate_put_request(data): url = reverse('thermometer-detail', args=[self.therm.pk]) request = self.factory.put(url, data=data, format='json') force_authenticate(request, self.normal_user) response = self.detailview(request, data=data, pk=self.therm.pk) self.therm = Thermometer.objects.get(pk=self.therm.pk) self.assertEquals(response.status_code, 200) if 'temperatures' in data.keys(): for temp in data['temperatures']: temp = TemperatureReading.objects.get( degrees_c=temp['degrees_c']) self.assertIsNotNone(temp) self.assertEquals(temp.thermometer.pk, self.therm.pk) del data['temperatures'] for key, value in data.items(): self.assertEquals(getattr(self.therm, key), value) self.assertIn(key, response.data) data_sets = [{ 'display_name': 'new display name', 'therm_id': uuid.uuid4() }, { 'display_name': 'newer display name', 'therm_id': uuid.uuid4() }, { 'display_name': 'newest display name', 'therm_id': uuid.uuid4() }, { 'temperatures': [ { 'degrees_c': 1 }, { 'degrees_c': 2 }, { 'degrees_c': 4 }, { 'degrees_c': 5 }, ] }] for data in data_sets: validate_put_request(data) def test_authenticated_put_invalid_data(self): """ PUT requests with invalid data should return 400 """ url = reverse('thermometer-detail', args=[self.therm.pk]) new_therm = Thermometer(therm_id='1') def put_invalid_data(data): request = self.factory.put(url, data=data, format='json') force_authenticate(request, user=self.normal_user) response = self.detailview(request, data=data, pk=self.therm.pk) self.assertEquals(response.status_code, 400) datasets = [{ 'therm_id': 'apweoriulsadk falk4;l43aklk jea;lkj34leskrjng lksjn435lka345asdn lksjd' }, { 'display_name': 'thisnameiswaytoolongandwonteverbeacceptedbecausethelongestallowedis75characters' }, { 'therm_id': '1' }, { 'temperatures': [{ 'degrees_c': 123456789012334567 }] }] for data in datasets: put_invalid_data(data) def test_authenticated_patch_valid_data(self): """ Authenticated patch requests with valid data should overwrite existing records with new values """ def validate_patch_request(data): url = reverse('thermometer-detail', args=[self.therm.pk]) request = self.factory.patch(url, data=data, format='json') force_authenticate(request, self.normal_user) response = self.detailview(request, data=data, pk=self.therm.pk) self.therm = Thermometer.objects.get(pk=self.therm.pk) self.assertEquals(response.status_code, 200) if 'temperatures' in data.keys(): for temp in data['temperatures']: temp = TemperatureReading.objects.get( degrees_c=temp['degrees_c']) self.assertIsNotNone(temp) self.assertEquals(temp.thermometer.pk, self.therm.pk) del data['temperatures'] for key, value in data.items(): self.assertEquals(getattr(self.therm, key), value) self.assertIn(key, response.data) data_sets = [{ 'display_name': 'new display name', }, { 'therm_id': uuid.uuid4() }, { 'display_name': 'newest display name', 'therm_id': uuid.uuid4() }, { 'temperatures': [ { 'degrees_c': 1 }, { 'degrees_c': 2 }, { 'degrees_c': 4 }, { 'degrees_c': 5 }, ] }] for data in data_sets: validate_patch_request(data) def test_authenticated_patch_invalid_data(self): """ PATCH requests with invalid data should return 400 """ url = reverse('thermometer-detail', args=[self.therm.pk]) new_therm = Thermometer(therm_id='1') def patch_invalid_data(data): request = self.factory.patch(url, data=data, format='json') force_authenticate(request, user=self.normal_user) response = self.detailview(request, data=data, pk=self.therm.pk) self.assertEquals(response.status_code, 400) datasets = [{ 'therm_id': 'apweoriulsadk falk4;l43aklk jea;lkj34leskrjng lksjn435lka345asdn lksjd' }, { 'display_name': 'thisnameiswaytoolongandwonteverbeacceptedbecausethelongestallowedis75characters' }, { 'therm_id': '1' }, { 'temperatures': [{ 'degrees_c': 123456789012334567 }] }] for data in datasets: patch_invalid_data(data) def test_delete(self): """ Normal users should be able to delete their thermometers. Superusers should be able to delete anyone's thermometers """ second_therm = Thermometer.objects.create() second_therm.register(self.normal_user) # normal user delete their own thermometer url = reverse('thermometer-detail', args=[second_therm.pk]) request = self.factory.delete(url) force_authenticate(request, self.normal_user) response = self.detailview(request, pk=second_therm.pk) self.assertEquals(response.status_code, 204) try: Thermometer.objects.get(pk=second_therm.pk) self.fail("Query should fail, as oject should no longer exist") except Thermometer.DoesNotExist as dne: self.assertEquals(str(dne), "Thermometer matching query does not exist.") # normal user delete others thermometer second_therm = Thermometer.objects.create() second_therm.register(self.super_user) url = reverse('thermometer-detail', args=[second_therm.pk]) request = self.factory.delete(url) force_authenticate(request, self.normal_user) response = self.detailview(request, pk=second_therm.pk) self.assertEquals(response.status_code, 404) self.assertEquals( Thermometer.objects.get(owner=self.super_user).pk, second_therm.pk) # superuser delete other's thermometer url = reverse('thermometer-detail', args=[self.therm.pk]) request = self.factory.delete(url) force_authenticate(request, self.super_user) response = self.detailview(request, pk=self.therm.pk) self.assertEquals(response.status_code, 204) try: Thermometer.objects.get(pk=self.therm.pk) self.fail("Query should fail, as oject should no longer exist") except Thermometer.DoesNotExist as dne: self.assertEquals(str(dne), "Thermometer matching query does not exist.") # superuser delete own thermometer url = reverse('thermometer-detail', args=[second_therm.pk]) request = self.factory.delete(url) force_authenticate(request, self.super_user) response = self.detailview(request, pk=second_therm.pk) self.assertEquals(response.status_code, 204) try: Thermometer.objects.get(pk=second_therm.pk) self.fail("Query should fail, as oject should no longer exist") except Thermometer.DoesNotExist as dne: self.assertEquals(str(dne), "Thermometer matching query does not exist.")
def api_factory(): return APIRequestFactory()
def setUp(self): self.factory = APIRequestFactory() self.initial_data = {'first_name': 'Bobby', 'surname': 'Driller'} self.prov, _ = ProvinceStateCode.objects.get_or_create( province_state_code='BC', display_order=1) super().setUp()
def setUpClass(cls): super(CourseApiTestMixin, cls).setUpClass() cls.request_factory = APIRequestFactory() CourseOverview.get_all_courses() # seed the CourseOverview table
def test_start_and_cancel_downsample_aniso(self, get_msgs_mock, del_msgs_mock, ret_msgs_mock): chans = self.dbsetup.insert_downsample_data() job4 = { 'channel_id': 3874 } job7 = { 'channel_id': chans[0].id } job9 = { 'channel_id': 3999 } get_msgs_mock.side_effect = [ [ { 'MessageId': 'job4', 'ReceiptHandle': 'handle_job4', 'Body': json.dumps(job4) }, { 'MessageId': 'job7', 'ReceiptHandle': 'handle_job7', 'Body': json.dumps(job7) }, { 'MessageId': 'job9', 'ReceiptHandle': 'handle_job9', 'Body': json.dumps(job9) }, ], [], ] exp_return_to_queue_msgs = [get_msgs_mock.side_effect[0][0], get_msgs_mock.side_effect[0][2]] exp_visibility_change_payload = [ { f'ChangeMessageVisibilityBatchRequestEntry.{ind+1}.Id': m['MessageId'], f'ChangeMessageVisibilityBatchRequestEntry.{ind+1}.ReceiptHandle': m['ReceiptHandle'], f'ChangeMessageVisibilityBatchRequestEntry.{ind+1}.VisibilityTimeout': 0, } for ind, m in enumerate(exp_return_to_queue_msgs) ] exp_del_handle = get_msgs_mock.side_effect[0][1]['ReceiptHandle'] factory = APIRequestFactory() request = factory.post('/' + version + '/downsample/col1/exp_ds_aniso/channel1/', content_type='application/json') # log in user force_authenticate(request, user=self.user) # Make request response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso', channel='channel1') self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Make Sure status has changed factory = APIRequestFactory() request = factory.get('/' + version + '/downsample/col1/exp_ds_aniso/channel1/', content_type='application/json') # log in user force_authenticate(request, user=self.user) # Make request response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso', channel='channel1').render() self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data["num_hierarchy_levels"], 5) self.assertEqual(response.data["status"], Channel.DownsampleStatus.QUEUED) # Cancel the downsample job request = factory.delete('/' + version + '/downsample/col1/exp_ds_aniso/channel1/', content_type='application/json') # log in user force_authenticate(request, user=self.user) # Make request response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso', channel='channel1') get_msgs_mock.assert_called_once_with(ANY) del_msgs_mock.assert_called_once_with(ANY, exp_del_handle) ret_msgs_mock.assert_called_once_with(ANY, exp_visibility_change_payload) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) # Make Sure status has changed factory = APIRequestFactory() request = factory.get('/' + version + '/downsample/col1/exp_ds_aniso/channel1/', content_type='application/json') # log in user force_authenticate(request, user=self.user) # Make request response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso', channel='channel1').render() self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data["status"], Channel.DownsampleStatus.NOT_DOWNSAMPLED) # Try to cancel the downsample job again, but it won't because in NOT_DOWNSAMPLED state request = factory.delete('/' + version + '/downsample/col1/exp_ds_aniso/channel1/', content_type='application/json') # log in user force_authenticate(request, user=self.user) # Make request response = Downsample.as_view()(request, collection='col1', experiment='exp_ds_aniso', channel='channel1') self.assertEqual(response.status_code, status.HTTP_409_CONFLICT)
def setUp(self): self.basic_person = Person.objects.create_insoumise( email="*****@*****.**", first_name="Jean", last_name="Georges", create_role=True, ) self.viewer_person = Person.objects.create_insoumise( email="*****@*****.**", create_role=True ) self.adder_person = Person.objects.create_insoumise( email="*****@*****.**", create_role=True ) self.changer_person = Person.objects.create_insoumise( email="*****@*****.**", create_role=True ) person_content_type = ContentType.objects.get_for_model(Person) view_permission = Permission.objects.get( content_type=person_content_type, codename="view_person" ) add_permission = Permission.objects.get( content_type=person_content_type, codename="add_person" ) change_permission = Permission.objects.get( content_type=person_content_type, codename="change_person" ) self.viewer_person.role.user_permissions.add(view_permission) self.adder_person.role.user_permissions.add(add_permission) self.changer_person.role.user_permissions.add( view_permission, change_permission ) self.event = Event.objects.create( name="event", start_time=timezone.now(), end_time=timezone.now() + timezone.timedelta(hours=2), ) self.rsvp = RSVP.objects.create(person=self.basic_person, event=self.event) self.supportgroup = SupportGroup.objects.create(name="Group") self.membership = Membership.objects.create( person=self.basic_person, supportgroup=self.supportgroup ) self.factory = APIRequestFactory() self.detail_view = LegacyPersonViewSet.as_view( { "get": "retrieve", "put": "update", "patch": "partial_update", "delete": "destroy", } ) self.list_view = LegacyPersonViewSet.as_view({"get": "list", "post": "create"})
def setUp(self): self.factory = APIRequestFactory() self.view = PollViewSet.as_view({"get": "list"}) self.uri = '/polls/' self.user = self.setup_user() self.client = APIClient()
class LegacyPersonEndpointTestCase(APITestCase): def as_viewer(self, request): force_authenticate(request, self.viewer_person.role) def setUp(self): self.basic_person = Person.objects.create_insoumise( email="*****@*****.**", first_name="Jean", last_name="Georges", create_role=True, ) self.viewer_person = Person.objects.create_insoumise( email="*****@*****.**", create_role=True ) self.adder_person = Person.objects.create_insoumise( email="*****@*****.**", create_role=True ) self.changer_person = Person.objects.create_insoumise( email="*****@*****.**", create_role=True ) person_content_type = ContentType.objects.get_for_model(Person) view_permission = Permission.objects.get( content_type=person_content_type, codename="view_person" ) add_permission = Permission.objects.get( content_type=person_content_type, codename="add_person" ) change_permission = Permission.objects.get( content_type=person_content_type, codename="change_person" ) self.viewer_person.role.user_permissions.add(view_permission) self.adder_person.role.user_permissions.add(add_permission) self.changer_person.role.user_permissions.add( view_permission, change_permission ) self.event = Event.objects.create( name="event", start_time=timezone.now(), end_time=timezone.now() + timezone.timedelta(hours=2), ) self.rsvp = RSVP.objects.create(person=self.basic_person, event=self.event) self.supportgroup = SupportGroup.objects.create(name="Group") self.membership = Membership.objects.create( person=self.basic_person, supportgroup=self.supportgroup ) self.factory = APIRequestFactory() self.detail_view = LegacyPersonViewSet.as_view( { "get": "retrieve", "put": "update", "patch": "partial_update", "delete": "destroy", } ) self.list_view = LegacyPersonViewSet.as_view({"get": "list", "post": "create"}) def test_cannot_list_while_unauthenticated(self): request = self.factory.get("") response = self.list_view(request) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_can_only_view_self_while_unprivileged(self): request = self.factory.get("") force_authenticate(request, self.basic_person.role) response = self.list_view(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(len(response.data["_items"]), 1) self.assertEqual(response.data["_items"][0]["_id"], str(self.basic_person.pk)) def test_can_see_self_while_authenticated(self): self.client.force_authenticate(self.basic_person.role) response = self.client.get("/legacy/people/me/") self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data["_id"], str(self.basic_person.pk)) def test_cannot_see_self_while_unauthenticated(self): response = self.client.get("/legacy/people/me/") self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_cannot_view_details_while_unauthenticated(self): request = self.factory.get("") response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_can_see_self_while_unprivileged(self): request = self.factory.get("") force_authenticate(request, self.basic_person.role) response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_cannot_view_others_details_while_unprivileged(self): request = self.factory.get("") force_authenticate(request, self.basic_person.role) response = self.detail_view(request, pk=self.viewer_person.pk) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_contain_simple_fields(self): request = self.factory.get("") self.as_viewer(request) response = self.detail_view(request, pk=self.basic_person.pk) expected_fields = { "_id", "id", "email", "first_name", "last_name", "bounced", "bounced_date", } assert expected_fields.issubset(set(response.data)) def test_contains_only_whitelisted_fields_while_unprivileged(self): self.client.force_authenticate(self.basic_person.role) response = self.client.get("/legacy/people/me/") self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertCountEqual( ( "url", "_id", "email", "first_name", "last_name", "email_opt_in", "location", ), response.data.keys(), ) def test_return_correct_values(self): request = self.factory.get("") self.as_viewer(request) response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(self.basic_person.email, response.data["email"]) self.assertEqual(self.basic_person.first_name, response.data["first_name"]) self.assertEqual(self.basic_person.last_name, response.data["last_name"]) def test_cannot_post_new_person_while_unauthenticated(self): request = self.factory.post( "", data={ "email": "*****@*****.**", "first_name": "Jean-Luc", "last_name": "Mélenchon", }, ) response = self.list_view(request) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_can_post_new_person(self): request = self.factory.post( "", data={ "email": "*****@*****.**", "first_name": "Jean-Luc", "last_name": "Mélenchon", }, ) force_authenticate(request, self.adder_person.role) response = self.list_view(request) # assert it worked self.assertEqual(response.status_code, status.HTTP_201_CREATED) new_person = Person.objects.get(email="*****@*****.**") self.assertEqual(new_person.first_name, "Jean-Luc") self.assertEqual(new_person.last_name, "Mélenchon") def test_cannot_post_new_person_with_existing_email(self): request = self.factory.post("", data={"email": self.basic_person.email}) force_authenticate(request, self.adder_person.role) response = self.list_view(request) self.assertEqual(response.status_code, status.HTTP_422_UNPROCESSABLE_ENTITY) def test_can_update_email_list(self): """ We test at the same time that we can replace the list, and that we can set the primary email with the 'email' field """ request = self.factory.patch( "", data={ "emails": [ {"address": "*****@*****.**", "bounced": True}, {"address": "*****@*****.**", "bounced": False}, {"address": "*****@*****.**"}, ], "email": "*****@*****.**", }, ) force_authenticate(request, self.changer_person.role) response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(self.basic_person.email, "*****@*****.**") self.assertEqual(self.basic_person.emails.all()[2].address, "*****@*****.**") self.assertEqual(self.basic_person.emails.all()[2].bounced, True) def test_can_update_bounced_status(self): request = self.factory.patch("", data={"bounced": True}) force_authenticate(request, self.changer_person.role) response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual( self.basic_person.emails.all()[0].address, "*****@*****.**" ) self.assertEqual(self.basic_person.emails.all()[0].bounced, True) self.assertLess(self.basic_person.emails.all()[0].bounced_date, timezone.now()) def test_cannot_modify_while_unauthenticated(self): request = self.factory.patch("", data={"first_name": "Marc"}) response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) def test_can_modify_self(self): request = self.factory.patch( "", data={"email": "*****@*****.**", "first_name": "Marc"} ) force_authenticate(request, self.basic_person.role) response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) self.basic_person.refresh_from_db() self.assertEqual(self.basic_person.first_name, "Marc") self.assertTrue( self.basic_person.emails.filter(address="*****@*****.**").exists() ) def test_can_modify_with_global_perm(self): request = self.factory.patch("", data={"first_name": "Marc"}) force_authenticate(request, self.changer_person.role) response = self.detail_view(request, pk=self.basic_person.pk) self.assertEqual(response.status_code, status.HTTP_200_OK) self.basic_person.refresh_from_db() self.assertEqual(self.basic_person.first_name, "Marc") def test_can_list_persons(self): request = self.factory.get("") self.as_viewer(request) response = self.list_view(request) self.assertIn("_items", response.data) self.assertIn("_meta", response.data) self.assertEqual(len(response.data["_items"]), 4) self.assertCountEqual( [person["email"] for person in response.data["_items"]], [ "*****@*****.**", "*****@*****.**", "*****@*****.**", "*****@*****.**", ], ) def test_can_post_users_with_empty_null_and_blank_fields(self): request = self.factory.post( "", data={ "email": "*****@*****.**", "location_address1": "", "location_address2": None, "country_code": None, }, ) force_authenticate(request, self.adder_person.role) response = self.list_view(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED)
class TestRecipesTestCase(APITestCase): def setUp(self): self.factory = APIRequestFactory() self.recipes_view = views.RecipesViewSet.as_view({ 'get': 'list', 'post': 'create' }) self.single_recipe_view = views.RecipesViewSet.as_view({ 'get': 'retrieve', 'delete': 'destroy' }) self.category_recipes_view = views.CategoryRecipes.as_view() self.public_recipes_view = views.PublicRecipes.as_view() self.public_recipes_detail = views.PublicRecipesDetail.as_view() self.recipe_reviews = views.RecipeReviews.as_view({ 'get': 'list', 'post': 'create' }) self.category_uri = '/categories/' self.recipe_uri = '/recipes/' self.public_recipes_uri = '/public-recipes/' self.test_user = self.setup_user() self.category = self.setup_category() self.recipe = self.setup_recipe() self.public_recipe = self.setup_public_recipe() self.recipe_review = self.setup_recipe_review() @staticmethod def setup_user(): User = get_user_model() return User.objects.create_user(username='******', email='*****@*****.**', password='******') @staticmethod def setup_category(): category = Category.objects.create( name='test category', owner=get_user_model().objects.get(username='******'), description='sweet and flavor category') category.save() return category @staticmethod def setup_recipe(): recipe = Recipe.objects.create( name='test recipe', owner=get_user_model().objects.get(username='******'), category=Category.objects.get(name='test category'), description='sweet and flavor recipe', ingredients='Onions, Tomatoes') recipe.save() return recipe @staticmethod def setup_public_recipe(): recipe = Recipe.objects.create( name='test public recipe', owner=get_user_model().objects.get(username='******'), category=Category.objects.get(name='test category'), description='sweet and flavor recipe', ingredients='Onions, Tomatoes', is_public=True) recipe.save() return recipe @staticmethod def setup_recipe_review(): review = Review.objects.create( comment="Awesome recipe", recipe=Recipe.objects.get(name='test public recipe')) review.save() return review def test_recipes_list(self): ''' test retrieve all user recipes ''' request = self.factory.get(self.recipe_uri) force_authenticate(request, user=self.test_user) response = self.recipes_view(request) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) self.assertIn('test recipe', str(response.data)) def test_get_single_recipes(self): ''' test retrieve a single user recipe ''' request = self.factory.get(self.recipe_uri) force_authenticate(request, user=self.test_user) pk = Recipe.objects.get(name='test recipe').pk response = self.single_recipe_view(request, pk=pk) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) self.assertIn('test recipe', str(response.data)) def test_get_single_recipes_not_found(self): ''' test retrieve a single user recipe not found ''' request = self.factory.get(self.category_uri) force_authenticate(request, user=self.test_user) response = self.single_recipe_view(request, pk=8) self.assertEqual( response.status_code, 404, 'Expected Response Code 404, received {0} instead.'.format( response.status_code)) self.assertNotIn('test recipe', str(response.data)) def test_category_recipes_list(self): ''' test retrieve all user recipes in category ''' request = self.factory.get(self.category_uri) force_authenticate(request, user=self.test_user) category_pk = Category.objects.get(name='test category').pk response = self.category_recipes_view(request, category_pk=category_pk) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) self.assertIn('test recipe', str(response.data)) def test_single_category_recipe(self): ''' test retrieve a single recipe in category ''' request = self.factory.get(self.category_uri) force_authenticate(request, user=self.test_user) pk = Recipe.objects.get(name='test recipe').pk category_pk = Category.objects.get(name='test category').pk response = self.single_recipe_view(request, category_pk=category_pk, pk=pk) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) self.assertIn('test recipe', str(response.data)) def test_create_recipe(self): ''' test create user recipes ''' params = { 'name': 'test recipe2', 'category': Category.objects.get(name='test category').pk, 'description': 'sweet and flavor recipe', 'ingredients': 'Onions, Tomatoes' } request = self.factory.post(self.recipe_uri, params, format='json') force_authenticate(request, user=self.test_user) response = self.recipes_view(request) self.assertEqual( response.status_code, 201, 'Expected Response Code 201, received {0} instead.'.format( response.status_code)) self.assertIn('test recipe2', str(response.data)) def test_create_category_recipe(self): ''' test create user category recipes ''' params = { 'name': 'test recipe3', 'category': Category.objects.get(name='test category').pk, 'description': 'sweet and flavor recipe', 'ingredients': 'Onions, Tomatoes' } request = self.factory.post(self.category_uri, params, format='json') force_authenticate(request, user=self.test_user) category_pk = Category.objects.get(name='test category').pk response = self.category_recipes_view(request, category_pk=category_pk) self.assertEqual( response.status_code, 201, 'Expected Response Code 201, received {0} instead.'.format( response.status_code)) self.assertIn('test recipe3', str(response.data)) def test_public_recipes_list(self): ''' test retrieve all public recipes ''' request = self.factory.get(self.public_recipes_uri) response = self.public_recipes_view(request) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) self.assertIn('test public recipe', str(response.data)) def test_get_public_recipe_detail(self): ''' test retrieve a single public recipe ''' request = self.factory.get(self.public_recipes_uri) pk = Recipe.objects.filter(is_public=True).first().pk response = self.public_recipes_detail(request, pk=pk) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) self.assertIn('test public recipe', str(response.data)) def test_get_recipe_reviews(self): ''' test retrieve recipe reviews ''' request = self.factory.get(self.public_recipes_uri) pk = Recipe.objects.filter(is_public=True).first().pk response = self.recipe_reviews(request, pk=pk) self.assertEqual( response.status_code, 200, 'Expected Response Code 200, received {0} instead.'.format( response.status_code)) self.assertIn('Awesome recipe', str(response.data))