def test_should_not_create_entity(self):
"""
User bob shouldn't be able to create an entity for alice
"""
url = reverse('api:entity-list', kwargs={'parent_lookup_profile': 'alice'})
request = factory.post(url, data=json.dumps(self.new_entity_data), content_type='application/json')
force_authenticate(request, user=self.user2)
view = EntityViewSet.as_view({'post': 'create'})
response = view(request, parent_lookup_profile='alice')
failure_msg = "User should not be able to add someone else an entity."
self.assertEqual(response.status_code, 403, format_failure_message(failure_msg, response.data))
def test_should_retrieve_entity(self):
"""
User alice should be able to retrieve her entity
"""
entity, _ = Entity.objects.get_or_create(user_profile=self.user1_profile, **self.new_entity_data2)
url = reverse('api:entity-detail', kwargs={'parent_lookup_profile': self.user1.username, 'pk': entity.pk})
request = factory.get(url, data=self.new_entity_data)
force_authenticate(request, user=self.user1)
view = EntityViewSet.as_view({'get': 'retrieve'})
response = view(request, parent_lookup_profile='alice', pk=entity.pk)
failure_msg = "User should be able to retrieve its entity."
self.assertEqual(response.status_code, 200, format_failure_message(failure_msg, response.data))
def test_should_not_update_entity(self):
"""
User bob shouldn't be able to update alice entity
"""
entity, _ = Entity.objects.get_or_create(user_profile=self.user1_profile, **self.new_entity_data2)
url = reverse('api:entity-detail', kwargs={'parent_lookup_profile': self.user1.username, 'pk': entity.pk})
request = factory.put(url, data=self.new_entity_data)
force_authenticate(request, user=self.user2)
view = EntityViewSet.as_view({'put': 'update'})
response = view(request, parent_lookup_profile='alice', pk=entity.pk)
failure_msg = "User should not be able to update its entity."
self.assertEqual(response.status_code, 403, format_failure_message(failure_msg, response.data))
entity.delete()
def test_should_create_entity_and_skills(self):
"""
User Alice should be able to create herself an entity with skills.
NOTICE: In fixture it is Bob who doesn't have user profile
"""
url = reverse('api:entity-list', kwargs={'parent_lookup_profile': 'alice'})
self.new_entity_data['skills'] = self.new_skills_data
request = factory.post(url, data=json.dumps(self.new_entity_data), content_type='application/json')
force_authenticate(request, user=self.user1)
view = EntityViewSet.as_view({'post': 'create'})
response = view(request, parent_lookup_profile='alice')
failure_msg = "User should be able to add itself an entity. "
self.assertEqual(response.status_code, 201, format_failure_message(failure_msg, response.data))
failure_msg = "User skills should've been added. "
self.assertEqual(len(response.data['skills']),
len(self.new_skills_data),
format_failure_message(failure_msg, response.data))
failure_msg = "New skill should have been created."
self.assertEqual(Skill.objects.all().count(), self.number_of_skills + 1, failure_msg)