def setUp(self):
self.client = APIClient()
factory = APIRequestFactory()
self.request = factory.get('/')
self.user = UserFactory()
self.user.set_password('Test123!')
self.user.save()
self.admin = AdminFactory()
self.admin.set_password('Test123!')
self.admin.save()
self.cell = Cell.objects.create(
name='My new cell',
address_line_1='373 Rue villeneuve E',
postal_code='H2T 1M1',
city='Montreal',
state_province='Quebec',
longitude='45.540237',
latitude='-73.603421',
)
self.tasktype = TaskType.objects.create(name='My new tasktype', )
self.event = Event.objects.create(
start_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 15, 8)),
end_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 17, 12)),
nb_volunteers_needed=10,
nb_volunteers_standby_needed=0,
cell=self.cell,
task_type=self.tasktype,
)
def setUp(self):
self.client = APIClient()
self.user = UserFactory()
self.user.set_password('Test123!')
self.user.save()
self.admin = AdminFactory()
self.admin.set_password('Test123!')
self.admin.save()
self.tasktype = TaskType.objects.create(name='My new tasktype', )
def setUp(self):
self.client = APIClient()
self.user = UserFactory()
self.user.set_password('Test123!')
self.user.save()
self.admin = AdminFactory()
self.admin.set_password('Test123!')
self.admin.save()
self.cell = Cell.objects.create(
name='My new cell',
address_line_1='373 Rue villeneuve E',
postal_code='H2T 1M1',
city='Montreal',
state_province='Quebec',
longitude='45.540237',
latitude='-73.603421',
)
class CellsTests(CustomAPITestCase):
ATTRIBUTES = [
'id',
'url',
'name',
'address_line_1',
'address_line_2',
'postal_code',
'city',
'state_province',
'longitude',
'latitude',
]
def setUp(self):
self.client = APIClient()
self.user = UserFactory()
self.user.set_password('Test123!')
self.user.save()
self.admin = AdminFactory()
self.admin.set_password('Test123!')
self.admin.save()
self.cell = Cell.objects.create(
name='My new cell',
address_line_1='373 Rue villeneuve E',
postal_code='H2T 1M1',
city='Montreal',
state_province='Quebec',
longitude='45.540237',
latitude='-73.603421',
)
def test_create_new_cell_as_admin(self):
"""
Ensure we can create a new cell if we are an admin.
"""
data_post = {
'name': 'New cell',
'address_line_1': "New address",
'postal_code': "H2Y K8D",
'city': 'Gatineau',
'state_province': 'Quebec',
'longitude': '45.540237',
'latitude': '-73.603421',
}
self.client.force_authenticate(user=self.admin)
response = self.client.post(
reverse('cell-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.check_attributes(content)
def test_create_new_cell(self):
"""
Ensure we can't create a new cell if we are a simple user.
"""
data_post = {
'name': 'New cell',
'address_line_1': "New address",
'postal_code': "H2Y K8D",
'city': 'Gatineau',
'state_province': 'Quebec',
'longitude': '45.540237',
'latitude': '-73.603421',
}
self.client.force_authenticate(user=self.user)
response = self.client.post(
reverse('cell-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{
'detail': 'You do not have permission to perform this action.'
}
)
def test_update_cell_as_admin(self):
"""
Ensure we can update a cell if we are an admin.
"""
new_name = 'New cell updated name'
data_post = {
'name': new_name,
}
self.client.force_authenticate(user=self.admin)
response = self.client.patch(
reverse(
'cell-detail',
kwargs={
'pk': self.cell.id
},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.check_attributes(content)
self.assertEqual(content['name'], new_name)
def test_update_cell(self):
"""
Ensure we can't update a cell if we are a simple user.
"""
new_name = 'New cell updated name'
data_post = {
'name': new_name,
}
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'cell-detail',
kwargs={
'pk': self.cell.id
},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{
'detail': 'You do not have permission to perform this action.'
}
)
def test_delete_cell_as_admin(self):
"""
Ensure we can delete a cell if we are an admin.
"""
self.client.force_authenticate(user=self.admin)
response = self.client.delete(
reverse(
'cell-detail',
kwargs={
'pk': self.cell.id
},
)
)
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(response.content, b'')
def test_delete_cell(self):
"""
Ensure we can't delete a cell if we are a simple user.
"""
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'cell-detail',
kwargs={
'pk': self.cell.id
},
)
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{
'detail': 'You do not have permission to perform this action.'
}
)
def test_list_cells(self):
"""
Ensure we can list cells.
"""
self.client.force_authenticate(user=self.user)
response = self.client.get(
reverse('cell-list'),
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(content['results']), 1)
self.check_attributes(content['results'][0])
class TaskTypesTests(CustomAPITestCase):
ATTRIBUTES = [
'id',
'url',
'name',
]
def setUp(self):
self.client = APIClient()
self.user = UserFactory()
self.user.set_password('Test123!')
self.user.save()
self.admin = AdminFactory()
self.admin.set_password('Test123!')
self.admin.save()
self.tasktype = TaskType.objects.create(name='My new tasktype', )
def test_create_new_task_type_as_admin(self):
"""
Ensure we can create a new task type if we are an admin.
"""
data_post = {
'name': 'New task type',
}
self.client.force_authenticate(user=self.admin)
response = self.client.post(
reverse('tasktype-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.check_attributes(content)
def test_create_new_task_type(self):
"""
Ensure we can't create a new task type if we are a simple user.
"""
data_post = {
'name': 'New task type',
}
self.client.force_authenticate(user=self.user)
response = self.client.post(
reverse('tasktype-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_update_task_type_as_admin(self):
"""
Ensure we can update a task type if we are an admin.
"""
new_name = 'New task type updated name'
data_post = {
'name': new_name,
}
self.client.force_authenticate(user=self.admin)
response = self.client.patch(
reverse(
'tasktype-detail',
kwargs={'pk': self.tasktype.id},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.check_attributes(content)
self.assertEqual(content['name'], new_name)
def test_update_task_type(self):
"""
Ensure we can't update a task type if we are a simple user.
"""
new_name = 'New task type updated name'
data_post = {
'name': new_name,
}
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'tasktype-detail',
kwargs={'pk': self.tasktype.id},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_delete_task_type_as_admin(self):
"""
Ensure we can delete a task type if we are an admin.
"""
self.client.force_authenticate(user=self.admin)
response = self.client.delete(
reverse(
'tasktype-detail',
kwargs={'pk': self.tasktype.id},
))
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(response.content, b'')
def test_delete_task_type(self):
"""
Ensure we can't delete a task type if we are a simple user.
"""
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'tasktype-detail',
kwargs={'pk': self.tasktype.id},
))
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_list_task_types(self):
"""
Ensure we can list task types.
"""
self.client.force_authenticate(user=self.user)
response = self.client.get(reverse('tasktype-list'), )
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(content['results']), 1)
self.check_attributes(content['results'][0])
class EventsTests(CustomAPITestCase):
ATTRIBUTES = [
'id', 'url', 'description', 'start_time', 'end_time',
'nb_volunteers_needed', 'nb_volunteers_standby_needed', 'cell',
'task_type', 'nb_volunteers_standby', 'nb_volunteers'
]
def setUp(self):
self.client = APIClient()
factory = APIRequestFactory()
self.request = factory.get('/')
self.user = UserFactory()
self.user.set_password('Test123!')
self.user.save()
self.admin = AdminFactory()
self.admin.set_password('Test123!')
self.admin.save()
self.cell = Cell.objects.create(
name='My new cell',
address_line_1='373 Rue villeneuve E',
postal_code='H2T 1M1',
city='Montreal',
state_province='Quebec',
longitude='45.540237',
latitude='-73.603421',
)
self.tasktype = TaskType.objects.create(name='My new tasktype', )
self.event = Event.objects.create(
start_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 15, 8)),
end_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 17, 12)),
nb_volunteers_needed=10,
nb_volunteers_standby_needed=0,
cell=self.cell,
task_type=self.tasktype,
)
def test_create_new_event_as_admin(self):
"""
Ensure we can create a new event if we are an admin.
"""
data_post = {
"description": "My new event description",
"start_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 13, 9)),
"end_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 15, 10)),
"nb_volunteers_needed": 10,
"nb_volunteers_standby_needed": 0,
"cell": reverse(
'cell-detail',
args=[self.cell.id],
),
"task_type": reverse(
'tasktype-detail',
args=[self.tasktype.id],
)
}
self.client.force_authenticate(user=self.admin)
response = self.client.post(
reverse('event-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.check_attributes(content)
def test_create_new_event(self):
"""
Ensure we can't create a new event if we are a simple user.
"""
data_post = {
"description": "My new event description",
"start_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 13, 9)),
"end_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 15, 10)),
"nb_volunteers_needed": 10,
"nb_volunteers_standby_needed": 0,
"cell": self.cell.id,
"task_type": self.tasktype.id,
}
self.client.force_authenticate(user=self.user)
response = self.client.post(
reverse('event-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_update_event_as_admin(self):
"""
Ensure we can update a event if we are an admin.
"""
new_number_of_volunteer = 2
data_post = {
'nb_volunteers_needed': new_number_of_volunteer,
}
self.client.force_authenticate(user=self.admin)
response = self.client.patch(
reverse(
'event-detail',
kwargs={'pk': self.event.id},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.check_attributes(content)
self.assertEqual(
content['nb_volunteers_needed'],
new_number_of_volunteer,
)
def test_update_event(self):
"""
Ensure we can't update a event if we are a simple user.
"""
new_number_of_volunteers = 2
data_post = {
'nb_volunteers_needed': new_number_of_volunteers,
}
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'event-detail',
kwargs={'pk': self.event.id},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_delete_event_as_admin(self):
"""
Ensure we can delete a event if we are an admin.
"""
self.client.force_authenticate(user=self.admin)
response = self.client.delete(
reverse(
'event-detail',
kwargs={'pk': self.event.id},
))
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(response.content, b'')
def test_delete_event(self):
"""
Ensure we can't delete a event if we are a simple user.
"""
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'event-detail',
kwargs={'pk': self.event.id},
))
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_list_events(self):
"""
Ensure we can list events.
"""
self.client.force_authenticate(user=self.user)
response = self.client.get(reverse('event-list'), )
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(content['results']), 1)
self.check_attributes(content['results'][0])
class ParticipationsTests(CustomAPITestCase):
ATTRIBUTES = [
'id',
'url',
'event',
'user',
'presence_duration_minutes',
'presence_status',
'is_standby',
'registered_at',
]
def setUp(self):
self.client = APIClient()
self.user = UserFactory()
self.user.set_password('Test123!')
self.user.save()
self.user2 = UserFactory()
self.user2.set_password('Test123!')
self.user2.save()
self.admin = AdminFactory()
self.admin.set_password('Test123!')
self.admin.save()
self.cell = Cell.objects.create(
name='My new cell',
address_line_1='373 Rue villeneuve E',
postal_code='H2T 1M1',
city='Montreal',
state_province='Quebec',
longitude='45.540237',
latitude='-73.603421',
)
self.tasktype = TaskType.objects.create(name='My new tasktype', )
self.event = Event.objects.create(
start_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 15, 8)),
end_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 17, 12)),
nb_volunteers_needed=10,
nb_volunteers_standby_needed=0,
cell=self.cell,
task_type=self.tasktype,
)
self.event2 = Event.objects.create(
start_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 15, 8)),
end_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 17, 12)),
nb_volunteers_needed=10,
nb_volunteers_standby_needed=0,
cell=self.cell,
task_type=self.tasktype,
)
self.participation = Participation.objects.create(
event=self.event2,
user=self.user,
is_standby=False,
)
self.participation2 = Participation.objects.create(
event=self.event2,
user=self.user2,
is_standby=False,
)
def test_create_new_participation_as_admin(self):
"""
Ensure we can create a new participation if we are an admin.
"""
data_post = {
'event': reverse(
'event-detail',
args=[self.event.id],
),
'user': reverse(
'user-detail',
args=[self.admin.id],
),
'is_standby': False,
}
self.client.force_authenticate(user=self.admin)
response = self.client.post(
reverse('participation-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_201_CREATED,
content)
self.check_attributes(content)
def test_create_new_participation(self):
"""
Ensure we can create a new participation if we are a simple user.
"""
data_post = {
'event': reverse(
'event-detail',
args=[self.event.id],
),
'user': reverse(
'user-detail',
args=[self.user.id],
),
'is_standby': False,
}
self.client.force_authenticate(user=self.user)
response = self.client.post(
reverse('participation-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_201_CREATED,
content)
self.check_attributes(content)
def test_create_new_participation_for_an_other_user(self):
"""
Ensure we can't create a new participation for an other user
if we are a simple user.
"""
data_post = {
'event': reverse(
'event-detail',
args=[self.event.id],
),
'user': reverse(
'user-detail',
args=[self.user2.id],
),
'is_standby': False,
}
self.client.force_authenticate(user=self.user)
response = self.client.post(
reverse('participation-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST,
content)
self.assertEqual(
content, {
'user': [
"You don't have the right to create a participation "
"for an other user"
]
})
def test_create_new_participation_for_an_other_user_as_admin(self):
"""
Ensure we can create a new participation for an other user
if we are an administrator.
"""
data_post = {
'event': reverse(
'event-detail',
args=[self.event.id],
),
'user': reverse(
'user-detail',
args=[self.user2.id],
),
'is_standby': False,
}
self.client.force_authenticate(user=self.admin)
response = self.client.post(
reverse('participation-list'),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_201_CREATED,
content)
self.check_attributes(content)
def test_update_participation_as_admin(self):
"""
Ensure we can update a participation if we are an admin.
"""
new_value = True
data_post = {
'is_standby': new_value,
}
self.client.force_authenticate(user=self.admin)
response = self.client.patch(
reverse(
'participation-detail',
kwargs={'pk': self.participation.id},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.check_attributes(content)
self.assertEqual(content['is_standby'], new_value)
def test_update_participation(self):
"""
Ensure we can't update a participation if we are a simple user.
"""
new_value = True
data_post = {
'is_standby': new_value,
}
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'participation-detail',
kwargs={'pk': self.participation.id},
),
data_post,
format='json',
)
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_delete_participation_as_admin(self):
"""
Ensure we can delete a participation if we are an admin.
"""
self.client.force_authenticate(user=self.admin)
response = self.client.delete(
reverse(
'participation-detail',
kwargs={'pk': self.participation.id},
))
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(response.content, b'')
def test_delete_participation(self):
"""
Ensure we can't delete a participation if we are a simple user.
"""
self.client.force_authenticate(user=self.user)
response = self.client.patch(
reverse(
'participation-detail',
kwargs={'pk': self.participation.id},
))
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(
content,
{'detail': 'You do not have permission to perform this action.'})
def test_list_participations(self):
"""
Ensure we can list participations.
"""
self.client.force_authenticate(user=self.user)
response = self.client.get(reverse('participation-list'), )
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(content['results']), 1)
self.check_attributes(content['results'][0])
for participation in content['results']:
self.assertEqual(
participation['user']['id'],
self.user.id,
)
def test_list_participations_as_admin(self):
"""
Ensure we can list all the participations where we are administrator
"""
self.client.force_authenticate(user=self.admin)
response = self.client.get(reverse('participation-list'), )
content = json.loads(response.content)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(content['results']), 2)
self.check_attributes(content['results'][0])
at_least_one_participation_is_owner_by_somebody_else = False
for participation in content['results']:
if participation['user']['id'] != self.admin.id:
at_least_one_participation_is_owner_by_somebody_else = True
self.assertTrue(at_least_one_participation_is_owner_by_somebody_else)