def test_releasefileapi_with_anonymous_user(api_rf):
rfile = ReleaseFileFactory()
request = api_rf.get("/")
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 403
def test_releasefileapi_without_permission(api_rf):
rfile = ReleaseFileFactory()
request = api_rf.get("/")
request.user = UserFactory() # logged in, but no permission
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 403
def test_releasefileapi_with_deleted_file(api_rf):
rfile = ReleaseFileFactory(deleted_at=timezone.now(), deleted_by=UserFactory())
user = UserFactory()
ProjectMembershipFactory(
user=user,
project=rfile.release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 404, response.data
def test_releasefileapi_with_permission(api_rf, build_release_with_files):
release = build_release_with_files(["file1.txt"])
rfile = release.files.first()
user = UserFactory()
# logged in, with permission
ProjectMembershipFactory(
user=user,
project=release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 200
assert b"".join(response.streaming_content) == rfile.absolute_path().read_bytes()
assert response.headers["Content-Type"] == "text/plain"
def test_releasefileapi_with_nginx_redirect(api_rf, build_release_with_files):
release = build_release_with_files(["file.txt"])
rfile = release.files.first()
user = UserFactory()
# test nginx configuration
ProjectMembershipFactory(
user=user,
project=release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/", HTTP_RELEASES_REDIRECT="/storage")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 200
assert (
response.headers["X-Accel-Redirect"]
== f"/storage/{release.workspace.name}/releases/{release.id}/file.txt"
)
def test_releasefileapi_with_no_file_on_disk(api_rf, build_release):
release = build_release(["file1.txt"])
rfile = ReleaseFileFactory(
release=release,
workspace=release.workspace,
name="file1.txt",
uploaded_at=None,
)
user = UserFactory()
ProjectMembershipFactory(
user=user,
project=release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 404, response.data
ReleaseWorkspaceAPI.as_view(),
name="release-workspace",
),
path(
"releases/release/<str:release_id>",
ReleaseAPI.as_view(),
name="release",
),
path(
"releases/release/<str:release_id>/reviews",
ReviewAPI.as_view(),
name="release-review",
),
path(
"releases/file/<file_id>",
ReleaseFileAPI.as_view(),
name="release-file",
),
]
files_urls = [
path("", WorkspaceFileList.as_view(), name="workspace-files-list"),
path(
"<str:backend_slug>/",
WorkspaceBackendFiles.as_view(),
name="workspace-backend-files",
),
path(
"<str:backend_slug>/<path:path>",
WorkspaceBackendFiles.as_view(),
name="workspace-backend-files",
def test_releasefileapi_get_unknown_file(api_rf):
request = api_rf.get("/")
response = ReleaseFileAPI.as_view()(request, file_id="")
assert response.status_code == 404