def test_admin_can_delete_managers_deposit(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='manager') self.assertEqual(resp.status_code, 200) token = login(self, '*****@*****.**', 'password1') resp = self.delete_deposit(1, token=token) self.check_deposit_deleted(1)
def test_normal_cannot_delete_others(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='normal') self.assertEqual(resp.status_code, 200) token = login(self, '*****@*****.**', 'password1') resp = self.delete_deposit(1, token=token) self.assertEqual(resp.status_code, 403)
def test_admin_can_create_managers_deposit(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='manager', user_id=3) self.assertIn('manager', resp.data.decode('utf-8')) # read to verify token = login(self, '*****@*****.**', 'password1') resp = send_get_request(self, 'api/v1/deposits/1', token=token) self.assertIn('manager', resp.data.decode('utf-8'))
def test_user_can_delete_own(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='normal') self.assertEqual(resp.status_code, 200) resp = self.delete_deposit(1, token=token) self.check_deposit_deleted(1)
def test_user_can_create_own(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='normal') self.assertIn('normal', resp.data.decode('utf-8'))
def test_manager_cannot_create_others_deposit(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='normal', user_id=5) data = json.loads(resp.data.decode('utf-8')) self.assertNotEqual(data['user_id'], 5) self.assertEqual(data['user_id'], 3)
def test_user_cannot_read_all(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='normal') resp = send_get_request(self, 'api/v1/deposits/all', token=token) self.assertNotIn('normal', resp.data.decode('utf-8'))
def test_man_can_read_own(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='man') self.assertIn('5.5', resp.data.decode('utf-8')) resp = send_get_request(self, 'api/v1/deposits/1', token=token) self.assertIn('man', resp.data.decode('utf-8'))
def test_admin_can_read_normals_deposit(self): token = login(self, '*****@*****.**', 'password1') resp = create_deposit(self, token, msg='normal') token = login(self, '*****@*****.**', 'password1') resp = send_get_request(self, 'api/v1/deposits/1', token=token) self.assertIn('normal', resp.data.decode('utf-8'))