class CellsTests(CustomAPITestCase): ATTRIBUTES = [ 'id', 'url', 'name', 'address_line_1', 'address_line_2', 'postal_code', 'city', 'state_province', 'longitude', 'latitude', ] def setUp(self): self.client = APIClient() self.user = UserFactory() self.user.set_password('Test123!') self.user.save() self.admin = AdminFactory() self.admin.set_password('Test123!') self.admin.save() self.cell = Cell.objects.create( name='My new cell', address_line_1='373 Rue villeneuve E', postal_code='H2T 1M1', city='Montreal', state_province='Quebec', longitude='45.540237', latitude='-73.603421', ) def test_create_new_cell_as_admin(self): """ Ensure we can create a new cell if we are an admin. """ data_post = { 'name': 'New cell', 'address_line_1': "New address", 'postal_code': "H2Y K8D", 'city': 'Gatineau', 'state_province': 'Quebec', 'longitude': '45.540237', 'latitude': '-73.603421', } self.client.force_authenticate(user=self.admin) response = self.client.post( reverse('cell-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.check_attributes(content) def test_create_new_cell(self): """ Ensure we can't create a new cell if we are a simple user. """ data_post = { 'name': 'New cell', 'address_line_1': "New address", 'postal_code': "H2Y K8D", 'city': 'Gatineau', 'state_province': 'Quebec', 'longitude': '45.540237', 'latitude': '-73.603421', } self.client.force_authenticate(user=self.user) response = self.client.post( reverse('cell-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, { 'detail': 'You do not have permission to perform this action.' } ) def test_update_cell_as_admin(self): """ Ensure we can update a cell if we are an admin. """ new_name = 'New cell updated name' data_post = { 'name': new_name, } self.client.force_authenticate(user=self.admin) response = self.client.patch( reverse( 'cell-detail', kwargs={ 'pk': self.cell.id }, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.check_attributes(content) self.assertEqual(content['name'], new_name) def test_update_cell(self): """ Ensure we can't update a cell if we are a simple user. """ new_name = 'New cell updated name' data_post = { 'name': new_name, } self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'cell-detail', kwargs={ 'pk': self.cell.id }, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, { 'detail': 'You do not have permission to perform this action.' } ) def test_delete_cell_as_admin(self): """ Ensure we can delete a cell if we are an admin. """ self.client.force_authenticate(user=self.admin) response = self.client.delete( reverse( 'cell-detail', kwargs={ 'pk': self.cell.id }, ) ) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(response.content, b'') def test_delete_cell(self): """ Ensure we can't delete a cell if we are a simple user. """ self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'cell-detail', kwargs={ 'pk': self.cell.id }, ) ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, { 'detail': 'You do not have permission to perform this action.' } ) def test_list_cells(self): """ Ensure we can list cells. """ self.client.force_authenticate(user=self.user) response = self.client.get( reverse('cell-list'), ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(len(content['results']), 1) self.check_attributes(content['results'][0])
class EventsTests(CustomAPITestCase): ATTRIBUTES = [ 'id', 'url', 'description', 'start_time', 'end_time', 'nb_volunteers_needed', 'nb_volunteers_standby_needed', 'cell', 'task_type', 'nb_volunteers_standby', 'nb_volunteers' ] def setUp(self): self.client = APIClient() factory = APIRequestFactory() self.request = factory.get('/') self.user = UserFactory() self.user.set_password('Test123!') self.user.save() self.admin = AdminFactory() self.admin.set_password('Test123!') self.admin.save() self.cell = Cell.objects.create( name='My new cell', address_line_1='373 Rue villeneuve E', postal_code='H2T 1M1', city='Montreal', state_province='Quebec', longitude='45.540237', latitude='-73.603421', ) self.tasktype = TaskType.objects.create(name='My new tasktype', ) self.event = Event.objects.create( start_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 15, 8)), end_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 17, 12)), nb_volunteers_needed=10, nb_volunteers_standby_needed=0, cell=self.cell, task_type=self.tasktype, ) def test_create_new_event_as_admin(self): """ Ensure we can create a new event if we are an admin. """ data_post = { "description": "My new event description", "start_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 13, 9)), "end_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 15, 10)), "nb_volunteers_needed": 10, "nb_volunteers_standby_needed": 0, "cell": reverse( 'cell-detail', args=[self.cell.id], ), "task_type": reverse( 'tasktype-detail', args=[self.tasktype.id], ) } self.client.force_authenticate(user=self.admin) response = self.client.post( reverse('event-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.check_attributes(content) def test_create_new_event(self): """ Ensure we can't create a new event if we are a simple user. """ data_post = { "description": "My new event description", "start_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 13, 9)), "end_time": LOCAL_TIMEZONE.localize(datetime(2100, 1, 15, 10)), "nb_volunteers_needed": 10, "nb_volunteers_standby_needed": 0, "cell": self.cell.id, "task_type": self.tasktype.id, } self.client.force_authenticate(user=self.user) response = self.client.post( reverse('event-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_update_event_as_admin(self): """ Ensure we can update a event if we are an admin. """ new_number_of_volunteer = 2 data_post = { 'nb_volunteers_needed': new_number_of_volunteer, } self.client.force_authenticate(user=self.admin) response = self.client.patch( reverse( 'event-detail', kwargs={'pk': self.event.id}, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.check_attributes(content) self.assertEqual( content['nb_volunteers_needed'], new_number_of_volunteer, ) def test_update_event(self): """ Ensure we can't update a event if we are a simple user. """ new_number_of_volunteers = 2 data_post = { 'nb_volunteers_needed': new_number_of_volunteers, } self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'event-detail', kwargs={'pk': self.event.id}, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_delete_event_as_admin(self): """ Ensure we can delete a event if we are an admin. """ self.client.force_authenticate(user=self.admin) response = self.client.delete( reverse( 'event-detail', kwargs={'pk': self.event.id}, )) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(response.content, b'') def test_delete_event(self): """ Ensure we can't delete a event if we are a simple user. """ self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'event-detail', kwargs={'pk': self.event.id}, )) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_list_events(self): """ Ensure we can list events. """ self.client.force_authenticate(user=self.user) response = self.client.get(reverse('event-list'), ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(len(content['results']), 1) self.check_attributes(content['results'][0])
class TaskTypesTests(CustomAPITestCase): ATTRIBUTES = [ 'id', 'url', 'name', ] def setUp(self): self.client = APIClient() self.user = UserFactory() self.user.set_password('Test123!') self.user.save() self.admin = AdminFactory() self.admin.set_password('Test123!') self.admin.save() self.tasktype = TaskType.objects.create(name='My new tasktype', ) def test_create_new_task_type_as_admin(self): """ Ensure we can create a new task type if we are an admin. """ data_post = { 'name': 'New task type', } self.client.force_authenticate(user=self.admin) response = self.client.post( reverse('tasktype-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.check_attributes(content) def test_create_new_task_type(self): """ Ensure we can't create a new task type if we are a simple user. """ data_post = { 'name': 'New task type', } self.client.force_authenticate(user=self.user) response = self.client.post( reverse('tasktype-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_update_task_type_as_admin(self): """ Ensure we can update a task type if we are an admin. """ new_name = 'New task type updated name' data_post = { 'name': new_name, } self.client.force_authenticate(user=self.admin) response = self.client.patch( reverse( 'tasktype-detail', kwargs={'pk': self.tasktype.id}, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.check_attributes(content) self.assertEqual(content['name'], new_name) def test_update_task_type(self): """ Ensure we can't update a task type if we are a simple user. """ new_name = 'New task type updated name' data_post = { 'name': new_name, } self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'tasktype-detail', kwargs={'pk': self.tasktype.id}, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_delete_task_type_as_admin(self): """ Ensure we can delete a task type if we are an admin. """ self.client.force_authenticate(user=self.admin) response = self.client.delete( reverse( 'tasktype-detail', kwargs={'pk': self.tasktype.id}, )) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(response.content, b'') def test_delete_task_type(self): """ Ensure we can't delete a task type if we are a simple user. """ self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'tasktype-detail', kwargs={'pk': self.tasktype.id}, )) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_list_task_types(self): """ Ensure we can list task types. """ self.client.force_authenticate(user=self.user) response = self.client.get(reverse('tasktype-list'), ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(len(content['results']), 1) self.check_attributes(content['results'][0])
class ParticipationsTests(CustomAPITestCase): ATTRIBUTES = [ 'id', 'url', 'event', 'user', 'presence_duration_minutes', 'presence_status', 'is_standby', 'registered_at', ] def setUp(self): self.client = APIClient() self.user = UserFactory() self.user.set_password('Test123!') self.user.save() self.user2 = UserFactory() self.user2.set_password('Test123!') self.user2.save() self.admin = AdminFactory() self.admin.set_password('Test123!') self.admin.save() self.cell = Cell.objects.create( name='My new cell', address_line_1='373 Rue villeneuve E', postal_code='H2T 1M1', city='Montreal', state_province='Quebec', longitude='45.540237', latitude='-73.603421', ) self.tasktype = TaskType.objects.create(name='My new tasktype', ) self.event = Event.objects.create( start_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 15, 8)), end_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 17, 12)), nb_volunteers_needed=10, nb_volunteers_standby_needed=0, cell=self.cell, task_type=self.tasktype, ) self.event2 = Event.objects.create( start_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 15, 8)), end_time=LOCAL_TIMEZONE.localize(datetime(2140, 1, 17, 12)), nb_volunteers_needed=10, nb_volunteers_standby_needed=0, cell=self.cell, task_type=self.tasktype, ) self.participation = Participation.objects.create( event=self.event2, user=self.user, is_standby=False, ) self.participation2 = Participation.objects.create( event=self.event2, user=self.user2, is_standby=False, ) def test_create_new_participation_as_admin(self): """ Ensure we can create a new participation if we are an admin. """ data_post = { 'event': reverse( 'event-detail', args=[self.event.id], ), 'user': reverse( 'user-detail', args=[self.admin.id], ), 'is_standby': False, } self.client.force_authenticate(user=self.admin) response = self.client.post( reverse('participation-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_201_CREATED, content) self.check_attributes(content) def test_create_new_participation(self): """ Ensure we can create a new participation if we are a simple user. """ data_post = { 'event': reverse( 'event-detail', args=[self.event.id], ), 'user': reverse( 'user-detail', args=[self.user.id], ), 'is_standby': False, } self.client.force_authenticate(user=self.user) response = self.client.post( reverse('participation-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_201_CREATED, content) self.check_attributes(content) def test_create_new_participation_for_an_other_user(self): """ Ensure we can't create a new participation for an other user if we are a simple user. """ data_post = { 'event': reverse( 'event-detail', args=[self.event.id], ), 'user': reverse( 'user-detail', args=[self.user2.id], ), 'is_standby': False, } self.client.force_authenticate(user=self.user) response = self.client.post( reverse('participation-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST, content) self.assertEqual( content, { 'user': [ "You don't have the right to create a participation " "for an other user" ] }) def test_create_new_participation_for_an_other_user_as_admin(self): """ Ensure we can create a new participation for an other user if we are an administrator. """ data_post = { 'event': reverse( 'event-detail', args=[self.event.id], ), 'user': reverse( 'user-detail', args=[self.user2.id], ), 'is_standby': False, } self.client.force_authenticate(user=self.admin) response = self.client.post( reverse('participation-list'), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_201_CREATED, content) self.check_attributes(content) def test_update_participation_as_admin(self): """ Ensure we can update a participation if we are an admin. """ new_value = True data_post = { 'is_standby': new_value, } self.client.force_authenticate(user=self.admin) response = self.client.patch( reverse( 'participation-detail', kwargs={'pk': self.participation.id}, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.check_attributes(content) self.assertEqual(content['is_standby'], new_value) def test_update_participation(self): """ Ensure we can't update a participation if we are a simple user. """ new_value = True data_post = { 'is_standby': new_value, } self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'participation-detail', kwargs={'pk': self.participation.id}, ), data_post, format='json', ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_delete_participation_as_admin(self): """ Ensure we can delete a participation if we are an admin. """ self.client.force_authenticate(user=self.admin) response = self.client.delete( reverse( 'participation-detail', kwargs={'pk': self.participation.id}, )) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(response.content, b'') def test_delete_participation(self): """ Ensure we can't delete a participation if we are a simple user. """ self.client.force_authenticate(user=self.user) response = self.client.patch( reverse( 'participation-detail', kwargs={'pk': self.participation.id}, )) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual( content, {'detail': 'You do not have permission to perform this action.'}) def test_list_participations(self): """ Ensure we can list participations. """ self.client.force_authenticate(user=self.user) response = self.client.get(reverse('participation-list'), ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(len(content['results']), 1) self.check_attributes(content['results'][0]) for participation in content['results']: self.assertEqual( participation['user']['id'], self.user.id, ) def test_list_participations_as_admin(self): """ Ensure we can list all the participations where we are administrator """ self.client.force_authenticate(user=self.admin) response = self.client.get(reverse('participation-list'), ) content = json.loads(response.content) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(len(content['results']), 2) self.check_attributes(content['results'][0]) at_least_one_participation_is_owner_by_somebody_else = False for participation in content['results']: if participation['user']['id'] != self.admin.id: at_least_one_participation_is_owner_by_somebody_else = True self.assertTrue(at_least_one_participation_is_owner_by_somebody_else)