def test_delete_existing_topic(self): self.topics = [{'id': 1, 'title': 'What is the weather like?'}, {'id': 2, 'title': 'The Most Popular Color in the World'}, {'id': 3, 'title': 'The best programming language'}, {'id': 4, 'title': '10 Best Programming Language to Learn in 2020'}] self.topics_saved = [] for topic in self.topics: self.topics_saved.append(Topic.objects.create(**topic)) self.messages = [{'id': 1, 'text': "Hot and sunny day", 'topic': self.topics_saved[0]}, {'id': 2, 'text': "Blue", 'topic': self.topics_saved[1]}, {'id': 3, 'text': "Python", 'topic': self.topics_saved[2]}] self.messages_saved = [] for msg in self.messages: temp_msg = Message.objects.create(**msg) self.messages_saved.append(temp_msg) factory = APIRequestFactory() msg_view = MessageViewSet.as_view({'delete': 'destroy'}) request = factory.delete(reverse('messages-detail', args=(2,))) response = msg_view(request, pk=1) response.render() self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) factory = APIRequestFactory() msg_view = MessageViewSet.as_view({'delete': 'destroy'}) request = factory.delete(reverse('messages-detail', args=(1,))) response = msg_view(request, pk=1) response.render() self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) self.assertEqual(json.loads(response.content), {'detail': 'Not found.'}) self.assertEqual(response['content-type'], 'application/json')
class DeleteSingleCourseTest(TestCase): def setUp(self): # Every test needs access to the request factory. self.factory = APIRequestFactory() self.newCourse1 = Course.objects.create(name='course1', description='desc1', price=1000) self.invalid_pk = 2 def test_delete_valid_single_course(self): """Test the api valid delete new course.""" # Setup. url = "/courses/" + str(self.newCourse1.pk) request = self.factory.delete(url) # Run. course_detail = CourseViewSet.as_view({'delete': 'destroy'}) response = course_detail(request, pk=self.newCourse1.pk) # Check. self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) def test_delete_valid_single_course(self): """Test the api valid delete new course.""" # Setup. url = "/courses/" + str(self.invalid_pk) request = self.factory.delete(url) # Run. course_detail = CourseViewSet.as_view({'delete': 'destroy'}) response = course_detail(request, pk=self.invalid_pk) # Check. self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
class DeleteSinglePaymentTest(TestCase): def setUp(self): # Every test needs access to the request factory. self.factory = APIRequestFactory() self.newPayment = Payment.objects.create( order_id=3, amount_paid=14000, payment_method='CD', account_number='8736236426351234') self.invalid_pk = 2 def test_delete_valid_single_payment(self): """Test the api valid delete new payment.""" # Setup. url = "/payments/" + str(self.newPayment.pk) request = self.factory.delete(url) # Run. payment_detail = PaymentViewSet.as_view({'delete': 'destroy'}) response = payment_detail(request, pk=self.newPayment.pk) # Check. self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) def test_delete_valid_single_payment(self): """Test the api valid delete new payment.""" # Setup. url = "/payments/" + str(self.invalid_pk) request = self.factory.delete(url) # Run. payment_detail = PaymentViewSet.as_view({'delete': 'destroy'}) response = payment_detail(request, pk=self.invalid_pk) # Check. self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_delete_label(self): # Create a label self.cidr.labels.create(name='DeleteLabelKey', value='DeleteLabelValue') assert self.cidr.labelDict['DeleteLabelKey'] == 'DeleteLabelValue' factory = APIRequestFactory() view = LabelViewSet.as_view({'delete': 'destroy'}) request = factory.delete( reverse('cidr-labels-detail', kwargs={ 'pk': 'DeleteLabelKey', 'cidr_pk': self.cidr.id })) force_authenticate(request, user=self.admin, token=self.token) response = view(request, pk='DeleteLabelKey', cidr_pk=self.cidr.id) assert response.status_code == 204 assert self.cidr.labelDict.get('DeleteLabelKey', None) is None # Try to delete a label which does not exist request = factory.delete( reverse('cidr-labels-detail', kwargs={ 'pk': 'DeleteNonExistingLabelKey', 'cidr_pk': self.cidr.id })) force_authenticate(request, user=self.admin, token=self.token) response = view(request, pk='DeleteNonExistingLabelKey', cidr_pk=self.cidr.id) assert response.status_code == 404
def test_delete_token(self): # First we let the user delete a token owned by admin factory = APIRequestFactory() view = TokenViewSet.as_view({'delete': 'destroy'}) request = factory.delete( reverse('token-detail', kwargs={'pk': self.token.key})) force_authenticate(request, user=self.user) response = view(request, pk=self.token.key) # The API pretends not to know this token assert response.status_code == 404 assert FlaggedToken.objects.get(key=self.token.key) # Now we actually delete tokens for user, token in [(self.user, self.rtoken), (self.admin, self.token)]: request = factory.delete( reverse('token-detail', kwargs={'pk': self.token.key})) force_authenticate(request, user=user) response = view(request, pk=token.key) assert response.status_code == 204 assert len(FlaggedToken.objects.filter(key=token.key)) == 0
class RecipeDestroyTestCase(TestCase): def setUp(self): super(RecipeDestroyTestCase, self).setUp() self.rf = APIRequestFactory() self.view = RecipeRetrieveUpdateDestroyAPIView.as_view() self.user = mommy.make(settings.AUTH_USER_MODEL) def test_without_authenticated_user(self): recipe = mommy.make('Recipe') request = self.rf.delete( reverse('recipe_retrieve_update_and_destroy', kwargs={'pk': recipe.pk} )) raw_response = self.view(request, pk=recipe.pk) response = raw_response.render() self.assertEqual(response.status_code, 403) def test_non_existing_recipe(self): request = self.rf.delete( reverse('recipe_retrieve_update_and_destroy', kwargs={'pk': 1} )) force_authenticate(request, user=self.user) raw_response = self.view(request, pk=1) response = raw_response.render() self.assertEqual(response.status_code, 404) def test_recipe_by_other_user(self): other_user = mommy.make(settings.AUTH_USER_MODEL) recipe = mommy.make('Recipe', created_by=other_user) request = self.rf.delete( reverse('recipe_retrieve_update_and_destroy', kwargs={'pk': recipe.pk} )) force_authenticate(request, user=self.user) raw_response = self.view(request, pk=recipe.pk) response = raw_response.render() self.assertEqual(response.status_code, 403) def test_recipe_by_user(self): recipe = mommy.make('Recipe', created_by=self.user) request = self.rf.delete( reverse('recipe_retrieve_update_and_destroy', kwargs={'pk': recipe.pk} )) force_authenticate(request, user=self.user) raw_response = self.view(request, pk=recipe.pk) response = raw_response.render() old_id = recipe.pk self.assertEqual(response.status_code, 204) self.assertFalse(Recipe.objects.filter(pk=old_id).exists())
class CrowdfundTest(APITestCase): def setUp(self): self.factory = APIRequestFactory() self.user = get_user_model().objects.create_user( email='*****@*****.**', name='usertest', password='******') self.id = self.user.id self.token = Token.objects.create(user=self.user) self.token.save() def test_get(self): request = self.factory.get('/crowdfund/api/fund/') force_authenticate(request, token=self.token.key) view = views.FundraiserViewSet.as_view({'get': 'list'}) response = view(request) self.assertEqual(response.status_code, 200) def test_post(self): data = { "user": '******', "title": "mock", "description": "mock", "date_goal": '2021-12-22', "amount_goal": "2000" } request = self.factory.post(f'/crowdfund/api/fund/', data) force_authenticate(request, token=self.token.key) view = views.FundraiserViewSet.as_view({'post': 'create'}) response = view(request) self.assertEqual(response.status_code, 200) def test_edit(self): request = self.factory.patch(f'/crowdfund/api/fund/', {'title':'edited'}) force_authenticate(request, token=self.token.key) view = views.FundraiserViewSet.as_view({'patch': 'partial_update'}) response = view(request,pk=self.user.id) self.assertEqual(response.status_code, 200) def test_edit_without_auth(self): request = self.factory.patch(f'/crowdfund/api/fund/', {'title':'edited'}) # force_authenticate(request, token=self.token.key) view = views.FundraiserViewSet.as_view({'patch': 'partial_update'}) response = view(request,pk=self.user.id) self.assertEqual(response.status_code, 204) def test_delete_without_auth(self): request = self.factory.delete(f'/crowdfund/api/fund/') # force_authenticate(request, token=self.token.key) view = views.FundraiserViewSet.as_view({'delete': 'destroy'}) response = view(request,pk=self.user.id) self.assertEqual(response.status_code, 204) def test_delete(self): request = self.factory.delete(f'/crowdfund/api/fund/') force_authenticate(request, token=self.token.key) view = views.FundraiserViewSet.as_view({'delete': 'destroy'}) response = view(request,pk=self.user.id) self.assertEqual(response.status_code, 203)
class PlacesViewsTest(TestCase): def setUp(self): self.data = { "title": "title", "description": "description", "coordinates": "SRID=4326;POINT(1 1)", } self.baseurl = "/api/places/" self.factory = APIRequestFactory() self.view = PlacesViewSet.as_view( {"get": "list", "post": "create", "patch": "update", "delete": "destroy"} ) self.user = get_user_model().objects.create( username="******", password="******" ) self.place = Places.objects.create(**self.data, user=self.user) def test_resolve_view_cls(self): self.assertEqual(resolve("/api/places/").func.cls, PlacesViewSet) def test_get_method_authed(self): req = self.factory.get(self.baseurl) force_authenticate(req, self.user) res = self.view(req) self.assertEqual(res.status_code, 200) def test_create_method_authed(self): req = self.factory.post(self.baseurl, self.data) force_authenticate(req, self.user) res = self.view(req) self.assertEqual(res.status_code, 201) def test_update_method_authed(self): req = self.factory.patch(self.baseurl, self.data) force_authenticate(req, self.user) res = self.view(req, pk=self.place.pk) self.assertEqual(res.status_code, 200) def test_destroy_method_authed(self): req = self.factory.delete(self.baseurl) force_authenticate(req, self.user) res = self.view(req, pk=self.place.pk) self.assertEqual(res.status_code, 204) def test_methods_not_authed(self): res = [ self.view(self.factory.get(self.baseurl)), self.view(self.factory.post(self.baseurl, self.data)), self.view(self.factory.patch(self.baseurl, self.data), pk=self.place.pk), self.view(self.factory.delete(self.baseurl), pk=self.place.pk), ] for r in res: self.assertEqual(r.status_code, 401)
class SingleSuperuserAjaxViewTest(TestCase): """Test Ajax API for a single superuser.""" def setUp(self): """Set up test.""" self.factory = APIRequestFactory() self.view = SingleSuperuserAjaxView.as_view() self.user = UserFactory.create(**{'is_superuser': False}) self.superuser = UserFactory.create(**{'is_superuser': True}) self.user_to_remove = UserFactory.create(**{'is_superuser': True}) def test_delete_with_anonymous_user(self): """Test DELETE with anonymous user.""" request = self.factory.delete( reverse('ajax:superusertools_single_superuser', kwargs={'user_id': self.user_to_remove.id})) response = self.view(request, user_id=self.user_to_remove.id).render() self.assertEqual(response.status_code, 403) self.assertEqual(User.objects.filter(is_superuser=True).count(), 2) def test_delete_with_user(self): """Test DELETE with user.""" request = self.factory.delete( reverse('ajax:superusertools_single_superuser', kwargs={'user_id': self.user_to_remove.id})) force_authenticate(request, user=self.user) response = self.view(request, user_id=self.user_to_remove.id).render() self.assertEqual(response.status_code, 403) self.assertEqual(User.objects.filter(is_superuser=True).count(), 2) def test_delete_with_superuser(self): """Test DELETE with superuser.""" request = self.factory.delete( reverse('ajax:superusertools_single_superuser', kwargs={'user_id': self.user_to_remove.id})) force_authenticate(request, user=self.superuser) response = self.view(request, user_id=self.user_to_remove.id).render() self.assertEqual(response.status_code, 204) self.assertEqual(User.objects.filter(is_superuser=True).count(), 1) def test_delete_when_no_superuser(self): """Test DELETE with superuser, when superuser does not exist.""" request = self.factory.delete( reverse('ajax:superusertools_single_superuser', kwargs={'user_id': 84774358734})) force_authenticate(request, user=self.superuser) response = self.view(request, user_id=84774358734).render() self.assertEqual(response.status_code, 404) self.assertEqual(User.objects.filter(is_superuser=True).count(), 2)
class WorkflowLevel2SortDeleteViewsTest(TestCase): def setUp(self): self.factory = APIRequestFactory() self.core_user = factories.CoreUser() factories.Group() def test_delete_workflowlevel2sort_superuser(self): self.core_user.is_staff = True self.core_user.is_superuser = True self.core_user.save() workflowlevel2sort = factories.WorkflowLevel2Sort() request = self.factory.delete('/workflowlevel2sort/') request.user = self.core_user view = WorkflowLevel2SortViewSet.as_view({'delete': 'destroy'}) response = view(request, pk=workflowlevel2sort.pk) self.assertEqual(response.status_code, 204) self.assertRaises( WorkflowLevel2Sort.DoesNotExist, WorkflowLevel2Sort.objects.get, pk=workflowlevel2sort.pk) def test_delete_workflowlevel2sort_normal_user(self): wflvl1 = factories.WorkflowLevel1( organization=self.core_user.organization) workflowlevel2sort = factories.WorkflowLevel2Sort( workflowlevel1=wflvl1) request = self.factory.delete('/workflowlevel2sort/') request.user = self.core_user view = WorkflowLevel2SortViewSet.as_view({'delete': 'destroy'}) response = view(request, pk=workflowlevel2sort.pk) self.assertEqual(response.status_code, 204) self.assertRaises( WorkflowLevel2Sort.DoesNotExist, WorkflowLevel2Sort.objects.get, pk=workflowlevel2sort.pk) def test_delete_workflowlevel2sort_diff_org_normal_user(self): group_org_admin = factories.CoreGroup(name='Org Admin', is_org_level=True, permissions=PERMISSIONS_ORG_ADMIN, organization=self.core_user.organization) self.core_user.core_groups.add(group_org_admin) another_org = factories.Organization(name='Another Org') wflvl1 = factories.WorkflowLevel1(organization=another_org) workflowlevel2sort = factories.WorkflowLevel2Sort( workflowlevel1=wflvl1) request = self.factory.delete('/workflowlevel2sort/') request.user = self.core_user view = WorkflowLevel2SortViewSet.as_view({'delete': 'destroy'}) response = view(request, pk=workflowlevel2sort.pk) self.assertEqual(response.status_code, 403) WorkflowLevel2Sort.objects.get(pk=workflowlevel2sort.pk)
class SingleSuperuserAjaxViewTest(TestCase): """Test Ajax API for a single superuser.""" def setUp(self): """Set up test.""" self.factory = APIRequestFactory() self.view = SingleSuperuserAjaxView.as_view() self.user = UserFactory.create(**{"is_superuser": False}) self.superuser = UserFactory.create(**{"is_superuser": True}) self.user_to_remove = UserFactory.create(**{"is_superuser": True}) def test_delete_with_anonymous_user(self): """Test DELETE with anonymous user.""" request = self.factory.delete( reverse("ajax:superusertools_single_superuser", kwargs={"user_id": self.user_to_remove.id}) ) response = self.view(request, user_id=self.user_to_remove.id).render() self.assertEqual(response.status_code, 403) self.assertEqual(User.objects.filter(is_superuser=True).count(), 2) def test_delete_with_user(self): """Test DELETE with user.""" request = self.factory.delete( reverse("ajax:superusertools_single_superuser", kwargs={"user_id": self.user_to_remove.id}) ) force_authenticate(request, user=self.user) response = self.view(request, user_id=self.user_to_remove.id).render() self.assertEqual(response.status_code, 403) self.assertEqual(User.objects.filter(is_superuser=True).count(), 2) def test_delete_with_superuser(self): """Test DELETE with superuser.""" request = self.factory.delete( reverse("ajax:superusertools_single_superuser", kwargs={"user_id": self.user_to_remove.id}) ) force_authenticate(request, user=self.superuser) response = self.view(request, user_id=self.user_to_remove.id).render() self.assertEqual(response.status_code, 204) self.assertEqual(User.objects.filter(is_superuser=True).count(), 1) def test_delete_when_no_superuser(self): """Test DELETE with superuser, when superuser does not exist.""" request = self.factory.delete(reverse("ajax:superusertools_single_superuser", kwargs={"user_id": 84774358734})) force_authenticate(request, user=self.superuser) response = self.view(request, user_id=84774358734).render() self.assertEqual(response.status_code, 404) self.assertEqual(User.objects.filter(is_superuser=True).count(), 2)
class InternationalizationDeleteViewTest(TestCase): def setUp(self): self.core_user = factories.CoreUser() self.factory = APIRequestFactory() def test_delete_unexisting_internationalization(self): self.core_user.is_staff = True self.core_user.is_superuser = True self.core_user.save() request = self.factory.delete('/internationalization/') request.user = self.core_user view = InternationalizationViewSet.as_view({'delete': 'destroy'}) response = view(request, pk=999) self.assertEqual(response.status_code, 404) def test_delete_internationalization_superuser(self): """ Superusers are able to delete any translation """ self.core_user.is_staff = True self.core_user.is_superuser = True self.core_user.save() inter = factories.Internationalization() request = self.factory.delete('/internationalization/') request.user = self.core_user view = InternationalizationViewSet.as_view({'delete': 'destroy'}) response = view(request, pk=inter.pk) self.assertEqual(response.status_code, 204) self.assertRaises(Internationalization.DoesNotExist, Internationalization.objects.get, pk=inter.pk) def test_delete_internationalization_normaluser(self): """ Normal users aren't able to delete translations """ inter = factories.Internationalization() request = self.factory.delete('/internationalization/') request.user = self.core_user view = InternationalizationViewSet.as_view({'delete': 'destroy'}) response = view(request, pk=inter.pk) self.assertEqual(response.status_code, 403)
def test(self): creator = UserF.create() admin = UserF.create() project = ProjectF(add_admins=[admin]) observation = ObservationFactory.create(**{ 'project': project, 'creator': creator }) comment = CommentFactory.create() factory = APIRequestFactory() url = reverse('api:myobservations_single_comment', kwargs={ 'project_id': project.id, 'observation_id': observation.id, 'comment_id': comment.id }) request = factory.delete(url) force_authenticate(request, user=admin) view = MyContributionsSingleCommentAPIView.as_view() response = view( request, project_id=project.id, observation_id=observation.id, comment_id=comment.id ).render() self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_delete_comment_with_creator_but_other_comment(self): comment = CommentFactory.create(**{ 'commentto': self.observation }) factory = APIRequestFactory() url = reverse('api:myobservations_single_comment', kwargs={ 'project_id': self.project.id, 'observation_id': self.observation.id, 'comment_id': self.comment_to_remove.id }) request = factory.delete( url, {'text': 'A comment to the observation'} ) force_authenticate(request, user=self.creator) view = MyContributionsSingleCommentAPIView.as_view() response = view( request, project_id=self.project.id, observation_id=self.observation.id, comment_id=comment.id ).render() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) observation = Observation.objects.get(pk=self.observation.id) self.assertIn(self.comment, observation.comments.all()) self.assertIn(self.comment_to_remove, observation.comments.all())
class DeleteProjectTests(APITestCase): def setUp(self): self.anonymous_user = AnonymousUserFactory() self.user = UserFactory.create() self.group = GroupFactory.create(name=self.user.username) self.project = ProjectFactory.create(owner=self.group) self.not_user = UserFactory.create() self.not_group = GroupFactory.create(name=self.not_user.username) self.view = ProjectViewSet.as_view({"delete": "destroy"}) self.factory = APIRequestFactory() self.url = reverse("api:v2:project-detail", args=(self.project.id,)) self.request = self.factory.delete(self.url) def test_anonymous_user_cannot_delete_project(self): force_authenticate(self.request, user=self.anonymous_user) response = self.view(self.request) self.assertEquals(response.status_code, 403) def test_user_cannot_delete_project_they_do_not_own(self): force_authenticate(self.request, user=self.not_user) response = self.view(self.request, pk=self.project.id) self.assertEquals(response.status_code, 404) def test_user_can_delete_project_they_own(self): force_authenticate(self.request, user=self.user) response = self.view(self.request, pk=self.project.id) self.assertEquals(response.status_code, 204)
class MaterialViewSetTestCase(APITestCase): def setUp(self): self.factory = APIRequestFactory() self.teacher = create_user( first_name=fake.first_name(), last_name=fake.last_name(), email=fake.email(), raw_password='******', registered_as='teacher', ) self.course = CourseFactory(teacher=self.teacher.teacher_profile) self.material = MaterialFactory(course=self.course) def test_get_one_material(self): instance = self.material field_set = { 'description', 'document', 'enabled', } view = MaterialGetUpdateRemoveViewSet.as_view() request = self.factory.get('api/materials/<pk:int>') force_authenticate(request, user=self.teacher) response = view(request, pk=instance.id) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data['course'], instance.course.id) for field in field_set: self.assertEqual( str(response.data[field]), str(getattr(instance, field)), ) def test_update_material(self): instance = self.material data = { 'enabled': fake.boolean(), 'course': self.course.id, 'document': fake.image_url(), 'description': fake.paragraph(), } view = MaterialGetUpdateRemoveViewSet.as_view() request = self.factory.put( 'api/materials/<pk:int>', data, format='json', ) force_authenticate(request, user=self.teacher) response = view(request, pk=instance.id) self.assertEqual(response.status_code, status.HTTP_200_OK) course_id = data.pop('course') self.assertEqual(course_id, response.data['course']) for key, value in data.items(): self.assertEqual(str(response.data[key]), str(value)) def test_delete_material(self): instance = self.material view = MaterialGetUpdateRemoveViewSet.as_view() request = self.factory.delete('api/materials/<pk:int>') force_authenticate(request, user=self.teacher) response = view(request, pk=instance.id) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertFalse( Material.objects.filter(id=instance.id).exists(), )
class TestActionsList(APITestCase): fixtures = ['pydnd/fixtures/db_fixture.json'] def setUp(self): self.factory = APIRequestFactory() self.view = views.SpecialAbilityList.as_view() self.uri = 'special_abilities' def test_list(self): request = self.factory.get(self.uri) response = self.view(request) self.assertEqual(response.status_code, 200, 'Expected Response Code 200, received {0} instead.' .format(response.status_code)) def test_cannot_delete(self): request = self.factory.delete(self.uri) response = self.view(request) self.assertEqual(response.status_code, 405, 'Expected Response Code 405, received {0} instead.' .format(response.status_code)) def test_cannot_put(self): request = self.factory.put(self.uri) response = self.view(request) self.assertEqual(response.status_code, 405, 'Expected Response Code 405, received {0} instead.' .format(response.status_code))
class TestAjaxViews(TestCase): def setUp(self): self.coffee = factories.CoffeeFactory.create() self.coffee._generate_profile() self.roastprofile = self.coffee.roastprofile_set.all()[0] self.request_factory = RequestFactory() self.api_request_factory = APIRequestFactory() def tearDown(self): self.coffee.delete() def test_coffee_delete(self): """ Test that this view properly deletes a Coffee based on it's ID """ request = self.api_request_factory.delete( reverse( 'rest-coffee-detail', args=(self.coffee.id,), ) ) self.assertEquals(models.Coffee.objects.filter(id=self.coffee.id).exists(), True) view = views.CoffeeViewSet.as_view(actions={'delete':'destroy'}) response = view(request, pk=self.coffee.id) self.assertEquals(models.Coffee.objects.filter(id=self.coffee.id).exists(), False) # Assert that some success code (2xx) was received. self.assertEquals(str(response.status_code).startswith('2'), True)
def test_get_asn_delete( self, hosting_provider_with_sample_user: ac_models.Hostingprovider, green_asn: gc_models.GreencheckASN, ): """ Can we delete an ASN via the API, marking it as 'inactive' in our database? """ green_asn.save() rf = APIRequestFactory() url_path = reverse("asn-detail", kwargs={"pk": green_asn.id}) user = hosting_provider_with_sample_user.user_set.first() request = rf.delete(url_path) request.user = user # GET end point for IP Ranges view = gc_viewsets.ASNViewSet.as_view({"delete": "destroy"}) response = view(request, pk=green_asn.id) # check contents assert response.status_code == 204 assert gc_models.GreencheckASN.objects.filter(asn=12345).count() == 1 fetched_green_asn = gc_models.GreencheckASN.objects.filter(asn=12345).first() assert not fetched_green_asn.active
def _test_delete_detail_from_other_bot(self, func_url, view, *args): new_bot = self.create_bot(owner=self.bot.owner, token=self.mytoken2) factory = APIRequestFactory() request = factory.delete(func_url(new_bot.pk)) force_authenticate(request, user=self.bot.owner) response = view.as_view()(request, new_bot.pk, *args) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_delete_app(app: AppFactory, user: settings.AUTH_USER_MODEL, request_factory: APIRequestFactory, app_view: Callable, plan: PlanFactory): request = request_factory.delete(f"/api/v1/apps/{app.id}") force_authenticate(request, user=user) response = app_view(request, pk=app.id) assert response.status_code == 204
def test_articles(self): article1 = Article.objects.get(article_title = "test title 1") article2 = Article.objects.get(article_title = "test title 2") #create necessary views for sending requests getRequest = ArticleViewSet.as_view(actions = {'get': 'retrieve'}) postRequest = ArticleViewSet.as_view(actions = {'post': 'create'}) updateRequest = ArticleViewSet.as_view(actions = {'put': 'update'}) deleteRequest = ArticleViewSet.as_view(actions = {'delete': 'destroy'}) factory = APIRequestFactory() # to create requests #test get self.assertEqual(getRequest(factory.get('articles/'), pk = article1.id).status_code, 200) self.assertEqual(getRequest(factory.get('articles/'), pk = article2.id).status_code, 200) #test post self.assertEqual(postRequest(factory.post('articles/', {"article_title": "test title 3", "article_text": "test text 3"})).status_code, 200) article3 = Article.objects.get(article_title = "test title 3") self.assertEqual(getRequest(factory.get('articles/'), pk = article3.id).data["article_text"], "test text 3") #test delete self.assertEqual(deleteRequest(factory.delete('articles/'), pk = article2.id).status_code, 204) self.assertEqual(getRequest(factory.get('articles/'), pk = article2.id).status_code, 404) # should have been deleted #test update self.assertEqual(updateRequest(factory.put('articles/', {"article_title": "test title 1 updated", "article_text":"test text 1 updated"}), pk=article1.id).status_code, 200) self.assertEqual(getRequest(factory.get('articles/'), pk = 1).data["article_text"], "test text 1 updated")
class DeleteProjectTests(APITestCase): def setUp(self): self.anonymous_user = AnonymousUserFactory() self.user = UserFactory.create() self.group = GroupFactory.create(name=self.user.username) self.project = ProjectFactory.create(owner=self.group) self.not_user = UserFactory.create() self.not_group = GroupFactory.create(name=self.not_user.username) self.view = ProjectViewSet.as_view({'delete': 'destroy'}) self.factory = APIRequestFactory() self.url = reverse('api:v2:project-detail', args=(self.project.id, )) self.request = self.factory.delete(self.url) def test_anonymous_user_cannot_delete_project(self): force_authenticate(self.request, user=self.anonymous_user) response = self.view(self.request) self.assertEquals(response.status_code, 403) def test_user_cannot_delete_project_they_do_not_own(self): force_authenticate(self.request, user=self.not_user) response = self.view(self.request, pk=self.project.id) self.assertEquals(response.status_code, 404) def test_user_can_delete_project_they_own(self): force_authenticate(self.request, user=self.user) response = self.view(self.request, pk=self.project.id) self.assertEquals(response.status_code, 204)
def test_document_detail_delete(db, document): factory = APIRequestFactory() pk = document.id url = reverse_lazy('document', args=(pk, )) request = factory.delete(url) response = DocumentDetail.as_view()(request, pk) assert response.status_code == 204
def test_can_only_destroy_asns_for_own_hosting_provider( self, hosting_provider_with_sample_user: ac_models.Hostingprovider, another_host_user: User, green_asn: gc_models.GreencheckASN, ): """ An user must be associated with a hosting provider to be able to create or destroy ASNs or IP Ranges for the provider """ green_asn.save() assert gc_models.GreencheckASN.objects.filter(asn=12345).count() == 1 rf = APIRequestFactory() url_path = reverse("asn-detail", kwargs={"pk": green_asn.id}) hosting_provider_with_sample_user.user_set.first() request = rf.delete(url_path) request.user = another_host_user # GET end point for IP Ranges view = gc_viewsets.ASNViewSet.as_view({"delete": "destroy"}) response = view(request, pk=green_asn.id) # check contents assert response.status_code == 404 assert ( gc_models.GreencheckASN.objects.filter(asn=12345, active=True).count() == 1 )
def test_destroy_mixin(self): factory = APIRequestFactory() request = factory.delete("/test_resources/1") view = TestViewSet.as_view({"delete": "destroy"}) response = view(request, pk=1) self.assertEqual(response.status_code, 204) self.assertIsInstance(response.context["resource"], TestModel)
def delete_request(view, user, query_params='', **extra): factory = APIRequestFactory() path = '' if query_params: path = '?' + urlencode(query_params) request = factory.delete(path, **get_headers(user)) return view(request, **extra)
def test_apply_user_annotation(self): url = f'/api/texts/{self.text.pk}/witnesses/{self.witness.pk}/applied_annotations/' factory = APIRequestFactory() # add applied annotation request = factory.post(url, {'annotation_id': self.annotation.pk}) force_authenticate(request, user=self.user) response = AppliedUserAnnotations.as_view()(request) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) applied_annotation = AppliedUserAnnotation.objects.get( annotation=self.annotation) request = factory.get(url) force_authenticate(request, user=self.user) response = AppliedUserAnnotations.as_view()(request, self.annotation.witness_id) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.data[0]['annotation'], self.annotation.pk) url = url + str(self.annotation.pk) request = factory.delete(url) force_authenticate(request, user=self.user) response = AppliedUserAnnotationDetail.as_view()(request, self.annotation.pk) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(AppliedUserAnnotation.objects.count(), 0)
def test_comment_destroy(self): # 유저, 포스트, 코멘트 트랙 생성 user1 = self.create_user() user2 = self.create_user(email='*****@*****.**', nickname='testuser2') post = self.create_post(user=user1) comment = self.create_comment(post=post, user=user2) pk = comment.data['id'] # /post/comment/pk/에 DELETE 요청 보냄 factory = APIRequestFactory() request = factory.delete(f'/post/comment/{pk}/') view = CommentTrackDetail.as_view() response = view(request, pk=pk) # 인증 정보가 없는 경우 삭제 불가능 테스트 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) # 작성자가 아닌 경우 삭제 불가능 테스트 force_authenticate(request, user=user1) response = view(request, pk=pk) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) # 작성자인 경우 삭제 가능 테스트 force_authenticate(request, user=user2) response = view(request, pk=pk) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) # 코멘트가 삭제되었는지 확인 response = self.client.get(f'http://testserver/post/comment/{pk}/') self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def solve3(view): action_name = dec(b'ImVtYWlsIg==') allow_method = dec(b'WyJnZXQiLCAiZGVsZXRlIl0=') router = SimpleRouter() router.register('users', view) group_by_methods, group_by_actions = get_actions_from_router(router) assert group_by_actions.get(action_name, None), 'email action 이 구현되지 않았습니다.' assert allow_method == group_by_actions.get( action_name, [] ), f'email action 은 GET, DELETE Method 를 허용해야합니다. 현재 email action 은 {", ".join(group_by_actions.get(action_name, []))} 을 허용중입니다.' factory = APIRequestFactory() view = view.as_view(actions={'get': action_name}) user = baker.make(User, email='*****@*****.**') response = view(factory.get(''), pk=user.pk) assert response.status_code == 200, f'get API 호출 결과의 status_code 가 일치하지 않습니다: 현재: {response.status_code}' assert response.data == '*****@*****.**', f'get API 호출 결과는 {"*****@*****.**"} 이 되어야 합니다: 현재: {response.data}' view = view.as_view(actions={'delete': action_name}) response = view(factory.delete(''), pk=user.pk) user.refresh_from_db() assert response.status_code == 204, f'delete API 호출 결과의 status_code 가 일치하지 않습니다: 현재: {response.status_code}' assert not user.email, 'delete API 호출 결과 유저의 email 속성이 지워지지 않았습니다.'
def test_post_destroy(self): # 포스트 생성 pk = self.create_post().data['id'] # /post/pk/으로 DELETE 요청을 보냄 factory = APIRequestFactory() request = factory.delete(f'/post/{pk}/') view = PostDetail.as_view() response = view(request, pk=pk) # 인증 데이터가 없을 경우 포스트 삭제 불가 테스트 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) # 작성자가 아닌 경우 포스트 삭제 불가능한지 테스트 user = self.create_user('*****@*****.**', 'testuser2') force_authenticate(request, user=user) response = view(request, pk=pk) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) # 작성자인 경우 삭제 가능 user = User.objects.get(email='*****@*****.**') force_authenticate(request, user=user) response = view(request, pk=pk) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) # 포스트가 삭제되었는지 확인 request = factory.get(f'/post/{pk}/') view = PostDetail.as_view() response = view(request, pk=pk) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_destroy_like_comment_without_params(self): """ Ensure we can destroy like comment without params """ factory = APIRequestFactory() user = utils.create_user() comment = utils.create_comment(user) view = views.LikeCommentViewSet.as_view({ 'post': 'create', 'delete': 'destroy' }) # Create url = self.get_url_endpoint request = factory.post(url, { 'users': str(user.pk), 'comment': comment.pk }) force_authenticate(request, user=user) response = view(request) # Delete url = self.get_url_endpoint + str(comment.pk) + "/" request = factory.delete(url) force_authenticate(request, user=user) response = view(request, pk=comment.pk) self.assertEqual(response.status_code == 404, True)
class PostApiTestCase(TestCase): def setUp(self): self.data = { 'title': 'Test API', 'content': 'New Content', 'publish': timezone.now().date() } self.factory = APIRequestFactory() self.user = User.objects.create(username='******', email='*****@*****.**', password='******', is_staff=True, is_superuser=True) def test_get_data(self): obj = Post.objects.create(title='Test API Post', content='New Content', publish=timezone.now().date()) list_url = reverse('posts-api:list') detail_url = reverse('posts:detail', kwargs={'slug': obj.slug}) # get list request = self.factory.get(list_url) response = PostListAPIView.as_view()(request) self.assertTrue(response.status_code, 200) # get detail request = self.factory.get(detail_url) response = PostDetailAPIView.as_view()(request, slug=obj.slug) self.assertTrue(response.status_code, 200) def test_crud_data(self): obj = Post.objects.create(title='Test API Post', content='New Content', publish=timezone.now().date()) create_url = reverse('posts-api:create') update_url = reverse('posts-api:update', kwargs={'slug': obj.slug}) delete_url = reverse('posts-api:delete', kwargs={'slug': obj.slug}) request_create = self.factory.post(create_url, data=self.data) force_authenticate(request_create, self.user) response_create = PostCreateAPIView.as_view()(request_create, slug=obj.slug) self.assertEqual(response_create.status_code, 201) request_update = self.factory.put(update_url, data=self.data) force_authenticate(request_update, self.user) response_update = PostUpdateAPIView.as_view()(request_update, slug=obj.slug) self.assertEqual(response_update.status_code, 200) request_delete = self.factory.delete(delete_url) force_authenticate(request_delete, self.user) response_delete = PostDeleteAPIView.as_view()(request_delete, slug=obj.slug) self.assertEqual(response_delete.status_code, 204)
def test_destroy_like_topic(self): """ Ensure we can destroy like topic """ factory = APIRequestFactory() user = utils.create_user() topic = utils.create_topic(user) view = views.LikeTopicViewSet.as_view({ 'post': 'create', 'delete': 'destroy' }) # Create url = self.get_url_endpoint request = factory.post(url, { 'users': str(user.pk), 'topic': str(topic.pk) }) force_authenticate(request, user=user) response = view(request) # Delete url = self.get_url_endpoint + str(topic.pk) + "/" request = factory.delete(url, {'users': str(user.pk)}) force_authenticate(request, user=user) response = view(request, pk=topic.pk) self.assertEqual(response.status_code == 200, True)
def test_delete_task(self): factory = APIRequestFactory() view = TaskDetail.as_view() project = Project.objects.create(title='TestProject') tasks = Task.objects.bulk_create([(Task(id=1, title='Test1', description='d1', project=project)), (Task(id=2, title='Test2', description='d2', project=project)), (Task(id=3, title='Test3', description='d3', project=project))]) task = tasks[0] request = factory.delete('/api/tasks/1') force_authenticate(request, user=self.test_user, token=self.full_access_token) response = view(request, pk='1') self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(len(Task.objects.all()), 2) self.assertNotIn(task, Task.objects.all())
def test_destroy_to_many_valid_iterator(self): factory = APIRequestFactory() request = factory.delete("/test_resources/relationships/related_thing", format="json") view = self.TestManyView() request.data = {"data": [{"type": "test_resource", "id": "5"}]} view.relationship_destroy(request, 1, "related_things")
class TagDestroyTestCase(TestCase): def setUp(self): super(TagDestroyTestCase, self).setUp() self.rf = APIRequestFactory() self.view = TagRetrieveUpdateDestroyAPIView.as_view() self.user = mommy.make(settings.AUTH_USER_MODEL) def test_without_authenticated_user(self): tag = mommy.make('Tag') request = self.rf.delete( reverse('tags_retrieve_update_and_destroy', kwargs={'pk': tag.pk} )) raw_response = self.view(request, pk=tag.pk) response = raw_response.render() self.assertEqual(response.status_code, 403) def test_non_existing_tag(self): request = self.rf.delete( reverse('tags_retrieve_update_and_destroy', kwargs={'pk': 1} )) force_authenticate(request, user=self.user) raw_response = self.view(request, pk=1) response = raw_response.render() self.assertEqual(response.status_code, 404) def test_delete_tag(self): tag = mommy.make('Tag') request = self.rf.delete( reverse('tags_retrieve_update_and_destroy', kwargs={'pk': tag.pk} )) force_authenticate(request, user=self.user) raw_response = self.view(request, pk=tag.pk) response = raw_response.render() old_id = tag.pk self.assertEqual(response.status_code, 204) self.assertFalse(Tag.objects.filter(pk=old_id).exists())
def setUp(self): self.tag = TagFactory.create() self.anonymous_user = AnonymousUserFactory() self.user = UserFactory() self.staff_user = UserFactory(is_staff=True) factory = APIRequestFactory() url = reverse('api:v2:tag-detail', args=(self.tag.id,)) self.request = factory.delete(url) self.view = TagViewSet.as_view({'delete': 'destroy'})
def test_contact_delete_fail(self): view = v1_views.ContactViewSet.as_view({'get': 'list'}) factory = APIRequestFactory() request = factory.delete('/api/v1/contact/') force_authenticate(request, user=self.user) response = view(request, pk=self.user_contact.id) # HTTP 405 self.assertEquals( response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED, response.data)
def test_delete_not_existing_user(self): factory = APIRequestFactory() user = UserF.create(**{'is_superuser': True}) request = factory.delete( reverse('ajax:superusers_deleteuser', kwargs={ 'user_id': 84774358734 }) ) force_authenticate(request, user=user) view = DeleteSuperUsersAjaxView.as_view() response = view(request, user_id=84774358734).render() self.assertEqual(response.status_code, 404) self.assertEqual(len(User.objects.filter(is_superuser=True)), 1)
def test_request_delete_fail(self): view = v1_views.RequestViewSet.as_view({'get': 'list'}) factory = APIRequestFactory() request = factory.delete('/api/v1/request/') force_authenticate(request, user=self.user) requests = self.response.data.get('requests') response = view(request, pk=requests[0].get('id')) # HTTP 405 self.assertEquals( response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED, response.data)
def get_response(self, user): factory = APIRequestFactory() request = factory.delete( "/api/projects/%s/contributions/%s/comments/%s/" % (self.project.id, self.contribution.id, self.comment_to_remove.id), {"text": "A comment to the contribution."}, ) force_authenticate(request, user=user) view = SingleCommentAPIView.as_view() return view( request, project_id=self.project.id, contribution_id=self.contribution.id, comment_id=self.comment_to_remove.id, ).render()
def test_delete_with_user(self): factory = APIRequestFactory() user = UserF.create(**{'is_superuser': False}) user_to_remove = UserF.create(**{'is_superuser': True}) request = factory.delete( reverse('ajax:superusers_deleteuser', kwargs={ 'user_id': user_to_remove.id }) ) force_authenticate(request, user=user) view = DeleteSuperUsersAjaxView.as_view() response = view(request, user_id=user_to_remove.id).render() self.assertEqual(response.status_code, 403) self.assertEqual(len(User.objects.filter(is_superuser=True)), 1)
def get_response(self, user): factory = APIRequestFactory() request = factory.delete( '/api/projects/%s/observations/%s/comments/%s/' % (self.project.id, self.observation.id, self.comment_to_remove.id), {'text': 'A comment to the observation'} ) force_authenticate(request, user=user) view = AllContributionsSingleCommentAPIView.as_view() return view( request, project_id=self.project.id, observation_id=self.observation.id, comment_id=self.comment_to_remove.id ).render()
def test(self): admin = UserFactory.create() project = ProjectFactory(add_admins=[admin]) contribution = ObservationFactory.create(**{"project": project}) comment = CommentFactory.create() factory = APIRequestFactory() request = factory.delete( "/api/projects/%s/contributions/%s/comments/%s/" % (project.id, contribution.id, comment.id), {"text": "A comment to the contribution."}, ) force_authenticate(request, user=admin) view = SingleCommentAPIView.as_view() response = view(request, project_id=project.id, contribution_id=contribution.id, comment_id=comment.id).render() self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def get_response(self, user, comment_to_remove=None): if not comment_to_remove: comment_to_remove = self.comment_to_remove factory = APIRequestFactory() request = factory.delete( '/api/projects/%s/contributions/%s/comments/%s/' % (self.project.id, self.contribution.id, comment_to_remove.id), {'text': 'A comment to the contribution.'} ) force_authenticate(request, user=user) view = SingleCommentAPIView.as_view() return view( request, project_id=self.project.id, contribution_id=self.contribution.id, comment_id=comment_to_remove.id ).render()
def makeRequest(self, get=None, post=None, delete=None, data=None): factory = APIRequestFactory() prefix = '/' + VERSION if get is not None: request = factory.get(prefix + get) elif post is not None: request = factory.post(prefix + post, data) elif delete is not None: request = factory.delete(prefix + delete) else: raise Exception('Unsupported request type') force_authenticate(request, user=self.user) return request
def get_response(self, user): factory = APIRequestFactory() url = reverse('api:myobservations_single_comment', kwargs={ 'project_id': self.project.id, 'observation_id': self.observation.id, 'comment_id': self.comment_to_remove.id }) request = factory.delete( url, {'text': 'A comment to the observation'} ) force_authenticate(request, user=user) view = MyContributionsSingleCommentAPIView.as_view() return view( request, project_id=self.project.id, observation_id=self.observation.id, comment_id=self.comment_to_remove.id ).render()
def setUp(self): self.anonymous_user = AnonymousUserFactory() self.user = UserFactory.create() self.access_token = create_access_token( self.user, "Test Token 1", issuer="Testing" ) factory = APIRequestFactory() self.create_view = AccessTokenViewSet.as_view({'post': 'create'}) self.create_request = factory.post( self.url_route, {'name': 'Test Token Creation'} ) self.invalid_create_request = factory.post( self.url_route, {'name': { 'Not': 'A String' }}, format='json' ) self.list_view = AccessTokenViewSet.as_view({'get': 'list'}) self.list_request = factory.get(self.url_route) self.delete_view = AccessTokenViewSet.as_view({'delete': 'destroy'}) self.delete_request = factory.delete( '{}/{}'.format(self.url_route, self.access_token.id) ) self.edit_view = AccessTokenViewSet.as_view({'put': 'update'}) self.edit_request = factory.put( '{}/{}'.format(self.url_route, self.access_token.id), {'name': 'Test Token New Name'} ) self.invalid_edit_request = factory.put( '{}/{}'.format(self.url_route, self.access_token.id), {'name': { 'Not': 'A String' }}, format='json' )
class TestDeleteCommitment(APITestCase): def setUp(self): self.factory = APIRequestFactory() self.username = "******" self.email = "*****@*****.**" self.password = "******" self.user = get_user_model().objects.create_user( username = self.username, email = self.email, password = self.password, ) self.commitment_dict = {'name': 'test commit', 'description':'you know what it is'} request = self.factory.post('/profile/commitments/', self.commitment_dict) force_authenticate(request, user=self.user) response = views.commitments_list(request) self.id_to_check = response.data['id'] def test_delete_details_endpoint(self): request_delete = self.factory.delete('/profile/commitments/' + str(self.id_to_check)) force_authenticate(request_delete, user=self.user) response = views.commitments_detail(request_delete, pk=self.id_to_check) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
def test(self): admin = UserF.create() project = ProjectF(add_admins=[admin]) category = CategoryFactory(**{'project': project}) view = GroupingFactory(**{'project': project}) RuleFactory(**{'grouping': view, 'category': category}) observation = ObservationFactory.create(**{ 'project': project, 'category': category }) comment = CommentFactory.create() factory = APIRequestFactory() factory = APIRequestFactory() url = reverse( 'api:view_single_comment', kwargs={ 'project_id': project.id, 'view_id': view.id, 'observation_id': observation.id, 'comment_id': comment.id } ) request = factory.delete(url) force_authenticate(request, user=admin) dataview = GroupingContributionsSingleCommentAPIView.as_view() response = dataview( request, project_id=project.id, view_id=view.id, observation_id=observation.id, comment_id=comment.id ).render() self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test(self): admin = UserF.create() project = ProjectF(add_admins=[admin]) observation = ObservationFactory.create(**{ 'project': project }) comment = CommentFactory.create() factory = APIRequestFactory() request = factory.delete( '/api/projects/%s/observations/%s/comments/%s/' % (project.id, observation.id, comment.id), {'text': 'A comment to the observation'} ) force_authenticate(request, user=admin) view = AllContributionsSingleCommentAPIView.as_view() response = view( request, project_id=project.id, observation_id=observation.id, comment_id=comment.id ).render() self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
class AllContributionsSingleMediaApiViewTest(TestCase): def setUp(self): self.factory = APIRequestFactory() self.admin = UserFactory.create() self.creator = UserFactory.create() self.viewer = UserFactory.create() self.project = ProjectFactory( add_admins=[self.admin], add_contributors=[self.creator] ) self.contribution = ObservationFactory.create( **{'project': self.project, 'creator': self.creator} ) self.image_file = ImageFileFactory.create( **{'contribution': self.contribution, 'creator': self.creator} ) def tearDown(self): files = glob.glob(os.path.join( settings.MEDIA_ROOT, 'user-uploads/images/*' )) for f in files: os.remove(f) def get(self, user): url = reverse( 'api:project_single_media', kwargs={ 'project_id': self.project.id, 'contribution_id': self.contribution.id, 'file_id': self.image_file.id } ) request = self.factory.get(url) force_authenticate(request, user) view = AllContributionsSingleMediaApiView.as_view() return view( request, project_id=self.project.id, contribution_id=self.contribution.id, file_id=self.image_file.id ).render() def delete(self, user, image_id=None): if image_id is None: image_id = self.image_file.id url = reverse( 'api:project_single_media', kwargs={ 'project_id': self.project.id, 'contribution_id': self.contribution.id, 'file_id': image_id } ) request = self.factory.delete(url) force_authenticate(request, user) view = AllContributionsSingleMediaApiView.as_view() return view( request, project_id=self.project.id, contribution_id=self.contribution.id, file_id=image_id ).render() def test_get_image_with_admin(self): response = self.get(self.admin) self.assertEqual(response.status_code, 200) def test_get_image_with_contributor(self): response = self.get(self.creator) self.assertEqual(response.status_code, 200) def test_get_image_with_some_dude(self): response = self.get(UserFactory.create()) self.assertEqual(response.status_code, 404) def test_get_image_with_anonymous(self): response = self.get(AnonymousUser()) self.assertEqual(response.status_code, 404) def test_delete_image_with_admin(self): response = self.delete(self.admin) self.assertEqual(response.status_code, 204) def test_get_not_existing_image_with_admin(self): response = self.delete(self.admin, image_id=545487654) self.assertEqual(response.status_code, 404) def test_delete_image_with_contributor(self): response = self.delete(self.creator) self.assertEqual(response.status_code, 204) def test_delete_image_with_some_dude(self): response = self.delete(UserFactory.create()) self.assertEqual(response.status_code, 404) def test_delete_image_with_anonymous(self): response = self.delete(AnonymousUser()) self.assertEqual(response.status_code, 404)
class MediaFileSingleAbstractViewTest(TestCase): def setUp(self): self.factory = APIRequestFactory() self.admin = UserFactory.create() self.creator = UserFactory.create() self.project = ProjectFactory( add_admins=[self.admin], add_contributors=[self.creator] ) self.contribution = ObservationFactory.create( **{'project': self.project, 'creator': self.creator} ) self.image_file = ImageFileFactory.create( **{'contribution': self.contribution, 'creator': self.creator} ) def tearDown(self): files = glob.glob(os.path.join( settings.MEDIA_ROOT, 'user-uploads/images/*' )) for f in files: os.remove(f) def render(self, response): response.accepted_renderer = JSONRenderer() response.accepted_media_type = 'application/json' response.renderer_context = {'blah': 'blubb'} return response.render() def test_get_and_respond(self): url = reverse( 'api:project_single_media', kwargs={ 'project_id': self.project.id, 'contribution_id': self.contribution.id, 'file_id': self.image_file.id } ) request = self.factory.get(url) view = MediaFileSingleAbstractView() view.request = request response = self.render( view.get_and_respond( self.admin, self.image_file ) ) response_json = json.loads(response.content) self.assertEqual(response_json.get('id'), self.image_file.id) @raises(MediaFile.DoesNotExist) def test_delete_and_respond_with_admin(self): url = reverse( 'api:project_single_media', kwargs={ 'project_id': self.project.id, 'contribution_id': self.contribution.id, 'file_id': self.image_file.id } ) request = self.factory.delete(url) view = MediaFileSingleAbstractView() view.request = request view.delete_and_respond(self.admin, self.image_file) MediaFile.objects.get(pk=self.image_file.id) @raises(MediaFile.DoesNotExist) def test_delete_and_respond_with_contributor(self): url = reverse( 'api:project_single_media', kwargs={ 'project_id': self.project.id, 'contribution_id': self.contribution.id, 'file_id': self.image_file.id } ) request = self.factory.delete(url) view = MediaFileSingleAbstractView() view.request = request view.delete_and_respond(self.creator, self.image_file) MediaFile.objects.get(pk=self.image_file.id) @raises(PermissionDenied) def test_delete_and_respond_with_some_dude(self): url = reverse( 'api:project_single_media', kwargs={ 'project_id': self.project.id, 'contribution_id': self.contribution.id, 'file_id': self.image_file.id } ) request = self.factory.delete(url) view = MediaFileSingleAbstractView() view.request = request view.delete_and_respond(UserFactory.create(), self.image_file)
class PoliciesTestCase(TestCase): def setUp(self): # Every test needs access to the request factory. # Using rest_framework's APIRequestFactory: http://www.django-rest-framework.org/api-guide/testing/ self.r = redis.Redis(connection_pool=settings.REDIS_CON_POOL) self.factory = APIRequestFactory() self.create_storlet() self.upload_filter() self.deploy_storlet() self.create_object_type_docs() self.create_tenant_group_1() self.create_nodes() self.create_storage_nodes() self.create_metric_modules() self.create_global_controllers() self.create_acls() def tearDown(self): self.r.flushdb() # # Static/dynamic policy tests # @mock.patch('policies.views.get_project_list') def test_registry_static_policy(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', '2': 'tenantB'} # Create an instance of a GET request. request = self.factory.get('/policies/static') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' request.META['HTTP_HOST'] = 'fake_host' response = policy_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) json_data = json.loads(response.content) self.assertEqual(json_data[0]["target_name"], 'tenantA') def test_registry_dynamic_policy(self): # Create an instance of a GET request. request = self.factory.get('/policies/dynamic') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' request.META['HTTP_HOST'] = 'fake_host' response = policy_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) json_data = json.loads(response.content) self.assertEqual(len(json_data), 0) # is empty @mock.patch('policies.views.deploy_static_policy') def test_registry_static_policy_create_ok(self, mock_deploy_static_policy): self.setup_dsl_parser_data() # Create an instance of a POST request. data = "FOR TENANT:0123456789abcdef DO SET compression" request = self.factory.post('/policies/static', data, content_type='text/plain') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' request.META['HTTP_HOST'] = 'fake_host' response = policy_list(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertTrue(mock_deploy_static_policy.called) @mock.patch('policies.views.get_project_list') @mock.patch('policies.views.set_filter') def test_registry_static_policy_create_set_filter_ok(self, mock_set_filter, mock_get_project_list): self.setup_dsl_parser_data() self.r.lpush('projects_crystal_enabled', '0123456789abcdef') mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', '2': 'tenantB'} # Create an instance of a POST request. data = "FOR TENANT:0123456789abcdef DO SET compression WITH bw=2 ON PROXY TO OBJECT_TYPE=DOCS" request = self.factory.post('/policies/static', data, content_type='text/plain') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' request.META['HTTP_HOST'] = 'fake_host' response = policy_list(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertTrue(mock_set_filter.called) expected_policy_data = {'object_size': '', 'execution_order': 2, 'object_type': 'DOCS', 'params': mock.ANY, 'execution_server': 'PROXY', 'callable': False, 'object_tag': '', 'policy_id': 2, 'object_name': 'txt, doc, docx'} mock_set_filter.assert_called_with(mock.ANY, '0123456789abcdef', mock.ANY, expected_policy_data, 'fake_token') @mock.patch('policies.views.deploy_dynamic_policy') def test_registry_dynamic_policy_create_ok(self, mock_deploy_dynamic_policy): self.setup_dsl_parser_data() # Create an instance of a POST request. data = "FOR TENANT:0123456789abcdef WHEN metric1 > 5 DO SET compression" request = self.factory.post('/policies/static', data, content_type='text/plain') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' request.META['HTTP_HOST'] = 'fake_host' response = policy_list(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertTrue(mock_deploy_dynamic_policy.called) @mock.patch('policies.views.get_project_list') @mock.patch('policies.views.create_local_host') def test_registry_dynamic_policy_create_spawn_ok(self, mock_create_local_host, mock_get_project_list): self.setup_dsl_parser_data() mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', '2': 'tenantB'} self.r.lpush('projects_crystal_enabled', '0123456789abcdef') # Create an instance of a POST request. data = "FOR TENANT:0123456789abcdef WHEN metric1 > 5 DO SET compression" request = self.factory.post('/policies/dynamic', data, content_type='text/plain') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' request.META['HTTP_HOST'] = 'fake_host' response = policy_list(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertTrue(mock_create_local_host.called) self.assertTrue(mock_create_local_host.return_value.spawn.called) self.assertTrue(self.r.exists('policy:2')) policy_data = self.r.hgetall('policy:2') self.assertEqual(policy_data['target_id'], '0123456789abcdef') self.assertEqual(policy_data['filter'], 'compression') self.assertEqual(policy_data['condition'], 'metric1 > 5') # # static_policy_detail() # @mock.patch('policies.views.get_project_list') def test_registry_static_policy_detail_ok(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', '2': 'tenantB'} # Create an instance of a GET request. request = self.factory.get('/policies/static/0123456789abcdef:1') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' response = static_policy_detail(request, '0123456789abcdef:1') self.assertEqual(response.status_code, status.HTTP_200_OK) json_data = json.loads(response.content) self.assertEqual(json_data["target_name"], 'tenantA') @mock.patch('policies.views.get_project_list') def test_registry_static_policy_update(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', '2': 'tenantB'} # Create an instance of a PUT request. data = {"execution_server": "object", "reverse": "object"} request = self.factory.put('/policies/static/0123456789abcdef:1', data, format='json') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' response = static_policy_detail(request, '0123456789abcdef:1') self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Create an instance of a GET request. request = self.factory.get('/policies/static/0123456789abcdef:1') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' response = static_policy_detail(request, '0123456789abcdef:1') self.assertEqual(response.status_code, status.HTTP_200_OK) json_data = json.loads(response.content) self.assertEqual(json_data["execution_server"], 'object') self.assertEqual(json_data["reverse"], 'object') @mock.patch('policies.views.get_project_list') def test_registry_static_policy_detail_delete(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', '2': 'tenantB'} # Create an instance of a DELETE request. request = self.factory.delete('/policies/static/0123456789abcdef:1') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' response = static_policy_detail(request, '0123456789abcdef:1') self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) # Check there is no policy request = self.factory.get('/policies/static') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' response = policy_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) json_data = json.loads(response.content) self.assertEqual(len(json_data), 0) # # dynamic_policy_detail() # def test_registry_dynamic_policy_detail_with_method_not_allowed(self): request = self.factory.get('/policies/dynamic/123') request.META['HTTP_HOST'] = 'fake_host' response = dynamic_policy_detail(request, '123') self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED) # # Parse tests # # To test dsl_parser correctly, we need to have metrics and filters in Redis. def test_parse_target_tenant_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR TENANT:0123456789abcdef DO SET compression') self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) targets = rule_parsed.target action_list = rule_parsed.action_list self.assertEqual(len(targets), 1) self.assertEqual(len(action_list), 1) target = targets[0] self.assertEqual(target.type, 'TENANT') self.assertEqual(target[1], '0123456789abcdef') action_info = action_list[0] self.assertEqual(action_info.action, 'SET') self.assertEqual(action_info.filter, 'compression') self.assertEqual(action_info.execution_server, '') self.assertEqual(action_info.params, '') def test_parse_target_container_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR CONTAINER:0123456789abcdef/container1 DO SET compression') self.assertIsNotNone(rule_parsed) targets = rule_parsed.target self.assertEqual(len(targets), 1) target = targets[0] self.assertEqual(target.type, 'CONTAINER') self.assertEqual(target[1], '0123456789abcdef/container1') def test_parse_target_object_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR OBJECT:0123456789abcdef/container1/object.txt DO SET compression') self.assertIsNotNone(rule_parsed) targets = rule_parsed.target self.assertEqual(len(targets), 1) target = targets[0] self.assertEqual(target.type, 'OBJECT') self.assertEqual(target[1], '0123456789abcdef/container1/object.txt') def test_parse_target_tenant_2_actions_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR TENANT:0123456789abcdef DO SET compression, SET encryption') self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) targets = rule_parsed.target action_list = rule_parsed.action_list self.assertEqual(len(targets), 1) self.assertEqual(len(action_list), 2) action_info = action_list[0] self.assertEqual(action_info.action, 'SET') self.assertEqual(action_info.filter, 'compression') self.assertEqual(action_info.execution_server, '') self.assertEqual(action_info.params, '') action_info = action_list[1] self.assertEqual(action_info.action, 'SET') self.assertEqual(action_info.filter, 'encryption') self.assertEqual(action_info.execution_server, '') self.assertEqual(action_info.params, '') def test_parse_target_tenant_to_object_type_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR TENANT:0123456789abcdef DO SET compression TO OBJECT_TYPE=DOCS') self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) object_list = rule_parsed.object_list self.assertIsNotNone(object_list) object_type = object_list.object_type self.assertIsNotNone(object_type) self.assertIsNotNone(object_type.object_value) self.assertEqual(object_type.object_value, 'DOCS') def test_parse_target_tenant_to_object_type_tag_size_ok(self): self.setup_dsl_parser_data() rule_str = 'FOR TENANT:0123456789abcdef DO SET compression TO OBJECT_TAG=tagtag, OBJECT_SIZE>10, OBJECT_TYPE=DOCS' has_condition_list, rule_parsed = parse(rule_str) self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) object_list = rule_parsed.object_list self.assertIsNotNone(object_list) object_type = object_list.object_type self.assertIsNotNone(object_type) self.assertIsNotNone(object_type.object_value) self.assertEqual(object_type.object_value, 'DOCS') object_tag = object_list.object_tag self.assertIsNotNone(object_tag) self.assertIsNotNone(object_tag.object_value) self.assertEqual(object_tag.object_value, 'tagtag') object_size = object_list.object_size self.assertIsNotNone(object_size) self.assertIsNotNone(object_size.object_value) self.assertEqual(object_size.object_value, '10') self.assertEqual(object_size.operand, '>') def test_parse_target_tenant_with_parameters_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR TENANT:0123456789abcdef DO SET compression WITH cparam1=11, cparam2=12, cparam3=13') self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) targets = rule_parsed.target action_list = rule_parsed.action_list self.assertEqual(len(targets), 1) self.assertEqual(len(action_list), 1) action_info = action_list[0] self.assertEqual(action_info.action, 'SET') self.assertEqual(action_info.filter, 'compression') self.assertEqual(action_info.execution_server, '') self.assertEqual(len(action_info.params), 6) # ??? def test_parse_group_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR G:1 DO SET compression') self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) targets = rule_parsed.target action_list = rule_parsed.action_list self.assertEqual(len(targets), 2) self.assertEqual(len(action_list), 1) self.assertEqual(targets[0], 'abcdef0123456789') self.assertEqual(targets[1], '0123456789abcdef') def test_parse_rule_not_starting_with_for(self): self.setup_dsl_parser_data() with self.assertRaises(ParseException): parse('TENANT:1234 DO SET compression') def test_parse_rule_with_invalid_target(self): self.setup_dsl_parser_data() with self.assertRaises(ParseException): parse('FOR xxxxxxx DO SET compression') def test_parse_callable_ok(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR TENANT:0123456789abcdef DO SET compression CALLABLE') self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) targets = rule_parsed.target action_list = rule_parsed.action_list self.assertEqual(len(targets), 1) self.assertEqual(len(action_list), 1) target = targets[0] self.assertEqual(target.type, 'TENANT') self.assertEqual(target[1], '0123456789abcdef') action_info = action_list[0] self.assertEqual(action_info.action, 'SET') self.assertEqual(action_info.filter, 'compression') self.assertEqual(action_info.execution_server, '') self.assertEqual(action_info.params, '') self.assertEqual(action_info.callable, 'CALLABLE') def test_parse_not_callable(self): self.setup_dsl_parser_data() has_condition_list, rule_parsed = parse('FOR TENANT:0123456789abcdef DO SET compression') self.assertFalse(has_condition_list) self.assertIsNotNone(rule_parsed) action_list = rule_parsed.action_list self.assertEqual(len(action_list), 1) action_info = action_list[0] self.assertEqual(action_info.callable, '') def test_parse_condition_ok(self): self.setup_dsl_parser_data() condition_list = parse_condition("metric1 > 5.0 OR metric1 < 2.0") self.assertIsNotNone(condition_list) self.assertEqual(condition_list, [['metric1', '>', '5.0'], 'OR', ['metric1', '<', '2.0']]) # # object_type tests # def test_object_type_list_with_method_not_allowed(self): request = self.factory.delete('/policies/object_type') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED) def test_object_type_detail_with_method_not_allowed(self): name = 'AUDIO' object_type_data = {'name': name, 'types_list': ['avi', 'mkv']} request = self.factory.post('/policies/object_type/' + name, object_type_data, format='json') response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED) def test_list_object_types_ok(self): request = self.factory.get('/policies/object_type') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertNotEqual(response.content, "[]") object_types = json.loads(response.content) self.assertEqual(object_types[0]['name'], "DOCS") self.assertEqual(len(object_types[0]['types_list']), 3) def test_create_object_type_ok(self): # Create a second object type: object_type_data = {'name': 'VIDEO', 'types_list': ['avi', 'mkv']} request = self.factory.post('/policies/object_type', object_type_data, format='json') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # obtain the list request = self.factory.get('/policies/object_type') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertNotEqual(response.content, "[]") object_types = json.loads(response.content) self.assertEqual(len(object_types), 2) def test_create_object_type_without_name(self): # Create a second object type without name --> ERROR object_type_data = {'types_list': ['avi', 'mkv']} request = self.factory.post('/policies/object_type', object_type_data, format='json') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_create_object_type_with_an_existing_name(self): # Create a second object type with an existing name --> ERROR object_type_data = {'name': 'DOCS', 'types_list': ['avi', 'mkv']} request = self.factory.post('/policies/object_type', object_type_data, format='json') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_create_object_type_without_types_list(self): # Create a second object type without_types_list --> ERROR object_type_data = {'name': 'VIDEO'} request = self.factory.post('/policies/object_type', object_type_data, format='json') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_create_object_type_with_empty_types_list(self): # Create a second object type with empty types_list --> ERROR object_type_data = {'name': 'VIDEO', 'types_list': []} request = self.factory.post('/policies/object_type', object_type_data, format='json') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_object_type_detail_ok(self): name = 'DOCS' request = self.factory.get('/policies/object_type/' + name) response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_200_OK) object_type = json.loads(response.content) self.assertEqual(object_type['name'], name) self.assertEqual(len(object_type['types_list']), 3) self.assertTrue('txt' in object_type['types_list']) def test_object_type_detail_with_non_existent_name(self): name = 'AUDIO' request = self.factory.get('/policies/object_type/' + name) response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) def test_delete_object_type_ok(self): name = 'DOCS' request = self.factory.delete('/policies/object_type/' + name) response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_200_OK) request = self.factory.get('/policies/object_type') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.content, "[]") def test_delete_object_type_with_non_existent_name(self): name = 'AUDIO' request = self.factory.delete('/policies/object_type/' + name) response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) # Check nothing was deleted request = self.factory.get('/policies/object_type') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertNotEqual(response.content, "[]") object_types = json.loads(response.content) self.assertEqual(object_types[0]['name'], "DOCS") def test_update_object_type_ok(self): name = 'DOCS' data = ['txt', 'doc'] request = self.factory.put('/policies/object_type/' + name, data, format='json') response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Check the object type was updated properly request = self.factory.get('/policies/object_type') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertNotEqual(response.content, "[]") object_types = json.loads(response.content) self.assertEqual(len(object_types), 1) self.assertEqual(object_types[0]['name'], "DOCS") self.assertEqual(len(object_types[0]['types_list']), 2) self.assertTrue(data[0] in object_types[0]['types_list']) self.assertTrue(data[1] in object_types[0]['types_list']) def test_update_object_type_ok_with_more_extensions(self): name = 'DOCS' data = ['txt', 'doc', 'docx', 'odt'] request = self.factory.put('/policies/object_type/' + name, data, format='json') response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Check the object type was updated properly request = self.factory.get('/policies/object_type') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertNotEqual(response.content, "[]") object_types = json.loads(response.content) self.assertEqual(len(object_types), 1) self.assertEqual(object_types[0]['name'], "DOCS") self.assertEqual(len(object_types[0]['types_list']), 4) for extension in data: self.assertTrue(extension in object_types[0]['types_list']) def test_update_object_type_with_non_existent_name(self): name = 'VIDEO' data = ['avi', 'mkv'] request = self.factory.put('/policies/object_type/' + name, data, format='json') response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) def test_update_object_type_with_empty_list(self): # It's wrong to send an empty list name = 'DOCS' data = [] request = self.factory.put('/policies/object_type/' + name, data, format='json') response = object_type_detail(request, name) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) # # ACL's # @mock.patch('policies.views.get_project_list') def test_access_control_get_ok(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', 'abcdef0123456789': 'tenantB'} request = self.factory.get('/policies/acl/') response = access_control(request) self.assertEqual(response.status_code, status.HTTP_200_OK) acls = json.loads(response.content) self.assertEqual(len(acls), 1) acl = acls[0] self.assertEqual(acl['user_id'], 'a1a1a1a1a1a1') self.assertEqual(acl['target_name'], 'tenantA/container1') self.assertEqual(acl['target_id'], '0123456789abcdef:container1') self.assertEqual(acl['write'], True) self.assertEqual(acl['read'], True) self.assertEqual(acl['id'], '1') @mock.patch('policies.views.get_project_list') def test_access_control_post_list_ok(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', 'abcdef0123456789': 'tenantB'} acl_data = {'project_id': '0123456789abcdef', 'container_id': 'container2', 'identity': 'user_id:a1a1a1a1a1a1', 'access': 'list', 'object_type': 'DOCS'} request = self.factory.post('/policies/acl/', acl_data, format='json') response = access_control(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # check it has been created request = self.factory.get('/policies/acl/') response = access_control(request) self.assertEqual(response.status_code, status.HTTP_200_OK) acls = json.loads(response.content) self.assertEqual(len(acls), 2) @mock.patch('policies.views.get_project_list') def test_access_control_post_read_group_ok(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', 'abcdef0123456789': 'tenantB'} acl_data = {'project_id': '0123456789abcdef', 'container_id': 'container2', 'identity': 'group_id:g2g2g2', 'access': 'read', 'object_type': 'DOCS'} request = self.factory.post('/policies/acl/', acl_data, format='json') response = access_control(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # check it has been created policy_id = '0123456789abcdef:container2:2' request = self.factory.get('/policies/acl/' + policy_id) response = access_control_detail(request, policy_id) self.assertEqual(response.status_code, status.HTTP_200_OK) acl_policy = json.loads(response.content) self.assertEqual(acl_policy['target_name'], 'tenantA/container2') self.assertFalse(acl_policy['list']) self.assertFalse(acl_policy['write']) self.assertTrue(acl_policy['read']) self.assertEqual(acl_policy['group_id'], 'g2g2g2') @mock.patch('policies.views.get_project_list') def test_access_control_delete_ok(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', 'abcdef0123456789': 'tenantB'} policy_id = '0123456789abcdef:container1:1' request = self.factory.delete('/policies/acl/' + policy_id) response = access_control_detail(request, policy_id) self.assertEqual(response.status_code, status.HTTP_200_OK) # check it has been deleted request = self.factory.get('/policies/acl/') response = access_control(request) self.assertEqual(response.status_code, status.HTTP_200_OK) acls = json.loads(response.content) self.assertEqual(len(acls), 0) @mock.patch('policies.views.get_project_list') def test_access_control_update_ok(self, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', 'abcdef0123456789': 'tenantB'} policy_id = '0123456789abcdef:container1:1' acl_data = {'access': 'list'} request = self.factory.put('/policies/acl/' + policy_id, acl_data, format='json') response = access_control_detail(request, policy_id) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # check it has been updated request = self.factory.get('/policies/acl/' + policy_id) response = access_control_detail(request, policy_id) self.assertEqual(response.status_code, status.HTTP_200_OK) acl_policy = json.loads(response.content) self.assertTrue(acl_policy['list']) self.assertFalse(acl_policy['write']) self.assertFalse(acl_policy['read']) # # Aux methods # def create_storlet(self): filter_data = {'filter_type': 'storlet', 'language': 'java', 'dsl_name': 'fake', 'interface_version': '1.0', 'dependencies': '', 'main': 'com.example.FakeMain', 'put': 'False', 'get': 'False', 'valid_parameters': '', 'execution_server': 'proxy', 'reverse': 'proxy'} request = self.factory.post('/filters/', filter_data, format='json') response = filter_list(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) def upload_filter(self): # Upload a filter for the filter "fake" with open('test_data/test-1.0.jar', 'r') as fp: request = self.factory.put('/filters/fake/data', {'file': fp}) FilterData.as_view()(request, 'fake') def mock_put_object_status_created(url, token=None, container=None, name=None, contents=None, content_length=None, etag=None, chunk_size=None, content_type=None, headers=None, http_conn=None, proxy=None, query_string=None, response_dict=None): response_dict['status'] = status.HTTP_201_CREATED @mock.patch('policies.views.get_project_list') @mock.patch('filters.views.swift_client.put_object', side_effect=mock_put_object_status_created) def deploy_storlet(self, mock_put_object, mock_get_project_list): mock_get_project_list.return_value = {'0123456789abcdef': 'tenantA', '2': 'tenantB'} # mock_requests_get.return_value = self.keystone_get_tenants_response() # mock_get_crystal_token.return_value = settings.SWIFT_URL + settings.SWIFT_API_VERSION + '/AUTH_0123456789abcdef', 'fake_token' # Call filter_deploy policy_data = { "policy_id": "1", "object_type": '', "object_size": None, "object_tag": None, "object_name": None, "execution_order": "1", "params": "" } request = self.factory.put('/0123456789abcdef/deploy/fake', policy_data, format='json') request.META['HTTP_X_AUTH_TOKEN'] = 'fake_token' response = filter_deploy(request, "fake", "0123456789abcdef") self.assertEqual(response.status_code, status.HTTP_201_CREATED) def create_object_type_docs(self): object_type_data = {'name': 'DOCS', 'types_list': ['txt', 'doc', 'docx']} request = self.factory.post('/controller/object_type', object_type_data, format='json') response = object_type_list(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) def setup_dsl_parser_data(self): # Simplified filter data: self.r.hmset('filter:compression', {'valid_parameters': '{"cparam1": "integer", "cparam2": "integer", "cparam3": "integer"}'}) self.r.hmset('filter:encryption', {'valid_parameters': '{"eparam1": "integer", "eparam2": "bool", "eparam3": "string"}'}) self.r.hmset('metric:metric1', {'network_location': '?', 'type': 'integer'}) self.r.hmset('metric:metric2', {'network_location': '?', 'type': 'integer'}) def create_tenant_group_1(self): tenant_group_data = {'name': 'group1', 'attached_projects': json.dumps(['0123456789abcdef', 'abcdef0123456789'])} request = self.factory.post('/projects/groups', tenant_group_data, format='json') response = add_projects_group(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED) def create_nodes(self): self.r.hmset('node:controller', {'ip': '192.168.2.1', 'last_ping': '1467623304.332646', 'type': 'proxy', 'name': 'controller', 'devices': '{"sdb1": {"free": 16832876544, "size": 16832880640}}'}) self.r.hmset('node:storagenode1', {'ip': '192.168.2.2', 'last_ping': '1467623304.332646', 'type': 'object', 'name': 'storagenode1', 'devices': '{"sdb1": {"free": 16832876544, "size": 16832880640}}'}) self.r.hmset('node:storagenode2', {'ip': '192.168.2.3', 'last_ping': '1467623304.332646', 'type': 'object', 'name': 'storagenode2', 'devices': '{"sdb1": {"free": 16832876544, "size": 16832880640}}'}) def create_storage_nodes(self): self.r.incr("storage_nodes:id") # setting autoincrement to 1 self.r.hmset('SN:1', {'name': 'storagenode1', 'location': 'r1z1-192.168.1.5:6000/sdb1', 'type': 'hdd'}) def create_metric_modules(self): self.r.incr("workload_metrics:id") # setting autoincrement to 1 self.r.hmset('workload_metric:1', {'metric_name': 'm1.py', 'class_name': 'Metric1', 'status': 'Running', 'get': 'False', 'put': 'False', 'execution_server': 'object', 'replicate': 'True', 'ssync': 'True', 'id': '1'}) def create_global_controllers(self): self.r.incr("controllers:id") # setting autoincrement to 1 self.r.hmset('controller:1', {'class_name': 'MinTenantSLOGlobalSpareBWShare', 'controller_name': 'min_slo_tenant_global_share_spare_bw_v2.py', 'valid_parameters': 'method={put|get}', 'id': '1', 'instances': 0, 'enabled': 'False', 'description': 'Fake description'}) def create_acls(self): self.r.incr('acls:id') acl_data = {'user_id': 'a1a1a1a1a1a1', 'read': True, 'object_type': '', 'write': True, 'object_tag': ''} self.r.hmset('acl:0123456789abcdef:container1', {'1': json.dumps(acl_data)})
class RestaurantAPITest(TestCase): def setUp(self): self.factory = APIRequestFactory() self.user = User.objects.create( username="******", password='******', is_staff=True, ) self.user.set_password(self.user.password) self.user.save() self.user2 = User.objects.create( username="******", password='******', ) self.user2.set_password(self.user2.password) self.user2.save() self.user3 = User.objects.create( username="******", password='******', ) self.user3.set_password(self.user3.password) self.user3.save() self.restaurant_1 = Restaurant.objects.create( owner=self.user, name="Restaurant 1", description="This is Restaurant 1", opening_time="00:01:00", closing_time="23:59:00", logo="http://icons.veryicon.com/png/Movie%20%26%20TV/Free%20Star%20Wars/Darth%20Vader.png" ) self.item_1_1 = Item.objects.create( name="Pizza 1", description="This is Pizza 1", price=1.750, restaurant=self.restaurant_1, ) self.item_1_2 = Item.objects.create( name="Pizza 2", description="This is Pizza 2", price=1.750, restaurant=self.restaurant_1, ) self.restaurant_2 = Restaurant.objects.create( owner=self.user2, name="Restaurant 2", description="This is Restaurant 2", opening_time="00:01:00", closing_time="23:59:00", logo="http://icons.veryicon.com/png/Movie%20%26%20TV/Free%20Star%20Wars/Darth%20Vader.png" ) self.restaurant_data = { "owner":self.user, "name":"Restaurant 1", "description":"This is Restaurant 1 updated", "opening_time":"00:01:00", "closing_time":"23:59:00", } def test_restaurant_list_view(self): list_url = reverse("api-list") request = self.factory.get(list_url) response = RestaurantListView.as_view()(request) expected = [ { 'name':self.restaurant_1.name, 'opening_time': self.restaurant_1.opening_time, 'closing_time': self.restaurant_1.closing_time, 'detail': "http://"+ request.get_host()+reverse("api-detail", kwargs = {"restaurant_id": self.restaurant_1.id}), 'update': "http://"+ request.get_host()+reverse("api-update", kwargs = {"restaurant_id": self.restaurant_1.id}), 'delete': "http://"+ request.get_host()+reverse("api-delete", kwargs = {"restaurant_id": self.restaurant_1.id}) }, { 'name':self.restaurant_2.name, 'opening_time': self.restaurant_2.opening_time, 'closing_time': self.restaurant_2.closing_time, 'detail': "http://"+ request.get_host()+reverse("api-detail", kwargs = {"restaurant_id": self.restaurant_2.id}), 'update': "http://"+ request.get_host()+reverse("api-update", kwargs = {"restaurant_id": self.restaurant_2.id}), 'delete': "http://"+ request.get_host()+reverse("api-delete", kwargs = {"restaurant_id": self.restaurant_2.id}) }, ] self.assertEqual( expected, response.data ) self.assertEqual(response.status_code, 200) def test_restaurant_detail_view(self): detail_url = reverse("api-detail", kwargs = {"restaurant_id": self.restaurant_1.id}) request = self.factory.get(detail_url) response = RestaurantDetailView.as_view()(request, restaurant_id=self.restaurant_1.id) self.assertEqual(response.status_code, 200) def test_create_view(self): create_url = reverse("api-create") request = self.factory.post(create_url, data=self.restaurant_data) response = RestaurantCreateView.as_view()(request) self.assertEqual(response.status_code, 403) force_authenticate(request, user=self.user) response = RestaurantCreateView.as_view()(request) self.assertEqual(response.status_code, 201) self.assertEqual(Restaurant.objects.count(), 3) def test_restaurant_update_view(self): update_url = reverse("api-update", kwargs = {"restaurant_id": self.restaurant_2.id}) request = self.factory.put(update_url, data=self.restaurant_data) response = RestaurantUpdateView.as_view()(request, restaurant_id=self.restaurant_2.id) self.assertEqual(response.status_code, 403) force_authenticate(request, user=self.user) response = RestaurantUpdateView.as_view()(request, restaurant_id=self.restaurant_2.id) self.assertEqual(response.status_code, 200) force_authenticate(request, user=self.user2) response = RestaurantUpdateView.as_view()(request, restaurant_id=self.restaurant_2.id) self.assertEqual(response.status_code, 200) force_authenticate(request, user=self.user3) response = RestaurantUpdateView.as_view()(request, restaurant_id=self.restaurant_2.id) self.assertEqual(response.status_code, 403) def test_restaurant_delete_view(self): delete_url = reverse("api-delete", kwargs = {"restaurant_id": self.restaurant_2.id}) request = self.factory.delete(delete_url) response1 = RestaurantDeleteView.as_view()(request, restaurant_id=self.restaurant_2.id) self.assertEqual(response1.status_code, 403) force_authenticate(request, user=self.user) response = RestaurantDeleteView.as_view()(request, restaurant_id=self.restaurant_2.id) self.assertEqual(response.status_code, 204) force_authenticate(request, user=self.user2) response = RestaurantDeleteView.as_view()(request, restaurant_id=self.restaurant_2.id) self.assertEqual(response.status_code, 403)
class UserGroupSingleUserTest(TestCase): def setUp(self): self.factory = APIRequestFactory() self.admin = UserF.create() self.contributor = UserF.create() self.non_member = UserF.create() self.contrib_to_remove = UserF.create() self.project = ProjectF.create(add_admins=[ self.admin ]) self.contributors = UserGroupF(add_users=[ self.contributor, self.contrib_to_remove ], **{ 'project': self.project, 'can_contribute': True }) def test_delete_not_existing_user(self): user = UserF.create() request = self.factory.delete( '/ajax/projects/%s/usergroups/%s/users/%s/' % (self.project.id, self.contributors.id, user.id), ) force_authenticate(request, user=self.admin) view = UserGroupSingleUser.as_view() response = view( request, project_id=self.project.id, group_id=self.contributors.id, user_id=user.id ).render() self.assertEqual(response.status_code, 404) def test_delete_from_not_existing_usergroup(self): request = self.factory.delete( '/ajax/projects/%s/usergroups/%s/users/%s/' % (self.project.id, 455646445484545, self.contrib_to_remove.id), ) force_authenticate(request, user=self.admin) view = UserGroupSingleUser.as_view() response = view( request, project_id=self.project.id, group_id=455646445484545, user_id=self.contrib_to_remove.id ).render() self.assertEqual(response.status_code, 404) def test_delete_contributor_with_admin(self): request = self.factory.delete( '/ajax/projects/%s/usergroups/%s/users/%s/' % (self.project.id, self.contributors.id, self.contrib_to_remove.id), ) force_authenticate(request, user=self.admin) view = UserGroupSingleUser.as_view() response = view( request, project_id=self.project.id, group_id=self.contributors.id, user_id=self.contrib_to_remove.id ).render() self.assertEqual(response.status_code, 204) self.assertNotIn( self.contrib_to_remove, self.contributors.users.all() ) def test_delete_contributor_with_contributor(self): request = self.factory.delete( '/ajax/projects/%s/usergroups/%s/users/%s/' % (self.project.id, self.contributors.id, self.contrib_to_remove.id) ) force_authenticate(request, user=self.contributor) view = UserGroupSingleUser.as_view() response = view( request, project_id=self.project.id, group_id=self.contributors.id, user_id=self.contrib_to_remove.id ).render() self.assertEqual(response.status_code, 403) self.assertIn( self.contrib_to_remove, self.contributors.users.all() ) def test_delete_contributor_with_non_member(self): request = self.factory.delete( '/ajax/projects/%s/usergroups/%s/users/%s/' % (self.project.id, self.contributors.id, self.contrib_to_remove.id) ) force_authenticate(request, user=self.non_member) view = UserGroupSingleUser.as_view() response = view( request, project_id=self.project.id, group_id=self.contributors.id, user_id=self.contrib_to_remove.id ).render() self.assertEqual(response.status_code, 404) self.assertIn( self.contrib_to_remove, self.contributors.users.all() )
class ProjectTests(APITestCase, APISanityTestCase): url_route = 'api:v2:project' def setUp(self): self.anonymous_user = AnonymousUserFactory() self.user = UserFactory.create() self.group = GroupFactory.create(name=self.user.username) self.membership = GroupMembershipFactory.create( user=self.user, group=self.group, is_leader=True ) self.group.user_set.add(self.user) self.project = ProjectFactory.create( owner=self.group, created_by=self.user ) self.enddated_instance = InstanceFactory.create( created_by=self.user, end_date=timezone.now(), project=self.project ) self.user2 = UserFactory.create() self.group2 = GroupFactory.create(name=self.user2.username) self.membership2 = GroupMembershipFactory.create( user=self.user2, group=self.group2, is_leader=True ) self.group2.user_set.add(self.user2) self.project2 = ProjectFactory.create( owner=self.group2, created_by=self.user2 ) self.not_user = UserFactory.create() self.not_group = GroupFactory.create(name=self.not_user.username) self.not_membership = GroupMembershipFactory.create( user=self.not_user, group=self.not_group, is_leader=True ) self.not_group.user_set.add(self.not_user) self.not_project = ProjectFactory.create( owner=self.not_group, created_by=self.not_user ) self.unsaved_project = ProjectFactory.build( owner=self.group, created_by=self.user ) list_url = reverse('api:v2:project-list') detail_url = reverse('api:v2:project-detail', args=(self.project.id, )) self.create_view = ProjectViewSet.as_view({'post': 'create'}) self.delete_view = ProjectViewSet.as_view({'delete': 'destroy'}) self.detail_view = ProjectViewSet.as_view({'get': 'retrieve'}) self.list_view = ProjectViewSet.as_view({'get': 'list'}) self.update_view = ProjectViewSet.as_view({'patch': 'partial_update'}) self.factory = APIRequestFactory() self.bad_create_request = self.factory.post(list_url) self.create_request = self.factory.post( list_url, { 'name': self.unsaved_project.name, 'description': self.unsaved_project.description, 'owner': self.group.name } ) self.delete_request = self.factory.delete(detail_url) self.detail_request = self.factory.get(detail_url) self.list_request = self.factory.get(list_url) self.updated_project_data = { 'name': 'updated name', 'description': 'updated description' } self.update_request = self.factory.patch( detail_url, self.updated_project_data ) def test_list_is_not_public(self): force_authenticate(self.list_request, user=self.anonymous_user) response = self.list_view(self.list_request) self.assertEquals(response.status_code, 403) def test_list_response_contains_expected_fields(self): force_authenticate(self.list_request, user=self.user) response = self.list_view(self.list_request) data = response.data.get('results') self.assertTrue(data, "Response contained no results") project_data = data[0] self.assertEquals(response.status_code, 200) self.assertEquals( len(project_data), EXPECTED_FIELD_COUNT, "Number of fields does not match (%s != %s)" % (len(project_data), EXPECTED_FIELD_COUNT) ) self.assertEquals(project_data['id'], self.project.id) self.assertIn('url', project_data) self.assertEquals(project_data['name'], self.project.name) self.assertEquals(project_data['description'], self.project.description) self.assertIn('created_by', project_data) self.assertIn('owner', project_data) self.assertIn('users', project_data) self.assertIn('leaders', project_data) self.assertIn('uuid', project_data) self.assertIn('instances', project_data) self.assertIn('volumes', project_data) self.assertIn('images', project_data) self.assertIn('links', project_data) self.assertIn('start_date', project_data) self.assertIn('end_date', project_data) def test_detail_is_not_public(self): force_authenticate(self.detail_request, user=self.anonymous_user) response = self.detail_view(self.detail_request, pk=self.project.id) self.assertEquals(response.status_code, 403) def test_detail_response_contains_expected_fields(self): force_authenticate(self.detail_request, user=self.user) response = self.detail_view(self.detail_request, pk=self.project.id) data = response.data self.assertEquals(response.status_code, 200) self.assertEquals( len(data), EXPECTED_FIELD_COUNT, "Number of fields does not match (%s != %s)" % (len(data), EXPECTED_FIELD_COUNT) ) self.assertEquals(data['id'], self.project.id) self.assertIn('url', data) self.assertEquals(data['name'], self.project.name) self.assertEquals(data['description'], self.project.description) self.assertIn('created_by', data) self.assertIn('owner', data) self.assertIn('users', data) self.assertIn('leaders', data) self.assertIn('uuid', data) self.assertIn('instances', data) self.assertIn('volumes', data) self.assertIn('images', data) self.assertIn('links', data) self.assertIn('start_date', data) self.assertIn('end_date', data) def test_create_project_fails_for_anonymous_user(self): force_authenticate(self.create_request, user=self.anonymous_user) response = self.create_view(self.create_request) self.assertEquals(response.status_code, 403) def test_create_project_validation(self): force_authenticate(self.bad_create_request, user=self.user) response = self.create_view(self.bad_create_request) data = response.data self.assertEquals(response.status_code, 400) self.assertEquals(len(data), 2, "Unexpected error response: %s" % data) self.assertIn('name', data, "Unexpected error response: %s" % data) self.assertIn('owner', data, "Unexpected error response: %s" % data) self.assertEquals( data['owner'], [u'This field is required.'], "Unexpected error response: %s" % data ) self.assertEquals( data['name'], [u'This field is required.'], "Unexpected error response: %s" % data ) def test_create_project_as_authenticated_user(self): current_count = Project.objects.count() force_authenticate(self.create_request, user=self.user) response = self.create_view(self.create_request) self.assertEquals( response.status_code, 201, "Response did not result in a 201-created: (%s) %s" % (response.status_code, response.data) ) self.assertEquals(Project.objects.count(), current_count + 1) def test_update_project_fails_for_anonymous_user(self): force_authenticate(self.update_request, user=self.anonymous_user) response = self.update_view(self.update_request) self.assertEquals(response.status_code, 403) def test_authenticated_user_cannot_update_project_they_do_not_own(self): force_authenticate(self.update_request, user=self.user) response = self.update_view(self.update_request, pk=self.not_project.id) self.assertEquals( response.status_code, 404, "Encountered an unexpected status_code: (%s) %s" % (response.status_code, response.data) ) def test_update_project_for_valid_user(self): current_count = Project.objects.count() force_authenticate(self.update_request, user=self.user) response = self.update_view(self.update_request, pk=self.project.id) self.assertEquals( response.status_code, 200, "Project update failed: (%s) %s" % (response.status_code, response.data) ) self.assertEquals(Project.objects.count(), current_count) project = Project.objects.first() self.assertEquals(project.name, self.updated_project_data['name']) self.assertEquals( project.description, self.updated_project_data['description'] ) def test_anonymous_user_cannot_delete_project(self): force_authenticate(self.delete_request, user=self.anonymous_user) response = self.delete_view(self.delete_request) self.assertEquals(response.status_code, 403) def test_user_cannot_delete_project_they_do_not_own(self): force_authenticate(self.delete_request, user=self.not_user) response = self.delete_view(self.delete_request, pk=self.project.id) self.assertEquals(response.status_code, 404) def test_user_can_delete_project_they_own(self): force_authenticate(self.delete_request, user=self.user) response = self.delete_view(self.delete_request, pk=self.project.id) self.assertEquals(response.status_code, 204) def test_delete_does_not_cascade_to_enddated_instances(self): force_authenticate(self.delete_request, user=self.user) self.delete_view(self.delete_request, pk=self.project.id) # Assert project is deleted self.assertFalse(Project.objects.filter(id=self.project.id).exists()) # Assert that instance from the project still exists enddated_instance = Instance.objects.get(id=self.enddated_instance.id) # Assert that instance no longer has a project self.assertEquals(enddated_instance.project, None)
class BaseTestCase(APITransactionTestCase): """Common Functionality for all Test cases.""" def setUp(self): """Set common stuff up.""" self.user = User.objects.create_user('christian', '*****@*****.**', 'pw') self.factory = APIRequestFactory() self.request = self.factory.get('/') def tearDown(self): """Delete all created objects.""" models = [User] for model in models: model.objects.all().delete() def has_access(self, request, view=None, obj=None, *args, **kwargs): """A Dummy Object Permission for easy to mock objects.""" try: return bool(obj.allows_access) except AttributeError: return False def check_permission(self, permission, request): """ Test the permission for a request for anonymous, staff and superuser. Assuming that only staff has the permission. """ request.user = AnonymousUser() self.assertFalse(permission.has_permission(request, None)) self.user.is_superuser = False self.user.is_staff = True self.user.save() request.user = self.user self.assertTrue(permission.has_permission(request, None)) self.user.is_superuser = True self.user.is_staff = False self.user.save() request.user = self.user self.assertFalse(permission.has_permission(request, None)) def check_object_permission(self, permission, request): """ Test the permission for a request for anonymous, staff and superuser. Assuming that only staff can access the object when the object itself forbids access. """ obj = mock.Mock() # allow access obj.allows_access = True request.user = AnonymousUser() self.assertTrue(permission.has_object_permission(request, None, obj)) self.user.is_superuser = False self.user.is_staff = True self.user.save() request.user = self.user self.assertTrue(permission.has_object_permission(request, None, obj)) self.user.is_superuser = True self.user.is_staff = False self.user.save() request.user = self.user self.assertTrue(permission.has_object_permission(request, None, obj)) # restrict access obj.allows_access = False request.user = AnonymousUser() self.assertFalse(permission.has_object_permission(request, None, obj)) self.user.is_superuser = False self.user.is_staff = True self.user.save() request.user = self.user self.assertTrue(permission.has_object_permission(request, None, obj)) self.user.is_superuser = True self.user.is_staff = False self.user.save() request.user = self.user self.assertFalse(permission.has_object_permission(request, None, obj)) def _test_rw_staff(self): """Staff can read and write.""" permission = self.permission() permission.rw_permissions = (allow_staff, ) request = self.factory.get('/') self.check_permission(permission, request) request = self.factory.post('/') self.check_permission(permission, request) request = self.factory.put('/') self.check_permission(permission, request) request = self.factory.delete('/') self.check_permission(permission, request) def _test_rw_object_staff(self): """Staff can read and write.""" permission = self.permission() permission.object_rw_permissions = (allow_staff, self.has_access) request = self.factory.get('/') self.check_object_permission(permission, request) request = self.factory.post('/') self.check_object_permission(permission, request) request = self.factory.put('/') self.check_object_permission(permission, request) request = self.factory.delete('/') self.check_object_permission(permission, request)