def test_admin_can_delete_managers_deposit(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='manager')
self.assertEqual(resp.status_code, 200)
token = login(self, '*****@*****.**', 'password1')
resp = self.delete_deposit(1, token=token)
self.check_deposit_deleted(1)
def test_normal_cannot_delete_others(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='normal')
self.assertEqual(resp.status_code, 200)
token = login(self, '*****@*****.**', 'password1')
resp = self.delete_deposit(1, token=token)
self.assertEqual(resp.status_code, 403)
def test_admin_can_create_managers_deposit(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='manager', user_id=3)
self.assertIn('manager', resp.data.decode('utf-8'))
# read to verify
token = login(self, '*****@*****.**', 'password1')
resp = send_get_request(self, 'api/v1/deposits/1', token=token)
self.assertIn('manager', resp.data.decode('utf-8'))
def test_user_can_delete_own(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='normal')
self.assertEqual(resp.status_code, 200)
resp = self.delete_deposit(1, token=token)
self.check_deposit_deleted(1)
def test_user_can_create_own(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='normal')
self.assertIn('normal', resp.data.decode('utf-8'))
def test_manager_cannot_create_others_deposit(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='normal', user_id=5)
data = json.loads(resp.data.decode('utf-8'))
self.assertNotEqual(data['user_id'], 5)
self.assertEqual(data['user_id'], 3)
def test_user_cannot_read_all(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='normal')
resp = send_get_request(self, 'api/v1/deposits/all', token=token)
self.assertNotIn('normal', resp.data.decode('utf-8'))
def test_man_can_read_own(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='man')
self.assertIn('5.5', resp.data.decode('utf-8'))
resp = send_get_request(self, 'api/v1/deposits/1', token=token)
self.assertIn('man', resp.data.decode('utf-8'))
def test_admin_can_read_normals_deposit(self):
token = login(self, '*****@*****.**', 'password1')
resp = create_deposit(self, token, msg='normal')
token = login(self, '*****@*****.**', 'password1')
resp = send_get_request(self, 'api/v1/deposits/1', token=token)
self.assertIn('normal', resp.data.decode('utf-8'))