def test_get_serializer_class__staff_user_allow_to_modify_all_fields(self):
assessment = AssessmentFactory(status=STATUS.new,
start_date=Day().date,
end_date=Day().date)
self.client.force_authenticate(self.staff_user)
user, decision_by = UserFactory(), UserFactory()
data = {
'user': {
'id': user.id
},
'decision_by': {
'id': decision_by.id
},
'status': STATUS.completed,
'start_date': Day(ago=15).date,
'end_date': Day(ago=10).date,
'plan': self.fake.text(),
'comments': self.fake.text(),
'notes': self.fake.text(),
}
response = self.client.patch(self.get_detail_url(assessment.id),
data=data)
assessment.refresh_from_db()
assert assessment.user.id == data['user']['id']
assert assessment.decision_by.id == data['decision_by']['id']
assert response.data['user']['id'] == data['user']['id']
assert response.data['decision_by']['id'] == data['decision_by']['id']
data.pop('user'), data.pop('decision_by')
for field in data.keys():
assert response.data[field] == (format(data[field]) if isinstance(
data[field], date) else data[field])
assert getattr(assessment, field) == data[field]
def test__read_only_fields(self):
absence = AbsenceFactory(status=STATUS.new,
reason=REASON.illness,
start_date=Day().date,
end_date=Day().date)
user, decision_by = UserFactory(), UserFactory()
data = {
'user': {
'id': user.id
},
'decision_by': {
'id': decision_by.id
},
'status': STATUS.verifying,
'reason': REASON.other,
'start_date': Day(ago=5).date,
'end_date': Day(ago=4).date,
'notes': 'Test notes',
}
serializer = AbsenceSerializer(absence, data=data)
assert serializer.is_valid()
absence = serializer.save()
assert absence.user.id == data['user']['id']
assert absence.decision_by.id != data['decision_by']['id']
data.pop('user'), data.pop('decision_by'), data.pop('notes')
for field in data.keys():
assert getattr(absence, field) == data[field]
def test_get_serializer_class_non_staff_user_allow_to_modify_non_read_only_fields(
self):
assessment = AssessmentFactory(user=self.simple_user,
start_date=Day().date,
end_date=Day().date)
self.client.force_authenticate(self.simple_user)
user, decision_by = UserFactory(), UserFactory()
data = {
'user': {
'id': user.id
},
'decision_by': {
'id': decision_by.id
},
'status': STATUS.completed,
'start_date': Day(ago=15).date,
'end_date': Day(ago=10).date,
'plan': self.fake.text(),
'comments': self.fake.text(),
'notes': self.fake.text(),
}
response = self.client.patch(self.get_detail_url(assessment.id),
data=data)
assert response.status_code == HTTP_403_FORBIDDEN
assessment.refresh_from_db()
assert assessment.user.id != data['user']['id']
assert assessment.decision_by.id != data['decision_by']['id']
data.pop('user'), data.pop('decision_by')
for field in data.keys():
assert getattr(assessment, field) != data[field]
def setUp(self):
self.staff_user = StaffUserFactory()
self.simple_user = UserFactory()
self.skill = Skill.objects.create(name='python')
self.staff_user2 = StaffUserFactory()
self.simple_user2 = UserFactory()
UserSkillModel.objects.create(user=self.staff_user2, skill=self.skill)
UserSkillModel.objects.create(user=self.simple_user2, skill=self.skill)
def setUp(self):
self.staff_user = StaffUserFactory()
self.simple_user = UserFactory()
from ssm.skills.models import Skill
self.skill1 = Skill.objects.create(name='python')
self.skill2 = Skill.objects.create(name='golang')
Skill.objects.create(name='postgresql')
Skill.objects.create(name='mysql')
Skill.objects.create(name='mongodb')
Skill.objects.create(name='aws')
Skill.objects.create(name='gcloud')
class UserTestCase(TestCase):
def setUp(self):
self.user = UserFactory(email='*****@*****.**',
full_name='Ethan Elliott')
def test_str(self):
assert str(
self.user) == f'{self.user.get_full_name()} (user {self.user.id})'
def test_create(self):
user = User.objects.create(email='*****@*****.**',
full_name='Aryan Barber')
assert user.id
assert user.is_active
assert not user.is_staff
assert not user.is_superuser
assert user.email == '*****@*****.**'
assert user.full_name == 'Aryan Barber'
def test_is_birthday__true(self):
self.user.date_of_birth = today()
assert self.user.is_birthday()
def test_is_birthday__false__already_notified(self):
self.user.date_of_birth = today()
self.user.birthday_notification = today()
assert not self.user.is_birthday()
def test_is_birthday__false_5_days_ago(self):
self.user.date_of_birth = Day(ago=5).date
assert not self.user.is_birthday()
def test_is_birthday__false_5_days_ahead(self):
self.user.date_of_birth = Day(ago=-5).date
assert not self.user.is_birthday()
def test_notify__birthday(self):
self.user.notify(BIRTHDAY)
assert len(mail.outbox) == 1
assert mail.outbox[0].subject == settings.BIRTHDAY_SUBJECT
assert mail.outbox[0].body == settings.BIRTHDAY_MESSAGE
def test_notify__assessment(self):
self.user.notify(ASSESSMENT)
assert len(mail.outbox) == 1
assert mail.outbox[0].subject == settings.ASSESSMENT_SUBJECT
assert mail.outbox[0].body == settings.ASSESSMENT_MESSAGE
def test_notify__unknown_notification(self):
with pytest.raises(Exception):
self.user.notify('unknown')
def test_get_serializer_class__staff_user_allow_to_modify_all_fields(self):
user = UserFactory()
self.client.force_authenticate(self.staff_user)
data = {
'email': '*****@*****.**',
'is_staff': True,
'has_card': True,
'has_key': True
}
response = self.client.patch(self.get_detail_url(user.id), data=data)
user.refresh_from_db()
for field in data.keys():
assert response.data[field] == data[field]
assert getattr(user, field) == data[field]
def test_permission_classes__staff_allow_to_use_any_rest_method(self):
self.client.force_authenticate(self.staff_user)
# POST
assert User.objects.count() == 2
data = {
'email': self.fake.email(),
'password': self.fake.password(),
'skills': []
}
response = self.client.post(self.get_list_url(), data=data)
assert response.status_code == HTTP_201_CREATED
assert User.objects.count() == 3
user = User.objects.get(email=data['email'])
self.assert_fields(user, data, self.staff_user)
# GET(id)
response = self.client.get(self.get_detail_url(response.data['id']))
assert response.status_code == HTTP_200_OK
assert response.data['email'] == data['email']
serializer = StaffUserWithSkillsSerializer(user)
assert response.data == serializer.data
# PATCH
data = {'skype': self.fake.user_name()}
response = self.client.patch(self.get_detail_url(response.data['id']),
data=data)
user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert user.skype == data['skype']
# PUT
data = {**response.data, **{'skype': self.fake.user_name()}}
response = self.client.put(self.get_detail_url(response.data['id']),
data=data)
user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert user.skype == data['skype']
# DELETE
assert User.objects.count() == 3
response = self.client.delete(self.get_detail_url(response.data['id']))
assert response.status_code == HTTP_204_NO_CONTENT
assert User.objects.count() == 2
# GET(all)
[
UserFactory(email=email)
for email in [self.fake.email, self.fake.email()]
]
users = User.objects.all()
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 4
serializer = StaffUserWithSkillsSerializer(users, many=True)
assert response.data['results'] == serializer.data
assert set(entity['id'] for entity in response.data['results']) == set(
entity.id for entity in users)
def test_permission_classes__non_staff_allow_to_use_subset_of_rest_api_methods(
self):
self.client.force_authenticate(self.simple_user)
# POST
assert User.objects.count() == 2
data = {
'email': self.fake.email(),
'password': self.fake.password(),
'skills': []
}
response = self.client.post(self.get_list_url(), data=data)
assert response.status_code == HTTP_403_FORBIDDEN
assert User.objects.count() == 2
# GET(id)
response = self.client.get(self.get_detail_url(self.simple_user.id))
assert response.status_code == HTTP_200_OK
serializer = UserWithSkillsSerializer(self.simple_user)
assert response.data == serializer.data
# PATCH
data = {'skype': self.fake.user_name()}
response = self.client.patch(self.get_detail_url(self.simple_user.id),
data=data)
self.simple_user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert self.simple_user.skype == data['skype']
# PUT
data = {**response.data, **{'skype': self.fake.user_name()}}
response = self.client.put(self.get_detail_url(self.simple_user.id),
data=data)
self.simple_user.refresh_from_db()
assert response.status_code == HTTP_403_FORBIDDEN
assert self.simple_user.skype != data['skype']
# DELETE
response = self.client.delete(self.get_detail_url(self.simple_user.id))
assert response.status_code == HTTP_403_FORBIDDEN
assert User.objects.count() == 2
# GET(all)
[
UserFactory(email=email)
for email in [self.fake.email(),
self.fake.email()]
]
users = User.objects.filter(email=self.simple_user.email)
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 1
serializer = UserWithSkillsSerializer(users, many=True)
assert response.data['results'] == serializer.data
assert set(entity['id'] for entity in response.data['results']) == set(
entity.id for entity in users)
def setUp(self):
self.staff_user = StaffUserFactory()
self.simple_user = UserFactory()
MembersModel.objects.create(user=self.staff_user,
project=self.project1,
joined_date=today())
MembersModel.objects.create(user=self.simple_user,
project=self.project1,
joined_date=today())
MembersModel.objects.create(user=self.simple_user,
project=self.project2,
joined_date=today())
def test__read_only_fields(self):
assessment = AssessmentFactory(status=STATUS.new, start_date=Day().date, end_date=Day().date)
user, decision_by = UserFactory(), UserFactory()
data = {
'user': {'id': user.id},
'decision_by': {'id': decision_by.id},
'status': STATUS.in_progress,
'start_date': Day(ago=5).date,
'end_date': Day(ago=5).date,
'plan': 'Test plan',
'comments': 'Test comments',
'notes': 'Test notes',
}
serializer = AssessmentSerializer(assessment, data=data)
assert serializer.is_valid()
assessment = serializer.save()
assert assessment.user.id != data['user']['id']
assert assessment.decision_by.id != data['user']['id']
data.pop('user'), data.pop('decision_by')
for field in data.keys():
assert getattr(assessment, field) != data[field]
def test_get_serializer_class_non_staff_user_allow_to_modify_non_read_only_fields(self):
data = {
'user': self.simple_user,
'status': STATUS.new,
'reason': REASON.illness,
'start_date': Day().date,
'end_date': Day().date,
}
absence = AbsenceFactory(**data)
self.client.force_authenticate(self.simple_user)
user, decision_by = UserFactory(), UserFactory()
data = {
'user': {'id': user.id},
'decision_by': {'id': decision_by.id},
'status': STATUS.verifying,
'reason': REASON.other,
'start_date': Day(ago=5).date,
'end_date': Day(ago=4).date,
'notes': self.fake.text(),
}
response = self.client.patch(self.get_detail_url(absence.id), data=data)
assert response.status_code == HTTP_403_FORBIDDEN
absence.refresh_from_db()
assert absence.user.id != data['user']['id']
assert absence.decision_by.id != data['decision_by']['id']
data.pop('user'), data.pop('decision_by')
for field in data.keys():
assert getattr(absence, field) != data[field]
data = {
'status': STATUS.verifying,
'reason': REASON.other,
'start_date': Day(ago=5).date,
'end_date': Day(ago=4).date,
}
response = self.client.patch(self.get_detail_url(absence.id), data=data)
assert response.status_code == HTTP_200_OK
absence.refresh_from_db()
for field in data.keys():
assert getattr(absence, field) == data[field]
def test_get_serializer_class__staff_user_allow_to_modify_all_fields(self):
absence = AbsenceFactory(status=STATUS.new, reason=REASON.illness, start_date=Day().date, end_date=Day().date)
self.client.force_authenticate(self.staff_user)
user, decision_by = UserFactory(), UserFactory()
data = {
'user': {'id': user.id},
'decision_by': {'id': decision_by.id},
'status': STATUS.verifying,
'reason': REASON.other,
'start_date': Day(ago=5).date,
'end_date': Day(ago=4).date,
'notes': self.fake.text(),
}
response = self.client.patch(self.get_detail_url(absence.id), data=data)
absence.refresh_from_db()
assert absence.user.id == data['user']['id']
assert absence.decision_by.id == data['decision_by']['id']
assert response.data['user']['id'] == data['user']['id']
assert response.data['decision_by']['id'] == data['decision_by']['id']
data.pop('user'), data.pop('decision_by')
for field in data.keys():
assert response.data[field] == (format(data[field]) if isinstance(data[field], date) else data[field])
assert getattr(absence, field) == data[field]
def test_permission_classes__non_staff_allows_to_access_and_modify_only_his_data(
self):
self.client.force_authenticate(self.simple_user)
# POST
assert User.objects.count() == 2
data = {
'email': self.fake.email(),
'password': self.fake.password(),
'skills': []
}
response = self.client.post(self.get_list_url(), data=data)
assert response.status_code == HTTP_403_FORBIDDEN
assert User.objects.count() == 2
# GET(id)
response = self.client.get(self.get_detail_url(self.staff_user.id))
assert response.status_code == HTTP_404_NOT_FOUND
# PATCH
data = {'skype': self.fake.user_name()}
response = self.client.patch(self.get_detail_url(self.staff_user.id),
data=data)
assert response.status_code == HTTP_404_NOT_FOUND
# DELETE
response = self.client.delete(self.get_detail_url(self.staff_user.id))
assert response.status_code == HTTP_403_FORBIDDEN
# GET(all)
[
UserFactory(email=email)
for email in [self.fake.email(),
self.fake.email()]
]
users = User.objects.filter(email=self.simple_user.email)
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 1
assert User.objects.count() == 4
serializer = UserWithSkillsSerializer(users, many=True)
assert response.data['results'] == serializer.data
def setUp(self):
self.staff_user = StaffUserFactory()
self.simple_user = UserFactory()
def setUp(self):
self.staff_user = StaffUserFactory()
self.simple_user = UserFactory()
UserSkillModel.objects.create(user=self.staff_user, skill=self.skill1)
UserSkillModel.objects.create(user=self.simple_user, skill=self.skill1)
def setUpTestData(cls):
cls.staff_user = StaffUserFactory()
cls.simple_user = UserFactory()
super().setUpTestData()
class UserViewSetTestCase(BaseTestCase):
list_url = 'user-list'
detail_url = 'user-detail'
def setUp(self):
self.staff_user = StaffUserFactory()
self.simple_user = UserFactory()
from ssm.skills.models import Skill
self.skill1 = Skill.objects.create(name='python')
self.skill2 = Skill.objects.create(name='golang')
Skill.objects.create(name='postgresql')
Skill.objects.create(name='mysql')
Skill.objects.create(name='mongodb')
Skill.objects.create(name='aws')
Skill.objects.create(name='gcloud')
def test_permission_classes__only_is_authenticated_user_allows_access(
self):
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_401_UNAUTHORIZED
self.client.force_authenticate(self.staff_user)
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 2
def test_permission_classes__staff_allow_to_use_any_rest_method(self):
self.client.force_authenticate(self.staff_user)
# POST
assert User.objects.count() == 2
data = {
'email': self.fake.email(),
'password': self.fake.password(),
'skills': []
}
response = self.client.post(self.get_list_url(), data=data)
assert response.status_code == HTTP_201_CREATED
assert User.objects.count() == 3
user = User.objects.get(email=data['email'])
self.assert_fields(user, data, self.staff_user)
# GET(id)
response = self.client.get(self.get_detail_url(response.data['id']))
assert response.status_code == HTTP_200_OK
assert response.data['email'] == data['email']
serializer = StaffUserWithSkillsSerializer(user)
assert response.data == serializer.data
# PATCH
data = {'skype': self.fake.user_name()}
response = self.client.patch(self.get_detail_url(response.data['id']),
data=data)
user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert user.skype == data['skype']
# PUT
data = {**response.data, **{'skype': self.fake.user_name()}}
response = self.client.put(self.get_detail_url(response.data['id']),
data=data)
user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert user.skype == data['skype']
# DELETE
assert User.objects.count() == 3
response = self.client.delete(self.get_detail_url(response.data['id']))
assert response.status_code == HTTP_204_NO_CONTENT
assert User.objects.count() == 2
# GET(all)
[
UserFactory(email=email)
for email in [self.fake.email, self.fake.email()]
]
users = User.objects.all()
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 4
serializer = StaffUserWithSkillsSerializer(users, many=True)
assert response.data['results'] == serializer.data
assert set(entity['id'] for entity in response.data['results']) == set(
entity.id for entity in users)
def test_permission_classes__non_staff_allow_to_use_subset_of_rest_api_methods(
self):
self.client.force_authenticate(self.simple_user)
# POST
assert User.objects.count() == 2
data = {
'email': self.fake.email(),
'password': self.fake.password(),
'skills': []
}
response = self.client.post(self.get_list_url(), data=data)
assert response.status_code == HTTP_403_FORBIDDEN
assert User.objects.count() == 2
# GET(id)
response = self.client.get(self.get_detail_url(self.simple_user.id))
assert response.status_code == HTTP_200_OK
serializer = UserWithSkillsSerializer(self.simple_user)
assert response.data == serializer.data
# PATCH
data = {'skype': self.fake.user_name()}
response = self.client.patch(self.get_detail_url(self.simple_user.id),
data=data)
self.simple_user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert self.simple_user.skype == data['skype']
# PUT
data = {**response.data, **{'skype': self.fake.user_name()}}
response = self.client.put(self.get_detail_url(self.simple_user.id),
data=data)
self.simple_user.refresh_from_db()
assert response.status_code == HTTP_403_FORBIDDEN
assert self.simple_user.skype != data['skype']
# DELETE
response = self.client.delete(self.get_detail_url(self.simple_user.id))
assert response.status_code == HTTP_403_FORBIDDEN
assert User.objects.count() == 2
# GET(all)
[
UserFactory(email=email)
for email in [self.fake.email(),
self.fake.email()]
]
users = User.objects.filter(email=self.simple_user.email)
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 1
serializer = UserWithSkillsSerializer(users, many=True)
assert response.data['results'] == serializer.data
assert set(entity['id'] for entity in response.data['results']) == set(
entity.id for entity in users)
def test_permission_classes__staff_allows_to_access_and_modify_any_other_users_data(
self):
self.client.force_authenticate(self.staff_user)
# POST
assert User.objects.count() == 2
data = {
'email': self.fake.email(),
'password': self.fake.password(),
'skills': []
}
response = self.client.post(self.get_list_url(), data=data)
assert response.status_code == HTTP_201_CREATED
assert response.data['email'] == data['email']
user = User.objects.get(email=data['email'])
self.assert_fields(user, data, self.simple_user)
# GET(id)
response = self.client.get(self.get_detail_url(response.data['id']))
assert response.status_code == HTTP_200_OK
serializer = StaffUserWithSkillsSerializer(user)
assert response.data == serializer.data
# PATCH
data = {'skype': self.fake.user_name()}
response = self.client.patch(self.get_detail_url(response.data['id']),
data=data)
user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert user.skype == data['skype']
# PUT
data = {**response.data, **{'skype': self.fake.user_name()}}
response = self.client.put(self.get_detail_url(response.data['id']),
data=data)
user.refresh_from_db()
assert response.status_code == HTTP_200_OK
assert response.data['skype'] == data['skype']
assert user.skype == data['skype']
# DELETE
assert User.objects.count() == 3
response = self.client.delete(self.get_detail_url(response.data['id']))
assert response.status_code == HTTP_204_NO_CONTENT
assert User.objects.count() == 2
# GET(all)
[
UserFactory(email=email)
for email in [self.fake.email(),
self.fake.email()]
]
users = User.objects.all()
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 4
serializer = StaffUserWithSkillsSerializer(users, many=True)
assert response.data['results'] == serializer.data
assert set(entity['id'] for entity in response.data['results']) == set(
entity.id for entity in users)
def test_permission_classes__non_staff_allows_to_access_and_modify_only_his_data(
self):
self.client.force_authenticate(self.simple_user)
# POST
assert User.objects.count() == 2
data = {
'email': self.fake.email(),
'password': self.fake.password(),
'skills': []
}
response = self.client.post(self.get_list_url(), data=data)
assert response.status_code == HTTP_403_FORBIDDEN
assert User.objects.count() == 2
# GET(id)
response = self.client.get(self.get_detail_url(self.staff_user.id))
assert response.status_code == HTTP_404_NOT_FOUND
# PATCH
data = {'skype': self.fake.user_name()}
response = self.client.patch(self.get_detail_url(self.staff_user.id),
data=data)
assert response.status_code == HTTP_404_NOT_FOUND
# DELETE
response = self.client.delete(self.get_detail_url(self.staff_user.id))
assert response.status_code == HTTP_403_FORBIDDEN
# GET(all)
[
UserFactory(email=email)
for email in [self.fake.email(),
self.fake.email()]
]
users = User.objects.filter(email=self.simple_user.email)
response = self.client.get(self.get_list_url())
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 1
assert User.objects.count() == 4
serializer = UserWithSkillsSerializer(users, many=True)
assert response.data['results'] == serializer.data
def test_get_serializer_class__staff_user_serializer(self):
self.client.force_authenticate(self.staff_user)
response = self.client.get(self.get_detail_url(self.staff_user.id))
serializer = StaffUserWithSkillsSerializer(self.staff_user)
assert response.status_code == HTTP_200_OK
assert response.data == serializer.data
def test_get_serializer_class__user_serializer(self):
self.client.force_authenticate(self.simple_user)
response = self.client.get(self.get_detail_url(self.simple_user.id))
serializer = UserWithSkillsSerializer(self.simple_user)
assert response.status_code == HTTP_200_OK
assert response.data == serializer.data
def test_get_serializer_class__staff_user_allow_to_modify_all_fields(self):
user = UserFactory()
self.client.force_authenticate(self.staff_user)
data = {
'email': '*****@*****.**',
'is_staff': True,
'has_card': True,
'has_key': True
}
response = self.client.patch(self.get_detail_url(user.id), data=data)
user.refresh_from_db()
for field in data.keys():
assert response.data[field] == data[field]
assert getattr(user, field) == data[field]
def test_get_serializer_class__non_staff_user_allow_to_modify_non_read_only_fields(
self):
self.client.force_authenticate(self.simple_user)
data = {
'email': '*****@*****.**',
'is_staff': True,
'has_card': True,
'has_key': True
}
response = self.client.patch(self.get_detail_url(self.simple_user.id),
data=data)
assert response.status_code == HTTP_200_OK
self.simple_user.refresh_from_db()
for field in data.keys():
assert getattr(self.simple_user, field) != data[field]
data = {
'full_name': self.fake.name(),
'date_of_birth': self.fake.date_of_birth(),
'education': self.fake.hostname(),
'phone_number': self.fake.phone_number(),
'phone_number2': self.fake.phone_number(),
'skype': self.fake.user_name(),
}
response = self.client.patch(self.get_detail_url(self.simple_user.id),
data=data)
assert response.status_code == HTTP_200_OK
self.simple_user.refresh_from_db()
for field in data.keys():
assert getattr(self.simple_user, field) == data[field]
def test_get_serializer_class__staff_request__without_skills(self):
self.client.force_authenticate(self.staff_user)
response = self.client.get(self.get_list_url(), {'skills': False})
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 2
assert all('skills' not in value for value in response.data['results'])
response = self.client.get(self.get_list_url(), {'skills': 'false'})
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 2
assert all('skills' not in value for value in response.data['results'])
response = self.client.get(self.get_list_url(), {'skills': 0})
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 2
assert all('skills' not in value for value in response.data['results'])
def test_get_serializer_class__staff_request__with_skills(self):
from ssm.skills.models import UserSkillModel
UserSkillModel.objects.create(user=self.staff_user, skill=self.skill1)
UserSkillModel.objects.create(user=self.simple_user, skill=self.skill2)
self.client.force_authenticate(self.staff_user)
response = self.client.get(self.get_list_url())
assert len(response.data['results']) == 2
assert all('skills' in value for value in response.data['results'])
assert any(
len(value['skills']) == 1 for value in response.data['results'])
response = self.client.get(self.get_list_url(), {'skills': True})
assert len(response.data['results']) == 2
assert all('skills' in value for value in response.data['results'])
assert any(
len(value['skills']) == 1 for value in response.data['results'])
def test_get_serializer_class__non_staff_request__without_skills(self):
self.client.force_authenticate(self.simple_user)
response = self.client.get(self.get_list_url(), {'skills': False})
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 1
assert all('skills' not in value for value in response.data['results'])
response = self.client.get(self.get_list_url(), {'skills': 'false'})
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 1
assert all('skills' not in value for value in response.data['results'])
response = self.client.get(self.get_list_url(), {'skills': 0})
assert response.status_code == HTTP_200_OK
assert len(response.data['results']) == 1
assert all('skills' not in value for value in response.data['results'])
def test_get_serializer_class__non_staff_request__with_skills(self):
from ssm.skills.models import UserSkillModel
UserSkillModel.objects.create(user=self.simple_user, skill=self.skill1)
UserSkillModel.objects.create(user=self.simple_user, skill=self.skill2)
self.client.force_authenticate(self.simple_user)
response = self.client.get(self.get_list_url())
assert len(response.data['results']) == 1
assert all('skills' in value for value in response.data['results'])
assert all(
len(value['skills']) == 2 for value in response.data['results'])
response = self.client.get(self.get_list_url(), {'skills': True})
assert len(response.data['results']) == 1
assert all('skills' in value for value in response.data['results'])
assert all(
len(value['skills']) == 2 for value in response.data['results'])
def setUp(self):
self.user = UserFactory(email='*****@*****.**',
full_name='Ethan Elliott')
