def test_create_basket_superuser(self):
"""Only user with permissions should be able to create a basket."""
client = APIClient()
dummy_user = UserFactory(username="******")
dummy_user.is_superuser = True
dummy_user.save()
client.force_authenticate(user=dummy_user)
request = client.get(self.API_PATH)
self.assertEqual(200, request.status_code)
dummy_user.delete()
def test_get_basket_variable_GET_data_as_superuser(self):
"""Can we get basket variable data."""
superuser = UserFactory(username="******")
superuser.is_superuser = True
superuser.save()
self.client.force_authenticate(user=superuser)
response = self.client.get(self.API_PATH)
results = json.loads(response.content)["results"]
basket = results[0]
self.assertEqual(self.basket_variable.basket_id, basket["basket_id"])
self.assertEqual(str(self.basket_variable.variable_id),
basket["variable_id"])
superuser.delete()
def test_raw_image_file_download(client, settings):
settings.task_eager_propagates = (True, )
settings.task_always_eager = (True, )
admin = UserFactory(is_staff=True)
user = UserFactory()
us = RawImageUploadSessionFactory(creator=user)
path = Path(__file__).parent / "resources" / "dicom" / "1.dcm"
f = StagedFileFactory(file__from_path=path)
rif = RawImageFileFactory(upload_session=us, staged_file_id=f.file_id)
response = get_view_for_user(
client=client,
user=user,
viewname="admin:cases_rawimagefile_download",
reverse_kwargs={"object_id": rif.pk},
follow=True,
)
assert response.status_code == 200
assert "not authorized to access this page" in response.rendered_content
response = get_view_for_user(
client=client,
user=admin,
viewname="admin:cases_rawimagefile_download",
reverse_kwargs={"object_id": rif.pk},
)
assert response.status_code == 403
admin.is_superuser = True
admin.save()
response = get_view_for_user(
client=client,
user=admin,
viewname="admin:cases_rawimagefile_download",
reverse_kwargs={"object_id": rif.pk},
)
assert response.status_code == 200
with path.open("rb") as dcm:
assert dcm.read() == response.content