From 8ffee05d2b8bc7103a5083c87d1ca79a2450499d Mon Sep 17 00:00:00 2001 From: Stephen Finucane Date: Sun, 28 Oct 2018 14:43:31 +0000 Subject: [PATCH] tests: Add 'store_samples' decorator to 'test_bundle' Add the decorator to the 'test_bundle' test class. This involves splitting up the test cases so that each test case we care about makes only a single request. We also add a missing test to ensure private bundles cannot be shown by anyone but the owner. Signed-off-by: Stephen Finucane --- patchwork/tests/api/test_bundle.py | 76 ++++++++++++++++++++++++++---- 1 file changed, 67 insertions(+), 9 deletions(-) diff --git a/patchwork/tests/api/test_bundle.py b/patchwork/tests/api/test_bundle.py index 2de4f99d..e33c25ef 100644 --- a/patchwork/tests/api/test_bundle.py +++ b/patchwork/tests/api/test_bundle.py @@ -8,6 +8,7 @@ import unittest from django.conf import settings from django.urls import reverse +from patchwork.tests.api import utils from patchwork.tests.utils import create_bundle from patchwork.tests.utils import create_maintainer from patchwork.tests.utils import create_project @@ -53,12 +54,13 @@ class TestBundleAPI(APITestCase): self.assertEqual(bundle_obj.project.id, bundle_json['project']['id']) - def test_list(self): - """Validate we can list bundles.""" + def test_list_empty(self): + """List bundles when none are present.""" resp = self.client.get(self.api_url()) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(0, len(resp.data)) + def _create_bundles(self): user = create_user(username='myuser') project = create_project(linkname='myproject') bundle_public = create_bundle(public=True, owner=user, @@ -66,6 +68,12 @@ class TestBundleAPI(APITestCase): bundle_private = create_bundle(public=False, owner=user, project=project) + return user, project, bundle_public, bundle_private + + def test_list_anonymous(self): + """List bundles as anonymous user.""" + user, project, bundle_public, _ = self._create_bundles() + # anonymous users # should only see the public bundle resp = self.client.get(self.api_url()) @@ -74,6 +82,11 @@ class TestBundleAPI(APITestCase): bundle_rsp = resp.data[0] self.assertSerialized(bundle_public, bundle_rsp) + @utils.store_samples('bundle-list') + def test_list_authenticated(self): + """List bundles as an authenticated user.""" + user, project, bundle_public, bundle_private = self._create_bundles() + # authenticated user # should see the public and private bundle self.client.force_authenticate(user=user) @@ -84,14 +97,24 @@ class TestBundleAPI(APITestCase): resp.data, [bundle_public, bundle_private]): self.assertSerialized(bundle_obj, bundle_rsp) + def test_list_filter_project(self): + """Filter bundles by project.""" + user, project, bundle_public, bundle_private = self._create_bundles() + # test filtering by project + self.client.force_authenticate(user=user) resp = self.client.get(self.api_url(), {'project': 'myproject'}) self.assertEqual([bundle_public.id, bundle_private.id], [x['id'] for x in resp.data]) resp = self.client.get(self.api_url(), {'project': 'invalidproject'}) self.assertEqual(0, len(resp.data)) + def test_list_filter_owner(self): + """Filter bundles by owner.""" + user, project, bundle_public, bundle_private = self._create_bundles() + # test filtering by owner, both ID and username + self.client.force_authenticate(user=user) resp = self.client.get(self.api_url(), {'owner': user.id}) self.assertEqual([bundle_public.id, bundle_private.id], [x['id'] for x in resp.data]) @@ -101,28 +124,63 @@ class TestBundleAPI(APITestCase): resp = self.client.get(self.api_url(), {'owner': 'otheruser'}) self.assertEqual(0, len(resp.data)) + @utils.store_samples('bundle-list-1.0') def test_list_version_1_0(self): - """Validate that newer fields are dropped for older API versions.""" - create_bundle(public=True) + """List bundles using API v1.0. + + Validate that newer fields are dropped for older API versions. + """ + user, _, _, _ = self._create_bundles() + self.client.force_authenticate(user=user) resp = self.client.get(self.api_url(version='1.0')) self.assertEqual(status.HTTP_200_OK, resp.status_code) - self.assertEqual(1, len(resp.data)) + self.assertEqual(2, len(resp.data)) self.assertIn('url', resp.data[0]) self.assertNotIn('web_url', resp.data[0]) - def test_detail(self): - """Validate we can get a specific bundle.""" - bundle = create_bundle(public=True) + def test_detail_anonymous_public(self): + """Show public bundle as anonymous user. + + Validate we can get a public bundle. + """ + user, _, bundle, _ = self._create_bundles() resp = self.client.get(self.api_url(bundle.id)) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertSerialized(bundle, resp.data) + @utils.store_samples('bundle-detail-error-not-found') + def test_detail_anonymous_private(self): + """Show private bundle as anonymous user. + + Validate we cannot get a private bundle if we're not the owner. + """ + user, _, _, bundle = self._create_bundles() + + resp = self.client.get(self.api_url(bundle.id)) + self.assertEqual(status.HTTP_404_NOT_FOUND, resp.status_code) + + @utils.store_samples('bundle-detail') + def test_detail_authenticated(self): + """Show private bundle as authenticated user. + + Validate we can get a private bundle if we're the owner. + """ + user, _, _, bundle = self._create_bundles() + + self.client.force_authenticate(user=user) + resp = self.client.get(self.api_url(bundle.id)) + self.assertEqual(status.HTTP_200_OK, resp.status_code) + self.assertSerialized(bundle, resp.data) + + @utils.store_samples('bundle-detail-1.0') def test_detail_version_1_0(self): - bundle = create_bundle(public=True) + """Show bundle using API v1.0.""" + user, _, bundle, _ = self._create_bundles() resp = self.client.get(self.api_url(bundle.id, version='1.0')) + self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertIn('url', resp.data) self.assertNotIn('web_url', resp.data) -- 2.47.3