tests: Add 'store_samples' decorator to 'test_user'

Signed-off-by: Stephen Finucane <stephen@that.guru>

diff --git a/patchwork/tests/api/test_user.py b/patchwork/tests/api/test_user.py
index 225b0778ee19c71c8f1888a469829043c5e6a815..c6114ee635bd1ed0120293a66a0f4d85a00b8544 100644 (file)
--- a/patchwork/tests/api/test_user.py
+++ b/patchwork/tests/api/test_user.py
@@ -8,6 +8,7 @@ import unittest
 from django.conf import settings
 from django.urls import reverse
 
+from patchwork.tests.api import utils
 from patchwork.tests.utils import create_maintainer
 from patchwork.tests.utils import create_user
 
@@ -35,28 +36,78 @@ class TestUserAPI(APITestCase):
         self.assertNotIn('password', user_json)
         self.assertNotIn('is_superuser', user_json)
 
-    def test_list(self):
-        """This API requires authenticated users."""
-        # anonymous users
+    @utils.store_samples('users-list-error-forbidden')
+    def test_list_anonymous(self):
+        """List users as anonymous user."""
+        create_user()
+
         resp = self.client.get(self.api_url())
         self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
 
-        # authenticated user
+    @utils.store_samples('users-list')
+    def test_list_authenticated(self):
+        """List users as authenticated user."""
         user = create_user()
-        self.client.force_authenticate(user=user)
 
+        self.client.force_authenticate(user=user)
         resp = self.client.get(self.api_url())
         self.assertEqual(status.HTTP_200_OK, resp.status_code)
         self.assertEqual(1, len(resp.data))
         self.assertSerialized(user, resp.data[0])
 
-    def test_update(self):
-        """Ensure updates are allowed."""
+    @utils.store_samples('users-detail-error-forbidden')
+    def test_detail_anonymous(self):
+        """Show user as anonymous user."""
+        user = create_user()
+
+        resp = self.client.get(self.api_url(user.id))
+        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
+
+    @utils.store_samples('users-detail')
+    def test_detail_authenticated(self):
+        """Show user as authenticated user."""
+        user = create_user()
+
+        self.client.force_authenticate(user=user)
+        resp = self.client.get(self.api_url(user.id))
+        self.assertEqual(status.HTTP_200_OK, resp.status_code)
+        self.assertSerialized(user, resp.data)
+
+    @utils.store_samples('users-update-error-forbidden')
+    def test_update_anonymous(self):
+        """Update user as anonymous user."""
+        user = create_user()
+
+        resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
+        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
+
+    def test_update_other_user(self):
+        """Update user as another, non-maintainer user."""
+        user_a = create_user()
+        user_b = create_user()
+
+        self.client.force_authenticate(user=user_a)
+        resp = self.client.patch(self.api_url(user_b.id),
+                                 {'first_name': 'Tan'})
+        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
+
+    def test_update_maintainer(self):
+        """Update user as maintainer."""
         user = create_maintainer()
         user.is_superuser = True
         user.save()
+
         self.client.force_authenticate(user=user)
+        resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
+        self.assertEqual(status.HTTP_200_OK, resp.status_code)
+        self.assertSerialized(user, resp.data)
 
+    @utils.store_samples('users-update')
+    def test_update_self(self):
+        """Update user as self."""
+        user = create_user()
+
+        self.client.force_authenticate(user=user)
         resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
         self.assertEqual(status.HTTP_200_OK, resp.status_code)
         self.assertSerialized(user, resp.data)