From: Stephen Finucane Date: Sun, 28 Oct 2018 15:49:54 +0000 (+0000) Subject: tests: Add 'store_samples' decorator to 'test_user' X-Git-Tag: v2.2.0-rc1~210 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d7744cb0a27588b9b389eaceb851ef217bfac7ad;p=thirdparty%2Fpatchwork.git tests: Add 'store_samples' decorator to 'test_user' Signed-off-by: Stephen Finucane --- diff --git a/patchwork/tests/api/test_user.py b/patchwork/tests/api/test_user.py index 225b0778..c6114ee6 100644 --- a/patchwork/tests/api/test_user.py +++ b/patchwork/tests/api/test_user.py @@ -8,6 +8,7 @@ import unittest from django.conf import settings from django.urls import reverse +from patchwork.tests.api import utils from patchwork.tests.utils import create_maintainer from patchwork.tests.utils import create_user @@ -35,28 +36,78 @@ class TestUserAPI(APITestCase): self.assertNotIn('password', user_json) self.assertNotIn('is_superuser', user_json) - def test_list(self): - """This API requires authenticated users.""" - # anonymous users + @utils.store_samples('users-list-error-forbidden') + def test_list_anonymous(self): + """List users as anonymous user.""" + create_user() + resp = self.client.get(self.api_url()) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) - # authenticated user + @utils.store_samples('users-list') + def test_list_authenticated(self): + """List users as authenticated user.""" user = create_user() - self.client.force_authenticate(user=user) + self.client.force_authenticate(user=user) resp = self.client.get(self.api_url()) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(1, len(resp.data)) self.assertSerialized(user, resp.data[0]) - def test_update(self): - """Ensure updates are allowed.""" + @utils.store_samples('users-detail-error-forbidden') + def test_detail_anonymous(self): + """Show user as anonymous user.""" + user = create_user() + + resp = self.client.get(self.api_url(user.id)) + self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) + + @utils.store_samples('users-detail') + def test_detail_authenticated(self): + """Show user as authenticated user.""" + user = create_user() + + self.client.force_authenticate(user=user) + resp = self.client.get(self.api_url(user.id)) + self.assertEqual(status.HTTP_200_OK, resp.status_code) + self.assertSerialized(user, resp.data) + + @utils.store_samples('users-update-error-forbidden') + def test_update_anonymous(self): + """Update user as anonymous user.""" + user = create_user() + + resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'}) + self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) + + def test_update_other_user(self): + """Update user as another, non-maintainer user.""" + user_a = create_user() + user_b = create_user() + + self.client.force_authenticate(user=user_a) + resp = self.client.patch(self.api_url(user_b.id), + {'first_name': 'Tan'}) + self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) + + def test_update_maintainer(self): + """Update user as maintainer.""" user = create_maintainer() user.is_superuser = True user.save() + self.client.force_authenticate(user=user) + resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'}) + self.assertEqual(status.HTTP_200_OK, resp.status_code) + self.assertSerialized(user, resp.data) + @utils.store_samples('users-update') + def test_update_self(self): + """Update user as self.""" + user = create_user() + + self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'}) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertSerialized(user, resp.data)