[PATCH 05/13] tests: Add 'store_samples' decorator to 'test_user'
Stephen Finucane
stephen at that.guru
Tue Oct 30 22:31:45 AEDT 2018
Signed-off-by: Stephen Finucane <stephen at that.guru>
---
patchwork/tests/api/test_user.py | 65 ++++++++++++++++++++++++++++----
1 file changed, 58 insertions(+), 7 deletions(-)
diff --git a/patchwork/tests/api/test_user.py b/patchwork/tests/api/test_user.py
index 225b0778..c6114ee6 100644
--- a/patchwork/tests/api/test_user.py
+++ b/patchwork/tests/api/test_user.py
@@ -8,6 +8,7 @@ import unittest
from django.conf import settings
from django.urls import reverse
+from patchwork.tests.api import utils
from patchwork.tests.utils import create_maintainer
from patchwork.tests.utils import create_user
@@ -35,28 +36,78 @@ class TestUserAPI(APITestCase):
self.assertNotIn('password', user_json)
self.assertNotIn('is_superuser', user_json)
- def test_list(self):
- """This API requires authenticated users."""
- # anonymous users
+ @utils.store_samples('users-list-error-forbidden')
+ def test_list_anonymous(self):
+ """List users as anonymous user."""
+ create_user()
+
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
- # authenticated user
+ @utils.store_samples('users-list')
+ def test_list_authenticated(self):
+ """List users as authenticated user."""
user = create_user()
- self.client.force_authenticate(user=user)
+ self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(1, len(resp.data))
self.assertSerialized(user, resp.data[0])
- def test_update(self):
- """Ensure updates are allowed."""
+ @utils.store_samples('users-detail-error-forbidden')
+ def test_detail_anonymous(self):
+ """Show user as anonymous user."""
+ user = create_user()
+
+ resp = self.client.get(self.api_url(user.id))
+ self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
+
+ @utils.store_samples('users-detail')
+ def test_detail_authenticated(self):
+ """Show user as authenticated user."""
+ user = create_user()
+
+ self.client.force_authenticate(user=user)
+ resp = self.client.get(self.api_url(user.id))
+ self.assertEqual(status.HTTP_200_OK, resp.status_code)
+ self.assertSerialized(user, resp.data)
+
+ @utils.store_samples('users-update-error-forbidden')
+ def test_update_anonymous(self):
+ """Update user as anonymous user."""
+ user = create_user()
+
+ resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
+ self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
+
+ def test_update_other_user(self):
+ """Update user as another, non-maintainer user."""
+ user_a = create_user()
+ user_b = create_user()
+
+ self.client.force_authenticate(user=user_a)
+ resp = self.client.patch(self.api_url(user_b.id),
+ {'first_name': 'Tan'})
+ self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
+
+ def test_update_maintainer(self):
+ """Update user as maintainer."""
user = create_maintainer()
user.is_superuser = True
user.save()
+
self.client.force_authenticate(user=user)
+ resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
+ self.assertEqual(status.HTTP_200_OK, resp.status_code)
+ self.assertSerialized(user, resp.data)
+ @utils.store_samples('users-update')
+ def test_update_self(self):
+ """Update user as self."""
+ user = create_user()
+
+ self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertSerialized(user, resp.data)
--
2.17.2
More information about the Patchwork
mailing list