matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove 'is_staff' and 'is_superadmin' from views and serializers. Add user API tests.

Browse Source
This commit is contained in:
Roberto Rosario
2016-05-01 17:06:37 -04:00
parent 0a8f429d04
commit 269d8fb5b3
4 changed files with 142 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
mayan/apps/common/forms.py
View File

@@ -158,7 +158,7 @@ class UserForm_view(DetailForm):
class Meta:
fields = (
'username', 'first_name', 'last_name', 'email', 'is_staff',
'is_superuser', 'last_login', 'date_joined', 'groups'
'username', 'first_name', 'last_name', 'email', 'last_login',
'date_joined', 'groups'
)
model = get_user_model()

32
mayan/apps/user_management/serializers.py
View File

@@ -23,21 +23,39 @@ class GroupSerializer(serializers.HyperlinkedModelSerializer):
class UserSerializer(serializers.HyperlinkedModelSerializer):
groups = GroupSerializer(many=True)
password = serializers.CharField(
required=False, style={'input_type': 'password'}
)
class Meta:
extra_kwargs = {
'url': {'view_name': 'rest_api:user-detail'}
}
fields = (
'first_name', 'date_joined', 'email', 'groups', 'id', 'is_staff',
'is_active', 'is_superuser', 'last_login', 'last_name',
'password', 'url', 'username',
'first_name', 'date_joined', 'email', 'groups', 'id', 'is_active',
'last_login', 'last_name', 'url', 'username', 'password'
)
model = get_user_model()
read_only_fields = ('last_login', 'date_joined')
write_only_fields = ('password',)
def restore_object(self, attrs, instance=None):
user = super(UserSerializer, self).restore_object(attrs, instance)
if 'password' in attrs:
user.set_password(attrs['password'])
def create(self, validated_data):
groups = validated_data.pop('groups')
is_active = validated_data.pop('is_active')
user = get_user_model().objects.create_user(**validated_data)
return user
def update(self, instance, validated_data):
groups = validated_data.pop('groups')
if 'password' in validated_data:
instance.set_password(validated_data['password'])
validated_data.pop('password')
for attr, value in validated_data.items():
setattr(instance, attr, value)
instance.save()
return instance

1
mayan/apps/user_management/tests/literals.py
View File

@@ -15,3 +15,4 @@ TEST_USER_EMAIL = 'user@example.com'
TEST_USER_PASSWORD = 'test user password'
TEST_USER_PASSWORD_EDITED = 'test user password edited'
TEST_USER_USERNAME = 'test_user'
TEST_USER_USERNAME_EDITED = 'test_user_edited'

114
mayan/apps/user_management/tests/test_api.py Normal file
View File

@@ -0,0 +1,114 @@
from __future__ import unicode_literals
from django.contrib.auth import get_user_model
from django.core.urlresolvers import reverse
from rest_framework import status
from rest_framework.test import APITestCase
from ..tests.literals import (
TEST_ADMIN_EMAIL, TEST_ADMIN_PASSWORD, TEST_ADMIN_USERNAME
)
from .literals import (
TEST_GROUP, TEST_USER_EMAIL, TEST_USER_PASSWORD, TEST_USER_PASSWORD_EDITED,
TEST_USER_USERNAME, TEST_USER_USERNAME_EDITED
)
class UserManagementAPITestCase(APITestCase):
"""
Test the document type API endpoints
"""
def setUp(self):
self.admin_user = get_user_model().objects.create_superuser(
username=TEST_ADMIN_USERNAME, email=TEST_ADMIN_EMAIL,
password=TEST_ADMIN_PASSWORD
)
self.client.login(
username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD
)
def tearDown(self):
get_user_model().objects.all().delete()
def test_user_create(self):
response = self.client.post(
reverse('rest_api:user-list'), data={
'email': TEST_USER_EMAIL, 'password': TEST_USER_PASSWORD,
'username': TEST_USER_USERNAME,
}
)
self.assertEqual(response.status_code, 201)
user = get_user_model().objects.get(pk=response.data['id'])
self.assertEqual(user.username, TEST_USER_USERNAME)
def test_user_create_login(self):
response = self.client.post(
reverse('rest_api:user-list'), data={
'email': TEST_USER_EMAIL, 'password': TEST_USER_PASSWORD,
'username': TEST_USER_USERNAME,
}
)
self.assertEqual(response.status_code, 201)
get_user_model().objects.get(pk=response.data['id'])
self.assertTrue(
self.client.login(
username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD
)
)
def test_user_edit_via_put(self):
user = get_user_model().objects.create_user(
email=TEST_USER_EMAIL, password=TEST_USER_PASSWORD,
username=TEST_USER_USERNAME
)
response = self.client.put(
reverse('rest_api:user-detail', args=(user.pk,)),
data={'username': TEST_USER_USERNAME_EDITED}
)
self.assertEqual(response.status_code, 200)
user.refresh_from_db()
self.assertEqual(user.username, TEST_USER_USERNAME_EDITED)
def test_document_type_edit_via_patch(self):
user = get_user_model().objects.create_user(
email=TEST_USER_EMAIL, password=TEST_USER_PASSWORD,
username=TEST_USER_USERNAME
)
response = self.client.patch(
reverse('rest_api:user-detail', args=(user.pk,)),
data={'username': TEST_USER_USERNAME_EDITED}
)
self.assertEqual(response.status_code, 200)
user.refresh_from_db()
self.assertEqual(user.username, TEST_USER_USERNAME_EDITED)
def test_document_type_delete(self):
user = get_user_model().objects.create_user(
email=TEST_USER_EMAIL, password=TEST_USER_PASSWORD,
username=TEST_USER_USERNAME
)
response = self.client.delete(
reverse('rest_api:user-detail', args=(user.pk,))
)
self.assertEqual(response.status_code, 204)
with self.assertRaises(get_user_model().DoesNotExist):
get_user_model().objects.get(pk=user.pk)