Embedded signatures cannot be deleted
Signed-off-by: Roberto Rosario <roberto.rosario@mayan-edms.com>
This commit is contained in:
Roberto Rosario
@@ -197,9 +197,8 @@ class APIDocumentEmbeddedSignatureListView(generics.ListCreateAPIView):
|
||||
return context
|
||||
|
||||
|
||||
class APIDocumentEmbeddedSignatureView(generics.RetrieveDestroyAPIView):
|
||||
class APIDocumentEmbeddedSignatureView(generics.RetrieveAPIView):
|
||||
"""
|
||||
delete: Delete an embedded signature of the selected document.
|
||||
get: Returns the details of the selected embedded signature.
|
||||
"""
|
||||
lookup_url_kwarg = 'embedded_signature_id'
|
||||
@@ -215,8 +214,6 @@ class APIDocumentEmbeddedSignatureView(generics.RetrieveDestroyAPIView):
|
||||
permission = permission_document_version_signature_view
|
||||
elif self.request.method == 'POST':
|
||||
permission = permission_document_version_signature_view
|
||||
elif self.request.method == 'DELETE':
|
||||
permission = permission_document_version_signature_delete
|
||||
|
||||
return AccessControlList.objects.restrict_queryset(
|
||||
permission=permission, queryset=Document.objects.all(),
|
||||
|
||||
@@ -82,16 +82,6 @@ class EmbeddedSignatureAPIViewTestMixin(object):
|
||||
}
|
||||
)
|
||||
|
||||
def _request_test_document_signature_embedded_delete_view(self):
|
||||
return self.delete(
|
||||
viewname='rest_api:embeddedsignature-detail',
|
||||
kwargs={
|
||||
'document_id': self.test_document.pk,
|
||||
'document_version_id': self.test_document_version.pk,
|
||||
'embedded_signature_id': self.test_document_version.signatures.first().pk
|
||||
}
|
||||
)
|
||||
|
||||
def _request_test_document_signature_embedded_detail_view(self):
|
||||
return self.get(
|
||||
viewname='rest_api:embeddedsignature-detail',
|
||||
|
||||
@@ -187,62 +187,6 @@ class EmbeddedSignatureDocumentAPIViewTestCase(
|
||||
):
|
||||
auto_upload_document = False
|
||||
|
||||
def test_document_signature_embedded_delete_no_permission(self):
|
||||
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
||||
self.upload_document()
|
||||
|
||||
signatures = self.test_document.latest_version.signatures.count()
|
||||
|
||||
response = self._request_test_document_signature_embedded_delete_view()
|
||||
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
||||
|
||||
self.assertEqual(
|
||||
self.test_document.latest_version.signatures.count(),
|
||||
signatures
|
||||
)
|
||||
|
||||
def test_document_signature_embedded_delete_with_access(self):
|
||||
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
||||
self.upload_document()
|
||||
|
||||
signatures = self.test_document.latest_version.signatures.count()
|
||||
|
||||
self.grant_access(
|
||||
obj=self.test_document,
|
||||
permission=permission_document_version_signature_delete
|
||||
)
|
||||
|
||||
response = self._request_test_document_signature_embedded_delete_view()
|
||||
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
|
||||
|
||||
self.assertEqual(
|
||||
self.test_document.latest_version.signatures.count(),
|
||||
signatures - 1
|
||||
)
|
||||
|
||||
def test_document_signature_embedded_detail_no_permission(self):
|
||||
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
||||
self.upload_document()
|
||||
|
||||
response = self._request_test_document_signature_embedded_detail_view()
|
||||
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
||||
|
||||
def test_document_signature_embedded_detail_with_access(self):
|
||||
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
||||
self.upload_document()
|
||||
|
||||
self.grant_access(
|
||||
obj=self.test_document,
|
||||
permission=permission_document_version_signature_view
|
||||
)
|
||||
|
||||
response = self._request_test_document_signature_embedded_detail_view()
|
||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||
|
||||
self.assertEqual(
|
||||
response.data['key_id'], TEST_KEY_PUBLIC_ID
|
||||
)
|
||||
|
||||
def test_document_signature_embedded_create_view_no_permission(self):
|
||||
self.upload_document()
|
||||
self._create_test_key_private()
|
||||
@@ -318,6 +262,29 @@ class EmbeddedSignatureDocumentAPIViewTestCase(
|
||||
signatures + 1
|
||||
)
|
||||
|
||||
def test_document_signature_embedded_detail_no_permission(self):
|
||||
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
||||
self.upload_document()
|
||||
|
||||
response = self._request_test_document_signature_embedded_detail_view()
|
||||
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
||||
|
||||
def test_document_signature_embedded_detail_with_access(self):
|
||||
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
||||
self.upload_document()
|
||||
|
||||
self.grant_access(
|
||||
obj=self.test_document,
|
||||
permission=permission_document_version_signature_view
|
||||
)
|
||||
|
||||
response = self._request_test_document_signature_embedded_detail_view()
|
||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||
|
||||
self.assertEqual(
|
||||
response.data['key_id'], TEST_KEY_PUBLIC_ID
|
||||
)
|
||||
|
||||
def test_document_signature_embedded_list_view_no_permission(self):
|
||||
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
||||
self.upload_document()
|
||||
|
||||
Reference in New Issue
Block a user