diff --git a/mayan/apps/documents/tests/mixins.py b/mayan/apps/documents/tests/mixins.py index 220453529a..cb692a1f10 100644 --- a/mayan/apps/documents/tests/mixins.py +++ b/mayan/apps/documents/tests/mixins.py @@ -24,6 +24,21 @@ class DocumentTestMixin(object): test_document_filename = TEST_SMALL_DOCUMENT_FILENAME test_document_path = None + def setUp(self): + super(DocumentTestMixin, self).setUp() + self.test_documents = [] + + if self.auto_create_document_type: + self._create_document_type() + + if self.auto_upload_document: + self.upload_document() + + def tearDown(self): + for document_type in DocumentType.objects.all(): + document_type.delete() + super(DocumentTestMixin, self).tearDown() + def _create_document_type(self): self.test_document_type = DocumentType.objects.create( label=TEST_DOCUMENT_TYPE_LABEL @@ -51,21 +66,6 @@ class DocumentTestMixin(object): 'sample_documents', self.test_document_filename ) - def setUp(self): - super(DocumentTestMixin, self).setUp() - self.test_documents = [] - - if self.auto_create_document_type: - self._create_document_type() - - if self.auto_upload_document: - self.upload_document() - - def tearDown(self): - for document_type in DocumentType.objects.all(): - document_type.delete() - super(DocumentTestMixin, self).tearDown() - class DocumentTypeViewTestMixin(object): def _request_test_document_type_create_view(self): diff --git a/mayan/apps/documents/tests/test_api.py b/mayan/apps/documents/tests/test_api.py index 0ddcc9164f..a40165fac9 100644 --- a/mayan/apps/documents/tests/test_api.py +++ b/mayan/apps/documents/tests/test_api.py @@ -26,30 +26,55 @@ from .literals import ( TEST_DOCUMENT_TYPE_LABEL_EDITED, TEST_DOCUMENT_VERSION_COMMENT_EDITED, TEST_SMALL_DOCUMENT_FILENAME ) -from .mixins import DocumentTestMixin +from .mixins import DocumentTestMixin, DocumentVersionTestMixin -class DocumentTypeAPITestCase(DocumentTestMixin, BaseAPITestCase): - auto_upload_document = False - auto_create_document_type = False - - def _request_test_document_type_create_view(self): +class DocumentTypeAPIViewTestMixin(object): + def _request_test_document_type_api_create_view(self): return self.post( viewname='rest_api:documenttype-list', data={ 'label': TEST_DOCUMENT_TYPE_LABEL } ) - def test_document_type_create_no_permission(self): - response = self._request_test_document_type_create_view() + def _request_test_document_type_api_delete_view(self): + return self.delete( + viewname='rest_api:documenttype-detail', kwargs={ + 'pk': self.test_document_type.pk, + } + ) + + def _request_test_document_type_api_patch_view(self): + return self.patch( + viewname='rest_api:documenttype-detail', kwargs={ + 'pk': self.test_document_type.pk, + }, data={'label': TEST_DOCUMENT_TYPE_LABEL_EDITED} + ) + + def _request_test_document_type_api_put_view(self): + return self.put( + viewname='rest_api:documenttype-detail', kwargs={ + 'pk': self.test_document_type.pk, + }, data={'label': TEST_DOCUMENT_TYPE_LABEL_EDITED} + ) + + +class DocumentTypeAPIViewTestCase( + DocumentTypeAPIViewTestMixin, DocumentTestMixin, BaseAPITestCase +): + auto_upload_document = False + auto_create_document_type = False + + def test_document_type_api_create_view_no_permission(self): + response = self._request_test_document_type_api_create_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(DocumentType.objects.all().count(), 0) - def test_document_type_create_with_permission(self): + def test_document_type_api_create_view_with_permission(self): self.grant_permission(permission=permission_document_type_create) - response = self._request_test_document_type_create_view() + response = self._request_test_document_type_api_create_view() self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertEqual(DocumentType.objects.all().count(), 1) @@ -57,84 +82,15 @@ class DocumentTypeAPITestCase(DocumentTestMixin, BaseAPITestCase): DocumentType.objects.all().first().label, TEST_DOCUMENT_TYPE_LABEL ) - def _request_document_type_patch(self): - return self.patch( - viewname='rest_api:documenttype-detail', kwargs={ - 'pk': self.test_document_type.pk, - }, data={'label': TEST_DOCUMENT_TYPE_LABEL_EDITED} - ) - - def test_document_type_edit_via_patch_no_permission(self): + def test_document_type_api_delete_view_no_permission(self): self.test_document_type = DocumentType.objects.create( label=TEST_DOCUMENT_TYPE_LABEL ) - response = self._request_document_type_patch() + response = self._request_test_document_type_api_delete_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_type_edit_via_patch_with_access(self): - self.test_document_type = DocumentType.objects.create( - label=TEST_DOCUMENT_TYPE_LABEL - ) - self.grant_access( - obj=self.test_document_type, - permission=permission_document_type_edit - ) - - response = self._request_document_type_put() - self.assertEqual(response.status_code, status.HTTP_200_OK) - - self.test_document_type.refresh_from_db() - self.assertEqual( - self.test_document_type.label, TEST_DOCUMENT_TYPE_LABEL_EDITED - ) - - def _request_document_type_put(self): - return self.put( - viewname='rest_api:documenttype-detail', kwargs={ - 'pk': self.test_document_type.pk, - }, data={'label': TEST_DOCUMENT_TYPE_LABEL_EDITED} - ) - - def test_document_type_edit_via_put_no_permission(self): - self._create_document_type() - - response = self._request_document_type_put() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_document_type_edit_via_put_with_access(self): - self.test_document_type = DocumentType.objects.create( - label=TEST_DOCUMENT_TYPE_LABEL - ) - self.grant_access( - obj=self.test_document_type, - permission=permission_document_type_edit - ) - - response = self._request_document_type_put() - self.assertEqual(response.status_code, status.HTTP_200_OK) - - self.test_document_type.refresh_from_db() - self.assertEqual( - self.test_document_type.label, TEST_DOCUMENT_TYPE_LABEL_EDITED - ) - - def _request_test_document_type_delete_view(self): - return self.delete( - viewname='rest_api:documenttype-detail', kwargs={ - 'pk': self.test_document_type.pk, - } - ) - - def test_document_type_delete_no_permission(self): - self.test_document_type = DocumentType.objects.create( - label=TEST_DOCUMENT_TYPE_LABEL - ) - - response = self._request_test_document_type_delete_view() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_document_type_delete_with_access(self): + def test_document_type_api_delete_view_with_access(self): self.expected_content_type = None self.test_document_type = DocumentType.objects.create( label=TEST_DOCUMENT_TYPE_LABEL @@ -144,16 +100,69 @@ class DocumentTypeAPITestCase(DocumentTestMixin, BaseAPITestCase): permission=permission_document_type_delete ) - response = self._request_test_document_type_delete_view() + response = self._request_test_document_type_api_delete_view() self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(DocumentType.objects.all().count(), 0) + def test_document_type_api_edit_via_patch_view_no_permission(self): + self.test_document_type = DocumentType.objects.create( + label=TEST_DOCUMENT_TYPE_LABEL + ) -class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): - auto_upload_document = False + response = self._request_test_document_type_api_patch_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def _request_document_upload(self): + def test_document_type_api_edit_via_patch_view_with_access(self): + self.test_document_type = DocumentType.objects.create( + label=TEST_DOCUMENT_TYPE_LABEL + ) + self.grant_access( + obj=self.test_document_type, + permission=permission_document_type_edit + ) + + response = self._request_test_document_type_api_put_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + self.test_document_type.refresh_from_db() + self.assertEqual( + self.test_document_type.label, TEST_DOCUMENT_TYPE_LABEL_EDITED + ) + + def test_document_type_api_edit_via_put_view_no_permission(self): + self._create_document_type() + + response = self._request_test_document_type_api_put_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_document_type_api_edit_via_put_view_with_access(self): + self.test_document_type = DocumentType.objects.create( + label=TEST_DOCUMENT_TYPE_LABEL + ) + self.grant_access( + obj=self.test_document_type, + permission=permission_document_type_edit + ) + + response = self._request_test_document_type_api_put_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + self.test_document_type.refresh_from_db() + self.assertEqual( + self.test_document_type.label, TEST_DOCUMENT_TYPE_LABEL_EDITED + ) + + +class DocumentAPIViewTestMixin(object): + def _request_test_document_api_download_view(self): + return self.get( + viewname='rest_api:document-download', kwargs={ + 'pk': self.test_document.pk + } + ) + + def _request_test_document_api_upload_view(self): with open(TEST_DOCUMENT_PATH, mode='rb') as file_descriptor: return self.post( viewname='rest_api:document-list', data={ @@ -162,16 +171,60 @@ class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): } ) - def test_document_upload_no_permission(self): - response = self._request_document_upload() + def _request_test_document_description_api_edit_via_patch_view(self): + return self.patch( + viewname='rest_api:document-detail', kwargs={ + 'pk': self.test_document.pk + }, data={'description': TEST_DOCUMENT_DESCRIPTION_EDITED} + ) + + def _request_test_document_description_api_edit_via_put_view(self): + return self.put( + viewname='rest_api:document-detail', kwargs={ + 'pk': self.test_document.pk + }, data={'description': TEST_DOCUMENT_DESCRIPTION_EDITED} + ) + + +class DocumentAPIViewTestCase( + DocumentAPIViewTestMixin, DocumentTestMixin, BaseAPITestCase +): + auto_upload_document = False + + def test_document_api_download_view_no_permission(self): + self.upload_document() + + response = self._request_test_document_api_download_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_upload_with_access(self): + def test_document_api_download_view_with_access(self): + self.upload_document() + self.grant_access( + obj=self.test_document, permission=permission_document_download + ) + + response = self._request_test_document_api_download_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + with self.test_document.open() as file_object: + assert_download_response( + self, response, content=file_object.read(), + basename=TEST_SMALL_DOCUMENT_FILENAME, + mime_type='{}; charset=utf-8'.format( + self.test_document.file_mimetype + ) + ) + + def test_document_api_upload_view_no_permission(self): + response = self._request_test_document_api_upload_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_document_api_upload_view_with_access(self): self.grant_access( obj=self.test_document_type, permission=permission_document_create ) - response = self._request_document_upload() + response = self._request_test_document_api_upload_view() self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertEqual(Document.objects.count(), 1) @@ -202,8 +255,93 @@ class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): ) self.assertEqual(document.page_count, 47) - def _request_document_new_version_upload(self): - # Artifical delay since MySQL doesn't store microsecond data in + def test_document_description_api_edit_via_patch_view_no_permission(self): + self.upload_document() + + response = self._request_test_document_description_api_edit_via_patch_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_document_description_api_edit_via_patch_view_with_access(self): + self.upload_document() + self.grant_access( + obj=self.test_document, + permission=permission_document_properties_edit + ) + + response = self._request_test_document_description_api_edit_via_patch_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + self.test_document.refresh_from_db() + self.assertEqual( + self.test_document.description, + TEST_DOCUMENT_DESCRIPTION_EDITED + ) + + def test_document_description_api_edit_via_put_view_no_permission(self): + self.upload_document() + + response = self._request_test_document_description_api_edit_via_put_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_document_description_api_edit_via_put_view_with_access(self): + self.upload_document() + self.grant_access( + obj=self.test_document, + permission=permission_document_properties_edit + ) + + response = self._request_test_document_description_api_edit_via_put_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + self.test_document.refresh_from_db() + self.assertEqual( + self.test_document.description, + TEST_DOCUMENT_DESCRIPTION_EDITED + ) + + +class DocumentVersionAPIViewTestMixin(object): + def _request_test_document_version_api_download_view(self): + return self.get( + viewname='rest_api:documentversion-download', kwargs={ + 'pk': self.test_document.pk, + 'version_pk': self.test_document.latest_version.pk, + } + ) + + def _request_test_document_version_api_edit_via_patch_view(self): + return self.patch( + viewname='rest_api:documentversion-detail', kwargs={ + 'pk': self.test_document.pk, + 'version_pk': self.test_document.latest_version.pk + }, data={'comment': TEST_DOCUMENT_VERSION_COMMENT_EDITED} + ) + + def _request_test_document_version_api_edit_via_put_view(self): + return self.put( + viewname='rest_api:documentversion-detail', kwargs={ + 'pk': self.test_document.pk, + 'version_pk': self.test_document.latest_version.pk + }, data={'comment': TEST_DOCUMENT_VERSION_COMMENT_EDITED} + ) + + def _request_test_document_version_api_list_view(self): + return self.get( + viewname='rest_api:document-version-list', kwargs={ + 'pk': self.test_document.pk + } + ) + + def _request_test_document_version_api_revert_view(self): + return self.delete( + viewname='rest_api:documentversion-detail', kwargs={ + 'pk': self.test_document.pk, + 'version_pk': self.test_document.latest_version.pk + } + ) + + def _request_test_document_version_api_upload_view(self): + # Artificial delay since MySQL doesn't store microsecond data in # timestamps. Version timestamp is used to determine which version # is the latest. time.sleep(1) @@ -217,152 +355,26 @@ class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): } ) - def test_document_new_version_upload_no_permission(self): + +class DocumentVersionAPIViewTestCase( + DocumentVersionAPIViewTestMixin, DocumentTestMixin, + DocumentVersionTestMixin, BaseAPITestCase +): + auto_upload_document = False + + def test_document_version_api_download_view_no_permission(self): self.upload_document() - response = self._request_document_new_version_upload() + response = self._request_test_document_version_api_download_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_new_version_upload_with_access(self): - self.upload_document() - self.grant_access( - obj=self.test_document, permission=permission_document_new_version - ) - - response = self._request_document_new_version_upload() - self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED) - - self.assertEqual(self.test_document.versions.count(), 2) - self.assertEqual(self.test_document.exists(), True) - self.assertEqual(self.test_document.size, 272213) - self.assertEqual(self.test_document.file_mimetype, 'application/pdf') - self.assertEqual(self.test_document.file_mime_encoding, 'binary') - self.assertEqual( - self.test_document.checksum, - 'c637ffab6b8bb026ed3784afdb07663fddc60099853fae2be93890852a69ecf3' - ) - self.assertEqual(self.test_document.page_count, 47) - - def _create_new_version(self): - # Needed by MySQL as milliseconds value is not store in timestamp field - time.sleep(1) - - with open(TEST_DOCUMENT_PATH, mode='rb') as file_object: - self.test_document.new_version(file_object=file_object) - - def _request_document_version_revert(self): - return self.delete( - viewname='rest_api:documentversion-detail', kwargs={ - 'pk': self.test_document.pk, - 'version_pk': self.test_document.latest_version.pk - } - ) - - def test_document_version_revert_no_permission(self): - self.upload_document() - self._create_new_version() - - response = self._request_document_version_revert() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_document_version_revert_with_access(self): - self.upload_document() - self._create_new_version() - self.grant_access( - obj=self.test_document, - permission=permission_document_version_revert - ) - - response = self._request_document_version_revert() - self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) - - self.assertEqual(self.test_document.versions.count(), 1) - self.assertEqual( - self.test_document.versions.first(), self.test_document.latest_version - ) - - def _request_document_version_list(self): - return self.get( - viewname='rest_api:document-version-list', kwargs={ - 'pk': self.test_document.pk - } - ) - - def test_document_version_list_no_permission(self): - self.upload_document() - self._create_new_version() - - response = self._request_document_version_list() - self.assertEqual(response.status_code, status.HTTP_200_OK) - - self.assertEqual(response.data['count'], 0) - - def test_document_version_list_with_access(self): - self.upload_document() - self._create_new_version() - self.grant_access( - obj=self.test_document, permission=permission_document_version_view - ) - response = self._request_document_version_list() - self.assertEqual(response.status_code, status.HTTP_200_OK) - - self.assertEqual( - response.data['results'][1]['checksum'], - self.test_document.latest_version.checksum - ) - - def _request_document_download(self): - return self.get( - viewname='rest_api:document-download', kwargs={ - 'pk': self.test_document.pk - } - ) - - def test_document_download_no_permission(self): - self.upload_document() - - response = self._request_document_download() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_document_download_with_access(self): + def test_document_version_api_download_view_with_access(self): self.upload_document() self.grant_access( obj=self.test_document, permission=permission_document_download ) - response = self._request_document_download() - self.assertEqual(response.status_code, status.HTTP_200_OK) - - with self.test_document.open() as file_object: - assert_download_response( - self, response, content=file_object.read(), - basename=TEST_SMALL_DOCUMENT_FILENAME, - mime_type='{}; charset=utf-8'.format( - self.test_document.file_mimetype - ) - ) - - def _request_document_version_download(self): - return self.get( - viewname='rest_api:documentversion-download', kwargs={ - 'pk': self.test_document.pk, - 'version_pk': self.test_document.latest_version.pk, - } - ) - - def test_document_version_download_no_permission(self): - self.upload_document() - - response = self._request_document_version_download() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_document_version_download_with_access(self): - self.upload_document() - self.grant_access( - obj=self.test_document, permission=permission_document_download - ) - - response = self._request_document_version_download() + response = self._request_test_document_version_api_download_view() self.assertEqual(response.status_code, status.HTTP_200_OK) with self.test_document.latest_version.open() as file_object: @@ -374,7 +386,7 @@ class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): ) ) - def test_document_version_download_preserve_extension(self): + def test_document_version_api_download_preserve_extension_view(self): self.upload_document() self.grant_access( obj=self.test_document, permission=permission_document_download @@ -397,26 +409,42 @@ class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): ) ) - def _request_document_version_edit_via_patch(self): - return self.patch( - viewname='rest_api:documentversion-detail', kwargs={ - 'pk': self.test_document.pk, - 'version_pk': self.test_document.latest_version.pk - }, data={'comment': TEST_DOCUMENT_VERSION_COMMENT_EDITED} + def test_document_version_api_list_view_no_permission(self): + self.upload_document() + self._upload_new_version() + + response = self._request_test_document_version_api_list_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + self.assertEqual(response.data['count'], 0) + + def test_document_version_api_list_view_with_access(self): + self.upload_document() + self._upload_new_version() + + self.grant_access( + obj=self.test_document, permission=permission_document_version_view + ) + response = self._request_test_document_version_api_list_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + self.assertEqual( + response.data['results'][1]['checksum'], + self.test_document.latest_version.checksum ) - def test_document_version_edit_via_patch_no_permission(self): + def test_document_version_api_edit_via_patch_view_no_permission(self): self.upload_document() - response = self._request_document_version_edit_via_patch() + response = self._request_test_document_version_api_edit_via_patch_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_version_edit_via_patch_with_access(self): + def test_document_version_api_edit_via_patch_view_with_access(self): self.upload_document() self.grant_access( obj=self.test_document, permission=permission_document_edit ) - response = self._request_document_version_edit_via_patch() + response = self._request_test_document_version_api_edit_via_patch_view() self.assertEqual(response.status_code, status.HTTP_200_OK) self.test_document.latest_version.refresh_from_db() self.assertEqual(self.test_document.versions.count(), 1) @@ -425,27 +453,19 @@ class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): TEST_DOCUMENT_VERSION_COMMENT_EDITED ) - def _request_document_version_edit_via_put(self): - return self.put( - viewname='rest_api:documentversion-detail', kwargs={ - 'pk': self.test_document.pk, - 'version_pk': self.test_document.latest_version.pk - }, data={'comment': TEST_DOCUMENT_VERSION_COMMENT_EDITED} - ) - - def test_document_version_edit_via_put_no_permission(self): + def test_document_version_api_edit_via_put_view_no_permission(self): self.upload_document() - response = self._request_document_version_edit_via_put() + response = self._request_test_document_version_api_edit_via_put_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_version_edit_via_put_with_access(self): + def test_document_version_api_edit_via_put_view_with_access(self): self.upload_document() self.grant_access( obj=self.test_document, permission=permission_document_edit ) - response = self._request_document_version_edit_via_put() + response = self._request_test_document_version_api_edit_via_put_view() self.assertEqual(response.status_code, status.HTTP_200_OK) self.test_document.latest_version.refresh_from_db() @@ -455,66 +475,57 @@ class DocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): TEST_DOCUMENT_VERSION_COMMENT_EDITED ) - def _request_document_description_edit_via_patch(self): - return self.patch( - viewname='rest_api:document-detail', kwargs={ - 'pk': self.test_document.pk - }, data={'description': TEST_DOCUMENT_DESCRIPTION_EDITED} - ) - - def test_document_description_edit_via_patch_no_permission(self): + def test_document_version_api_revert_view_no_permission(self): self.upload_document() + self._upload_new_version() - response = self._request_document_description_edit_via_patch() + response = self._request_test_document_version_api_revert_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_description_edit_via_patch_with_access(self): + def test_document_version_api_revert_view_with_access(self): self.upload_document() + self._upload_new_version() self.grant_access( obj=self.test_document, - permission=permission_document_properties_edit + permission=permission_document_version_revert ) - response = self._request_document_description_edit_via_patch() - self.assertEqual(response.status_code, status.HTTP_200_OK) + response = self._request_test_document_version_api_revert_view() + self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) - self.test_document.refresh_from_db() + self.assertEqual(self.test_document.versions.count(), 1) self.assertEqual( - self.test_document.description, - TEST_DOCUMENT_DESCRIPTION_EDITED + self.test_document.versions.first(), self.test_document.latest_version ) - def _request_document_description_edit_via_put(self): - return self.put( - viewname='rest_api:document-detail', kwargs={ - 'pk': self.test_document.pk - }, data={'description': TEST_DOCUMENT_DESCRIPTION_EDITED} - ) - - def test_document_description_edit_via_put_no_permission(self): + def test_document_version_api_upload_view_no_permission(self): self.upload_document() - response = self._request_document_description_edit_via_put() + response = self._request_test_document_version_api_upload_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_description_edit_via_put_with_access(self): + def test_document_version_api_upload_view_with_access(self): self.upload_document() self.grant_access( - obj=self.test_document, - permission=permission_document_properties_edit + obj=self.test_document, permission=permission_document_new_version ) - response = self._request_document_description_edit_via_put() - self.assertEqual(response.status_code, status.HTTP_200_OK) + response = self._request_test_document_version_api_upload_view() + self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED) - self.test_document.refresh_from_db() + self.assertEqual(self.test_document.versions.count(), 2) + self.assertEqual(self.test_document.exists(), True) + self.assertEqual(self.test_document.size, 272213) + self.assertEqual(self.test_document.file_mimetype, 'application/pdf') + self.assertEqual(self.test_document.file_mime_encoding, 'binary') self.assertEqual( - self.test_document.description, - TEST_DOCUMENT_DESCRIPTION_EDITED + self.test_document.checksum, + 'c637ffab6b8bb026ed3784afdb07663fddc60099853fae2be93890852a69ecf3' ) + self.assertEqual(self.test_document.page_count, 47) -class DocumentPageAPITestCase(DocumentTestMixin, BaseAPITestCase): +class DocumentPageAPIViewTestMixin(object): def _request_document_page_image(self): page = self.test_document.pages.first() return self.get( @@ -524,11 +535,15 @@ class DocumentPageAPITestCase(DocumentTestMixin, BaseAPITestCase): } ) - def test_document_page_image_view_no_access(self): + +class DocumentPageAPIViewTestCase( + DocumentPageAPIViewTestMixin, DocumentTestMixin, BaseAPITestCase +): + def test_document_page_api_image_view_no_access(self): response = self._request_document_page_image() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - def test_document_page_image_view_with_access(self): + def test_document_page_api_image_view_with_access(self): self.grant_access( obj=self.test_document, permission=permission_document_view ) @@ -537,97 +552,29 @@ class DocumentPageAPITestCase(DocumentTestMixin, BaseAPITestCase): self.assertEqual(response.status_code, status.HTTP_200_OK) -class TrashedDocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): - auto_upload_document = False - - def _request_document_move_to_trash(self): +class TrashedDocumentAPIViewTestMixin(object): + def _request_test_document_api_trash_view(self): return self.delete( viewname='rest_api:document-detail', kwargs={ 'pk': self.test_document.pk } ) - def test_document_move_to_trash_no_permission(self): - self.upload_document() - - response = self._request_document_move_to_trash() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_document_move_to_trash_with_access(self): - self.expected_content_type = None - - self.upload_document() - self.grant_access( - obj=self.test_document, permission=permission_document_trash - ) - - response = self._request_document_move_to_trash() - self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) - - self.assertEqual(Document.objects.count(), 0) - self.assertEqual(Document.trash.count(), 1) - - def _request_trashed_document_delete_view(self): + def _request_test_trashed_document_api_delete_view(self): return self.delete( viewname='rest_api:trasheddocument-detail', kwargs={ 'pk': self.test_document.pk } ) - def test_trashed_document_delete_from_trash_no_access(self): - self.upload_document() - self.test_document.delete() - - response = self._request_trashed_document_delete_view() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - self.assertEqual(Document.objects.count(), 0) - self.assertEqual(Document.trash.count(), 1) - - def test_trashed_document_delete_from_trash_with_access(self): - self.expected_content_type = None - - self.upload_document() - self.test_document.delete() - self.grant_access( - obj=self.test_document, permission=permission_document_delete - ) - - response = self._request_trashed_document_delete_view() - self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) - - self.assertEqual(Document.objects.count(), 0) - self.assertEqual(Document.trash.count(), 0) - - def _request_trashed_document_detail_view(self): + def _request_test_trashed_document_api_detail_view(self): return self.get( viewname='rest_api:trasheddocument-detail', kwargs={ 'pk': self.test_document.pk } ) - def test_trashed_document_detail_view_no_access(self): - self.upload_document() - self.test_document.delete() - - response = self._request_trashed_document_detail_view() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - self.assertFalse('uuid' in response.data) - - def test_trashed_document_detail_view_with_access(self): - self.upload_document() - self.test_document.delete() - self.grant_access( - obj=self.test_document, permission=permission_document_view - ) - - response = self._request_trashed_document_detail_view() - self.assertEqual(response.status_code, status.HTTP_200_OK) - self.assertEqual( - response.data['uuid'], force_text(self.test_document.uuid) - ) - - def _request_trashed_document_image_view(self): + def _request_test_trashed_document_api_image_view(self): latest_version = self.test_document.latest_version return self.get( @@ -638,75 +585,147 @@ class TrashedDocumentAPITestCase(DocumentTestMixin, BaseAPITestCase): } ) - def test_trashed_document_image_view_no_permission(self): - self.upload_document() - self.test_document.delete() - - response = self._request_trashed_document_image_view() - self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) - - def test_trashed_document_image_view_with_access(self): - self.upload_document() - self.test_document.delete() - self.grant_access( - obj=self.test_document, permission=permission_document_view - ) - - response = self._request_trashed_document_image_view() - self.assertEqual(response.status_code, status.HTTP_200_OK) - - def _request_trashed_document_list_view(self): + def _request_test_trashed_document_api_list_view(self): return self.get( viewname='rest_api:trasheddocument-list' ) - def test_trashed_document_list_view_no_access(self): - self.upload_document() - self.test_document.delete() - - response = self._request_trashed_document_list_view() - self.assertEqual(response.status_code, status.HTTP_200_OK) - self.assertEqual(response.data['count'], 0) - - def test_trashed_document_list_view_with_access(self): - self.upload_document() - self.test_document.delete() - self.grant_access( - obj=self.test_document, permission=permission_document_view - ) - - response = self._request_trashed_document_list_view() - self.assertEqual(response.status_code, status.HTTP_200_OK) - self.assertEqual( - response.data['results'][0]['uuid'], - force_text(self.test_document.uuid) - ) - - def _request_trashed_document_restore_view(self): + def _request_test_trashed_document_api_restore_view(self): return self.post( viewname='rest_api:trasheddocument-restore', kwargs={ 'pk': self.test_document.pk } ) - def test_trashed_document_restore_no_access(self): + +class TrashedDocumentAPIViewTestCase( + TrashedDocumentAPIViewTestMixin, DocumentTestMixin, BaseAPITestCase +): + auto_upload_document = False + + def test_document_api_trash_view_no_permission(self): + self.upload_document() + + response = self._request_test_document_api_trash_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_document_api_trash_view_with_access(self): + self.expected_content_type = None + + self.upload_document() + self.grant_access( + obj=self.test_document, permission=permission_document_trash + ) + + response = self._request_test_document_api_trash_view() + self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) + + self.assertEqual(Document.objects.count(), 0) + self.assertEqual(Document.trash.count(), 1) + + def test_trashed_document_api_delete_view_no_access(self): self.upload_document() self.test_document.delete() - response = self._request_trashed_document_restore_view() + response = self._request_test_trashed_document_api_delete_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + self.assertEqual(Document.objects.count(), 0) + self.assertEqual(Document.trash.count(), 1) + + def test_trashed_document_api_delete_view_with_access(self): + self.expected_content_type = None + + self.upload_document() + self.test_document.delete() + self.grant_access( + obj=self.test_document, permission=permission_document_delete + ) + + response = self._request_test_trashed_document_api_delete_view() + self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) + + self.assertEqual(Document.objects.count(), 0) + self.assertEqual(Document.trash.count(), 0) + + def test_trashed_document_api_detail_view_no_access(self): + self.upload_document() + self.test_document.delete() + + response = self._request_test_trashed_document_api_detail_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertFalse('uuid' in response.data) + + def test_trashed_document_api_detail_view_with_access(self): + self.upload_document() + self.test_document.delete() + self.grant_access( + obj=self.test_document, permission=permission_document_view + ) + + response = self._request_test_trashed_document_api_detail_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + self.assertEqual( + response.data['uuid'], force_text(self.test_document.uuid) + ) + + def test_trashed_document_api_image_view_no_permission(self): + self.upload_document() + self.test_document.delete() + + response = self._request_test_trashed_document_api_image_view() + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + def test_trashed_document_api_image_view_with_access(self): + self.upload_document() + self.test_document.delete() + self.grant_access( + obj=self.test_document, permission=permission_document_view + ) + + response = self._request_test_trashed_document_api_image_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + + def test_trashed_document_api_list_view_no_access(self): + self.upload_document() + self.test_document.delete() + + response = self._request_test_trashed_document_api_list_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + self.assertEqual(response.data['count'], 0) + + def test_trashed_document_api_list_view_with_access(self): + self.upload_document() + self.test_document.delete() + self.grant_access( + obj=self.test_document, permission=permission_document_view + ) + + response = self._request_test_trashed_document_api_list_view() + self.assertEqual(response.status_code, status.HTTP_200_OK) + self.assertEqual( + response.data['results'][0]['uuid'], + force_text(self.test_document.uuid) + ) + + def test_trashed_document_api_restore_view_no_access(self): + self.upload_document() + self.test_document.delete() + + response = self._request_test_trashed_document_api_restore_view() self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(Document.trash.count(), 1) self.assertEqual(Document.objects.count(), 0) - def test_trashed_document_restore_with_access(self): + def test_trashed_document_api_restore_view_with_access(self): self.upload_document() self.test_document.delete() self.grant_access( obj=self.test_document, permission=permission_document_restore ) - response = self._request_trashed_document_restore_view() + response = self._request_test_trashed_document_api_restore_view() self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(Document.trash.count(), 0)