matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
master
mayan-edms/mayan/apps/checkouts/tests/test_api.py

180 lines
6.5 KiB
Python
Raw Permalink Blame History

from __future__ import unicode_literals
from django.utils.encoding import force_text
from rest_framework import status
from mayan.apps.documents.permissions import permission_document_view
from mayan.apps.documents.tests.mixins import DocumentTestMixin
from mayan.apps.rest_api.tests.base import BaseAPITestCase
from ..permissions import (
permission_document_check_in, permission_document_check_in_override,
permission_document_check_out, permission_document_check_out_detail_view
)
from .mixins import (
DocumentCheckoutsAPIViewTestMixin, DocumentCheckoutTestMixin
)
class CheckoutsAPITestCase(
DocumentCheckoutsAPIViewTestMixin, DocumentCheckoutTestMixin,
DocumentTestMixin, BaseAPITestCase
):
def test_document_check_out_create_api_view_no_permission(self):
response = self._request_test_document_check_out_create_api_view()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertFalse(self.test_document.is_checked_out())
def test_document_check_out_create_api_view_with_access(self):
self.grant_access(
obj=self.test_document, permission=permission_document_check_out
)
response = self._request_test_document_check_out_create_api_view()
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertTrue(self.test_document.is_checked_out())
def test_document_check_out_delete_api_view_no_permission(self):
self._check_out_test_document()
response = self._request_test_document_check_out_delete_api_view()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertTrue(self.test_document.is_checked_out())
def test_document_check_out_delete_api_view_with_access(self):
self._check_out_test_document()
self.grant_access(
obj=self.test_document, permission=permission_document_check_in
)
response = self._request_test_document_check_out_delete_api_view()
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertFalse(self.test_document.is_checked_out())
def test_document_check_in_forcefull_api_view_no_permission(self):
self._create_test_user()
self._check_out_test_document(user=self.test_user)
self.grant_access(
obj=self.test_document, permission=permission_document_check_in
)
response = self._request_test_document_check_out_delete_api_view()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertTrue(self.test_document.is_checked_out())
def test_document_check_in_forcefull_api_view_with_access(self):
self._create_test_user()
self._check_out_test_document(user=self.test_user)
self.grant_access(
obj=self.test_document,
permission=permission_document_check_in_override
)
response = self._request_test_document_check_out_delete_api_view()
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertFalse(self.test_document.is_checked_out())
def test_document_check_out_detail_api_view_no_permission(self):
self._check_out_test_document()
response = self._request_test_document_check_out_detail_api_view()
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_document_check_out_detail_api_view_with_check_out_detail_access(self):
self._check_out_test_document()
self.grant_access(
obj=self.test_document,
permission=permission_document_check_out_detail_view
)
response = self._request_test_document_check_out_detail_api_view()
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_document_check_out_detail_api_view_with_document_access(self):
self._check_out_test_document()
self.grant_access(
obj=self.test_document, permission=permission_document_view
)
response = self._request_test_document_check_out_detail_api_view()
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_document_check_out_detail_api_view_with_full_access(self):
self._check_out_test_document()
self.grant_access(
obj=self.test_document, permission=permission_document_view
)
self.grant_access(
obj=self.test_document,
permission=permission_document_check_out_detail_view
)
response = self._request_test_document_check_out_detail_api_view()
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data['document']['uuid'],
force_text(self.test_document.uuid)
)
def test_document_check_out_list_api_view_no_permission(self):
self._check_out_test_document()
response = self._request_test_document_check_out_list_api_view()
self.assertNotContains(
response=response, text=self.test_document.uuid,
status_code=status.HTTP_200_OK
)
def test_document_check_out_list_api_view_with_document_access(self):
self._check_out_test_document()
self.grant_access(
permission=permission_document_view, obj=self.test_document
)
response = self._request_test_document_check_out_list_api_view()
self.assertNotContains(
response=response, text=self.test_document.uuid,
status_code=status.HTTP_200_OK
)
def test_document_check_out_list_api_view_with_check_out_detail_access(self):
self._check_out_test_document()
self.grant_access(
obj=self.test_document,
permission=permission_document_check_out_detail_view
)
response = self._request_test_document_check_out_list_api_view()
self.assertNotContains(
response=response, text=self.test_document.uuid,
status_code=status.HTTP_200_OK
)
def test_document_check_out_list_api_view_with_full_access(self):
self._check_out_test_document()
self.grant_access(
permission=permission_document_view, obj=self.test_document
)
self.grant_access(
obj=self.test_document,
permission=permission_document_check_out_detail_view
)
response = self._request_test_document_check_out_list_api_view()
self.assertContains(
response=response, text=self.test_document.uuid,
status_code=status.HTTP_200_OK
)
Reference in New Issue View Git Blame Copy Permalink