matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
79742e82f950589cee6216d3d4e8be0317a7ec9d
mayan-edms/mayan/apps/permissions/tests/test_api.py
Roberto Rosario b53c026877 Sort arguments and imports 
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
2019-01-14 00:03:26 -04:00

254 lines
9.4 KiB
Python
Raw Blame History

from __future__ import unicode_literals
from django.contrib.auth.models import Group
from rest_framework import status
from mayan.apps.rest_api.tests import BaseAPITestCase
from mayan.apps.user_management.tests.literals import TEST_GROUP_NAME
from ..classes import Permission
from ..models import Role
from ..permissions import (
permission_role_create, permission_role_delete, permission_role_edit,
permission_role_view
)
from .literals import TEST_ROLE_LABEL, TEST_ROLE_LABEL_EDITED
from .mixins import RoleTestMixin
class PermissionAPITestCase(RoleTestMixin, BaseAPITestCase):
def test_permissions_list_view(self):
response = self.get(viewname='rest_api:permission-list')
self.assertEqual(response.status_code, status.HTTP_200_OK)
# Role view
def test_roles_list_view_no_access(self):
response = self.get(viewname='rest_api:role-list')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data['count'], 0)
def test_roles_list_view_with_access(self):
self.grant_access(
permission=permission_role_view, obj=self.test_role
)
response = self.get(viewname='rest_api:role-list')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data['count'], 1)
self.assertEqual(response.data['results'][0]['label'], self.test_role.label)
# Role create
def _role_create_request(self, extra_data=None):
data = {
'label': TEST_ROLE_LABEL
}
if extra_data:
data.update(extra_data)
return self.post(
viewname='rest_api:role-list', data=data
)
def test_role_create_view_no_permission(self):
response = self._role_create_request()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(Role.objects.count(), 1)
def test_role_create_view_with_permission(self):
self.grant_permission(permission=permission_role_create)
response = self._role_create_request()
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
role = Role.objects.get(label=TEST_ROLE_LABEL)
self.assertEqual(response.data, {'label': role.label, 'id': role.pk})
self.assertEqual(Role.objects.count(), 2)
self.assertEqual(role.label, TEST_ROLE_LABEL)
#def _create_group(self):
# self.test_group = Group.objects.create(name=TEST_GROUP_NAME)
def _request_role_create_with_extra_data(self):
self._create_group()
return self._role_create_request(
extra_data={
'groups_pk_list': '{}'.format(self.test_group.pk),
'permissions_pk_list': '{}'.format(permission_role_view.pk)
}
)
def test_role_create_complex_view_no_permission(self):
response = self._request_role_create_with_extra_data()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(Role.objects.count(), 1)
self.assertEqual(
list(Role.objects.values_list('label', flat=True)),
[TEST_ROLE_LABEL]
)
def test_role_create_complex_view_with_permission(self):
self.grant_permission(permission=permission_role_create)
response = self._request_role_create_with_extra_data()
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(Role.objects.count(), 2)
role = Role.objects.get(label=TEST_ROLE_2_LABEL)
self.assertEqual(role.label, TEST_ROLE_2_LABEL)
self.assertQuerysetEqual(
role.groups.all(), (repr(self.test_group),)
)
self.assertQuerysetEqual(
role.permissions.all(),
(repr(permission_role_view.stored_permission),)
)
# Role edit
def _request_role_edit(self, extra_data=None, request_type='patch'):
data = {
'label': TEST_ROLE_LABEL_EDITED
}
if extra_data:
data.update(extra_data)
return getattr(self, request_type)(
viewname='rest_api:role-detail', kwargs={'role_id': self.test_role.pk},
data=data
)
def test_role_edit_via_patch_no_access(self):
self._create_test_role()
response = self._request_role_edit(request_type='patch')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL)
def test_role_edit_via_patch_with_access(self):
self._create_test_role()
self.grant_access(permission=permission_role_edit, obj=self.test_role)
response = self._request_role_edit(request_type='patch')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL_EDITED)
def _request_role_edit_via_patch_with_extra_data(self):
self._create_test_role()
self._create_group()
return self._request_role_edit(
extra_data={
'groups_pk_list': '{}'.format(self.test_group.pk),
'permissions_pk_list': '{}'.format(permission_role_view.pk)
},
request_type='patch'
)
def test_role_edit_complex_via_patch_no_access(self):
self._create_test_role()
response = self._request_role_edit_via_patch_with_extra_data()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL)
self.assertQuerysetEqual(
self.test_role.groups.all(), (repr(self.group),)
)
self.assertQuerysetEqual(self.test_role.permissions.all(), ())
def test_role_edit_complex_via_patch_with_access(self):
self._create_test_role()
self.grant_access(permission=permission_role_edit, obj=self.test_role)
response = self._request_role_edit_via_patch_with_extra_data()
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL_EDITED)
self.assertQuerysetEqual(
self.test_role.groups.all(), (repr(self.test_group),)
)
self.assertQuerysetEqual(
self.test_role.permissions.all(),
(repr(permission_role_view.stored_permission),)
)
def test_role_edit_via_put_no_access(self):
self._create_test_role()
response = self._request_role_edit(request_type='put')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL)
def test_role_edit_via_put_with_access(self):
self._create_test_role()
self.grant_access(permission=permission_role_edit, obj=self.test_role)
response = self._request_role_edit(request_type='put')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL_EDITED)
def _request_role_edit_via_put_with_extra_data(self):
self._create_test_role()
self._create_group()
return self._request_role_edit(
extra_data={
'groups_pk_list': '{}'.format(self.test_group.pk),
'permissions_pk_list': '{}'.format(permission_role_view.pk)
}, request_type='put'
)
def test_role_edit_complex_via_put_no_access(self):
self._create_test_role()
response = self._request_role_edit_via_put_with_extra_data()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL)
self.assertQuerysetEqual(
self.test_role.groups.all(), (repr(self.group),)
)
self.assertQuerysetEqual(
self.test_role.permissions.all(),
()
)
def test_role_edit_complex_via_put_with_access(self):
self._create_test_role()
self.grant_access(permission=permission_role_edit, obj=self.test_role)
response = self._request_role_edit_via_put_with_extra_data()
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.test_role.refresh_from_db()
self.assertEqual(self.test_role.label, TEST_ROLE_LABEL_EDITED)
self.assertQuerysetEqual(
self.test_role.groups.all(), (repr(self.test_group),)
)
self.assertQuerysetEqual(
self.test_role.permissions.all(),
(repr(permission_role_view.stored_permission),)
)
# Role delete
def _request_role_delete_view(self):
return self.delete(
viewname='rest_api:role-detail',
kwargs={'role_id': self.test_role.pk}
)
def test_role_delete_view_no_access(self):
response = self._request_role_delete_view()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(Role.objects.count(), 1)
def test_role_delete_view_with_access(self):
self.grant_access(permission=permission_role_delete, obj=self.test_role)
response = self._request_role_delete_view()
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(Role.objects.count(), 0)
Reference in New Issue View Git Blame Copy Permalink