GroupMemberPermissionTests.test_rank_too_high_rank() - Code Metrics - Inspection of "Merge pull request #22 from ProjetSigma/new_routes..." - ProjetSigma/backend - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( db2fb9...108c7a )

by Camille

created 2016-02-02 15:03 UTC

test_rank_too_high_rank() A

↳ Parent: GroupMemberPermissionTests

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Metric	Value
cc	1
dl	0
loc	2
rs	10

import json

from django.core import mail

from rest_framework import status
from rest_framework.test import APITestCase

from sigma_core.models.user import User
from sigma_core.models.group import Group
from sigma_core.models.group_member import GroupMember
from sigma_core.serializers.user import DetailedUserSerializer as UserSerializer
from sigma_core.tests.factories import UserFactory, AdminUserFactory, GroupFactory, GroupMemberFactory

# Test /rank, /kick
class GroupMemberPermissionTests(APITestCase):
    @classmethod
    def setUpTestData(self):
        super().setUpTestData()
        self.member_rank_url = "/group-member/%d/rank/"
        self.member_url = "/group-member/%d/"
        self.users = UserFactory.create_batch(6)
        self.group = GroupFactory(req_rank_promote=3, req_rank_demote=4, req_rank_kick=5)
        self.mships = [
            None,
            GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=1),
            GroupMemberFactory(user=self.users[2], group=self.group, perm_rank=2),
            GroupMemberFactory(user=self.users[3], group=self.group, perm_rank=3),
            GroupMemberFactory(user=self.users[4], group=self.group, perm_rank=4),
            GroupMemberFactory(user=self.users[5], group=self.group, perm_rank=5)
        ]

    def try_rank(self, userId, targetId, newPermRank, expectedHttpResponseCode):
        """
        This function attempts to set $targetId membership rank to $newPermRank
        using $userId permissions
        PUT /group-member/{targetId}/rank with perm_rank=newPermRank
        """
        if userId >= 0:
            self.client.force_authenticate(user=self.users[userId])
        response = self.client.put(self.member_rank_url % (self.mships[targetId].id), {"perm_rank": newPermRank})
        self.assertEqual(response.status_code, expectedHttpResponseCode)

    def try_delete(self, userId, targetId, expectedHttpResponseCode):
        """
        This function attempts to remove $targetId membership from Group
        using $userId permissions
        DELETE /group-member/{targetId}/
        """
        if userId >= 0:
            self.client.force_authenticate(user=self.users[userId])
        response = self.client.delete(self.member_url % targetId)
        self.assertEqual(response.status_code, expectedHttpResponseCode)

    # /rank
    def test_rank_not_authed(self):
        self.try_rank(-1, 1, 4, status.HTTP_401_UNAUTHORIZED)

    def test_rank_not_group_member(self):
        self.try_rank(0, 1, 4, status.HTTP_404_NOT_FOUND)

    def test_rank_demote_no_permission(self):
        self.try_rank(1, 2, 1, status.HTTP_403_FORBIDDEN)

    def test_rank_demote_no_permission2(self):
        self.try_rank(3, 2, 1, status.HTTP_403_FORBIDDEN)
        self.assertEqual(GroupMember.objects.get(pk=self.mships[2].id).perm_rank, 2)

    def test_rank_promote_no_permission(self):
        self.try_rank(1, 1, 2, status.HTTP_403_FORBIDDEN)

    def test_rank_no_rank_change(self):
        self.try_rank(5, 1, 1, status.HTTP_400_BAD_REQUEST)

    def test_rank_not_a_number(self):
        self.try_rank(5, 1, "hi!", status.HTTP_400_BAD_REQUEST)

    def test_rank_set_rank_to_zero(self):
        self.try_rank(5, 1, 0, status.HTTP_400_BAD_REQUEST)

    def test_rank_bad_rank(self):
        self.try_rank(5, 1, -1, status.HTTP_400_BAD_REQUEST)
        self.try_rank(5, 1, Group.ADMINISTRATOR_RANK + 1, status.HTTP_400_BAD_REQUEST)

    def test_rank_too_high_rank(self):
        self.try_rank(5, 1, 5, status.HTTP_403_FORBIDDEN)

    def test_rank_promote_ok(self):
        self.try_rank(3, 1, 2, status.HTTP_200_OK)
        self.assertEqual(GroupMember.objects.get(pk=self.mships[1].id).perm_rank, 2)

    def test_rank_demote_ok(self):
        self.try_rank(5, 3, 2, status.HTTP_200_OK)
        self.assertEqual(GroupMember.objects.get(pk=self.mships[3].id).perm_rank, 2)

    def test_rank_demote_self_ok(self):
        self.try_rank(3, 3, 2, status.HTTP_200_OK)
        self.assertEqual(GroupMember.objects.get(pk=self.mships[3].id).perm_rank, 2)

    # delete
    def test_delete_not_authed(self):
        self.try_delete(-1, 1, status.HTTP_401_UNAUTHORIZED)

    def test_delete_not_group_member(self):
        self.try_delete(0, 1, status.HTTP_404_NOT_FOUND)

    def test_delete_no_permission(self):
        self.try_delete(3, 2, status.HTTP_403_FORBIDDEN)

    def test_delete_user_not_in_group(self):
        self.try_delete(4, 0, status.HTTP_404_NOT_FOUND)

    def test_delete_self_ok(self):
        self.try_delete(1, 1, status.HTTP_204_NO_CONTENT)
        self.assertFalse(GroupMember.objects.filter(pk=self.mships[1].id).exists())

    def test_delete_ok(self):
        self.try_delete(5, 1, status.HTTP_204_NO_CONTENT)
        self.assertFalse(GroupMember.objects.filter(pk=self.mships[1].id).exists())

class OpenGroupMemberCreationTests(APITestCase):
    @classmethod
    def setUpTestData(self):
        super(APITestCase, self).setUpTestData()

        # Routes
        self.members_url = "/group-member/"
        self.member_url = self.members_url + "%d/"

        # Group open to anyone
        self.group = GroupFactory()
        self.group.default_member_rank = 1
        self.group.save()

        # Users already in group
        self.users = [UserFactory()]
        # Associated GroupMember
        self.group_member1 = GroupMember(user=self.users[0], group=self.group, perm_rank=Group.ADMINISTRATOR_RANK)

        # Testing user
        self.user = UserFactory()

        # Misc
        self.new_membership_data = {"group": self.group.id, "user": self.user.id}

    def test_create_not_authed(self):
        self.client.force_authenticate(user=None)
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_create_not_for_self(self):
        # Attempt to add somebody else to a group
        self.client.force_authenticate(user=self.users[0])
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_create_success(self):
        # Succesful attempt to join an open group
        self.client.force_authenticate(user=self.user)
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
        self.assertEqual(response.data['perm_rank'], self.group.default_member_rank)


class RequestGroupMemberCreationTests(APITestCase):
    @classmethod
    def setUpTestData(self):
        super(APITestCase, self).setUpTestData()

        # Routes
        self.members_url = "/group-member/"
        self.accept_join_requests_url = self.members_url + "%d/accept_join_request/"

        # Group with membership request
        self.group = GroupFactory(default_member_rank=0, req_rank_accept_join_requests=5)

        # Users already in group
        self.users = UserFactory.create_batch(3)
        # Associated GroupMember
        self.group_member1 = GroupMemberFactory(user=self.users[0], group=self.group, perm_rank=Group.ADMINISTRATOR_RANK) # can validate requests
        self.group_member2 = GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=1) # cannot validate requests
        self.group_member3 = GroupMemberFactory(user=self.users[2], group=self.group, perm_rank=0) # request to be validated

        # Testing user
        self.user = UserFactory()

        # Misc
        self.new_membership_data = {"group": self.group.id, "user": self.user.id}

    def test_create_not_authed(self):
        self.client.force_authenticate(user=None)
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_create_success(self):
        # Succesful attempt to request group membership
        self.client.force_authenticate(user=self.user)
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
        self.assertEqual(response.data['perm_rank'], self.group.default_member_rank)

    def test_validate_forbidden(self):
        # Attempt to validate a request but not enough permission
        self.client.force_authenticate(user=self.users[1])
        response = self.client.put(self.accept_join_requests_url % self.group_member3.id)
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_validate_success(self):
        # Succesful attempt to validate a request
        self.client.force_authenticate(user=self.users[0])
        response = self.client.put(self.accept_join_requests_url % self.group_member3.id)
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data['perm_rank'], 1)


class InvitationGroupMemberCreationTests(APITestCase):
    @classmethod
    def setUpTestData(self):
        super(APITestCase, self).setUpTestData()

        # Routes
        self.members_url = "/group-member/"

        # Group with invitation only
        self.group = GroupFactory(req_rank_invite=5, default_member_rank=-1, visibility=Group.VIS_PRIVATE)

        # Testing user
        self.users = UserFactory.create_batch(2)
        self.memberships = [
            None,
            GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=self.group.req_rank_invite)
        ]

        # Misc
        self.new_membership_data = {"group": self.group.id, "user": self.users[0].id}

    def test_create_not_authed(self):
        self.client.force_authenticate(user=None)
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_create_forbidden(self):
        # Can't join this Group
        self.client.force_authenticate(user=self.users[0])
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_create_already_group_member(self):
        self.client.force_authenticate(user=self.users[1])
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_create_self_forbidden(self):
        self.client.force_authenticate(user=self.users[1])
        response = self.client.post(self.members_url, self.new_membership_data)
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)


class InvitationGroupMemberInvitationWorkflowTests(APITestCase):
    @classmethod
    def setUpTestData(self):
        super(APITestCase, self).setUpTestData()

        # Routes
        self.members_url = "/group-member/"
        self.group_invite_url = "/group/%d/invite/";
        self.group_invite_accept_url = "/group/%d/invite_accept/";

        # Group with invitation only
        self.group = GroupFactory(req_rank_invite=5, default_member_rank=-1)

        # Testing user
        self.users = UserFactory.create_batch(2)
        self.memberships = [
            None,
            GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=self.group.req_rank_invite)
        ]

    def test_invite_not_authed(self):
        self.client.force_authenticate(user=None)
        response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[0].id} )
        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)

    def test_invite_forbidden(self):
        # Attempt to get group membership
        self.client.force_authenticate(user=self.users[0])
        response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[0].id} )
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_invite_already_group_member(self):
        # Attempt to get group membership
        self.client.force_authenticate(user=self.users[1])
        response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[1].id} )
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

    def test_invite_ok(self):
        # User0 invites User1 to group
        self.client.force_authenticate(user=self.users[1])
        response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[0].id} )
        self.assertEqual(response.status_code, status.HTTP_200_OK)

    def test_invite_accept(self):
        self.test_invite_ok()
        self.client.force_authenticate(user=self.users[0])
        response = self.client.post(self.members_url, {"user": self.users[0].id, "group": self.group.id})
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)


1			import json
2
3			from django.core import mail
4
5			from rest_framework import status
6			from rest_framework.test import APITestCase
7
8			from sigma_core.models.user import User
9			from sigma_core.models.group import Group
10			from sigma_core.models.group_member import GroupMember
11			from sigma_core.serializers.user import DetailedUserSerializer as UserSerializer
12			from sigma_core.tests.factories import UserFactory, AdminUserFactory, GroupFactory, GroupMemberFactory
13
14			# Test /rank, /kick
15			class GroupMemberPermissionTests(APITestCase):
16			@classmethod
17			def setUpTestData(self):
18			super().setUpTestData()
19			self.member_rank_url = "/group-member/%d/rank/"
20			self.member_url = "/group-member/%d/"
21			self.users = UserFactory.create_batch(6)
22			self.group = GroupFactory(req_rank_promote=3, req_rank_demote=4, req_rank_kick=5)
23			self.mships = [
24			None,
25			GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=1),
26			GroupMemberFactory(user=self.users[2], group=self.group, perm_rank=2),
27			GroupMemberFactory(user=self.users[3], group=self.group, perm_rank=3),
28			GroupMemberFactory(user=self.users[4], group=self.group, perm_rank=4),
29			GroupMemberFactory(user=self.users[5], group=self.group, perm_rank=5)
30			]
31
32			def try_rank(self, userId, targetId, newPermRank, expectedHttpResponseCode):
33			"""
34			This function attempts to set $targetId membership rank to $newPermRank
35			using $userId permissions
36			PUT /group-member/{targetId}/rank with perm_rank=newPermRank
37			"""
38			if userId >= 0:
39			self.client.force_authenticate(user=self.users[userId])
40			response = self.client.put(self.member_rank_url % (self.mships[targetId].id), {"perm_rank": newPermRank})
41			self.assertEqual(response.status_code, expectedHttpResponseCode)
42
43			def try_delete(self, userId, targetId, expectedHttpResponseCode):
44			"""
45			This function attempts to remove $targetId membership from Group
46			using $userId permissions
47			DELETE /group-member/{targetId}/
48			"""
49			if userId >= 0:
50			self.client.force_authenticate(user=self.users[userId])
51			response = self.client.delete(self.member_url % targetId)
52			self.assertEqual(response.status_code, expectedHttpResponseCode)
53
54			# /rank
55			def test_rank_not_authed(self):
56			self.try_rank(-1, 1, 4, status.HTTP_401_UNAUTHORIZED)
57
58			def test_rank_not_group_member(self):
59			self.try_rank(0, 1, 4, status.HTTP_404_NOT_FOUND)
60
61			def test_rank_demote_no_permission(self):
62			self.try_rank(1, 2, 1, status.HTTP_403_FORBIDDEN)
63
64			def test_rank_demote_no_permission2(self):
65			self.try_rank(3, 2, 1, status.HTTP_403_FORBIDDEN)
66			self.assertEqual(GroupMember.objects.get(pk=self.mships[2].id).perm_rank, 2)
67
68			def test_rank_promote_no_permission(self):
69			self.try_rank(1, 1, 2, status.HTTP_403_FORBIDDEN)
70
71			def test_rank_no_rank_change(self):
72			self.try_rank(5, 1, 1, status.HTTP_400_BAD_REQUEST)
73
74			def test_rank_not_a_number(self):
75			self.try_rank(5, 1, "hi!", status.HTTP_400_BAD_REQUEST)
76
77			def test_rank_set_rank_to_zero(self):
78			self.try_rank(5, 1, 0, status.HTTP_400_BAD_REQUEST)
79
80			def test_rank_bad_rank(self):
81			self.try_rank(5, 1, -1, status.HTTP_400_BAD_REQUEST)
82			self.try_rank(5, 1, Group.ADMINISTRATOR_RANK + 1, status.HTTP_400_BAD_REQUEST)
83
84			def test_rank_too_high_rank(self):
85			self.try_rank(5, 1, 5, status.HTTP_403_FORBIDDEN)
86
87			def test_rank_promote_ok(self):
88			self.try_rank(3, 1, 2, status.HTTP_200_OK)
89			self.assertEqual(GroupMember.objects.get(pk=self.mships[1].id).perm_rank, 2)
90
91			def test_rank_demote_ok(self):
92			self.try_rank(5, 3, 2, status.HTTP_200_OK)
93			self.assertEqual(GroupMember.objects.get(pk=self.mships[3].id).perm_rank, 2)
94
95			def test_rank_demote_self_ok(self):
96			self.try_rank(3, 3, 2, status.HTTP_200_OK)
97			self.assertEqual(GroupMember.objects.get(pk=self.mships[3].id).perm_rank, 2)
98
99			# delete
100			def test_delete_not_authed(self):
101			self.try_delete(-1, 1, status.HTTP_401_UNAUTHORIZED)
102
103			def test_delete_not_group_member(self):
104			self.try_delete(0, 1, status.HTTP_404_NOT_FOUND)
105
106			def test_delete_no_permission(self):
107			self.try_delete(3, 2, status.HTTP_403_FORBIDDEN)
108
109			def test_delete_user_not_in_group(self):
110			self.try_delete(4, 0, status.HTTP_404_NOT_FOUND)
111
112			def test_delete_self_ok(self):
113			self.try_delete(1, 1, status.HTTP_204_NO_CONTENT)
114			self.assertFalse(GroupMember.objects.filter(pk=self.mships[1].id).exists())
115
116			def test_delete_ok(self):
117			self.try_delete(5, 1, status.HTTP_204_NO_CONTENT)
118			self.assertFalse(GroupMember.objects.filter(pk=self.mships[1].id).exists())
119
120			class OpenGroupMemberCreationTests(APITestCase):
121			@classmethod
122			def setUpTestData(self):
123			super(APITestCase, self).setUpTestData()
124
125			# Routes
126			self.members_url = "/group-member/"
127			self.member_url = self.members_url + "%d/"
128
129			# Group open to anyone
130			self.group = GroupFactory()
131			self.group.default_member_rank = 1
132			self.group.save()
133
134			# Users already in group
135			self.users = [UserFactory()]
136			# Associated GroupMember
137			self.group_member1 = GroupMember(user=self.users[0], group=self.group, perm_rank=Group.ADMINISTRATOR_RANK)
138
139			# Testing user
140			self.user = UserFactory()
141
142			# Misc
143			self.new_membership_data = {"group": self.group.id, "user": self.user.id}
144
145			def test_create_not_authed(self):
146			self.client.force_authenticate(user=None)
147			response = self.client.post(self.members_url, self.new_membership_data)
148			self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
149
150			def test_create_not_for_self(self):
151			# Attempt to add somebody else to a group
152			self.client.force_authenticate(user=self.users[0])
153			response = self.client.post(self.members_url, self.new_membership_data)
154			self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
155
156			def test_create_success(self):
157			# Succesful attempt to join an open group
158			self.client.force_authenticate(user=self.user)
159			response = self.client.post(self.members_url, self.new_membership_data)
160			self.assertEqual(response.status_code, status.HTTP_201_CREATED)
161			self.assertEqual(response.data['perm_rank'], self.group.default_member_rank)
162
163
164			class RequestGroupMemberCreationTests(APITestCase):
165			@classmethod
166			def setUpTestData(self):
167			super(APITestCase, self).setUpTestData()
168
169			# Routes
170			self.members_url = "/group-member/"
171			self.accept_join_requests_url = self.members_url + "%d/accept_join_request/"
172
173			# Group with membership request
174			self.group = GroupFactory(default_member_rank=0, req_rank_accept_join_requests=5)
175
176			# Users already in group
177			self.users = UserFactory.create_batch(3)
178			# Associated GroupMember
179			self.group_member1 = GroupMemberFactory(user=self.users[0], group=self.group, perm_rank=Group.ADMINISTRATOR_RANK) # can validate requests
180			self.group_member2 = GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=1) # cannot validate requests
181			self.group_member3 = GroupMemberFactory(user=self.users[2], group=self.group, perm_rank=0) # request to be validated
182
183			# Testing user
184			self.user = UserFactory()
185
186			# Misc
187			self.new_membership_data = {"group": self.group.id, "user": self.user.id}
188
189			def test_create_not_authed(self):
190			self.client.force_authenticate(user=None)
191			response = self.client.post(self.members_url, self.new_membership_data)
192			self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
193
194			def test_create_success(self):
195			# Succesful attempt to request group membership
196			self.client.force_authenticate(user=self.user)
197			response = self.client.post(self.members_url, self.new_membership_data)
198			self.assertEqual(response.status_code, status.HTTP_201_CREATED)
199			self.assertEqual(response.data['perm_rank'], self.group.default_member_rank)
200
201			def test_validate_forbidden(self):
202			# Attempt to validate a request but not enough permission
203			self.client.force_authenticate(user=self.users[1])
204			response = self.client.put(self.accept_join_requests_url % self.group_member3.id)
205			self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
206
207			def test_validate_success(self):
208			# Succesful attempt to validate a request
209			self.client.force_authenticate(user=self.users[0])
210			response = self.client.put(self.accept_join_requests_url % self.group_member3.id)
211			self.assertEqual(response.status_code, status.HTTP_200_OK)
212			self.assertEqual(response.data['perm_rank'], 1)
213
214
215			class InvitationGroupMemberCreationTests(APITestCase):
216			@classmethod
217			def setUpTestData(self):
218			super(APITestCase, self).setUpTestData()
219
220			# Routes
221			self.members_url = "/group-member/"
222
223			# Group with invitation only
224			self.group = GroupFactory(req_rank_invite=5, default_member_rank=-1, visibility=Group.VIS_PRIVATE)
225
226			# Testing user
227			self.users = UserFactory.create_batch(2)
228			self.memberships = [
229			None,
230			GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=self.group.req_rank_invite)
231			]
232
233			# Misc
234			self.new_membership_data = {"group": self.group.id, "user": self.users[0].id}
235
236			def test_create_not_authed(self):
237			self.client.force_authenticate(user=None)
238			response = self.client.post(self.members_url, self.new_membership_data)
239			self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
240
241			def test_create_forbidden(self):
242			# Can't join this Group
243			self.client.force_authenticate(user=self.users[0])
244			response = self.client.post(self.members_url, self.new_membership_data)
245			self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
246
247			def test_create_already_group_member(self):
248			self.client.force_authenticate(user=self.users[1])
249			response = self.client.post(self.members_url, self.new_membership_data)
250			self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
251
252			def test_create_self_forbidden(self):
253			self.client.force_authenticate(user=self.users[1])
254			response = self.client.post(self.members_url, self.new_membership_data)
255			self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
256
257
258			class InvitationGroupMemberInvitationWorkflowTests(APITestCase):
259			@classmethod
260			def setUpTestData(self):
261			super(APITestCase, self).setUpTestData()
262
263			# Routes
264			self.members_url = "/group-member/"
265			self.group_invite_url = "/group/%d/invite/";
266			self.group_invite_accept_url = "/group/%d/invite_accept/";
267
268			# Group with invitation only
269			self.group = GroupFactory(req_rank_invite=5, default_member_rank=-1)
270
271			# Testing user
272			self.users = UserFactory.create_batch(2)
273			self.memberships = [
274			None,
275			GroupMemberFactory(user=self.users[1], group=self.group, perm_rank=self.group.req_rank_invite)
276			]
277
278			def test_invite_not_authed(self):
279			self.client.force_authenticate(user=None)
280			response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[0].id} )
281			self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
282
283			def test_invite_forbidden(self):
284			# Attempt to get group membership
285			self.client.force_authenticate(user=self.users[0])
286			response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[0].id} )
287			self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
288
289			def test_invite_already_group_member(self):
290			# Attempt to get group membership
291			self.client.force_authenticate(user=self.users[1])
292			response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[1].id} )
293			self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
294
295			def test_invite_ok(self):
296			# User0 invites User1 to group
297			self.client.force_authenticate(user=self.users[1])
298			response = self.client.put(self.group_invite_url % (self.group.id), {"user": self.users[0].id} )
299			self.assertEqual(response.status_code, status.HTTP_200_OK)
300
301			def test_invite_accept(self):
302			self.test_invite_ok()
303			self.client.force_authenticate(user=self.users[0])
304			response = self.client.post(self.members_url, {"user": self.users[0].id, "group": self.group.id})
305			self.assertEqual(response.status_code, status.HTTP_201_CREATED)
306

ProjetSigma / backend

Push — master ( db2fb9...108c7a )

test_rank_too_high_rank() A

Complexity

Size

Duplication

Duplication Side-by-Side

Filter issues like