|
1
|
|
|
import json |
|
2
|
|
|
|
|
3
|
|
|
from rest_framework import status |
|
4
|
|
|
from rest_framework.test import APITestCase, force_authenticate |
|
5
|
|
|
|
|
6
|
|
|
from sigma_core.tests.factories import UserFactory, AdminUserFactory |
|
7
|
|
|
from sigma_core.serializers.user import UserSerializer |
|
8
|
|
|
|
|
9
|
|
|
|
|
10
|
|
|
class UserTests(APITestCase): |
|
11
|
|
|
@classmethod |
|
|
|
|
|
|
12
|
|
|
def setUpTestData(self): |
|
13
|
|
|
super(UserTests, self).setUpTestData() |
|
14
|
|
|
|
|
15
|
|
|
self.user = UserFactory() |
|
16
|
|
|
self.admin_user = AdminUserFactory() |
|
17
|
|
|
|
|
18
|
|
|
serializer = UserSerializer(self.user) |
|
19
|
|
|
self.user_data = serializer.data |
|
20
|
|
|
self.user_url = '/user/%d/' % self.user.id |
|
21
|
|
|
|
|
22
|
|
|
self.users_list = [self.user, self.admin_user] |
|
23
|
|
|
|
|
24
|
|
|
self.new_user_data = {'lastname': 'Doe', 'firstname': 'John', 'email': '[email protected]', 'password': 'password'} |
|
25
|
|
|
|
|
26
|
|
|
#### List requests |
|
27
|
|
|
def test_get_users_list_unauthed(self): |
|
28
|
|
|
# Client not authenticated |
|
29
|
|
|
response = self.client.get('/user/') |
|
30
|
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
|
31
|
|
|
|
|
32
|
|
|
# def test_get_users_list_forbidden(self): |
|
33
|
|
|
# # Client authenticated but has no permission |
|
34
|
|
|
# self.client.force_authenticate(user=self.user) |
|
35
|
|
|
# response = self.client.get('/user/') |
|
36
|
|
|
# self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
|
37
|
|
|
|
|
38
|
|
|
def test_get_users_list_ok(self): |
|
39
|
|
|
# Client has permissions |
|
40
|
|
|
self.client.force_authenticate(user=self.user) |
|
41
|
|
|
response = self.client.get('/user/') |
|
42
|
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
43
|
|
|
self.assertEqual(len(response.data), len(self.users_list)) |
|
44
|
|
|
|
|
45
|
|
|
#### Get requests |
|
46
|
|
|
def test_get_user_unauthed(self): |
|
47
|
|
|
# Client is not authenticated |
|
48
|
|
|
response = self.client.get(self.user_url) |
|
49
|
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
|
50
|
|
|
|
|
51
|
|
|
# def test_get_user_forbidden(self): |
|
52
|
|
|
# response = self.client.get(self.user_url) |
|
53
|
|
|
# self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
|
54
|
|
|
|
|
55
|
|
|
def test_get_user_ok(self): |
|
56
|
|
|
# Client has permissions |
|
57
|
|
|
self.client.force_authenticate(user=self.user) |
|
58
|
|
|
response = self.client.get(self.user_url) |
|
59
|
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
60
|
|
|
self.assertEqual(response.data, self.user_data) |
|
61
|
|
|
|
|
62
|
|
|
#### "Get my data" requests |
|
63
|
|
|
def test_get_my_data_unauthed(self): |
|
64
|
|
|
# Client is not authenticated |
|
65
|
|
|
response = self.client.get('/user/me/') |
|
66
|
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
|
67
|
|
|
|
|
68
|
|
|
def test_get_my_data_ok(self): |
|
69
|
|
|
# Client is authenticated |
|
70
|
|
|
self.client.force_authenticate(user=self.user) |
|
71
|
|
|
response = self.client.get('/user/me/') |
|
72
|
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK) |
|
73
|
|
|
self.assertEqual(response.data['id'], self.user.id) |
|
74
|
|
|
|
|
75
|
|
|
#### Create requests |
|
76
|
|
|
def test_create_user_unauthed(self): |
|
77
|
|
|
# Client is not authenticated |
|
78
|
|
|
response = self.client.post('/user/', self.new_user_data) |
|
79
|
|
|
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) |
|
80
|
|
|
|
|
81
|
|
|
# def test_create_user_forbidden(self): |
|
82
|
|
|
# # Client has no permission |
|
83
|
|
|
# self.client.force_authenticate(user=self.user) |
|
84
|
|
|
# response = self.client.post('/user/', self.new_user_data) |
|
85
|
|
|
# self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) |
|
86
|
|
|
|
|
87
|
|
|
def test_create_user_ok(self): |
|
88
|
|
|
# Client has permissions |
|
89
|
|
|
self.client.force_authenticate(user=self.admin_user) |
|
90
|
|
|
response = self.client.post('/user/', self.new_user_data) |
|
91
|
|
|
self.assertEqual(response.status_code, status.HTTP_201_CREATED) |
|
92
|
|
|
self.assertEqual(response.data['lastname'], self.new_user_data['lastname']) |
|
93
|
|
|
|
|
94
|
|
|
#### Modification requests |
|
95
|
|
|
|
|
96
|
|
|
#### "Change password" requests |
|
97
|
|
|
|
|
98
|
|
|
#### Deletion requests |
|
99
|
|
|
|
ProjetSigma /
backend
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.