Commit 79589114 authored by Calum Mackervoy's avatar Calum Mackervoy Committed by Benoit Alessandroni

major: test suite, fixed bug with InvoicePermissions

parent 5020b88f
Pipeline #9443 passed with stage
in 31 seconds
......@@ -2,9 +2,21 @@
image: python:3.6
stages:
- test
- release
include:
- project: 'infra/platform'
ref: master
file: '/templates/python.ci.yml'
test:
stage: test
script:
- pip install .[dev]
- python -m unittest djangoldp_invoice.tests.runner
except:
- master
- tags
tags:
- test
......@@ -2,6 +2,8 @@ from djangoldp.permissions import LDPPermissions
from django.db.models.base import ModelBase
class InvoicePermissions(LDPPermissions):
filter_backends = []
def user_permissions(self, user, obj_or_model, obj=None):
if not user.is_anonymous:
if not isinstance(obj_or_model, ModelBase):
......
from django.test import TestCase
# Force the update of the package version
# Create your tests here.
from django.contrib.auth.models import AbstractUser
from djangoldp.models import Model
class User(AbstractUser, Model):
class Meta(AbstractUser.Meta, Model.Meta):
serializer_fields = ['@id', 'username', 'first_name', 'last_name', 'email']
anonymous_perms = ['view', 'add']
authenticated_perms = ['inherit', 'change']
owner_perms = ['inherit']
\ No newline at end of file
import sys
import django
from django.conf import settings as django_settings
from djangoldp.conf.ldpsettings import LDPSettings
# create a test configuration
config = {
# add the packages to the reference list
'ldppackages': ['djangoldp_project','djangoldp_invoice','djangoldp_invoice.tests'],
# required values for server
'server': {
'AUTH_USER_MODEL': 'tests.User',
'REST_FRAMEWORK': {
'DEFAULT_PAGINATION_CLASS': 'djangoldp.pagination.LDPPagination',
'PAGE_SIZE': 5
},
# map the config of the core settings (avoid asserts to fail)
'SITE_URL': 'http://happy-dev.fr',
'BASE_URL': 'http://happy-dev.fr',
}
}
ldpsettings = LDPSettings(config)
django_settings.configure(ldpsettings)
django.setup()
from django.test.runner import DiscoverRunner
test_runner = DiscoverRunner(verbosity=1)
failures = test_runner.run_tests([
'djangoldp_invoice.tests.tests_permissions',
])
if failures:
sys.exit(failures)
import uuid
import json
from datetime import datetime, timedelta
from django.urls import reverse
from djangoldp.permissions import LDPPermissions
from djangoldp.serializers import LDListMixin, LDPSerializer
from rest_framework.test import APITestCase, APIClient
from guardian.shortcuts import assign_perm
from djangoldp_project.models import Project, Member
from djangoldp_invoice.models import Task, Batch, FreelanceInvoice, CustomerInvoice
from djangoldp_invoice.tests.models import User
class PermissionsTestCase(APITestCase):
def setUp(self):
self.client = APIClient()
LDListMixin.to_representation_cache.reset()
LDPSerializer.to_representation_cache.reset()
# LDPPermissions.invalidate_cache()
def setUpLoggedInUser(self):
self.user = User(email='test@mactest.co.uk', first_name='Test', last_name='Mactest', username='test',
password='glass onion')
self.user.save()
self.client.force_authenticate(user=self.user)
def _get_random_project(self):
return Project.objects.create(name=str(uuid.uuid4()), status='Public')
def _get_random_customer_invoice(self, project=None, customer=None):
return CustomerInvoice.objects.create(project=project, customer=customer, identifier=str(uuid.uuid4()),
title=str(uuid.uuid4()), tvaRate=20)
def _get_random_user(self):
return User.objects.create(email='{}@test.co.uk'.format(str(uuid.uuid4())), first_name='Test', last_name='Test',
username=str(uuid.uuid4()))
# accessing the invoices directly - whether anonymous or authenticated, should return empty list
def test_list_invoices_anonymous_user(self):
self._get_random_customer_invoice()
response = self.client.get('/customer-invoices/')
self.assertEqual(response.status_code, 403)
# accessing the invoices directly - whether anonymous or authenticated, should return empty list
def test_list_invoices_authenticated(self):
self.setUpLoggedInUser()
self._get_random_customer_invoice()
response = self.client.get('/customer-invoices/')
self.assertEqual(response.status_code, 403)
# accessing in a nested object (project) is OK if I am authenticated
def test_list_invoice_nested_in_project_anonymous(self):
project = self._get_random_project()
self._get_random_customer_invoice(project=project)
response = self.client.get('/projects/{}/customerInvoices/'.format(project.pk))
self.assertEqual(response.status_code, 403)
# accessing in a nested object (project) is OK if I am authenticated
def test_list_invoice_nested_in_project_authenticated(self):
self.setUpLoggedInUser()
project = self._get_random_project()
self._get_random_customer_invoice(project=project)
response = self.client.get('/projects/{}/customerInvoices/'.format(project.pk))
self.assertEqual(response.status_code, 200)
self.assertIn('ldp:contains', response.data)
self.assertEqual(len(response.data['ldp:contains']), 1)
def test_get_invoice_anonymous_user(self):
invoice = self._get_random_customer_invoice()
response = self.client.get('/customer-invoices/{}/'.format(invoice.pk))
self.assertEqual(response.status_code, 403)
def test_get_invoice_authenticated(self):
self.setUpLoggedInUser()
invoice = self._get_random_customer_invoice()
response = self.client.get('/customer-invoices/{}/'.format(invoice.pk))
self.assertEqual(response.status_code, 200)
......@@ -10,7 +10,8 @@ license = MIT
[options]
packages = find:
install_requires =
djangoldp>=1
djangoldp>=2
djangoldp_project>=2
[semantic_release]
version_source = tag
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment