From a13b1f2119d7987e25352079c534dafe81df0e2c Mon Sep 17 00:00:00 2001
From: Thibaud Duquennoy <thibaud@duquennoy.fr>
Date: Thu, 31 Jan 2019 12:58:31 +0100
Subject: [PATCH] WIP: add test for permission
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Test for djangoldp-joboffer’s permissions
---
djangoldp/tests/runner.py | 1 +
djangoldp/tests/tests.py | 75 +++++++++++++++++++++++++++++++++++++++
2 files changed, 76 insertions(+)
create mode 100644 djangoldp/tests/tests.py
diff --git a/djangoldp/tests/runner.py b/djangoldp/tests/runner.py
index 4e3bcd04..af9839c8 100644
--- a/djangoldp/tests/runner.py
+++ b/djangoldp/tests/runner.py
@@ -27,6 +27,7 @@ test_runner = DiscoverRunner(verbosity=1)
failures = test_runner.run_tests([
'djangoldp.tests.tests_ldp_model',
'djangoldp.tests.tests_save',
+ 'djangoldp.tests.tests',
'djangoldp.tests.tests_update'])
if failures:
sys.exit(failures)
diff --git a/djangoldp/tests/tests.py b/djangoldp/tests/tests.py
new file mode 100644
index 00000000..53644644
--- /dev/null
+++ b/djangoldp/tests/tests.py
@@ -0,0 +1,75 @@
+from django.test import TestCase, Client, RequestFactory
+from djangoldp.views import LDPViewSet
+from djangoldp.permissions import AnonymousReadOnly
+
+from django.contrib.auth.models import AnonymousUser, User
+from djangoldp_joboffer.models import JobOffer
+
+
+class TestUserPermissions (TestCase):
+ def setUp(self):
+ self.factory = RequestFactory()
+# self.c = Client()
+ self.user = User.objects.create_user(username='john', email='jlennon@beatles.com', password='glass onion')
+
+ def tearDown(self):
+ self.user.delete()
+
+ def test_get_with_user(self):
+ request = self.factory.get('/job-offers/')
+ request.user = self.user
+ my_view = LDPViewSet.as_view({'get': 'list'}, model=JobOffer, nested_fields=["skills"], permission_classes=[AnonymousReadOnly])
+ response = my_view(request)
+ self.assertEqual(response.status_code, 200)
+
+ def test_request_options_create_with_user(self):
+ request = self.factory.options('/job-offers/')
+ request.user = self.user
+ my_view = LDPViewSet.as_view({'options': 'create'}, model=JobOffer, nested_fields=["skills"], permission_classes=[AnonymousReadOnly])
+ response = my_view(request)
+ self.assertEqual(response.status_code, 201)
+
+ def test_request_options_update_with_user(self):
+ request = self.factory.options('/job-offers/')
+ request.user = self.user
+ my_view = LDPViewSet.as_view({'options': 'update'}, model=JobOffer, nested_fields=["skills"], permission_classes=[AnonymousReadOnly])
+ response = my_view(request)
+ self.assertEqual(response.status_code, 201)
+
+class TestAnonymousUserPermissions (TestCase):
+ def setUp(self):
+ self.factory = RequestFactory()
+# self.c = Client()
+ self.user = AnonymousUser
+
+ def test_get_request_with_anonymousUser(self):
+ request = self.factory.get("/job-offers/")
+ request.user = self.user
+ my_view = LDPViewSet.as_view({'get': 'list'},
+ model=JobOffer,
+ nested_fields=["skills"],
+ permission_classes=[AnonymousReadOnly])
+ response = my_view(request)
+ self.assertEqual(response.status_code, 200)
+
+ def test_request_options_create_with_anonymousUser(self):
+ request = self.factory.options("/job-offers/")
+ request.user = self.user
+ my_view = LDPViewSet.as_view({'options': 'create'},
+ model=JobOffer,
+ nested_fields=["skills"],
+ permission_classes=[AnonymousReadOnly])
+ response = my_view(request)
+ self.assertEqual(response.status_code, 403)
+
+ def test_request_options_update_with_anonymousUser(self):
+ request = self.factory.options("/job-offers/")
+ request.user = self.user
+ my_view = LDPViewSet.as_view({'options': 'update'},
+ model=JobOffer,
+ nested_fields=["skills"],
+ permission_classes=[AnonymousReadOnly])
+ response = my_view(request)
+ self.assertEqual(response.status_code, 403)
+
+
--
GitLab