-
Notifications
You must be signed in to change notification settings - Fork 40
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
147 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| #!/usr/bin/env python | ||
| # encoding: utf-8 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| #!/usr/bin/env python | ||
| # encoding: utf-8 | ||
|
|
||
| from django.test import TestCase, RequestFactory | ||
| from django.contrib.auth.models import User | ||
| from v1.menu.models import MenuItem, Menu | ||
| from datetime import datetime | ||
|
|
||
| from v1.menu import views | ||
|
|
||
|
|
||
| class ListTests(TestCase): | ||
| fixtures = [ | ||
| 'test/users.json', | ||
| 'course_data.json', | ||
| 'cuisine_data.json', | ||
| 'recipe_data.json', | ||
| 'ing_data.json' | ||
| ] | ||
|
|
||
| def setUp(self): | ||
| # Every test needs access to the request factory. | ||
| self.factory = RequestFactory() | ||
| # Create a staff user. | ||
| self.staff = User.objects.create_user( | ||
| username='staff', email='staff@gmail.com', password='top_secret', is_superuser=True | ||
| ) | ||
| self.menu = Menu.objects.create(title='food', author=self.staff) | ||
| self.item = MenuItem.objects.create(menu=self.menu, recipe_id=1) | ||
|
|
||
| def test_get_copy_menu(self): | ||
| """Check if we get the right data for a list""" | ||
| view = views.MenuCopyViewSet.as_view() | ||
| data = { | ||
| 'menu': '1', | ||
| 'title': 'new menu', | ||
| 'description': 'this is new', | ||
| 'start': datetime.now(), | ||
| } | ||
| request = self.factory.post('/api/v1/recipe/recipes/', data=data) | ||
| request.user = self.staff | ||
| response = view(request) | ||
|
|
||
| print(response.data) | ||
|
|
||
| self.assertTrue(response.data.get('id', True)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| #!/usr/bin/env python | ||
| # encoding: utf-8 | ||
|
|
||
| from django.contrib.auth.models import AnonymousUser, User | ||
| from django.test import TestCase, RequestFactory | ||
| from v1.menu.permissions import IsMenuOwner, IsMenuItemOwner | ||
| from v1.menu.models import MenuItem, Menu | ||
|
|
||
|
|
||
| class PermissionTest(TestCase): | ||
| fixtures = [ | ||
| 'test/users.json', | ||
| 'course_data.json', | ||
| 'cuisine_data.json', | ||
| 'recipe_data.json', | ||
| 'ing_data.json' | ||
| ] | ||
|
|
||
| def setUp(self): | ||
| # Every test needs access to the request factory. | ||
| self.factory = RequestFactory() | ||
| # Create a staff user. | ||
| self.staff = User.objects.create_user( | ||
| username='staff', email='staff@gmail.com', password='top_secret', is_superuser=True | ||
| ) | ||
| self.user = User.objects.create_user( | ||
| username='jacob', email='jacob@gmail.com', password='top_secret' | ||
| ) | ||
| self.menu = Menu.objects.create(title='food', author=self.user) | ||
| self.item = MenuItem.objects.create(menu=self.menu, recipe_id=1) | ||
|
|
||
| def test_is_list_owner_or_read_only(self): | ||
| # Try and access something as an admin user. | ||
| # Both get and post should have access. | ||
| request = self.factory.get('/admin') | ||
| request.user = self.staff | ||
| self.assertTrue(IsMenuOwner().has_object_permission(request, None, None)) | ||
| self.assertTrue(IsMenuOwner().has_object_permission(request, None, self.menu)) | ||
| request = self.factory.post('/admin') | ||
| request.user = self.staff | ||
| self.assertTrue(IsMenuOwner().has_object_permission(request, None, None)) | ||
| self.assertTrue(IsMenuOwner().has_object_permission(request, None, self.menu)) | ||
|
|
||
| # Try and access something as an user who created th lists. | ||
| # Both get and post should have access. | ||
| request = self.factory.get('/admin') | ||
| request.user = self.user | ||
| self.assertTrue(IsMenuOwner().has_object_permission(request, None, self.menu)) | ||
| request = self.factory.post('/admin') | ||
| request.user = self.user | ||
| self.assertTrue(IsMenuOwner().has_object_permission(request, None, self.menu)) | ||
|
|
||
| # Try and access something as an anonymous user. | ||
| # Both get and post should not have access. | ||
| request = self.factory.get('/admin') | ||
| request.user = AnonymousUser() | ||
| self.assertFalse(IsMenuOwner().has_object_permission(request, None, self.menu)) | ||
| request = self.factory.post('/admin') | ||
| request.user = AnonymousUser() | ||
| self.assertFalse(IsMenuOwner().has_object_permission(request, None, self.menu)) | ||
|
|
||
| def test_is_item_owner_or_read_only(self): | ||
| # Try and access something as an admin user. | ||
| # Both get and post should have access. | ||
| request = self.factory.get('/admin') | ||
| request.user = self.staff | ||
| self.assertTrue(IsMenuItemOwner().has_object_permission(request, None, None)) | ||
| self.assertTrue(IsMenuItemOwner().has_object_permission(request, None, self.item)) | ||
| request = self.factory.post('/admin') | ||
| request.user = self.staff | ||
| self.assertTrue(IsMenuItemOwner().has_object_permission(request, None, None)) | ||
| self.assertTrue(IsMenuItemOwner().has_object_permission(request, None, self.item)) | ||
|
|
||
| # Try and access something as an user who created th lists. | ||
| # Both get and post should have access. | ||
| request = self.factory.get('/admin') | ||
| request.user = self.user | ||
| self.assertTrue(IsMenuItemOwner().has_object_permission(request, None, self.item)) | ||
| request = self.factory.post('/admin') | ||
| request.user = self.user | ||
| self.assertTrue(IsMenuItemOwner().has_object_permission(request, None, self.item)) | ||
|
|
||
| # Try and access something as an anonymous user. | ||
| # Both get and post should not have access. | ||
| request = self.factory.get('/admin') | ||
| request.user = AnonymousUser() | ||
| self.assertFalse(IsMenuItemOwner().has_object_permission(request, None, self.item)) | ||
| request = self.factory.post('/admin') | ||
| request.user = AnonymousUser() | ||
| self.assertFalse(IsMenuItemOwner().has_object_permission(request, None, self.item)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters