187 lines
6.9 KiB
Python
187 lines
6.9 KiB
Python
import json
|
|
|
|
import pytest
|
|
from django.contrib import auth
|
|
from django.urls import reverse
|
|
from django_scopes import scopes_disabled
|
|
|
|
from cookbook.models import Recipe, ShareLink
|
|
from cookbook.tests.conftest import get_random_json_recipe, validate_recipe
|
|
|
|
LIST_URL = 'api:recipe-list'
|
|
DETAIL_URL = 'api:recipe-detail'
|
|
|
|
|
|
# TODO need to add extensive tests against recipe search to go through all of the combinations of parameters
|
|
# probably needs to include a far more extensive set of initial recipes to effectively test results
|
|
# and to ensure that all parts of the code are exercised.
|
|
# TODO should probably consider adding code coverage plugin to the test suite
|
|
@pytest.mark.parametrize("arg", [
|
|
['a_u', 403],
|
|
['g1_s1', 200],
|
|
['u1_s1', 200],
|
|
['a1_s1', 200],
|
|
])
|
|
def test_list_permission(arg, request):
|
|
c = request.getfixturevalue(arg[0])
|
|
assert c.get(reverse(LIST_URL)).status_code == arg[1]
|
|
|
|
|
|
def test_list_space(recipe_1_s1, u1_s1, u1_s2, space_2):
|
|
assert len(json.loads(u1_s1.get(reverse(LIST_URL)).content)['results']) == 1
|
|
assert len(json.loads(u1_s2.get(reverse(LIST_URL)).content)['results']) == 0
|
|
|
|
# test for space filter
|
|
with scopes_disabled():
|
|
recipe_1_s1.space = space_2
|
|
recipe_1_s1.save()
|
|
|
|
assert len(json.loads(u1_s1.get(reverse(LIST_URL)).content)['results']) == 0
|
|
assert len(json.loads(u1_s2.get(reverse(LIST_URL)).content)['results']) == 1
|
|
|
|
# test for private recipe filter
|
|
with scopes_disabled():
|
|
recipe_1_s1.created_by = auth.get_user(u1_s1)
|
|
recipe_1_s1.private = True
|
|
recipe_1_s1.save()
|
|
|
|
assert len(json.loads(u1_s1.get(reverse(LIST_URL)).content)['results']) == 0
|
|
assert len(json.loads(u1_s2.get(reverse(LIST_URL)).content)['results']) == 0
|
|
|
|
with scopes_disabled():
|
|
recipe_1_s1.created_by = auth.get_user(u1_s2)
|
|
recipe_1_s1.save()
|
|
|
|
assert len(json.loads(u1_s2.get(reverse(LIST_URL)).content)['results']) == 1
|
|
|
|
|
|
def test_share_permission(recipe_1_s1, u1_s1, u1_s2, u2_s1, a_u):
|
|
assert u1_s1.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk])).status_code == 200
|
|
assert u1_s2.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk])).status_code == 404
|
|
|
|
with scopes_disabled():
|
|
r = u1_s1.get(reverse('new_share_link', kwargs={'pk': recipe_1_s1.pk}))
|
|
assert r.status_code == 302
|
|
r = u1_s2.get(reverse('new_share_link', kwargs={'pk': recipe_1_s1.pk}))
|
|
assert r.status_code == 404
|
|
share = ShareLink.objects.filter(recipe=recipe_1_s1).first()
|
|
assert a_u.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk]) + f'?share={share.uuid}').status_code == 200
|
|
assert u1_s1.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk]) + f'?share={share.uuid}').status_code == 200
|
|
assert u1_s2.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk]) + f'?share={share.uuid}').status_code == 404 # TODO fix in https://github.com/TandoorRecipes/recipes/issues/1238
|
|
|
|
recipe_1_s1.created_by = auth.get_user(u1_s1)
|
|
recipe_1_s1.private = True
|
|
recipe_1_s1.save()
|
|
|
|
assert a_u.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk]) + f'?share={share.uuid}').status_code == 200
|
|
assert u1_s1.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk]) + f'?share={share.uuid}').status_code == 200
|
|
assert u2_s1.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk]) + f'?share={share.uuid}').status_code == 200
|
|
assert u2_s1.get(reverse(DETAIL_URL, args=[recipe_1_s1.pk])).status_code == 403
|
|
|
|
|
|
@pytest.mark.parametrize("arg", [
|
|
['a_u', 403],
|
|
['g1_s1', 403],
|
|
['u1_s1', 200],
|
|
['a1_s1', 200],
|
|
['g1_s2', 403],
|
|
['u1_s2', 404],
|
|
['a1_s2', 404],
|
|
])
|
|
def test_update(arg, request, recipe_1_s1):
|
|
with scopes_disabled():
|
|
c = request.getfixturevalue(arg[0])
|
|
j = get_random_json_recipe()
|
|
r = c.patch(
|
|
reverse(
|
|
DETAIL_URL,
|
|
args={recipe_1_s1.id}
|
|
),
|
|
j,
|
|
content_type='application/json'
|
|
)
|
|
response = json.loads(r.content)
|
|
assert r.status_code == arg[1]
|
|
if r.status_code == 200:
|
|
validate_recipe(j, json.loads(r.content))
|
|
|
|
|
|
def test_update_share(u1_s1, u2_s1, u1_s2, recipe_1_s1):
|
|
with scopes_disabled():
|
|
r = u1_s1.patch(
|
|
reverse(
|
|
DETAIL_URL,
|
|
args={recipe_1_s1.id}
|
|
),
|
|
{'shared': [{'id': auth.get_user(u1_s2).pk, 'username': auth.get_user(u1_s2).username}, {'id': auth.get_user(u2_s1).pk, 'username': auth.get_user(u2_s1).username}]},
|
|
content_type='application/json'
|
|
)
|
|
response = json.loads(r.content)
|
|
assert r.status_code == 200
|
|
assert len(response['shared']) == 1
|
|
assert response['shared'][0]['id'] == auth.get_user(u2_s1).pk
|
|
|
|
|
|
def test_update_private_recipe(u1_s1, u2_s1, recipe_1_s1):
|
|
r = u1_s1.patch(reverse(DETAIL_URL, args={recipe_1_s1.id}), {'name': 'test1'}, content_type='application/json')
|
|
assert r.status_code == 200
|
|
|
|
with scopes_disabled():
|
|
recipe_1_s1.private = True
|
|
recipe_1_s1.created_by = auth.get_user(u1_s1)
|
|
recipe_1_s1.save()
|
|
|
|
r = u1_s1.patch(reverse(DETAIL_URL, args={recipe_1_s1.id}), {'name': 'test2'}, content_type='application/json')
|
|
assert r.status_code == 200
|
|
|
|
r = u2_s1.patch(reverse(DETAIL_URL, args={recipe_1_s1.id}), {'name': 'test3'}, content_type='application/json')
|
|
assert r.status_code == 403
|
|
|
|
|
|
@pytest.mark.parametrize("arg", [
|
|
['a_u', 403],
|
|
['g1_s1', 403],
|
|
['u1_s1', 201],
|
|
['a1_s1', 201],
|
|
])
|
|
def test_add(arg, request, u1_s2):
|
|
x = 0
|
|
while x < 2:
|
|
c = request.getfixturevalue(arg[0])
|
|
j = get_random_json_recipe()
|
|
r = c.post(
|
|
reverse(LIST_URL), j, content_type='application/json'
|
|
)
|
|
response = json.loads(r.content)
|
|
print(r.content)
|
|
assert r.status_code == arg[1]
|
|
if r.status_code == 201:
|
|
# id can change when running multiple tests, changed to validate name
|
|
validate_recipe(j, json.loads(r.content))
|
|
r = c.get(reverse(DETAIL_URL, args={response['id']}))
|
|
assert r.status_code == 200
|
|
r = u1_s2.get(reverse(DETAIL_URL, args={response['id']}))
|
|
assert r.status_code == 404
|
|
x += 1
|
|
|
|
|
|
def test_delete(u1_s1, u1_s2, u2_s1, recipe_1_s1, recipe_2_s1):
|
|
with scopes_disabled():
|
|
r = u1_s2.delete(reverse(DETAIL_URL, args={recipe_1_s1.id}))
|
|
assert r.status_code == 404
|
|
|
|
r = u1_s1.delete(reverse(DETAIL_URL, args={recipe_1_s1.id}))
|
|
|
|
assert r.status_code == 204
|
|
assert not Recipe.objects.filter(pk=recipe_1_s1.id).exists()
|
|
|
|
recipe_2_s1.created_by = auth.get_user(u1_s1)
|
|
recipe_2_s1.private = True
|
|
recipe_2_s1.save()
|
|
|
|
r = u2_s1.delete(reverse(DETAIL_URL, args={recipe_2_s1.id}))
|
|
assert r.status_code == 403
|
|
|
|
r = u1_s1.delete(reverse(DETAIL_URL, args={recipe_2_s1.id}))
|
|
assert r.status_code == 204
|