Test
This commit is contained in:
Виктор Гладких
parent
48ca13803e
commit
7ed976dec0
|
|
@ -71,11 +71,6 @@ class UserRoleTests(APITestCase):
|
||||||
|
|
||||||
def test_user_role_post(self):
|
def test_user_role_post(self):
|
||||||
url = reverse('back:account:user-role-list-create')
|
url = reverse('back:account:user-role-list-create')
|
||||||
# userRole = UserRole.objects.create(
|
|
||||||
# user=self.user_test,
|
|
||||||
# role=self.role
|
|
||||||
# )
|
|
||||||
# userRole.save()
|
|
||||||
|
|
||||||
data = {
|
data = {
|
||||||
"user": self.user_test.id,
|
"user": self.user_test.id,
|
||||||
|
|
|
||||||
|
|
@ -14,14 +14,17 @@ class IsCommentModerator(permissions.BasePermission):
|
||||||
if request.method in permissions.SAFE_METHODS:
|
if request.method in permissions.SAFE_METHODS:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
if obj.user == request.user:
|
||||||
|
return True
|
||||||
|
|
||||||
# Instance must have an attribute named `user`.
|
# Instance must have an attribute named `user`.
|
||||||
role = Role.objects.get(role=2) # 'Comments moderator'
|
role = Role.objects.get(role=2) # 'Comments moderator'
|
||||||
is_access = UserRole.objects.filter(user=request.user, role=role).exists()
|
is_access = UserRole.objects.filter(user=request.user, role=role).exists()
|
||||||
if obj.user == request.user and is_access:
|
if obj.user != request.user and is_access:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
# User is super-user?
|
super_user=User.objects.filter(pk=request.user.pk, is_superuser=True).exists()
|
||||||
if User.objects.filter(pk=request.user.pk).exists():
|
if super_user:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
return False
|
return False
|
||||||
|
|
|
||||||
|
|
@ -2,18 +2,15 @@ from rest_framework.test import APITestCase
|
||||||
from rest_framework import status
|
from rest_framework import status
|
||||||
from authorization.tests.tests_authorization import get_tokens_for_user
|
from authorization.tests.tests_authorization import get_tokens_for_user
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
|
from django.contrib.contenttypes.models import ContentType
|
||||||
from http.cookies import SimpleCookie
|
from http.cookies import SimpleCookie
|
||||||
from location.models import Country
|
from location.models import Country
|
||||||
from account.models import Role, User, UserRole
|
from account.models import Role, User, UserRole
|
||||||
|
from comment.models import Comment
|
||||||
|
|
||||||
|
|
||||||
class CommentModeratorPermissionTests(APITestCase):
|
class CommentModeratorPermissionTests(APITestCase):
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
self.data = get_tokens_for_user()
|
|
||||||
|
|
||||||
self.client.cookies = SimpleCookie(
|
|
||||||
{'access_token': self.data['tokens'].get('access_token'),
|
|
||||||
'refresh_token': self.data['tokens'].get('access_token')})
|
|
||||||
|
|
||||||
self.country_ru = Country.objects.create(
|
self.country_ru = Country.objects.create(
|
||||||
name='{"ru-RU":"Russia"}',
|
name='{"ru-RU":"Russia"}',
|
||||||
|
|
@ -47,11 +44,83 @@ class CommentModeratorPermissionTests(APITestCase):
|
||||||
)
|
)
|
||||||
self.userRole.save()
|
self.userRole.save()
|
||||||
|
|
||||||
|
content_type = ContentType.objects.get(app_label='location', model='country')
|
||||||
|
|
||||||
|
self.user_test = get_tokens_for_user()
|
||||||
|
self.comment = Comment.objects.create(text='Test comment', mark=1,
|
||||||
|
user=self.user_test["user"],
|
||||||
|
object_id= self.country_ru.pk,
|
||||||
|
content_type_id=content_type.id
|
||||||
|
)
|
||||||
|
self.comment.save()
|
||||||
|
|
||||||
|
def test_get(self):
|
||||||
|
url = reverse('back:comment:comment-crud', kwargs={"id": 1})
|
||||||
|
response = self.client.get(url, format='json')
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
|
def test_put_moderator(self):
|
||||||
|
url = reverse('back:comment:comment-crud', kwargs={"id": self.comment.id})
|
||||||
|
|
||||||
tokens = User.create_jwt_tokens(self.moderator)
|
tokens = User.create_jwt_tokens(self.moderator)
|
||||||
|
self.client.cookies = SimpleCookie(
|
||||||
|
{'access_token': tokens.get('access_token'),
|
||||||
|
'refresh_token': tokens.get('access_token')})
|
||||||
|
|
||||||
|
data = {
|
||||||
|
"id": self.comment.id,
|
||||||
|
"text": "test text moderator",
|
||||||
|
"mark": 1,
|
||||||
|
"user": self.moderator.id
|
||||||
|
}
|
||||||
|
|
||||||
|
response = self.client.put(url, data=data, format='json')
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
|
def test_put_other_user(self):
|
||||||
|
url = reverse('back:comment:comment-crud', kwargs={"id": self.comment.id})
|
||||||
|
other_user = User.objects.create_user(username='test',
|
||||||
|
email='test@mail.com',
|
||||||
|
password='passwordtest')
|
||||||
|
|
||||||
|
tokens = User.create_jwt_tokens(other_user)
|
||||||
|
|
||||||
self.client.cookies = SimpleCookie(
|
self.client.cookies = SimpleCookie(
|
||||||
{'access_token': tokens.get('access_token'),
|
{'access_token': tokens.get('access_token'),
|
||||||
'refresh_token': tokens.get('access_token')})
|
'refresh_token': tokens.get('access_token')})
|
||||||
|
|
||||||
def test_permission(self):
|
data = {
|
||||||
self.assertTrue(True)
|
"id": self.comment.id,
|
||||||
|
"text": "test text moderator",
|
||||||
|
"mark": 1,
|
||||||
|
"user": other_user.id
|
||||||
|
}
|
||||||
|
|
||||||
|
response = self.client.put(url, data=data, format='json')
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||||
|
|
||||||
|
def test_put_super_user(self):
|
||||||
|
url = reverse('back:comment:comment-crud', kwargs={"id": self.comment.id})
|
||||||
|
super_user = User.objects.create_user(username='super',
|
||||||
|
email='super@mail.com',
|
||||||
|
password='passwordtestsuper',
|
||||||
|
is_superuser=True)
|
||||||
|
|
||||||
|
tokens = User.create_jwt_tokens(super_user)
|
||||||
|
|
||||||
|
self.client.cookies = SimpleCookie(
|
||||||
|
{'access_token': tokens.get('access_token'),
|
||||||
|
'refresh_token': tokens.get('access_token')})
|
||||||
|
|
||||||
|
data = {
|
||||||
|
"id": self.comment.id,
|
||||||
|
"text": "test text moderator",
|
||||||
|
"mark": 1,
|
||||||
|
"user": super_user.id
|
||||||
|
}
|
||||||
|
|
||||||
|
response = self.client.put(url, data=data, format='json')
|
||||||
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -7,5 +7,5 @@ app_name = 'comment'
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path('', views.CommentLstView.as_view(), name='comment-list-create'),
|
path('', views.CommentLstView.as_view(), name='comment-list-create'),
|
||||||
path('<int:pk>/', views.CommentRUDView.as_view(), name='comment-crud'),
|
path('<int:id>/', views.CommentRUDView.as_view(), name='comment-crud'),
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -13,4 +13,5 @@ class CommentLstView(generics.ListCreateAPIView):
|
||||||
class CommentRUDView(generics.RetrieveUpdateDestroyAPIView):
|
class CommentRUDView(generics.RetrieveUpdateDestroyAPIView):
|
||||||
serializer_class = serializers.CommentBaseSerializer
|
serializer_class = serializers.CommentBaseSerializer
|
||||||
queryset = models.Comment.objects.all()
|
queryset = models.Comment.objects.all()
|
||||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly, IsCommentModerator]
|
permission_classes = [permissions.IsAuthenticatedOrReadOnly,IsCommentModerator]
|
||||||
|
lookup_field = 'id'
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user