No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
 
 
 
 
 
 

251 líneas
9.4 KiB

  1. import json
  2. from django.urls import reverse
  3. import mock
  4. from rest_framework import status
  5. from rest_framework.test import APITestCase
  6. from taggit.models import Tag
  7. from .helpers import create_image, create_user, create_pin
  8. from core.models import Pin, Image, Board
  9. def _teardown_models():
  10. Pin.objects.all().delete()
  11. Image.objects.all().delete()
  12. Tag.objects.all().delete()
  13. Board.objects.all().delete()
  14. def mock_requests_get(url, **kwargs):
  15. response = mock.Mock(content=open('docs/src/imgs/logo-dark.png', 'rb').read())
  16. return response
  17. class ImageTests(APITestCase):
  18. def test_post_create_unsupported(self):
  19. url = reverse("image-list")
  20. data = {}
  21. response = self.client.post(
  22. url,
  23. data=data,
  24. format='json',
  25. )
  26. self.assertEqual(response.status_code, 403, response.data)
  27. class BoardPrivacyTests(APITestCase):
  28. def setUp(self):
  29. super(BoardPrivacyTests, self).setUp()
  30. self.owner = create_user("default")
  31. self.non_owner = create_user("non_owner")
  32. self.private_board = Board.objects.create(
  33. name="test_board",
  34. submitter=self.owner,
  35. private=True,
  36. )
  37. self.board_url = reverse("board-detail", kwargs={"pk": self.private_board.pk})
  38. self.boards_url = reverse("board-list")
  39. def tearDown(self):
  40. _teardown_models()
  41. def test_should_non_owner_and_anonymous_user_has_no_permission_to_list_private_board(self):
  42. resp = self.client.get(self.boards_url)
  43. self.assertEqual(len(resp.data), 0, resp.data)
  44. self.client.login(username=self.non_owner.username, password='password')
  45. resp = self.client.get(self.boards_url)
  46. self.assertEqual(len(resp.data), 0, resp.data)
  47. def test_should_owner_has_permission_to_list_private_board(self):
  48. self.client.login(username=self.non_owner.username, password='password')
  49. resp = self.client.get(self.boards_url)
  50. self.assertEqual(len(resp.data), 0, resp.data)
  51. def test_should_non_owner_and_anonymous_user_has_no_permission_to_view_private_board(self):
  52. resp = self.client.get(self.board_url)
  53. self.assertEqual(resp.status_code, 404)
  54. self.client.login(username=self.non_owner.username, password='password')
  55. resp = self.client.get(self.board_url)
  56. self.assertEqual(resp.status_code, 404)
  57. def test_should_owner_has_permission_to_view_private_board(self):
  58. self.client.login(username=self.owner.username, password='password')
  59. resp = self.client.get(self.board_url)
  60. self.assertEqual(resp.status_code, 200)
  61. class PinPrivacyTests(APITestCase):
  62. def setUp(self):
  63. super(PinPrivacyTests, self).setUp()
  64. self.owner = create_user("default")
  65. self.non_owner = create_user("non_owner")
  66. with mock.patch('requests.get', mock_requests_get):
  67. image = Image.objects.create_for_url('http://a.com/b.png')
  68. self.private_pin = Pin.objects.create(
  69. submitter=self.owner,
  70. image=image,
  71. private=True,
  72. )
  73. self.private_pin_url = reverse("pin-detail", kwargs={"pk": self.private_pin.pk})
  74. self.board = Board.objects.create(name="test_board", submitter=self.owner)
  75. self.board.pins.add(self.private_pin)
  76. self.board.save()
  77. self.board_url = reverse("board-detail", kwargs={"pk": self.board.pk})
  78. def tearDown(self):
  79. _teardown_models()
  80. def test_should_non_owner_and_anonymous_user_has_no_permission_to_list_private_pin(self):
  81. resp = self.client.get(reverse("pin-list"))
  82. self.assertEqual(len(resp.data['results']), 0, resp.data)
  83. self.client.login(username=self.non_owner.username, password='password')
  84. resp = self.client.get(reverse("pin-list"))
  85. self.assertEqual(len(resp.data['results']), 0, resp.data)
  86. def test_should_non_owner_and_anonymous_user_has_no_permission_to_list_private_pin_in_board(self):
  87. resp = self.client.get(self.board_url)
  88. self.assertEqual(len(resp.data['pins_detail']), 0, resp.data)
  89. self.client.login(username=self.non_owner.username, password='password')
  90. resp = self.client.get(self.board_url)
  91. self.assertEqual(len(resp.data['pins_detail']), 0, resp.data)
  92. def test_should_owner_user_has_permission_to_list_private_pin_in_board(self):
  93. self.client.login(username=self.owner.username, password='password')
  94. resp = self.client.get(self.board_url)
  95. self.assertEqual(len(resp.data['pins_detail']), 1, resp.data)
  96. def test_should_owner_user_has_permission_to_list_private_pin(self):
  97. self.client.login(username=self.owner.username, password='password')
  98. resp = self.client.get(reverse("pin-list"))
  99. self.assertEqual(len(resp.data['results']), 1, resp.data)
  100. def test_should_owner_has_permission_to_view_private_pin(self):
  101. self.client.login(username=self.owner.username, password='password')
  102. resp = self.client.get(self.private_pin_url)
  103. self.assertEqual(resp.status_code, 200)
  104. self.assertEqual(resp.data['id'], self.private_pin.id)
  105. def test_should_anonymous_user_has_no_permission_to_view_private_pin(self):
  106. resp = self.client.get(self.private_pin_url)
  107. self.assertEqual(resp.status_code, 404)
  108. def test_should_non_owner_has_no_permission_to_view_private_pin(self):
  109. self.client.login(username=self.non_owner.username, password='password')
  110. resp = self.client.get(self.private_pin_url)
  111. self.assertEqual(resp.status_code, 404)
  112. class PinTests(APITestCase):
  113. _JSON_TYPE = "application/json"
  114. def setUp(self):
  115. super(PinTests, self).setUp()
  116. self.user = create_user("default")
  117. self.client.login(username=self.user.username, password='password')
  118. def tearDown(self):
  119. _teardown_models()
  120. @mock.patch('requests.get', mock_requests_get)
  121. def test_should_create_pin(self):
  122. url = 'http://testserver.com/mocked/logo-01.png'
  123. create_url = reverse("pin-list")
  124. referer = 'http://testserver.com/'
  125. post_data = {
  126. 'url': url,
  127. 'private': False,
  128. 'referer': referer,
  129. 'description': 'That\'s an Apple!'
  130. }
  131. response = self.client.post(create_url, data=post_data, format="json")
  132. self.assertEqual(response.status_code, status.HTTP_201_CREATED)
  133. pin = Pin.objects.get(url=url)
  134. self.assertIsNotNone(pin.image.image)
  135. @mock.patch('requests.get', mock_requests_get)
  136. def test_post_create_url_with_empty_tags(self):
  137. url = 'http://testserver.com/mocked/logo-02.png'
  138. create_url = reverse("pin-list")
  139. referer = 'http://testserver.com/'
  140. post_data = {
  141. 'url': url,
  142. 'referer': referer,
  143. 'description': 'That\'s an Apple!',
  144. 'tags': []
  145. }
  146. response = self.client.post(create_url, data=post_data, format="json")
  147. self.assertEqual(
  148. response.status_code, status.HTTP_201_CREATED, response.json()
  149. )
  150. self.assertEqual(Image.objects.count(), 1)
  151. pin = Pin.objects.get(url=url)
  152. self.assertIsNotNone(pin.image.image)
  153. self.assertEqual(pin.tags.count(), 0)
  154. def test_should_post_create_pin_with_existed_image(self):
  155. image = create_image()
  156. create_pin(self.user, image=image, tags=[])
  157. create_url = reverse("pin-list")
  158. referer = 'http://testserver.com/'
  159. post_data = {
  160. 'referer': referer,
  161. 'image_by_id': image.pk,
  162. 'description': 'That\'s something else (probably a CC logo)!',
  163. 'tags': ['random', 'tags'],
  164. }
  165. response = self.client.post(create_url, data=post_data, format="json")
  166. resp_data = response.json()
  167. self.assertEqual(response.status_code, status.HTTP_201_CREATED, resp_data)
  168. self.assertEqual(
  169. resp_data['description'],
  170. 'That\'s something else (probably a CC logo)!',
  171. resp_data
  172. )
  173. self.assertEquals(Pin.objects.count(), 2)
  174. def test_patch_detail_unauthenticated(self):
  175. image = create_image()
  176. pin = create_pin(self.user, image, [])
  177. self.client.logout()
  178. uri = reverse("pin-detail", kwargs={"pk": pin.pk})
  179. response = self.client.patch(uri, format='json', data={})
  180. self.assertEqual(response.status_code, 403)
  181. def test_patch_detail(self):
  182. image = create_image()
  183. pin = create_pin(self.user, image, [])
  184. uri = reverse("pin-detail", kwargs={"pk": pin.pk})
  185. new = {'description': 'Updated description'}
  186. response = self.client.patch(
  187. uri, new, format="json",
  188. )
  189. self.assertEqual(response.status_code, status.HTTP_200_OK, response.json())
  190. self.assertEqual(Pin.objects.count(), 1)
  191. self.assertEqual(Pin.objects.get(pk=pin.pk).description, new['description'])
  192. def test_delete_detail_unauthenticated(self):
  193. image = create_image()
  194. pin = create_pin(self.user, image, [])
  195. uri = reverse("pin-detail", kwargs={"pk": pin.pk})
  196. self.client.logout()
  197. self.assertEqual(self.client.delete(uri).status_code, 403)
  198. def test_delete_detail(self):
  199. image = create_image()
  200. pin = create_pin(self.user, image, [])
  201. uri = reverse("pin-detail", kwargs={"pk": pin.pk})
  202. self.client.delete(uri)
  203. self.assertEqual(Pin.objects.count(), 0)