nofusscomputing/centurion_erp
1
0
Fork 0
Code Issues Wiki Activity

test(itim): Cluster API ViewSet permission checks

Browse Source 
ref: #15 #248 #356
This commit is contained in:
Jon Lockwood
2024-10-21 17:44:00 +09:30
parent bfe3f10535
commit 800b5d87cf
2 changed files with 184 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
app/itim/serializers/cluster.py
View File

@ -111,18 +111,20 @@ class ClusterModelSerializer(ClusterBaseSerializer):
is_valid = super().is_valid(raise_exception=raise_exception)
if hasattr(self.instance, 'id') and self.validated_data['parent_cluster']:
if 'parent_cluster' in self.validated_data:
if self.validated_data['parent_cluster'].id == self.instance.id:
if hasattr(self.instance, 'id') and self.validated_data['parent_cluster']:
is_valid = False
if self.validated_data['parent_cluster'].id == self.instance.id:
raise serializers.ValidationError(
detail = {
"parent_cluster": "Cluster can't have itself as its parent cluster"
},
code = 'parent_not_self'
)
is_valid = False
raise serializers.ValidationError(
detail = {
"parent_cluster": "Cluster can't have itself as its parent cluster"
},
code = 'parent_not_self'
)
return is_valid

173
app/itim/tests/unit/cluster/test_cluster_viewset.py Normal file
View File

@ -0,0 +1,173 @@
import pytest
from django.contrib.auth.models import User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase
from access.models import Organization, Team, TeamUsers, Permission
from api.tests.abstract.api_permissions_viewset import APIPermissions
from itim.models.clusters import Cluster
class ClusterPermissionsAPI(TestCase, APIPermissions):
model = Cluster
app_namespace = 'API'
url_name = '_api_v2_cluster'
change_data = {'name': 'device-change'}
delete_data = {}
@classmethod
def setUpTestData(self):
"""Setup Test
1. Create an organization for user and item
. create an organization that is different to item
2. Create a team
3. create teams with each permission: view, add, change, delete
4. create a user per team
"""
organization = Organization.objects.create(name='test_org')
self.organization = organization
different_organization = Organization.objects.create(name='test_different_organization')
view_permissions = Permission.objects.get(
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
view_team = Team.objects.create(
team_name = 'view_team',
organization = organization,
)
view_team.permissions.set([view_permissions])
add_permissions = Permission.objects.get(
codename = 'add_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
add_team = Team.objects.create(
team_name = 'add_team',
organization = organization,
)
add_team.permissions.set([add_permissions])
change_permissions = Permission.objects.get(
codename = 'change_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
change_team = Team.objects.create(
team_name = 'change_team',
organization = organization,
)
change_team.permissions.set([change_permissions])
delete_permissions = Permission.objects.get(
codename = 'delete_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
delete_team = Team.objects.create(
team_name = 'delete_team',
organization = organization,
)
delete_team.permissions.set([delete_permissions])
self.no_permissions_user = User.objects.create_user(username="test_no_permissions", password="password")
self.view_user = User.objects.create_user(username="test_user_view", password="password")
teamuser = TeamUsers.objects.create(
team = view_team,
user = self.view_user
)
self.item = self.model.objects.create(
organization = self.organization,
name = 'one-add'
)
self.url_view_kwargs = {'pk': self.item.id}
self.add_data = {
'name': 'team-post',
'organization': self.organization.id,
}
self.add_user = User.objects.create_user(username="test_user_add", password="password")
teamuser = TeamUsers.objects.create(
team = add_team,
user = self.add_user
)
self.change_user = User.objects.create_user(username="test_user_change", password="password")
teamuser = TeamUsers.objects.create(
team = change_team,
user = self.change_user
)
self.delete_user = User.objects.create_user(username="test_user_delete", password="password")
teamuser = TeamUsers.objects.create(
team = delete_team,
user = self.delete_user
)
self.different_organization_user = User.objects.create_user(username="test_different_organization_user", password="password")
different_organization_team = Team.objects.create(
team_name = 'different_organization_team',
organization = different_organization,
)
different_organization_team.permissions.set([
view_permissions,
add_permissions,
change_permissions,
delete_permissions,
])
TeamUsers.objects.create(
team = different_organization_team,
user = self.different_organization_user
)