test(base): Content Type API ViewSet permission checks

ref: #15 #248 #348
2024-10-15 16:09:22 +09:30
parent 84de741f53
commit 835e5258a5
1 changed files with 61 additions and 0 deletions
--- a/app/app/tests/unit/content_type/test_content_type_permission_viewset.py
+++ b/app/app/tests/unit/content_type/test_content_type_permission_viewset.py
@ -0,0 +1,61 @@
+import pytest
+import unittest
+import requests
+
+from django.contrib.auth.models import User, ContentType
+from django.shortcuts import reverse
+from django.test import Client, TestCase
+
+
+
+class ContentTypePermissionsAPI(TestCase):
+
+    model = ContentType
+
+    app_namespace = 'API'
+    
+    url_name = '_api_v2_content_type'
+
+    @classmethod
+    def setUpTestData(self):
+        """Setup Test
+
+        1. create a user
+        """
+
+        self.url_kwargs = {}
+
+        self.url_view_kwargs = {'pk': 1}
+
+        self.view_user = User.objects.create_user(username="test_user_view", password="password")
+
+
+
+    def test_view_user_anon_denied(self):
+        """ Check correct permission for view
+
+        Attempt to view as anon user
+        """
+
+        client = Client()
+        url = reverse(self.app_namespace + ':' + self.url_name + '-detail', kwargs=self.url_view_kwargs)
+
+        response = client.get(url)
+
+        assert response.status_code == 401
+
+
+    def test_view_authenticated_user(self):
+        """ Check correct permission for view
+
+        Attempt to view as user who is authenticated
+        """
+
+        client = Client()
+        url = reverse(self.app_namespace + ':' + self.url_name + '-detail', kwargs=self.url_view_kwargs)
+
+
+        client.force_login(self.view_user)
+        response = client.get(url)
+
+        assert response.status_code == 200