@ -154,7 +154,7 @@ class APIPermissionChangeInheritedCases:
|
|||||||
argvalues = permission_no_change,
|
argvalues = permission_no_change,
|
||||||
ids=[test_name for test_name, user, expected in permission_no_change]
|
ids=[test_name for test_name, user, expected in permission_no_change]
|
||||||
)
|
)
|
||||||
def test_permission_no_change(self, api_request_permissions, test_name, user, expected):
|
def test_permission_no_change(self, model_instance, api_request_permissions, test_name, user, expected):
|
||||||
""" Ensure permission view cant make change
|
""" Ensure permission view cant make change
|
||||||
|
|
||||||
Attempt to make change as user without permissions
|
Attempt to make change as user without permissions
|
||||||
@ -170,12 +170,18 @@ class APIPermissionChangeInheritedCases:
|
|||||||
|
|
||||||
client = Client()
|
client = Client()
|
||||||
|
|
||||||
|
change_item = model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['user']
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
if user != 'anon':
|
if user != 'anon':
|
||||||
|
|
||||||
client.force_login( api_request_permissions['user'][user] )
|
client.force_login( api_request_permissions['user'][user] )
|
||||||
|
|
||||||
response = client.patch(
|
response = client.patch(
|
||||||
path = self.change_item.get_url( many = False ),
|
path = change_item.get_url( many = False ),
|
||||||
data = self.change_data,
|
data = self.change_data,
|
||||||
content_type = 'application/json'
|
content_type = 'application/json'
|
||||||
)
|
)
|
||||||
@ -187,7 +193,7 @@ class APIPermissionChangeInheritedCases:
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
def test_permission_change(self, api_request_permissions):
|
def test_permission_change(self, model_instance, api_request_permissions):
|
||||||
""" Check correct permission for change
|
""" Check correct permission for change
|
||||||
|
|
||||||
Make change with user who has change permission
|
Make change with user who has change permission
|
||||||
@ -197,8 +203,14 @@ class APIPermissionChangeInheritedCases:
|
|||||||
|
|
||||||
client.force_login( api_request_permissions['user']['change'] )
|
client.force_login( api_request_permissions['user']['change'] )
|
||||||
|
|
||||||
|
change_item = model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['user']
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
response = client.patch(
|
response = client.patch(
|
||||||
path = self.change_item.get_url( many = False ),
|
path = change_item.get_url( many = False ),
|
||||||
data = self.change_data,
|
data = self.change_data,
|
||||||
content_type = 'application/json'
|
content_type = 'application/json'
|
||||||
)
|
)
|
||||||
@ -237,7 +249,7 @@ class APIPermissionDeleteInheritedCases:
|
|||||||
argvalues = permission_no_delete,
|
argvalues = permission_no_delete,
|
||||||
ids=[test_name for test_name, user, expected in permission_no_delete]
|
ids=[test_name for test_name, user, expected in permission_no_delete]
|
||||||
)
|
)
|
||||||
def test_permission_no_delete(self, api_request_permissions, test_name, user, expected):
|
def test_permission_no_delete(self, model_instance, api_request_permissions, test_name, user, expected):
|
||||||
""" Check correct permission for delete
|
""" Check correct permission for delete
|
||||||
|
|
||||||
Attempt to delete as user with no permissons
|
Attempt to delete as user with no permissons
|
||||||
@ -257,8 +269,14 @@ class APIPermissionDeleteInheritedCases:
|
|||||||
|
|
||||||
client.force_login( api_request_permissions['user'][user] )
|
client.force_login( api_request_permissions['user'][user] )
|
||||||
|
|
||||||
|
delete_item = model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['user']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
response = client.delete(
|
response = client.delete(
|
||||||
path = self.delete_item.get_url( many = False ),
|
path = delete_item.get_url( many = False ),
|
||||||
)
|
)
|
||||||
|
|
||||||
if response.status_code == 405:
|
if response.status_code == 405:
|
||||||
@ -268,7 +286,7 @@ class APIPermissionDeleteInheritedCases:
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
def test_permission_delete(self, api_request_permissions):
|
def test_permission_delete(self, model_instance, api_request_permissions):
|
||||||
""" Check correct permission for delete
|
""" Check correct permission for delete
|
||||||
|
|
||||||
Delete item as user with delete permission
|
Delete item as user with delete permission
|
||||||
@ -278,8 +296,14 @@ class APIPermissionDeleteInheritedCases:
|
|||||||
|
|
||||||
client.force_login( api_request_permissions['user']['delete'] )
|
client.force_login( api_request_permissions['user']['delete'] )
|
||||||
|
|
||||||
|
delete_item = model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['user']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
response = client.delete(
|
response = client.delete(
|
||||||
path = self.delete_item.get_url( many = False ),
|
path = delete_item.get_url( many = False ),
|
||||||
)
|
)
|
||||||
|
|
||||||
if response.status_code == 405:
|
if response.status_code == 405:
|
||||||
@ -312,7 +336,7 @@ class APIPermissionViewInheritedCases:
|
|||||||
argvalues = permission_no_view,
|
argvalues = permission_no_view,
|
||||||
ids=[test_name for test_name, user, expected in permission_no_view]
|
ids=[test_name for test_name, user, expected in permission_no_view]
|
||||||
)
|
)
|
||||||
def test_permission_no_view(self, api_request_permissions, test_name, user, expected):
|
def test_permission_no_view(self, model_instance, api_request_permissions, test_name, user, expected):
|
||||||
""" Check correct permission for view
|
""" Check correct permission for view
|
||||||
|
|
||||||
Attempt to view with user missing permission
|
Attempt to view with user missing permission
|
||||||
@ -332,8 +356,14 @@ class APIPermissionViewInheritedCases:
|
|||||||
|
|
||||||
client.force_login( api_request_permissions['user'][user] )
|
client.force_login( api_request_permissions['user'][user] )
|
||||||
|
|
||||||
|
view_item = model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['user']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
response = client.get(
|
response = client.get(
|
||||||
path = self.view_item.get_url( many = False )
|
path = view_item.get_url( many = False )
|
||||||
)
|
)
|
||||||
|
|
||||||
if response.status_code == 405:
|
if response.status_code == 405:
|
||||||
@ -348,7 +378,7 @@ class APIPermissionViewInheritedCases:
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
def test_permission_view(self, api_request_permissions):
|
def test_permission_view(self, model_instance, api_request_permissions):
|
||||||
""" Check correct permission for view
|
""" Check correct permission for view
|
||||||
|
|
||||||
Attempt to view as user with view permission
|
Attempt to view as user with view permission
|
||||||
@ -358,8 +388,14 @@ class APIPermissionViewInheritedCases:
|
|||||||
|
|
||||||
client.force_login( api_request_permissions['user']['view'] )
|
client.force_login( api_request_permissions['user']['view'] )
|
||||||
|
|
||||||
|
view_item = model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['user']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
response = client.get(
|
response = client.get(
|
||||||
path = self.view_item.get_url( many = False )
|
path = view_item.get_url( many = False )
|
||||||
)
|
)
|
||||||
|
|
||||||
if response.status_code == 405:
|
if response.status_code == 405:
|
||||||
@ -376,7 +412,7 @@ class APIPermissionViewInheritedCases:
|
|||||||
items that are not part of the users organizations.
|
items that are not part of the users organizations.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if getattr(model_instance, 'organization', None) is None:
|
if model_kwargs.get('organization', None) is None:
|
||||||
pytest.xfail( reason = 'Model lacks organization field. test is n/a' )
|
pytest.xfail( reason = 'Model lacks organization field. test is n/a' )
|
||||||
|
|
||||||
|
|
||||||
@ -394,6 +430,18 @@ class APIPermissionViewInheritedCases:
|
|||||||
|
|
||||||
client.force_login( api_request_permissions['user']['view'] )
|
client.force_login( api_request_permissions['user']['view'] )
|
||||||
|
|
||||||
|
model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['different']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['global']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
the_model = model_instance( kwargs_create = model_kwargs )
|
the_model = model_instance( kwargs_create = model_kwargs )
|
||||||
|
|
||||||
response = client.get(
|
response = client.get(
|
||||||
@ -432,7 +480,7 @@ class APIPermissionViewInheritedCases:
|
|||||||
global ONLY!
|
global ONLY!
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if getattr(model_instance, 'organization', None) is None:
|
if model_kwargs.get('organization', None) is None:
|
||||||
pytest.xfail( reason = 'Model lacks organization field. test is n/a' )
|
pytest.xfail( reason = 'Model lacks organization field. test is n/a' )
|
||||||
|
|
||||||
client = Client()
|
client = Client()
|
||||||
@ -445,6 +493,19 @@ class APIPermissionViewInheritedCases:
|
|||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
|
model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['different']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
model_instance(
|
||||||
|
kwargs_create = {
|
||||||
|
'organization': api_request_permissions['tenancy']['global']
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
client.force_login( api_request_permissions['user']['view'] )
|
client.force_login( api_request_permissions['user']['view'] )
|
||||||
|
|
||||||
the_model = model_instance( kwargs_create = model_kwargs )
|
the_model = model_instance( kwargs_create = model_kwargs )
|
||||||
@ -488,83 +549,4 @@ class APIPermissionsInheritedCases(
|
|||||||
APIPermissionViewInheritedCases
|
APIPermissionViewInheritedCases
|
||||||
):
|
):
|
||||||
""" Test Suite for all API Permission test cases """
|
""" Test Suite for all API Permission test cases """
|
||||||
|
pass
|
||||||
|
|
||||||
# # permission_no_add: list = []
|
|
||||||
|
|
||||||
# permission_no_change: list = []
|
|
||||||
|
|
||||||
# permission_no_delete: list = []
|
|
||||||
|
|
||||||
# permission_no_view: list = []
|
|
||||||
|
|
||||||
|
|
||||||
# @classmethod
|
|
||||||
# def setup_class(self):
|
|
||||||
|
|
||||||
|
|
||||||
# # self.permission_no_add = [
|
|
||||||
# # *super().permission_no_add,
|
|
||||||
# # *self.permission_no_add,
|
|
||||||
# # ]
|
|
||||||
|
|
||||||
# self.permission_no_change = [
|
|
||||||
# *super().permission_no_change,
|
|
||||||
# *self.permission_no_change,
|
|
||||||
# ]
|
|
||||||
|
|
||||||
# self.permission_no_delete = [
|
|
||||||
# *super().permission_no_delete,
|
|
||||||
# *self.permission_no_delete,
|
|
||||||
# ]
|
|
||||||
|
|
||||||
# self.permission_no_view = [
|
|
||||||
# *super().permission_no_view,
|
|
||||||
# *self.permission_no_view,
|
|
||||||
# ]
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture( scope = 'class', autouse = True)
|
|
||||||
def prepare(self, request, api_request_permissions, model, model_instance):
|
|
||||||
|
|
||||||
random_field = ''
|
|
||||||
|
|
||||||
if hasattr(model, 'name'):
|
|
||||||
|
|
||||||
random_field = 'name'
|
|
||||||
|
|
||||||
request.cls.change_item = model_instance(
|
|
||||||
kwargs_create = {
|
|
||||||
'organization': api_request_permissions['tenancy']['user']
|
|
||||||
},
|
|
||||||
random_field = random_field
|
|
||||||
)
|
|
||||||
|
|
||||||
request.cls.delete_item = model_instance(
|
|
||||||
kwargs_create = {
|
|
||||||
'organization': api_request_permissions['tenancy']['user']
|
|
||||||
},
|
|
||||||
random_field = random_field
|
|
||||||
)
|
|
||||||
|
|
||||||
request.cls.diff_tenancy_item = model_instance(
|
|
||||||
kwargs_create = {
|
|
||||||
'organization': api_request_permissions['tenancy']['different']
|
|
||||||
},
|
|
||||||
random_field = random_field
|
|
||||||
)
|
|
||||||
|
|
||||||
request.cls.global_item = model_instance(
|
|
||||||
kwargs_create = {
|
|
||||||
'organization': api_request_permissions['tenancy']['global']
|
|
||||||
},
|
|
||||||
random_field = random_field
|
|
||||||
)
|
|
||||||
|
|
||||||
request.cls.view_item = model_instance(
|
|
||||||
kwargs_create = {
|
|
||||||
'organization': api_request_permissions['tenancy']['user']
|
|
||||||
},
|
|
||||||
random_field = random_field
|
|
||||||
)
|
|
||||||
|
|||||||
2
app/tests/fixtures/model_instance.py
vendored
2
app/tests/fixtures/model_instance.py
vendored
@ -11,7 +11,7 @@ from access.models.tenant import Tenant
|
|||||||
model_objs: list = []
|
model_objs: list = []
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture( scope = 'class')
|
@pytest.fixture( scope = 'function')
|
||||||
def model_instance(django_db_blocker, model_kwarg_data, model, model_kwargs):
|
def model_instance(django_db_blocker, model_kwarg_data, model, model_kwargs):
|
||||||
|
|
||||||
with django_db_blocker.unblock():
|
with django_db_blocker.unblock():
|
||||||
|
|||||||
Reference in New Issue
Block a user