@@ -8,6 +8,7 @@ import unittest
from django.conf import settings
from django.urls import reverse
+from patchwork.tests.api import utils
from patchwork.tests.utils import create_bundle
from patchwork.tests.utils import create_maintainer
from patchwork.tests.utils import create_project
@@ -53,12 +54,13 @@ class TestBundleAPI(APITestCase):
self.assertEqual(bundle_obj.project.id,
bundle_json['project']['id'])
- def test_list(self):
- """Validate we can list bundles."""
+ def test_list_empty(self):
+ """List bundles when none are present."""
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(0, len(resp.data))
+ def _create_bundles(self):
user = create_user(username='myuser')
project = create_project(linkname='myproject')
bundle_public = create_bundle(public=True, owner=user,
@@ -66,6 +68,12 @@ class TestBundleAPI(APITestCase):
bundle_private = create_bundle(public=False, owner=user,
project=project)
+ return user, project, bundle_public, bundle_private
+
+ def test_list_anonymous(self):
+ """List bundles as anonymous user."""
+ user, project, bundle_public, _ = self._create_bundles()
+
# anonymous users
# should only see the public bundle
resp = self.client.get(self.api_url())
@@ -74,6 +82,11 @@ class TestBundleAPI(APITestCase):
bundle_rsp = resp.data[0]
self.assertSerialized(bundle_public, bundle_rsp)
+ @utils.store_samples('bundle-list')
+ def test_list_authenticated(self):
+ """List bundles as an authenticated user."""
+ user, project, bundle_public, bundle_private = self._create_bundles()
+
# authenticated user
# should see the public and private bundle
self.client.force_authenticate(user=user)
@@ -84,14 +97,24 @@ class TestBundleAPI(APITestCase):
resp.data, [bundle_public, bundle_private]):
self.assertSerialized(bundle_obj, bundle_rsp)
+ def test_list_filter_project(self):
+ """Filter bundles by project."""
+ user, project, bundle_public, bundle_private = self._create_bundles()
+
# test filtering by project
+ self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url(), {'project': 'myproject'})
self.assertEqual([bundle_public.id, bundle_private.id],
[x['id'] for x in resp.data])
resp = self.client.get(self.api_url(), {'project': 'invalidproject'})
self.assertEqual(0, len(resp.data))
+ def test_list_filter_owner(self):
+ """Filter bundles by owner."""
+ user, project, bundle_public, bundle_private = self._create_bundles()
+
# test filtering by owner, both ID and username
+ self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url(), {'owner': user.id})
self.assertEqual([bundle_public.id, bundle_private.id],
[x['id'] for x in resp.data])
@@ -101,28 +124,63 @@ class TestBundleAPI(APITestCase):
resp = self.client.get(self.api_url(), {'owner': 'otheruser'})
self.assertEqual(0, len(resp.data))
+ @utils.store_samples('bundle-list-1.0')
def test_list_version_1_0(self):
- """Validate that newer fields are dropped for older API versions."""
- create_bundle(public=True)
+ """List bundles using API v1.0.
+
+ Validate that newer fields are dropped for older API versions.
+ """
+ user, _, _, _ = self._create_bundles()
+ self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url(version='1.0'))
self.assertEqual(status.HTTP_200_OK, resp.status_code)
- self.assertEqual(1, len(resp.data))
+ self.assertEqual(2, len(resp.data))
self.assertIn('url', resp.data[0])
self.assertNotIn('web_url', resp.data[0])
- def test_detail(self):
- """Validate we can get a specific bundle."""
- bundle = create_bundle(public=True)
+ def test_detail_anonymous_public(self):
+ """Show public bundle as anonymous user.
+
+ Validate we can get a public bundle.
+ """
+ user, _, bundle, _ = self._create_bundles()
resp = self.client.get(self.api_url(bundle.id))
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertSerialized(bundle, resp.data)
+ @utils.store_samples('bundle-detail-error-not-found')
+ def test_detail_anonymous_private(self):
+ """Show private bundle as anonymous user.
+
+ Validate we cannot get a private bundle if we're not the owner.
+ """
+ user, _, _, bundle = self._create_bundles()
+
+ resp = self.client.get(self.api_url(bundle.id))
+ self.assertEqual(status.HTTP_404_NOT_FOUND, resp.status_code)
+
+ @utils.store_samples('bundle-detail')
+ def test_detail_authenticated(self):
+ """Show private bundle as authenticated user.
+
+ Validate we can get a private bundle if we're the owner.
+ """
+ user, _, _, bundle = self._create_bundles()
+
+ self.client.force_authenticate(user=user)
+ resp = self.client.get(self.api_url(bundle.id))
+ self.assertEqual(status.HTTP_200_OK, resp.status_code)
+ self.assertSerialized(bundle, resp.data)
+
+ @utils.store_samples('bundle-detail-1.0')
def test_detail_version_1_0(self):
- bundle = create_bundle(public=True)
+ """Show bundle using API v1.0."""
+ user, _, bundle, _ = self._create_bundles()
resp = self.client.get(self.api_url(bundle.id, version='1.0'))
+ self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertIn('url', resp.data)
self.assertNotIn('web_url', resp.data)
Add the decorator to the 'test_bundle' test class. This involves splitting up the test cases so that each test case we care about makes only a single request. We also add a missing test to ensure private bundles cannot be shown by anyone but the owner. Signed-off-by: Stephen Finucane <stephen@that.guru> --- patchwork/tests/api/test_bundle.py | 76 ++++++++++++++++++++++++++---- 1 file changed, 67 insertions(+), 9 deletions(-)