diff --git a/core/authentication/tests/v2/test_permissions.py b/core/authentication/tests/v2/test_permissions.py index 0cab3e2..89f217d 100644 --- a/core/authentication/tests/v2/test_permissions.py +++ b/core/authentication/tests/v2/test_permissions.py @@ -1,5 +1,6 @@ -from django.test import TestCase +from django.test import TestCase, Client from django.contrib.auth.models import Permission +from knox.models import AuthToken from authentication.models import EventPermission, ExtendedUser from inventory.models import Event @@ -14,17 +15,18 @@ class PermissionsTestCase(TestCase): permission1 = Permission.objects.get(codename='view_event') EventPermission.objects.create(user=self.user, permission=permission1, event=event1) EventPermission.objects.create(user=self.user, permission=permission1, event=event2) + self.token = AuthToken.objects.create(user=self.user) + self.client = Client(headers={'Authorization': 'Token ' + self.token[1]}) def test_user_permissions(self): """ Test that a user can only access their own data. """ - self.client.force_login(self.user) response = self.client.get('/api/2/users/') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.json()), 2) - self.assertEqual(response.json()[0]['username'], 'testuser') - self.assertEqual(response.json()[0]['email'], 'test') + self.assertEqual(response.json()[0]['username'], 'legacy_user') + self.assertEqual(response.json()[0]['email'], 'mail@localhost') self.assertEqual(response.json()[0]['first_name'], '') self.assertEqual(response.json()[0]['last_name'], '') self.assertEqual(response.json()[0]['id'], 1) diff --git a/core/authentication/tests/v2/test_users.py b/core/authentication/tests/v2/test_users.py index 6accb50..29b21f7 100644 --- a/core/authentication/tests/v2/test_users.py +++ b/core/authentication/tests/v2/test_users.py @@ -91,3 +91,5 @@ class UserApiTest(TestCase): anonymous = Client() response = anonymous.post('/api/2/login/', {'username': 'testuser', 'password': 'test'}, content_type='application/json') + self.assertEqual(response.status_code, 200) + self.assertTrue('token' in response.json()) diff --git a/core/inventory/api_v2.py b/core/inventory/api_v2.py index 3e66966..a801fea 100644 --- a/core/inventory/api_v2.py +++ b/core/inventory/api_v2.py @@ -41,13 +41,14 @@ class ContainerViewSet(viewsets.ModelViewSet): class ItemSerializer(serializers.ModelSerializer): + dataImage = serializers.CharField(write_only=True, required=False) cid = serializers.SerializerMethodField() box = serializers.SerializerMethodField() file = serializers.SerializerMethodField() class Meta: model = Item - fields = ['cid', 'box', 'uid', 'description', 'file'] + fields = ['cid', 'box', 'uid', 'description', 'file', 'dataImage'] read_only_fields = ['uid'] def get_cid(self, instance): @@ -70,13 +71,15 @@ class ItemSerializer(serializers.ModelSerializer): return super().to_internal_value(data) def validate(self, attrs): - attrs.pop('dataImage', None) return super().validate(attrs) def create(self, validated_data): if 'dataImage' in validated_data: - file = File.objects.create(data=validated_data['dataImage'], iid=validated_data['iid']) + file = File.objects.create(data=validated_data['dataImage']) validated_data.pop('dataImage') + item = Item.objects.create(**validated_data) + item.files.set([file]) + return item return Item.objects.create(**validated_data) def update(self, instance, validated_data): @@ -85,8 +88,9 @@ class ItemSerializer(serializers.ModelSerializer): validated_data['returned_at'] = datetime.now() validated_data.pop('returned') if 'dataImage' in validated_data: - file = File.objects.create(data=validated_data['dataImage'], iid=instance.iid) + file = File.objects.create(data=validated_data['dataImage']) validated_data.pop('dataImage') + instance.files.add(file) return super().update(instance, validated_data) diff --git a/core/inventory/tests/v2/test_api.py b/core/inventory/tests/v2/test_api.py index db1df0a..9d01ca0 100644 --- a/core/inventory/tests/v2/test_api.py +++ b/core/inventory/tests/v2/test_api.py @@ -1,34 +1,42 @@ from django.test import TestCase, Client +from knox.models import AuthToken -client = Client() +from authentication.models import ExtendedUser class ApiTest(TestCase): + def setUp(self): + super().setUp() + self.user = ExtendedUser.objects.create_user('testuser', 'test', 'test') + self.user.save() + self.token = AuthToken.objects.create(user=self.user) + self.client = Client(headers={'Authorization': 'Token ' + self.token[1]}) + def test_root(self): from core.settings import SYSTEM3_VERSION - response = client.get('/api/') + response = self.client.get('/api/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json()["framework_version"], SYSTEM3_VERSION) def test_events(self): - response = client.get('/api/1/events') + response = self.client.get('/api/2/events/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), []) def test_containers(self): - response = client.get('/api/1/boxes') + response = self.client.get('/api/2/boxes/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), []) def test_files(self): - response = client.get('/api/1/files') + response = self.client.get('/api/2/files/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), []) def test_items(self): from inventory.models import Event Event.objects.create(slug='TEST1', name='Event') - response = client.get('/api/1/TEST1/items') + response = self.client.get('/api/2/TEST1/items/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), []) diff --git a/core/inventory/tests/v2/test_containers.py b/core/inventory/tests/v2/test_containers.py index 78b82c1..a3507f0 100644 --- a/core/inventory/tests/v2/test_containers.py +++ b/core/inventory/tests/v2/test_containers.py @@ -7,13 +7,13 @@ client = Client() class ContainerTestCase(TestCase): def test_empty(self): - response = client.get('/api/1/boxes') + response = client.get('/api/2/boxes/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), []) def test_members(self): Container.objects.create(name='BOX') - response = client.get('/api/1/boxes') + response = client.get('/api/2/boxes/') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.json()), 1) self.assertEqual(response.json()[0]['cid'], 1) @@ -24,12 +24,12 @@ class ContainerTestCase(TestCase): Container.objects.create(name='BOX 1') Container.objects.create(name='BOX 2') Container.objects.create(name='BOX 3') - response = client.get('/api/1/boxes') + response = client.get('/api/2/boxes/') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.json()), 3) def test_create_container(self): - response = client.post('/api/1/box', {'name': 'BOX'}) + response = client.post('/api/2/box/', {'name': 'BOX'}) self.assertEqual(response.status_code, 201) self.assertEqual(response.json()['cid'], 1) self.assertEqual(response.json()['name'], 'BOX') @@ -41,7 +41,7 @@ class ContainerTestCase(TestCase): def test_update_container(self): from rest_framework.test import APIClient box = Container.objects.create(name='BOX 1') - response = APIClient().put(f'/api/1/box/{box.cid}', {'name': 'BOX 2'}) + response = APIClient().put(f'/api/2/box/{box.cid}/', {'name': 'BOX 2'}) self.assertEqual(response.status_code, 200) self.assertEqual(response.json()['cid'], 1) self.assertEqual(response.json()['name'], 'BOX 2') @@ -54,6 +54,6 @@ class ContainerTestCase(TestCase): box = Container.objects.create(name='BOX 1') Container.objects.create(name='BOX 2') self.assertEqual(len(Container.objects.all()), 2) - response = client.delete(f'/api/1/box/{box.cid}') + response = client.delete(f'/api/2/box/{box.cid}/') self.assertEqual(response.status_code, 204) self.assertEqual(len(Container.objects.all()), 1) diff --git a/core/inventory/tests/v2/test_events.py b/core/inventory/tests/v2/test_events.py index a861f12..7973313 100644 --- a/core/inventory/tests/v2/test_events.py +++ b/core/inventory/tests/v2/test_events.py @@ -7,13 +7,13 @@ client = Client() class EventTestCase(TestCase): def test_empty(self): - response = client.get('/api/1/events') + response = client.get('/api/2/events/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), []) def test_members(self): Event.objects.create(slug='EVENT', name='Event') - response = client.get('/api/1/events') + response = client.get('/api/2/events/') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.json()), 1) self.assertEqual(response.json()[0]['slug'], 'EVENT') @@ -23,12 +23,12 @@ class EventTestCase(TestCase): Event.objects.create(slug='EVENT1', name='Event 1') Event.objects.create(slug='EVENT2', name='Event 2') Event.objects.create(slug='EVENT3', name='Event 3') - response = client.get('/api/1/events') + response = client.get('/api/2/events/') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.json()), 3) def test_create_event(self): - response = client.post('/api/1/events', {'slug': 'EVENT', 'name': 'Event'}) + response = client.post('/api/2/events/', {'slug': 'EVENT', 'name': 'Event'}) self.assertEqual(response.status_code, 201) self.assertEqual(response.json()['slug'], 'EVENT') self.assertEqual(response.json()['name'], 'Event') @@ -39,7 +39,7 @@ class EventTestCase(TestCase): def test_update_event(self): from rest_framework.test import APIClient event = Event.objects.create(slug='EVENT1', name='Event 1') - response = APIClient().put(f'/api/1/events/{event.eid}', {'slug': 'EVENT2', 'name': 'Event 2 new'}) + response = APIClient().put(f'/api/2/events/{event.eid}/', {'slug': 'EVENT2', 'name': 'Event 2 new'}) self.assertEqual(response.status_code, 200) self.assertEqual(response.json()['slug'], 'EVENT2') self.assertEqual(response.json()['name'], 'Event 2 new') @@ -51,6 +51,6 @@ class EventTestCase(TestCase): event = Event.objects.create(slug='EVENT1', name='Event 1') Event.objects.create(slug='EVENT2', name='Event 2') self.assertEqual(len(Event.objects.all()), 2) - response = client.delete(f'/api/1/events/{event.eid}') + response = client.delete(f'/api/2/events/{event.eid}/') self.assertEqual(response.status_code, 204) self.assertEqual(len(Event.objects.all()), 1) diff --git a/core/inventory/tests/v2/test_items.py b/core/inventory/tests/v2/test_items.py index e13bcba..6578670 100644 --- a/core/inventory/tests/v2/test_items.py +++ b/core/inventory/tests/v2/test_items.py @@ -1,10 +1,10 @@ from django.test import TestCase, Client +from knox.models import AuthToken +from authentication.models import ExtendedUser from files.models import File from inventory.models import Event, Container, Item -client = Client() - class ItemTestCase(TestCase): @@ -12,15 +12,18 @@ class ItemTestCase(TestCase): super().setUp() self.event = Event.objects.create(slug='EVENT', name='Event') self.box = Container.objects.create(name='BOX') + self.user = ExtendedUser.objects.create_user('testuser', 'test', 'test') + self.token = AuthToken.objects.create(user=self.user) + self.client = Client(headers={'Authorization': 'Token ' + self.token[1]}) def test_empty(self): - response = client.get(f'/api/1/{self.event.slug}/item') + response = self.client.get(f'/api/2/{self.event.slug}/item/') self.assertEqual(response.status_code, 200) self.assertEqual(response.content, b'[]') def test_members(self): item = Item.objects.create(container=self.box, event=self.event, description='1') - response = client.get(f'/api/1/{self.event.slug}/item') + response = self.client.get(f'/api/2/{self.event.slug}/item/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), [{'uid': 1, 'description': '1', 'box': 'BOX', 'cid': self.box.cid, 'file': None}]) @@ -29,7 +32,7 @@ class ItemTestCase(TestCase): import base64 item = Item.objects.create(container=self.box, event=self.event, description='1') file = File.objects.create(item=item, data="data:text/plain;base64," + base64.b64encode(b"foo").decode('utf-8')) - response = client.get(f'/api/1/{self.event.slug}/item') + response = self.client.get(f'/api/2/{self.event.slug}/item/') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), [{'uid': 1, 'description': '1', 'box': 'BOX', 'cid': self.box.cid, 'file': file.hash}]) @@ -38,12 +41,12 @@ class ItemTestCase(TestCase): Item.objects.create(container=self.box, event=self.event, description='1') Item.objects.create(container=self.box, event=self.event, description='2') Item.objects.create(container=self.box, event=self.event, description='3') - response = client.get(f'/api/1/{self.event.slug}/item') + response = self.client.get(f'/api/2/{self.event.slug}/item/') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.json()), 3) def test_create_item(self): - response = client.post(f'/api/1/{self.event.slug}/item', {'cid': self.box.cid, 'description': '1'}) + response = self.client.post(f'/api/2/{self.event.slug}/item/', {'cid': self.box.cid, 'description': '1'}) self.assertEqual(response.status_code, 201) self.assertEqual(response.json(), {'uid': 1, 'description': '1', 'box': 'BOX', 'cid': self.box.cid, 'file': None}) @@ -54,7 +57,7 @@ class ItemTestCase(TestCase): def test_create_item_with_file(self): import base64 - response = client.post(f'/api/1/{self.event.slug}/item', + response = self.client.post(f'/api/2/{self.event.slug}/item/', {'cid': self.box.cid, 'description': '1', 'dataImage': "data:text/plain;base64," + base64.b64encode(b"foo").decode( 'utf-8')}, content_type='application/json') @@ -72,7 +75,7 @@ class ItemTestCase(TestCase): def test_update_item(self): item = Item.objects.create(container=self.box, event=self.event, description='1') - response = client.put(f'/api/1/{self.event.slug}/item/{item.uid}', {'description': '2'}, + response = self.client.put(f'/api/2/{self.event.slug}/item/{item.uid}/', {'description': '2'}, content_type='application/json') self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), @@ -85,7 +88,7 @@ class ItemTestCase(TestCase): def test_update_item_with_file(self): import base64 item = Item.objects.create(container=self.box, event=self.event, description='1') - response = client.put(f'/api/1/{self.event.slug}/item/{item.uid}', + response = self.client.put(f'/api/2/{self.event.slug}/item/{item.uid}/', {'description': '2', 'dataImage': "data:text/plain;base64," + base64.b64encode(b"foo").decode('utf-8')}, content_type='application/json') @@ -105,7 +108,7 @@ class ItemTestCase(TestCase): item = Item.objects.create(container=self.box, event=self.event, description='1') Item.objects.create(container=self.box, event=self.event, description='2') self.assertEqual(len(Item.objects.all()), 2) - response = client.delete(f'/api/1/{self.event.slug}/item/{item.uid}') + response = self.client.delete(f'/api/2/{self.event.slug}/item/{item.uid}/') self.assertEqual(response.status_code, 204) self.assertEqual(len(Item.objects.all()), 1) @@ -113,7 +116,7 @@ class ItemTestCase(TestCase): Item.objects.create(container=self.box, event=self.event, description='1') item2 = Item.objects.create(container=self.box, event=self.event, description='2') self.assertEqual(len(Item.objects.all()), 2) - response = client.delete(f'/api/1/{self.event.slug}/item/{item2.uid}') + response = self.client.delete(f'/api/2/{self.event.slug}/item/{item2.uid}/') self.assertEqual(response.status_code, 204) self.assertEqual(len(Item.objects.all()), 1) item3 = Item.objects.create(container=self.box, event=self.event, description='3') @@ -123,11 +126,11 @@ class ItemTestCase(TestCase): def test_item_count(self): Item.objects.create(container=self.box, event=self.event, description='1') Item.objects.create(container=self.box, event=self.event, description='2') - response = client.get('/api/1/boxes') + response = self.client.get('/api/2/boxes/') self.assertEqual(response.status_code, 200) self.assertEqual(len(response.json()), 1) self.assertEqual(response.json()[0]['itemCount'], 2) def test_item_nonexistent(self): - response = client.get(f'/api/1/NOEVENT/item') + response = self.client.get(f'/api/2/NOEVENT/item/') self.assertEqual(response.status_code, 404)