Commite7af8d6

authored

* tests for#5127*Resolves#5127

1 parentf8a03b0 commite7af8d6Copy full SHA for e7af8d6

File tree

+64

-1

lines changed

+64

-1

lines changed

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,8 @@`
`1`	`1`	`fromdjango.urlsimportpath`
`2`	`2`
`3`		`-from .viewsimportMockView`
	`3`	`+from .viewsimportBasicModelWithUsersViewSet,MockView`
`4`	`4`
`5`	`5`	`urlpatterns= [`
`6`	`6`	`path('',MockView.as_view()),`
	`7`	`+path('basicviewset',BasicModelWithUsersViewSet.as_view({'get':'list'})),`
`7`	`8`	`]`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,8 @@`
	`1`	`+fromrest_framework.serializersimportModelSerializer`
	`2`	`+fromtests.modelsimportBasicModelWithUsers`
	`3`	`+`
	`4`	`+`
	`5`	`+classBasicSerializer(ModelSerializer):`
	`6`	`+classMeta:`
	`7`	`+model=BasicModelWithUsers`
	`8`	`+fields='__all__'`

Lines changed: 27 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,35 @@`
`1`	`1`	`fromdjango.contrib.auth.modelsimportUser`
`2`	`2`	`fromdjango.testimportTestCase,override_settings`
`3`	`3`
	`4`	`+fromrest_framework.permissionsimportIsAuthenticated`
`4`	`5`	`fromrest_framework.testimportAPIClient`
`5`	`6`
	`7`	`+from .viewsimportBasicModelWithUsersViewSet,OrganizationPermissions`
	`8`	`+`
	`9`	`+`
	`10`	`+@override_settings(ROOT_URLCONF='tests.browsable_api.no_auth_urls')`
	`11`	`+classAnonymousUserTests(TestCase):`
	`12`	`+"""Tests correct handling of anonymous user request on endpoints with IsAuthenticated permission class."""`
	`13`	`+`
	`14`	`+defsetUp(self):`
	`15`	`+self.client=APIClient(enforce_csrf_checks=True)`
	`16`	`+`
	`17`	`+deftearDown(self):`
	`18`	`+self.client.logout()`
	`19`	`+`
	`20`	`+deftest_get_raises_typeerror_when_anonymous_user_in_queryset_filter(self):`
	`21`	`+withself.assertRaises(TypeError):`
	`22`	`+self.client.get('/basicviewset')`
	`23`	`+`
	`24`	`+deftest_get_returns_http_forbidden_when_anonymous_user(self):`
	`25`	`+old_permissions=BasicModelWithUsersViewSet.permission_classes`
	`26`	`+BasicModelWithUsersViewSet.permission_classes= [IsAuthenticated,OrganizationPermissions]`
	`27`	`+`
	`28`	`+response=self.client.get('/basicviewset')`
	`29`	`+`
	`30`	`+BasicModelWithUsersViewSet.permission_classes=old_permissions`
	`31`	`+self.assertEqual(response.status_code,403)`
	`32`	`+`
`6`	`33`
`7`	`34`	`@override_settings(ROOT_URLCONF='tests.browsable_api.auth_urls')`
`8`	`35`	`classDropdownWithAuthTests(TestCase):`

Lines changed: 22 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,16 @@`
`1`	`1`	`fromrest_frameworkimportauthentication,renderers`
	`2`	`+fromrest_framework.permissionsimportBasePermission`
`2`	`3`	`fromrest_framework.responseimportResponse`
`3`	`4`	`fromrest_framework.viewsimportAPIView`
	`5`	`+fromrest_framework.viewsetsimportModelViewSet`
	`6`	`+`
	`7`	`+from ..modelsimportBasicModelWithUsers`
	`8`	`+from .serializersimportBasicSerializer`
	`9`	`+`
	`10`	`+`
	`11`	`+classOrganizationPermissions(BasePermission):`
	`12`	`+defhas_object_permission(self,request,view,obj):`
	`13`	`+returnrequest.user.is_staffor (request.user==obj.owner.organization_user.user)`
`4`	`14`
`5`	`15`
`6`	`16`	`classMockView(APIView):`
`@@ -9,3 +19,15 @@ class MockView(APIView):`
`9`	`19`
`10`	`20`	`defget(self,request):`
`11`	`21`	`returnResponse({'a':1,'b':2,'c':3})`
	`22`	`+`
	`23`	`+`
	`24`	`+classBasicModelWithUsersViewSet(ModelViewSet):`
	`25`	`+queryset=BasicModelWithUsers.objects.all()`
	`26`	`+serializer_class=BasicSerializer`
	`27`	`+permission_classes= [OrganizationPermissions]`
	`28`	`+# permission_classes = [IsAuthenticated, OrganizationPermissions]`
	`29`	`+renderer_classes= (renderers.BrowsableAPIRenderer,renderers.JSONRenderer)`
	`30`	`+`
	`31`	`+defget_queryset(self):`
	`32`	`+qs=super().get_queryset().filter(users=self.request.user)`
	`33`	`+returnqs`

Lines changed: 5 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`importuuid`
`2`	`2`
	`3`	`+fromdjango.contrib.auth.modelsimportUser`
`3`	`4`	`fromdjango.dbimportmodels`
`4`	`5`	`fromdjango.utils.translationimportgettext_lazyas_`
`5`	`6`
`@@ -33,6 +34,10 @@ class ManyToManySource(RESTFrameworkModel):`
`33`	`34`	`targets=models.ManyToManyField(ManyToManyTarget,related_name='sources')`
`34`	`35`
`35`	`36`
	`37`	`+classBasicModelWithUsers(RESTFrameworkModel):`
	`38`	`+users=models.ManyToManyField(User)`
	`39`	`+`
	`40`	`+`
`36`	`41`	`# ForeignKey`
`37`	`42`	`classForeignKeyTarget(RESTFrameworkModel):`
`38`	`43`	`name=models.CharField(max_length=100)`

Comments

(0)