Skip to content

Model Permissions Delete Test Cases

Source code in app/api/tests/abstract/api_permissions.py 
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
class APIPermissionDelete:


    model: object
    """ Item Model to test """

    app_namespace: str = None
    """ URL namespace """

    url_name: str
    """ URL name of the view to test """

    url_view_kwargs: dict = None
    """ URL kwargs of the item page """

    delete_data: dict = None


    def test_delete_user_anon_denied(self):
        """ Check correct permission for delete

        Attempt to delete item as anon user
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        response = client.delete(url, data=self.delete_data)

        assert response.status_code == 401


    def test_delete_no_permission_denied(self):
        """ Check correct permission for delete

        Attempt to delete as user with no permissons
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.no_permissions_user)
        response = client.delete(url, data=self.delete_data)

        assert response.status_code == 403


    def test_delete_different_organization_denied(self):
        """ Check correct permission for delete

        Attempt to delete as user from different organization
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.different_organization_user)
        response = client.delete(url, data=self.delete_data)

        assert response.status_code == 403


    def test_delete_permission_view_denied(self):
        """ Check correct permission for delete

        Attempt to delete as user with veiw permission only
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.view_user)
        response = client.delete(url, data=self.delete_data)

        assert response.status_code == 403


    def test_delete_permission_add_denied(self):
        """ Check correct permission for delete

        Attempt to delete as user with add permission only
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.add_user)
        response = client.delete(url, data=self.delete_data)

        assert response.status_code == 403


    def test_delete_permission_change_denied(self):
        """ Check correct permission for delete

        Attempt to delete as user with change permission only
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.change_user)
        response = client.delete(url, data=self.delete_data)

        assert response.status_code == 403


    def test_delete_has_permission(self):
        """ Check correct permission for delete

        Delete item as user with delete permission
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.delete_user)
        response = client.delete(url, data=self.delete_data)

        assert response.status_code == 204

Attributes

model: object

Item Model to test

app_namespace: str = None

URL namespace

url_name: str

URL name of the view to test

url_view_kwargs: dict = None

URL kwargs of the item page

delete_data: dict = None

Functions

test_delete_user_anon_denied()

Check correct permission for delete

Attempt to delete item as anon user

Source code in app/api/tests/abstract/api_permissions.py 
349
350
351
352
353
354
355
356
357
358
359
360
361
def test_delete_user_anon_denied(self):
    """ Check correct permission for delete

    Attempt to delete item as anon user
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    response = client.delete(url, data=self.delete_data)

    assert response.status_code == 401

test_delete_no_permission_denied()

Check correct permission for delete

Attempt to delete as user with no permissons

Source code in app/api/tests/abstract/api_permissions.py 
364
365
366
367
368
369
370
371
372
373
374
375
376
377
def test_delete_no_permission_denied(self):
    """ Check correct permission for delete

    Attempt to delete as user with no permissons
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.no_permissions_user)
    response = client.delete(url, data=self.delete_data)

    assert response.status_code == 403

test_delete_different_organization_denied()

Check correct permission for delete

Attempt to delete as user from different organization

Source code in app/api/tests/abstract/api_permissions.py 
380
381
382
383
384
385
386
387
388
389
390
391
392
393
def test_delete_different_organization_denied(self):
    """ Check correct permission for delete

    Attempt to delete as user from different organization
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.different_organization_user)
    response = client.delete(url, data=self.delete_data)

    assert response.status_code == 403

test_delete_permission_view_denied()

Check correct permission for delete

Attempt to delete as user with veiw permission only

Source code in app/api/tests/abstract/api_permissions.py 
396
397
398
399
400
401
402
403
404
405
406
407
408
409
def test_delete_permission_view_denied(self):
    """ Check correct permission for delete

    Attempt to delete as user with veiw permission only
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.view_user)
    response = client.delete(url, data=self.delete_data)

    assert response.status_code == 403

test_delete_permission_add_denied()

Check correct permission for delete

Attempt to delete as user with add permission only

Source code in app/api/tests/abstract/api_permissions.py 
412
413
414
415
416
417
418
419
420
421
422
423
424
425
def test_delete_permission_add_denied(self):
    """ Check correct permission for delete

    Attempt to delete as user with add permission only
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.add_user)
    response = client.delete(url, data=self.delete_data)

    assert response.status_code == 403

test_delete_permission_change_denied()

Check correct permission for delete

Attempt to delete as user with change permission only

Source code in app/api/tests/abstract/api_permissions.py 
428
429
430
431
432
433
434
435
436
437
438
439
440
441
def test_delete_permission_change_denied(self):
    """ Check correct permission for delete

    Attempt to delete as user with change permission only
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.change_user)
    response = client.delete(url, data=self.delete_data)

    assert response.status_code == 403

test_delete_has_permission()

Check correct permission for delete

Delete item as user with delete permission

Source code in app/api/tests/abstract/api_permissions.py 
444
445
446
447
448
449
450
451
452
453
454
455
456
457
def test_delete_has_permission(self):
    """ Check correct permission for delete

    Delete item as user with delete permission
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.delete_user)
    response = client.delete(url, data=self.delete_data)

    assert response.status_code == 204

About:

This page forms part of our Project Centurion ERP.

Page Metadata
Version: ToDo: place files short git commit here
Date Created: 2024-06-15
Date Edited: 2024-07-09

Contribution:

Would You like to contribute to our Centurion ERP project? You can assist in the following ways:

 

ToDo: Add the page list of contributors