Skip to content

Model Permissions View Test Cases

Source code in app/api/tests/abstract/api_permissions.py 
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
class APIPermissionView:


    model: object
    """ Item Model to test """

    app_namespace: str = None
    """ URL namespace """

    url_name: str
    """ URL name of the view to test """

    url_view_kwargs: dict = None
    """ URL kwargs of the item page """


    def test_view_user_anon_denied(self):
        """ Check correct permission for view

        Attempt to view as anon user
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)

        response = client.get(url)

        assert response.status_code == 401


    def test_view_no_permission_denied(self):
        """ Check correct permission for view

        Attempt to view with user missing permission
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.no_permissions_user)
        response = client.get(url)

        assert response.status_code == 403


    def test_view_different_organizaiton_denied(self):
        """ Check correct permission for view

        Attempt to view with user from different organization
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.different_organization_user)
        response = client.get(url)

        assert response.status_code == 403


    def test_view_has_permission(self):
        """ Check correct permission for view

        Attempt to view as user with view permission
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


        client.force_login(self.view_user)
        response = client.get(url)

        assert response.status_code == 200

Attributes

model: object

Item Model to test

app_namespace: str = None

URL namespace

url_name: str

URL name of the view to test

url_view_kwargs: dict = None

URL kwargs of the item page

Functions

test_view_user_anon_denied()

Check correct permission for view

Attempt to view as anon user

Source code in app/api/tests/abstract/api_permissions.py 
25
26
27
28
29
30
31
32
33
34
35
36
def test_view_user_anon_denied(self):
    """ Check correct permission for view

    Attempt to view as anon user
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)

    response = client.get(url)

    assert response.status_code == 401

test_view_no_permission_denied()

Check correct permission for view

Attempt to view with user missing permission

Source code in app/api/tests/abstract/api_permissions.py 
39
40
41
42
43
44
45
46
47
48
49
50
51
52
def test_view_no_permission_denied(self):
    """ Check correct permission for view

    Attempt to view with user missing permission
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.no_permissions_user)
    response = client.get(url)

    assert response.status_code == 403

test_view_different_organizaiton_denied()

Check correct permission for view

Attempt to view with user from different organization

Source code in app/api/tests/abstract/api_permissions.py 
55
56
57
58
59
60
61
62
63
64
65
66
67
68
def test_view_different_organizaiton_denied(self):
    """ Check correct permission for view

    Attempt to view with user from different organization
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.different_organization_user)
    response = client.get(url)

    assert response.status_code == 403

test_view_has_permission()

Check correct permission for view

Attempt to view as user with view permission

Source code in app/api/tests/abstract/api_permissions.py 
71
72
73
74
75
76
77
78
79
80
81
82
83
84
def test_view_has_permission(self):
    """ Check correct permission for view

    Attempt to view as user with view permission
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name, kwargs=self.url_view_kwargs)


    client.force_login(self.view_user)
    response = client.get(url)

    assert response.status_code == 200

About:

This page forms part of our Project Centurion ERP.

Page Metadata
Version: ToDo: place files short git commit here
Date Created: 2024-06-15
Date Edited: 2024-07-09

Contribution:

Would You like to contribute to our Centurion ERP project? You can assist in the following ways:

 

ToDo: Add the page list of contributors