Home Explore Help
Sign In
SMusatov
/
GlitchTip
mirror of https://gitlab.com/glitchtip/glitchtip-backend.git
1
0
Fork 0
Files
Tree: 5b3b80dd11
Branches Tags
GlitchTip
/
alerts
/
tests
/
test_api_permissions.py

test_api_permissions.py 2.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. from django.urls import reverse
    2. 

  2. from model_bakery import baker
    3. 

  3. from organizations_ext.models import OrganizationUserRole
    4. 

  4. from glitchtip.test_utils.test_case import APIPermissionTestCase
    5. 

  5. 

  6. 

  7. class AlertsAPIPermissionTests(APIPermissionTestCase):
    8. 

  8.     def setUp(self):
    9. 

  9.         self.create_user_org()
    10. 

  10.         self.set_client_credentials(self.auth_token.token)
    11. 

  11.         self.team = baker.make("teams.Team", organization=self.organization)
    12. 

  12.         self.team.members.add(self.org_user)
    13. 

  13.         self.project = baker.make("projects.Project", organization=self.organization)
    14. 

  14.         self.project.team_set.add(self.team)
    15. 

  15.         self.alert = baker.make("alerts.ProjectAlert", project=self.project)
    16. 

  16.         self.list_url = reverse(
    17. 

  17.             "project-alerts-list",
    18. 

  18.             kwargs={"project_pk": self.organization.slug + "/" + self.project.slug},
    19. 

  19.         )
    20. 

  20.         self.detail_url = reverse(
    21. 

  21.             "project-alerts-detail",
    22. 

  22.             kwargs={
    23. 

  23.                 "project_pk": self.organization.slug + "/" + self.project.slug,
    24. 

  24.                 "pk": self.alert.pk,
    25. 

  25.             },
    26. 

  26.         )
    27. 

  27. 

  28.     def test_list(self):
    29. 

  29.         self.assertGetReqStatusCode(self.list_url, 403)
    30. 

  30. 

  31.         self.auth_token.add_permission("project:read")
    32. 

  32.         self.assertGetReqStatusCode(self.list_url, 200)
    33. 

  33. 

  34.     def test_retrieve(self):
    35. 

  35.         self.assertGetReqStatusCode(self.detail_url, 403)
    36. 

  36. 

  37.         self.auth_token.add_permission("project:read")
    38. 

  38.         self.assertGetReqStatusCode(self.detail_url, 200)
    39. 

  39. 

  40.     def test_create(self):
    41. 

  41.         self.auth_token.add_permission("project:read")
    42. 

  42.         data = {"timespan_minutes": 1, "quantity": 1}
    43. 

  43.         self.assertPostReqStatusCode(self.list_url, data, 403)
    44. 

  44. 

  45.         self.auth_token.add_permission("project:write")
    46. 

  46.         self.assertPostReqStatusCode(self.list_url, data, 201)
    47. 

  47. 

  48.     def test_destroy(self):
    49. 

  49.         self.auth_token.add_permissions(["project:read", "project:write"])
    50. 

  50.         self.assertDeleteReqStatusCode(self.detail_url, 403)
    51. 

  51. 

  52.         self.auth_token.add_permission("project:admin")
    53. 

  53.         self.assertDeleteReqStatusCode(self.detail_url, 204)
    54. 

  54. 

  55.     def test_user_destroy(self):
    56. 

  56.         self.client.force_login(self.user)
    57. 

  57.         self.set_user_role(OrganizationUserRole.MEMBER)
    58. 

  58.         self.assertDeleteReqStatusCode(self.detail_url, 403)
    59. 

  59. 

  60.         self.set_user_role(OrganizationUserRole.OWNER)
    61. 

  61.         self.assertDeleteReqStatusCode(self.detail_url, 204)
    62. 

  62. 

  63.     def test_update(self):
    64. 

  64.         self.auth_token.add_permission("project:read")
    65. 

  65.         data = {"timespan_minutes": 1, "quantity": 1}
    66. 

  66.         self.assertPutReqStatusCode(self.detail_url, data, 403)
    67. 

  67. 

  68.         self.auth_token.add_permission("project:write")
    69. 

  69.         self.assertPutReqStatusCode(self.detail_url, data, 200)
    70.