Home Explore Help
Sign In
SMusatov
/
GlitchTip
mirror of https://gitlab.com/glitchtip/glitchtip-backend.git
1
0
Fork 0
Files
Tree: 8e4b7d7f33
Branches Tags
GlitchTip
/
apps
/
alerts
/
tests
/
test_api_permissions.py

test_api_permissions.py 2.4 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. from django.urls import reverse
    2. 

  2. from model_bakery import baker
    3. 

  3. 

  4. from apps.organizations_ext.models import OrganizationUserRole
    5. 

  5. from glitchtip.test_utils.test_case import APIPermissionTestCase
    6. 

  6. 

  7. 

  8. class AlertsAPIPermissionTests(APIPermissionTestCase):
    9. 

  9.     def setUp(self):
    10. 

  10.         self.create_user_org()
    11. 

  11.         self.set_client_credentials(self.auth_token.token)
    12. 

  12.         self.team = baker.make("teams.Team", organization=self.organization)
    13. 

  13.         self.team.members.add(self.org_user)
    14. 

  14.         self.project = baker.make("projects.Project", organization=self.organization)
    15. 

  15.         self.project.teams.add(self.team)
    16. 

  16.         self.alert = baker.make("alerts.ProjectAlert", project=self.project)
    17. 

  17.         self.list_url = reverse(
    18. 

  18.             "api:list_project_alerts", args=[self.organization.slug, self.project.slug]
    19. 

  19.         )
    20. 

  20.         self.detail_url = reverse(
    21. 

  21.             "api:update_project_alert",
    22. 

  22.             args=[self.organization.slug, self.project.slug, self.alert.id],
    23. 

  23.         )
    24. 

  24. 

  25.     def test_list(self):
    26. 

  26.         self.assertGetReqStatusCode(self.list_url, 403)
    27. 

  27. 

  28.         self.auth_token.add_permission("project:read")
    29. 

  29.         self.assertGetReqStatusCode(self.list_url, 200)
    30. 

  30. 

  31.     def test_create(self):
    32. 

  32.         self.auth_token.add_permission("project:read")
    33. 

  33.         data = {"timespan_minutes": 1, "quantity": 1}
    34. 

  34.         self.assertPostReqStatusCode(self.list_url, data, 403)
    35. 

  35. 

  36.         self.auth_token.add_permission("project:write")
    37. 

  37.         self.assertPostReqStatusCode(self.list_url, data, 201)
    38. 

  38. 

  39.     def test_destroy(self):
    40. 

  40.         self.auth_token.add_permissions(["project:read", "project:write"])
    41. 

  41.         self.assertDeleteReqStatusCode(self.detail_url, 403)
    42. 

  42. 

  43.         self.auth_token.add_permission("project:admin")
    44. 

  44.         self.assertDeleteReqStatusCode(self.detail_url, 204)
    45. 

  45. 

  46.     def test_user_destroy(self):
    47. 

  47.         self.set_client_credentials(None)
    48. 

  48.         self.client.force_login(self.user)
    49. 

  49.         self.set_user_role(OrganizationUserRole.MEMBER)
    50. 

  50.         self.assertDeleteReqStatusCode(self.detail_url, 404)
    51. 

  51. 

  52.         self.set_user_role(OrganizationUserRole.OWNER)
    53. 

  53.         self.assertDeleteReqStatusCode(self.detail_url, 204)
    54. 

  54. 

  55.     def test_update(self):
    56. 

  56.         self.auth_token.add_permission("project:read")
    57. 

  57.         data = {"timespan_minutes": 1, "quantity": 1}
    58. 

  58.         self.assertPutReqStatusCode(self.detail_url, data, 403)
    59. 

  59. 

  60.         self.auth_token.add_permission("project:write")
    61. 

  61.         self.assertPutReqStatusCode(self.detail_url, data, 200)
    62.