test_api_permissions.py 2.9 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879
  1. from django.shortcuts import reverse
  2. from model_bakery import baker
  3. from glitchtip.test_utils.test_case import APIPermissionTestCase
  4. class EnvironmentAPIPermissionTests(APIPermissionTestCase):
  5. def setUp(self):
  6. self.create_user_org()
  7. self.set_client_credentials(self.auth_token.token)
  8. self.environment = baker.make(
  9. "environments.Environment", organization=self.organization
  10. )
  11. baker.make(
  12. "environments.EnvironmentProject",
  13. environment=self.environment,
  14. is_hidden=False,
  15. )
  16. self.list_url = reverse(
  17. "organization-environments-list",
  18. kwargs={"organization_slug": self.organization.slug},
  19. )
  20. self.detail_url = reverse(
  21. "organization-environments-detail",
  22. kwargs={
  23. "organization_slug": self.organization.slug,
  24. "pk": self.environment.pk,
  25. },
  26. )
  27. def test_list(self):
  28. self.assertGetReqStatusCode(self.list_url, 403)
  29. self.auth_token.add_permission("org:read")
  30. self.assertGetReqStatusCode(self.list_url, 200)
  31. def test_retrieve(self):
  32. self.assertGetReqStatusCode(self.detail_url, 403)
  33. self.auth_token.add_permission("org:read")
  34. self.assertGetReqStatusCode(self.detail_url, 200)
  35. class EnvironmentProjectAPIPermissionTests(APIPermissionTestCase):
  36. def setUp(self):
  37. self.create_user_org()
  38. self.set_client_credentials(self.auth_token.token)
  39. self.project = baker.make("projects.Project", organization=self.organization)
  40. self.environment_project = baker.make(
  41. "environments.EnvironmentProject",
  42. environment__organization=self.organization,
  43. project=self.project,
  44. )
  45. self.list_url = reverse(
  46. "project-environments-list",
  47. kwargs={"project_pk": f"{self.organization.slug}/{self.project.slug}"},
  48. )
  49. self.detail_url = reverse(
  50. "project-environments-detail",
  51. kwargs={
  52. "project_pk": f"{self.organization.slug}/{self.project.slug}",
  53. "environment__name": self.environment_project.environment.name,
  54. },
  55. )
  56. def test_list(self):
  57. self.assertGetReqStatusCode(self.list_url, 403)
  58. self.auth_token.add_permission("project:read")
  59. self.assertGetReqStatusCode(self.list_url, 200)
  60. def test_retrieve(self):
  61. self.assertGetReqStatusCode(self.detail_url, 403)
  62. self.auth_token.add_permission("project:read")
  63. self.assertGetReqStatusCode(self.detail_url, 200)
  64. def test_update(self):
  65. self.auth_token.add_permission("project:read")
  66. data = {"name": "a", "isHidden": True}
  67. self.assertPutReqStatusCode(self.detail_url, data, 403)
  68. self.auth_token.add_permission("project:write")
  69. self.assertPutReqStatusCode(self.detail_url, data, 200)