github.com/ismailbayram/bigpicture@v0.0.0-20231225173155-e4b21f5efcff/internal/browser/pyproject/cars/tests/test_view.py (about) 1 import json 2 from model_mommy import mommy 3 from django.test import TestCase 4 from rest_framework.reverse import reverse_lazy 5 from rest_framework import status 6 7 from cars.enums import CarType 8 from base.test import BaseTestViewMixin 9 10 11 class CarViewSetTest(BaseTestViewMixin, TestCase): 12 def setUp(self): 13 self.init_users() 14 self.car1 = mommy.make( 15 'cars.Car', 16 licence_plate="09 TK 40", 17 car_type=CarType.sedan, 18 customer_profile=self.customer_profile 19 ) 20 self.car2 = mommy.make( 21 'cars.Car', 22 licence_plate="09 TK 41", 23 car_type=CarType.sedan, 24 ) 25 self.car3 = mommy.make( 26 'cars.Car', 27 licence_plate="09 TK 43", 28 car_type=CarType.sedan, 29 customer_profile=self.customer_profile 30 ) 31 32 def test_list_action(self): 33 url = reverse_lazy('api:router:cars-list') 34 35 # Unauthorized get 36 response = self.client.get(url) 37 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) 38 39 # Authorized get 40 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer_token}'} 41 response = self.client.get(url, content_type='application/json', **headers) 42 self.assertEqual(response.status_code, status.HTTP_200_OK) 43 44 def test_create_action(self): 45 url = reverse_lazy('api:router:cars-list') 46 test_licence_plate = "09 DN 01" 47 test_car_type = 'sedan' 48 data = { 49 'licence_plate': test_licence_plate, 50 'car_type': test_car_type, 51 } 52 53 # can't create by anonym user 54 response = self.client.post(url) 55 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) 56 57 # cant create by washer 58 headers = {'HTTP_AUTHORIZATION': f'Token {self.washer_token}'} 59 response = self.client.post(url, data=data, content_type='application/json', **headers) 60 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) 61 62 # create by customer 63 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer_token}'} 64 response = self.client.post(url, data=data, content_type='application/json', **headers) 65 self.assertEqual(response.status_code, status.HTTP_201_CREATED) 66 self.assertEqual(response.data['licence_plate'], data['licence_plate']) 67 self.assertEqual(response.data['car_type'], data['car_type']) 68 69 jresponse = json.loads(response.content) 70 self.assertEqual(jresponse['licence_plate'], test_licence_plate) 71 self.assertEqual(jresponse['car_type'], test_car_type) 72 73 # dublicate car 74 # headers = {'HTTP_AUTHORIZATION': f'Token {self.customer_token}'} 75 # response = self.client.post(url, data=data, content_type='application/json', **headers) 76 # self.assertEqual(response.status_code, status.HTTP_406_NOT_ACCEPTABLE) 77 78 def test_retrieve_action(self): 79 url = reverse_lazy('api:router:cars-detail', args=[self.car1.pk]) 80 81 # can't get by anonym 82 response = self.client.get(url) 83 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) 84 85 # get by cutomer 86 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer_token}'} 87 response = self.client.get(url, **headers) 88 self.assertEqual(response.status_code, status.HTTP_200_OK) 89 jresponse = json.loads(response.content) 90 self.assertEqual(jresponse['licence_plate'], self.car1.licence_plate) 91 92 # get by washer 93 headers = {'HTTP_AUTHORIZATION': f'Token {self.washer_token}'} 94 response = self.client.get(url, **headers) 95 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) 96 97 def test_update_action(self): 98 url = reverse_lazy('api:router:cars-detail', args=[self.car1.pk]) 99 url3 = reverse_lazy('api:router:cars-detail', args=[self.car3.pk]) 100 data = { 101 'licence_plate': '01 ADN 01' 102 } 103 104 # cant update anonym 105 response = self.client.put(url) 106 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) 107 108 # can update by customer his car 109 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer_token}'} 110 response = self.client.patch(url, data=data, content_type='application/json', **headers) 111 self.assertEqual(response.data['licence_plate'], '01 ADN 01') 112 self.assertEqual(response.status_code, status.HTTP_200_OK) 113 114 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer2_token}'} 115 response = self.client.patch(url, data=data, content_type='application/json', **headers) 116 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) 117 118 # can't update by washer 119 headers = {'HTTP_AUTHORIZATION': f'Token {self.washer_token}'} 120 response = self.client.patch(url, data=data, content_type='application/json', **headers) 121 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) 122 123 def test_destroy_action(self): 124 url = reverse_lazy('api:router:cars-detail', args=[self.car1.pk]) 125 126 # cant delete by anonym 127 response = self.client.delete(url) 128 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) 129 130 # cant delete by not owner 131 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer2_token}'} 132 response = self.client.delete(url, **headers) 133 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) 134 135 # cant delete by washer 136 headers = {'HTTP_AUTHORIZATION': f'Token {self.washer_token}'} 137 response = self.client.delete(url, **headers) 138 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) 139 140 # can delete by owner 141 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer_token}'} 142 143 # before deletetion we can get 144 response = self.client.get(url, **headers) 145 self.assertEqual(response.status_code, status.HTTP_200_OK) 146 147 # delete 148 response = self.client.delete(url, **headers) 149 self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) 150 151 # after deletion we can't get 152 response = self.client.get(url, **headers) 153 self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) 154 155 def test_select_action(self): 156 url = reverse_lazy('api:router:cars-select', args=[self.car1.pk]) 157 158 response = self.client.post(url) 159 self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) 160 161 headers = {'HTTP_AUTHORIZATION': f'Token {self.customer_token}'} 162 response = self.client.post(url, **headers) 163 self.assertEqual(response.status_code, status.HTTP_200_OK) 164 jresponse = json.loads(response.content) 165 self.assertEqual(jresponse['is_selected'], True) 166 167 headers = {'HTTP_AUTHORIZATION': f'Token {self.washer_token}'} 168 response = self.client.post(url, **headers) 169 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) 170 171 headers = {'HTTP_AUTHORIZATION': f'Token {self.worker_token}'} 172 response = self.client.post(url, **headers) 173 self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)