diff --git a/codeforlife/tests/api.py b/codeforlife/tests/api.py index 41a3b7bb..424af3ee 100644 --- a/codeforlife/tests/api.py +++ b/codeforlife/tests/api.py @@ -77,6 +77,24 @@ def login(self, **credentials): return user + def login_teacher(self, **credentials): + user = self.login(**credentials) + assert user.teacher + assert user.teacher.school + return user + + def login_student(self, **credentials): + user = self.login(**credentials) + assert user.student + assert user.student.class_field.teacher.school + return user + + def login_indy_student(self, **credentials): + user = self.login(**credentials) + assert user.student + assert not user.student.class_field + return user + @staticmethod def assert_data_equals_model( data: t.Dict[str, t.Any], @@ -145,24 +163,6 @@ class APITestCase(_APITestCase): client: APIClient client_class = APIClient - def login_teacher(self, **credentials): - user = self.client.login(**credentials) - assert user.teacher - assert user.teacher.school - return user - - def login_student(self, **credentials): - user = self.client.login(**credentials) - assert user.student - assert user.student.class_field.teacher.school - return user - - def login_indy_student(self, **credentials): - user = self.client.login(**credentials) - assert user.student - assert not user.student.class_field - return user - def get_other_user( self, user: User, diff --git a/codeforlife/user/tests/views/test_klass.py b/codeforlife/user/tests/views/test_klass.py new file mode 100644 index 00000000..7005e053 --- /dev/null +++ b/codeforlife/user/tests/views/test_klass.py @@ -0,0 +1,5 @@ +from ....tests import APITestCase + + +class TestClassViewSet(APITestCase): + pass # TODO diff --git a/codeforlife/user/tests/views/test_school.py b/codeforlife/user/tests/views/test_school.py index fbef7d26..1802d4d8 100644 --- a/codeforlife/user/tests/views/test_school.py +++ b/codeforlife/user/tests/views/test_school.py @@ -1,9 +1,11 @@ import typing as t from rest_framework import status +from rest_framework.permissions import IsAuthenticated from ....tests import APITestCase, APIClient from ...serializers import SchoolSerializer +from ...views import SchoolViewSet from ...models import User, School, Teacher, Student, Class, UserProfile @@ -60,19 +62,19 @@ def setUp(self): ) def _login_teacher(self): - return self.login_teacher( + return self.client.login_teacher( email="alberteinstein@codeforlife.com", password="Password1", ) def _login_student(self): - return self.login_student( + return self.client.login_student( email="leonardodavinci@codeforlife.com", password="Password1", ) def _login_indy_student(self): - return self.login_indy_student( + return self.client.login_indy_student( email="indianajones@codeforlife.com", password="Password1", ) @@ -220,3 +222,23 @@ def test_list__student(self): user = self._login_student() self._list_schools([user.student.class_field.teacher.school]) + + """ + General tests that apply to all actions. + """ + + def test_all__requires_authentication(self): + """ + User must be authenticated to call any endpoint. + """ + + assert IsAuthenticated in SchoolViewSet.permission_classes + + def test_all__only_http_get(self): + """ + These model are read-only. + """ + + assert [name.lower() for name in SchoolViewSet.http_method_names] == [ + "get" + ] diff --git a/codeforlife/user/tests/views/test_user.py b/codeforlife/user/tests/views/test_user.py index 8dd1983f..38a560d3 100644 --- a/codeforlife/user/tests/views/test_user.py +++ b/codeforlife/user/tests/views/test_user.py @@ -1,10 +1,12 @@ import typing as t -from django.db.models.query import QuerySet from rest_framework import status +from rest_framework.permissions import IsAuthenticated from ....tests import APITestCase, APIClient from ...serializers import UserSerializer +from ...views import UserViewSet + from ...models import User, School, Teacher, Student, Class, UserProfile @@ -61,19 +63,19 @@ def setUp(self): ) def _login_teacher(self): - return self.login_teacher( + return self.client.login_teacher( email="alberteinstein@codeforlife.com", password="Password1", ) def _login_student(self): - return self.login_student( + return self.client.login_student( email="leonardodavinci@codeforlife.com", password="Password1", ) def _login_indy_student(self): - return self.login_indy_student( + return self.client.login_indy_student( email="indianajones@codeforlife.com", password="Password1", ) @@ -400,3 +402,23 @@ def test_list__indy_student(self): user = self._login_indy_student() self._list_users([user]) + + """ + General tests that apply to all actions. + """ + + def test_all__requires_authentication(self): + """ + User must be authenticated to call any endpoint. + """ + + assert IsAuthenticated in UserViewSet.permission_classes + + def test_all__only_http_get(self): + """ + These model are read-only. + """ + + assert [name.lower() for name in UserViewSet.http_method_names] == [ + "get" + ]