149 lines
4.6 KiB
Python
149 lines
4.6 KiB
Python
from django.conf import settings
|
|
from django.contrib.auth import get_user_model
|
|
from django.contrib.auth.models import AnonymousUser
|
|
from model_bakery import baker
|
|
from rest_framework.test import APIRequestFactory, APITestCase
|
|
|
|
from ..core.models import Role
|
|
from ..permissions import IsSystemTokenOrUser
|
|
|
|
|
|
class TestIsSystemTokenOrUser(APITestCase):
|
|
@classmethod
|
|
def setUpTestData(cls):
|
|
cls.path = "/api/v2/files"
|
|
|
|
def test_unauthorized(self):
|
|
response = self.client.get(self.path.format("files"))
|
|
self.assertEqual(response.status_code, 403)
|
|
|
|
def test_token_incorrect(self):
|
|
token = "doesnotexist"
|
|
request = APIRequestFactory().get(
|
|
self.path,
|
|
headers={"Authorization": f"Api-Key {token}"},
|
|
)
|
|
request.user = AnonymousUser()
|
|
allowed = IsSystemTokenOrUser().has_permission(request, None)
|
|
self.assertFalse(allowed)
|
|
|
|
def test_token_correct(self):
|
|
token = settings.CONFIG.general.api_key
|
|
request = APIRequestFactory().get(
|
|
self.path,
|
|
headers={"Authorization": f"Api-Key {token}"},
|
|
)
|
|
request.user = AnonymousUser()
|
|
allowed = IsSystemTokenOrUser().has_permission(request, None)
|
|
self.assertTrue(allowed)
|
|
|
|
|
|
class TestPermissions(APITestCase):
|
|
URLS = [
|
|
"schedule",
|
|
"shows",
|
|
"show-days",
|
|
"show-hosts",
|
|
"show-instances",
|
|
"show-rebroadcasts",
|
|
"files",
|
|
"playlists",
|
|
"playlist-contents",
|
|
"smart-blocks",
|
|
"smart-block-contents",
|
|
"smart-block-criteria",
|
|
"webstreams",
|
|
]
|
|
|
|
def logged_in_test_model(self, model, role, username, function):
|
|
path = self.path.format(model)
|
|
if not get_user_model().objects.filter(username=username):
|
|
get_user_model().objects.create_user(
|
|
role=role,
|
|
username=username,
|
|
password="test",
|
|
email="test@example.com",
|
|
first_name="test",
|
|
last_name="user",
|
|
)
|
|
self.client.login(username=username, password="test")
|
|
return function(path)
|
|
|
|
@classmethod
|
|
def setUpTestData(cls):
|
|
cls.path = "/api/v2/{}"
|
|
|
|
def test_guest_permissions_success(self):
|
|
for model in self.URLS:
|
|
response = self.logged_in_test_model(
|
|
model,
|
|
Role.GUEST,
|
|
"guest",
|
|
self.client.get,
|
|
)
|
|
self.assertEqual(
|
|
response.status_code,
|
|
200,
|
|
msg=f"Invalid for model {model}",
|
|
)
|
|
|
|
def test_guest_permissions_failure(self):
|
|
for model in self.URLS:
|
|
response = self.logged_in_test_model(
|
|
model,
|
|
Role.GUEST,
|
|
"guest",
|
|
self.client.post,
|
|
)
|
|
self.assertEqual(
|
|
response.status_code,
|
|
403,
|
|
msg=f"Invalid for model {model}",
|
|
)
|
|
|
|
def test_host_get_permissions(self):
|
|
for model in self.URLS:
|
|
response = self.logged_in_test_model(
|
|
model,
|
|
Role.HOST,
|
|
"host",
|
|
self.client.get,
|
|
)
|
|
self.assertEqual(
|
|
response.status_code,
|
|
200,
|
|
msg=f"Invalid for model {model}",
|
|
)
|
|
|
|
def test_host_post_permissions(self):
|
|
user = get_user_model().objects.create_user(
|
|
role=Role.HOST,
|
|
username="host2",
|
|
password="test",
|
|
email="test@example.com",
|
|
first_name="test",
|
|
last_name="user",
|
|
)
|
|
file = baker.make("storage.File", owner=user)
|
|
model = f"files/{file.id}"
|
|
path = self.path.format(model)
|
|
self.client.login(username="host2", password="test")
|
|
response = self.client.patch(path, {"name": "newFilename"})
|
|
self.assertEqual(response.status_code, 200)
|
|
|
|
def test_host_post_permissions_failure(self):
|
|
get_user_model().objects.create_user(
|
|
role=Role.HOST,
|
|
username="host2",
|
|
password="test",
|
|
email="test@example.com",
|
|
first_name="test",
|
|
last_name="user",
|
|
)
|
|
file = baker.make("storage.File")
|
|
model = f"files/{file.id}"
|
|
path = self.path.format(model)
|
|
self.client.login(username="host2", password="test")
|
|
response = self.client.patch(path, {"name": "newFilename"})
|
|
self.assertEqual(response.status_code, 403)
|