from rest_framework import status
from rest_framework.reverse import reverse
from rest_framework.test import APITestCase
from .utils import make_user
class TestUserAPI(APITestCase):
@classmethod
def setUpTestData(cls):
cls.user = make_user(username="bob")
cls.url = reverse(viewname="user_list")
def test_allows_authenticated_user_to_get_users(self):
self.client.force_login(self.user)
response = self.client.get(self.url)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(response.data), 1)
self.assertEqual(response.data[0]["username"], self.user.username)
def test_denies_unauthenticated_user_to_get_users(self):
response = self.client.get(self.url)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
class TestMeAPI(APITestCase):
@classmethod
def setUpTestData(cls):
cls.user = make_user(username="bob")
cls.url = reverse(viewname="me")
def test_return_own_information(self):
self.client.force_login(self.user)
response = self.client.get(self.url)
self.assertEqual(response.data["id"], self.user.id)
self.assertEqual(response.data["username"], self.user.username)
def test_does_not_return_information_to_unauthenticated_user(self):
response = self.client.get(self.url)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
class TestUserCreationAPI(APITestCase):
@classmethod
def setUpTestData(cls):
cls.staff = make_user(username="bob", is_staff=True)
cls.non_staff = make_user(username="tom", is_staff=False)
cls.url = reverse(viewname="user_create")
cls.payload = {"username": "hironsan", "password1": "foobarbaz", "password2": "foobarbaz"}
def test_staff_can_create_user(self):
self.client.force_login(self.staff)
response = self.client.post(self.url, data=self.payload)
self.assertEqual(response.data["username"], "hironsan")
def test_non_staff_cannot_create_user(self):
self.client.force_login(self.non_staff)
response = self.client.post(self.url, data=self.payload)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)