mirror of https://github.com/doccano/doccano.git
pythonannotation-tooldatasetsactive-learningtext-annotationdatasetnatural-language-processingdata-labelingmachine-learning
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
133 lines
5.5 KiB
133 lines
5.5 KiB
from rest_framework import status
|
|
from rest_framework.reverse import reverse
|
|
|
|
from api.tests.utils import CRUDMixin
|
|
from projects.tests.utils import prepare_project
|
|
from users.tests.utils import make_user
|
|
from .utils import make_comment, make_doc
|
|
|
|
|
|
class TestCommentListDocAPI(CRUDMixin):
|
|
@classmethod
|
|
def setUpTestData(cls):
|
|
cls.project = prepare_project()
|
|
cls.non_member = make_user()
|
|
doc1 = make_doc(cls.project.item)
|
|
doc2 = make_doc(cls.project.item)
|
|
make_comment(doc1, cls.project.admin)
|
|
make_comment(doc2, cls.project.admin)
|
|
cls.data = {"text": "example"}
|
|
cls.url = reverse(viewname="comment_list", args=[cls.project.item.id])
|
|
cls.url += f"?example={doc1.id}"
|
|
|
|
def test_allows_project_member_to_list_comments(self):
|
|
for member in self.project.members:
|
|
response = self.assert_fetch(member, status.HTTP_200_OK)
|
|
self.assertEqual(response.data["count"], 1)
|
|
|
|
def test_denies_non_project_member_to_list_comments(self):
|
|
self.assert_fetch(self.non_member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_unauthenticated_user_to_list_comments(self):
|
|
self.assert_fetch(expected=status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_allows_project_member_to_create_comment(self):
|
|
for member in self.project.members:
|
|
self.assert_create(member, status.HTTP_201_CREATED)
|
|
|
|
def test_denies_non_project_member_to_create_comment(self):
|
|
self.assert_create(self.non_member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_unauthenticated_user_to_create_comment(self):
|
|
self.assert_create(expected=status.HTTP_403_FORBIDDEN)
|
|
|
|
|
|
class TestCommentListProjectAPI(CRUDMixin):
|
|
def setUp(self):
|
|
self.project = prepare_project()
|
|
self.non_member = make_user()
|
|
self.doc = make_doc(self.project.item)
|
|
make_comment(self.doc, self.project.admin)
|
|
self.url = reverse(viewname="comment_list", args=[self.project.item.id])
|
|
|
|
def test_allows_project_member_to_list_comments(self):
|
|
for member in self.project.members:
|
|
response = self.assert_fetch(member, status.HTTP_200_OK)
|
|
self.assertEqual(response.data["count"], 1)
|
|
|
|
def test_denies_non_project_member_to_list_comments(self):
|
|
self.assert_fetch(self.non_member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_unauthenticated_user_to_list_comments(self):
|
|
self.assert_fetch(expected=status.HTTP_403_FORBIDDEN)
|
|
|
|
def assert_bulk_delete(self, user=None, expected=status.HTTP_403_FORBIDDEN):
|
|
ids = [item.id for item in self.doc.comments.all()]
|
|
if user:
|
|
self.client.force_login(user)
|
|
response = self.client.delete(self.url, data={"ids": ids}, format="json")
|
|
self.assertEqual(response.status_code, expected)
|
|
|
|
def test_allows_project_member_to_delete_comments(self):
|
|
# Todo: Disallow non admin to delete comments.
|
|
for member in self.project.members:
|
|
self.assert_bulk_delete(member, status.HTTP_204_NO_CONTENT)
|
|
response = self.client.get(self.url)
|
|
self.assertEqual(response.data["count"], 0)
|
|
|
|
def test_denies_non_project_member_to_delete_comments(self):
|
|
self.assert_fetch(self.non_member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_unauthenticated_user_to_delete_comments(self):
|
|
self.assert_fetch(expected=status.HTTP_403_FORBIDDEN)
|
|
|
|
|
|
class TestCommentDetailAPI(CRUDMixin):
|
|
def setUp(self):
|
|
self.project = prepare_project()
|
|
self.non_member = make_user()
|
|
doc = make_doc(self.project.item)
|
|
comment = make_comment(doc, self.project.admin)
|
|
self.data = {"text": "example"}
|
|
self.url = reverse(viewname="comment_detail", args=[self.project.item.id, comment.id])
|
|
|
|
def test_allows_comment_owner_to_get_comment(self):
|
|
# Todo: Allows project member to get comment.
|
|
self.assert_fetch(self.project.admin, status.HTTP_200_OK)
|
|
|
|
def test_denies_non_comment_owner_to_get_comment(self):
|
|
for member in self.project.staffs:
|
|
self.assert_fetch(member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_non_project_member_to_get_comment(self):
|
|
self.assert_fetch(self.non_member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_unauthenticated_user_to_get_comment(self):
|
|
self.assert_fetch(expected=status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_allows_comment_owner_to_update_comment(self):
|
|
response = self.assert_update(self.project.admin, status.HTTP_200_OK)
|
|
self.assertEqual(response.data["text"], self.data["text"])
|
|
|
|
def test_denies_non_comment_owner_to_update_comment(self):
|
|
for member in self.project.staffs:
|
|
self.assert_update(member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_non_project_member_to_update_comment(self):
|
|
self.assert_update(self.non_member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_unauthenticated_user_to_update_comment(self):
|
|
self.assert_update(expected=status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_allows_comment_owner_to_delete_comment(self):
|
|
self.assert_delete(self.project.admin, status.HTTP_204_NO_CONTENT)
|
|
|
|
def test_denies_non_comment_owner_to_delete_comment(self):
|
|
for member in self.project.staffs:
|
|
self.assert_delete(member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_non_project_member_to_delete_comment(self):
|
|
self.assert_delete(self.non_member, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_denies_unauthenticated_user_to_delete_comment(self):
|
|
self.assert_delete(expected=status.HTTP_403_FORBIDDEN)
|