MCPcopy
hub / github.com/WebODM/WebODM / test_project

Method test_project

app/tests/test_api_projects.py:21–169  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

19 super().tearDown()
20
21 def test_project(self):
22 client = APIClient()
23
24 user = User.objects.get(username="testuser")
25 project = Project.objects.create(
26 owner=user,
27 name="test project"
28 )
29
30 # Cannot edit project (anonymous)
31 res = client.post("/api/projects/{}/edit/".format(project.id), {
32 'name': 'edited'
33 })
34 self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN)
35
36 client.login(username="testuser", password="test1234")
37
38 # Can edit project
39 res = client.post("/api/projects/{}/edit/".format(project.id), {
40 'name': 'edited'
41 })
42 self.assertEqual(res.status_code, status.HTTP_200_OK)
43 project.refresh_from_db()
44
45 self.assertEqual(project.name, 'edited')
46 self.assertEqual(project.description, '')
47
48 other_user = User.objects.get(username="testuser2")
49
50 other_client = APIClient()
51 other_client.login(username="testuser2", password="test1234")
52
53 # Other user cannot edit project
54 res = other_client.post("/api/projects/{}/edit/".format(project.id), {
55 'name': 'edited2'
56 })
57 self.assertEqual(res.status_code, status.HTTP_404_NOT_FOUND)
58
59 # Other user cannot see project
60 res = other_client.get("/api/projects/{}/".format(project.id))
61 self.assertEqual(res.status_code, status.HTTP_404_NOT_FOUND)
62
63 # Change permissions via API
64 res = client.post("/api/projects/{}/edit/".format(project.id), {
65 'permissions': [{'username': 'testuser2', 'permissions': ['view']}]
66 }, format="json")
67 self.assertEqual(res.status_code, status.HTTP_200_OK)
68
69 # Other user can see project
70 res = other_client.get("/api/projects/{}/".format(project.id))
71 self.assertEqual(res.status_code, status.HTTP_200_OK)
72
73 # Other user does not own the project
74 self.assertFalse(res.data['owned'])
75
76 # Other user still cannot edit project
77 res = other_client.post("/api/projects/{}/edit/".format(project.id), {
78 'name': 'edited2'

Callers

nothing calls this directly

Calls 7

loginMethod · 0.80
get_project_dirMethod · 0.80
getMethod · 0.45
createMethod · 0.45
postMethod · 0.45
formatMethod · 0.45
deleteMethod · 0.45

Tested by

no test coverage detected