django-rest-framework/tests/test_generics.py

550 lines
19 KiB
Python
Raw Normal View History

2012-11-22 03:20:49 +04:00
from __future__ import unicode_literals
2015-06-25 23:55:51 +03:00
import pytest
2012-12-18 01:59:51 +04:00
from django.db import models
from django.shortcuts import get_object_or_404
2012-09-28 17:28:50 +04:00
from django.test import TestCase
from django.utils import six
2015-06-25 23:55:51 +03:00
from rest_framework import generics, renderers, serializers, status
from rest_framework.response import Response
2013-06-28 20:17:39 +04:00
from rest_framework.test import APIRequestFactory
2015-06-25 23:55:51 +03:00
from tests.models import (
BasicModel, ForeignKeySource, ForeignKeyTarget, RESTFrameworkModel
)
2012-09-28 17:28:50 +04:00
2013-06-28 20:17:39 +04:00
factory = APIRequestFactory()
2012-09-28 17:28:50 +04:00
2014-11-29 22:04:50 +03:00
# Models
class SlugBasedModel(RESTFrameworkModel):
text = models.CharField(max_length=100)
slug = models.SlugField(max_length=32)
# Model for regression test for #285
class Comment(RESTFrameworkModel):
email = models.EmailField()
content = models.CharField(max_length=200)
created = models.DateTimeField(auto_now_add=True)
# Serializers
class BasicSerializer(serializers.ModelSerializer):
class Meta:
model = BasicModel
fields = '__all__'
class ForeignKeySerializer(serializers.ModelSerializer):
class Meta:
model = ForeignKeySource
fields = '__all__'
2014-11-29 22:04:50 +03:00
class SlugSerializer(serializers.ModelSerializer):
slug = serializers.ReadOnlyField()
class Meta:
model = SlugBasedModel
fields = ('text', 'slug')
# Views
2012-10-03 12:26:15 +04:00
class RootView(generics.ListCreateAPIView):
queryset = BasicModel.objects.all()
serializer_class = BasicSerializer
2012-09-28 17:28:50 +04:00
class InstanceView(generics.RetrieveUpdateDestroyAPIView):
2014-09-02 20:41:23 +04:00
queryset = BasicModel.objects.exclude(text='filtered out')
serializer_class = BasicSerializer
2012-09-28 18:54:00 +04:00
class FKInstanceView(generics.RetrieveUpdateDestroyAPIView):
queryset = ForeignKeySource.objects.all()
serializer_class = ForeignKeySerializer
class SlugBasedInstanceView(InstanceView):
"""
A model with a slug-field.
"""
queryset = SlugBasedModel.objects.all()
2012-10-29 21:20:06 +04:00
serializer_class = SlugSerializer
lookup_field = 'slug'
2014-11-29 22:04:50 +03:00
# Tests
2012-09-28 18:54:00 +04:00
class TestRootView(TestCase):
2012-09-28 17:28:50 +04:00
def setUp(self):
2012-09-28 18:54:00 +04:00
"""
2013-02-25 17:44:19 +04:00
Create 3 BasicModel instances.
2012-09-28 18:54:00 +04:00
"""
2012-09-28 17:28:50 +04:00
items = ['foo', 'bar', 'baz']
for item in items:
BasicModel(text=item).save()
self.objects = BasicModel.objects
self.data = [
{'id': obj.id, 'text': obj.text}
for obj in self.objects.all()
]
2012-09-28 19:23:46 +04:00
self.view = RootView.as_view()
2012-09-28 17:28:50 +04:00
def test_get_root_view(self):
2012-09-28 18:54:00 +04:00
"""
2012-10-03 12:26:15 +04:00
GET requests to ListCreateAPIView should return list of objects.
2012-09-28 18:54:00 +04:00
"""
2012-09-28 17:28:50 +04:00
request = factory.get('/')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(1):
response = self.view(request).render()
assert response.status_code == status.HTTP_200_OK
assert response.data == self.data
2012-09-28 18:54:00 +04:00
def test_post_root_view(self):
"""
2012-10-03 12:26:15 +04:00
POST requests to ListCreateAPIView should create a new object.
2012-09-28 18:54:00 +04:00
"""
2013-06-28 20:17:39 +04:00
data = {'text': 'foobar'}
request = factory.post('/', data, format='json')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(1):
response = self.view(request).render()
assert response.status_code == status.HTTP_201_CREATED
assert response.data == {'id': 4, 'text': 'foobar'}
2012-09-28 18:54:00 +04:00
created = self.objects.get(id=4)
assert created.text == 'foobar'
2012-09-28 18:54:00 +04:00
2012-09-28 19:23:46 +04:00
def test_put_root_view(self):
"""
2012-10-03 12:26:15 +04:00
PUT requests to ListCreateAPIView should not be allowed
2012-09-28 19:23:46 +04:00
"""
2013-06-28 20:17:39 +04:00
data = {'text': 'foobar'}
request = factory.put('/', data, format='json')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(0):
response = self.view(request).render()
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
assert response.data == {"detail": 'Method "PUT" not allowed.'}
2012-09-28 19:23:46 +04:00
def test_delete_root_view(self):
"""
2012-10-03 12:26:15 +04:00
DELETE requests to ListCreateAPIView should not be allowed
2012-09-28 19:23:46 +04:00
"""
request = factory.delete('/')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(0):
response = self.view(request).render()
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
assert response.data == {"detail": 'Method "DELETE" not allowed.'}
2012-09-28 19:41:35 +04:00
def test_post_cannot_set_id(self):
"""
POST requests to create a new object should not be able to set the id.
"""
2013-06-28 20:17:39 +04:00
data = {'id': 999, 'text': 'foobar'}
request = factory.post('/', data, format='json')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(1):
response = self.view(request).render()
assert response.status_code == status.HTTP_201_CREATED
assert response.data == {'id': 4, 'text': 'foobar'}
created = self.objects.get(id=4)
assert created.text == 'foobar'
def test_post_error_root_view(self):
"""
POST requests to ListCreateAPIView in HTML should include a form error.
"""
data = {'text': 'foobar' * 100}
request = factory.post('/', data, HTTP_ACCEPT='text/html')
response = self.view(request).render()
expected_error = '<span class="help-block">Ensure this field has no more than 100 characters.</span>'
assert expected_error in response.rendered_content.decode('utf-8')
2012-09-28 18:54:00 +04:00
EXPECTED_QUERIES_FOR_PUT = 2
2014-09-11 16:20:44 +04:00
2012-09-28 18:54:00 +04:00
class TestInstanceView(TestCase):
def setUp(self):
"""
2014-11-29 22:23:55 +03:00
Create 3 BasicModel instances.
2012-09-28 18:54:00 +04:00
"""
items = ['foo', 'bar', 'baz', 'filtered out']
2012-09-28 18:54:00 +04:00
for item in items:
BasicModel(text=item).save()
self.objects = BasicModel.objects.exclude(text='filtered out')
2012-09-28 18:54:00 +04:00
self.data = [
{'id': obj.id, 'text': obj.text}
for obj in self.objects.all()
]
2012-09-28 19:23:46 +04:00
self.view = InstanceView.as_view()
self.slug_based_view = SlugBasedInstanceView.as_view()
2012-09-28 18:54:00 +04:00
def test_get_instance_view(self):
"""
2012-10-03 12:26:15 +04:00
GET requests to RetrieveUpdateDestroyAPIView should return a single object.
2012-09-28 18:54:00 +04:00
"""
request = factory.get('/1')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(1):
response = self.view(request, pk=1).render()
assert response.status_code == status.HTTP_200_OK
assert response.data == self.data[0]
2012-09-28 18:54:00 +04:00
2012-09-28 19:23:46 +04:00
def test_post_instance_view(self):
"""
2012-10-03 12:26:15 +04:00
POST requests to RetrieveUpdateDestroyAPIView should not be allowed
2012-09-28 19:23:46 +04:00
"""
2013-06-28 20:17:39 +04:00
data = {'text': 'foobar'}
request = factory.post('/', data, format='json')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(0):
response = self.view(request).render()
assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
assert response.data == {"detail": 'Method "POST" not allowed.'}
2012-09-28 19:23:46 +04:00
2012-09-28 18:54:00 +04:00
def test_put_instance_view(self):
"""
2012-10-03 12:26:15 +04:00
PUT requests to RetrieveUpdateDestroyAPIView should update an object.
2012-09-28 18:54:00 +04:00
"""
2013-06-28 20:17:39 +04:00
data = {'text': 'foobar'}
request = factory.put('/1', data, format='json')
2014-11-29 22:23:55 +03:00
with self.assertNumQueries(EXPECTED_QUERIES_FOR_PUT):
2013-03-08 21:36:43 +04:00
response = self.view(request, pk='1').render()
assert response.status_code == status.HTTP_200_OK
assert dict(response.data) == {'id': 1, 'text': 'foobar'}
2012-09-28 18:54:00 +04:00
updated = self.objects.get(id=1)
assert updated.text == 'foobar'
2012-09-28 18:54:00 +04:00
def test_patch_instance_view(self):
"""
PATCH requests to RetrieveUpdateDestroyAPIView should update an object.
"""
2013-06-28 20:17:39 +04:00
data = {'text': 'foobar'}
request = factory.patch('/1', data, format='json')
2014-11-29 22:23:55 +03:00
with self.assertNumQueries(EXPECTED_QUERIES_FOR_PUT):
2013-03-08 21:36:43 +04:00
response = self.view(request, pk=1).render()
assert response.status_code == status.HTTP_200_OK
assert response.data == {'id': 1, 'text': 'foobar'}
updated = self.objects.get(id=1)
assert updated.text == 'foobar'
2012-09-28 18:54:00 +04:00
def test_delete_instance_view(self):
"""
2012-10-03 12:26:15 +04:00
DELETE requests to RetrieveUpdateDestroyAPIView should delete an object.
2012-09-28 18:54:00 +04:00
"""
request = factory.delete('/1')
2013-03-08 21:36:43 +04:00
with self.assertNumQueries(2):
response = self.view(request, pk=1).render()
assert response.status_code == status.HTTP_204_NO_CONTENT
assert response.content == six.b('')
2012-09-28 18:54:00 +04:00
ids = [obj.id for obj in self.objects.all()]
assert ids == [2, 3]
2012-09-28 19:41:35 +04:00
def test_get_instance_view_incorrect_arg(self):
"""
GET requests with an incorrect pk type, should raise 404, not 500.
Regression test for #890.
"""
request = factory.get('/a')
with self.assertNumQueries(0):
response = self.view(request, pk='a').render()
assert response.status_code == status.HTTP_404_NOT_FOUND
def test_put_cannot_set_id(self):
"""
PUT requests to create a new object should not be able to set the id.
"""
2013-06-28 20:17:39 +04:00
data = {'id': 999, 'text': 'foobar'}
request = factory.put('/1', data, format='json')
2014-11-29 22:23:55 +03:00
with self.assertNumQueries(EXPECTED_QUERIES_FOR_PUT):
2013-03-08 21:36:43 +04:00
response = self.view(request, pk=1).render()
assert response.status_code == status.HTTP_200_OK
assert response.data == {'id': 1, 'text': 'foobar'}
updated = self.objects.get(id=1)
assert updated.text == 'foobar'
2012-10-05 19:24:52 +04:00
def test_put_to_deleted_instance(self):
"""
2014-09-05 19:29:46 +04:00
PUT requests to RetrieveUpdateDestroyAPIView should return 404 if
an object does not currently exist.
2012-10-05 19:24:52 +04:00
"""
self.objects.get(id=1).delete()
2013-06-28 20:17:39 +04:00
data = {'text': 'foobar'}
request = factory.put('/1', data, format='json')
2014-09-05 19:29:46 +04:00
with self.assertNumQueries(1):
2013-03-08 21:36:43 +04:00
response = self.view(request, pk=1).render()
assert response.status_code == status.HTTP_404_NOT_FOUND
def test_put_to_filtered_out_instance(self):
"""
PUT requests to an URL of instance which is filtered out should not be
able to create new objects.
"""
data = {'text': 'foo'}
filtered_out_pk = BasicModel.objects.filter(text='filtered out')[0].pk
request = factory.put('/{0}'.format(filtered_out_pk), data, format='json')
response = self.view(request, pk=filtered_out_pk).render()
assert response.status_code == status.HTTP_404_NOT_FOUND
2012-10-08 15:52:56 +04:00
def test_patch_cannot_create_an_object(self):
"""
PATCH requests should not be able to create objects.
"""
data = {'text': 'foobar'}
request = factory.patch('/999', data, format='json')
with self.assertNumQueries(1):
response = self.view(request, pk=999).render()
assert response.status_code == status.HTTP_404_NOT_FOUND
assert not self.objects.filter(id=999).exists()
def test_put_error_instance_view(self):
"""
Incorrect PUT requests in HTML should include a form error.
"""
data = {'text': 'foobar' * 100}
request = factory.put('/', data, HTTP_ACCEPT='text/html')
response = self.view(request, pk=1).render()
expected_error = '<span class="help-block">Ensure this field has no more than 100 characters.</span>'
assert expected_error in response.rendered_content.decode('utf-8')
class TestFKInstanceView(TestCase):
def setUp(self):
"""
Create 3 BasicModel instances.
"""
items = ['foo', 'bar', 'baz']
for item in items:
t = ForeignKeyTarget(name=item)
t.save()
ForeignKeySource(name='source_' + item, target=t).save()
self.objects = ForeignKeySource.objects
self.data = [
{'id': obj.id, 'name': obj.name}
for obj in self.objects.all()
]
self.view = FKInstanceView.as_view()
class TestOverriddenGetObject(TestCase):
"""
Test cases for a RetrieveUpdateDestroyAPIView that does NOT use the
queryset/model mechanism but instead overrides get_object()
"""
2014-11-29 22:23:55 +03:00
def setUp(self):
"""
2014-11-29 22:23:55 +03:00
Create 3 BasicModel instances.
"""
items = ['foo', 'bar', 'baz']
for item in items:
BasicModel(text=item).save()
self.objects = BasicModel.objects
self.data = [
{'id': obj.id, 'text': obj.text}
for obj in self.objects.all()
]
class OverriddenGetObjectView(generics.RetrieveUpdateDestroyAPIView):
"""
Example detail view for override of get_object().
"""
serializer_class = BasicSerializer
def get_object(self):
pk = int(self.kwargs['pk'])
return get_object_or_404(BasicModel.objects.all(), id=pk)
self.view = OverriddenGetObjectView.as_view()
def test_overridden_get_object_view(self):
"""
GET requests to RetrieveUpdateDestroyAPIView should return a single object.
"""
request = factory.get('/1')
with self.assertNumQueries(1):
response = self.view(request, pk=1).render()
assert response.status_code == status.HTTP_200_OK
assert response.data == self.data[0]
2012-10-08 15:52:56 +04:00
# Regression test for #285
class CommentSerializer(serializers.ModelSerializer):
class Meta:
model = Comment
exclude = ('created',)
class CommentView(generics.ListCreateAPIView):
serializer_class = CommentSerializer
model = Comment
class TestCreateModelWithAutoNowAddField(TestCase):
def setUp(self):
self.objects = Comment.objects
self.view = CommentView.as_view()
def test_create_model_with_auto_now_add_field(self):
"""
Regression test for #285
https://github.com/tomchristie/django-rest-framework/issues/285
"""
2013-06-28 20:17:39 +04:00
data = {'email': 'foobar@example.com', 'content': 'foobar'}
request = factory.post('/', data, format='json')
2012-10-08 15:52:56 +04:00
response = self.view(request).render()
assert response.status_code == status.HTTP_201_CREATED
2012-10-08 15:52:56 +04:00
created = self.objects.get(id=1)
assert created.content == 'foobar'
2012-12-18 01:59:51 +04:00
# Test for particularly ugly regression with m2m in browsable API
2012-12-18 01:59:51 +04:00
class ClassB(models.Model):
name = models.CharField(max_length=255)
class ClassA(models.Model):
name = models.CharField(max_length=255)
2014-11-29 22:23:55 +03:00
children = models.ManyToManyField(ClassB, blank=True, null=True)
2012-12-18 01:59:51 +04:00
class ClassASerializer(serializers.ModelSerializer):
2014-11-29 22:23:55 +03:00
children = serializers.PrimaryKeyRelatedField(
many=True, queryset=ClassB.objects.all()
)
2012-12-18 01:59:51 +04:00
class Meta:
model = ClassA
fields = '__all__'
2012-12-18 01:59:51 +04:00
class ExampleView(generics.ListCreateAPIView):
serializer_class = ClassASerializer
queryset = ClassA.objects.all()
2012-12-18 01:59:51 +04:00
2014-11-29 22:23:55 +03:00
class TestM2MBrowsableAPI(TestCase):
def test_m2m_in_browsable_api(self):
2012-12-18 01:59:51 +04:00
"""
Test for particularly ugly regression with m2m in browsable API
2012-12-18 01:59:51 +04:00
"""
request = factory.get('/', HTTP_ACCEPT='text/html')
view = ExampleView().as_view()
response = view(request).render()
assert response.status_code == status.HTTP_200_OK
class InclusiveFilterBackend(object):
def filter_queryset(self, request, queryset, view):
return queryset.filter(text='foo')
class ExclusiveFilterBackend(object):
def filter_queryset(self, request, queryset, view):
return queryset.filter(text='other')
class TwoFieldModel(models.Model):
field_a = models.CharField(max_length=100)
field_b = models.CharField(max_length=100)
class DynamicSerializerView(generics.ListCreateAPIView):
queryset = TwoFieldModel.objects.all()
renderer_classes = (renderers.BrowsableAPIRenderer, renderers.JSONRenderer)
def get_serializer_class(self):
if self.request.method == 'POST':
class DynamicSerializer(serializers.ModelSerializer):
class Meta:
model = TwoFieldModel
fields = ('field_b',)
else:
class DynamicSerializer(serializers.ModelSerializer):
class Meta:
model = TwoFieldModel
fields = '__all__'
return DynamicSerializer
class TestFilterBackendAppliedToViews(TestCase):
def setUp(self):
"""
Create 3 BasicModel instances to filter on.
"""
items = ['foo', 'bar', 'baz']
for item in items:
BasicModel(text=item).save()
self.objects = BasicModel.objects
self.data = [
{'id': obj.id, 'text': obj.text}
for obj in self.objects.all()
]
def test_get_root_view_filters_by_name_with_filter_backend(self):
"""
GET requests to ListCreateAPIView should return filtered list.
"""
root_view = RootView.as_view(filter_backends=(InclusiveFilterBackend,))
request = factory.get('/')
response = root_view(request).render()
assert response.status_code == status.HTTP_200_OK
assert len(response.data) == 1
assert response.data == [{'id': 1, 'text': 'foo'}]
def test_get_root_view_filters_out_all_models_with_exclusive_filter_backend(self):
"""
GET requests to ListCreateAPIView should return empty list when all models are filtered out.
"""
root_view = RootView.as_view(filter_backends=(ExclusiveFilterBackend,))
request = factory.get('/')
response = root_view(request).render()
assert response.status_code == status.HTTP_200_OK
assert response.data == []
def test_get_instance_view_filters_out_name_with_filter_backend(self):
"""
GET requests to RetrieveUpdateDestroyAPIView should raise 404 when model filtered out.
"""
instance_view = InstanceView.as_view(filter_backends=(ExclusiveFilterBackend,))
request = factory.get('/1')
response = instance_view(request, pk=1).render()
assert response.status_code == status.HTTP_404_NOT_FOUND
assert response.data == {'detail': 'Not found.'}
def test_get_instance_view_will_return_single_object_when_filter_does_not_exclude_it(self):
"""
GET requests to RetrieveUpdateDestroyAPIView should return a single object when not excluded
"""
instance_view = InstanceView.as_view(filter_backends=(InclusiveFilterBackend,))
request = factory.get('/1')
response = instance_view(request, pk=1).render()
assert response.status_code == status.HTTP_200_OK
assert response.data == {'id': 1, 'text': 'foo'}
def test_dynamic_serializer_form_in_browsable_api(self):
"""
GET requests to ListCreateAPIView should return filtered list.
"""
view = DynamicSerializerView.as_view()
request = factory.get('/')
response = view(request).render()
2016-11-30 09:35:34 +03:00
content = response.content.decode('utf8')
assert 'field_b' in content
assert 'field_a' not in content
class TestGuardedQueryset(TestCase):
def test_guarded_queryset(self):
class QuerysetAccessError(generics.ListAPIView):
queryset = BasicModel.objects.all()
def get(self, request):
return Response(list(self.queryset))
view = QuerysetAccessError.as_view()
request = factory.get('/')
with pytest.raises(RuntimeError):
view(request).render()