From 801304fa5496e45360096dcfa2713687f66c11e7 Mon Sep 17 00:00:00 2001 From: Bruno Alla Date: Sat, 31 Aug 2024 10:31:36 +0100 Subject: [PATCH] Add some integrations tests to cover various view types --- tests/test_middleware.py | 74 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 73 insertions(+), 1 deletion(-) diff --git a/tests/test_middleware.py b/tests/test_middleware.py index 6b2c91db7..11d4bc01e 100644 --- a/tests/test_middleware.py +++ b/tests/test_middleware.py @@ -1,14 +1,21 @@ +import unittest + +import django from django.contrib.auth.models import User from django.http import HttpRequest from django.test import override_settings -from django.urls import path +from django.urls import include, path +from rest_framework import status from rest_framework.authentication import TokenAuthentication from rest_framework.authtoken.models import Token +from rest_framework.decorators import action, api_view from rest_framework.request import is_form_media_type from rest_framework.response import Response +from rest_framework.routers import SimpleRouter from rest_framework.test import APITestCase from rest_framework.views import APIView +from rest_framework.viewsets import GenericViewSet class PostView(APIView): @@ -16,9 +23,39 @@ class PostView(APIView): return Response(data=request.data, status=200) +class GetAPIView(APIView): + def get(self, request): + return Response(data="OK", status=200) + + +@api_view(['GET']) +def get_func_view(request): + return Response(data="OK", status=200) + + +class ListViewSet(GenericViewSet): + + def list(self, request, *args, **kwargs): + response = Response() + response.view = self + return response + + @action(detail=False, url_path='list-action') + def list_action(self, request, *args, **kwargs): + response = Response() + response.view = self + return response + + +router = SimpleRouter() +router.register(r'view-set', ListViewSet, basename='view_set') + urlpatterns = [ path('auth', APIView.as_view(authentication_classes=(TokenAuthentication,))), path('post', PostView.as_view()), + path('get', GetAPIView.as_view()), + path('get-func', get_func_view), + path('api/', include(router.urls)), ] @@ -74,3 +111,38 @@ class TestMiddleware(APITestCase): response = self.client.post('/post', {'foo': 'bar'}, format='json') assert response.status_code == 200 + + +@unittest.skipUnless(django.VERSION >= (5, 1), 'Only for Django 5.1+') +@override_settings( + ROOT_URLCONF='tests.test_middleware', + MIDDLEWARE=( + # Needed for AuthenticationMiddleware + 'django.contrib.sessions.middleware.SessionMiddleware', + # Needed for LoginRequiredMiddleware + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django.contrib.auth.middleware.LoginRequiredMiddleware', + ), +) +class TestLoginRequiredMiddlewareCompat(APITestCase): + """ + Django's 5.1+ LoginRequiredMiddleware should NOT apply to DRF views. + + Instead, users should put IsAuthenticated in their + DEFAULT_PERMISSION_CLASSES setting. + """ + def test_class_based_view(self): + response = self.client.get('/get') + assert response.status_code == status.HTTP_200_OK + + def test_function_based_view(self): + response = self.client.get('/get-func') + assert response.status_code == status.HTTP_200_OK + + def test_viewset_list(self): + response = self.client.get('/api/view-set/') + assert response.status_code == status.HTTP_200_OK + + def test_viewset_list_action(self): + response = self.client.get('/api/view-set/list-action/') + assert response.status_code == status.HTTP_200_OK