From cfd9b58568466fe83dc4cc6099263078bc1744fc Mon Sep 17 00:00:00 2001 From: Jens Timmerman Date: Tue, 2 Feb 2016 17:56:32 +0100 Subject: [PATCH 1/6] added testcases for Permission denied exceptions --- tests/test_views.py | 74 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) diff --git a/tests/test_views.py b/tests/test_views.py index 05c499481..628d75727 100644 --- a/tests/test_views.py +++ b/tests/test_views.py @@ -11,6 +11,8 @@ from rest_framework.response import Response from rest_framework.settings import api_settings from rest_framework.test import APIRequestFactory from rest_framework.views import APIView +from rest_framework.exceptions import PermissionDenied +from django.core.exceptions import PermissionDenied as DjangoPermissionDenied factory = APIRequestFactory() @@ -50,6 +52,25 @@ def error_view(request): raise Exception +@api_view(['GET']) +def permissiondenied_instance_view(request): + return PermissionDenied() + raise PermissionDenied() + +@api_view(['GET']) +def permissiondenied_class_view(request): + raise PermissionDenied + +@api_view(['GET']) +def django_permissiondenied_instance_view(request): + raise DjangoPermissionDenied() + +@api_view(['GET']) +def django_permissiondenied_class_view(request): + raise DjangoPermissionDenied + + + def sanitise_json_error(error_dict): """ Exact contents of JSON error messages depend on the installed version @@ -89,6 +110,59 @@ class FunctionBasedViewIntegrationTests(TestCase): self.assertEqual(sanitise_json_error(response.data), expected) +class FuncionBasedPermissionDeniedTests(TestCase): + + + def setUp(self): + self.authentication_classes = api_settings.DEFAULT_AUTHENTICATION_CLASSES + api_settings.DEFAULT_AUTHENTICATION_CLASSES = 'rest_framework.permissions.IsAuthenticated' + + def tearDown(self): + api_settings.DEFAULT_AUTHENTICATION_CLASSES = self.authentication_classes + + def test_permission_denied_instance_error(self): + self.view = permissiondenied_instance_view + request = factory.get('/', content_type='application/json') + response = self.view(request) + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + expected = { + 'detail': 'You do not have permission to perform this action.' + } + self.assertEqual(sanitise_json_error(response.data), expected) + + def test_permission_denied_class_error(self): + self.view = permissiondenied_class_view + + request = factory.get('/', content_type='application/json') + response = self.view(request) + expected = { + 'detail': 'You do not have permission to perform this action.' + } + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(sanitise_json_error(response.data), expected) + + def test_django_permission_denied_instance_error(self): + self.view = django_permissiondenied_instance_view + request = factory.get('/', content_type='application/json') + response = self.view(request) + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + expected = { + 'detail': u'Permission denied.' + } + self.assertEqual(sanitise_json_error(response.data), expected) + + def test_django_permission_denied_class_error(self): + self.view = django_permissiondenied_class_view + request = factory.get('/', content_type='application/json') + response = self.view(request) + expected = { + 'detail': u'Permission denied.' + } + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(sanitise_json_error(response.data), expected) + + + class TestCustomExceptionHandler(TestCase): def setUp(self): self.DEFAULT_HANDLER = api_settings.EXCEPTION_HANDLER From 4a7d4b84afc89f72958c02e44dc42c56d03dd31e Mon Sep 17 00:00:00 2001 From: Jens Timmerman Date: Tue, 2 Feb 2016 18:03:45 +0100 Subject: [PATCH 2/6] setting default authentication classes in the FunctionBasedPermissionDeniedTests does not add anything --- tests/test_views.py | 7 ------- 1 file changed, 7 deletions(-) diff --git a/tests/test_views.py b/tests/test_views.py index 628d75727..b44c38c45 100644 --- a/tests/test_views.py +++ b/tests/test_views.py @@ -113,13 +113,6 @@ class FunctionBasedViewIntegrationTests(TestCase): class FuncionBasedPermissionDeniedTests(TestCase): - def setUp(self): - self.authentication_classes = api_settings.DEFAULT_AUTHENTICATION_CLASSES - api_settings.DEFAULT_AUTHENTICATION_CLASSES = 'rest_framework.permissions.IsAuthenticated' - - def tearDown(self): - api_settings.DEFAULT_AUTHENTICATION_CLASSES = self.authentication_classes - def test_permission_denied_instance_error(self): self.view = permissiondenied_instance_view request = factory.get('/', content_type='application/json') From 9c70f1d551a51ecf9f2400539da137ac400a1c0a Mon Sep 17 00:00:00 2001 From: Jens Timmerman Date: Tue, 2 Feb 2016 18:07:35 +0100 Subject: [PATCH 3/6] removed accedentally leftover code in permissiondenied_instance_view test view --- tests/test_views.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/test_views.py b/tests/test_views.py index b44c38c45..346bebeaa 100644 --- a/tests/test_views.py +++ b/tests/test_views.py @@ -54,7 +54,6 @@ def error_view(request): @api_view(['GET']) def permissiondenied_instance_view(request): - return PermissionDenied() raise PermissionDenied() @api_view(['GET']) From 3e749000c82a4f48e3efff20bada5f032759d7f6 Mon Sep 17 00:00:00 2001 From: Jens Timmerman Date: Tue, 2 Feb 2016 18:14:56 +0100 Subject: [PATCH 4/6] fixed typo --- tests/test_views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_views.py b/tests/test_views.py index 346bebeaa..a13a72a50 100644 --- a/tests/test_views.py +++ b/tests/test_views.py @@ -109,7 +109,7 @@ class FunctionBasedViewIntegrationTests(TestCase): self.assertEqual(sanitise_json_error(response.data), expected) -class FuncionBasedPermissionDeniedTests(TestCase): +class FunctionBasedPermissionDeniedTests(TestCase): def test_permission_denied_instance_error(self): From ee28fbe786671f8745496c974d85e4993aec8a71 Mon Sep 17 00:00:00 2001 From: Jens Timmerman Date: Tue, 2 Feb 2016 18:44:37 +0100 Subject: [PATCH 5/6] fixed pylint white lines warnings --- tests/test_views.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/test_views.py b/tests/test_views.py index a13a72a50..297b896ec 100644 --- a/tests/test_views.py +++ b/tests/test_views.py @@ -56,20 +56,22 @@ def error_view(request): def permissiondenied_instance_view(request): raise PermissionDenied() + @api_view(['GET']) def permissiondenied_class_view(request): raise PermissionDenied + @api_view(['GET']) def django_permissiondenied_instance_view(request): raise DjangoPermissionDenied() + @api_view(['GET']) def django_permissiondenied_class_view(request): raise DjangoPermissionDenied - def sanitise_json_error(error_dict): """ Exact contents of JSON error messages depend on the installed version @@ -111,7 +113,6 @@ class FunctionBasedViewIntegrationTests(TestCase): class FunctionBasedPermissionDeniedTests(TestCase): - def test_permission_denied_instance_error(self): self.view = permissiondenied_instance_view request = factory.get('/', content_type='application/json') @@ -154,7 +155,6 @@ class FunctionBasedPermissionDeniedTests(TestCase): self.assertEqual(sanitise_json_error(response.data), expected) - class TestCustomExceptionHandler(TestCase): def setUp(self): self.DEFAULT_HANDLER = api_settings.EXCEPTION_HANDLER From 164abdc18b84d08a5fadb6e8fd4a7d899253796e Mon Sep 17 00:00:00 2001 From: Jens Timmerman Date: Wed, 3 Feb 2016 18:06:47 +0100 Subject: [PATCH 6/6] sort imports --- tests/test_views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test_views.py b/tests/test_views.py index 297b896ec..58cf8cdf1 100644 --- a/tests/test_views.py +++ b/tests/test_views.py @@ -3,16 +3,16 @@ from __future__ import unicode_literals import copy import sys +from django.core.exceptions import PermissionDenied as DjangoPermissionDenied from django.test import TestCase from rest_framework import status from rest_framework.decorators import api_view +from rest_framework.exceptions import PermissionDenied from rest_framework.response import Response from rest_framework.settings import api_settings from rest_framework.test import APIRequestFactory from rest_framework.views import APIView -from rest_framework.exceptions import PermissionDenied -from django.core.exceptions import PermissionDenied as DjangoPermissionDenied factory = APIRequestFactory()