added testcases for Permission denied exceptions

This commit is contained in:
Jens Timmerman 2016-02-02 17:56:32 +01:00
parent 0512c394a3
commit cfd9b58568

View File

@ -11,6 +11,8 @@ from rest_framework.response import Response
from rest_framework.settings import api_settings
from rest_framework.test import APIRequestFactory
from rest_framework.views import APIView
from rest_framework.exceptions import PermissionDenied
from django.core.exceptions import PermissionDenied as DjangoPermissionDenied
factory = APIRequestFactory()
@ -50,6 +52,25 @@ def error_view(request):
raise Exception
@api_view(['GET'])
def permissiondenied_instance_view(request):
return PermissionDenied()
raise PermissionDenied()
@api_view(['GET'])
def permissiondenied_class_view(request):
raise PermissionDenied
@api_view(['GET'])
def django_permissiondenied_instance_view(request):
raise DjangoPermissionDenied()
@api_view(['GET'])
def django_permissiondenied_class_view(request):
raise DjangoPermissionDenied
def sanitise_json_error(error_dict):
"""
Exact contents of JSON error messages depend on the installed version
@ -89,6 +110,59 @@ class FunctionBasedViewIntegrationTests(TestCase):
self.assertEqual(sanitise_json_error(response.data), expected)
class FuncionBasedPermissionDeniedTests(TestCase):
def setUp(self):
self.authentication_classes = api_settings.DEFAULT_AUTHENTICATION_CLASSES
api_settings.DEFAULT_AUTHENTICATION_CLASSES = 'rest_framework.permissions.IsAuthenticated'
def tearDown(self):
api_settings.DEFAULT_AUTHENTICATION_CLASSES = self.authentication_classes
def test_permission_denied_instance_error(self):
self.view = permissiondenied_instance_view
request = factory.get('/', content_type='application/json')
response = self.view(request)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
expected = {
'detail': 'You do not have permission to perform this action.'
}
self.assertEqual(sanitise_json_error(response.data), expected)
def test_permission_denied_class_error(self):
self.view = permissiondenied_class_view
request = factory.get('/', content_type='application/json')
response = self.view(request)
expected = {
'detail': 'You do not have permission to perform this action.'
}
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(sanitise_json_error(response.data), expected)
def test_django_permission_denied_instance_error(self):
self.view = django_permissiondenied_instance_view
request = factory.get('/', content_type='application/json')
response = self.view(request)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
expected = {
'detail': u'Permission denied.'
}
self.assertEqual(sanitise_json_error(response.data), expected)
def test_django_permission_denied_class_error(self):
self.view = django_permissiondenied_class_view
request = factory.get('/', content_type='application/json')
response = self.view(request)
expected = {
'detail': u'Permission denied.'
}
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(sanitise_json_error(response.data), expected)
class TestCustomExceptionHandler(TestCase):
def setUp(self):
self.DEFAULT_HANDLER = api_settings.EXCEPTION_HANDLER