mirror of
https://github.com/encode/django-rest-framework.git
synced 2025-08-05 13:00:12 +03:00
added testcases for Permission denied exceptions
This commit is contained in:
parent
0512c394a3
commit
cfd9b58568
|
@ -11,6 +11,8 @@ from rest_framework.response import Response
|
|||
from rest_framework.settings import api_settings
|
||||
from rest_framework.test import APIRequestFactory
|
||||
from rest_framework.views import APIView
|
||||
from rest_framework.exceptions import PermissionDenied
|
||||
from django.core.exceptions import PermissionDenied as DjangoPermissionDenied
|
||||
|
||||
factory = APIRequestFactory()
|
||||
|
||||
|
@ -50,6 +52,25 @@ def error_view(request):
|
|||
raise Exception
|
||||
|
||||
|
||||
@api_view(['GET'])
|
||||
def permissiondenied_instance_view(request):
|
||||
return PermissionDenied()
|
||||
raise PermissionDenied()
|
||||
|
||||
@api_view(['GET'])
|
||||
def permissiondenied_class_view(request):
|
||||
raise PermissionDenied
|
||||
|
||||
@api_view(['GET'])
|
||||
def django_permissiondenied_instance_view(request):
|
||||
raise DjangoPermissionDenied()
|
||||
|
||||
@api_view(['GET'])
|
||||
def django_permissiondenied_class_view(request):
|
||||
raise DjangoPermissionDenied
|
||||
|
||||
|
||||
|
||||
def sanitise_json_error(error_dict):
|
||||
"""
|
||||
Exact contents of JSON error messages depend on the installed version
|
||||
|
@ -89,6 +110,59 @@ class FunctionBasedViewIntegrationTests(TestCase):
|
|||
self.assertEqual(sanitise_json_error(response.data), expected)
|
||||
|
||||
|
||||
class FuncionBasedPermissionDeniedTests(TestCase):
|
||||
|
||||
|
||||
def setUp(self):
|
||||
self.authentication_classes = api_settings.DEFAULT_AUTHENTICATION_CLASSES
|
||||
api_settings.DEFAULT_AUTHENTICATION_CLASSES = 'rest_framework.permissions.IsAuthenticated'
|
||||
|
||||
def tearDown(self):
|
||||
api_settings.DEFAULT_AUTHENTICATION_CLASSES = self.authentication_classes
|
||||
|
||||
def test_permission_denied_instance_error(self):
|
||||
self.view = permissiondenied_instance_view
|
||||
request = factory.get('/', content_type='application/json')
|
||||
response = self.view(request)
|
||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||
expected = {
|
||||
'detail': 'You do not have permission to perform this action.'
|
||||
}
|
||||
self.assertEqual(sanitise_json_error(response.data), expected)
|
||||
|
||||
def test_permission_denied_class_error(self):
|
||||
self.view = permissiondenied_class_view
|
||||
|
||||
request = factory.get('/', content_type='application/json')
|
||||
response = self.view(request)
|
||||
expected = {
|
||||
'detail': 'You do not have permission to perform this action.'
|
||||
}
|
||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||
self.assertEqual(sanitise_json_error(response.data), expected)
|
||||
|
||||
def test_django_permission_denied_instance_error(self):
|
||||
self.view = django_permissiondenied_instance_view
|
||||
request = factory.get('/', content_type='application/json')
|
||||
response = self.view(request)
|
||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||
expected = {
|
||||
'detail': u'Permission denied.'
|
||||
}
|
||||
self.assertEqual(sanitise_json_error(response.data), expected)
|
||||
|
||||
def test_django_permission_denied_class_error(self):
|
||||
self.view = django_permissiondenied_class_view
|
||||
request = factory.get('/', content_type='application/json')
|
||||
response = self.view(request)
|
||||
expected = {
|
||||
'detail': u'Permission denied.'
|
||||
}
|
||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||
self.assertEqual(sanitise_json_error(response.data), expected)
|
||||
|
||||
|
||||
|
||||
class TestCustomExceptionHandler(TestCase):
|
||||
def setUp(self):
|
||||
self.DEFAULT_HANDLER = api_settings.EXCEPTION_HANDLER
|
||||
|
|
Loading…
Reference in New Issue
Block a user