encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-07-28 17:09:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add test override permission code

Browse Source
This commit is contained in:
jun0jang 2019-11-06 15:46:18 +09:00
parent 5521eacb02
commit e7eff73ad5
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tests/test_permissions.py
View File

@ -438,6 +438,7 @@ class BasicPerm(permissions.BasePermission):
class BasicPermWithDetail(permissions.BasePermission): class BasicPermWithDetail(permissions.BasePermission):
message = 'Custom: You cannot access this resource' message = 'Custom: You cannot access this resource'
code = 'custom_resource_permission_denied'
def has_permission(self, request, view): def has_permission(self, request, view):
return False return False
@ -450,6 +451,7 @@ class BasicObjectPerm(permissions.BasePermission):
class BasicObjectPermWithDetail(permissions.BasePermission): class BasicObjectPermWithDetail(permissions.BasePermission):
message = 'Custom: You cannot access this resource' message = 'Custom: You cannot access this resource'
code = 'custom_resource_permission_denied'
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
return False return False
@ -492,30 +494,39 @@ class CustomPermissionsTests(TestCase):
credentials = basic_auth_header('username', 'password') credentials = basic_auth_header('username', 'password')
self.request = factory.get('/1', format='json', HTTP_AUTHORIZATION=credentials) self.request = factory.get('/1', format='json', HTTP_AUTHORIZATION=credentials)
self.custom_message = 'Custom: You cannot access this resource' self.custom_message = 'Custom: You cannot access this resource'
self.custom_code = 'custom_resource_permission_denied'
def test_permission_denied(self): def test_permission_denied(self):
response = denied_view(self.request, pk=1) response = denied_view(self.request, pk=1)
detail = response.data.get('detail') detail = response.data.get('detail')
code = response.data.get('code')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertNotEqual(detail, self.custom_message) self.assertNotEqual(detail, self.custom_message)
self.assertNotEqual(code, self.custom_code)
def test_permission_denied_with_custom_detail(self): def test_permission_denied_with_custom_detail(self):
response = denied_view_with_detail(self.request, pk=1) response = denied_view_with_detail(self.request, pk=1)
detail = response.data.get('detail') detail = response.data.get('detail')
code = response.data.get('code')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(detail, self.custom_message) self.assertEqual(detail, self.custom_message)
self.assertEqual(code, self.custom_code)
def test_permission_denied_for_object(self): def test_permission_denied_for_object(self):
response = denied_object_view(self.request, pk=1) response = denied_object_view(self.request, pk=1)
detail = response.data.get('detail') detail = response.data.get('detail')
code = response.data.get('code')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertNotEqual(detail, self.custom_message) self.assertNotEqual(detail, self.custom_message)
self.assertNotEqual(code, self.custom_code)
def test_permission_denied_for_object_with_custom_detail(self): def test_permission_denied_for_object_with_custom_detail(self):
response = denied_object_view_with_detail(self.request, pk=1) response = denied_object_view_with_detail(self.request, pk=1)
detail = response.data.get('detail') detail = response.data.get('detail')
code = response.data.get('code')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(detail, self.custom_message) self.assertEqual(detail, self.custom_message)
self.assertEqual(code, self.custom_code)
class PermissionsCompositionTests(TestCase): class PermissionsCompositionTests(TestCase):