From 9d099c81a7ab674f12c3ca845985200354518c9c Mon Sep 17 00:00:00 2001 From: Oliver Walters Date: Fri, 26 Feb 2021 21:53:54 +1100 Subject: [PATCH] Refactor API tests for stock --- InvenTree/InvenTree/api_tester.py | 10 +++++- InvenTree/stock/test_api.py | 58 ++++++++++++------------------- InvenTree/users/models.py | 1 + 3 files changed, 32 insertions(+), 37 deletions(-) diff --git a/InvenTree/InvenTree/api_tester.py b/InvenTree/InvenTree/api_tester.py index 58a1f83c43..e153514ffc 100644 --- a/InvenTree/InvenTree/api_tester.py +++ b/InvenTree/InvenTree/api_tester.py @@ -83,4 +83,12 @@ class InvenTreeAPITestCase(APITestCase): self.assertEqual(response.status_code, code) return response - \ No newline at end of file + + def post(self, url, data): + """ + Issue a POST request + """ + + response = self.client.post(url, data=data, format='json') + + return response \ No newline at end of file diff --git a/InvenTree/stock/test_api.py b/InvenTree/stock/test_api.py index c8f6cc77b8..b9f08423fb 100644 --- a/InvenTree/stock/test_api.py +++ b/InvenTree/stock/test_api.py @@ -14,13 +14,14 @@ from django.contrib.auth import get_user_model from InvenTree.helpers import addUserPermissions from InvenTree.status_codes import StockStatus +from InvenTree.api_tester import InvenTreeAPITestCase from common.models import InvenTreeSetting from .models import StockItem, StockLocation -class StockAPITestCase(APITestCase): +class StockAPITestCase(InvenTreeAPITestCase): fixtures = [ 'category', @@ -32,34 +33,16 @@ class StockAPITestCase(APITestCase): 'stock_tests', ] + roles = [ + 'stock.change', + 'stock.add', + 'stock_location.change', + 'stock_location.add', + ] + def setUp(self): - # Create a user for auth - user = get_user_model() - self.user = user.objects.create_user('testuser', 'test@testing.com', 'password') - - self.user.is_staff = True - self.user.save() - - # Add the necessary permissions to the user - perms = [ - 'view_stockitemtestresult', - 'change_stockitemtestresult', - 'add_stockitemtestresult', - 'add_stocklocation', - 'change_stocklocation', - 'add_stockitem', - 'change_stockitem', - ] - - addUserPermissions(self.user, perms) - - self.client.login(username='testuser', password='password') - - def doPost(self, url, data={}): - response = self.client.post(url, data=data, format='json') - - return response + super().setUp() class StockLocationTest(StockAPITestCase): @@ -232,6 +215,9 @@ class StockItemListTest(StockAPITestCase): response = self.get_stock(expired=1) self.assertEqual(len(response), 20) + self.user.is_staff = True + self.user.save() + # Now, ensure that the expiry date feature is enabled! InvenTreeSetting.set_setting('STOCK_ENABLE_EXPIRY', True, self.user) @@ -449,7 +435,7 @@ class StocktakeTest(StockAPITestCase): data = {} # POST with a valid action - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, "must contain list", status_code=status.HTTP_400_BAD_REQUEST) data['items'] = [{ @@ -457,7 +443,7 @@ class StocktakeTest(StockAPITestCase): }] # POST without a PK - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, 'must contain a valid pk', status_code=status.HTTP_400_BAD_REQUEST) # POST with a PK but no quantity @@ -465,14 +451,14 @@ class StocktakeTest(StockAPITestCase): 'pk': 10 }] - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, 'must contain a valid pk', status_code=status.HTTP_400_BAD_REQUEST) data['items'] = [{ 'pk': 1234 }] - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, 'must contain a valid quantity', status_code=status.HTTP_400_BAD_REQUEST) data['items'] = [{ @@ -480,7 +466,7 @@ class StocktakeTest(StockAPITestCase): 'quantity': '10x0d' }] - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, 'must contain a valid quantity', status_code=status.HTTP_400_BAD_REQUEST) data['items'] = [{ @@ -488,7 +474,7 @@ class StocktakeTest(StockAPITestCase): 'quantity': "-1.234" }] - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, 'must not be less than zero', status_code=status.HTTP_400_BAD_REQUEST) # Test with a single item @@ -499,7 +485,7 @@ class StocktakeTest(StockAPITestCase): } } - response = self.doPost(url, data) + response = self.post(url, data) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_transfer(self): @@ -518,13 +504,13 @@ class StocktakeTest(StockAPITestCase): url = reverse('api-stock-transfer') - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, "Moved 1 parts to", status_code=status.HTTP_200_OK) # Now try one which will fail due to a bad location data['location'] = 'not a location' - response = self.doPost(url, data) + response = self.post(url, data) self.assertContains(response, 'Valid location must be specified', status_code=status.HTTP_400_BAD_REQUEST) diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py index 478a8c3659..3952c00e91 100644 --- a/InvenTree/users/models.py +++ b/InvenTree/users/models.py @@ -183,6 +183,7 @@ class RuleSet(models.Model): if check_user_role(user, role, permission): return True + print("failed permission check for", table, permission) return False @staticmethod