diff --git a/arkindex/documents/tests/test_allowed_metadata.py b/arkindex/documents/tests/test_allowed_metadata.py
index 9f5c88fea7d3acaaf0428e8e206a73ab8bda4d68..faae9da70e65f3583effde0af0313a6a3da2c1ad 100644
--- a/arkindex/documents/tests/test_allowed_metadata.py
+++ b/arkindex/documents/tests/test_allowed_metadata.py
@@ -197,8 +197,12 @@ class TestAllowedMetaData(FixtureAPITestCase):
def test_update(self):
self.client.force_login(self.superuser)
- response = self.client.put(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': 'url', 'name': 'newName'})
- self.assertEqual(response.status_code, status.HTTP_200_OK)
+ with self.assertNumQueries(6):
+ response = self.client.put(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'url', 'name': 'newName'},
+ )
+ self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertDictEqual(response.json(), {
'id': str(self.test_meta.id),
'type': 'url',
@@ -206,26 +210,40 @@ class TestAllowedMetaData(FixtureAPITestCase):
})
def test_update_requires_login(self):
- response = self.client.put(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': 'url', 'name': 'newName'})
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(0):
+ response = self.client.put(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'url', 'name': 'newName'},
+ )
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_update_requires_verified(self):
self.user.verified_email = False
self.user.save()
self.client.force_login(self.user)
- response = self.client.put(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': 'url', 'name': 'newName'})
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(2):
+ response = self.client.put(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'url', 'name': 'newName'},
+ )
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_update_private_corpus(self):
self.client.force_login(self.user)
- response = self.client.put(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.private_corpus.id, 'pk': self.test_meta.id}), {'type': 'url', 'name': 'newName'})
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(6):
+ response = self.client.put(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.private_corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'url', 'name': 'newName'},
+ )
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_update_invalid_type(self):
self.client.force_login(self.user)
with self.assertNumQueries(7):
response = self.client.put(
- reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': 'invalidType', 'name': 'newName'})
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'invalidType', 'name': 'newName'},
+ )
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertDictEqual(response.json(), {
'type': ['Value is not of type MetaType']
@@ -235,7 +253,9 @@ class TestAllowedMetaData(FixtureAPITestCase):
self.client.force_login(self.user)
with self.assertNumQueries(7):
response = self.client.put(
- reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'name': 'newName'})
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'name': 'newName'},
+ )
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertDictEqual(response.json(), {
'type': ['This field is required.']
@@ -245,16 +265,34 @@ class TestAllowedMetaData(FixtureAPITestCase):
self.client.force_login(self.user)
with self.assertNumQueries(8):
response = self.client.put(
- reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': self.allowed_meta[1].type.value, 'name': self.allowed_meta[1].name})
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': self.allowed_meta[1].type.value, 'name': self.allowed_meta[1].name},
+ )
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertDictEqual(response.json(), {
'detail': ['An AllowedMetaData with this type and name already exists in this corpus.']
})
+ def test_update_requires_corpus_admin(self):
+ self.client.force_login(self.user)
+ for role in [Role.Guest, Role.Contributor]:
+ with self.subTest(role=role):
+ self.corpus.memberships.filter(user=self.user).update(level=role.value)
+ with self.assertNumQueries(5):
+ response = self.client.put(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': self.allowed_meta[2].type.value, 'name': self.allowed_meta[2].name},
+ )
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
def test_partial_update(self):
self.client.force_login(self.user)
- response = self.client.patch(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'name': 'newName'})
- self.assertEqual(response.status_code, status.HTTP_200_OK)
+ with self.assertNumQueries(9):
+ response = self.client.patch(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'name': 'newName'},
+ )
+ self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertDictEqual(response.json(), {
'id': str(self.test_meta.id),
'type': self.test_meta.type.value,
@@ -262,26 +300,38 @@ class TestAllowedMetaData(FixtureAPITestCase):
})
def test_partial_update_requires_login(self):
- response = self.client.patch(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'name': 'newName'})
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(0):
+ response = self.client.patch(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'name': 'newName'},
+ )
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_partial_update_requires_verified(self):
self.user.verified_email = False
self.user.save()
self.client.force_login(self.user)
- response = self.client.patch(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': 'reference'})
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(2):
+ response = self.client.patch(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'reference'})
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_partial_update_private_corpus(self):
self.client.force_login(self.user)
- response = self.client.patch(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.private_corpus.id, 'pk': self.test_meta.id}), {'type': 'reference'})
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(6):
+ response = self.client.patch(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.private_corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'reference'})
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_partial_update_invalid_type(self):
self.client.force_login(self.user)
with self.assertNumQueries(7):
response = self.client.patch(
- reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': 'invalidType'})
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': 'invalidType'},
+ )
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertDictEqual(response.json(), {
'type': ['Value is not of type MetaType']
@@ -291,49 +341,71 @@ class TestAllowedMetaData(FixtureAPITestCase):
self.client.force_login(self.user)
with self.assertNumQueries(8):
response = self.client.patch(
- reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}), {'type': self.allowed_meta[2].type.value})
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': self.allowed_meta[2].type.value},
+ )
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertDictEqual(response.json(), {
'detail': ['An AllowedMetaData with this type and name already exists in this corpus.']
})
+ def test_partial_update_requires_corpus_admin(self):
+ self.client.force_login(self.user)
+ for role in [Role.Guest, Role.Contributor]:
+ with self.subTest(role=role):
+ self.corpus.memberships.filter(user=self.user).update(level=role.value)
+ with self.assertNumQueries(5):
+ response = self.client.patch(
+ reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}),
+ {'type': self.allowed_meta[2].type.value},
+ )
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
def test_destroy(self):
self.client.force_login(self.user)
- response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
- self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
- response = self.client.get(
- reverse('api:corpus-allowed-metadata', kwargs={'pk': self.corpus.id}),
- data={'page_size': 3}
- )
- data = response.json()
- self.assertEqual(data['count'], 5)
- response = self.client.get(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
- self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+ with self.assertNumQueries(8):
+ response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
+ self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
+
+ with self.assertRaises(AllowedMetaData.DoesNotExist):
+ self.test_meta.refresh_from_db()
+
+ def test_destroy_not_found(self):
+ self.client.force_login(self.user)
+ with self.assertNumQueries(7):
+ response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa'}))
+ self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+ def test_destroy_corpus_not_found(self):
+ self.client.force_login(self.user)
+ with self.assertNumQueries(3):
+ response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa', 'pk': self.test_meta.id}))
+ self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_destroy_requires_login(self):
- response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(0):
+ response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_destroy_requires_verified(self):
self.user.verified_email = False
self.user.save()
self.client.force_login(self.user)
- response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(2):
+ response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_destroy_private_corpus(self):
self.client.force_login(self.user)
- response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.private_corpus.id, 'pk': self.test_meta.id}))
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
-
- def test_destroy_guest_forbidden(self):
- self.client.force_login(self.user)
- self.corpus.memberships.filter(user=self.user).update(level=Role.Guest.value)
- response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ with self.assertNumQueries(6):
+ response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.private_corpus.id, 'pk': self.test_meta.id}))
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
- def test_destroy_contributor_forbidden(self):
+ def test_destroy_requires_corpus_admin(self):
self.client.force_login(self.user)
- self.corpus.memberships.filter(user=self.user).update(level=Role.Contributor.value)
- response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
- self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+ for role in [Role.Guest, Role.Contributor]:
+ with self.subTest(role=role):
+ self.corpus.memberships.filter(user=self.user).update(level=role.value)
+ with self.assertNumQueries(5):
+ response = self.client.delete(reverse('api:allowed-metadata-edit', kwargs={'corpus': self.corpus.id, 'pk': self.test_meta.id}))
+ self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)