92 lines
4.1 KiB
Python
92 lines
4.1 KiB
Python
|
|
from django.urls import reverse
|
|
from rest_framework.test import APITestCase, APIClient
|
|
from rest_framework import status
|
|
from django.contrib.auth import get_user_model
|
|
from api.organization.models import Organizacion
|
|
from .models import CustomUser
|
|
|
|
User = get_user_model()
|
|
|
|
class CustomUserViewSetTests(APITestCase):
|
|
def setUp(self):
|
|
self.org = Organizacion.objects.create(nombre="OrgTest", is_active=True, is_verified=True)
|
|
self.org2 = Organizacion.objects.create(nombre="OrgTest2", is_active=True, is_verified=True)
|
|
self.admin = User.objects.create_user(username="admin", password="adminpass", organizacion=self.org)
|
|
self.admin.groups.create(name="admin")
|
|
self.superuser = User.objects.create_superuser(username="superuser", password="superpass")
|
|
self.importador = User.objects.create_user(username="importador", password="importpass", organizacion=self.org2, is_importador=True, rfc="RFC123456789")
|
|
self.importador.groups.create(name="importador")
|
|
self.user = User.objects.create_user(username="user1", password="userpass", organizacion=self.org)
|
|
self.client = APIClient()
|
|
def test_admin_sees_only_own_org_users(self):
|
|
user2 = User.objects.create_user(username="user2", password="userpass2", organizacion=self.org2)
|
|
self.client.force_authenticate(user=self.admin)
|
|
url = reverse('customuser-list')
|
|
response = self.client.get(url)
|
|
usernames = [u['username'] for u in response.data]
|
|
self.assertIn("admin", usernames)
|
|
self.assertIn("user1", usernames)
|
|
self.assertNotIn("user2", usernames)
|
|
|
|
def test_superuser_sees_all_users(self):
|
|
user2 = User.objects.create_user(username="user2", password="userpass2", organizacion=self.org2)
|
|
self.client.force_authenticate(user=self.superuser)
|
|
url = reverse('customuser-list')
|
|
response = self.client.get(url)
|
|
usernames = [u['username'] for u in response.data]
|
|
self.assertIn("admin", usernames)
|
|
self.assertIn("user1", usernames)
|
|
self.assertIn("user2", usernames)
|
|
|
|
def test_importador_cannot_create_user(self):
|
|
self.client.force_authenticate(user=self.importador)
|
|
url = reverse('customuser-list')
|
|
data = {
|
|
"username": "newuser",
|
|
"email": "newuser@example.com",
|
|
"first_name": "New",
|
|
"last_name": "User",
|
|
"password": "newpass123"
|
|
}
|
|
response = self.client.post(url, data)
|
|
self.assertNotIn(response.status_code, [status.HTTP_201_CREATED, status.HTTP_200_OK])
|
|
|
|
def test_list_users(self):
|
|
url = reverse('customuser-list')
|
|
response = self.client.get(url)
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
self.assertTrue(len(response.data) >= 1)
|
|
|
|
def test_me_endpoint(self):
|
|
url = reverse('customuser-me')
|
|
response = self.client.get(url)
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
self.assertEqual(response.data['username'], self.admin.username)
|
|
|
|
def test_create_user_as_admin(self):
|
|
url = reverse('customuser-list')
|
|
data = {
|
|
"username": "newuser",
|
|
"email": "newuser@example.com",
|
|
"first_name": "New",
|
|
"last_name": "User",
|
|
"password": "newpass123"
|
|
}
|
|
response = self.client.post(url, data)
|
|
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
|
self.assertEqual(response.data['username'], "newuser")
|
|
|
|
def test_update_user_as_admin(self):
|
|
url = reverse('customuser-detail', args=[str(self.user.id)])
|
|
data = {"first_name": "Updated"}
|
|
response = self.client.patch(url, data)
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
self.assertEqual(response.data['first_name'], "Updated")
|
|
|
|
def test_profile_picture_view(self):
|
|
# No profile picture, should return 404
|
|
url = reverse('profile-picture', args=[str(self.user.id)])
|
|
response = self.client.get(url)
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|