[test] Added reusable tests for multi-tenant API

Author: pandafy

openwisp_users/tests/test_api/__init__.py

@@ -12,5 +12,159 @@ def _obtain_auth_token(self, username='operator', password='tester'):
         return response.data['token']
 
 
-class APITestCase(TestMultitenantAdminMixin, AuthenticationMixin, TestCase):
+class TestMultitenantApiMixin(TestMultitenantAdminMixin):
+    def _test_access_shared_object(
+        self,
+        token,
+        listview_name=None,
+        listview_path=None,
+        detailview_name=None,
+        detailview_path=None,
+        create_payload=None,
+        update_payload=None,
+        expected_count=0,
+        expected_status_codes=None,
+    ):
+        auth = dict(HTTP_AUTHORIZATION=f'Bearer {token}')
+        create_payload = create_payload or {}
+        update_payload = update_payload or {}
+        expected_status_codes = expected_status_codes or {}
+
+        if listview_name or listview_path:
+            listview_path = listview_path or reverse(listview_name)
+            with self.subTest('HEAD and OPTION methods'):
+                response = self.client.head(listview_path, **auth)
+                self.assertEqual(response.status_code, expected_status_codes['head'])
+
+                response = self.client.options(listview_path, **auth)
+                self.assertEqual(response.status_code, expected_status_codes['option'])
+
+            with self.subTest('Create shared object'):
+                response = self.client.post(
+                    listview_path,
+                    data=create_payload,
+                    content_type='application/json',
+                    **auth,
+                )
+                self.assertEqual(response.status_code, expected_status_codes['create'])
+                if expected_status_codes['create'] == 400:
+                    self.assertEqual(
+                        str(response.data['organization'][0]),
+                        'This field may not be null.',
+                    )
+
+            with self.subTest('List all shared objects'):
+                response = self.client.get(listview_path, **auth)
+                self.assertEqual(response.status_code, expected_status_codes['list'])
+                data = response.data
+                if not isinstance(response.data, list):
+                    data = data.get('results', data)
+                self.assertEqual(len(data), expected_count)
+
+        if detailview_name or detailview_path:
+            if not detailview_path and listview_name and expected_count > 0:
+                detailview_path = reverse(detailview_name, args=[data[0]['id']])
+
+            with self.subTest('Retrieve shared object'):
+                response = self.client.get(detailview_path, **auth)
+                self.assertEqual(
+                    response.status_code, expected_status_codes['retrieve']
+                )
+
+            with self.subTest('Update shared object'):
+                response = self.client.put(
+                    detailview_path,
+                    data=update_payload,
+                    content_type='application/json',
+                    **auth,
+                )
+                self.assertEqual(response.status_code, expected_status_codes['update'])
+
+            with self.subTest('Delete shared object'):
+                response = self.client.delete(detailview_path, **auth)
+                self.assertEqual(response.status_code, expected_status_codes['delete'])
+
+    def _test_org_user_access_shared_object(
+        self,
+        listview_name=None,
+        listview_path=None,
+        detailview_name=None,
+        detailview_path=None,
+        create_payload=None,
+        update_payload=None,
+        expected_count=0,
+        expected_status_codes=None,
+        token=None,
+    ):
+        """
+        Non-superusers can only view shared objects.
+        They cannot create, update, or delete them.
+        """
+        if not token:
+            user = self._create_administrator(organizations=[self._get_org()])
+            token = self._obtain_auth_token(user.username, 'tester')
+        if not expected_status_codes:
+            expected_status_codes = {
+                'create': 400,
+                'list': 200,
+                'retrieve': 200,
+                'update': 403,
+                'delete': 403,
+                'head': 200,
+                'option': 200,
+            }
+        self._test_access_shared_object(
+            token=token,
+            listview_name=listview_name,
+            listview_path=listview_path,
+            detailview_name=detailview_name,
+            detailview_path=detailview_path,
+            create_payload=create_payload,
+            update_payload=update_payload,
+            expected_count=expected_count,
+            expected_status_codes=expected_status_codes,
+        )
+
+    def _test_superuser_access_shared_object(
+        self,
+        token,
+        listview_path=None,
+        listview_name=None,
+        detailview_path=None,
+        detailview_name=None,
+        create_payload=None,
+        update_payload=None,
+        expected_count=1,
+        expected_status_codes=None,
+    ):
+        """
+        Superusers can perform all operations on shared objects.
+        """
+        if not token:
+            user = self._create_admin()
+            token = self._obtain_auth_token(user.username, 'tester')
+        if not expected_status_codes:
+            expected_status_codes = {
+                'create': 201,
+                'list': 200,
+                'retrieve': 200,
+                'update': 200,
+                'delete': 204,
+                'head': 200,
+                'option': 200,
+            }
+        self._test_access_shared_object(
+            token=token,
+            listview_name=listview_name,
+            listview_path=listview_path,
+            detailview_name=detailview_name,
+            detailview_path=detailview_path,
+            create_payload=create_payload,
+            update_payload=update_payload,
+            expected_count=expected_count,
+            expected_status_codes=expected_status_codes,
+        )
+
+
+class APITestCase(TestMultitenantApiMixin, AuthenticationMixin, TestCase):
     pass

tests/testapp/tests/mixins.py

@@ -1,10 +1,7 @@
-from openwisp_users.tests.test_api import AuthenticationMixin
-from openwisp_users.tests.utils import TestMultitenantAdminMixin
+from openwisp_users.tests.test_api import AuthenticationMixin, TestMultitenantApiMixin
 
 from .. import CreateMixin
 
 
-class TestMultitenancyMixin(
-    CreateMixin, TestMultitenantAdminMixin, AuthenticationMixin
-):
+class TestMultitenancyMixin(CreateMixin, TestMultitenantApiMixin, AuthenticationMixin):
     pass

tests/testapp/tests/test_filter_classes.py

@@ -1,22 +1,22 @@
 from django.contrib.auth import get_user_model
-from django.test import TestCase
 from django.urls import reverse
 from packaging.version import parse as version_parse
 from rest_framework import VERSION as REST_FRAMEWORK_VERSION
 from swapper import load_model
 
 from openwisp_users.api.throttling import AuthRateThrottle
+from openwisp_users.tests.test_api import APITestCase
 from openwisp_utils.tests import AssertNumQueriesSubTestMixin
 
+from .. import CreateMixin
 from ..models import Book, Library, Shelf, Tag
-from .mixins import TestMultitenancyMixin
 
 OrganizationUser = load_model('openwisp_users', 'OrganizationUser')
 OrganizationOwner = load_model('openwisp_users', 'OrganizationOwner')
 User = get_user_model()
 
 
-class TestFilterClasses(AssertNumQueriesSubTestMixin, TestMultitenancyMixin, TestCase):
+class TestFilterClasses(AssertNumQueriesSubTestMixin, CreateMixin, APITestCase):
     def setUp(self):
         AuthRateThrottle.rate = 0
         self.shelf_model = Shelf

tests/testapp/tests/test_permission_classes.py

@@ -1,20 +1,20 @@
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Permission
-from django.test import TestCase
 from django.urls import reverse
 from swapper import load_model
 
 from openwisp_users.api.throttling import AuthRateThrottle
+from openwisp_users.tests.test_api import APITestCase
 
+from .. import CreateMixin
 from ..models import Template
-from .mixins import TestMultitenancyMixin
 
 User = get_user_model()
 Group = load_model('openwisp_users', 'Group')
 OrganizationUser = load_model('openwisp_users', 'OrganizationUser')
 
 
-class TestPermissionClasses(TestMultitenancyMixin, TestCase):
+class TestPermissionClasses(CreateMixin, APITestCase):
     def setUp(self):
         AuthRateThrottle.rate = 0
         self.template_model = Template
@@ -231,114 +231,39 @@ def test_view_django_model_permission_with_change_perm(self):
             )
             self.assertEqual(response.status_code, 200)
 
-    def _test_access_shared_object(
-        self, token, expected_templates_count=1, expected_status_codes={}
-    ):
-        auth = dict(HTTP_AUTHORIZATION=f'Bearer {token}')
-        template = self._create_template(organization=None)
-
-        with self.subTest('Test listing templates'):
-            response = self.client.get(reverse('test_template_list'), **auth)
-            data = response.data.copy()
-            # Only check "templates" in response.
-            if isinstance(data, dict):
-                data.pop('detail', None)
-            self.assertEqual(response.status_code, expected_status_codes['list'])
-            self.assertEqual(len(data), expected_templates_count)
-
-        with self.subTest('Test creating template'):
-            response = self.client.post(
-                reverse('test_template_list'),
-                data={'name': 'Test Template', 'organization': None},
-                content_type='application/json',
-                **auth,
-            )
-            self.assertEqual(response.status_code, expected_status_codes['create'])
-            if expected_status_codes['create'] == 400:
-                self.assertEqual(
-                    str(response.data['organization'][0]), 'This field may not be null.'
-                )
-
-        with self.subTest('Test retreiving template'):
-            response = self.client.get(
-                reverse('test_template_detail', args=[template.id]), **auth
-            )
-            self.assertEqual(response.status_code, expected_status_codes['retrieve'])
-
-        with self.subTest('Test updating template'):
-            response = self.client.put(
-                reverse('test_template_detail', args=[template.id]),
-                data={'name': 'Name changed'},
-                content_type='application/json',
-                **auth,
-            )
-            self.assertEqual(response.status_code, expected_status_codes['update'])
-
-        with self.subTest('Test deleting template'):
-            response = self.client.delete(
-                reverse('test_template_detail', args=[template.id]), **auth
-            )
-            self.assertEqual(response.status_code, expected_status_codes['delete'])
-
-        with self.subTest('Test HEAD and OPTION methods'):
-            response = self.client.head(reverse('test_template_list'), **auth)
-            self.assertEqual(response.status_code, expected_status_codes['head'])
-
-            response = self.client.options(reverse('test_template_list'), **auth)
-            self.assertEqual(response.status_code, expected_status_codes['option'])
-
     def test_superuser_access_shared_object(self):
-        superuser = self._get_admin()
-        token = self._obtain_auth_token(username=superuser)
-        self._test_access_shared_object(
-            token,
-            expected_status_codes={
-                'create': 201,
-                'list': 200,
-                'retrieve': 200,
-                'update': 200,
-                'delete': 204,
-                'head': 200,
-                'option': 200,
-            },
+        self._test_superuser_access_shared_object(
+            token=None,
+            listview_name='test_template_list',
+            detailview_name='test_template_detail',
+            create_payload={'name': 'test', 'organization': ''},
+            update_payload={'name': 'updated-test'},
+            expected_count=1,
         )
 
     def test_org_manager_access_shared_object(self):
-        org_manager = self._create_administrator()
-        token = self._obtain_auth_token(username=org_manager)
-        # First user is automatically owner, so created dummy
-        # user to keep operator as manager only.
-        self._create_org_user(user=self._get_user(), is_admin=True)
-        self._create_org_user(user=org_manager, is_admin=True)
-        self._test_access_shared_object(
-            token,
-            expected_status_codes={
-                'create': 400,
-                'list': 200,
-                'retrieve': 200,
-                'update': 403,
-                'delete': 403,
-                'head': 200,
-                'option': 200,
-            },
+        template = self._create_template(organization=None)
+        self._test_org_user_access_shared_object(
+            listview_path=reverse('test_template_list'),
+            detailview_path=reverse('test_template_detail', args=[template.pk]),
+            create_payload={'name': 'test', 'organization': ''},
+            update_payload={'name': 'updated-test'},
+            expected_count=1,
         )
 
     def test_org_owner_access_shared_object(self):
         # The first admin of an organization automatically
         # becomes organization owner.
         org_owner = self._create_administrator(organizations=[self._get_org()])
         token = self._obtain_auth_token(username=org_owner)
-        self._test_access_shared_object(
-            token,
-            expected_status_codes={
-                'create': 400,
-                'list': 200,
-                'retrieve': 200,
-                'update': 403,
-                'delete': 403,
-                'head': 200,
-                'option': 200,
-            },
+        template = self._create_template(organization=None)
+        self._test_org_user_access_shared_object(
+            listview_path=reverse('test_template_list'),
+            detailview_path=reverse('test_template_detail', args=[template.pk]),
+            create_payload={'name': 'test', 'organization': ''},
+            update_payload={'name': 'updated-test'},
+            expected_count=1,
+            token=token,
         )
 
     def test_org_user_access_shared_object(self):
@@ -348,9 +273,14 @@ def test_org_user_access_shared_object(self):
         user = self._create_administrator()
         token = self._obtain_auth_token(username=user)
         self._create_org_user(user=user, is_admin=False)
-        self._test_access_shared_object(
-            token,
-            expected_templates_count=0,
+        template = self._create_template(organization=None)
+        self._test_org_user_access_shared_object(
+            listview_path=reverse('test_template_list'),
+            detailview_path=reverse('test_template_detail', args=[template.pk]),
+            create_payload={'name': 'test', 'organization': ''},
+            update_payload={'name': 'updated-test'},
+            expected_count=0,
+            token=token,
             expected_status_codes={
                 'create': 400,
                 'list': 200,