Skip to content
Snippets Groups Projects
Commit e01b98cd authored by Tanner Prestegard's avatar Tanner Prestegard Committed by GraceDB
Browse files

Add access tests for main API urls

parent a1ad902f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
gracedb/api/v1/main/tests/__init__.py 0 → 100644
+ 0
0
View file @ e01b98cd
gracedb/api/v1/main/tests/test_access.py 0 → 100644
+ 44
0
View file @ e01b98cd
from __future__ import absolute_import
from django.conf import settings
from django.urls import reverse
from api.tests.utils import GraceDbApiTestBase
from ...settings import API_VERSION
def v_reverse(viewname, *args, **kwargs):
"""Easily customizable versioned API reverse for testing"""
viewname = 'api:{version}:'.format(version=API_VERSION) + viewname
return reverse(viewname, *args, **kwargs)
class TestPublicAccess(GraceDbApiTestBase):
def test_api_root(self):
"""Unauthenticated user can access API root"""
url = v_reverse('root')
response = self.request_as_user(url, "GET")
self.assertEqual(response.status_code, 200)
def test_tag_list(self):
"""Unauthenticated user can access tag list"""
url = v_reverse('tag-list')
response = self.request_as_user(url, "GET")
self.assertEqual(response.status_code, 200)
def test_public_user_performance_info(self):
"""Unauthenticated user can't access performance info"""
url = v_reverse('performance-info')
response = self.request_as_user(url, "GET")
self.assertEqual(response.status_code, 403)
self.assertIn("Authentication credentials were not provided",
response.content)
def test_lvem_user_performance_info(self):
"""LV-EM user can't access performance info"""
url = v_reverse('performance-info')
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 403)
self.assertIn("Forbidden", response.content)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment