Fixing some users api tests

taiga/base/users/api.py

@@ -37,7 +37,7 @@ class MembersFilterBackend(BaseFilterBackend):
             if request.user.is_superuser:
                 return queryset
             else:
-                raise exc.PermissionDenied(_("You don't have permisions to see all users."))
+                return queryset.filter(pk=request.user.id)
 
 class PermissionsViewSet(ModelListViewSet):
     permission_classes = (IsAuthenticated,)

taiga/projects/tests/tests_api.py

@@ -37,6 +37,16 @@ class ProfileTestCase(test.TestCase):
         response = self.client.get(reverse("users-list"))
         self.assertEqual(response.status_code, 200)
 
+        users_list = response.data
+        self.assertEqual(len(users_list), 1)
+
+        response = self.client.login(username=self.user1.username,
+                                     password=self.user1.username)
+        self.assertTrue(response)
+
+        response = self.client.get(reverse("users-list"))
+        self.assertEqual(response.status_code, 200)
+
         users_list = response.data
         self.assertEqual(len(users_list), 3)
 
@@ -52,7 +62,7 @@ class ProfileTestCase(test.TestCase):
                         reverse("users-detail", args=[self.user2.pk]),
                         content_type="application/json",
                         data=json.dumps(data))
-        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.status_code, 404)
 
     def test_update_users_self(self):
         response = self.client.login(username=self.user3.username,
@@ -88,7 +98,7 @@ class ProfileTestCase(test.TestCase):
         data = {"first_name": "Foo Bar"}
         response = self.client.delete(
                         reverse("users-detail", args=[self.user2.pk]))
-        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.status_code, 404)
 
     def test_delete_users_self(self):
         response = self.client.login(username=self.user3.username,