From 883fd81d06d40a9f28f1371ca4ef3c9c3d9322fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs=20Espino?= Date: Thu, 31 Jul 2014 13:46:51 +0200 Subject: [PATCH] Adding bulk_create membership tests --- taiga/projects/api.py | 3 ++ taiga/projects/permissions.py | 1 + .../test_projects_choices_resources.py | 45 +++++++++++++++++++ 3 files changed, 49 insertions(+) diff --git a/taiga/projects/api.py b/taiga/projects/api.py index ed7805ec..329aebf8 100644 --- a/taiga/projects/api.py +++ b/taiga/projects/api.py @@ -185,6 +185,9 @@ class MembershipViewSet(ModelCrudViewSet): raise exc.BadRequest(_('bulk_memberships parameter is mandatory')) project = get_object_or_404(models.Project, id=project_id) + + self.check_permissions(request, 'bulk_create', project) + members = services.create_members_in_bulk(bulk_members, callback=self.post_save, project=project) diff --git a/taiga/projects/permissions.py b/taiga/projects/permissions.py index 5a5e4272..16da75b7 100644 --- a/taiga/projects/permissions.py +++ b/taiga/projects/permissions.py @@ -41,6 +41,7 @@ class MembershipPermission(ResourcePermission): update_perms = IsProjectOwner() destroy_perms = IsProjectOwner() list_perms = AllowAny() + bulk_create_perms = IsProjectOwner() # User Stories diff --git a/tests/integration/resources_permissions/test_projects_choices_resources.py b/tests/integration/resources_permissions/test_projects_choices_resources.py index b2d9a33e..792e366b 100644 --- a/tests/integration/resources_permissions/test_projects_choices_resources.py +++ b/tests/integration/resources_permissions/test_projects_choices_resources.py @@ -1506,6 +1506,51 @@ def test_membership_create(client, data): assert results == [401, 403, 403, 403, 201] +def test_membership_action_bulk_create(client, data): + url = reverse('memberships-bulk-create') + + users = [ + None, + data.registered_user, + data.project_member_without_perms, + data.project_member_with_perms, + data.project_owner + ] + + bulk_data = { + "project_id": data.public_project.id, + "bulk_memberships": [ + {"role_id": data.public_membership.role.pk, "email": "test1@test.com"}, + {"role_id": data.public_membership.role.pk, "email": "test2@test.com"}, + ] + } + bulk_data = JSONRenderer().render(bulk_data) + results = helper_test_http_method(client, 'post', url, bulk_data, users) + assert results == [401, 403, 403, 403, 200] + + bulk_data = { + "project_id": data.private_project1.id, + "bulk_memberships": [ + {"role_id": data.private_membership1.role.pk, "email": "test1@test.com"}, + {"role_id": data.private_membership1.role.pk, "email": "test2@test.com"}, + ] + } + bulk_data = JSONRenderer().render(bulk_data) + results = helper_test_http_method(client, 'post', url, bulk_data, users) + assert results == [401, 403, 403, 403, 200] + + bulk_data = { + "project_id": data.private_project2.id, + "bulk_memberships": [ + {"role_id": data.private_membership2.role.pk, "email": "test1@test.com"}, + {"role_id": data.private_membership2.role.pk, "email": "test2@test.com"}, + ] + } + bulk_data = JSONRenderer().render(bulk_data) + results = helper_test_http_method(client, 'post', url, bulk_data, users) + assert results == [401, 403, 403, 403, 200] + + def test_project_template_retrieve(client, data): url = reverse('project-templates-detail', kwargs={"pk": data.project_template.pk})