old_console/perms/tests/test_api_perms.py

import http

import pytest
from rest_framework.test import APIClient

from networkmap.api import UserMapViewSet

TEST_LINK = ['netmap-maps-list']


@pytest.mark.django_db
class TestApi(object):

    @pytest.mark.unit
    @pytest.mark.parametrize('link', TEST_LINK)
    def test_get_api_not_authorized(self, get_url, test_server, link):
        client = APIClient()
        response = client.get(get_url(link))

        assert response.status_code == http.HTTPStatus.FORBIDDEN

    @pytest.mark.unit
    @pytest.mark.parametrize('link', TEST_LINK)
    def test_get_api_authenticated_wo_needed_rights(self, add_user_with_permissions, get_url, test_server, link,client):
        username = 'user'
        password = 'pro100ton'
        user = add_user_with_permissions(username=username, password=password)
        client.force_login(user)

        response = client.get(get_url(link))
        assert response.status_code == http.HTTPStatus.FORBIDDEN

    @pytest.mark.unit
    @pytest.mark.parametrize('link', TEST_LINK)
    def test_get_api_with_right_perms(self, add_user_with_permissions, get_url, test_server, link,client):
        username = 'user'
        password = 'pro100ton'
        user=add_user_with_permissions(username=username, password=password, permissions=UserMapViewSet.console_permissions)
        client.force_login(user)
        response = client.get(get_url(link))
        assert response.status_code == http.HTTPStatus.OK