More test cases

entries/tests.py

@@ -1 +1,28 @@
-# Create your tests here.
+from plio.tests import BaseTestCase
+
+
+class SessionTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_session(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class SessionAnswerTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_session_answer(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class EventTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_event(self):
+        # write API calls here
+        self.assertTrue(True)

experiments/tests.py

@@ -1 +1,19 @@
-# Create your tests here.
+from plio.tests import BaseTestCase
+
+
+class ExperimentTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_experiment(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class ExperimentPlioTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_experiment_plio(self):
+        # write API calls here
+        self.assertTrue(True)

organizations/tests.py

@@ -1 +1,18 @@
-# Create your tests here.
+from plio.tests import BaseTestCase
+from organizations.models import Organization
+from rest_framework import status
+from django.urls import reverse
+
+
+class OrganizationTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+        # seed some organizations
+        Organization.objects.create(name="Org 1", shortcode="org-1")
+        Organization.objects.create(name="Org 2", shortcode="org-2")
+
+    def test_non_superuser_cannot_list_organizations(self):
+        """A non-superuser should not be able to list organizations"""
+        # get organizations
+        response = self.client.get(reverse("organizations-list"))
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

plio/settings.py

@@ -266,7 +266,7 @@
     "DEFAULT_SCOPES": ["read", "write"],
 }
 
-OTP_EXPIRE_SECONDS = 300
+OTP_EXPIRE_SECONDS = 300  # 5 minutes
 
 CORS_ALLOW_HEADERS = list(default_headers) + [
     "organization",

plio/tests.py

@@ -0,0 +1,137 @@
+import datetime
+import random
+import string
+from django.utils import timezone
+
+from rest_framework.test import APIClient
+from rest_framework.test import APITestCase
+from rest_framework import status
+from oauth2_provider.models import Application
+from oauth2_provider.models import AccessToken
+from django.urls import reverse
+
+from users.models import User
+from plio.settings import API_APPLICATION_NAME, OAUTH2_PROVIDER
+from plio.models import Plio, Video
+
+
+class BaseTestCase(APITestCase):
+    """Base class that sets up generic pre-requisites for all further test classes"""
+
+    def setUp(self):
+        self.client = APIClient()
+
+        # User access and refresh tokens require an OAuth Provider application to be set up and use it as a foreign key.
+        # As the test database is empty, we create an application instance before running the test cases.
+        application = Application.objects.create(
+            name=API_APPLICATION_NAME,
+            redirect_uris="",
+            client_type=Application.CLIENT_CONFIDENTIAL,
+            authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
+        )
+
+        # create a user
+        self.user = User.objects.create(mobile="+919876543210")
+
+        # set up access token for the user
+        random_token = "".join(random.choices(string.ascii_lowercase, k=30))
+        expire_seconds = OAUTH2_PROVIDER["ACCESS_TOKEN_EXPIRE_SECONDS"]
+        scopes = " ".join(OAUTH2_PROVIDER["DEFAULT_SCOPES"])
+        expires = timezone.now() + datetime.timedelta(seconds=expire_seconds)
+        self.access_token = AccessToken.objects.create(
+            user=self.user,
+            application=application,
+            token=random_token,
+            expires=expires,
+            scope=scopes,
+        )
+        self.client.credentials(HTTP_AUTHORIZATION="Bearer " + self.access_token.token)
+
+
+class PlioTestCase(BaseTestCase):
+    """Tests the Plio CRUD functionality."""
+
+    def setUp(self):
+        super().setUp()
+        # seed a video
+        self.video = Video.objects.create(
+            title="Video 1", url="https://www.youtube.com/watch?v=vnISjBbrMUM"
+        )
+        # seed some plios
+        Plio.objects.create(name="Plio 1", video=self.video, created_by=self.user)
+        Plio.objects.create(name="Plio 2", video=self.video, created_by=self.user)
+
+    def test_guest_cannot_list_plios(self):
+        # unset the credentials
+        self.client.credentials()
+        # get plios
+        response = self.client.get(reverse("plios-list"))
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_user_can_list_plios(self):
+        # get plios
+        response = self.client.get(reverse("plios-list"))
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 2)
+
+    def test_user_list_own_plios(self):
+        """A user should only be able to list their own plios"""
+        # create a new user
+        new_user = User.objects.create(mobile="+919988776655")
+        # create plio from the new user
+        Plio.objects.create(name="Plio 1", video=self.video, created_by=new_user)
+
+        # get plios
+        response = self.client.get(reverse("plios-list"))
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        # the count should remain 2 as the new plio was created with different user
+        self.assertEqual(response.data["count"], 2)
+
+    def test_user_can_duplicate_their_plio(self):
+        plio = Plio.objects.filter(created_by=self.user).first()
+        # duplicate plio
+        response = self.client.post(f"/api/v1/plios/{plio.uuid}/duplicate/")
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        self.assertNotEqual(plio.id, response.data["id"])
+        self.assertNotEqual(plio.uuid, response.data["uuid"])
+        self.assertEqual(plio.name, response.data["name"])
+
+    def test_user_cannot_duplicate_other_user_plio(self):
+        # create a new user
+        new_user = User.objects.create(mobile="+919988776655")
+        # create plio from the new user
+        plio = Plio.objects.create(
+            name="Plio New User", video=self.video, created_by=new_user
+        )
+
+        # duplicate plio
+        response = self.client.post(f"/api/v1/plios/{plio.uuid}/duplicate/")
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+
+class VideoTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_video(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class ItemTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_item(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class QuestionTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_question(self):
+        # write API calls here
+        self.assertTrue(True)

plio/urls.py

@@ -53,27 +53,33 @@
 )
 
 api_router = routers.DefaultRouter()
-api_router.register(r"organizations", OrganizationViewSet)
-api_router.register(r"users", UserViewSet)
-api_router.register(r"videos", VideoViewSet)
+api_router.register(r"organizations", OrganizationViewSet, basename="organizations")
+api_router.register(r"users", UserViewSet, basename="users")
+api_router.register(r"videos", VideoViewSet, basename="views")
 # https://stackoverflow.com/questions/48548622/base-name-argument-not-specified-and-could-not-automatically-determine-the-name
 api_router.register(r"plios", PlioViewSet, basename="plios")
 api_router.register(r"items", ItemViewSet, basename="items")
-api_router.register(r"questions", QuestionViewSet)
+api_router.register(r"questions", QuestionViewSet, basename="questions")
 api_router.register(r"experiments", ExperimentViewSet, basename="experiments")
-api_router.register(r"experiment-plios", ExperimentPlioViewSet)
+api_router.register(
+    r"experiment-plios", ExperimentPlioViewSet, basename="experiment-plios"
+)
 api_router.register(r"sessions", SessionViewSet, basename="sessions")
-api_router.register(r"session-answers", SessionAnswerViewSet)
-api_router.register(r"events", EventViewSet)
-api_router.register(r"tags", TagViewSet)
-api_router.register(r"organization-users", OrganizationUserViewSet)
+api_router.register(
+    r"session-answers", SessionAnswerViewSet, basename="session-answers"
+)
+api_router.register(r"events", EventViewSet, basename="events")
+api_router.register(r"tags", TagViewSet, basename="tags")
+api_router.register(
+    r"organization-users", OrganizationUserViewSet, basename="organization-users"
+)
 
 # http/https url patterns
 urlpatterns = [
     path("admin/", admin.site.urls),
     # API routes
-    path("api/v1/otp/request/", request_otp, name="request_otp"),
-    path("api/v1/otp/verify/", verify_otp, name="verify_otp"),
+    path("api/v1/otp/request/", request_otp, name="request-otp"),
+    path("api/v1/otp/verify/", verify_otp, name="verify-otp"),
     path("api/v1/users/token/", get_by_access_token),
     path("api/v1/", include(api_router.urls)),
     path("api-auth/", include("rest_framework.urls", namespace="rest_framework")),

tags/tests.py

@@ -1 +1,19 @@
-# Create your tests here.
+from plio.tests import BaseTestCase
+
+
+class TagTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_tag(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class ModelHasTagTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_model_has_tag(self):
+        # write API calls here
+        self.assertTrue(True)

users/tests.py

@@ -1,38 +1,21 @@
-from rest_framework.test import APIClient
-from rest_framework.test import APITestCase
 from rest_framework import status
-from oauth2_provider.models import Application
 from django.urls import reverse
 from users.models import OneTimePassword
-from plio.settings import API_APPLICATION_NAME
-
-
-class BaseTestCase(APITestCase):
-    """Base class that sets up generic pre-requisites for all further test classes"""
-
-    def setUp(self):
-        self.client = APIClient()
-
-        # User access and refresh tokens require an OAuth Provider application to be set up and use it as a foreign key.
-        # As the test database is empty, we create an application instance before running the test cases.
-        Application.objects.create(
-            name=API_APPLICATION_NAME,
-            redirect_uris="",
-            client_type=Application.CLIENT_CONFIDENTIAL,
-            authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
-        )
+from plio.tests import BaseTestCase
 
 
 class OtpAuthTestCase(BaseTestCase):
     """Tests the OTP functionality."""
 
     def setUp(self):
         super().setUp()
+        # unset client credentials token so that the subsequent API calls goes as guest
+        self.client.credentials()
         self.user_mobile = "+919876543210"
 
     def test_guest_can_request_for_otp(self):
         response = self.client.post(
-            reverse("request_otp"), {"mobile": self.user_mobile}
+            reverse("request-otp"), {"mobile": self.user_mobile}
         )
         self.assertEqual(response.status_code, status.HTTP_200_OK)
 
@@ -41,22 +24,49 @@ def test_guest_can_request_for_otp(self):
 
     def test_invalid_otp_should_fail(self):
         # request otp
-        self.client.post(reverse("request_otp"), {"mobile": self.user_mobile})
+        self.client.post(reverse("request-otp"), {"mobile": self.user_mobile})
 
         # invalid otp
         otp = "000000"
         response = self.client.post(
-            reverse("verify_otp"), {"mobile": self.user_mobile, "otp": otp}
+            reverse("verify-otp"), {"mobile": self.user_mobile, "otp": otp}
         )
         self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
 
     def test_valid_otp_should_pass(self):
         # request otp
-        self.client.post(reverse("request_otp"), {"mobile": self.user_mobile})
+        self.client.post(reverse("request-otp"), {"mobile": self.user_mobile})
 
         # verify valid otp
         otp = OneTimePassword.objects.filter(mobile=self.user_mobile).first()
         response = self.client.post(
-            reverse("verify_otp"), {"mobile": self.user_mobile, "otp": otp.otp}
+            reverse("verify-otp"), {"mobile": self.user_mobile, "otp": otp.otp}
         )
         self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+
+class UserMetaTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_user_meta(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class RoleTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_role(self):
+        # write API calls here
+        self.assertTrue(True)
+
+
+class OrganizationUserTestCase(BaseTestCase):
+    def setUp(self):
+        super().setUp()
+
+    def test_for_organization_user(self):
+        # write API calls here
+        self.assertTrue(True)