Organization test cases

.github/workflows/ci.yml

@@ -55,8 +55,3 @@ jobs:
 
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@v1
-        with:
-          # The codecov token to upload report. Can be retrieved from your Codecov dashboard.
-          # This should be set from `GitHub Repo > Settings > Secrets`.
-          token: ${{ secrets.CODECOV_TOKEN }}
-          fail_ci_if_error: true

organizations/tests.py

@@ -11,8 +11,30 @@ def setUp(self):
         Organization.objects.create(name="Org 1", shortcode="org-1")
         Organization.objects.create(name="Org 2", shortcode="org-2")
 
+    def test_guest_cannot_list_organization(self):
+        # unset the access token so that API requests go as unauthenticated user
+        self.client.credentials()
+        # Make a request without access token
+        response = self.client.get(reverse("organizations-list"))
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_guest_cannot_list_organization_random_token(self):
+        # Random token should give 401_unauthorized status
+        invalid_token = "abcd"
+        self.client.credentials(HTTP_AUTHORIZATION="Bearer " + invalid_token)
+
+        response = self.client.get(reverse("organizations-list"))
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
     def test_non_superuser_cannot_list_organizations(self):
         """A non-superuser should not be able to list organizations"""
         # get organizations
         response = self.client.get(reverse("organizations-list"))
         self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
+    def test_superuser_can_list_organizations(self):
+        """A superuser should be able to list organizations"""
+        self.user.is_superuser = True
+        self.user.save()
+        response = self.client.get(reverse("organizations-list"))
+        self.assertEqual(response.status_code, status.HTTP_200_OK)

plio/tests.py

@@ -113,10 +113,26 @@ def test_user_cannot_duplicate_other_user_plio(self):
 class VideoTestCase(BaseTestCase):
     def setUp(self):
         super().setUp()
+        # seed some videos
+        Video.objects.create(
+            title="Video 1", url="https://www.youtube.com/watch?v=vnISjBbrMUM"
+        )
+        Video.objects.create(
+            title="Video 2", url="https://www.youtube.com/watch?v=jWdA2JFCxGw"
+        )
 
-    def test_for_video(self):
-        # write API calls here
-        self.assertTrue(True)
+    def test_guest_cannot_list_videos(self):
+        # unset the credentials
+        self.client.credentials()
+        # get videos
+        response = self.client.get(reverse("videos-list"))
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_user_can_list_videos(self):
+        # get videos
+        response = self.client.get(reverse("videos-list"))
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(response.data), 2)
 
 
 class ItemTestCase(BaseTestCase):

plio/urls.py

@@ -55,7 +55,7 @@
 api_router = routers.DefaultRouter()
 api_router.register(r"organizations", OrganizationViewSet, basename="organizations")
 api_router.register(r"users", UserViewSet, basename="users")
-api_router.register(r"videos", VideoViewSet, basename="views")
+api_router.register(r"videos", VideoViewSet, basename="videos")
 # https://stackoverflow.com/questions/48548622/base-name-argument-not-specified-and-could-not-automatically-determine-the-name
 api_router.register(r"plios", PlioViewSet, basename="plios")
 api_router.register(r"items", ItemViewSet, basename="items")