ramon
/
skillbox
1
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects 1 Releases 1 Wiki Activity

Fix bug, add happy path test

This commit is contained in:
Christian Cueni 2021-11-16 15:36:26 +01:00
parent a3fe315df3
commit b9a8b3ff38
3 changed files with 32 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
server/portfolio/mutations.py
View File

@ -62,7 +62,8 @@ class UpdateProject(MutateProject):
cls.user_is_owner(data, info.context.user) cls.user_is_owner(data, info.context.user)
data['student'] = info.context.user.id data['student'] = info.context.user.id
serializer = ProjectSerializer(data=data) entity = get_object(Project, data['id'])
serializer = ProjectSerializer(entity, data=data)
if serializer.is_valid(): if serializer.is_valid():
serializer.save() serializer.save()
props = { props = {
@ -76,7 +77,7 @@ class UpdateProject(MutateProject):
@classmethod @classmethod
def user_is_owner(cls, data, user): def user_is_owner(cls, data, user):
project = get_object(Project, data['id']) project = get_object(Project, data['id'])
if not project or not project.student == user.id: if not project or not project.student == user:
raise PermissionDenied('not allowed') raise PermissionDenied('not allowed')

26
server/portfolio/tests/test_project_mutations.py
View File

@ -94,6 +94,32 @@ mutation UpdateProjectMutation($input: UpdateProjectInput!){
self.assertTrue('message' in result.errors[0]) self.assertTrue('message' in result.errors[0])
self.assertEqual(result.errors[0]['message'], 'not allowed') self.assertEqual(result.errors[0]['message'], 'not allowed')
def test_owner_can_edit(self):
self.assertEqual(Project.objects.count(), 1)
request = RequestFactory().get('/')
request.user = self.student
self.client = Client(schema=schema, context_value=request)
mutation = '''
mutation UpdateProjectMutation($input: UpdateProjectInput!){
updateProject(input: $input) {
project {
id
}
}
}
'''
input = {
'project': {
'id': self.project1.graphql_id,
'title': 'Good! THIS IS good!'
}
}
result = self.get_client(self.student).get_result(mutation, variables={
'input': input
})
self.assertIsNone(result.errors)
class ProjectMutationsTestCase(DefaultUserTestCase): class ProjectMutationsTestCase(DefaultUserTestCase):
def test_add_project(self): def test_add_project(self):

6
server/portfolio/tests/test_project_query.py
View File

@ -117,12 +117,12 @@ class ProjectQueryTestCase(SkillboxTestCase):
# non-owner can't access project # non-owner can't access project
self._test_direct_project_access(self.student2, False) self._test_direct_project_access(self.student2, False)
def test_project_owner(self): def test_project_owner_can_view(self):
query = """ query = """
query ProjectQuery($id: ID!) { query ProjectQuery($id: ID!) {
project(id: $id) { project(id: $id) {
id id
owner { student {
email email
} }
} }
@ -131,4 +131,4 @@ query ProjectQuery($id: ID!) {
result = self.get_client(self.student1).get_result(query, variables={ result = self.get_client(self.student1).get_result(query, variables={
'id': self.project1.graphql_id 'id': self.project1.graphql_id
}) })
self.assertIsNotNone(result.errors) self.assertEqual(result.data['project']['student']['email'], self.student1.email)