diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 91ffa35a2871b4772851059ad5e164eb2217cfca..cb7ba2b243dbdac8d2b59b900ac0af564c13fc2b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -17,6 +17,7 @@ test:
- cd backend/secfit
- apt-get update -qy
- pip install -r requirements.txt
+ - python manage.py test
staging:
type: deploy
diff --git a/Pipfile.lock b/Pipfile.lock
index ce1a8dbf317bdd828273972a1e853b61330561d9..7471815da26fc8fff17660fb56692db39e5e2ce0 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -306,11 +306,11 @@
},
"setuptools": {
"hashes": [
- "sha256:2347b2b432c891a863acadca2da9ac101eae6169b1d3dfee2ec605ecd50dbfe5",
- "sha256:e4f30b9f84e5ab3decf945113119649fec09c1fc3507c6ebffec75646c56e62b"
+ "sha256:6599055eeb23bfef457d5605d33a4d68804266e6cb430b0fb12417c5efeae36c",
+ "sha256:782ef48d58982ddb49920c11a0c5c9c0b02e7d7d1c2ad0aa44e1a1e133051c96"
],
"markers": "python_version >= '3.7'",
- "version": "==60.9.3"
+ "version": "==60.10.0"
},
"six": {
"hashes": [
diff --git a/backend/secfit/.coverage b/backend/secfit/.coverage
new file mode 100644
index 0000000000000000000000000000000000000000..98e28c0321ea312213e1793edf9926ae72e527d4
Binary files /dev/null and b/backend/secfit/.coverage differ
diff --git a/backend/secfit/users/tests.py b/backend/secfit/users/tests.py
index 7ce503c2dd97ba78597f6ff6e4393132753573f6..dfc780c8caca6f7b78d3d6a4fd349e5f7f2faf65 100644
--- a/backend/secfit/users/tests.py
+++ b/backend/secfit/users/tests.py
@@ -1,3 +1,40 @@
from django.test import TestCase
+from rest_framework.test import APIRequestFactory
+from rest_framework.request import Request
+
+from users.models import User
+from users.serializers import UserSerializer
# Create your tests here.
+
+class UserSerializerTests(TestCase):
+
+ def setUp(self):
+
+ # Mock the user url field
+ request_factory = APIRequestFactory()
+ request = request_factory.post("/")
+ serializer_context = {
+ "request": Request(request)
+ }
+
+ # Data to mock a user
+ self.user_attributes = {
+ "username": "random",
+ "email": "admin@admin.com",
+ "password": "123",
+ "phone_number": "12345678",
+ "country": "norway",
+ "city": "trondheim",
+ "street_address": "road 1A"
+ }
+
+ # Making the user object and serializer available for the test class
+ self.user = User.objects.create(**self.user_attributes)
+ self.serializer = UserSerializer(context=serializer_context)
+
+ def test_user_serialization(self):
+ attr = self.user_attributes
+ attr["username"] = "mock"
+ user_object = self.serializer.create(self.user_attributes)
+ self.assertEqual(user_object.username, "mock")
diff --git a/backend/secfit/workouts/tests.py b/backend/secfit/workouts/tests.py
index 7fbbf7847f5b0f201d408d4017cc865d614e2615..54550b0217ff4b0afb8667563aa84c52d32ad6ae 100644
--- a/backend/secfit/workouts/tests.py
+++ b/backend/secfit/workouts/tests.py
@@ -1,6 +1,116 @@
"""
Tests for the workouts application.
"""
-from django.test import TestCase
+from django.test import TestCase, RequestFactory
+from workouts.permissions import IsOwner, IsOwnerOfWorkout, IsCoachAndVisibleToCoach, IsCoachOfWorkoutAndVisibleToCoach, IsPublic, IsWorkoutPublic, IsReadOnly
+from users.models import User
+from workouts.models import Workout, Exercise, ExerciseInstance
-# Create your tests here.
+class TestIsOwner(TestCase):
+
+ def setUp(self):
+ self.user = User.objects.create(username="mock")
+ self.request_factory = RequestFactory()
+
+ def test_has_object_permission(self):
+ req = self.request_factory.get("/")
+ req.user = self.user
+ workout = Workout.objects.create(name="mocked_workout", date="2022-03-15T16:59:00Z", notes="", owner=self.user, visibility="PU")
+ self.assertTrue(IsOwner().has_object_permission(req, None, workout))
+
+class TestIsOwnerOfWorkout(TestCase):
+
+ def setUp(self):
+ self.request_factory = RequestFactory()
+ self.user = User.objects.create(username="mock")
+
+ def test_has_permission(self):
+ request = self.request_factory.post("/")
+ request.user = self.user
+ request.data = {"workout": "/api/workouts/1/"}
+ Workout.objects.create(name="mocked_workout", date="2022-03-15T16:59:00Z", notes="", owner=self.user, visibility="PU")
+ self.assertTrue(IsOwnerOfWorkout().has_permission(request, None))
+
+ def test_no_workout_has_permissions(self):
+ request = self.request_factory.post("/")
+ request.user = self.user
+ request.data = {}
+ self.assertFalse(IsOwnerOfWorkout().has_permission(request, None))
+
+ def test_not_post_has_permissions(self):
+ request = self.request_factory.get("/")
+ self.assertTrue(IsOwnerOfWorkout().has_permission(request, None))
+
+ def test_has_object_permissions(self):
+ request = self.request_factory.get("/")
+ request.user = self.user
+ workout = Workout.objects.create(name="mocked_workout", date="2022-03-15T16:59:00Z", notes="", owner=self.user, visibility="PU")
+ exercise = Exercise.objects.create(name="mocked_exercise", description="", unit="Times", owner=self.user)
+ exercise_instance = ExerciseInstance.objects.create(workout=workout, exercise=exercise, sets=3, number=12)
+
+ self.assertTrue(IsOwnerOfWorkout().has_object_permission(request, None, exercise_instance))
+
+class TestIsCoachAndVisibleToCoach(TestCase):
+
+ def test_has_object_permissions(self):
+ coach = User.objects.create(username="mocked_coach")
+ object_owner = User.objects.create(username="mocked_user")
+ object_owner.coach = coach
+
+ request = RequestFactory().get("/")
+ request.user = coach
+
+ workout = Workout.objects.create(name="mocked_workout", date="2022-03-15T16:59:00Z", notes="", owner=object_owner, visibility="CO")
+ self.assertTrue(IsCoachAndVisibleToCoach().has_object_permission(request, None, workout))
+
+class TestIsCoachOfWorkoutAndVisibleToCoach(TestCase):
+
+ def test_has_object_permissions(self):
+ coach = User.objects.create(username="mocked_coach")
+ object_owner = User.objects.create(username="mocked_user")
+ object_owner.coach = coach
+
+ request = RequestFactory().get("/")
+ request.user = coach
+
+ workout = Workout.objects.create(name="mocked_workout", date="2022-03-15T16:59:00Z", notes="", owner=object_owner, visibility="CO")
+ exercise = Exercise.objects.create(name="mocked_exercise", description="", unit="Times", owner=object_owner)
+ exercise_instance = ExerciseInstance.objects.create(workout=workout, exercise=exercise, sets=3, number=12)
+ self.assertTrue(IsCoachOfWorkoutAndVisibleToCoach().has_object_permission(request, None, exercise_instance))
+
+class TestIsPublic(TestCase):
+
+ def test_has_object_permissions(self):
+ owner = User.objects.create(username="mocked_user")
+ request = RequestFactory().get("/")
+ request.user = owner
+
+ workout = Workout.objects.create(name="mocked_workout", date="2022-03-15T16:59:00Z", notes="", owner=owner, visibility="PU")
+ self.assertTrue(IsPublic().has_object_permission(request, None, workout))
+
+class TestIsWorkoutPublic(TestCase):
+
+ def test_has_object_permissions(self):
+ owner = User.objects.create(username="mocked_user")
+ request = RequestFactory().get("/")
+ request.user = owner
+
+ workout = Workout.objects.create(name="mocked_workout", date="2022-03-15T16:59:00Z", notes="", owner=owner, visibility="PU")
+ exercise = Exercise.objects.create(name="mocked_exercise", description="", unit="Times", owner=owner)
+ exercise_instance = ExerciseInstance.objects.create(workout=workout, exercise=exercise, sets=3, number=12)
+ self.assertTrue(IsWorkoutPublic().has_object_permission(request, None, exercise_instance))
+
+class TestIsReadOnly(TestCase):
+
+ def test_has_object_permissions(self):
+ user = User.objects.create(username="mocked_user")
+ get_request = RequestFactory().get("/")
+ get_request.user = user
+ head_request = RequestFactory().head("/")
+ head_request.user = user
+ options_request = RequestFactory().options("/")
+ options_request.user = user
+
+ self.assertTrue(IsReadOnly().has_object_permission(get_request, None, None))
+ self.assertTrue(IsReadOnly().has_object_permission(head_request, None, None))
+ self.assertTrue(IsReadOnly().has_object_permission(options_request, None, None))
\ No newline at end of file