Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

test: Update tests to the new return code.

Browse Source 
When including `JwtAuthentication`, the auth_header becomes `JWT
realm="api"`. Without it, it is `None`. This changes the behavior of the
code in DRF and returns a slightly different auth response.

Relevant Code: 56946fac8f/rest_framework/views.py (L456C3-L456C3)
This commit is contained in:
Feanil Patel
2023-07-26 16:32:29 -04:00
parent 7af2b1db24
commit ac2cc158f8
4 changed files with 20 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lms/djangoapps/commerce/api/v0/tests/test_views.py
View File

@@ -307,4 +307,4 @@ class BasketOrderViewTests(UserMixin, TestCase):
""" The view should return 403 if the user is not logged in. """
self.client.logout()
response = self.client.get(self.path)
assert response.status_code == 403
assert response.status_code == 401

2
openedx/core/djangoapps/embargo/tests/test_views.py
View File

@@ -148,7 +148,7 @@ class CheckCourseAccessViewTest(CourseApiFactoryMixin, ModuleStoreTestCase):
def test_course_access_endpoint_with_logged_out_user(self):
self.client.logout()
response = self.client.get(self.url, data=self.request_data)
assert response.status_code == 403
assert response.status_code == 401
def test_course_access_endpoint_with_non_staff_user(self):
user = UserFactory(is_staff=False)

28
openedx/core/djangoapps/user_api/tests/test_views.py
View File

@@ -150,12 +150,12 @@ class RoleTestCase(UserApiTestCase):
self.assertHttpMethodNotAllowed(self.request_with_auth("delete", self.LIST_URI))
def test_list_unauthorized(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
@override_settings(DEBUG=True)
@override_settings(EDX_API_KEY=None)
def test_debug_auth(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
@override_settings(DEBUG=False)
@override_settings(EDX_API_KEY=TEST_API_KEY)
@@ -164,7 +164,7 @@ class RoleTestCase(UserApiTestCase):
self.assertHttpOK(
self.request_with_auth("get", self.LIST_URI,
**self.basic_auth("someuser", "somepass")))
self.assertHttpForbidden(
self.assertHttpNotAuthorized(
self.client.get(self.LIST_URI, **self.basic_auth("someuser", "somepass")))
def test_get_list_nonempty(self):
@@ -236,12 +236,12 @@ class UserViewSetTest(UserApiTestCase):
self.assertHttpMethodNotAllowed(self.request_with_auth("delete", self.LIST_URI))
def test_list_unauthorized(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
@override_settings(DEBUG=True)
@override_settings(EDX_API_KEY=None)
def test_debug_auth(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
@override_settings(DEBUG=False)
@override_settings(EDX_API_KEY=TEST_API_KEY)
@@ -250,7 +250,7 @@ class UserViewSetTest(UserApiTestCase):
self.assertHttpOK(
self.request_with_auth("get", self.LIST_URI,
**self.basic_auth('someuser', 'somepass')))
self.assertHttpForbidden(
self.assertHttpNotAuthorized(
self.client.get(self.LIST_URI, **self.basic_auth('someuser', 'somepass')))
def test_get_list_nonempty(self):
@@ -303,7 +303,7 @@ class UserViewSetTest(UserApiTestCase):
self.assertHttpMethodNotAllowed(self.request_with_auth("delete", self.detail_uri))
def test_get_detail_unauthorized(self):
self.assertHttpForbidden(self.client.get(self.detail_uri))
self.assertHttpNotAuthorized(self.client.get(self.detail_uri))
def test_get_detail(self):
user = self.users[1]
@@ -342,12 +342,12 @@ class UserPreferenceViewSetTest(CacheIsolationTestCase, UserApiTestCase):
self.assertHttpMethodNotAllowed(self.request_with_auth("delete", self.LIST_URI))
def test_list_unauthorized(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
@override_settings(DEBUG=True)
@override_settings(EDX_API_KEY=None)
def test_debug_auth(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
def test_get_list_nonempty(self):
result = self.get_json(self.LIST_URI)
@@ -433,7 +433,7 @@ class UserPreferenceViewSetTest(CacheIsolationTestCase, UserApiTestCase):
self.assertHttpMethodNotAllowed(self.request_with_auth("delete", self.detail_uri))
def test_detail_unauthorized(self):
self.assertHttpForbidden(self.client.get(self.detail_uri))
self.assertHttpNotAuthorized(self.client.get(self.detail_uri))
def test_get_detail(self):
pref = self.prefs[1]
@@ -466,12 +466,12 @@ class PreferenceUsersListViewTest(UserApiTestCase):
self.assertHttpMethodNotAllowed(self.request_with_auth("delete", self.LIST_URI))
def test_unauthorized(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
@override_settings(DEBUG=True)
@override_settings(EDX_API_KEY=None)
def test_debug_auth(self):
self.assertHttpForbidden(self.client.get(self.LIST_URI))
self.assertHttpNotAuthorized(self.client.get(self.LIST_URI))
def test_get_basic(self):
result = self.get_json(self.LIST_URI)
@@ -583,8 +583,8 @@ class UpdateEmailOptInTestCase(UserAPITestCase, SharedModuleStoreTestCase):
def test_update_email_opt_in_anonymous_user(self):
"""
Test that an anonymous user gets 403 response when
updating email optin preference.
Test that an anonymous user gets 401 response when
updating email opt-in preference.
"""
self.client.logout()
response = self.client.post(self.url, {

4
openedx/core/lib/api/test_utils.py
View File

@@ -64,6 +64,10 @@ class ApiTestCase(TestCase):
"""Assert that the given response has the status code 201"""
assert response.status_code == 201
def assertHttpNotAuthorized(self, response):
"""Assert that the given response has the status code 401"""
assert response.status_code == 401
def assertHttpForbidden(self, response):
"""Assert that the given response has the status code 403"""
assert response.status_code == 403