How to use response_403 method in Django Test Plus
Best Python code snippet using django-test-plus_python
test_views.py
Source:test_views.py 
...30 self.response_401(response)31 # normal user32 self.login(username=self.normal_user.username, password="password")33 response = self.get("api:robot-list")34 self.response_403(response)35 def test_list_robot(self):36 RobotFactory.create_batch(5, credential=self.admin_user_credential)37 self.login(username=self.admin_user.username, password="password")38 response = self.get("api:robot-list")39 self.response_200(response)40 self.assertEqual(len(response.data), 5)41 request = self.api_request_factory.get(self.robot_list_url)42 serializer = RobotListSerializer(43 instance=Robot.objects.all()44 .order_by("-created_at")45 .annotate(strategy_name=F("strategy__name")),46 many=True,47 context={"request": Request(request)},48 )49 self.assertEqual(response.data, serializer.data)50 # create51 def test_create_permission(self):52 # anonymous user53 response = self.post("api:robot-list")54 self.response_401(response)55 # normal user56 self.login(username=self.normal_user.username, password="password")57 response = self.post("api:robot-list")58 self.response_403(response)59 def test_create_invalid_robot(self):60 self.login(username=self.admin_user.username, password="password")61 data = {62 "name": "Invalid",63 "pair": "BTCUSDT",64 "market_type": "spots",65 "base_currency": "BTC",66 "quote_currency": "USDT",67 "target_currency": "USDT",68 # invalid data69 "credential": 999999,70 "strategy": 999999,71 }72 response = self.post("api:robot-list", data=data)73 self.response_400(response)74 self.assertIn("credential", response.data)75 self.assertIn("strategy", response.data)76 @freeze_time("2020-10-18 03:21:34.456789") # UTC77 def test_create_valid_robot(self):78 credential = CredentialFactory(user=self.admin_user)79 strategy = StrategyFactory()80 self.login(username=self.admin_user.username, password="password")81 data = {82 "name": "Valid",83 "pair": "BTCUSDT",84 "market_type": "linear_perpetual",85 "target_currency": "USDT",86 "credential": credential.pk,87 "strategy": strategy.pk,88 }89 response = self.post("api:robot-list", data=data)90 self.response_201(response)91 # retrieve92 def test_retrieve_permission(self):93 robot = RobotFactory()94 # anonymous user95 response = self.get("api:robot-detail", pk=robot.pk)96 self.response_401(response)97 # normal user98 self.login(username=self.normal_user.username, password="password")99 response = self.get("api:robot-detail", pk=robot.pk)100 self.response_403(response)101 def test_retrieve_nonexistent_robot(self):102 self.login(username=self.admin_user.username, password="password")103 response = self.get(self.nonexistent_robot_detail_url)104 self.response_404(response)105 def test_retrieve_robot(self):106 robot = RobotFactory(credential=self.admin_user_credential)107 self.login(username=self.admin_user.username, password="password")108 response = self.get("api:robot-detail", pk=robot.pk)109 self.response_200(response)110 request = self.api_request_factory.get(self.nonexistent_robot_detail_url)111 robot = (112 Robot.objects.all()113 .annotate(114 test_net=F("credential__test_net"), strategy_name=F("strategy__name")115 )116 .get(pk=robot.pk)117 )118 serializer = RobotRetrieveSerializer(119 instance=robot, context={"request": Request(request)}120 )121 self.assertDictEqual(response.data, serializer.data)122 # update123 def test_update_permission(self):124 robot = RobotFactory()125 # anonymous user126 response = self.patch("api:robot-detail", pk=robot.pk)127 self.response_401(response)128 # normal user129 self.login(username=self.normal_user.username, password="password")130 response = self.patch("api:robot-detail", pk=robot.pk)131 self.response_403(response)132 def test_update_robot(self):133 robot = RobotFactory(name="Old", credential=self.admin_user_credential)134 self.login(username=self.admin_user.username, password="password")135 data = {136 "name": "New",137 }138 response = self.patch("api:robot-detail", pk=robot.pk, data=data)139 self.response_200(response)140 robot.refresh_from_db()141 self.assertEqual(robot.name, "New")142 def test_update_nonexistent_robot(self):143 self.login(username=self.admin_user.username, password="password")144 response = self.patch(self.nonexistent_robot_detail_url)145 self.response_404(response)146 # delete147 def test_delete_permission(self):148 # anonymous user149 robot = RobotFactory()150 response = self.delete("api:robot-detail", pk=robot.pk)151 self.response_401(response)152 # normal user153 self.login(username=self.normal_user.username, password="password")154 response = self.delete("api:robot-detail", pk=robot.pk)155 self.response_403(response)156 def test_delete_nonexistent_robot(self):157 self.login(username=self.admin_user.username, password="password")158 response = self.delete(self.nonexistent_robot_detail_url)159 self.response_404(response)160 def test_delete_robot(self):161 robot = RobotFactory(credential=self.admin_user_credential)162 self.login(username=self.admin_user.username, password="password")163 response = self.delete("api:robot-detail", pk=robot.pk)164 self.response_204(response)165 # ping166 def test_ping_permission(self):167 robot = RobotFactory()168 # No x-api-key provided169 response = self.post("api:robot-ping", pk=robot.pk)170 self.response_403(response)171 def test_ping_nonexistent_robot(self):172 response = self.post("api:robot-ping", pk=999999, HTTP_X_API_KEY=self.x_api_key)173 self.response_404(response)174 def test_ping(self):175 robot = RobotFactory(credential=self.admin_user_credential)176 response = self.post(177 "api:robot-ping", pk=robot.pk, extra={"HTTP_X_API_KEY": self.x_api_key}178 )179 self.response_200(response)180 self.assertIn("pong", response.data)181 # adjust strategy parameters182 def test_adjust_strategy_parameters_permission(self):183 robot = RobotFactory()184 # anonymous user185 response = self.patch("api:robot-strategy-parameters", pk=robot.pk)186 self.response_401(response)187 # normal user188 # self.login(username=self.normal_user.username, password="password")189 # response = self.patch("api:robot-strategy-parameters", pk=robot.pk)190 # self.response_403(response)191 def test_adjust_nonexistent_robot_strategy_parameters(self):192 self.login(username=self.admin_user.username, password="password")193 response = self.patch("api:robot-strategy-parameters", pk=999999)194 self.response_404(response)195 def test_adjust_robot_strategy_parameters(self):196 strategy = StrategyFactory(197 specification={198 "specVersion": "v0.1.0",199 "parameters": [200 {201 "code": "code1",202 "name": "Code1",203 "type": "string",204 "description": "",205 "default": "old1",206 "editable": True,207 },208 {209 "code": "code2",210 "name": "Code2",211 "type": "string",212 "description": "",213 "default": "old2",214 "editable": True,215 },216 ],217 }218 )219 robot = RobotFactory(strategy=strategy, credential=self.admin_user_credential)220 self.login(username=self.admin_user.username, password="password")221 data = {222 "code1": "new1",223 "code2": "new2",224 }225 response = self.patch("api:robot-strategy-parameters", data=data, pk=robot.pk)226 self.response_200(response)227 robot.refresh_from_db()228 self.assertDictEqual(229 robot.strategy_parameters,230 {231 "code1": "new1",232 "code2": "new2",233 },234 )235 # retrieve strategy parameters236 def test_retrieve_strategy_parameters_permission(self):237 robot = RobotFactory()238 # No x-api-key provided239 response = self.get("api:robot-strategy-parameters", pk=robot.pk)240 self.response_403(response)241 def test_retrieve_nonexistent_robot_strategy_parameters(self):242 response = self.get(243 "api:robot-strategy-parameters",244 pk=999999,245 extra={"HTTP_X_API_KEY": self.x_api_key},246 )247 self.response_404(response)248 def test_retrieve_strategy_parameters(self):249 strategy = StrategyFactory(250 specification={251 "specVersion": "v0.1.0",252 "parameters": [253 {254 "code": "param1",255 "name": "Param1",256 "type": "string",257 "description": "",258 "default": "test1",259 "editable": True,260 },261 {262 "code": "param2",263 "name": "Param2",264 "type": "string",265 "description": "",266 "default": "test2",267 "editable": True,268 },269 ],270 }271 )272 robot = RobotFactory(strategy=strategy, credential=self.admin_user_credential)273 response = self.get(274 "api:robot-strategy-parameters",275 pk=robot.pk,276 extra={"HTTP_X_API_KEY": self.x_api_key},277 )278 self.response_200(response)279 self.assertEqual(280 response.data,281 {282 "param1": "test1",283 "param2": "test2",284 },285 )286 # retrieve strategy spec view287 def test_retrieve_strategy_spec_view_permission(self):288 robot = RobotFactory()289 # anonymous user290 response = self.get("api:robot-strategy-spec-view", pk=robot.pk)291 self.response_401(response)292 # normal user293 self.login(username=self.normal_user.username, password="password")294 response = self.get("api:robot-strategy-spec-view", pk=robot.pk)295 self.response_403(response)296 def test_retrieve_nonexistent_robot_strategy_spec_view(self):297 self.login(username=self.admin_user.username, password="password")298 response = self.get("api:robot-strategy-spec-view", pk=999999)299 self.response_404(response)300 def test_retrieve_strategy_spec_view(self):301 strategy = StrategyFactory(302 specification={303 "specVersion": "v0.1.0",304 "parameters": [305 {306 "code": "param1",307 "name": "Param1",308 "type": "string",309 "description": "",310 "default": "test1",311 "editable": True,312 },313 {314 "code": "param2",315 "name": "Param2",316 "type": "string",317 "description": "",318 "default": "test2",319 "editable": True,320 },321 ],322 }323 )324 robot = RobotFactory(strategy=strategy, credential=self.admin_user_credential)325 robot.strategy_parameters = {326 "param1": "new1",327 "param2": "new2",328 }329 robot.save(update_fields=["strategy_parameters"])330 self.login(username=self.admin_user.username, password="password")331 response = self.get("api:robot-strategy-spec-view", pk=robot.pk)332 self.response_200(response)333 self.assertEqual(334 response.data,335 {336 "specVersion": "v0.1.0",337 "parameters": [338 {339 "code": "param1",340 "name": "Param1",341 "type": "string",342 "description": "",343 "default": "test1",344 "value": "new1",345 "editable": True,346 },347 {348 "code": "param2",349 "name": "Param2",350 "type": "string",351 "description": "",352 "default": "test2",353 "value": "new2",354 "editable": True,355 },356 ],357 },358 )359 # partial update asset record360 def test_partial_update_asset_record_permission(self):361 robot = RobotFactory()362 # No x-api-key provided363 response = self.patch("api:robot-asset-record", pk=robot.pk)364 self.response_403(response)365 def test_partial_update_nonexistent_robot_asset_record(self):366 response = self.patch(367 "api:robot-asset-record",368 pk=999999,369 extra={"HTTP_X_API_KEY": self.x_api_key},370 )371 self.response_404(response)372 def test_partial_update_asset_record(self):373 robot = RobotFactory(credential=self.admin_user_credential)374 data = {"total_balance": 6666}375 response = self.patch(376 "api:robot-asset-record",377 pk=robot.pk,378 data=data,379 extra={"HTTP_X_API_KEY": self.x_api_key},380 )381 self.response_200(response)382 robot.refresh_from_db()383 self.assertEqual(384 robot.asset_record.total_principal,385 0,386 )387 self.assertEqual(388 robot.asset_record.total_balance,389 6666,390 )391 # retrieve credential key392 def test_retrieve_credential_key_permission(self):393 robot = RobotFactory()394 # No x-api-key provided395 response = self.get("api:robot-credential-key", pk=robot.pk)396 self.response_403(response)397 def test_retrieve_nonexistent_robot_credential_key(self):398 response = self.get(399 "api:robot-credential-key",400 pk=999999,401 extra={"HTTP_X_API_KEY": self.x_api_key},402 )403 self.response_404(response)404 def test_retrieve_credential_key(self):405 robot = RobotFactory(credential=self.admin_user_credential)406 response = self.get(407 "api:robot-credential-key",408 pk=robot.pk,409 extra={"HTTP_X_API_KEY": self.x_api_key},410 )411 self.response_200(response)412 self.assertEqual(413 response.data,414 robot.credential.key,415 )416 # list asset record snaps417 def test_list_robot_asset_record_snap_permission(self):418 robot = RobotFactory(credential=self.admin_user_credential)419 # anonymous420 response = self.get("api:robot-asset-record-snap-list", pk=robot.pk)421 self.response_401(response)422 # normal user423 self.login(username=self.normal_user.username, password="password")424 response = self.get("api:robot-asset-record-snap-list", pk=robot.pk)425 self.response_403(response)426 def test_list_nonexistent_robot_asset_record_snap(self):427 self.login(username=self.admin_user.username, password="password")428 response = self.get("api:robot-asset-record-snap-list", pk=999999)429 self.response_404(response)430 def test_list_robot_asset_record_snap(self):431 robot = RobotFactory(credential=self.admin_user_credential)432 self.login(username=self.admin_user.username, password="password")433 response = self.get("api:robot-asset-record-snap-list", pk=robot.pk)434 self.response_200(response)435 # update position store436 def test_update_position_store_permission(self):437 robot = RobotFactory()438 # No x-api-key provided439 response = self.put("api:robot-position-store", pk=robot.pk)440 self.response_403(response)441 def test_update_nonexistent_robot_position_store(self):442 response = self.put(443 "api:robot-position-store",444 pk=999999,445 extra={"HTTP_X_API_KEY": self.x_api_key},446 )447 self.response_404(response)448 @freeze_time("2020-10-18 03:21:34.456789+08:00") # UTC449 def test_update_position_store(self):450 robot = RobotFactory(credential=self.admin_user_credential)451 positions = [{"qty": 1, "avgPrice": 355, "side": -1}]452 response = self.put(453 "api:robot-position-store",454 pk=robot.pk,455 data=positions,456 extra={"HTTP_X_API_KEY": self.x_api_key},457 )458 self.response_200(response)459 robot.refresh_from_db()460 self.assertEqual(461 robot.position_store["updatedAt"],462 "2020-10-18T03:21:34.456789+08:00",463 )464 self.assertEqual(465 robot.position_store["positions"],466 [{"qty": 1, "avgPrice": 355, "side": -1}],467 )468 # update order store469 def test_update_order_store_permission(self):470 robot = RobotFactory()471 # No x-api-key provided472 response = self.put("api:robot-order-store", pk=robot.pk)473 self.response_403(response)474 def test_update_nonexistent_robot_order_store(self):475 response = self.put(476 "api:robot-order-store",477 pk=999999,478 extra={"HTTP_X_API_KEY": self.x_api_key},479 )480 self.response_404(response)481 @freeze_time("2020-10-18 03:21:34.456789+08:00") # UTC482 def test_update_order_store(self):483 robot = RobotFactory(credential=self.admin_user_credential)484 orders = [{"qty": 1, "price": 355, "side": -1}]485 response = self.put(486 "api:robot-order-store",487 pk=robot.pk,488 data=orders,489 extra={"HTTP_X_API_KEY": self.x_api_key},490 )491 self.response_200(response)492 robot.refresh_from_db()493 self.assertEqual(494 robot.order_store["updatedAt"],495 "2020-10-18T03:21:34.456789+08:00",496 )497 self.assertEqual(498 robot.order_store["orders"], [{"qty": 1, "price": 355, "side": -1}]499 )500 # update strategy store501 def test_update_strategy_store_permission(self):502 robot = RobotFactory()503 # No x-api-key provided504 response = self.put("api:robot-strategy-store", pk=robot.pk)505 self.response_403(response)506 def test_update_nonexistent_robot_strategy_store(self):507 response = self.put(508 "api:robot-strategy-store",509 pk=999999,510 extra={"HTTP_X_API_KEY": self.x_api_key},511 )512 self.response_404(response)513 @freeze_time("2020-10-18 03:21:34.456789+08:00") # UTC514 def test_update_strategy_store(self):515 robot = RobotFactory(credential=self.admin_user_credential)516 data = {"openPosQty": 100, "maxPosQty": 10}517 response = self.put(518 "api:robot-strategy-store",519 pk=robot.pk,...
test_api.py
Source:test_api.py
...16 Tests with a regular user17 """18 # Does API work without auth?19 response = self.get("users-list")20 self.response_403(response)21 # Does API work with auth?22 with self.login(self.user):23 response = self.get("users-list")24 self.response_200(response)25 self.assertEqual(len(response.data), 3)26 # Are non-staff shown/hidden the right fields?27 self.assertIn("first_name", response.data[0])28 self.assertNotIn("date_joined", response.data[0])29 def test_list_staff(self):30 """31 Test with a staff user, who use a different serializer32 """33 # Are staff shown the right fields?34 with self.login(self.staff):35 response = self.get("users-list")36 self.response_200(response)37 self.assertEqual(len(response.data), 3)38 self.assertIn("first_name", response.data[0])39 self.assertIn("date_joined", response.data[0])40 def test_detail(self):41 # Does this API work without auth?42 response = self.get("users-detail", pk=self.sample_user.pk)43 self.response_403(response)44 # Does this API work with non-staff auth?45 with self.login(self.user):46 response = self.get("users-detail", pk=self.sample_user.pk)47 self.response_200(response)48 self.assertIn("first_name", response.data)49 self.assertNotIn("date_joined", response.data)50 # Does this API work with staff auth?51 with self.login(self.staff):52 response = self.get("users-detail", pk=self.sample_user.pk)53 self.response_200(response)54 self.assertIn("first_name", response.data)55 self.assertIn("date_joined", response.data)56 def test_create(self):57 user = UserFactory.build()58 payload = serializers.FullUserSerializer(user).data59 # Does API work without auth?60 response = self.client.post(reverse("users-list"), data=payload, format="json")61 self.response_403(response)62 # Does API work with non-staff user?63 with self.login(self.user):64 response = self.client.post(65 reverse("users-list"), data=payload, format="json"66 )67 self.response_403(response)68 # Does API work with staff user?69 with self.login(self.staff):70 response = self.client.post(71 reverse("users-list"), data=payload, format="json"72 )73 self.response_201(response)74 def test_delete(self):75 url = reverse("users-detail", kwargs={"pk": self.sample_user.pk})76 # Does this API work without auth?77 response = self.client.delete(url, format="json")78 self.response_403(response)79 # Does this API wotk with non-staff user?80 with self.login(self.user):81 response = self.client.delete(url, format="json")82 self.response_403(response)83 # Does this API work with staff user?84 with self.login(self.staff):85 response = self.client.delete(url, format="json")86 self.assertEqual(response.status_code, 204)87 # Confirm object is gone88 response = self.get(url)89 self.response_404(response)90 def test_update(self):91 url = reverse("users-detail", kwargs={"pk": self.sample_user.pk})92 old_name = self.sample_user.first_name93 payload = serializers.FullUserSerializer(self.sample_user).data94 # Does this API work without auth?95 response = self.client.put(url, payload, format="json")96 self.response_403(response)97 # Does this API work with non-staff auth?98 with self.login(self.user):99 self.sample_user.first_name = Faker().name()100 payload = serializers.FullUserSerializer(self.sample_user).data101 response = self.client.put(url, payload, format="json")102 self.response_403(response)103 # Does this APO work with staff auth?104 with self.login(self.staff):105 self.sample_user.first_name = Faker().name()106 payload = serializers.FullUserSerializer(self.sample_user).data107 response = self.client.put(url, payload, format="json")108 self.response_200(response)109 self.assertFalse(response.data["first_name"] == old_name)110 # Test updating reversions111 self.sample_user.first_name = old_name112 payload = serializers.FullUserSerializer(self.sample_user).data113 response = self.client.put(url, payload, format="json")114 self.assertTrue(response.data["first_name"] == old_name)115class CurrentUserViewTests(TestCase):116 client_class = APIClient117 def setUp(self):118 self.user = UserFactory()119 self.staff = StaffUserFactory()120 def test_get_current_user(self):121 # Does this API work without auth?122 response = self.get("current-user")123 self.response_403(response)124 # Does this API work with auth?125 with self.login(self.user):126 response = self.get("current-user")127 self.response_200(response)128 self.assertIn("first_name", response.data)129 self.assertIn("date_joined", response.data)130 def test_create(self):131 user = UserFactory.build()132 payload = serializers.CurrentUserSerializer(user).data133 # Does API work without auth?134 response = self.client.post(135 reverse("current-user"), data=payload, format="json"136 )137 self.response_403(response)138 # Does API work with non-staff user?139 with self.login(self.user):140 response = self.client.post(141 reverse("current-user"), data=payload, format="json"142 )143 self.response_405(response)144 # Does API work with staff user?145 with self.login(self.staff):146 response = self.client.post(147 reverse("current-user"), data=payload, format="json"148 )149 self.response_405(response)150 def test_update(self):151 old_name = self.user.first_name152 payload = serializers.CurrentUserSerializer(self.user).data153 # Does this API work without auth?154 response = self.client.post(155 reverse("current-user"), data=payload, format="json"156 )157 self.response_403(response)158 # Does this API work with auth?159 with self.login(self.user):160 self.user.first_name = Faker().name()161 payload = serializers.CurrentUserSerializer(self.user).data162 response = self.client.put(reverse("current-user"), payload, format="json")163 self.response_200(response)164 self.assertFalse(response.data["first_name"] == old_name)165 # Test updating reversions166 self.user.first_name = old_name167 payload = serializers.CurrentUserSerializer(self.user).data168 response = self.client.put(reverse("current-user"), payload, format="json")169 self.assertTrue(response.data["first_name"] == old_name)170 # Can user update readonly fields?171 old_email = self.user.email172 with self.login(self.user):173 self.user.email = Faker().email()174 payload = serializers.CurrentUserSerializer(self.user).data175 response = self.client.put(reverse("current-user"), payload, format="json")176 self.response_200(response)177 self.assertEqual(response.data["email"], old_email)178 def test_delete(self):179 # Does this API work without auth?180 response = self.client.delete(reverse("current-user"), format="json")181 self.response_403(response)182 # Does this API wotk with auth? Should not.183 with self.login(self.user):184 response = self.client.delete(reverse("current-user"), format="json")...
test_response_403_function.py
Source:test_response_403_function.py
...4class Response403TestCase(unittest.TestCase):5 def test_generic_403_response(self):6 request = HttpRequest()7 request.method = 'GET'8 response = response_403(request)9 self.assertEqual(response.status_code, 403)10 self.assertIn(b'<title>403: Forbiddena</title>', response.content)11 self.assertIn(b'<meta name="description" content="SOUTHERN CROSS!">', response.content) # noqa...
Automation Testing Tutorials
Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.
LambdaTest Learning Hubs:
- JUnit Tutorial
- TestNG Tutorial
- Webdriver Tutorial
- WebDriverIO Tutorial
- Protractor Tutorial
- Selenium 4 Tutorial
- Jenkins Tutorial
- NUnit Tutorial
- Jest Tutorial
- Playwright Tutorial
- Cypress Tutorial
- PyTest Tutorial
YouTube
You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.
Run Django Test Plus automation tests on LambdaTest cloud grid
Perform automation testing on 3000+ real desktop and mobile devices online.
Try LambdaTest Now !!
Get 100 minutes of automation test minutes FREE!!
Was this article helpful?
