test: implement integration tests for main rest API use cases

Author: mariajgrimaldi

openedx_authz/tests/integration/test_views.py

@@ -1,55 +1,77 @@
 """Integration tests for openedx_authz views."""
 
 
-from django.test import TestCase
+import uuid
+from urllib.parse import urlencode
+
+import pytest
+from django.test import TestCase, override_settings
 from django.urls import reverse
 from rest_framework import status
 from rest_framework.test import APIClient
 from django.contrib.auth import get_user_model
 
+from openedx_authz.api.users import assign_role_to_user_in_scope
 from openedx_authz.models.core import ExtendedCasbinRule
 from openedx_authz.tests.integration.test_models import create_test_library
 
 
 User = get_user_model()
 
+
+@pytest.mark.integration
+@override_settings(ROOT_URLCONF="openedx_authz.urls")
 class TestRoleAssignmentView(TestCase):
     """Tests for the role assignment view."""
 
     def setUp(self):
         """Set up the test client and any required data."""
         self.client = APIClient()
-        self.url = reverse("openedx_authz:role-assignment")
+        self.url = reverse("openedx_authz:role-user-list")
         self.library_metadata, self.library_key, self.content_library = create_test_library("TestOrg")
         self.role_key = "library_admin"
-        # Create User
-        self.user_data = {
-            "username": "test_user",
-            "email": "[email protected]"
-        }
-        self.user = User.objects.create_user(**self.user_data)
+
+        # Create random users to avoid conflicts in persistent database
+        unique_id = uuid.uuid4().hex[:8]
+        self.user = User.objects.create_user(
+            username=f"test_user_{unique_id}",
+            email=f"test_{unique_id}@example.com"
+        )
+        self.admin_user = User.objects.create_user(
+            username=f"admin_user_{unique_id}",
+            email=f"admin_{unique_id}@example.com",
+            is_staff=True,
+            is_superuser=True
+        )
+
+        assign_role_to_user_in_scope(
+            user_external_key=self.admin_user.username,
+            role_external_key=self.role_key,
+            scope_external_key=str(self.library_key)
+        )
+        self.client.force_authenticate(user=self.admin_user)
 
     def test_role_assignment_with_extended_model(self):
         """Test role assignment when ExtendedCasbinRule model is in use.
 
         Expected Results:
-        - Role assignment is successful (HTTP 201 Created).
+        - Role assignment is successful (HTTP 207 Multi-Status).
         - An ExtendedCasbinRule is created with the correct scope and subject.
         """
         payload = {
-            "user": self.user.username,
+            "users": [self.user.username],
             "role": self.role_key,
-            "scope": self.library_key,
+            "scope": str(self.library_key),
         }
 
-        response = self.client.post(self.url, payload, format='json')
+        response = self.client.put(self.url, payload, format='json')
 
-        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
-        self.assertIn("role_assignment_id", response.data)
+        self.assertEqual(response.status_code, status.HTTP_207_MULTI_STATUS)
+        self.assertEqual(len(response.data["completed"]), 1)
 
         extended_rule = ExtendedCasbinRule.objects.filter(
-            subject__user=self.user,
-            scope__content_library=self.content_library,
+            subject__usersubject__user=self.user,
+            scope__contentlibraryscope__content_library=self.content_library,
         ).first()
         self.assertIsNotNone(extended_rule)
         self.assertIn(payload["role"], extended_rule.casbin_rule_key)
@@ -58,26 +80,31 @@ def test_role_unassignment_with_extended_model(self):
         """Test role unassignment when ExtendedCasbinRule model is in use.
 
         Expected Results:
-        - Role unassignment is successful (HTTP 204 No Content).
+        - Role unassignment is successful (HTTP 207 Multi-Status).
         - The associated ExtendedCasbinRule is deleted.
         - No orphaned ExtendedCasbinRule remains after unassignment.
         """
         payload = {
-            "user": self.user.username,
+            "users": [self.user.username],
             "role": self.role_key,
-            "scope": self.library_key,
+            "scope": str(self.library_key),
         }
-        create_response = self.client.post(self.url, payload, format='json')
-        self.assertEqual(create_response.status_code, status.HTTP_201_CREATED)
-        role_assignment_id = create_response.data["role_assignment_id"]
+        create_response = self.client.put(self.url, payload, format='json')
+        self.assertEqual(create_response.status_code, status.HTTP_207_MULTI_STATUS)
+        self.assertEqual(len(create_response.data["completed"]), 1)
 
-        unassign_url = reverse("openedx_authz:role-unassignment", args=[role_assignment_id])
-        unassign_response = self.client.delete(unassign_url)
+        delete_params = {
+            "role": self.role_key,
+            "scope": str(self.library_key),
+            "users": self.user.username,
+        }
+        unassign_response = self.client.delete(f"{self.url}?{urlencode(delete_params)}")
 
-        self.assertEqual(unassign_response.status_code, status.HTTP_204_NO_CONTENT)
+        self.assertEqual(unassign_response.status_code, status.HTTP_207_MULTI_STATUS)
+        self.assertEqual(len(unassign_response.data["completed"]), 1)
 
         extended_rule = ExtendedCasbinRule.objects.filter(
-            subject__user=self.user,
-            scope__content_library__id=self.content_library.id,
+            subject__usersubject__user=self.user,
+            scope__contentlibraryscope__content_library=self.content_library,
         ).first()
         self.assertIsNone(extended_rule)