From 9b0eeff865bb39454f201eb82b460fdc27899a90 Mon Sep 17 00:00:00 2001 From: Mark Date: Thu, 29 Nov 2018 12:27:07 -0800 Subject: Django - Add Infractions API (#149) * add Infraction model and serialiser The model in not finalised. * fix mix up of serialiser fields * remove explicit id field and add foreign keys * remove unused import * disallow null for user * add view set and route * fix model and create migration * fix typo choice => choices * specify names for reverse accessors for User FKs * add django-filter * add filters to view set * add string dunder method to model * add list/retrieve tests * make reason nullable * add creation tests * remove support for PUT and DELETE * add support for PATCH * assert timestamps using strings rather than datetimes This is done to keep 3.6 support; datetime.fromisoformat() is 3.7+ * assert inserted_at * add unauthenticated tests * add bad value tests for list filters and retrieve * remove prefetch cache invalidation * make __str__ more descriptive * add field validation & remove note type * add tests for field validation * fix coverage for Infraction string dunder test * fix coverage (for sure this time) * return 400 for partial updates with frozen fields * add expanded serialiser and endpoints * test expanded endpoints * remove extra retrieve call * remove unnecessary try-finally blocks * remove extra blank line * document endpoints (except expanded) * document expanded routes * fix wrong routes in docstring (/infraction -> /infractions) * make merge migration --- api/tests/test_infractions.py | 359 ++++++++++++++++++++++++++++++++++++++++++ api/tests/test_models.py | 23 ++- 2 files changed, 376 insertions(+), 6 deletions(-) create mode 100644 api/tests/test_infractions.py (limited to 'api/tests') diff --git a/api/tests/test_infractions.py b/api/tests/test_infractions.py new file mode 100644 index 00000000..42010973 --- /dev/null +++ b/api/tests/test_infractions.py @@ -0,0 +1,359 @@ +from datetime import datetime as dt, timedelta, timezone +from urllib.parse import quote + +from django_hosts.resolvers import reverse + +from .base import APISubdomainTestCase +from ..models import Infraction, User + + +class UnauthenticatedTests(APISubdomainTestCase): + def setUp(self): + super().setUp() + self.client.force_authenticate(user=None) + + def test_detail_lookup_returns_401(self): + url = reverse('bot:infraction-detail', args=(5,), host='api') + response = self.client.get(url) + + self.assertEqual(response.status_code, 401) + + def test_list_returns_401(self): + url = reverse('bot:infraction-list', host='api') + response = self.client.get(url) + + self.assertEqual(response.status_code, 401) + + def test_create_returns_401(self): + url = reverse('bot:infraction-list', host='api') + response = self.client.post(url, data={'reason': 'Have a nice day.'}) + + self.assertEqual(response.status_code, 401) + + def test_partial_update_returns_401(self): + url = reverse('bot:infraction-detail', args=(5,), host='api') + response = self.client.patch(url, data={'reason': 'Have a nice day.'}) + + self.assertEqual(response.status_code, 401) + + +class InfractionTests(APISubdomainTestCase): + @classmethod + def setUpTestData(cls): # noqa + cls.user = User.objects.create( + id=5, + name='james', + discriminator=1, + avatar_hash=None + ) + cls.ban_hidden = Infraction.objects.create( + user_id=cls.user.id, + actor_id=cls.user.id, + type='ban', + reason='He terk my jerb!', + hidden=True, + expires_at=dt(5018, 11, 20, 15, 52, tzinfo=timezone.utc) + ) + cls.ban_inactive = Infraction.objects.create( + user_id=cls.user.id, + actor_id=cls.user.id, + type='ban', + reason='James is an ass, and we won\'t be working with him again.', + active=False + ) + + def test_list_all(self): + url = reverse('bot:infraction-list', host='api') + response = self.client.get(url) + + self.assertEqual(response.status_code, 200) + infractions = response.json() + + self.assertEqual(len(infractions), 2) + self.assertEqual(infractions[0]['id'], self.ban_hidden.id) + self.assertEqual(infractions[1]['id'], self.ban_inactive.id) + + def test_filter_search(self): + url = reverse('bot:infraction-list', host='api') + pattern = quote(r'^James(\s\w+){3},') + response = self.client.get(f'{url}?search={pattern}') + + self.assertEqual(response.status_code, 200) + infractions = response.json() + + self.assertEqual(len(infractions), 1) + self.assertEqual(infractions[0]['id'], self.ban_inactive.id) + + def test_filter_field(self): + url = reverse('bot:infraction-list', host='api') + response = self.client.get(f'{url}?type=ban&hidden=true') + + self.assertEqual(response.status_code, 200) + infractions = response.json() + + self.assertEqual(len(infractions), 1) + self.assertEqual(infractions[0]['id'], self.ban_hidden.id) + + def test_returns_empty_for_no_match(self): + url = reverse('bot:infraction-list', host='api') + response = self.client.get(f'{url}?type=ban&search=poop') + + self.assertEqual(response.status_code, 200) + self.assertEqual(len(response.json()), 0) + + def test_ignores_bad_filters(self): + url = reverse('bot:infraction-list', host='api') + response = self.client.get(f'{url}?type=ban&hidden=maybe&foo=bar') + + self.assertEqual(response.status_code, 200) + self.assertEqual(len(response.json()), 2) + + def test_retrieve_single_from_id(self): + url = reverse('bot:infraction-detail', args=(self.ban_inactive.id,), host='api') + response = self.client.get(url) + + self.assertEqual(response.status_code, 200) + self.assertEqual(response.json()['id'], self.ban_inactive.id) + + def test_retrieve_returns_404_for_absent_id(self): + url = reverse('bot:infraction-detail', args=(1337,), host='api') + response = self.client.get(url) + + self.assertEqual(response.status_code, 404) + + def test_partial_update(self): + url = reverse('bot:infraction-detail', args=(self.ban_hidden.id,), host='api') + data = { + 'expires_at': '4143-02-15T21:04:31+00:00', + 'active': False, + 'reason': 'durka derr' + } + + response = self.client.patch(url, data=data) + self.assertEqual(response.status_code, 200) + infraction = Infraction.objects.get(id=self.ban_hidden.id) + + # These fields were updated. + self.assertEqual(infraction.expires_at.isoformat(), data['expires_at']) + self.assertEqual(infraction.active, data['active']) + self.assertEqual(infraction.reason, data['reason']) + + # These fields are still the same. + self.assertEqual(infraction.id, self.ban_hidden.id) + self.assertEqual(infraction.inserted_at, self.ban_hidden.inserted_at) + self.assertEqual(infraction.user.id, self.ban_hidden.user.id) + self.assertEqual(infraction.actor.id, self.ban_hidden.actor.id) + self.assertEqual(infraction.type, self.ban_hidden.type) + self.assertEqual(infraction.hidden, self.ban_hidden.hidden) + + def test_partial_update_returns_400_for_frozen_field(self): + url = reverse('bot:infraction-detail', args=(self.ban_hidden.id,), host='api') + data = {'user': 6} + + response = self.client.patch(url, data=data) + self.assertEqual(response.status_code, 400) + self.assertEqual(response.json(), { + 'user': ['This field cannot be updated.'] + }) + + +class CreationTests(APISubdomainTestCase): + @classmethod + def setUpTestData(cls): # noqa + cls.user = User.objects.create( + id=5, + name='james', + discriminator=1, + avatar_hash=None + ) + + def test_accepts_valid_data(self): + url = reverse('bot:infraction-list', host='api') + data = { + 'user': self.user.id, + 'actor': self.user.id, + 'type': 'ban', + 'reason': 'He terk my jerb!', + 'hidden': True, + 'expires_at': '5018-11-20T15:52:00+00:00' + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 201) + + infraction = Infraction.objects.get(id=1) + self.assertAlmostEqual( + infraction.inserted_at, + dt.now(timezone.utc), + delta=timedelta(seconds=2) + ) + self.assertEqual(infraction.expires_at.isoformat(), data['expires_at']) + self.assertEqual(infraction.user.id, data['user']) + self.assertEqual(infraction.actor.id, data['actor']) + self.assertEqual(infraction.type, data['type']) + self.assertEqual(infraction.reason, data['reason']) + self.assertEqual(infraction.hidden, data['hidden']) + self.assertEqual(infraction.active, True) + + def test_returns_400_for_missing_user(self): + url = reverse('bot:infraction-list', host='api') + data = { + 'actor': self.user.id, + 'type': 'kick' + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 400) + self.assertEqual(response.json(), { + 'user': ['This field is required.'] + }) + + def test_returns_400_for_bad_user(self): + url = reverse('bot:infraction-list', host='api') + data = { + 'user': 1337, + 'actor': self.user.id, + 'type': 'kick' + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 400) + self.assertEqual(response.json(), { + 'user': ['Invalid pk "1337" - object does not exist.'] + }) + + def test_returns_400_for_bad_type(self): + url = reverse('bot:infraction-list', host='api') + data = { + 'user': self.user.id, + 'actor': self.user.id, + 'type': 'hug' + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 400) + self.assertEqual(response.json(), { + 'type': ['"hug" is not a valid choice.'] + }) + + def test_returns_400_for_bad_expired_at_format(self): + url = reverse('bot:infraction-list', host='api') + data = { + 'user': self.user.id, + 'actor': self.user.id, + 'type': 'ban', + 'expires_at': '20/11/5018 15:52:00' + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 400) + self.assertEqual(response.json(), { + 'expires_at': [ + 'Datetime has wrong format. Use one of these formats instead: ' + 'YYYY-MM-DDThh:mm[:ss[.uuuuuu]][+HH:MM|-HH:MM|Z].' + ] + }) + + def test_returns_400_for_expiring_non_expirable_type(self): + url = reverse('bot:infraction-list', host='api') + data = { + 'user': self.user.id, + 'actor': self.user.id, + 'type': 'kick', + 'expires_at': '5018-11-20T15:52:00+00:00' + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 400) + self.assertEqual(response.json(), { + 'expires_at': [f'{data["type"]} infractions cannot expire.'] + }) + + def test_returns_400_for_hidden_non_hideable_type(self): + url = reverse('bot:infraction-list', host='api') + data = { + 'user': self.user.id, + 'actor': self.user.id, + 'type': 'superstar', + 'hidden': True + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 400) + self.assertEqual(response.json(), { + 'hidden': [f'{data["type"]} infractions cannot be hidden.'] + }) + + +class ExpandedTests(APISubdomainTestCase): + @classmethod + def setUpTestData(cls): # noqa + cls.user = User.objects.create( + id=5, + name='james', + discriminator=1, + avatar_hash=None + ) + cls.kick = Infraction.objects.create( + user_id=cls.user.id, + actor_id=cls.user.id, + type='kick' + ) + cls.warning = Infraction.objects.create( + user_id=cls.user.id, + actor_id=cls.user.id, + type='warning' + ) + + def check_expanded_fields(self, infraction): + for key in ('user', 'actor'): + obj = infraction[key] + for field in ('id', 'name', 'discriminator', 'avatar_hash', 'roles', 'in_guild'): + self.assertTrue(field in obj, msg=f'field "{field}" missing from {key}') + + def test_list_expanded(self): + url = reverse('bot:infraction-list-expanded', host='api') + + response = self.client.get(url) + self.assertEqual(response.status_code, 200) + + response_data = response.json() + self.assertEqual(len(response_data), 2) + + for infraction in response_data: + self.check_expanded_fields(infraction) + + def test_create_expanded(self): + url = reverse('bot:infraction-list-expanded', host='api') + data = { + 'user': self.user.id, + 'actor': self.user.id, + 'type': 'warning' + } + + response = self.client.post(url, data=data) + self.assertEqual(response.status_code, 201) + + self.assertEqual(len(Infraction.objects.all()), 3) + self.check_expanded_fields(response.json()) + + def test_retrieve_expanded(self): + url = reverse('bot:infraction-detail-expanded', args=(self.warning.id,), host='api') + + response = self.client.get(url) + self.assertEqual(response.status_code, 200) + + infraction = response.json() + self.assertEqual(infraction['id'], self.warning.id) + self.check_expanded_fields(infraction) + + def test_partial_update_expanded(self): + url = reverse('bot:infraction-detail-expanded', args=(self.kick.id,), host='api') + data = {'active': False} + + response = self.client.patch(url, data=data) + self.assertEqual(response.status_code, 200) + + infraction = Infraction.objects.get(id=self.kick.id) + self.assertEqual(infraction.active, data['active']) + self.check_expanded_fields(response.json()) diff --git a/api/tests/test_models.py b/api/tests/test_models.py index 2e606801..1419a7d7 100644 --- a/api/tests/test_models.py +++ b/api/tests/test_models.py @@ -1,9 +1,11 @@ +from datetime import datetime as dt, timezone + from django.test import SimpleTestCase from ..models import ( - DocumentationLink, ModelReprMixin, - OffTopicChannelName, Role, - SnakeFact, SnakeIdiom, + DocumentationLink, Infraction, + ModelReprMixin, OffTopicChannelName, + Role, SnakeFact, SnakeIdiom, SnakeName, SpecialSnake, Tag, User ) @@ -41,13 +43,22 @@ class StringDunderMethodTests(SimpleTestCase): id=5, name='test role', colour=0x5, permissions=0 ), + Tag( + title='bob', + embed={'content': "the builder"} + ), User( id=5, name='bob', discriminator=1, avatar_hash=None ), - Tag( - title='bob', - embed={'content': "the builder"} + Infraction( + user_id=5, actor_id=5, + type='kick', reason='He terk my jerb!' + ), + Infraction( + user_id=5, actor_id=5, hidden=True, + type='kick', reason='He terk my jerb!', + expires_at=dt(5018, 11, 20, 15, 52, tzinfo=timezone.utc) ) ) -- cgit v1.2.3 From 9d5b6491f8825e4b366be3e6db0429237311dd1e Mon Sep 17 00:00:00 2001 From: ImportErr Date: Sat, 1 Dec 2018 12:23:02 +0000 Subject: Renamed class in test_users --- api/tests/test_users.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'api/tests') diff --git a/api/tests/test_users.py b/api/tests/test_users.py index 8dadcbdb..90bc3d30 100644 --- a/api/tests/test_users.py +++ b/api/tests/test_users.py @@ -4,7 +4,7 @@ from .base import APISubdomainTestCase from ..models import Role, User -class UnauthedDocumentationLinkAPITests(APISubdomainTestCase): +class UnauthedUserAPITests(APISubdomainTestCase): def setUp(self): super().setUp() self.client.force_authenticate(user=None) -- cgit v1.2.3 From 1d67beb7938635044aff75c819a7c78dde81ac63 Mon Sep 17 00:00:00 2001 From: Johannes Christ Date: Wed, 9 Jan 2019 20:52:06 +0100 Subject: Add a view returning the server rules. Closes #171. --- api/tests/test_rules.py | 35 +++++++++++++ api/urls.py | 5 +- api/views.py | 135 +++++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 172 insertions(+), 3 deletions(-) create mode 100644 api/tests/test_rules.py (limited to 'api/tests') diff --git a/api/tests/test_rules.py b/api/tests/test_rules.py new file mode 100644 index 00000000..6552333c --- /dev/null +++ b/api/tests/test_rules.py @@ -0,0 +1,35 @@ +from django_hosts.resolvers import reverse + +from .base import APISubdomainTestCase +from ..views import RulesView + + +class HealthcheckAPITests(APISubdomainTestCase): + def setUp(self): + super().setUp() + self.client.force_authenticate(user=None) + + def test_can_access_rules_view(self): + url = reverse('rules', host='api') + response = self.client.get(url) + + self.assertEqual(response.status_code, 200) + self.assertIsInstance(response.json(), list) + + def test_link_format_query_param_produces_different_results(self): + url = reverse('rules', host='api') + markdown_links_response = self.client.get(url + '?link_format=md') + html_links_response = self.client.get(url + '?link_format=html') + self.assertNotEqual( + markdown_links_response.json(), + html_links_response.json() + ) + + def test_format_link_raises_value_error_for_invalid_target(self): + with self.assertRaises(ValueError): + RulesView._format_link("a", "b", "c") + + def test_get_returns_400_for_wrong_link_format(self): + url = reverse('rules', host='api') + response = self.client.get(url + '?link_format=unknown') + self.assertEqual(response.status_code, 400) diff --git a/api/urls.py b/api/urls.py index 7d6a4f7d..66d3fb9e 100644 --- a/api/urls.py +++ b/api/urls.py @@ -1,7 +1,7 @@ from django.urls import include, path from rest_framework.routers import DefaultRouter -from .views import HealthcheckView +from .views import HealthcheckView, RulesView from .viewsets import ( DocumentationLinkViewSet, InfractionViewSet, OffTopicChannelNameViewSet, RoleViewSet, @@ -63,5 +63,6 @@ urlpatterns = ( # from django_hosts.resolvers import reverse # snake_name_endpoint = reverse('bot:snakename-list', host='api') # `bot/` endpoints path('bot/', include((bot_router.urls, 'api'), namespace='bot')), - path('healthcheck', HealthcheckView.as_view(), name='healthcheck') + path('healthcheck', HealthcheckView.as_view(), name='healthcheck'), + path('rules', RulesView.as_view(), name='rules') ) diff --git a/api/views.py b/api/views.py index c5582ec0..6a269618 100644 --- a/api/views.py +++ b/api/views.py @@ -1,3 +1,4 @@ +from rest_framework.exceptions import ParseError from rest_framework.response import Response from rest_framework.views import APIView @@ -17,7 +18,7 @@ class HealthcheckView(APIView): Seems to be. ## Authentication - Does not require any authentication nor permissions.. + Does not require any authentication nor permissions. """ authentication_classes = () @@ -25,3 +26,135 @@ class HealthcheckView(APIView): def get(self, request, format=None): # noqa return Response({'status': 'ok'}) + + +class RulesView(APIView): + """ + Return a list of the server's rules. + + ## Routes + ### GET /rules + Returns a JSON array containing the server's rules: + + >>> [ + ... "Eat candy.", + ... "Wake up at 4 AM.", + ... "Take your medicine." + ... ] + + Since some of the the rules require links, this view + gives you the option to return rules in either Markdown + or HTML format by specifying the `format`. + + ## Authentication + Does not require any authentication nor permissions. + """ + + authentication_classes = () + permission_classes = () + + @staticmethod + def _format_link(description, link, target): + """ + Build the markup necessary to render `link` with `description` + as its description in the given `target` language. + + Arguments: + description (str): + A textual description of the string. Represents the content + between the `` tags in HTML, or the content between the + array brackets in Markdown. + + link (str): + The resulting link that a user should be redirected to + upon clicking the generated element. + + target (str): + One of `{'md', 'html'}`, denoting the target format that the + link should be rendered in. + + Returns: + str: + The link, rendered appropriately for the given `target` format + using `description` as its textual description. + + Raises: + ValueError: + If `target` is not `'md'` or `'html'`. + """ + + if target == 'html': + return f'{description}' + elif target == 'md': + return f'[{description}]({link})' + else: + raise ValueError( + f"Can only template links to `html` or `md`, got `{target}`" + ) + + + # `format` here is the result format, we have a link format here instead. + def get(self, request, format=None): # noqa + link_format = request.query_params.get('link_format', 'md') + if link_format not in ('html', 'md'): + raise ParseError( + f"`format` must be `html` or `md`, got `{format}`." + ) + + discord_community_guidelines_link = self._format_link( + 'Discord Community Guidelines', + 'https://discordapp.com/guidelines', + link_format + ) + channels_page_link = self._format_link( + 'channels page', + 'https://pythondiscord.com/about/channels', + link_format + ) + google_translate_link = self._format_link( + 'Google Translate', + 'https://translate.google.com/', + link_format + ) + + return Response([ + "Be polite, and do not spam.", + f"Follow the {discord_community_guidelines_link}.", + ( + "Don't intentionally make other people uncomfortable - if " + "someone asks you to stop discussing something, you should stop." + ), + ( + "Be patient both with users asking " + "questions, and the users answering them." + ), + ( + "We will not help you with anything that might break a law or the " + "terms of service of any other community, site, service, or " + "otherwise - No piracy, brute-forcing, captcha circumvention, " + "sneaker bots, or anything else of that nature." + ), + ( + "Listen to and respect the staff members - we're " + "here to help, but we're all human beings." + ), + ( + "All discussion should be kept within the relevant " + "channels for the subject - See the " + f"{channels_page_link} for more information." + ), + ( + "This is an English-speaking server, so please speak English " + f"to the best of your ability - {google_translate_link} " + "should be fine if you're not sure." + ), + ( + "Keep all discussions safe for work - No gore, nudity, sexual " + "soliciting, references to suicide, or anything else of that nature" + ), + ( + "We do not allow advertisements for communities (including " + "other Discord servers) or commercial projects - Contact " + "us directly if you want to discuss a partnership!" + ) + ]) -- cgit v1.2.3 From 1d77eac6d99b2b9678a01a362ef4d1e4cfa5ab17 Mon Sep 17 00:00:00 2001 From: Johannes Christ Date: Wed, 9 Jan 2019 20:52:52 +0100 Subject: Use proper test case name. --- api/tests/test_rules.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'api/tests') diff --git a/api/tests/test_rules.py b/api/tests/test_rules.py index 6552333c..c94f89cc 100644 --- a/api/tests/test_rules.py +++ b/api/tests/test_rules.py @@ -4,7 +4,7 @@ from .base import APISubdomainTestCase from ..views import RulesView -class HealthcheckAPITests(APISubdomainTestCase): +class RuleAPITests(APISubdomainTestCase): def setUp(self): super().setUp() self.client.force_authenticate(user=None) -- cgit v1.2.3