diff --git a/edivorce/apps/core/serializer.py b/edivorce/apps/core/serializer.py index c19016f3..c756d1f3 100644 --- a/edivorce/apps/core/serializer.py +++ b/edivorce/apps/core/serializer.py @@ -23,22 +23,22 @@ class UserResponseSerializer(serializers.ModelSerializer): instance.save() -def file_extension_accepted(file): +def valid_file_extension(file): extension = file.name.split('.')[-1] if extension.lower() not in ['pdf', 'png', 'gif', 'jpg', 'jpe', 'jpeg']: raise ValidationError(f'File type not supported: {extension}') -def doc_type_accepted(value): +def valid_doc_type(value): valid_codes = ['AAI', 'AFDO', 'AFTL', 'CSA', 'EFSS', 'MC', 'NCV', 'OFI', 'RDP'] if value.upper() not in valid_codes: raise ValidationError(f'Doc type not supported: {value}. Valid codes: {", ".join(valid_codes)}') class CreateDocumentSerializer(serializers.ModelSerializer): - doc_type = serializers.CharField(required=True, validators=[doc_type_accepted]) + doc_type = serializers.CharField(required=True, validators=[valid_doc_type]) party_code = serializers.IntegerField(min_value=0, max_value=2, required=True) - file = serializers.FileField(required=True, validators=[file_extension_accepted]) + file = serializers.FileField(required=True, validators=[valid_file_extension]) filename = serializers.CharField(read_only=True) size = serializers.IntegerField(read_only=True) rotation = serializers.IntegerField(read_only=True) diff --git a/edivorce/apps/core/tests/test_api.py b/edivorce/apps/core/tests/test_api.py index 39959184..eab9fca6 100644 --- a/edivorce/apps/core/tests/test_api.py +++ b/edivorce/apps/core/tests/test_api.py @@ -9,7 +9,7 @@ from rest_framework.test import APIClient, APITestCase from edivorce.apps.core.models import BceidUser, Document -@modify_settings(MIDDLEWARE={'remove': 'edivorce.apps.core.middleware.bceid_middleware.BceidMiddleware',}) +@modify_settings(MIDDLEWARE={'remove': 'edivorce.apps.core.middleware.bceid_middleware.BceidMiddleware', }) class APITest(APITestCase): def setUp(self): self.user = BceidUser.objects.create(user_guid='1234') @@ -53,6 +53,8 @@ class APITest(APITestCase): self.assertEqual(document.party_code, 1) self.assertEqual(document.filename, file.name) self.assertEqual(document.size, file.size) + self.assertEqual(document.rotation, 0) + self.assertEqual(document.sort_order, 1) def test_post_duplicate_files_not_allowed(self): url = reverse('documents') @@ -149,6 +151,53 @@ class APITest(APITestCase): json_response = json.loads(response.content) self.assertEqual(len(json_response), 0) + def test_delete_document(self): + document = self._create_document() + self.assertEqual(Document.objects.count(), 1) + url = reverse('document', kwargs={'doc_type': document.doc_type, + 'party_code': document.party_code, + 'filename': document.filename, + 'size': document.size}) + response = self.client.delete(url) + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + self.assertEqual(Document.objects.count(), 1) + + self.client.force_authenticate(self.another_user) + response = self.client.delete(url) + self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) + self.assertEqual(Document.objects.count(), 1) + + self.client.force_authenticate(self.user) + response = self.client.delete(url) + self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) + self.assertEqual(Document.objects.count(), 0) + + def test_update_document(self): + document = self._create_document() + url = reverse('document', kwargs={'doc_type': document.doc_type, + 'party_code': document.party_code, + 'filename': document.filename, + 'size': document.size}) + data = { + 'rotation': 90 + } + response = self.client.put(url, data) + self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) + + self.client.force_authenticate(self.another_user) + response = self.client.put(url, data) + self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) + + self.client.force_authenticate(self.user) + response = self.client.put(url, data) + self.assertEqual(response.status_code, status.HTTP_200_OK) + + data['rotation'] = 45 + response = self.client.put(url, data) + self.assertContains(response, + 'Rotation must be 0, 90, 180, or 270', + status_code=status.HTTP_400_BAD_REQUEST) + def _create_document(self, doc_type=None, party_code=None): if not doc_type: doc_type = self.default_doc_type diff --git a/edivorce/apps/core/views/api.py b/edivorce/apps/core/views/api.py index e9f901df..92b48fee 100644 --- a/edivorce/apps/core/views/api.py +++ b/edivorce/apps/core/views/api.py @@ -77,7 +77,10 @@ class DocumentView(RetrieveUpdateDestroyAPIView): permission_classes = [permissions.IsAuthenticated] def get_object(self): - return Document.objects.get(bceid_user=self.request.user, **self.kwargs) + try: + return Document.objects.get(bceid_user=self.request.user, **self.kwargs) + except Document.DoesNotExist: + raise Http404("Document not found") def retrieve(self, request, *args, **kwargs): """ Return the file instead of meta data """