Status deletion tests; deletion check for ownership

2020-04-14 14:27:18 +01:00 · 2020-04-14 14:27:18 +01:00 · 027401c29b
commit 027401c29b
--- a/kepi/trilby_api/tests/test_status.py
+++ b/kepi/trilby_api/tests/test_status.py
@ -30,7 +30,83 @@ class TestStatus(TestCase):
                expect_result)

    def test_delete_status(self):
-        self.fail("Test not yet implemented")
+
+        self._alice = create_local_person(name='alice')
+
+        self._alice_status = create_local_status(
+                posted_by = self._alice,
+                content = 'Daisies are our silver.',
+        )
+
+        found = Status.objects.filter(
+                account = self._alice,
+                )
+
+        self.assertEqual(
+                len(found),
+                1,
+                "There is a status.")
+
+        c = APIClient()
+        c.force_authenticate(self._alice.local_user)
+
+        result = c.delete(
+                '/api/v1/statuses/{}'.format(
+                    self._alice_status.id,
+                    ),
+                )
+
+        self.assertEqual(result.status_code,
+                200)
+
+        # TODO: result body is meaningful and we should check it
+
+        found = Status.objects.filter(
+                account = self._alice,
+                )
+
+        self.assertEqual(
+                len(found),
+                0,
+                "There is no longer a status.")
+
+    def test_delete_status_not_yours(self):
+
+        self._alice = create_local_person(name='alice')
+        self._eve = create_local_person(name='eve')
+
+        self._alice_status = create_local_status(
+                posted_by = self._alice,
+                content = 'Daisies are our silver.',
+        )
+
+        c = APIClient()
+        c.force_authenticate(self._eve.local_user)
+
+        result = c.delete(
+                '/api/v1/statuses/{}'.format(
+                    self._alice_status.id,
+                    ),
+                )
+
+        self.assertEqual(result.status_code,
+                404)
+
+    def test_delete_status_404(self):
+
+        self._alice = create_local_person(name='alice')
+
+        c = APIClient()
+        c.force_authenticate(self._alice.local_user)
+
+        result = c.delete(
+                '/api/v1/statuses/{}'.format(
+                    1234,
+                    ),
+                )
+
+        self.assertEqual(result.status_code,
+                404)

    def test_get_context(self):
        self.fail("Test not yet implemented")
--- a/kepi/trilby_api/views.py
+++ b/kepi/trilby_api/views.py
@ -285,11 +285,9 @@ class Statuses(generics.ListCreateAPIView,
                        )
            except Status.DoesNotExist:

-                return JsonResponse(
-                        {
-                            'error': 'Record not found',
-                            },
+                return error_response(
                        status = 404,
+                        reason = 'Record not found',
                        )

        else:
@ -353,6 +351,33 @@ class Statuses(generics.ListCreateAPIView,
                reason = 'Hot off the press',
                )

+    def delete(self, request, *args, **kwargs):
+
+        if 'id' not in kwargs:
+            return error_response(404, 'Can\'t delete all statuses at once')
+
+        the_status = get_object_or_404(
+                self.get_queryset(),
+                id = int(kwargs['id']),
+                )
+
+        if the_status.account != request.user.person:
+            return error_response(404, # sic
+                    'That isn\'t yours to delete')
+
+        serializer = StatusSerializer(
+                the_status,
+                context = {
+                    'request': request,
+                    },
+                )
+
+        response = JsonResponse(serializer.data)
+
+        the_status.delete()
+
+        return response
+
 class StatusContext(generics.ListCreateAPIView):

    queryset = trilby_models.Status.objects.all()