This test confirms that the permissions for CRUD operations are being managed by the Django backend. It creates a non-admin user and attempts to create a new record with a POST request, which fails.
To test:
Create a new user, maybe in the admin screen with is_superuser = False
Attempt to post a new synonymType (for example) record or patch an existing one
After it fails, select the user in the django admin screen and assign the appropriate permissions
Log into the API again and try to perform the same POST operation; it should work now.
Sample JSON generated by SynonymTypeFactory for testing a POST:
{'name': 'almost-single-wide-0', 'label': 'almost single wide 0', 'short_description': 'Clear key president hour money. Beautiful identify four process option anyone. All cost represent. Look arrive identify second break.\nGovernment option what. Increase sit yeah seat get school happy. Evening soon ago agreement while where.\nManagement reality world bad cell cold. Morning rise research PM five increase country. Fear relate space fight strategy rise.\nAlways buy lot. Democratic maintain generation son big. Risk spring assume control long instead.', 'long_description': 'Dream that perhaps quite never sell research. Up unit soldier art with let pretty.\nNotice mean they real. Worker least eye both.', 'validation_regular_expression': '.*', 'score_modifier': -185804774682.93}
Closes: #117
This test confirms that the permissions for CRUD operations are being managed by the Django backend. It creates a non-admin user and attempts to create a new record with a POST request, which fails.
To test:
is_superuser
= FalsesynonymType
(for example) record or patch an existing oneSample JSON generated by SynonymTypeFactory for testing a POST: