Closed lpatmo closed 4 years ago
Merging #134 into master will not change coverage. The diff coverage is
100.00%
.
@@ Coverage Diff @@
## master #134 +/- ##
=======================================
Coverage 81.44% 81.44%
=======================================
Files 29 29
Lines 469 469
=======================================
Hits 382 382
Misses 87 87
Impacted Files | Coverage Δ | |
---|---|---|
project/resources/views.py | 68.18% <100.00%> (ø) |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 56c7c90...b7ca81e. Read the comment docs.
Personally I find reducing each test case to the bare minimum makes it easier to read/understand
That is excellent feedback, thank you! Will take a look/improve this tonight...
Pushed up some simplifying changes in 2caac24!
@chris48s Thanks!!
Context
The GET /resources and a GET /resources/{id} required user authorization. But ideally, we want non-logged-in-users to be able to search and look at resources. They should only have to be logged in if they want to delete, create, or edit a resource.
@chris48s and @BethanyG did most of the heavy lifting with tests already; I only followed the same pattern.
Feedback welcome!
Note: I left POSTing a resource as a later todo, since it is blocked by https://github.com/codebuddies/backend/issues/125.
Before & After
Before: GET /resources and GET /resources/{id} hidden under a token
After: GET /resources and GET /resources/{id} available to users without a token
Implementation
[x] Make GET /resources not protected by authorization [x] Change setup for tests to make sure we're not authed for the GET requests, but are authed for PATCH, and search. [x] Add test to make sure GET /api/v1/resources/{{guid}}/ and GET /api/v1/resources/ requests and search work without a token [x] Add/alter tests for GET GET /api/v1/resources/{{guid}}/ and GET /api/v1/resources/ requests and search to ensure that they also work with a token [x] Add tests to make sure PATCH and POST fail without a token [x] Add test to make sure DEL fails without a token