Fakultas Ilmu Komputer UI

Commit a75a3b91 authored by Joshua Casey's avatar Joshua Casey
Browse files

[#49] [GREEN] implemented API for company to browse application by vacancy, and revised some tests

parent fcd5a4a7
......@@ -5,8 +5,8 @@ from django.contrib.auth.models import User
from rest_framework import status
from rest_framework.test import APITestCase
from core.models.accounts import Company
from core.models.vacancies import Vacancy
from core.models.accounts import Company, Student
from core.models.vacancies import Vacancy, Application
class ApplicationTests(APITestCase):
......@@ -170,19 +170,115 @@ class VacancyTest(APITestCase):
class CompanyListsTests(APITestCase):
def test_company_vacancy_list_exist(self):
def test_company_vacancy_list(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None, address=None)
url = '/api/companies/' + str(new_company.pk) + '/vacancies'
response = self.client.post(url, format='json')
self.client.force_authenticate(new_user)
url = '/api/companies/' + str(new_company.pk) + '/vacancies/'
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_company_application_list_exist(self):
def test_company_vacancy_list_unauthorized(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None, address=None)
new_user2 = User.objects.create_user('dummy.companyzxc', 'dummy.companyzxc@company.com', 'lalala123')
new_company2 = Company.objects.create(user=new_user2, description="lalalaasdsad", status=Company.VERIFIED, logo=None,
address=None)
self.client.force_authenticate(new_user2)
url = '/api/companies/' + str(new_company.pk) + '/vacancies/'
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_company_application_list(self):
new_user = User.objects.create_user('dummy.company4', 'dummy.company4@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
url = '/api/companies/' + str(new_company.pk) + '/applications'
response = self.client.post(url, format='json')
self.client.force_authenticate(new_user)
url = '/api/companies/' + str(new_company.pk) + '/applications/'
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_company_application_list_unauthorized(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
new_user2 = User.objects.create_user('dummy.companyzxc', 'dummy.companyzxc@company.com', 'lalala123')
new_company2 = Company.objects.create(user=new_user2, description="lalalaasdsad", status=Company.VERIFIED,
logo=None,
address=None)
self.client.force_authenticate(new_user2)
url = '/api/companies/' + str(new_company.pk) + '/applications/'
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_company_application_list_by_vacancy(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
new_user2 = User.objects.create_user('dummy.company4', 'dummy.company4@company.com', 'lalala123')
new_student = Student.objects.create(user=new_user2, npm=1234123412)
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0),
description="lalala", close_time=datetime.today())
new_app = Application.objects.create(student=new_student, vacancy=new_vacancy, cover_letter="asdasdasd")
self.client.force_authenticate(new_user)
url = '/api/companies/' + str(new_company.pk) + '/applications/' + str(new_vacancy.pk) + '/by_vacancy/'
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_company_application_list_by_vacancy_unauthorized_1(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
new_user2 = User.objects.create_user('dummy.student', 'dummy.company3@company.com', 'lalala123')
new_student = Student.objects.create(user=new_user2, npm=1234123412)
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0),
description="lalala", close_time=datetime.today())
new_app = Application.objects.create(student=new_student, vacancy=new_vacancy, cover_letter="asdasdasd")
new_user3 = User.objects.create_user('dummy.company4', 'dummy.company4@company.com', 'lalala123')
new_company3 = Company.objects.create(user=new_user3, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
self.client.force_authenticate(new_user3)
url = '/api/companies/' + str(new_company.pk) + '/applications/' + str(new_vacancy.pk) + '/by_vacancy/'
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_company_application_list_by_vacancy_unauthorized_2(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
new_user2 = User.objects.create_user('dummy.student', 'dummy.company3@company.com', 'lalala123')
new_student = Student.objects.create(user=new_user2, npm=1234123412)
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0),
description="lalala", close_time=datetime.today())
new_app = Application.objects.create(student=new_student, vacancy=new_vacancy, cover_letter="asdasdasd")
new_user3 = User.objects.create_user('dummy.company4', 'dummy.company4@company.com', 'lalala123')
new_company3 = Company.objects.create(user=new_user3, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
self.client.force_authenticate(new_user3)
url = '/api/companies/' + str(new_company3.pk) + '/applications/' + str(new_vacancy.pk) + '/by_vacancy/'
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
\ No newline at end of file
......@@ -108,6 +108,8 @@ class CompanyApplicationViewSet(viewsets.GenericViewSet):
---
"""
company = get_object_or_404(Company.objects.all(), pk=company_id)
if not request.user.is_superuser and request.user != company.user:
return Response({"error": "forbidden"}, status=status.HTTP_403_FORBIDDEN)
vacancies = Vacancy.objects.filter(company=company)
applications = Application.objects.filter(vacancy__in=vacancies)
if 'status' in request.query_params:
......@@ -117,6 +119,23 @@ class CompanyApplicationViewSet(viewsets.GenericViewSet):
return self.get_paginated_response(ApplicationSerializer(page, many=True, context={'request': request}).data)
return Response(ApplicationSerializer(applications, many=True, context={'request': request}).data)
@detail_route(methods=["get"])
def by_vacancy(self, request, company_id, pk=None):
if pk is None:
return list(self, request, company_id)
company = get_object_or_404(Company.objects.all().order_by('-updated'), pk=company_id)
if not request.user.is_superuser and request.user != company.user:
return Response({"error": "forbidden"}, status=status.HTTP_403_FORBIDDEN)
vacancy = get_object_or_404(Vacancy.objects.all(), pk=pk)
if vacancy.company != company:
return Response({"error": "forbidden"}, status=status.HTTP_403_FORBIDDEN)
applications = Application.objects.filter(vacancy=vacancy)
page = self.paginate_queryset(applications)
if page is not None:
return self.get_paginated_response(
ApplicationSerializer(page, many=True, context={'request': request}).data)
return Response(ApplicationSerializer(applications, many=True, context={'request': request}).data)
class CompanyApplicationStatusViewSet(viewsets.GenericViewSet):
queryset = Application.objects.all()
......@@ -158,6 +177,8 @@ class CompanyVacanciesViewSet(viewsets.GenericViewSet):
---
"""
company = get_object_or_404(Company.objects.all().order_by('-updated'), pk=company_id)
if not request.user.is_superuser and request.user != company.user:
return Response({"error": "forbidden"}, status=status.HTTP_403_FORBIDDEN)
vacancies = Vacancy.objects.filter(company=company)
page = self.paginate_queryset(vacancies)
if page is not None:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment