diff --git a/core/tests/test_accounts.py b/core/tests/test_accounts.py
index afd8eb12cd533ad3ffbd48241f15f25b7992b2c5..7ca214f06a6d1accecc34a19f8d736027658acff 100644
--- a/core/tests/test_accounts.py
+++ b/core/tests/test_accounts.py
@@ -1,16 +1,13 @@
import requests_mock
from rest_framework import status
-from rest_framework.test import APITestCase
+from rest_framework.test import APIClient, APITestCase
from django.contrib.auth.models import User
-from core.models.accounts import Company
+from core.models.accounts import Company, Supervisor
class LoginTests(APITestCase):
@requests_mock.Mocker()
def test_succesful_student_login_relogin(self, m):
- """
- Ensure we can login
- """
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.mahasiswa",
@@ -64,13 +61,18 @@ class LoginTests(APITestCase):
def test_success_company_login(self):
new_user = User.objects.create_user('dummy.login.company', 'dummy.login.company@company.com', 'lalala123')
- new_company = Company.objects.create(user=new_user, description="lalalala", verified=True, logo=None, alamat=None)
+ new_company = Company.objects.create(user=new_user, description="lalalala", verified=True, logo=None, address=None)
url = '/api/login/'
response = self.client.post(url, {'username': 'dummy.login.company', 'password': 'lalala123', 'login-type': 'company'}, format='json')
- self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+ self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+ def test_bad_request_1(self):
+ url = '/api/login/'
+ response = self.client.post(url, {'username': 'lalala'}, format='json')
+ self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
- def test_bad_request(self):
+ def test_bad_request_2(self):
url = '/api/login/'
- response = self.client.post(url, {'uesrname': 'lalala'}, format='json')
- self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
\ No newline at end of file
+ response = self.client.post(url, {'username': 'lalala', 'password': 'lalalala', 'login-type' : 'lalala'}, format='json')
+ self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
diff --git a/core/tests/test_vacancies.py b/core/tests/test_vacancies.py
index a8f718e1830b340043de1e009ecd99946a01369d..eeb7b4af1c94d3c879ed058dc6c61ea6e611b8cc 100644
--- a/core/tests/test_vacancies.py
+++ b/core/tests/test_vacancies.py
@@ -48,7 +48,7 @@ class ApplicationTests(APITestCase):
student_id = response.data.get('student').get('id')
new_user = User.objects.create_user('dummy.company', 'dummy.company@company.com', 'lalala123')
- new_company = Company.objects.create(user=new_user, description="lalala",verified=True,logo=None,alamat=None)
+ new_company = Company.objects.create(user=new_user, description="lalala",verified=True,logo=None,address=None)
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0), description="lalala", close_time=datetime.today())
url = '/api/students/' + str(student_id) + '/applications/'
@@ -101,7 +101,7 @@ class BookmarkApplicationTests(APITestCase):
student_id = response.data.get('student').get('id')
new_user = User.objects.create_user('dummy.company', 'dummy.company@company.com', 'lalala123')
- new_company = Company.objects.create(user=new_user, description="lalala",verified=True,logo=None,alamat=None)
+ new_company = Company.objects.create(user=new_user, description="lalala",verified=True,logo=None,address=None)
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0), description="lalala", close_time=datetime.today())
url = '/api/students/' + str(student_id) + '/bookmarked-vacancies/'
diff --git a/core/views/accounts.py b/core/views/accounts.py
index 3e2341c45a9f5a9a6bc1058a7abe50c3b3390c55..52f43fb071d0f262f5fdf522c0bb7aa54cb1168e 100644
--- a/core/views/accounts.py
+++ b/core/views/accounts.py
@@ -20,6 +20,9 @@ class UserViewSet(viewsets.ModelViewSet):
@list_route(methods=['get'], permission_classes=[IsAuthenticated])
def me(self, request):
+ """
+ Get current user's details
+ """
user = self.request.user
serializer = UserSerializer(user, context={"request": request})
return Response(serializer.data)
@@ -45,23 +48,13 @@ class StudentViewSet(viewsets.ModelViewSet):
class CompanyViewSet(viewsets.ModelViewSet):
queryset = Company.objects.all()
serializer_class = CompanySerializer
- permission_classes = [IsAdminUser]
-
- def get_permissions(self):
- if self.action == "update":
- return [IsAdminOrSelfOrReadOnly(), IsAdminOrCompany()]
- return super(CompanyViewSet, self).get_permissions()
+ permission_classes = [IsAdminOrSelfOrReadOnly, IsAdminOrCompany]
class SupervisorViewSet(viewsets.ModelViewSet):
queryset = Supervisor.objects.all()
serializer_class = SupervisorSerializer
- permission_classes = [IsAdminUser]
-
- def get_permissions(self):
- if self.action == "update":
- return [IsAdminOrSelfOrReadOnly(), IsAdminOrSupervisor()]
- return super(SupervisorViewSet, self).get_permissions()
+ permission_classes = [IsAdminOrSelfOrReadOnly, IsAdminOrSupervisor]
class LoginViewSet(viewsets.GenericViewSet):
@@ -71,14 +64,14 @@ class LoginViewSet(viewsets.GenericViewSet):
def create(self, request):
"""
- Authenticate user by logging in
+ Authentication for user by means of logging in
---
parameters:
- - name: body
- description: JSON object containing three strings: username, password and login-type. login-type should be either 'sso-ui' or 'company'.
- required: true
- paramType: body
- pytype: RequestSerializer
+ - name: body
+ description: JSON object containing three strings: username, password and login-type. login-type should be either 'sso-ui' or 'company'.
+ required: true
+ type: string
+ paramType: body
"""
username = request.data.get('username')
password = request.data.get('password')
diff --git a/core/views/vacancies.py b/core/views/vacancies.py
index ac3c2b41bceeaaae007d3dc561b096c9f134a1d7..51c69c94856a2738fad208b78583e7eccb8955c1 100644
--- a/core/views/vacancies.py
+++ b/core/views/vacancies.py
@@ -19,17 +19,35 @@ class ApplicationViewSet(viewsets.GenericViewSet):
permission_classes = [IsAdminOrStudent]
def list(self, request, student_id):
+ """
+ Get list of a student {student_id}'s application
+ ---
+ """
student = get_object_or_404(Student.objects.all(), pk=student_id)
vacancies = self.serializer_class(student.applied_vacancies, many=True, context={'request': request})
return Response(vacancies.data)
def create(self, request, student_id):
+ """
+ Create a new application for student {student_id}
+ ---
+ parameters:
+ - name: body
+ description: JSON object containing only one string: vacancy_id
+ required: true
+ type: string
+ paramType: body
+ """
vacancy = get_object_or_404(Vacancy.objects.all(), pk=request.data['vacancy_id'])
student = get_object_or_404(Student.objects.all(), pk=student_id)
student.applied_vacancies.add(vacancy)
return Response(self.serializer_class(student.applied_vacancies, many=True, context={'request': request}).data)
def destroy(self, request, student_id, pk):
+ """
+ Remove a application {id} for student {student_id}
+ ---
+ """
vacancy = get_object_or_404(Vacancy.objects.all(), pk=pk)
student = get_object_or_404(Student.objects.all(), pk=student_id)
student.applied_vacancies.remove(vacancy)
@@ -41,17 +59,35 @@ class BookmarkedVacancyByStudentViewSet(viewsets.GenericViewSet):
permission_classes = [IsAdminOrStudent]
def list(self, request, student_id):
+ """
+ Get list of a student {student_id}'s bookmarked vacancies
+ ---
+ """
student = get_object_or_404(Student.objects.all(), pk=student_id)
vacancies = self.serializer_class(student.bookmarked_vacancies, many=True, context={'request': request})
return Response(vacancies.data)
def create(self, request, student_id):
+ """
+ Bookmarks a vacancy for student {student_id}
+ ---
+ parameters:
+ - name: body
+ description: JSON object containing only one string: vacancy_id
+ required: true
+ type: string
+ paramType: body
+ """
vacancy = get_object_or_404(Vacancy.objects.all(), pk=request.data['vacancy_id'])
student = get_object_or_404(Student.objects.all(), pk=student_id)
student.bookmarked_vacancies.add(vacancy)
return Response(self.serializer_class(student.bookmarked_vacancies, many=True, context={'request': request}).data)
def destroy(self, request, student_id, pk):
+ """
+ Remove bookmark {id} for student {student_id}
+ ---
+ """
vacancy = get_object_or_404(Vacancy.objects.all(), pk=pk)
student = get_object_or_404(Student.objects.all(), pk=student_id)
student.bookmarked_vacancies.remove(vacancy)