Update webapi test suite to test invalid PUT/POST operations.

Review Request #13285 — Created Sept. 22, 2023 and submitted

Information

Review Board
release-6.x

Reviewers

The API resource implementation previously prevented POST requests to
item resources, and with a new change to Djblets, will also prevent PUT
requests to list resources. However, neither of these was properly
tested in the test suite.

This change updates our API test mixins to test these scenarios where
appropriate. Most of the individual test suites needed to add some setup
methods to handle this appropriately.

Unfortunately, the naming of the setup methods isn't ideal.
setup_http_not_allowed_item_test should really be
setup_http_not_allowed_put_test, and
setup_http_not_allowed_list_test should be
setup_http_not_allowed_post_test. These also do not currently support
similar test cases for when there is a local site (though that shouldn't
be a problem). Rather than trying to rename these methods now, I've just
gone with the old ones, and we can address the naming later. For this
reason I'm also holding off on adding missing docstrings or typing,
merely trying to match it to the individual style of each existing test
case.

Ran unit tests.

Summary ID
Update webapi test suite to test invalid PUT/POST operations.
The API resource implementation previously prevented POST requests to item resources, and with a new change to Djblets, will also prevent PUT requests to list resources. However, neither of these was properly tested in the test suite. This change updates our API test mixins to test these scenarios where appropriate. Most of the individual test suites needed to add some setup methods to handle this appropriately. Unfortunately, the naming of the setup methods isn't ideal. `setup_http_not_allowed_item_test` should really be `setup_http_not_allowed_put_test`, and `setup_http_not_allowed_list_test` should be `setup_http_not_allowed_post_test`. These also do not currently support similar test cases for when there is a local site (though that shouldn't be a problem). Rather than trying to rename these methods now, I've just gone with the old ones, and we can address the naming later. For this reason I'm also holding off on adding missing docstrings or typing, merely trying to match it to the individual style of each existing test case. Testing Done: Ran unit tests.
fe63a0f3bcee7eee39c3fe08d7b0c5697dcb4950
Description From Last Updated

local variable 'filediff' is assigned to but never used Column: 9 Error code: F841

reviewbotreviewbot

local variable 'diffset' is assigned to but never used Column: 9 Error code: F841

reviewbotreviewbot

Can we maybe combine the logic into: if is_list or 'PUT' not in resource.allowed_methods: mixins = (BasicPutNotAllowedTestsMixin,) else: ... We …

chipx86chipx86

str

chipx86chipx86

str

chipx86chipx86
Checks run (1 failed, 1 succeeded)
flake8 failed.
JSHint passed.

flake8

david
Review request changed
Commits:
Summary ID
Update webapi test suite to test invalid PUT/POST operations.
The API resource implementation previously prevented POST requests to item resources, and with a new change to Djblets, will also prevent PUT requests to list resources. However, neither of these was properly tested in the test suite. This change updates our API test mixins to test these scenarios where appropriate. Most of the individual test suites needed to add some setup methods to handle this appropriately. Unfortunately, the naming of the setup methods isn't ideal. `setup_http_not_allowed_item_test` should really be `setup_http_not_allowed_put_test`, and `setup_http_not_allowed_list_test` should be `setup_http_not_allowed_post_test`. These also do not currently support similar test cases for when there is a local site (though that shouldn't be a problem). Rather than trying to rename these methods now, I've just gone with the old ones, and we can address the naming later. For this reason I'm also holding off on adding missing docstrings or typing, merely trying to match it to the individual style of each existing test case. Testing Done: Ran unit tests.
9f83d024a8a515c134d343119f7546798d2b0d93
Update webapi test suite to test invalid PUT/POST operations.
The API resource implementation previously prevented POST requests to item resources, and with a new change to Djblets, will also prevent PUT requests to list resources. However, neither of these was properly tested in the test suite. This change updates our API test mixins to test these scenarios where appropriate. Most of the individual test suites needed to add some setup methods to handle this appropriately. Unfortunately, the naming of the setup methods isn't ideal. `setup_http_not_allowed_item_test` should really be `setup_http_not_allowed_put_test`, and `setup_http_not_allowed_list_test` should be `setup_http_not_allowed_post_test`. These also do not currently support similar test cases for when there is a local site (though that shouldn't be a problem). Rather than trying to rename these methods now, I've just gone with the old ones, and we can address the naming later. For this reason I'm also holding off on adding missing docstrings or typing, merely trying to match it to the individual style of each existing test case. Testing Done: Ran unit tests.
28e329f2aa27fbdffc28e05afb349a54f0cb796d

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

david
chipx86
  1. 
      
  2. reviewboard/webapi/tests/mixins.py (Diff revision 3)
     
     
     
     
    Show all issues

    Can we maybe combine the logic into:

    if is_list or 'PUT' not in resource.allowed_methods:
        mixins = (BasicPutNotAllowedTestsMixin,)
    else:
        ...
    

    We can do a similar thing for the POST tests above.

  3. Show all issues

    str

  4. Show all issues

    str

  5. 
      
david
chipx86
  1. Ship It!
  2. 
      
maubin
  1. Ship It!
  2. 
      
david
Review request changed
Status:
Completed
Change Summary:
Pushed to release-6.x (2365763)