From c30db2201604ffe79feea936bfa567bff155c6a8 Mon Sep 17 00:00:00 2001 From: Doston <31990136+Dostonbek1@users.noreply.github.com> Date: Tue, 5 Mar 2024 09:09:26 -0500 Subject: [PATCH] chore: add 'is_superuser' field for POST /users/ endpoint (#703) * add 'is_superuser' field for POST /users/ endpoint, defaults to false --- src/aap_eda/api/serializers/user.py | 1 + tests/integration/api/test_user.py | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/src/aap_eda/api/serializers/user.py b/src/aap_eda/api/serializers/user.py index 67bb20869..8fd89e887 100644 --- a/src/aap_eda/api/serializers/user.py +++ b/src/aap_eda/api/serializers/user.py @@ -90,6 +90,7 @@ class Meta: "last_name", "email", "password", + "is_superuser", "roles", ] diff --git a/tests/integration/api/test_user.py b/tests/integration/api/test_user.py index f0f52df35..35315c6bd 100644 --- a/tests/integration/api/test_user.py +++ b/tests/integration/api/test_user.py @@ -172,6 +172,32 @@ def test_create_user( response = client.post(f"{api_url_v1}/users/", data=create_user_data) assert response.status_code == status.HTTP_201_CREATED + assert response.data["is_superuser"] is False + check_permission_mock.assert_called_once_with( + mock.ANY, mock.ANY, ResourceType.USER, Action.CREATE + ) + + +@pytest.mark.django_db +def test_create_superuser( + client: APIClient, + check_permission_mock: mock.Mock, + init_db, +): + create_user_data = { + "username": "test.user", + "first_name": "Test", + "last_name": "User", + "email": "test.user@example.com", + "password": "secret", + "is_superuser": True, + "roles": [str(init_db.role.id)], + } + + response = client.post(f"{api_url_v1}/users/", data=create_user_data) + + assert response.status_code == status.HTTP_201_CREATED + assert response.data["is_superuser"] is True check_permission_mock.assert_called_once_with( mock.ANY, mock.ANY, ResourceType.USER, Action.CREATE )