diff --git a/backend/courses/views.py b/backend/courses/views.py index 132eb092..4f62e511 100644 --- a/backend/courses/views.py +++ b/backend/courses/views.py @@ -2,7 +2,7 @@ from django.contrib.auth import get_user_model from django.db.models import Prefetch, Q -from django.http import JsonResponse +from django.http import Http404, JsonResponse from django.shortcuts import get_object_or_404 from django_auto_prefetching import AutoPrefetchViewSetMixin from rest_framework import generics, status @@ -473,11 +473,12 @@ class FriendshipView(generics.ListAPIView): "POST": { 201: "Friendship request created successfully.", 200: "Friendship request accepted successfully.", + 404: "Username was None/ Username did not exist.", 409: "Friendship request already exists", }, "DELETE": { 200: "Friendship rejected/deleted/cancelled successfully.", - 404: "Friendship does not exist.", + 404: "Friendship does not exist or Username does not exist.", 409: "Friendship request already rejected.", }, } @@ -526,7 +527,12 @@ def get_all_friendships(self): def post(self, request): sender = request.user - recipient = get_object_or_404(User, username=request.data.get("pennkey")) + + username = request.data.get("pennkey") + if not username: + raise Http404("User not found.") + + recipient = get_object_or_404(User, username=username.lower()) existing_friendship = ( self.get_all_friendships().filter(Q(recipient=recipient) | Q(sender=recipient)).first() @@ -560,9 +566,15 @@ def post(self, request): def delete(self, request): # either deletes a friendship or cancels/rejects a friendship request # (depends on who sends the request) - res = {} + sender = request.user - recipient = get_object_or_404(User, username=request.data.get("pennkey")) + res = {} + + username = request.data.get("pennkey") + if not username: + raise Http404("User not found.") + + recipient = get_object_or_404(User, username=username.lower()) existing_friendship = ( self.get_all_friendships().filter(Q(recipient=recipient) | Q(sender=recipient)).first() diff --git a/backend/tests/courses/test_friendship_models.py b/backend/tests/courses/test_friendship_models.py index 8eae9d8a..a836b237 100644 --- a/backend/tests/courses/test_friendship_models.py +++ b/backend/tests/courses/test_friendship_models.py @@ -27,7 +27,7 @@ def test_basic_friendship(self): self.assertTrue(UserProfile.objects.filter(user=u2).exists()) self.assertTrue(UserProfile.objects.filter(user=u1).exists()) - make_friends = self.client1.post(reverse("friendship"), {"pennkey": u2.username}) + make_friends = self.client1.post(reverse("friendship"), {"pennkey": u2.username.upper()}) self.assertEquals(make_friends.status_code, 201) self.assertTrue( @@ -37,6 +37,33 @@ def test_basic_friendship(self): ) self.assertFalse(Friendship.objects.filter(sender=u2, recipient=u1).exists()) + def test_none_username(self): + u1 = self.u1 + u2 = self.u2 + + self.assertTrue(UserProfile.objects.filter(user=u2).exists()) + self.assertTrue(UserProfile.objects.filter(user=u1).exists()) + + make_friends = self.client1.post(reverse("friendship"), {"pennkey": ""}) + + self.assertEquals(make_friends.status_code, 404) + + def test_none_delete(self): + u1 = self.u1 + u2 = self.u2 + + self.assertTrue(UserProfile.objects.filter(user=u2).exists()) + self.assertTrue(UserProfile.objects.filter(user=u1).exists()) + + make_friends = self.client1.post(reverse("friendship"), {"pennkey": u2.username.upper()}) + self.assertEquals(make_friends.status_code, 201) + + delete_none = self.client1.delete(reverse("friendship"), {"pennkey": ""}) + self.assertEquals(delete_none.status_code, 404) + + delete_friends = self.client2.delete(reverse("friendship"), {"pennkey": u1.username}) + self.assertEquals(delete_friends.status_code, 200) + def test_basic_friendship_accept(self): u1 = self.u1 u2 = self.u2