diff --git a/src/backend/marsha/markdown/tests/api/markdown_images/test_create.py b/src/backend/marsha/markdown/tests/api/markdown_images/test_create.py index 974f993b53..602ba6b8f1 100644 --- a/src/backend/marsha/markdown/tests/api/markdown_images/test_create.py +++ b/src/backend/marsha/markdown/tests/api/markdown_images/test_create.py @@ -25,7 +25,10 @@ class MarkdownImageCreateApiTest(TestCase): def test_api_markdown_image_create_anonymous(self): """Anonymous users should not be able to create a Markdown image.""" - response = self.client.post("/api/markdown-images/") + markdown_document = MarkdownDocumentFactory() + response = self.client.post( + f"/api/markdown-documents/{markdown_document.id}/markdown-images/" + ) self.assertEqual(response.status_code, 401) def test_api_markdown_image_create_student(self): @@ -35,7 +38,8 @@ def test_api_markdown_image_create_student(self): jwt_token = StudentLtiTokenFactory(resource=markdown_document) response = self.client.post( - "/api/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}" + f"/api/markdown-documents/{markdown_document.id}/markdown-images/", + HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -47,7 +51,8 @@ def test_api_markdown_image_create_instructor(self): jwt_token = InstructorOrAdminLtiTokenFactory(resource=markdown_document) response = self.client.post( - "/api/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}" + f"/api/markdown-documents/{markdown_document.id}/markdown-images/", + HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 201) @@ -78,7 +83,8 @@ def test_api_markdown_image_create_already_existing_instructor(self): jwt_token = InstructorOrAdminLtiTokenFactory(resource=markdown_document) response = self.client.post( - "/api/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}" + f"/api/markdown-documents/{markdown_document.id}/markdown-images/", + HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 201) @@ -108,7 +114,8 @@ def test_api_markdown_image_instructor_create_in_read_only(self): ) response = self.client.post( - "/api/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}" + f"/api/markdown-documents/{markdown_image.markdown_document.id}/markdown-images/", + HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -122,7 +129,8 @@ def test_api_markdown_image_create_user_access_token(self): jwt_token = UserAccessTokenFactory(user=organization_access.user) response = self.client.post( - "/api/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}" + f"/api/markdown-documents/{markdown_document.id}/markdown-images/", + HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -138,7 +146,7 @@ def test_api_markdown_image_create_user_access_token_organization_admin(self): jwt_token = UserAccessTokenFactory(user=organization_access.user) response = self.client.post( - "/api/markdown-images/", + f"/api/markdown-documents/{markdown_document.id}/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", data={"markdown_document": str(markdown_document.id)}, ) @@ -167,7 +175,7 @@ def test_api_markdown_image_create_user_access_token_playlist_admin(self): jwt_token = UserAccessTokenFactory(user=playlist_access.user) response = self.client.post( - "/api/markdown-images/", + f"/api/markdown-documents/{markdown_document.id}/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", data={"markdown_document": str(markdown_document.id)}, ) diff --git a/src/backend/marsha/markdown/tests/api/markdown_images/test_delete.py b/src/backend/marsha/markdown/tests/api/markdown_images/test_delete.py index a5bb933bd5..b2832d9c80 100644 --- a/src/backend/marsha/markdown/tests/api/markdown_images/test_delete.py +++ b/src/backend/marsha/markdown/tests/api/markdown_images/test_delete.py @@ -25,7 +25,10 @@ def test_api_markdown_image_delete_anonymous(self): """Anonymous users should not be able to delete a Markdown image.""" markdown_image = MarkdownImageFactory() - response = self.client.delete(f"/api/markdown-images/{markdown_image.id}/") + response = self.client.delete( + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/" + ) self.assertEqual(response.status_code, 401) def test_api_markdown_image_delete_student(self): @@ -35,7 +38,8 @@ def test_api_markdown_image_delete_student(self): jwt_token = StudentLtiTokenFactory(resource=markdown_image.markdown_document) response = self.client.delete( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -51,7 +55,8 @@ def test_api_markdown_image_delete_instructor(self): self.assertEqual(MarkdownImage.objects.count(), 1) response = self.client.delete( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 204) @@ -68,7 +73,8 @@ def test_api_markdown_image_delete_instructor(self): # Creating a new Markdown image should be allowed. response = self.client.post( - "/api/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}" + f"/api/markdown-documents/{markdown_image.markdown_document.id}/markdown-images/", + HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 201) @@ -83,7 +89,8 @@ def test_api_markdown_image_delete_instructor_in_read_only(self): ) response = self.client.delete( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -101,7 +108,8 @@ def test_api_markdown_image_delete_instructor_other_markdown_document(self): jwt_token = InstructorOrAdminLtiTokenFactory(resource=markdown_document_token) response = self.client.delete( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -115,7 +123,8 @@ def test_api_markdown_image_delete_user_access_token(self): jwt_token = UserAccessTokenFactory(user=organization_access.user) response = self.client.delete( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -134,7 +143,8 @@ def test_api_markdown_image_delete_user_access_token_organization_admin(self): self.assertEqual(MarkdownImage.objects.count(), 1) response = self.client.delete( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 204) @@ -151,7 +161,7 @@ def test_api_markdown_image_delete_user_access_token_organization_admin(self): # Creating a new Markdown image should be allowed. response = self.client.post( - "/api/markdown-images/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", data={"markdown_document": str(markdown_image.markdown_document.id)}, ) @@ -173,7 +183,8 @@ def test_api_markdown_image_delete_user_access_token_playlist_admin(self): self.assertEqual(MarkdownImage.objects.count(), 1) response = self.client.delete( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 204) @@ -190,7 +201,7 @@ def test_api_markdown_image_delete_user_access_token_playlist_admin(self): # Creating a new Markdown image should be allowed. response = self.client.post( - "/api/markdown-images/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}/markdown-images/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", data={"markdown_document": str(markdown_image.markdown_document.id)}, ) diff --git a/src/backend/marsha/markdown/tests/api/markdown_images/test_initiate_upload.py b/src/backend/marsha/markdown/tests/api/markdown_images/test_initiate_upload.py index b5322758d3..efb983e280 100644 --- a/src/backend/marsha/markdown/tests/api/markdown_images/test_initiate_upload.py +++ b/src/backend/marsha/markdown/tests/api/markdown_images/test_initiate_upload.py @@ -30,7 +30,8 @@ def test_api_markdown_image_initiate_upload_anonymous(self): markdown_image = MarkdownImageFactory() response = self.client.post( - f"/api/markdown-images/{markdown_image.id}/initiate-upload/" + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/initiate-upload/" ) self.assertEqual(response.status_code, 401) @@ -40,7 +41,8 @@ def test_api_markdown_image_initiate_upload_student(self): jwt_token = StudentLtiTokenFactory(resource=markdown_image.markdown_document) response = self.client.post( - f"/api/markdown-images/{markdown_image.id}/initiate-upload/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/initiate-upload/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -65,7 +67,8 @@ def test_api_markdown_image_initiate_upload_instructor(self): ) as mock_dt: mock_dt.utcnow = mock.Mock(return_value=now) response = self.client.post( - f"/api/markdown-images/{markdown_image.id}/initiate-upload/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/initiate-upload/", data={"filename": "not_used.png", "mimetype": "image/png", "size": 10}, HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -116,7 +119,8 @@ def test_api_markdown_image_initiate_upload_instructor_read_only(self): ) response = self.client.post( - f"/api/markdown-images/{markdown_image.id}/initiate-upload/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/initiate-upload/", data={"filename": "not_used.gif", "mimetype": "image/gif", "size": 10}, HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -132,7 +136,8 @@ def test_api_markdown_image_initiate_upload_user_access_token(self): jwt_token = UserAccessTokenFactory(user=organization_access.user) response = self.client.post( - f"/api/markdown-images/{markdown_image.id}/initiate-upload/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/initiate-upload/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) self.assertEqual(response.status_code, 403) @@ -160,7 +165,8 @@ def test_api_markdown_image_initiate_upload_user_access_token_organization_admin ) as mock_dt: mock_dt.utcnow = mock.Mock(return_value=now) response = self.client.post( - f"/api/markdown-images/{markdown_image.id}/initiate-upload/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/initiate-upload/", data={"filename": "not_used.png", "mimetype": "image/png", "size": 10}, HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -221,7 +227,8 @@ def test_api_markdown_image_initiate_upload_user_access_token_playlist_admin(sel ) as mock_dt: mock_dt.utcnow = mock.Mock(return_value=now) response = self.client.post( - f"/api/markdown-images/{markdown_image.id}/initiate-upload/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/initiate-upload/", data={"filename": "not_used.png", "mimetype": "image/png", "size": 10}, HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) diff --git a/src/backend/marsha/markdown/tests/api/markdown_images/test_retrieve.py b/src/backend/marsha/markdown/tests/api/markdown_images/test_retrieve.py index a02af8e09d..eccfed2b03 100644 --- a/src/backend/marsha/markdown/tests/api/markdown_images/test_retrieve.py +++ b/src/backend/marsha/markdown/tests/api/markdown_images/test_retrieve.py @@ -26,7 +26,10 @@ class MarkdownImageRetrieveApiTest(TestCase): def test_api_markdown_image_read_detail_anonymous(self): """Anonymous users should not be allowed to retrieve a Markdown image.""" markdown_image = MarkdownImageFactory() - response = self.client.get(f"/api/markdown-images/{markdown_image.id}/") + response = self.client.get( + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/" + ) self.assertEqual(response.status_code, 401) content = json.loads(response.content) self.assertEqual( @@ -40,7 +43,8 @@ def test_api_markdown_image_read_detail_student(self): jwt_token = StudentLtiTokenFactory(resource=markdown_image.markdown_document) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -56,7 +60,8 @@ def test_api_markdown_image_instructor_read_detail_in_read_only(self): ) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -77,7 +82,8 @@ def test_api_markdown_image_read_detail_token_user(self): jwt_token = InstructorOrAdminLtiTokenFactory(resource=markdown_document) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -107,7 +113,8 @@ def test_api_markdown_image_administrator_read_detail_in_read_only(self): ) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -131,7 +138,8 @@ def test_api_markdown_image_read_detail_admin_user(self): ) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -167,7 +175,8 @@ def test_api_markdown_image_read_ready_markdown_image(self): jwt_token = InstructorOrAdminLtiTokenFactory(resource=markdown_document) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -200,7 +209,8 @@ def test_api_markdown_image_read_detail_user_access_token(self): jwt_token = UserAccessTokenFactory(user=organization_access.user) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -219,7 +229,8 @@ def test_api_markdown_image_read_detail_user_access_token_organization_admin(sel jwt_token = UserAccessTokenFactory(user=organization_access.user) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) @@ -253,7 +264,8 @@ def test_api_markdown_image_read_detail_user_access_token_playlist_admin(self): jwt_token = UserAccessTokenFactory(user=playlist_access.user) response = self.client.get( - f"/api/markdown-images/{markdown_image.id}/", + f"/api/markdown-documents/{markdown_image.markdown_document.id}" + f"/markdown-images/{markdown_image.id}/", HTTP_AUTHORIZATION=f"Bearer {jwt_token}", ) diff --git a/src/backend/marsha/markdown/urls.py b/src/backend/marsha/markdown/urls.py index 82bb374881..9f712fdc39 100644 --- a/src/backend/marsha/markdown/urls.py +++ b/src/backend/marsha/markdown/urls.py @@ -16,7 +16,11 @@ MarkdownDocumentViewSet, basename="markdown-documents", ) -router.register("markdown-images", MarkdownImageViewSet, basename="markdown-images") + +markdown_document_related_router = DefaultRouter() +markdown_document_related_router.register( + "markdown-images", MarkdownImageViewSet, basename="markdown-images" +) urlpatterns = [ path( @@ -25,4 +29,8 @@ name="markdown_document_lti_view", ), path("api/", include(router.urls)), + path( + "api/markdown-documents//", + include(markdown_document_related_router.urls), + ), ]