diff --git a/api/tests/test_asset_api.py b/api/tests/test_asset_api.py index 2a23c755..144b4b36 100644 --- a/api/tests/test_asset_api.py +++ b/api/tests/test_asset_api.py @@ -68,19 +68,21 @@ def test_authenticated_user_get_single_asset_via_asset_code( "{}?asset_code={}".format(self.asset_urls, self.asset.asset_code), HTTP_AUTHORIZATION="Token {}".format(self.token_user), ) - self.assertIn(self.asset.asset_code, response.data["results"][0]["asset_code"]) self.assertEqual(response.status_code, status.HTTP_200_OK) + self.assertIn(self.asset.asset_code, response.data["results"][0]["asset_code"]) @patch("api.authentication.auth.verify_id_token") - def test_authenticated_securityuser_get_single_asset_via_asset_code( + def test_securityuser_filtering_asset_via_asset_code( self, mock_verify_id_token ): mock_verify_id_token.return_value = {"email": self.security_user.email} response = client.get( - "{}?asset_code={}".format(self.asset_urls, self.asset.asset_code), + f"{self.asset_urls}?asset_code={self.asset.asset_code}", HTTP_AUTHORIZATION="Token {}".format(self.token_checked_by), ) + filtered_assets = Asset.objects.filter(asset_code=self.asset.asset_code) self.assertEqual(response.status_code, status.HTTP_200_OK) + self.assertEqual(len(filtered_assets), len(response.data["results"])) self.assertIn(self.asset.asset_code, response.data["results"][0]["asset_code"]) @patch("api.authentication.auth.verify_id_token") @@ -470,3 +472,65 @@ def test_fetching_assets_assigned_to_a_random_user_by_non_admin( str(response.data["detail"]), "Operation not permitted. You are not authorised.", ) + + @patch("api.authentication.auth.verify_id_token") + def test_search_fnx_on_asset_endpoint(self, mock_verify_id_token): + mock_verify_id_token.return_value = {"email": self.admin_user.email} + self.admin_user.is_securityuser = True + self.admin_user.save() + self.admin_user.refresh_from_db() + + asset_one = Asset.objects.create( + asset_code="ANDELA001", + serial_number="SN_ART_001", + active=True, + model_number=self.assetmodel, + purchase_date="2018-07-10", + asset_location=self.centre, + department=self.department, + ) + + asset_two = Asset.objects.create( + asset_code="ANDELA002", + serial_number="RANDOM_SERIAL_NUMBER", + model_number=self.assetmodel, + purchase_date="2018-07-10", + asset_location=self.centre, + department=self.department, + ) + + asset_three = Asset.objects.create( + asset_code="NCOOO", + serial_number="SN_ART_002", + model_number=self.assetmodel, + purchase_date="2018-07-10", + asset_location=self.centre, + department=self.department, + ) + + response = client.get( + "{}?search={}".format(self.asset_urls, "ANDELA"), + HTTP_AUTHORIZATION="Token {}".format(self.token_admin), + ) + # return only assets with ANDELA match which is just asset_one and asset_two + self.assertEqual(response.data["count"], 2) + self.assertEqual( + response.data.get("results")[1].get("uuid"), str(asset_one.uuid) + ) + self.assertEqual( + response.data.get("results")[0].get("uuid"), str(asset_two.uuid) + ) + + response = client.get( + "{}?search={}".format(self.asset_urls, "SN_ART"), + HTTP_AUTHORIZATION="Token {}".format(self.token_admin), + ) + # return only assets with SN_ART match which is just asset_one and asset_three + self.assertEqual(response.data["count"], 2) + self.assertEqual( + response.data.get("results")[1].get("uuid"), str(asset_one.uuid) + ) + self.assertEqual( + response.data.get("results")[0].get("uuid"), str(asset_three.uuid) + ) + diff --git a/api/views/assets.py b/api/views/assets.py index 3415168f..aa32e6ff 100644 --- a/api/views/assets.py +++ b/api/views/assets.py @@ -14,9 +14,10 @@ from django.db.models import Q from django.db.utils import IntegrityError from django.http import FileResponse +from django_filters.rest_framework import DjangoFilterBackend from rest_framework import serializers, status from rest_framework.exceptions import PermissionDenied -from rest_framework.filters import OrderingFilter +from rest_framework.filters import OrderingFilter, SearchFilter from rest_framework.generics import get_object_or_404 from rest_framework.parsers import MultiPartParser from rest_framework.permissions import IsAdminUser, IsAuthenticated @@ -127,6 +128,8 @@ class AssetViewSet(ModelViewSet): filterset_class = AssetFilter authentication_classes = (FirebaseTokenAuthentication,) http_method_names = ["get"] + filter_backends = (SearchFilter, DjangoFilterBackend) + search_fields = ['asset_code', 'serial_number'] def get_queryset(self): user = self.request.user diff --git a/files/admin_exported_assets.xlsx b/files/admin_exported_assets.xlsx new file mode 100644 index 00000000..30eec5cc Binary files /dev/null and b/files/admin_exported_assets.xlsx differ diff --git a/media/user_test@andela.com_file.mp4 b/media/user_test@andela.com_file.mp4 new file mode 100644 index 00000000..48ad80d8 --- /dev/null +++ b/media/user_test@andela.com_file.mp4 @@ -0,0 +1 @@ +file_content \ No newline at end of file diff --git a/media/user_test@andela.com_file_3Mqeic5.mp4 b/media/user_test@andela.com_file_3Mqeic5.mp4 new file mode 100644 index 00000000..48ad80d8 --- /dev/null +++ b/media/user_test@andela.com_file_3Mqeic5.mp4 @@ -0,0 +1 @@ +file_content \ No newline at end of file