Elastic search assets and users 165965388

api/tests/test_asset_api.py

@@ -68,19 +68,21 @@ def test_authenticated_user_get_single_asset_via_asset_code(
             "{}?asset_code={}".format(self.asset_urls, self.asset.asset_code),
             HTTP_AUTHORIZATION="Token {}".format(self.token_user),
         )
-        self.assertIn(self.asset.asset_code, response.data["results"][0]["asset_code"])
         self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertIn(self.asset.asset_code, response.data["results"][0]["asset_code"])
 
     @patch("api.authentication.auth.verify_id_token")
-    def test_authenticated_securityuser_get_single_asset_via_asset_code(
+    def test_securityuser_filtering_asset_via_asset_code(
         self, mock_verify_id_token
     ):
         mock_verify_id_token.return_value = {"email": self.security_user.email}
         response = client.get(
-            "{}?asset_code={}".format(self.asset_urls, self.asset.asset_code),
+            f"{self.asset_urls}?asset_code={self.asset.asset_code}",
             HTTP_AUTHORIZATION="Token {}".format(self.token_checked_by),
         )
+        filtered_assets = Asset.objects.filter(asset_code=self.asset.asset_code)
         self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(filtered_assets), len(response.data["results"]))
         self.assertIn(self.asset.asset_code, response.data["results"][0]["asset_code"])
 
     @patch("api.authentication.auth.verify_id_token")
@@ -470,3 +472,65 @@ def test_fetching_assets_assigned_to_a_random_user_by_non_admin(
             str(response.data["detail"]),
             "Operation not permitted. You are not authorised.",
         )
+
+    @patch("api.authentication.auth.verify_id_token")
+    def test_search_fnx_on_asset_endpoint(self, mock_verify_id_token):
+        mock_verify_id_token.return_value = {"email": self.admin_user.email}
+        self.admin_user.is_securityuser = True
+        self.admin_user.save()
+        self.admin_user.refresh_from_db()
+
+        asset_one = Asset.objects.create(
+            asset_code="ANDELA001",
+            serial_number="SN_ART_001",
+            active=True,
+            model_number=self.assetmodel,
+            purchase_date="2018-07-10",
+            asset_location=self.centre,
+            department=self.department,
+        )
+
+        asset_two = Asset.objects.create(
+            asset_code="ANDELA002",
+            serial_number="RANDOM_SERIAL_NUMBER",
+            model_number=self.assetmodel,
+            purchase_date="2018-07-10",
+            asset_location=self.centre,
+            department=self.department,
+        )
+
+        asset_three = Asset.objects.create(
+            asset_code="NCOOO",
+            serial_number="SN_ART_002",
+            model_number=self.assetmodel,
+            purchase_date="2018-07-10",
+            asset_location=self.centre,
+            department=self.department,
+        )
+
+        response = client.get(
+            "{}?search={}".format(self.asset_urls, "ANDELA"),
+            HTTP_AUTHORIZATION="Token {}".format(self.token_admin),
+        )
+        # return only assets with ANDELA match which is just asset_one and asset_two
+        self.assertEqual(response.data["count"], 2)
+        self.assertEqual(
+            response.data.get("results")[1].get("uuid"), str(asset_one.uuid)
+        )
+        self.assertEqual(
+            response.data.get("results")[0].get("uuid"), str(asset_two.uuid)
+        )
+
+        response = client.get(
+            "{}?search={}".format(self.asset_urls, "SN_ART"),
+            HTTP_AUTHORIZATION="Token {}".format(self.token_admin),
+        )
+        # return only assets with SN_ART match which is just asset_one and asset_three
+        self.assertEqual(response.data["count"], 2)
+        self.assertEqual(
+            response.data.get("results")[1].get("uuid"), str(asset_one.uuid)
+        )
+        self.assertEqual(
+            response.data.get("results")[0].get("uuid"), str(asset_three.uuid)
+        )
+

api/views/assets.py

@@ -14,9 +14,10 @@
 from django.db.models import Q
 from django.db.utils import IntegrityError
 from django.http import FileResponse
+from django_filters.rest_framework import DjangoFilterBackend
 from rest_framework import serializers, status
 from rest_framework.exceptions import PermissionDenied
-from rest_framework.filters import OrderingFilter
+from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.generics import get_object_or_404
 from rest_framework.parsers import MultiPartParser
 from rest_framework.permissions import IsAdminUser, IsAuthenticated
@@ -127,6 +128,8 @@ class AssetViewSet(ModelViewSet):
     filterset_class = AssetFilter
     authentication_classes = (FirebaseTokenAuthentication,)
     http_method_names = ["get"]
+    filter_backends = (SearchFilter, DjangoFilterBackend)
+    search_fields = ['asset_code', 'serial_number']
 
     def get_queryset(self):
         user = self.request.user

media/user_test@andela.com_file.mp4

@@ -0,0 +1 @@
+file_content

media/user_test@andela.com_file_3Mqeic5.mp4

@@ -0,0 +1 @@
+file_content