tests: Adapt url assertion to respect HTTP method(s)

agdsn · May 17, 2024 · e364506 · e364506
1 parent d277bb1
commit e364506
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 13 deletions.
diff --git a/tests/frontend/conftest.py b/tests/frontend/conftest.py
@@ -72,10 +72,13 @@ def config(module_session: Session) -> Config:
 
 @pytest.fixture(scope="session")
 def blueprint_urls(app: PycroftFlask) -> BlueprintUrls:
-    def _blueprint_urls(blueprint_name: str) -> list[str]:
+    def _blueprint_urls(
+        blueprint_name: str, methods: set[str] = {"GET", "POST"}  # noqa: B006
+    ) -> list[str]:
         return [
-            _build_rule(request_ctx.url_adapter, rule)
+            (_build_rule(request_ctx.url_adapter, rule), method)
             for rule in app.url_map.iter_rules()
+            for method in rule.methods & methods
             if rule.endpoint.startswith(f"{blueprint_name}.")
         ]
     return _blueprint_urls

diff --git a/tests/frontend/fixture_helpers.py b/tests/frontend/fixture_helpers.py
@@ -26,7 +26,7 @@ def login_context(test_client: TestClient, login: str, password: str):
     test_client.get("/logout")
 
 
-BlueprintUrls: t.TypeAlias = t.Callable[[str], list[str]]
+BlueprintUrls: t.TypeAlias = t.Callable[[str], list[str, str]]
 _argument_creator_map = {
     IntegerConverter: lambda c: 1,
     UnicodeConverter: lambda c: "test",

diff --git a/tests/frontend/test_permissions.py b/tests/frontend/test_permissions.py
@@ -104,26 +104,26 @@ def member_logged_in(
             yield
 
     def test_access_user(self, client: TestClient, blueprint_urls: BlueprintUrls):
-        for url in blueprint_urls("user"):
-            client.assert_url_forbidden(url)
+        for url, method in blueprint_urls("user"):
+            client.assert_url_forbidden(url, method=method)
 
     def test_access_finance(self, client: TestClient, blueprint_urls: BlueprintUrls):
-        for url in blueprint_urls("finance"):
-            client.assert_url_forbidden(url)
+        for url, method in blueprint_urls("finance"):
+            client.assert_url_forbidden(url, method=method)
 
     def test_access_buildings(self, client: TestClient, blueprint_urls: BlueprintUrls):
-        for url in blueprint_urls("facilities"):
-            client.assert_url_forbidden(url)
+        for url, method in blueprint_urls("facilities"):
+            client.assert_url_forbidden(url, method=method)
 
     def test_access_infrastructure(
         self, client: TestClient, blueprint_urls: BlueprintUrls
     ):
-        for url in blueprint_urls("infrastructure"):
-            client.assert_url_forbidden(url)
+        for url, method in blueprint_urls("infrastructure"):
+            client.assert_url_forbidden(url, method=method)
 
     def test_access_properties(self, client: TestClient, blueprint_urls: BlueprintUrls):
-        for url in blueprint_urls("properties"):
-            client.assert_url_forbidden(url)
+        for url, method in blueprint_urls("properties"):
+            client.assert_url_forbidden(url, method=method)
 
     def test_access_login(self, client: TestClient, blueprint_urls: BlueprintUrls):
         # Login see Test_010_Anonymous