From 28a83d1bdb06e19cd659d7d835e6a0d9072b6c73 Mon Sep 17 00:00:00 2001
From: ezkat <50319957+ezkat@users.noreply.github.com>
Date: Tue, 5 Sep 2023 09:04:06 +0300
Subject: [PATCH] Add user perm test during maintenance mode

---
 resources/tests/test_resource_api.py | 29 +++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

diff --git a/resources/tests/test_resource_api.py b/resources/tests/test_resource_api.py
index c6c24917e..6c6b82cb5 100644
--- a/resources/tests/test_resource_api.py
+++ b/resources/tests/test_resource_api.py
@@ -67,10 +67,9 @@ def _check_permissions_dict(api_client, resource, is_admin, is_manager, is_viewe
 
     url = reverse('resource-detail', kwargs={'pk': resource.pk})
     response = api_client.get(url)
-    print(response.data)
     assert response.status_code == 200
     permissions = response.data['user_permissions']
-    
+
     if can_create_reservations_for_other_users:
         # exists and is True if user is staff for the resource
         # OR the user is staff and the resource has reservable_by_all_staff set to True
@@ -1264,4 +1263,28 @@ def test_user_permissions_external_resources(api_client, resource_in_unit, user,
     # can_create_reservations_for_other_users should be False for resource_in_unit3
     _check_permissions_dict(api_client, resource_in_unit3, is_admin=False, is_manager=False,
                             is_viewer=False, can_make_reservations=True, can_ignore_opening_hours=False,
-                            can_bypass_payment=False, can_create_reservations_for_other_users=False)
\ No newline at end of file
+                            can_bypass_payment=False, can_create_reservations_for_other_users=False)
+
+@pytest.mark.django_db
+def test_user_permissions_in_resource_endpoint_during_maintenance_mode(
+    maintenance_mode, resource_in_unit, 
+    user, api_client,
+    staff_user, staff_api_client):
+    resource_in_unit.unit.create_authorization(staff_user, 'manager')
+    url = reverse('resource-detail', kwargs={'pk': resource_in_unit.pk})
+
+
+    api_client.force_authenticate(user=user)
+    response = api_client.get(url)
+    assert response.status_code == 200
+    assert not any(
+        [permission for _, permission in response.data['user_permissions'].items()]
+    )
+
+    staff_api_client.force_authenticate(user=staff_user)
+    response = staff_api_client.get(url)
+    assert response.status_code == 200
+    assert not any(
+        [permission for _, permission in response.data['user_permissions'].items()]
+    )
+    
\ No newline at end of file