fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

authentik/rbac/tests/test_decorators.py

@@ -1,12 +1,29 @@
 """test decorators api"""
 
-from django.urls import reverse
 from guardian.shortcuts import assign_perm
+from rest_framework.decorators import action
+from rest_framework.request import Request
+from rest_framework.response import Response
 from rest_framework.test import APITestCase
+from rest_framework.viewsets import ModelViewSet
 
 from authentik.core.models import Application
 from authentik.core.tests.utils import create_test_user
 from authentik.lib.generators import generate_id
+from authentik.lib.tests.utils import get_request
+from authentik.rbac.decorators import permission_required
+
+
+class MVS(ModelViewSet):
+
+    queryset = Application.objects.all()
+    lookup_field = "slug"
+
+    @permission_required("authentik_core.view_application", ["authentik_events.view_event"])
+    @action(detail=True, pagination_class=None, filter_backends=[])
+    def test(self, request: Request, slug: str):
+        self.get_object()
+        return Response(status=200)
 
 
 class TestAPIDecorators(APITestCase):
@@ -18,41 +35,33 @@ class TestAPIDecorators(APITestCase):
 
     def test_obj_perm_denied(self):
         """Test object perm denied"""
-        self.client.force_login(self.user)
+        request = get_request("", user=self.user)
         app = Application.objects.create(name=generate_id(), slug=generate_id())
-        response = self.client.get(
+        response = MVS.as_view({"get": "test"})(request, slug=app.slug)
-            reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
-        )
         self.assertEqual(response.status_code, 403)
 
     def test_obj_perm_global(self):
         """Test object perm successful (global)"""
         assign_perm("authentik_core.view_application", self.user)
         assign_perm("authentik_events.view_event", self.user)
-        self.client.force_login(self.user)
         app = Application.objects.create(name=generate_id(), slug=generate_id())
-        response = self.client.get(
+        request = get_request("", user=self.user)
-            reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
+        response = MVS.as_view({"get": "test"})(request, slug=app.slug)
-        )
+        self.assertEqual(response.status_code, 200, response.data)
-        self.assertEqual(response.status_code, 200)
 
     def test_obj_perm_scoped(self):
         """Test object perm successful (scoped)"""
         assign_perm("authentik_events.view_event", self.user)
         app = Application.objects.create(name=generate_id(), slug=generate_id())
         assign_perm("authentik_core.view_application", self.user, app)
-        self.client.force_login(self.user)
+        request = get_request("", user=self.user)
-        response = self.client.get(
+        response = MVS.as_view({"get": "test"})(request, slug=app.slug)
-            reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
-        )
         self.assertEqual(response.status_code, 200)
 
     def test_other_perm_denied(self):
         """Test other perm denied"""
-        self.client.force_login(self.user)
         app = Application.objects.create(name=generate_id(), slug=generate_id())
         assign_perm("authentik_core.view_application", self.user, app)
-        response = self.client.get(
+        request = get_request("", user=self.user)
-            reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
+        response = MVS.as_view({"get": "test"})(request, slug=app.slug)
-        )
         self.assertEqual(response.status_code, 403)