CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-04 15:04:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

API: Allow to whiteliste fields for the orders resource

Browse Source
This commit is contained in:
Raphael Michel
2022-11-28 10:57:12 +01:00
parent 0a30fa70da
commit b72dc0ce8e
4 changed files with 81 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
src/tests/api/test_orders.py
View File

@@ -442,6 +442,64 @@ def test_order_detail(token_client, organizer, event, order, item, taxrule, ques
assert len(resp.data['fees']) == 2
@pytest.mark.django_db
def test_include_exclude_fields(token_client, organizer, event, order, item, taxrule, question):
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/?exclude=positions.secret'.format(
organizer.slug, event.slug, order.code
))
assert resp.status_code == 200
assert 'email' in resp.data
assert 'url' in resp.data
assert 'positions' in resp.data
assert 'subevent' in resp.data['positions'][0]
assert 'secret' not in resp.data['positions'][0]
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/?exclude=positions'.format(
organizer.slug, event.slug, order.code
))
assert resp.status_code == 200
assert 'email' in resp.data
assert 'url' in resp.data
assert 'positions' not in resp.data
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/?exclude=email&exclude=url'.format(
organizer.slug, event.slug, order.code
))
assert resp.status_code == 200
assert 'email' not in resp.data
assert 'url' not in resp.data
assert 'positions' in resp.data
assert 'secret' in resp.data['positions'][0]
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/?include=email'.format(
organizer.slug, event.slug, order.code
))
assert resp.status_code == 200
assert 'email' in resp.data
assert 'url' not in resp.data
assert 'positions' not in resp.data
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/?include=email&include=positions&exclude=positions.secret'.format(
organizer.slug, event.slug, order.code
))
assert resp.status_code == 200
assert 'email' in resp.data
assert 'url' not in resp.data
assert 'positions' in resp.data
assert 'subevent' in resp.data['positions'][0]
assert 'secret' not in resp.data['positions'][0]
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/?include=email&include=positions.subevent'.format(
organizer.slug, event.slug, order.code
))
assert resp.status_code == 200
assert 'email' in resp.data
assert 'url' not in resp.data
assert 'positions' in resp.data
assert 'subevent' in resp.data['positions'][0]
assert 'secret' not in resp.data['positions'][0]
@pytest.mark.django_db
def test_payment_list(token_client, organizer, event, order):
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/payments/'.format(organizer.slug, event.slug,