test(resources): resource list scoping

davidlougheed · davidlougheed · commit 1df59cdcf120 · 2025-01-08T10:59:03.000-05:00
diff --git a/chord_metadata_service/chord/tests/constants.py b/chord_metadata_service/chord/tests/constants.py
@@ -3,6 +3,7 @@
 __all__ = [
     "VALID_DATA_USE_1",
     "VALID_PROJECT_1",
+    "VALID_PROJECT_2",
     "VALID_DATS_CREATORS",
     "INVALID_DATS_CREATORS",
     "valid_dataset_1",
@@ -42,6 +43,11 @@
     "description": "Some description",
 }
 
+VALID_PROJECT_2 = {
+    "title": "Project 2",
+    "description": "Some description too",
+}
+
 VALID_DATS_CREATORS = [
     {
         "name": "1000 Genomes Project"
diff --git a/chord_metadata_service/resources/tests/test_api.py b/chord_metadata_service/resources/tests/test_api.py
@@ -4,6 +4,8 @@
 from rest_framework.reverse import reverse
 
 from chord_metadata_service.authz.tests.helpers import AuthzAPITestCase
+from chord_metadata_service.chord.models import Dataset
+from chord_metadata_service.chord.tests.constants import valid_dataset_1, VALID_PROJECT_2
 from chord_metadata_service.chord.tests.helpers import AuthzAPITestCaseWithProjectJSON
 from ..models import Resource
 from ..serializers import ResourceSerializer
@@ -38,6 +40,14 @@ def setUp(self):
         self.url = reverse("resource-list")
         self.url_with_proj = f"{self.url}?project={self.project['identifier']}"
 
+        r = self.one_authz_post(reverse("project-list"), json=VALID_PROJECT_2)
+        self.project_2 = r.json()
+
+        r = self.one_authz_post(reverse("dataset-list"), json=valid_dataset_1(self.project['identifier']))
+        self.dataset = r.json()
+
+        self.url_with_proj_ds = f"{self.url}?project={self.project['identifier']}&dataset={self.dataset['identifier']}"
+
     def test_list_resources_basic(self):
         self.one_authz_post(self.url, json=VALID_RESOURCE_1)
         self.one_authz_post(self.url, json=VALID_RESOURCE_2)
@@ -66,3 +76,26 @@ def test_list_resources_forbidden(self):
 
         response = self.one_no_authz_get(self.url_with_proj)
         self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
+    def test_list_resources_project_dataset(self):
+        r = Resource.objects.create(**VALID_RESOURCE_1)
+        Resource.objects.create(**VALID_RESOURCE_2)  # r2
+
+        ds = Dataset.objects.get(pk=self.dataset["identifier"])
+        ds.additional_resources.add(r)
+
+        res = self.one_authz_get(self.url)
+        self.assertEqual(res.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(res.json()["results"]), 2)
+
+        res = self.one_authz_get(self.url_with_proj)
+        self.assertEqual(res.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(res.json()["results"]), 1)
+
+        res = self.one_authz_get(f"{self.url}?project={self.project_2['identifier']}")
+        self.assertEqual(res.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(res.json()["results"]), 0)
+
+        res = self.one_authz_get(self.url_with_proj_ds)
+        self.assertEqual(res.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(res.json()["results"]), 1)
