diff --git a/taiga/projects/api.py b/taiga/projects/api.py index e0425d9b..d4b85f09 100644 --- a/taiga/projects/api.py +++ b/taiga/projects/api.py @@ -332,7 +332,7 @@ class ProjectTemplateViewSet(ModelCrudViewSet): ) template.load_data_from_project(project) template.save() - return Response(self.serializer_class(template).data) + return Response(self.serializer_class(template).data, status=201) def get_queryset(self): domain = get_active_domain() diff --git a/taiga/projects/models.py b/taiga/projects/models.py index 0e2fe0ef..5b15066b 100644 --- a/taiga/projects/models.py +++ b/taiga/projects/models.py @@ -677,8 +677,6 @@ class ProjectTemplate(models.Model): "computable": role.computable }) - for membership in Membership.objects.filter(project=project, user=project.owner): - print(membership.id, membership.user, membership.project, membership.email) owner_membership = Membership.objects.get(project=project, user=project.owner) self.default_owner_role = owner_membership.role.slug diff --git a/taiga/projects/tests/tests_api.py b/taiga/projects/tests/tests_api.py index 56d8b9b6..32a772ba 100644 --- a/taiga/projects/tests/tests_api.py +++ b/taiga/projects/tests/tests_api.py @@ -766,3 +766,80 @@ class ProjectTemplatesTestCase(test.TestCase): template.delete() self.client.logout() + + def test_create_project_template_from_project_by_anon(self): + data = { + "project_id": 1, + "template_name": "Test", + "template_description": "Test" + } + + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + + response = self.client.post(reverse("project-templates-create-from-project"), data) + self.assertEqual(response.status_code, 401) + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + + response = self.client.post(reverse("project-templates-create-from-project"), data) + self.assertEqual(response.status_code, 401) + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + + def test_create_project_template_from_project_by_domain_owner(self): + project = create_project(1, self.user1) + + data = { + "project_id": project.id, + "template_description": "Test" + } + + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + response = self.client.login(username=self.user1.username, + password=self.user1.username) + self.assertTrue(response) + response = self.client.post(reverse("project-templates-create-from-project"), data) + self.assertEqual(response.status_code, 400) + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + + data = { + "template_name": "Test", + "template_description": "Test" + } + + response = self.client.post(reverse("project-templates-create-from-project"), data) + self.assertEqual(response.status_code, 400) + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + + data = { + "project_id": project.id, + "template_name": "Test", + "template_description": "Test" + } + + response = self.client.post(reverse("project-templates-create-from-project"), data) + self.assertEqual(response.status_code, 201) + self.assertEqual(ProjectTemplate.objects.all().count(), 3) + + ProjectTemplate.objects.get(slug="test").delete() + + self.client.logout() + + def test_create_project_template_from_project_by_not_domain_owner(self): + data = { + "project_id": 1, + "template_name": "Test", + "template_description": "Test" + } + + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + response = self.client.login(username=self.user2.username, + password=self.user2.username) + self.assertTrue(response) + response = self.client.post(reverse("project-templates-create-from-project"), data) + self.assertEqual(response.status_code, 403) + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + + response = self.client.post(reverse("project-templates-create-from-project"), data) + self.assertEqual(response.status_code, 403) + self.assertEqual(ProjectTemplate.objects.all().count(), 2) + + self.client.logout()