diff --git a/tienda_ilusion/users/tests.py b/tienda_ilusion/users/tests.py index ad750ad..5b4da6d 100644 --- a/tienda_ilusion/users/tests.py +++ b/tienda_ilusion/users/tests.py @@ -31,7 +31,7 @@ class MeEndpointTests(TestCase): self.assertEqual(response.status_code, 200) expected_fields = {'id', 'username', 'email', - 'first_name', 'last_name'} + 'first_name', 'last_name', 'role'} self.assertTrue(expected_fields.issubset(response.json().keys())) data = response.json() @@ -39,6 +39,53 @@ class MeEndpointTests(TestCase): self.assertEqual(data['email'], self.user.email) self.assertEqual(data['first_name'], self.user.first_name) self.assertEqual(data['last_name'], self.user.last_name) + self.assertEqual(data['role'], 'administrator') + + def test_regular_user_role_is_user(self): + """ + Verifica que un usuario sin permisos de staff recibe role 'user'. + """ + regular_user = User.objects.create_user( + username='regular', + email='regular@example.com', + password='regularpass', + is_staff=False + ) + + refresh = RefreshToken.for_user(regular_user) + access_token = str(refresh.access_token) + + client = APIClient() + client.credentials(HTTP_AUTHORIZATION=f'Bearer {access_token}') + + url = reverse('current-user') + response = client.get(url) + + self.assertEqual(response.status_code, 200) + self.assertEqual(response.json()['role'], 'user') + + def test_staff_user_role_is_administrator(self): + """ + Verifica que un usuario con is_staff=True recibe role 'administrator'. + """ + staff_user = User.objects.create_user( + username='staff', + email='staff@example.com', + password='staffpass', + is_staff=True + ) + + refresh = RefreshToken.for_user(staff_user) + access_token = str(refresh.access_token) + + client = APIClient() + client.credentials(HTTP_AUTHORIZATION=f'Bearer {access_token}') + + url = reverse('current-user') + response = client.get(url) + + self.assertEqual(response.status_code, 200) + self.assertEqual(response.json()['role'], 'administrator') def test_me_endpoint_requires_authentication(self): """