✅(tests) improve tests for mailbox api

Regroup mailbox-related tests
+ add test 404 when trying to retrive a domain that doesn't exist
+ use enabled domains on tests

src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_retrieve.py

@@ -16,7 +16,7 @@ pytestmark = pytest.mark.django_db
 def test_api_mail_domains__retrieve_anonymous():
     """Anonymous users should not be allowed to retrieve a domain."""
 
-    domain = factories.MailDomainFactory()
+    domain = factories.MailDomainEnabledFactory()
     response = APIClient().get(f"/api/v1.0/mail-domains/{domain.slug}/")
 
     assert response.status_code == status.HTTP_401_UNAUTHORIZED
@@ -25,6 +25,21 @@ def test_api_mail_domains__retrieve_anonymous():
     }
 
 
+def test_api_domains__retrieve_non_existing():
+    """
+    Authenticated users should have an explicit error when trying to retrive
+    a domain that doesn't exist.
+    """
+    client = APIClient()
+    client.force_login(core_factories.UserFactory())
+
+    response = client.get(
+        "/api/v1.0/mail-domains/nonexistent.domain/",
+    )
+    assert response.status_code == status.HTTP_404_NOT_FOUND
+    assert response.json() == {"detail": "Not found."}
+
+
 def test_api_mail_domains__retrieve_authenticated_unrelated():
     """
     Authenticated users should not be allowed to retrieve a domain
@@ -35,7 +50,7 @@ def test_api_mail_domains__retrieve_authenticated_unrelated():
     client = APIClient()
     client.force_login(user)
 
-    domain = factories.MailDomainFactory()
+    domain = factories.MailDomainEnabledFactory()
 
     response = client.get(
         f"/api/v1.0/mail-domains/{domain.slug}/",
@@ -54,7 +69,7 @@ def test_api_mail_domains__retrieve_authenticated_related():
     client = APIClient()
     client.force_login(user)
 
-    domain = factories.MailDomainFactory()
+    domain = factories.MailDomainEnabledFactory()
     factories.MailDomainAccessFactory(domain=domain, user=user)
 
     response = client.get(

src/backend/mailbox_manager/tests/api/mailboxes/test_api_mailboxes_create.py

@@ -0,0 +1,148 @@
+"""
+Unit tests for the mailbox API
+"""
+
+import pytest
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from core import factories as core_factories
+
+from mailbox_manager import enums, factories, models
+from mailbox_manager.api import serializers
+
+pytestmark = pytest.mark.django_db
+
+
+def test_api_mailboxes__create_anonymous_forbidden():
+    """Anonymous users should not be able to create a new mailbox via the API."""
+    mail_domain = factories.MailDomainEnabledFactory()
+    mailbox_values = serializers.MailboxSerializer(
+        factories.MailboxFactory.build()
+    ).data
+    response = APIClient().post(
+        f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/",
+        mailbox_values,
+    )
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert not models.Mailbox.objects.exists()
+
+
+def test_api_mailboxes__create_authenticated_failure():
+    """Authenticated users should not be able to create mailbox
+    without specific role on mail domain."""
+    user = core_factories.UserFactory()
+
+    client = APIClient()
+    client.force_login(user)
+
+    mailbox_values = serializers.MailboxSerializer(
+        factories.MailboxFactory.build()
+    ).data
+    mail_domain = factories.MailDomainEnabledFactory()
+    response = client.post(
+        f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/",
+        mailbox_values,
+        format="json",
+    )
+
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert not models.Mailbox.objects.exists()
+
+
+def test_api_mailboxes__create_viewer_failure():
+    """Users with viewer role should not be able to create mailbox on the mail domain."""
+    mail_domain = factories.MailDomainEnabledFactory()
+    access = factories.MailDomainAccessFactory(
+        role=enums.MailDomainRoleChoices.VIEWER, domain=mail_domain
+    )
+
+    client = APIClient()
+    client.force_login(access.user)
+
+    mailbox_values = serializers.MailboxSerializer(
+        factories.MailboxFactory.build()
+    ).data
+    response = client.post(
+        f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/",
+        mailbox_values,
+        format="json",
+    )
+
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert not models.Mailbox.objects.exists()
+
+
+@pytest.mark.parametrize(
+    "role",
+    [
+        enums.MailDomainRoleChoices.OWNER,
+        enums.MailDomainRoleChoices.ADMIN,
+    ],
+)
+def test_api_mailboxes__create_roles_success(role):
+    """Users with owner or admin role should be able to create mailbox on the mail domain."""
+    mail_domain = factories.MailDomainEnabledFactory()
+    access = factories.MailDomainAccessFactory(role=role, domain=mail_domain)
+
+    client = APIClient()
+    client.force_login(access.user)
+
+    mailbox_values = serializers.MailboxSerializer(
+        factories.MailboxFactory.build()
+    ).data
+    response = client.post(
+        f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/",
+        mailbox_values,
+        format="json",
+    )
+
+    assert response.status_code == status.HTTP_201_CREATED
+    mailbox = models.Mailbox.objects.get()
+
+    assert mailbox.local_part == mailbox_values["local_part"]
+    assert mailbox.secondary_email == mailbox_values["secondary_email"]
+    assert response.json() == {
+        "id": str(mailbox.id),
+        "local_part": str(mailbox.local_part),
+        "secondary_email": str(mailbox.secondary_email),
+    }
+
+
+def test_api_mailboxes__create_administrator_missing_fields():
+    """
+    Administrator users should not be able to create mailboxes
+    without local part or secondary mail.
+    """
+    mail_domain = factories.MailDomainEnabledFactory()
+    access = factories.MailDomainAccessFactory(
+        role=enums.MailDomainRoleChoices.ADMIN, domain=mail_domain
+    )
+    client = APIClient()
+    client.force_login(access.user)
+
+    mailbox_values = serializers.MailboxSerializer(
+        factories.MailboxFactory.build()
+    ).data
+    del mailbox_values["local_part"]
+    response = client.post(
+        f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/",
+        mailbox_values,
+        format="json",
+    )
+    assert response.status_code == status.HTTP_400_BAD_REQUEST
+    assert not models.Mailbox.objects.exists()
+    assert response.json() == {"local_part": ["This field is required."]}
+
+    mailbox_values = serializers.MailboxSerializer(
+        factories.MailboxFactory.build()
+    ).data
+    del mailbox_values["secondary_email"]
+    response = client.post(
+        f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/",
+        mailbox_values,
+        format="json",
+    )
+    assert response.status_code == status.HTTP_400_BAD_REQUEST
+    assert not models.Mailbox.objects.exists()
+    assert response.json() == {"secondary_email": ["This field is required."]}

src/backend/mailbox_manager/tests/api/mailboxes/test_api_mailboxes_list.py

@@ -0,0 +1,76 @@
+"""
+Unit tests for the mailbox API
+"""
+
+import pytest
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from core import factories as core_factories
+
+from mailbox_manager import enums, factories
+
+pytestmark = pytest.mark.django_db
+
+
+def test_api_mailboxes__list_anonymous():
+    """Anonymous users should not be allowed to list mailboxes."""
+    mail_domain = factories.MailDomainEnabledFactory()
+    factories.MailboxFactory.create_batch(2, domain=mail_domain)
+
+    response = APIClient().get(f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/")
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert response.json() == {
+        "detail": "Authentication credentials were not provided."
+    }
+
+
+def test_api_mailboxes__list_authenticated():
+    """Authenticated users should not be able to list mailboxes"""
+    user = core_factories.UserFactory()
+
+    client = APIClient()
+    client.force_login(user)
+
+    mail_domain = factories.MailDomainEnabledFactory()
+    factories.MailboxFactory.create_batch(2, domain=mail_domain)
+
+    response = client.get(f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/")
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json() == {
+        "detail": "You do not have permission to perform this action."
+    }
+
+
+@pytest.mark.parametrize(
+    "role",
+    [
+        enums.MailDomainRoleChoices.OWNER,
+        enums.MailDomainRoleChoices.ADMIN,
+        enums.MailDomainRoleChoices.VIEWER,
+    ],
+)
+def test_api_mailboxes__list_roles(role):
+    """Owner, admin and viewer users should be able to list mailboxes"""
+    mail_domain = factories.MailDomainEnabledFactory()
+    mailbox1 = factories.MailboxFactory(domain=mail_domain)
+    mailbox2 = factories.MailboxFactory(domain=mail_domain)
+
+    access = factories.MailDomainAccessFactory(role=role, domain=mail_domain)
+    client = APIClient()
+    client.force_login(access.user)
+
+    response = client.get(f"/api/v1.0/mail-domains/{mail_domain.slug}/mailboxes/")
+    assert response.status_code == status.HTTP_200_OK
+    assert response.json()["results"] == [
+        {
+            "id": str(mailbox2.id),
+            "local_part": str(mailbox2.local_part),
+            "secondary_email": str(mailbox2.secondary_email),
+        },
+        {
+            "id": str(mailbox1.id),
+            "local_part": str(mailbox1.local_part),
+            "secondary_email": str(mailbox1.secondary_email),
+        },
+    ]