✨(api) add CRUD for mailbox manager MailDomain models

Add create,list,retrieve and delete actions for MailDomain model.

src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_create.py

@@ -0,0 +1,73 @@
+"""
+Tests for MailDomains API endpoint in People's app mailbox_manager. Focus on "create" action.
+"""
+
+import pytest
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from core import factories as core_factories
+
+from mailbox_manager import factories, models
+
+pytestmark = pytest.mark.django_db
+
+
+def test_api_mail_domains__create_anonymous():
+    """Anonymous users should not be allowed to create mail domains."""
+
+    response = APIClient().post(
+        "/api/v1.0/mail-domains/",
+        {
+            "name": "mydomain.com",
+        },
+    )
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert not models.MailDomain.objects.exists()
+
+
+def test_api_mail_domains__create_name_unique():
+    """
+    Creating domain should raise an error if already existing name.
+    """
+    factories.MailDomainFactory(name="existing_domain.com")
+    identity = core_factories.IdentityFactory()
+
+    client = APIClient()
+    client.force_login(identity.user)
+
+    response = client.post(
+        "/api/v1.0/mail-domains/",
+        {
+            "name": "existing_domain.com",
+        },
+    )
+
+    assert response.status_code == status.HTTP_400_BAD_REQUEST
+    assert response.json()["name"] == ["Mail domain with this name already exists."]
+
+
+def test_api_mail_domains__create_authenticated():
+    """
+    Authenticated users should be able to create mail domains
+    and should automatically be added as owner of the newly created domain.
+    """
+
+    identity = core_factories.IdentityFactory()
+    user = identity.user
+
+    client = APIClient()
+    client.force_login(identity.user)
+
+    response = client.post(
+        "/api/v1.0/mail-domains/",
+        {
+            "name": "mydomain.com",
+        },
+        format="json",
+    )
+
+    assert response.status_code == status.HTTP_201_CREATED
+    domain = models.MailDomain.objects.get()
+    assert domain.name == "mydomain.com"
+    assert domain.accesses.filter(role="owner", user=user).exists()

src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_delete.py

@@ -0,0 +1,107 @@
+"""
+Tests for MailDomains API endpoint, in People's mailbox manager app. Focus on "delete" action.
+"""
+
+import pytest
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from core import factories as core_factories
+
+from mailbox_manager import factories, models
+
+pytestmark = pytest.mark.django_db
+
+
+def test_api_mail_domains__delete_anonymous():
+    """Anonymous users should not be allowed to destroy a team."""
+    domain = factories.MailDomainFactory()
+
+    response = APIClient().delete(
+        f"/api/v1.0/mail-domains/{domain.id!s}/",
+    )
+
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert models.MailDomain.objects.count() == 1
+
+
+def test_api_mail_domains__delete_authenticated_unrelated():
+    """
+    Authenticated users should not be allowed to delete a domain to which they are not
+    related.
+    """
+    identity = core_factories.IdentityFactory()
+    domain = factories.MailDomainFactory()
+
+    client = APIClient()
+    client.force_login(identity.user)
+    response = client.delete(
+        f"/api/v1.0/mail-domains/{domain.id!s}/",
+    )
+
+    assert response.status_code == status.HTTP_404_NOT_FOUND
+    assert response.json() == {"detail": "No MailDomain matches the given query."}
+    assert models.MailDomain.objects.count() == 1
+
+
+def test_api_mail_domains__delete_authenticated_member():
+    """
+    Authenticated users should not be allowed to delete a domain
+    to which they are only a member.
+    """
+    identity = core_factories.IdentityFactory()
+    user = identity.user
+    domain = factories.MailDomainFactory(users=[(user, "member")])
+
+    client = APIClient()
+    client.force_login(user)
+    response = client.delete(
+        f"/api/v1.0/mail-domains/{domain.id}/",
+    )
+
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json() == {
+        "detail": "You do not have permission to perform this action."
+    }
+    assert models.MailDomain.objects.count() == 1
+
+
+def test_api_mail_domains__delete_authenticated_administrator():
+    """
+    Authenticated users should not be allowed to delete a domain
+    for which they are administrator.
+    """
+    identity = core_factories.IdentityFactory()
+    user = identity.user
+    domain = factories.MailDomainFactory(users=[(user, "administrator")])
+
+    client = APIClient()
+    client.force_login(user)
+    response = client.delete(
+        f"/api/v1.0/mail-domains/{domain.id}/",
+    )
+
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json() == {
+        "detail": "You do not have permission to perform this action."
+    }
+    assert models.MailDomain.objects.count() == 1
+
+
+def test_api_mail_domains__delete_authenticated_owner():
+    """
+    Authenticated users should be able to delete a domain
+    for which they are directly owner.
+    """
+    identity = core_factories.IdentityFactory()
+    user = identity.user
+    domain = factories.MailDomainFactory(users=[(user, "owner")])
+
+    client = APIClient()
+    client.force_login(user)
+    response = client.delete(
+        f"/api/v1.0/mail-domains/{domain.id}/",
+    )
+
+    assert response.status_code == status.HTTP_204_NO_CONTENT
+    assert models.MailDomain.objects.exists() is False

src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_list.py

@@ -0,0 +1,56 @@
+"""
+Tests for MailDomains API endpoint in People's mailbox manager app. Focus on "list" action.
+"""
+
+import pytest
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from core import factories as core_factories
+
+from mailbox_manager import factories
+
+pytestmark = pytest.mark.django_db
+
+
+def test_api_mail_domains__list_anonymous():
+    """Anonymous users should not be allowed to list mail domains."""
+
+    factories.MailDomainFactory.create_batch(3)
+
+    response = APIClient().get("/api/v1.0/mail-domains/")
+
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert response.json() == {
+        "detail": "Authentication credentials were not provided."
+    }
+
+
+def test_api_mail_domains__list_authenticated():
+    """
+    Authenticated users should be able to list domains
+    to which they have access.
+    """
+
+    identity = core_factories.IdentityFactory()
+    user = identity.user
+
+    client = APIClient()
+    client.force_login(user)
+
+    expected_ids = {
+        str(access.domain.id)
+        for access in factories.MailDomainAccessFactory.create_batch(5, user=user)
+    }
+    factories.MailDomainFactory.create_batch(2)  # Other teams
+    factories.MailDomainAccessFactory.create_batch(2)  # Other teams and accesses
+
+    response = client.get(
+        "/api/v1.0/mail-domains/",
+    )
+
+    assert response.status_code == status.HTTP_200_OK
+    results = response.json()["results"]
+    assert len(results) == 5
+    results_id = {result["id"] for result in results}
+    assert expected_ids == results_id

src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_retrieve.py

@@ -0,0 +1,71 @@
+"""
+Tests for MailDomains API endpoint in People's mailbox manager app. Focus on "retrieve" action.
+"""
+
+import pytest
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from core import factories as core_factories
+
+from mailbox_manager import factories
+
+pytestmark = pytest.mark.django_db
+
+
+def test_api_mail_domains__retrieve_anonymous():
+    """Anonymous users should not be allowed to retrieve a domain."""
+
+    domain = factories.MailDomainFactory()
+    response = APIClient().get(f"/api/v1.0/mail-domains/{domain.id}/")
+
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert response.json() == {
+        "detail": "Authentication credentials were not provided."
+    }
+
+
+def test_api_mail_domains__retrieve_authenticated_unrelated():
+    """
+    Authenticated users should not be allowed to retrieve a domain
+    to which they have access.
+    """
+    identity = core_factories.IdentityFactory()
+
+    client = APIClient()
+    client.force_login(identity.user)
+
+    domain = factories.MailDomainFactory()
+
+    response = client.get(
+        f"/api/v1.0/mail-domains/{domain.id!s}/",
+    )
+    assert response.status_code == status.HTTP_404_NOT_FOUND
+    assert response.json() == {"detail": "No MailDomain matches the given query."}
+
+
+def test_api_mail_domains__retrieve_authenticated_related():
+    """
+    Authenticated users should be allowed to retrieve a domain
+    to which they have access.
+    """
+    identity = core_factories.IdentityFactory()
+    user = identity.user
+
+    client = APIClient()
+    client.force_login(user)
+
+    domain = factories.MailDomainFactory()
+    factories.MailDomainAccessFactory(domain=domain, user=user)
+
+    response = client.get(
+        f"/api/v1.0/mail-domains/{domain.id!s}/",
+    )
+
+    assert response.status_code == status.HTTP_200_OK
+    assert response.json() == {
+        "id": str(domain.id),
+        "name": domain.name,
+        "created_at": domain.created_at.isoformat().replace("+00:00", "Z"),
+        "updated_at": domain.updated_at.isoformat().replace("+00:00", "Z"),
+    }