jeudi 18 février 2016

What should I be testing for in my Django API tests?

I have started to write an API using the Django REST Framework. I am struggling to think about what tests I should be writing.

My ideas so far are...

  • Authentication: making sure users are logged in
  • Authorisation: checking users have the correct permissions
  • Response body: making sure all the desired fields are present
  • Allowed HTTP methods: making sure that users can't perform unintended actions.

Since the Django REST framework uses Django's underlying permissions system, is it really necessary to test permissions at both the model level and the API level? In this regard, it seems like some of my tests are testing for the same thing.

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)