tests/test_channel_auth.py

import pytest
from core.models import AppUser, Channel, Library
from django.urls import reverse
from datetime import datetime, timedelta
from django.utils import timezone

@pytest.mark.django_db
class TestChannelAuthEnforcement:
    def setup_method(self):
        # Create user and library
        self.user = AppUser.objects.create_user(
            username="testuser",
            password="password123",
            email="test@example.com"
        )
        self.library = Library.objects.create(
            owner_user=self.user,
            name="Test Library"
        )
        
        # Create a channel that requires auth
        self.protected_channel = Channel.objects.create(
            owner_user=self.user,
            library=self.library,
            name="Protected Channel",
            slug="protected-channel",
            requires_auth=True
        )
        
        # Create a channel that does not require auth
        self.public_channel = Channel.objects.create(
            owner_user=self.user,
            library=self.library,
            name="Public Channel",
            slug="public-channel",
            requires_auth=False
        )

    def test_unauthenticated_access_to_protected_channel_now(self, client):
        response = client.get(f"/api/channel/{self.protected_channel.id}/now")
        assert response.status_code == 401
        
    def test_authenticated_access_to_protected_channel_now(self, client):
        client.login(username="testuser", password="password123")
        response = client.get(f"/api/channel/{self.protected_channel.id}/now")
        assert response.status_code == 200
        
    def test_unauthenticated_access_to_public_channel_now(self, client):
        response = client.get(f"/api/channel/{self.public_channel.id}/now")
        assert response.status_code == 200

    def test_unauthenticated_access_to_protected_channel_airings(self, client):
        response = client.get(f"/api/channel/{self.protected_channel.id}/airings")
        assert response.status_code == 401
        
    def test_authenticated_access_to_protected_channel_airings(self, client):
        client.login(username="testuser", password="password123")
        response = client.get(f"/api/channel/{self.protected_channel.id}/airings")
        assert response.status_code == 200

    def test_unauthenticated_access_to_protected_channel_status(self, client):
        response = client.get(f"/api/channel/{self.protected_channel.id}/status")
        assert response.status_code == 401
        
    def test_authenticated_access_to_protected_channel_status(self, client):
        client.login(username="testuser", password="password123")
        response = client.get(f"/api/channel/{self.protected_channel.id}/status")
        assert response.status_code == 200
feat(main): main 2026-03-20 15:00:24 -04:00			`import pytest`
			`from core.models import AppUser, Channel, Library`
			`from django.urls import reverse`
			`from datetime import datetime, timedelta`
			`from django.utils import timezone`

			`@pytest.mark.django_db`
			`class TestChannelAuthEnforcement:`
			`def setup_method(self):`
			`# Create user and library`
			`self.user = AppUser.objects.create_user(`
			`username="testuser",`
			`password="password123",`
			`email="test@example.com"`
			`)`
			`self.library = Library.objects.create(`
			`owner_user=self.user,`
			`name="Test Library"`
			`)`

			`# Create a channel that requires auth`
			`self.protected_channel = Channel.objects.create(`
			`owner_user=self.user,`
			`library=self.library,`
			`name="Protected Channel",`
			`slug="protected-channel",`
			`requires_auth=True`
			`)`

			`# Create a channel that does not require auth`
			`self.public_channel = Channel.objects.create(`
			`owner_user=self.user,`
			`library=self.library,`
			`name="Public Channel",`
			`slug="public-channel",`
			`requires_auth=False`
			`)`

			`def test_unauthenticated_access_to_protected_channel_now(self, client):`
			`response = client.get(f"/api/channel/{self.protected_channel.id}/now")`
			`assert response.status_code == 401`

			`def test_authenticated_access_to_protected_channel_now(self, client):`
			`client.login(username="testuser", password="password123")`
			`response = client.get(f"/api/channel/{self.protected_channel.id}/now")`
			`assert response.status_code == 200`

			`def test_unauthenticated_access_to_public_channel_now(self, client):`
			`response = client.get(f"/api/channel/{self.public_channel.id}/now")`
			`assert response.status_code == 200`

			`def test_unauthenticated_access_to_protected_channel_airings(self, client):`
			`response = client.get(f"/api/channel/{self.protected_channel.id}/airings")`
			`assert response.status_code == 401`

			`def test_authenticated_access_to_protected_channel_airings(self, client):`
			`client.login(username="testuser", password="password123")`
			`response = client.get(f"/api/channel/{self.protected_channel.id}/airings")`
			`assert response.status_code == 200`

			`def test_unauthenticated_access_to_protected_channel_status(self, client):`
			`response = client.get(f"/api/channel/{self.protected_channel.id}/status")`
			`assert response.status_code == 401`

			`def test_authenticated_access_to_protected_channel_status(self, client):`
			`client.login(username="testuser", password="password123")`
			`response = client.get(f"/api/channel/{self.protected_channel.id}/status")`
			`assert response.status_code == 200`