Add test focused on API response for admin user

eecavanna · eecavanna · commit 12f86403efa1 · 2024-08-19T18:37:37.000-07:00
diff --git a/tests/test_submission.py b/tests/test_submission.py
@@ -27,7 +27,13 @@ def test_list_submissions(db: Session, client: TestClient, logged_in_user):
     assert response.json()["results"][0]["id"] == str(submission.id)
 
 
-def test_get_metadata_submissions_report(db: Session, client: TestClient, logged_in_user):
+def test_get_metadata_submissions_report_as_non_admin(db: Session, client: TestClient, logged_in_user):
+    response = client.request(method="GET", url="/api/metadata_submission/report")
+    assert response.status_code == 403
+
+
+def test_get_metadata_submissions_report_as_admin(db: Session, client: TestClient, logged_in_admin_user):
+    logged_in_user = logged_in_admin_user  # makes a concise alias (also allows for verbatim code snippet reuse)
     submission = fakes.MetadataSubmissionFactory(
         author=logged_in_user, author_orcid=logged_in_user.orcid
     )
@@ -39,19 +45,11 @@ def test_get_metadata_submissions_report(db: Session, client: TestClient, logged
     )
 
     # TODO: Create additional submissions.
-
     db.commit()
 
     # TODO: Check additional aspects of the HTTP response.
-
-    # The server will return an HTTP 403 Response when the client isn't an admin.
-    #
-    # TODO: Find an example of where a test request is submitted as an admin, or even
-    #       as any logged-in user (I assume the endpoint would have returned a 401
-    #       if the user wasn't logged in at all).
-    #
     response = client.request(method="GET", url="/api/metadata_submission/report")
-    assert response.status_code == 403
+    assert response.status_code == 200
 
 
 def test_try_edit_locked_submission(db: Session, client: TestClient, logged_in_user):
