Add tests for passing an id as integer in the abuse report API (#21428)

* Add tests for passing an id as integer in the abuse report API * Also document that we allow integers
2023-11-13 21:23:15 +01:00 · 2023-11-13 21:23:15 +01:00 · 1e1b08fb51
--- a/docs/topics/api/abuse.rst
+++ b/docs/topics/api/abuse.rst
@ -34,7 +34,7 @@ to if necessary.

 .. http:post:: /api/v5/abuse/report/addon/

-    :<json string addon: The id, slug, or guid of the add-on to report for abuse (required).
+    :<json string|int addon: The id, slug, or guid of the add-on to report for abuse (required).
    :<json string message: The body/content of the abuse report (required).
    :<json string|null report_entry_point: The report entry point. The accepted values are documented in the :ref:`table below <abuse-report_entry_point-parameter>`.
    :<json string|null addon_install_method: The add-on install method. The accepted values are documented in the :ref:`table below <abuse-addon_install_method-parameter>`.
@ -242,7 +242,7 @@ so reports can be responded to if necessary.

    .. _userabusereport-create-request:

-    :<json string user: The id or username of the user to report for abuse (required).
+    :<json string|int user: The id or username of the user to report for abuse (required).
    :<json string message: The body/content of the abuse report (required).
    :<json string|null reason: The reason for the report. The accepted values are documented in the :ref:`table below <abuse-user-reason-parameter>`.
    :<json string|null reporter_name: The provided name of the reporter, if not authenticated.
@ -289,7 +289,7 @@ so reports can be responded to if necessary.

    .. _ratingabusereport-create-request:

-    :<json string rating: The id of the rating to report for abuse (required).
+    :<json string|int rating: The id of the rating to report for abuse (required).
    :<json string message: The body/content of the abuse report (required).
    :<json string|null reason: The reason for the report. The accepted values are documented in the :ref:`table below <abuse-rating-reason-parameter>`.
    :<json string|null reporter_name: The provided name of the reporter, if not authenticated.
@ -334,7 +334,7 @@ so reports can be responded to if necessary.

    .. _collectionabusereport-create-request:

-    :<json string collection: The id of the collection to report for abuse (required).
+    :<json string|int collection: The id of the collection to report for abuse (required).
    :<json string message: The body/content of the abuse report (required).
    :<json string|null reason: The reason for the report. The accepted values are documented in the :ref:`table below <abuse-collection-reason-parameter>`.
    :<json string|null reporter_name: The provided name of the reporter, if not authenticated.
--- a/src/olympia/abuse/tests/test_views.py
+++ b/src/olympia/abuse/tests/test_views.py
@ -61,6 +61,22 @@ class AddonAbuseViewSetTestBase:
        self.check_report(report, f'Abuse Report for Addon {addon.guid}')
        assert report.message == 'abuse!'

+    def test_report_addon_by_id_int(self):
+        addon = addon_factory()
+        response = self.client.post(
+            self.url,
+            data={'addon': addon.pk, 'message': 'abuse!'},
+            REMOTE_ADDR='123.45.67.89',
+            HTTP_X_FORWARDED_FOR=f'123.45.67.89, {get_random_ip()}',
+        )
+        assert response.status_code == 201
+
+        # It was a public add-on, so we found its guid.
+        assert AbuseReport.objects.filter(guid=addon.guid).exists()
+        report = AbuseReport.objects.get(guid=addon.guid)
+        self.check_report(report, f'Abuse Report for Addon {addon.guid}')
+        assert report.message == 'abuse!'
+
    def test_report_addon_by_slug(self):
        addon = addon_factory()
        response = self.client.post(
@ -587,6 +603,19 @@ class UserAbuseViewSetTestBase:
        report = AbuseReport.objects.get(user_id=user.id)
        self.check_report(report, f'Abuse Report for User {user.pk}')

+    def test_report_user_id_int(self):
+        user = user_factory()
+        response = self.client.post(
+            self.url,
+            data={'user': user.pk, 'message': 'abuse!'},
+            REMOTE_ADDR='123.45.67.89',
+        )
+        assert response.status_code == 201
+
+        assert AbuseReport.objects.filter(user_id=user.pk).exists()
+        report = AbuseReport.objects.get(user_id=user.pk)
+        self.check_report(report, f'Abuse Report for User {user.pk}')
+
    def test_report_user_username(self):
        user = user_factory()
        response = self.client.post(
@ -926,6 +955,25 @@ class RatingAbuseViewSetTestBase:
        report = AbuseReport.objects.get(rating=target_rating)
        self.check_report(report, f'Abuse Report for Rating {target_rating.pk}')

+    def test_report_rating_id_int(self):
+        target_rating = Rating.objects.create(
+            addon=addon_factory(), user=user_factory(), body='Booh', rating=1
+        )
+        response = self.client.post(
+            self.url,
+            data={
+                'rating': target_rating.pk,
+                'message': 'abuse!',
+                'reason': 'illegal',
+            },
+            REMOTE_ADDR='123.45.67.89',
+        )
+        assert response.status_code == 201
+
+        assert AbuseReport.objects.filter(rating_id=target_rating.pk).exists()
+        report = AbuseReport.objects.get(rating=target_rating)
+        self.check_report(report, f'Abuse Report for Rating {target_rating.pk}')
+
    def test_no_rating_fails(self):
        response = self.client.post(
            self.url, data={'message': 'abuse!', 'reason': 'illegal'}
@ -1145,6 +1193,23 @@ class CollectionAbuseViewSetTestBase:
        report = AbuseReport.objects.get(collection=target_collection)
        self.check_report(report, f'Abuse Report for Collection {target_collection.pk}')

+    def test_report_collection_id_int(self):
+        target_collection = collection_factory()
+        response = self.client.post(
+            self.url,
+            data={
+                'collection': target_collection.pk,
+                'message': 'abusé!',
+                'reason': 'hateful_violent_deceptive',
+            },
+            REMOTE_ADDR='123.45.67.89',
+        )
+        assert response.status_code == 201
+
+        assert AbuseReport.objects.filter(collection_id=target_collection.pk).exists()
+        report = AbuseReport.objects.get(collection=target_collection)
+        self.check_report(report, f'Abuse Report for Collection {target_collection.pk}')
+
    def test_no_collection_fails(self):
        response = self.client.post(
            self.url, data={'message': 'abusë!', 'reason': 'hateful_violent_deceptive'}