tests for only fields in api

tests/test_views.py

@@ -15,6 +15,21 @@ def test_profile_detail(client, db, profile, user):
     assert result["username"] == user.username
 
 
+def test_profile_detail_trimmed(client, db, profile, user):
+    response = client.get(f"/profiles/trimmed/{profile.pk}/")
+    result = response.json()
+    assert response.status_code == 200, result
+    assert "username" not in result
+    assert result["user"]["id"] == user.id
+
+
+def test_profile_detail_no_id(client, db, profile, user):
+    response = client.get(f"/profiles/no-id/{profile.pk}/")
+    result = response.json()
+    assert response.status_code == 200, result
+    assert "id" not in result["user"]
+
+
 def test_profile_not_found(client, db, profile, user):
     response = client.get(f"/profiles/{uuid4()}/")
     result = response.json()

tests/urls.py

@@ -5,6 +5,8 @@
 urlpatterns = [
     path("profiles/", views.ProfileList.as_view()),
     path("profiles/<uuid:id>/", views.ProfileDetail.as_view()),
+    path("profiles/trimmed/<uuid:id>/", views.ProfileDetailTrimmed.as_view()),
+    path("profiles/no-id/<uuid:id>/", views.ProfileDetailNoID.as_view()),
     path("profiles/<uuid:id>/<str:action>/", views.ProfileDetail.as_view()),
     path("staff/<uuid:id>/", views.StaffDetail.as_view()),
     path("user/", views.UserSelf.as_view()),

tests/views.py

@@ -62,6 +62,18 @@ def validate_phone(self, value):
         return "+5555555555"
 
 
+class ProfileDetailTrimmed(ActionAPI, DeleteAPI, UpdateAPI, DetailAPI):
+    model = Profile
+    serializer = ProfileSerializer(only=["user.id"])
+    permissions = [PublicEndpoint]
+
+
+class ProfileDetailNoID(ActionAPI, DeleteAPI, UpdateAPI, DetailAPI):
+    model = Profile
+    serializer = ProfileSerializer(exclude=["user.id"])
+    permissions = [PublicEndpoint]
+
+
 class StaffDetail(ProfileDetail):
     permissions = [Authenticated, Staff]