Cleaned up access tests

This commit is contained in:
Tris Forster 2023-02-23 10:22:58 +11:00
parent 295999eaef
commit 75de40f2bd
2 changed files with 36 additions and 135 deletions

View File

@ -6,17 +6,9 @@ from datetime import timedelta
class AccessTestCase(TestCase): class AccessTestCase(TestCase):
USERS = ( USERS = ()
{'username': 'admin', 'password': 'foobar', 'is_superuser': True, 'is_staff': True},
{'username': 'homer', 'password': 'maggie'},
)
ENSEMBLES = ()
ENSEMBLES = (
{'name': 'The Be Sharps', 'slug': 'be-sharps', 'admins': ['homer']},
{'name': 'Lisa & the Bleeding Gums', 'slug': 'bleeding-gums'},
{'name': 'Party Posse'},
)
PROJECTS = () PROJECTS = ()
@ -37,8 +29,6 @@ class AccessTestCase(TestCase):
obj.admins.add(cls.users[admin]) obj.admins.add(cls.users[admin])
cls.ensembles[obj.slug] = obj cls.ensembles[obj.slug] = obj
#cls.ensembles['be-sharps'].admins.add(cls.users['homer'])
cls.projects = {} cls.projects = {}
for name, ensemble, when in cls.PROJECTS: for name, ensemble, when in cls.PROJECTS:
obj = cls.ensembles[ensemble].projects.create(name=name, event_date=now+timedelta(days=when)) obj = cls.ensembles[ensemble].projects.create(name=name, event_date=now+timedelta(days=when))
@ -46,16 +36,9 @@ class AccessTestCase(TestCase):
return return
cls.now = timezone.now()
cls.ensembles['be-sharps'].admins.add(cls.users['homer'])
def login(self, user, passwd): def login(self, user, passwd):
response = self.client.post('/login', {'username': user, 'password': passwd}) response = self.client.post('/login', {'username': user, 'password': passwd})
print(response.request) self.assertEqual(response.status_code, 302, f"Failed to login as {user}")
self.assertRedirects(response, '/projects', msg_prefix=repr(getattr(response.context.get('form'), 'errors', '<no message>')))
def authorize(self, model, **kwargs): def authorize(self, model, **kwargs):
object = model.objects.get(**kwargs) object = model.objects.get(**kwargs)

View File

@ -2,49 +2,41 @@ from django.test import TestCase, Client
from interface import models, utils from interface import models, utils
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.utils import timezone
from datetime import timedelta
from . import AccessTestCase from . import AccessTestCase
class InterfaceAccessTestCase(AccessTestCase): class InterfaceAccessTestCase(AccessTestCase):
USERS = (
{'username': 'admin', 'password': 'secret', 'is_superuser': True, 'is_staff': True},
{'username': 'homer', 'password': 'maggie'},
)
ENSEMBLES = (
{'name': 'The Be Sharps', 'slug': 'be-sharps', 'admins': ['homer']},
{'name': 'Lisa & the Bleeding Gums', 'slug': 'bleeding-gums'},
{'name': 'Party Posse'},
)
PROJECTS = ( PROJECTS = (
('Baker St', 'bleeding-gums', -12), ('Baker St', 'bleeding-gums', -12),
('Navy Recruitment Day', 'party-posse', 6), ('Navy Recruitment Day', 'party-posse', 6),
('Baby on Board', 'be-sharps', 28), ('Barbershop Contest', 'be-sharps', 28),
('Open Mic Night', 'bleeding-gums', 1) ('Open Mic Night', 'bleeding-gums', 1)
) )
@classmethod
def oldsetUpTestData(cls):
AccessTestCase.setUpTestData()
return
admin = User.objects.create_user(username='admin', password='foobar', is_superuser=True, is_staff=True)
homer = User.objects.create_user(username='homer', password='maggie')
now = timezone.now()
b_sharps = models.Ensemble.objects.create(name='The Be Sharps')
b_sharps.admins.add(homer)
bleeding_gums = models.Ensemble.objects.create(name='Lisa and the Bleeding Gums', slug='bleeding-gums')
party_posse = models.Ensemble.objects.create(name="Party Posse", slug='party-posse')
bleeding_gums.projects.create(name='Baker St', event_date=now-timedelta(days=12))
party_posse.projects.create(name='Navy Recruitment Day', event_date=now+timedelta(days=6))
b_sharps.projects.create(name='Baby on Board', event_date=now+timedelta(days=28))
bleeding_gums.projects.create(name='Open Mic Night', event_date=now+timedelta(hours=1))
def test_bad_login(self):
with self.assertRaisesMessage(self.failureException, 'Failed to login as admin'):
self.login('admin', 'admin')
def test_admin_ensembles(self): def test_admin_ensembles(self):
self.client.post('/login', {'username': 'admin', 'password': 'foobar'}) self.login('admin', 'secret')
response = self.client.get('/ensembles') response = self.client.get('/ensembles')
self.assertObjectList(response, ['The Be Sharps', 'Lisa & the Bleeding Gums', 'Party Posse']) self.assertObjectList(response, ['The Be Sharps', 'Lisa & the Bleeding Gums', 'Party Posse'])
self.assertContains(response, 'Django Admin') self.assertContains(response, 'Django Admin')
def test_admin_ensemble_permissions(self): def test_admin_ensemble_permissions(self):
self.client.post('/login', {'username': 'admin', 'password': 'foobar'}) self.login('admin', 'secret')
response = self.client.get('/ensembles/party-posse') response = self.client.get('/ensembles/party-posse')
self.assertTrue(response.context['request'].is_admin) self.assertTrue(response.context['request'].is_admin)
self.assertContains(response, "Add project") self.assertContains(response, "Add project")
@ -57,23 +49,23 @@ class InterfaceAccessTestCase(AccessTestCase):
}) })
def test_admin_projects(self): def test_admin_projects(self):
self.client.post('/login', {'username': 'admin', 'password': 'foobar'}) self.login('admin', 'secret')
response = self.client.get('/projects') response = self.client.get('/projects')
self.assertObjectList(response, ['Open Mic Night', 'Navy Recruitment Day', 'Baby on Board']) self.assertObjectList(response, ['Open Mic Night', 'Navy Recruitment Day', 'Barbershop Contest'])
self.assertObjectList(self.client.get('/ensembles/bleeding-gums'), ['Open Mic Night']) self.assertObjectList(self.client.get('/ensembles/bleeding-gums'), ['Open Mic Night'])
self.assertObjectList(self.client.get('/ensembles/bleeding-gums?inactive'), ['Open Mic Night', 'Baker St']) self.assertObjectList(self.client.get('/ensembles/bleeding-gums?inactive'), ['Open Mic Night', 'Baker St'])
def test_user_ensembles(self): def test_user_ensembles(self):
self.client.post('/login', {'username': 'homer', 'password': 'maggie'}) self.login('homer', 'maggie')
response = self.client.get('/ensembles') response = self.client.get('/ensembles')
self.assertObjectList(response, ['The Be Sharps']) self.assertObjectList(response, ['The Be Sharps'])
self.assertNotContains(response, 'Django Admin') self.assertNotContains(response, 'Django Admin')
def test_user_ensemble_permissions(self): def test_user_ensemble_permissions(self):
self.client.post('/login', {'username': 'homer', 'password': 'maggie'}) self.login('homer', 'maggie')
response = self.client.get('/ensembles/be-sharps') response = self.client.get('/ensembles/be-sharps')
self.assertTrue(response.context['request'].is_admin) self.assertTrue(response.context['request'].is_admin)
self.assertContains(response, "Add project") self.assertContains(response, "Add project")
@ -100,9 +92,9 @@ class InterfaceAccessTestCase(AccessTestCase):
self.assertNotContains(response, 'Show all') self.assertNotContains(response, 'Show all')
def test_user_projects(self): def test_user_projects(self):
self.client.post('/login', {'username': 'homer', 'password': 'maggie'}) self.login('homer', 'maggie')
response = self.client.get('/projects') response = self.client.get('/projects')
self.assertObjectList(response, ['Baby on Board']) self.assertObjectList(response, ['Barbershop Contest'])
response = self.client.get('/projects/3') response = self.client.get('/projects/3')
self.assertTrue(response.context['request'].is_admin) self.assertTrue(response.context['request'].is_admin)
@ -118,7 +110,7 @@ class InterfaceAccessTestCase(AccessTestCase):
self.authorize(models.Project, pk=4) self.authorize(models.Project, pk=4)
response = self.client.get('/projects') response = self.client.get('/projects')
self.assertObjectList(response, ['Open Mic Night', 'Baby on Board']) self.assertObjectList(response, ['Open Mic Night', 'Barbershop Contest'])
response = self.client.get('/projects/4') response = self.client.get('/projects/4')
self.assertFalse(response.context['request'].is_admin) self.assertFalse(response.context['request'].is_admin)
@ -164,87 +156,13 @@ class InterfaceAccessTestCase(AccessTestCase):
'/ensembles/bleeding-gums': False, '/ensembles/bleeding-gums': False,
'/ensembles/unknown': False, '/ensembles/unknown': False,
}) })
"""
def authorize(self, model, **kwargs):
object = model.objects.get(**kwargs)
response = self.client.get(f'{object.get_absolute_url()}?auth={object.auth()}')
self.assertEqual(response.status_code, 302)
def assertAccess(self, urls): def test_anon_deauthorize_project(self):
for url, expected in urls.items(): self.authorize(models.Project, pk=4)
response = self.client.get(url) self.assertAccess({
self.assertEqual(response.status_code == 200, expected, f"Expected {expected} for {url} (status: {response.status_code})") '/projects/4': True
})
def assertObjectList(self, response, expected, element='name'): models.Project.objects.filter(pk=4).update(nonce=2)
self.assertEqual(response.status_code, 200, "No result returned") self.assertAccess({
objects = response.context['object_list'].values_list(element, flat=True) '/projects/4': False
self.assertEqual(list(objects), expected) })
"""
"""
def test_redirect(self):
self.skipTest("No redirect")
response = self.client.get('/')
self.assertRedirects(response, '/register?')
def test_redirect_project(self):
response = self.client.get('/projects/1')
self.assertEqual(response.status_code, 404)
#def test_redirect_with_code(self):
# response = self.client.get('/?code=123-456-789')
# self.assertRedirects(response, '/register?code=123-456-789')
def test_register(self):
response = self.client.get('/ensembles/1')
self.assertEqual(response.status_code, 404)
url = utils.signed_url('register', group='ensemble', pk=1)
response = self.client.get(url + "i")
self.assertEqual(response.status_code, 400)
response = self.client.get(url)
self.assertRedirects(response, '/ensembles/1')
response = self.client.get('/ensembles/1')
self.assertEqual(response.context['object'].pk, 1)
response = self.client.get('/projects/1', )
def old_test_register(self):
response = self.client.post('/register', {'code': '123-456-789', })
self.assertFormError(response, 'form', 'passphrase', 'This field is required.')
response = self.client.post('/register', {'code': '123-456-789', 'passphrase': 'Foo'})
self.assertFormError(response, 'form', None, 'Incorrect code or passphrase')
response = self.client.post('/register', {'code': '12-34', 'passphrase': 'Homer'})
self.assertRedirects(response, '/')
response = self.client.get(response.url)
self.assertEqual(response.context['object'].pk, 1)
# revisting original url get redirected back to homepage
response = self.client.get('/?code=12-34')
response = self.client.get(response.url)
response = self.client.get(response.url)
self.assertEqual(response.context['object'].pk, 1)
# providing a new code
response = self.client.get('/?code=23-45')
self.assertRedirects(response, '/register?code=23-45')
response = self.client.get(response.url)
#self.assertQuerysetEqual(response.context['current'], ['<Ensemble: The Be Sharps>'])
#self.assertEqual(response.context['form'].code.initial, 'foo')
response = self.client.post('/register', {'code': '23-45', 'passphrase': 'maggie'})
self.assertRedirects(response, '/')
response = self.client.get('/')
self.assertEqual(response.context['object'].pk, 2)
# can use previous link to switch back without passphrase
response = self.client.get('/?code=12-34')
response = self.client.get(response.url)
response = self.client.get(response.url)
self.assertEqual(response.context['object'].pk, 1)
"""