from django.test import TestCase, Client from interface import models, utils from django.contrib.auth.models import User from . import AccessTestCase class InterfaceAccessTestCase(AccessTestCase): USERS = ( {'username': 'admin', 'password': 'secret', 'is_superuser': True, 'is_staff': True}, {'username': 'homer', 'password': 'maggie'}, ) ENSEMBLES = ( {'name': 'The Be Sharps', 'slug': 'be-sharps', 'admins': ['homer']}, {'name': 'Lisa & the Bleeding Gums', 'slug': 'bleeding-gums'}, {'name': 'Party Posse'}, ) PROJECTS = ( {'name': 'Baker St', 'ensemble': 'bleeding-gums', 'when': -12}, {'name': 'Navy Recruitment Day', 'ensemble': 'party-posse', 'when': 6}, {'name': 'Barbershop Contest', 'ensemble': 'be-sharps', 'when': 28}, {'name': 'Open Mic Night', 'ensemble': 'bleeding-gums', 'when': 1 }, {'name': 'Current Repertoire', 'ensemble': 'be-sharps'}, ) PROTECTED_URLS = ( '/ensembles/be-sharps', '/ensembles/be-sharps/new-project', '/projects/3', '/projects/3/resources', '/projects/3/resources/add', '/admin/interface/ensemble/', '/admin/interface/project/', '/admin/interface/resource/', '/admin/interface/wikipage/', ) def test_bad_login(self): with self.assertRaisesMessage(self.failureException, 'Failed to login as admin'): self.login('admin', 'admin') def test_superuser_ensembles(self): self.login('admin', 'secret') response = self.client.get('/ensembles') self.assertObjectList(response, ['The Be Sharps', 'Lisa & the Bleeding Gums', 'Party Posse']) self.assertContains(response, 'Django Admin') def test_superuser_ensemble_permissions(self): self.login('admin', 'secret') response = self.client.get('/ensembles/party-posse') self.assertTrue(response.context['request'].is_admin) self.assertContains(response, "Add project") self.assertAccess({ '/ensembles/be-sharps': True, '/ensembles/bleeding-gums': True, '/ensembles/party-posse': True, '/ensembles/unknown': False, '/ensembles/be-sharps/new-project': True, }) def test_superuser_projects(self): self.login('admin', 'secret') response = self.client.get('/projects') self.assertObjectList(response, ['Current Repertoire', 'Open Mic Night', 'Navy Recruitment Day', 'Barbershop Contest']) self.assertObjectList(self.client.get('/ensembles/bleeding-gums'), ['Open Mic Night']) self.assertObjectList(self.client.get('/ensembles/bleeding-gums?inactive'), ['Open Mic Night', 'Baker St']) def test_user_ensembles(self): self.login('homer', 'maggie') response = self.client.get('/ensembles') self.assertObjectList(response, ['The Be Sharps']) self.assertNotContains(response, 'Django Admin') def test_user_ensemble_permissions(self): self.login('homer', 'maggie') response = self.client.get('/ensembles/be-sharps') self.assertTrue(response.context['request'].is_admin) self.assertContains(response, "Add project") self.assertContains(response, 'Show all') self.assertAccess({ '/ensembles/be-sharps': True, '/ensembles/bleeding-gums': False, '/ensembles/party-posse': False, '/ensembles/be-sharps/new-project': True, '/ensembles/party-posse/new-project': False, }) self.authorize(models.Ensemble, slug='bleeding-gums') self.assertAccess({ '/ensembles/be-sharps': True, '/ensembles/bleeding-gums': True, '/ensembles/party-posse': False, '/ensembles/be-sharps/new-project': True, '/ensembles/party-posse/new-project': False, }) response = self.client.get('/ensembles/bleeding-gums') self.assertFalse(response.context['request'].is_admin) self.assertNotContains(response, 'Add project') self.assertNotContains(response, 'Show all') def test_user_projects(self): self.login('homer', 'maggie') response = self.client.get('/projects') self.assertObjectList(response, ['Current Repertoire', 'Barbershop Contest']) response = self.client.get('/projects/3') self.assertTrue(response.context['request'].is_admin) self.assertAccess({ '/projects/3': True, '/projects/3/resources': True, '/projects/3/resources/add': True, '/projects/4': False, '/projects/4/resources': False, '/projects/4/resources/add': False, }) self.authorize(models.Project, pk=4) response = self.client.get('/projects') self.assertObjectList(response, ['Current Repertoire', 'Open Mic Night', 'Barbershop Contest']) response = self.client.get('/projects/4') self.assertFalse(response.context['request'].is_admin) def test_anon_ensembles(self): response = self.client.get('/ensembles') self.assertObjectList(response, []) self.assertContains(response, 'You don\'t currently have access to any ensembles') def test_anon_authorized_ensemble(self): self.authorize(models.Ensemble, slug='party-posse') response = self.client.get('/ensembles/party-posse') self.assertContains(response, 'Party Posse') response = self.client.get('/ensembles') self.assertObjectList(response, ['Party Posse']) self.assertAccess({ '/ensembles/be-sharps': False, '/ensembles/party-posse': True, '/ensembles/bleeding-gums': False, '/ensembles/unknown': False, }) response = self.client.get('/projects') self.assertObjectList(response, ['Navy Recruitment Day']) def test_anon_authorized_project(self): self.authorize(models.Project, pk=4) self.assertObjectList(self.client.get('/projects'), ['Open Mic Night']) self.assertObjectList(self.client.get('/ensembles'), ['Lisa & the Bleeding Gums']) self.assertAccess({ '/projects/4': True, '/projects/4/resources': True, '/projects/1': False, '/projects/1/resources': False, }) def test_anon_permission_denied(self): self.assertAccess({ '/ensembles': True, '/ensembles/be-sharps': False, '/ensembles/party-posse': False, '/ensembles/bleeding-gums': False, '/ensembles/unknown': False, }) def test_anon_deauthorize_project(self): self.authorize(models.Project, pk=4) self.assertAccess({ '/projects/4': True }) models.Project.objects.filter(pk=4).update(nonce=2) self.assertAccess({ '/projects/4': False })