from interface import models from . import AccessTestCase class InterfaceAccessTestCase(AccessTestCase): USERS = ( { "username": "admin", "password": "secret", "is_superuser": True, "is_staff": True, }, {"username": "homer", "password": "maggie"}, ) ENSEMBLES = ( {"name": "The Be Sharps", "slug": "be-sharps", "admins": ["homer"]}, {"name": "Lisa & the Bleeding Gums", "slug": "bleeding-gums"}, {"name": "Party Posse"}, ) PROJECTS = ( {"name": "Baker St", "ensemble": "bleeding-gums", "when": -12}, {"name": "Navy Recruitment Day", "ensemble": "party-posse", "when": 6}, {"name": "Barbershop Contest", "ensemble": "be-sharps", "when": 28}, {"name": "Open Mic Night", "ensemble": "bleeding-gums", "when": 1}, {"name": "Current Repertoire", "ensemble": "be-sharps"}, ) PROTECTED_URLS = ( "/ensembles/be-sharps", "/ensembles/be-sharps/new-project", "/projects/3", "/projects/3/resources", "/projects/3/resources/add", "/admin/interface/ensemble/", "/admin/interface/project/", "/admin/interface/resource/", "/admin/interface/wikipage/", ) def test_bad_login(self): with self.assertRaisesMessage( self.failureException, "Failed to login as admin" ): self.login("admin", "admin") def test_superuser_ensembles(self): self.login("admin", "secret") response = self.client.get("/ensembles") self.assertObjectList( response, ["The Be Sharps", "Lisa & the Bleeding Gums", "Party Posse"] ) self.assertContains(response, "Django Admin") def test_superuser_ensemble_permissions(self): self.login("admin", "secret") response = self.client.get("/ensembles/party-posse") self.assertTrue(response.context["request"].is_admin) self.assertContains(response, "Add project") self.assertAccess( { "/ensembles/be-sharps": True, "/ensembles/bleeding-gums": True, "/ensembles/party-posse": True, "/ensembles/unknown": False, "/ensembles/be-sharps/new-project": True, } ) def test_superuser_projects(self): self.login("admin", "secret") response = self.client.get("/projects") self.assertObjectList( response, [ "Current Repertoire", "Open Mic Night", "Navy Recruitment Day", "Barbershop Contest", ], ) self.assertObjectList( self.client.get("/ensembles/bleeding-gums"), ["Open Mic Night"] ) self.assertObjectList( self.client.get("/ensembles/bleeding-gums?inactive"), ["Open Mic Night", "Baker St"], ) def test_user_ensembles(self): self.login("homer", "maggie") response = self.client.get("/ensembles") self.assertObjectList(response, ["The Be Sharps"]) self.assertNotContains(response, "Django Admin") def test_user_ensemble_permissions(self): self.login("homer", "maggie") response = self.client.get("/ensembles/be-sharps") self.assertTrue(response.context["request"].is_admin) self.assertContains(response, "Add project") self.assertContains(response, "Show all") self.assertAccess( { "/ensembles/be-sharps": True, "/ensembles/bleeding-gums": False, "/ensembles/party-posse": False, "/ensembles/be-sharps/new-project": True, "/ensembles/party-posse/new-project": False, } ) self.authorize(models.Ensemble, slug="bleeding-gums") self.assertAccess( { "/ensembles/be-sharps": True, "/ensembles/bleeding-gums": True, "/ensembles/party-posse": False, "/ensembles/be-sharps/new-project": True, "/ensembles/party-posse/new-project": False, } ) response = self.client.get("/ensembles/bleeding-gums") self.assertFalse(response.context["request"].is_admin) self.assertNotContains(response, "Add project") self.assertNotContains(response, "Show all") def test_user_projects(self): self.login("homer", "maggie") response = self.client.get("/projects") self.assertObjectList(response, ["Current Repertoire", "Barbershop Contest"]) response = self.client.get("/projects/3") self.assertTrue(response.context["request"].is_admin) self.assertAccess( { "/projects/3": True, "/projects/3/resources": True, "/projects/3/resources/add": True, "/projects/4": False, "/projects/4/resources": False, "/projects/4/resources/add": False, } ) self.authorize(models.Project, pk=4) response = self.client.get("/projects") self.assertObjectList( response, ["Current Repertoire", "Open Mic Night", "Barbershop Contest"] ) response = self.client.get("/projects/4") self.assertFalse(response.context["request"].is_admin) def test_anon_ensembles(self): response = self.client.get("/ensembles") self.assertObjectList(response, []) self.assertContains( response, "You don't currently have access to any ensembles" ) def test_anon_authorized_ensemble(self): self.authorize(models.Ensemble, slug="party-posse") response = self.client.get("/ensembles/party-posse") self.assertContains(response, "Party Posse") response = self.client.get("/ensembles") self.assertObjectList(response, ["Party Posse"]) self.assertAccess( { "/ensembles/be-sharps": False, "/ensembles/party-posse": True, "/ensembles/bleeding-gums": False, "/ensembles/unknown": False, } ) response = self.client.get("/projects") self.assertObjectList(response, ["Navy Recruitment Day"]) def test_anon_authorized_project(self): self.authorize(models.Project, pk=4) self.assertObjectList(self.client.get("/projects"), ["Open Mic Night"]) self.assertObjectList( self.client.get("/ensembles"), ["Lisa & the Bleeding Gums"] ) self.assertAccess( { "/projects/4": True, "/projects/4/resources": True, "/projects/1": False, "/projects/1/resources": False, } ) def test_anon_permission_denied(self): self.assertAccess( { "/ensembles": True, "/ensembles/be-sharps": False, "/ensembles/party-posse": False, "/ensembles/bleeding-gums": False, "/ensembles/unknown": False, } ) def test_anon_deauthorize_project(self): self.authorize(models.Project, pk=4) self.assertAccess({"/projects/4": True}) models.Project.objects.filter(pk=4).update(nonce=2) self.assertAccess({"/projects/4": False})