183 lines
6.9 KiB
Python
183 lines
6.9 KiB
Python
from django.test import TestCase, Client
|
|
|
|
from interface import models, utils
|
|
from django.contrib.auth.models import User
|
|
|
|
from . import AccessTestCase
|
|
|
|
class InterfaceAccessTestCase(AccessTestCase):
|
|
|
|
USERS = (
|
|
{'username': 'admin', 'password': 'secret', 'is_superuser': True, 'is_staff': True},
|
|
{'username': 'homer', 'password': 'maggie'},
|
|
)
|
|
|
|
ENSEMBLES = (
|
|
{'name': 'The Be Sharps', 'slug': 'be-sharps', 'admins': ['homer']},
|
|
{'name': 'Lisa & the Bleeding Gums', 'slug': 'bleeding-gums'},
|
|
{'name': 'Party Posse'},
|
|
)
|
|
|
|
PROJECTS = (
|
|
{'name': 'Baker St', 'ensemble': 'bleeding-gums', 'when': -12},
|
|
{'name': 'Navy Recruitment Day', 'ensemble': 'party-posse', 'when': 6},
|
|
{'name': 'Barbershop Contest', 'ensemble': 'be-sharps', 'when': 28},
|
|
{'name': 'Open Mic Night', 'ensemble': 'bleeding-gums', 'when': 1 },
|
|
{'name': 'Current Repertoire', 'ensemble': 'be-sharps'},
|
|
)
|
|
|
|
PROTECTED_URLS = (
|
|
'/ensembles/be-sharps',
|
|
'/ensembles/be-sharps/new-project',
|
|
|
|
'/projects/3',
|
|
'/projects/3/resources',
|
|
'/projects/3/resources/add',
|
|
|
|
'/admin/interface/ensemble/',
|
|
'/admin/interface/project/',
|
|
'/admin/interface/resource/',
|
|
'/admin/interface/wikipage/',
|
|
)
|
|
|
|
def test_bad_login(self):
|
|
with self.assertRaisesMessage(self.failureException, 'Failed to login as admin'):
|
|
self.login('admin', 'admin')
|
|
|
|
def test_superuser_ensembles(self):
|
|
self.login('admin', 'secret')
|
|
response = self.client.get('/ensembles')
|
|
self.assertObjectList(response, ['The Be Sharps', 'Lisa & the Bleeding Gums', 'Party Posse'])
|
|
self.assertContains(response, 'Django Admin')
|
|
|
|
def test_superuser_ensemble_permissions(self):
|
|
self.login('admin', 'secret')
|
|
response = self.client.get('/ensembles/party-posse')
|
|
self.assertTrue(response.context['request'].is_admin)
|
|
self.assertContains(response, "Add project")
|
|
self.assertAccess({
|
|
'/ensembles/be-sharps': True,
|
|
'/ensembles/bleeding-gums': True,
|
|
'/ensembles/party-posse': True,
|
|
'/ensembles/unknown': False,
|
|
'/ensembles/be-sharps/new-project': True,
|
|
})
|
|
|
|
def test_superuser_projects(self):
|
|
self.login('admin', 'secret')
|
|
response = self.client.get('/projects')
|
|
self.assertObjectList(response, ['Current Repertoire', 'Open Mic Night', 'Navy Recruitment Day', 'Barbershop Contest'])
|
|
|
|
self.assertObjectList(self.client.get('/ensembles/bleeding-gums'), ['Open Mic Night'])
|
|
self.assertObjectList(self.client.get('/ensembles/bleeding-gums?inactive'), ['Open Mic Night', 'Baker St'])
|
|
|
|
|
|
def test_user_ensembles(self):
|
|
self.login('homer', 'maggie')
|
|
response = self.client.get('/ensembles')
|
|
self.assertObjectList(response, ['The Be Sharps'])
|
|
|
|
self.assertNotContains(response, 'Django Admin')
|
|
|
|
def test_user_ensemble_permissions(self):
|
|
self.login('homer', 'maggie')
|
|
response = self.client.get('/ensembles/be-sharps')
|
|
self.assertTrue(response.context['request'].is_admin)
|
|
self.assertContains(response, "Add project")
|
|
self.assertContains(response, 'Show all')
|
|
self.assertAccess({
|
|
'/ensembles/be-sharps': True,
|
|
'/ensembles/bleeding-gums': False,
|
|
'/ensembles/party-posse': False,
|
|
'/ensembles/be-sharps/new-project': True,
|
|
'/ensembles/party-posse/new-project': False,
|
|
})
|
|
|
|
self.authorize(models.Ensemble, slug='bleeding-gums')
|
|
self.assertAccess({
|
|
'/ensembles/be-sharps': True,
|
|
'/ensembles/bleeding-gums': True,
|
|
'/ensembles/party-posse': False,
|
|
'/ensembles/be-sharps/new-project': True,
|
|
'/ensembles/party-posse/new-project': False,
|
|
})
|
|
response = self.client.get('/ensembles/bleeding-gums')
|
|
self.assertFalse(response.context['request'].is_admin)
|
|
self.assertNotContains(response, 'Add project')
|
|
self.assertNotContains(response, 'Show all')
|
|
|
|
def test_user_projects(self):
|
|
self.login('homer', 'maggie')
|
|
response = self.client.get('/projects')
|
|
self.assertObjectList(response, ['Current Repertoire', 'Barbershop Contest'])
|
|
response = self.client.get('/projects/3')
|
|
self.assertTrue(response.context['request'].is_admin)
|
|
|
|
|
|
self.assertAccess({
|
|
'/projects/3': True,
|
|
'/projects/3/resources': True,
|
|
'/projects/3/resources/add': True,
|
|
'/projects/4': False,
|
|
'/projects/4/resources': False,
|
|
'/projects/4/resources/add': False,
|
|
})
|
|
|
|
self.authorize(models.Project, pk=4)
|
|
response = self.client.get('/projects')
|
|
self.assertObjectList(response, ['Current Repertoire', 'Open Mic Night', 'Barbershop Contest'])
|
|
response = self.client.get('/projects/4')
|
|
self.assertFalse(response.context['request'].is_admin)
|
|
|
|
def test_anon_ensembles(self):
|
|
response = self.client.get('/ensembles')
|
|
self.assertObjectList(response, [])
|
|
self.assertContains(response, 'You don\'t currently have access to any ensembles')
|
|
|
|
def test_anon_authorized_ensemble(self):
|
|
self.authorize(models.Ensemble, slug='party-posse')
|
|
response = self.client.get('/ensembles/party-posse')
|
|
self.assertContains(response, 'Party Posse')
|
|
|
|
response = self.client.get('/ensembles')
|
|
self.assertObjectList(response, ['Party Posse'])
|
|
|
|
self.assertAccess({
|
|
'/ensembles/be-sharps': False,
|
|
'/ensembles/party-posse': True,
|
|
'/ensembles/bleeding-gums': False,
|
|
'/ensembles/unknown': False,
|
|
})
|
|
response = self.client.get('/projects')
|
|
self.assertObjectList(response, ['Navy Recruitment Day'])
|
|
|
|
def test_anon_authorized_project(self):
|
|
self.authorize(models.Project, pk=4)
|
|
self.assertObjectList(self.client.get('/projects'), ['Open Mic Night'])
|
|
self.assertObjectList(self.client.get('/ensembles'), ['Lisa & the Bleeding Gums'])
|
|
|
|
self.assertAccess({
|
|
'/projects/4': True,
|
|
'/projects/4/resources': True,
|
|
'/projects/1': False,
|
|
'/projects/1/resources': False,
|
|
})
|
|
|
|
def test_anon_permission_denied(self):
|
|
self.assertAccess({
|
|
'/ensembles': True,
|
|
'/ensembles/be-sharps': False,
|
|
'/ensembles/party-posse': False,
|
|
'/ensembles/bleeding-gums': False,
|
|
'/ensembles/unknown': False,
|
|
})
|
|
|
|
def test_anon_deauthorize_project(self):
|
|
self.authorize(models.Project, pk=4)
|
|
self.assertAccess({
|
|
'/projects/4': True
|
|
})
|
|
models.Project.objects.filter(pk=4).update(nonce=2)
|
|
self.assertAccess({
|
|
'/projects/4': False
|
|
}) |