def test_user_detail_works_at_all(rf, admin_user):
shop = get_default_shop()
user = get_user_model().objects.create(
username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******"
)
view_func = UserDetailView.as_view()
response = view_func(apply_request_middleware(rf.get("/"), user=admin_user), pk=user.pk)
assert response.status_code == 200
response.render()
assert force_text(user) in force_text(response.content)
response = view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=user.pk)
assert response.status_code < 500 and not get_user_model().objects.get(pk=user.pk).is_active
with pytest.raises(Problem):
view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=admin_user.pk)
user = get_user_model().objects.create(
username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******",
is_staff=True,
is_superuser=False
)
shop.staff_members.add(user)
# non superusers can't see superusers
with pytest.raises(Http404):
view_func(apply_request_middleware(rf.get("/"), user=user), pk=admin_user.pk)
def test_user_detail_and_login_as_url(rf, admin_user):
shop = get_default_shop()
user = get_user_model().objects.create(username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******")
view_func = UserDetailView.as_view()
response = view_func(apply_request_middleware(rf.get("/"),
user=admin_user),
pk=user.pk)
assert response.status_code == 200
response.render()
assert force_text(user) in force_text(response.content)
login_as_url = reverse("shuup_admin:user.login-as", kwargs={"pk": user.pk})
assert force_text(login_as_url) in force_text(response.content)
with override_settings(SHUUP_ADMIN_LOGIN_AS_REDIRECT_VIEW="giberish"):
response = view_func(apply_request_middleware(rf.get("/"),
user=admin_user),
pk=user.pk)
assert response.status_code == 200
response.render()
assert force_text(user) in force_text(response.content)
login_as_url = reverse("shuup_admin:user.login-as",
kwargs={"pk": user.pk})
assert force_text(login_as_url) not in force_text(response.content)
def test_user_detail_contact_seed(rf, admin_user):
get_default_shop()
contact = create_random_person()
# Using random data for name and email would need escaping when
# checking if it is rendered, therefore use something very basic instead
contact.name = "Matti Perustyyppi"
contact.email = "*****@*****.**"
contact.save()
view_func = UserDetailView.as_view()
# Check that fields populate . . .
request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}), user=admin_user)
response = view_func(request)
response.render()
content = force_text(response.content)
assert force_text(contact.first_name) in content
assert force_text(contact.last_name) in content
assert force_text(contact.email) in content
# POST the password too to create the user . . .
post = extract_form_fields(BeautifulSoup(content))
post["password"] = "******"
request.method = "POST"
request.POST = post
response = view_func(request)
assert response.status_code < 500
# Check this new user is visible in the details now
user = Contact.objects.get(pk=contact.pk).user
request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}), user=admin_user)
response = view_func(request, pk=user.pk)
response.render()
content = force_text(response.content)
assert force_text(contact.first_name) in content
assert force_text(contact.last_name) in content
assert force_text(contact.email) in content
def test_user_detail_contact_seed(rf):
get_default_shop()
contact = create_random_person()
# Using random data for name and email would need escaping when
# checking if it is rendered, therefore use something very basic instead
contact.name = "Matti Perustyyppi"
contact.email = "*****@*****.**"
contact.save()
view_func = UserDetailView.as_view()
# Check that fields populate . . .
request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}))
response = view_func(request)
response.render()
content = force_text(response.content)
assert force_text(contact.first_name) in content
assert force_text(contact.last_name) in content
assert force_text(contact.email) in content
# POST the password too to create the user . . .
post = extract_form_fields(BeautifulSoup(content))
post["password"] = "******"
request.method = "POST"
request.POST = post
response = view_func(request)
assert response.status_code < 500
# Check this new user is visible in the details now
user = Contact.objects.get(pk=contact.pk).user
request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}))
response = view_func(request, pk=user.pk)
response.render()
content = force_text(response.content)
assert force_text(contact.first_name) in content
assert force_text(contact.last_name) in content
assert force_text(contact.email) in content
def test_user_detail_works_at_all(rf, admin_user):
shop = get_default_shop()
user = get_user_model().objects.create(
username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******"
)
view_func = UserDetailView.as_view()
response = view_func(apply_request_middleware(rf.get("/"), user=admin_user), pk=user.pk)
assert response.status_code == 200
response.render()
assert force_text(user) in force_text(response.content)
response = view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=user.pk)
assert response.status_code < 500 and not get_user_model().objects.get(pk=user.pk).is_active
with pytest.raises(Problem):
view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=admin_user.pk)
user = get_user_model().objects.create(
username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******",
is_staff=True,
is_superuser=False
)
shop.staff_members.add(user)
# non superusers can't see superusers
with pytest.raises(Http404):
view_func(apply_request_middleware(rf.get("/"), user=user), pk=admin_user.pk)
def test_user_create(rf, admin_user):
get_default_shop()
view_func = UserDetailView.as_view()
before_count = get_user_model().objects.count()
response = view_func(
apply_request_middleware(rf.post(
"/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"send_confirmation": True
}),
user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 1
assert not len(mail.outbox), "mail not sent since user is not staff"
response = view_func(
apply_request_middleware(rf.post(
"/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"is_staff": True,
"send_confirmation": True
}),
user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 2
assert len(mail.outbox) == 1, "mail sent"
user = get_user_model().objects.create(username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******",
is_staff=True,
is_superuser=False)
response = view_func(apply_request_middleware(rf.get("/", user=user)))
assert response.status_code == 200
response.render()
assert "Staff status" not in force_text(response.content)
assert "Superuser status" not in force_text(response.content)
def test_user_create(rf, admin_user):
shop = get_default_shop()
view_func = UserDetailView.as_view()
before_count = get_user_model().objects.count()
response = view_func(
apply_request_middleware(rf.post(
"/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"send_confirmation": True
}),
user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 1
last_user = get_user_model().objects.last()
assert last_user not in shop.staff_members.all()
assert not len(mail.outbox), "mail not sent since user is not staff"
response = view_func(
apply_request_middleware(rf.post(
"/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"is_staff": True,
"send_confirmation": True
}),
user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 2
last_user = get_user_model().objects.last()
assert last_user in shop.staff_members.all()
assert len(mail.outbox) == 1, "mail sent"
user = get_user_model().objects.create(username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******",
is_staff=True,
is_superuser=False)
response = view_func(
apply_request_middleware(rf.get("/"), user=user, skip_session=True))
assert response.status_code == 200
response.render()
assert "Staff status" not in force_text(response.content)
assert "Superuser status" not in force_text(response.content)
# remove user staff permission
view_func = UserChangePermissionsView.as_view()
response = view_func(apply_request_middleware(rf.post(
"/", {"is_staff": False}),
user=admin_user),
pk=last_user.id)
assert response.status_code == 302
last_user = get_user_model().objects.last()
assert last_user not in shop.staff_members.all()
# add again
view_func = UserChangePermissionsView.as_view()
response = view_func(apply_request_middleware(rf.post(
"/", {"is_staff": True}),
user=admin_user),
pk=last_user.id)
assert response.status_code == 302
last_user = get_user_model().objects.last()
assert last_user in shop.staff_members.all()
# create a superuser
view_func = UserDetailView.as_view()
response = view_func(
apply_request_middleware(rf.post(
"/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"is_staff": True,
"is_superuser": True,
"send_confirmation": False
}),
user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 4
last_user = get_user_model().objects.last()
# superuser shouldn't be added to staff members
assert last_user not in shop.staff_members.all()
# change the superuser
response = view_func(apply_request_middleware(rf.post(
"/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test2",
"last_name": "test",
"password": "******",
"is_staff": True,
"is_superuser": True,
}),
user=admin_user),
pk=last_user.pk)
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 4
last_user = get_user_model().objects.last()
# superuser shouldn't be added to staff members
assert last_user not in shop.staff_members.all()
def test_user_create(rf, admin_user):
shop = get_default_shop()
view_func = UserDetailView.as_view()
before_count = get_user_model().objects.count()
response = view_func(apply_request_middleware(rf.post("/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"send_confirmation": True
}), user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 1
last_user = get_user_model().objects.last()
assert last_user not in shop.staff_members.all()
assert not len(mail.outbox), "mail not sent since user is not staff"
response = view_func(apply_request_middleware(rf.post("/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"is_staff": True,
"send_confirmation": True
}), user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 2
last_user = get_user_model().objects.last()
assert last_user in shop.staff_members.all()
assert len(mail.outbox) == 1, "mail sent"
user = get_user_model().objects.create(
username=printable_gibberish(20),
first_name=printable_gibberish(10),
last_name=printable_gibberish(10),
password="******",
is_staff=True,
is_superuser=False
)
response = view_func(apply_request_middleware(rf.get("/"), user=user, skip_session=True))
assert response.status_code == 200
response.render()
assert "Staff status" not in force_text(response.content)
assert "Superuser status" not in force_text(response.content)
# remove user staff permission
view_func = UserChangePermissionsView.as_view()
response = view_func(apply_request_middleware(rf.post("/", {
"is_staff": False
}), user=admin_user), pk=last_user.id)
assert response.status_code == 302
last_user = get_user_model().objects.last()
assert last_user not in shop.staff_members.all()
# add again
view_func = UserChangePermissionsView.as_view()
response = view_func(apply_request_middleware(rf.post("/", {
"is_staff": True
}), user=admin_user), pk=last_user.id)
assert response.status_code == 302
last_user = get_user_model().objects.last()
assert last_user in shop.staff_members.all()
# create a superuser
view_func = UserDetailView.as_view()
response = view_func(apply_request_middleware(rf.post("/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test",
"last_name": "test",
"password": "******",
"is_staff": True,
"is_superuser": True,
"send_confirmation": False
}), user=admin_user))
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 4
last_user = get_user_model().objects.last()
# superuser shouldn't be added to staff members
assert last_user not in shop.staff_members.all()
# change the superuser
response = view_func(apply_request_middleware(rf.post("/", {
"username": "******",
"email": "*****@*****.**",
"first_name": "test2",
"last_name": "test",
"password": "******",
"is_staff": True,
"is_superuser": True,
}), user=admin_user), pk=last_user.pk)
assert response.status_code == 302
assert get_user_model().objects.count() == before_count + 4
last_user = get_user_model().objects.last()
# superuser shouldn't be added to staff members
assert last_user not in shop.staff_members.all()
