Ejemplo n.º 1
0
    def test_only_staff_can_access_delete_user_disclaimer(self):
        # no logged in user
        encoded_user_id = int_str(chaffify(self.user.id))
        url = reverse('studioadmin:delete_user_disclaimer',
                      args=[encoded_user_id])
        resp = self.client.get(url)
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # normal user
        resp = self._get_response(url, DisclaimerUpdateView, self.user,
                                  encoded_user_id)
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # instructor user
        resp = self._get_response(url, DisclaimerUpdateView,
                                  self.instructor_user, encoded_user_id)
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # staff user
        resp = self._get_response(url, DisclaimerUpdateView, self.staff_user,
                                  encoded_user_id)
        self.assertEqual(resp.status_code, 200)
    def test_only_staff_can_access_delete_user_disclaimer(self):
        # no logged in user
        encoded_user_id = int_str(chaffify(self.user.id))
        url = reverse(
            'studioadmin:delete_user_disclaimer', args=[encoded_user_id]
        )
        resp = self.client.get(url)
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # normal user
        resp = self._get_response(
            url, DisclaimerUpdateView, self.user, encoded_user_id
        )
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # instructor user
        resp = self._get_response(
            url, DisclaimerUpdateView, self.instructor_user, encoded_user_id
        )
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # staff user
        resp = self._get_response(
            url, DisclaimerUpdateView, self.staff_user, encoded_user_id
        )
        self.assertEqual(resp.status_code, 200)
Ejemplo n.º 3
0
 def test_encoded_id_with_specified_chaff_values(self):
     encoded_id = int_str(chaffify(self.user.id, 12345))
     self.assertEqual(
         dechaffify(str_int(encoded_id), 12345), self.user.id
     )
     # with non-matching chaff
     with self.assertRaises(ValueError):
         dechaffify(str_int(encoded_id), 1234)
Ejemplo n.º 4
0
 def test_encoded_id_with_specified_keyspaces(self):
     encoded_id = int_str(chaffify(self.user.id), 'abcdefghisjkl')
     self.assertEqual(
         dechaffify(str_int(encoded_id, 'abcdefghisjkl')), self.user.id
     )
     # with non-matching keyspaces
     with self.assertRaises(ValueError):
         dechaffify(str_int(encoded_id, 'abcdefghisjk'))
 def test_get_delete_disclaimer_view(self):
     encoded_user_id = int_str(chaffify(self.user.id))
     delete_url = reverse(
         'studioadmin:delete_user_disclaimer', args=[encoded_user_id]
     )
     resp = self._get_response(
         delete_url, DisclaimerDeleteView, self.staff_user, encoded_user_id,
     )
     self.assertEqual(resp.context_data['user'], self.user)
Ejemplo n.º 6
0
 def test_delete_disclaimer(self):
     self.assertEqual(OnlineDisclaimer.objects.count(), 1)
     encoded_user_id = int_str(chaffify(self.user.id))
     delete_url = reverse('studioadmin:delete_user_disclaimer',
                          args=[encoded_user_id])
     resp = self._post_response(delete_url, DisclaimerDeleteView,
                                self.staff_user, encoded_user_id,
                                self.post_data)
     self.assertEqual(OnlineDisclaimer.objects.count(), 0)
Ejemplo n.º 7
0
 def test_update_dislaimer(self):
     self.assertIsNone(self.disclaimer.home_phone)  # null by default
     encoded_user_id = int_str(chaffify(self.user.id))
     update_url = reverse('studioadmin:update_user_disclaimer',
                          args=[encoded_user_id])
     resp = self._post_response(update_url, DisclaimerUpdateView,
                                self.staff_user, encoded_user_id,
                                self.post_data)
     self.disclaimer.refresh_from_db()
     self.assertEqual(self.disclaimer.home_phone, '123445')
Ejemplo n.º 8
0
 def test_update_dislaimer_sets_date_updated(self):
     self.assertIsNone(self.disclaimer.date_updated)
     encoded_user_id = int_str(chaffify(self.user.id))
     update_url = reverse('studioadmin:update_user_disclaimer',
                          args=[encoded_user_id])
     resp = self._post_response(update_url, DisclaimerUpdateView,
                                self.staff_user, encoded_user_id,
                                self.post_data)
     self.disclaimer.refresh_from_db()
     self.assertIsNotNone(self.disclaimer.date_updated)
Ejemplo n.º 9
0
 def test_user_password_required_to_update_disclaimer(self):
     self.assertNotEqual(self.disclaimer.address, '1 test st')
     encoded_user_id = int_str(chaffify(self.user.id))
     update_url = reverse('studioadmin:update_user_disclaimer',
                          args=[encoded_user_id])
     resp = self._post_response(update_url, DisclaimerUpdateView,
                                self.staff_user, encoded_user_id,
                                self.post_data)
     self.disclaimer.refresh_from_db()
     self.assertEqual(self.disclaimer.address, '1 test st')
Ejemplo n.º 10
0
 def test_delete_disclaimer(self):
     self.assertEqual(OnlineDisclaimer.objects.count(), 1)
     encoded_user_id = int_str(chaffify(self.user.id))
     delete_url = reverse(
         'studioadmin:delete_user_disclaimer', args=[encoded_user_id]
     )
     resp = self._post_response(
         delete_url, DisclaimerDeleteView, self.staff_user, encoded_user_id,
         self.post_data
     )
     self.assertEqual(OnlineDisclaimer.objects.count(), 0)
Ejemplo n.º 11
0
 def test_get_delete_disclaimer_view(self):
     encoded_user_id = int_str(chaffify(self.user.id))
     delete_url = reverse('studioadmin:delete_user_disclaimer',
                          args=[encoded_user_id])
     resp = self._get_response(
         delete_url,
         DisclaimerDeleteView,
         self.staff_user,
         encoded_user_id,
     )
     self.assertEqual(resp.context_data['user'], self.user)
Ejemplo n.º 12
0
    def test_user_password_incorrect(self):
        encoded_user_id = int_str(chaffify(self.user.id))
        update_url = reverse('studioadmin:update_user_disclaimer',
                             args=[encoded_user_id])
        self.post_data['password'] = '******'

        self.assertTrue(
            self.client.login(username=self.staff_user.username,
                              password='******'))
        resp = self.client.post(update_url, self.post_data, follow=True)
        self.assertIn('Password is incorrect',
                      format_content(resp.rendered_content))
Ejemplo n.º 13
0
 def test_update_dislaimer(self):
     self.assertIsNone(self.disclaimer.home_phone)  # null by default
     encoded_user_id = int_str(chaffify(self.user.id))
     update_url = reverse(
         'studioadmin:update_user_disclaimer', args=[encoded_user_id]
     )
     resp = self._post_response(
         update_url, DisclaimerUpdateView, self.staff_user, encoded_user_id,
         self.post_data
     )
     self.disclaimer.refresh_from_db()
     self.assertEqual(self.disclaimer.home_phone, '123445')
Ejemplo n.º 14
0
 def test_user_password_required_to_update_disclaimer(self):
     self.assertNotEqual(self.disclaimer.address, '1 test st')
     encoded_user_id = int_str(chaffify(self.user.id))
     update_url = reverse(
         'studioadmin:update_user_disclaimer', args=[encoded_user_id]
     )
     resp = self._post_response(
         update_url, DisclaimerUpdateView, self.staff_user, encoded_user_id,
         self.post_data
     )
     self.disclaimer.refresh_from_db()
     self.assertEqual(self.disclaimer.address, '1 test st')
Ejemplo n.º 15
0
 def test_update_dislaimer_sets_date_updated(self):
     self.assertIsNone(self.disclaimer.date_updated)
     encoded_user_id = int_str(chaffify(self.user.id))
     update_url = reverse(
         'studioadmin:update_user_disclaimer', args=[encoded_user_id]
     )
     resp = self._post_response(
         update_url, DisclaimerUpdateView, self.staff_user, encoded_user_id,
         self.post_data
     )
     self.disclaimer.refresh_from_db()
     self.assertIsNotNone(self.disclaimer.date_updated)
Ejemplo n.º 16
0
    def test_user_password_incorrect(self):
        encoded_user_id = int_str(chaffify(self.user.id))
        update_url = reverse(
            'studioadmin:update_user_disclaimer', args=[encoded_user_id]
        )
        self.post_data['password'] = '******'

        self.assertTrue(
            self.client.login(username=self.staff_user.username, password='******')
        )
        resp = self.client.post(update_url, self.post_data, follow=True)
        self.assertIn(
            'Password is incorrect', format_content(resp.rendered_content)
        )
Ejemplo n.º 17
0
    def test_only_staff_or_instructor_can_access_user_disclaimer(self):
        # no logged in user
        encoded_user_id = int_str(chaffify(self.user.id))
        resp = self.client.get(
            reverse('studioadmin:user_disclaimer', args=[encoded_user_id]))
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('login'), resp.url)

        # normal user
        resp = self._get_user_disclaimer(self.user, encoded_user_id)
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # staff user
        resp = self._get_user_disclaimer(self.staff_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)

        # instructpr user
        resp = self._get_user_disclaimer(self.instructor_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)
Ejemplo n.º 18
0
    def test_update_and_delete_buttons_not_shown_for_instructors(self):
        encoded_user_id = int_str(chaffify(self.user.id))
        update_url = reverse('studioadmin:update_user_disclaimer',
                             args=[encoded_user_id])
        delete_url = reverse('studioadmin:delete_user_disclaimer',
                             args=[encoded_user_id])

        resp = self._get_user_disclaimer(self.instructor_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)
        self.assertNotIn('Update', resp.rendered_content)
        self.assertNotIn(update_url, resp.rendered_content)
        self.assertNotIn('Delete', resp.rendered_content)
        self.assertNotIn(delete_url, resp.rendered_content)

        resp = self._get_user_disclaimer(self.staff_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)
        self.assertIn('Update', resp.rendered_content)
        self.assertIn(update_url, resp.rendered_content)
        self.assertIn('Delete', resp.rendered_content)
        self.assertIn(delete_url, resp.rendered_content)
Ejemplo n.º 19
0
    def test_update_and_delete_buttons_not_shown_for_instructors(self):
        encoded_user_id = int_str(chaffify(self.user.id))
        update_url = reverse(
            'studioadmin:update_user_disclaimer', args=[encoded_user_id]
        )
        delete_url = reverse(
            'studioadmin:delete_user_disclaimer', args=[encoded_user_id]
        )

        resp = self._get_user_disclaimer(self.instructor_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)
        self.assertNotIn('Update', resp.rendered_content)
        self.assertNotIn(update_url, resp.rendered_content)
        self.assertNotIn('Delete', resp.rendered_content)
        self.assertNotIn(delete_url, resp.rendered_content)

        resp = self._get_user_disclaimer(self.staff_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)
        self.assertIn('Update', resp.rendered_content)
        self.assertIn(update_url, resp.rendered_content)
        self.assertIn('Delete', resp.rendered_content)
        self.assertIn(delete_url, resp.rendered_content)
Ejemplo n.º 20
0
    def test_no_changes_made(self):
        post_data = {
            'id': self.disclaimer.id,
            'name': self.disclaimer.name,
            'dob': self.disclaimer.dob.strftime('%d %b %Y'),
            'address': self.disclaimer.address,
            'postcode': self.disclaimer.postcode,
            'mobile_phone': self.disclaimer.mobile_phone,
            'emergency_contact1_name': self.disclaimer.emergency_contact1_name,
            'emergency_contact1_relationship':
            self.disclaimer.emergency_contact1_relationship,
            'emergency_contact1_phone':
            self.disclaimer.emergency_contact1_phone,
            'emergency_contact2_name': self.disclaimer.emergency_contact2_name,
            'emergency_contact2_relationship':
            self.disclaimer.emergency_contact2_relationship,
            'emergency_contact2_phone':
            self.disclaimer.emergency_contact2_phone,
            'medical_conditions': False,
            'medical_conditions_details': '',
            'joint_problems': False,
            'joint_problems_details': '',
            'allergies': False,
            'allergies_details': '',
            'medical_treatment_permission': True,
            'terms_accepted': True,
            'age_over_18_confirmed': True,
            'password': '******'
        }

        encoded_user_id = int_str(chaffify(self.user.id))
        update_url = reverse('studioadmin:update_user_disclaimer',
                             args=[encoded_user_id])

        self.assertTrue(
            self.client.login(username=self.staff_user.username,
                              password='******'))
        resp = self.client.post(update_url, post_data, follow=True)
        self.assertIn('No changes made', format_content(resp.rendered_content))
Ejemplo n.º 21
0
    def test_no_changes_made(self):
        post_data = {
            'id': self.disclaimer.id,
            'name': self.disclaimer.name,
            'dob': self.disclaimer.dob.strftime('%d %b %Y'),
            'address': self.disclaimer.address,
            'postcode': self.disclaimer.postcode,
            'mobile_phone': self.disclaimer.mobile_phone,
            'emergency_contact1_name': self.disclaimer.emergency_contact1_name,
            'emergency_contact1_relationship': self.disclaimer.emergency_contact1_relationship,
            'emergency_contact1_phone': self.disclaimer.emergency_contact1_phone,
            'emergency_contact2_name': self.disclaimer.emergency_contact2_name,
            'emergency_contact2_relationship': self.disclaimer.emergency_contact2_relationship,
            'emergency_contact2_phone': self.disclaimer.emergency_contact2_phone,
            'medical_conditions': False,
            'medical_conditions_details': '',
            'joint_problems': False,
            'joint_problems_details': '',
            'allergies': False, 'allergies_details': '',
            'medical_treatment_permission': True,
            'terms_accepted': True,
            'age_over_18_confirmed': True,
            'password': '******'
        }

        encoded_user_id = int_str(chaffify(self.user.id))
        update_url = reverse(
            'studioadmin:update_user_disclaimer', args=[encoded_user_id]
        )

        self.assertTrue(
            self.client.login(username=self.staff_user.username, password='******')
        )
        resp = self.client.post(update_url, post_data, follow=True)
        self.assertIn(
            'No changes made', format_content(resp.rendered_content)
        )
Ejemplo n.º 22
0
    def test_only_staff_or_instructor_can_access_user_disclaimer(self):
        # no logged in user
        encoded_user_id = int_str(chaffify(self.user.id))
        resp = self.client.get(
            reverse(
                'studioadmin:user_disclaimer',
                args=[encoded_user_id]
            )
        )
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('login'), resp.url)

        # normal user
        resp = self._get_user_disclaimer(self.user, encoded_user_id)
        self.assertEqual(resp.status_code, 302)
        self.assertIn(reverse('booking:permission_denied'), resp.url)

        # staff user
        resp = self._get_user_disclaimer(self.staff_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)

        # instructpr user
        resp = self._get_user_disclaimer(self.instructor_user, encoded_user_id)
        self.assertEqual(resp.status_code, 200)
Ejemplo n.º 23
0
def encode(val):
    return int_str(chaffify(val))
Ejemplo n.º 24
0
 def test_encoded_id_with_defaults(self):
     encoded_id = int_str(chaffify(self.user.id))
     self.assertEqual(dechaffify(str_int(encoded_id)), self.user.id)
Ejemplo n.º 25
0
def encode(val):
    return int_str(chaffify(val))