def setUp(self):
# Every test needs a client.
self.client = AuthClient()
self.article = Article.objects.create(
title='TestArticle',
body='<h1>Test Body</h1>',
published=True)
class OrgaBasicTest(TestCase):
def setUp(self):
# Every test needs a client.
self.client = AuthClient()
self.expected_code = 403
self.expected_save_code = 403
self.expect_templates = False
self.orga = OrganizationFactory()
self.orga.save()
def test_access_to_orga_list(self):
response = self.client.get(reverse('organization-list'))
if self.expect_templates:
self.assertTemplateUsed(response, 'orga/organization_filter.html')
self.assertEqual(response.status_code, self.expected_code)
response = self.client.get(reverse(
'organization-list-export',
kwargs={'format': 'csv'}))
self.assertEqual(response.status_code, self.expected_code)
def test_access_to_orga_detail(self):
# Issue a GET request.
response = self.client.get(reverse('organization-detail',
kwargs={'pk': self.orga.pk}))
if self.expect_templates:
self.assertTemplateUsed(response, 'orga/organization_detail.html')
self.assertEqual(response.status_code, self.expected_code)
def test_access_to_orga_edit(self):
url = reverse('organization-update', kwargs={'pk': self.orga.pk})
response = self.client.get(url)
if self.expect_templates:
self.assertTemplateUsed(response, 'orga/organization_form.html')
self.assertEqual(response.status_code, self.expected_code)
def test_autocompletes(self):
for al in ['OrganizationAutocomplete']:
url = reverse(
'autocomplete_light_autocomplete',
kwargs={'autocomplete': al}
)
response = self.client.get(url)
self.assertEqual(response.status_code, self.expected_code, url)
def setUp(self):
# Every test needs a client.
self.client = AuthClient()
self.expected_code = 403
self.expected_save_code = 403
self.expect_templates = False
self.orga = OrganizationFactory()
self.orga.save()
class AuthUserTest(TestCase):
def setUp(self):
# Every test needs a client.
self.client = AuthClient()
self.article = Article.objects.create(
title='TestArticle',
body='<h1>Test Body</h1>',
published=True)
def test_my_restrictions(self):
for symbolicurl in ['article-update',
'article-delete',
]:
response = self.client.get(
reverse(symbolicurl, kwargs={'pk': self.article.pk}))
self.assertEqual(response.status_code, 403, symbolicurl)
response = self.client.get(reverse('article-create'))
self.assertEqual(response.status_code, 403, 'Article creation')
def setUp(self):
self.client = AuthClient()
super(AuthUserTest, self).setUp()
class AuthUserTest(SeasonTestCaseMixin):
def setUp(self):
self.client = AuthClient()
super(AuthUserTest, self).setUp()
def test_access_to_season_list(self):
for symbolicurl in freeforallurls:
url = reverse(symbolicurl)
# Final URL is OK
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 200, url)
def test_no_access_to_season_create(self):
for symbolicurl in restrictedgenericurls:
url = reverse(symbolicurl)
# Final URL is forbidden
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 403, url)
def test_no_access_to_season_detail(self):
for symbolicurl in restrictedspecificurls:
url = reverse(symbolicurl, kwargs={'pk': self.season.pk})
# Final URL is forbidden
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 403, url)
for symbolicurl in restrictedhelperspecificurls:
for helper in self.users:
url = reverse(
symbolicurl,
kwargs={
'pk': self.season.pk,
'helperpk': helper.pk
})
# Final URL is forbidden
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 403, url)
def test_access_to_myseason_availabilities(self):
for symbolicurl in restrictedhelperspecificurls:
url = reverse(
symbolicurl,
kwargs={
'pk': self.season.pk,
'helperpk': self.client.user.pk
})
# Fails, we have no formation
self.assertEqual(self.client.get(url).status_code, 403, url)
# Fails, we have not a common canton
self.client.user.profile.formation = FORMATION_M1
self.client.user.profile.save()
self.assertEqual(self.client.get(url).status_code, 403, url)
# Works, we have it all
self.client.user.profile.affiliation_canton = \
self.season.cantons[0]
self.client.user.profile.save()
self.assertEqual(self.client.get(url).status_code, 200, url)
# Fails, we have a common canton, but no Formation
self.client.user.profile.formation = ''
self.client.user.profile.save()
self.assertEqual(self.client.get(url).status_code, 403, url)
def test_no_access_to_session(self):
for session in self.sessions:
urls = [
reverse(
'session-list',
kwargs={
'seasonpk': self.season.pk,
'year': session.day.year,
'week': session.day.strftime('%W'),
}),
reverse(
'session-create',
kwargs={
'seasonpk': self.season.pk,
}),
reverse(
'session-detail',
kwargs={
'seasonpk': self.season.pk,
'pk': session.pk,
}),
reverse(
'session-update',
kwargs={
'seasonpk': self.season.pk,
'pk': session.pk,
}),
reverse(
'session-staff-choices',
kwargs={
'seasonpk': self.season.pk,
'pk': session.pk,
}),
reverse(
'session-delete',
kwargs={
'seasonpk': self.season.pk,
'pk': session.pk,
}),
]
for url in urls:
# Final URL is forbidden
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 403, url)
