def test_printouts_no_addresses(rf):
try:
import weasyprint
except ImportError:
pytest.skip()
shop = get_default_shop()
supplier = get_default_supplier()
product = create_product("simple-test-product", shop)
order = create_order_with_product(product, supplier, 6, 6, shop=shop)
order.billing_address = None
order.save()
shipment = order.create_shipment_of_all_products(supplier)
request = apply_request_middleware(rf.get("/"),
user=get_default_staff_user())
response = get_delivery_pdf(request, shipment.id)
assert response.status_code == 200
response = get_confirmation_pdf(request, order.id)
assert response.status_code == 200
order.shipping_address = None
order.save()
response = get_delivery_pdf(request, shipment.id)
assert response.status_code == 200
response = get_confirmation_pdf(request, order.id)
assert response.status_code == 200
def test_user_permission_cache_bump(rf):
user = factories.get_default_staff_user()
group_a = Group.objects.create(name="Group A")
group_b = Group.objects.create(name="Group B")
group_a_permissions = ["purchase", "sell"]
group_b_permissions = ["delete", "create"]
set_permissions_for_group(group_a, set(group_a_permissions))
set_permissions_for_group(group_b, set(group_b_permissions))
all_permissions = set(group_a_permissions + group_b_permissions)
# as user is not in any group, it misses all the groups
assert get_missing_permissions(user, all_permissions) == all_permissions
# add the user to Group A
user.groups.add(group_a)
# the user misses the group_b permissions
assert get_missing_permissions(user,
all_permissions) == set(group_b_permissions)
# make the user be part only of group b
group_b.user_set.add(user)
group_a.user_set.remove(user)
# the user misses the group_a permissions
assert get_missing_permissions(user,
all_permissions) == set(group_a_permissions)
# user is part of all groups
user.groups.set([group_a, group_b])
assert get_missing_permissions(user, all_permissions) == set()
def test_model_url_with_permissions():
permissions = set(
["shop_product.new", "shop_product.delete", "shop_product.edit"])
shop = get_default_shop()
p = get_default_product()
# If no user is given, don't check for permissions
assert get_model_url(p, shop=shop)
# If a user is given and no permissions are provided, check for default model permissions
user = get_default_staff_user()
with pytest.raises(NoModelUrl):
assert get_model_url(p, user=user, shop=shop)
# If a user is given and permissions are provided, check for those permissions
assert get_model_url(p, user=user, required_permissions=(), shop=shop)
with pytest.raises(NoModelUrl):
assert get_model_url(p,
user=user,
required_permissions=["shop_product.new"],
shop=shop)
# Confirm that url is returned with correct permissions
set_permissions_for_group(user.groups.first(), permissions)
assert get_model_url(p, user=user, shop=shop)
assert get_model_url(p,
user=user,
required_permissions=permissions,
shop=shop)
def test_reports_admin_permissions(rf):
shop = get_default_shop() # We need a shop to exists
staff_user = get_default_staff_user(shop)
permission_group = get_default_permission_group()
staff_user.groups.add(permission_group)
request = apply_request_middleware(rf.get("/"), user=staff_user)
request.user = staff_user
with replace_modules([ReportsAdminModule]):
with override_provides("reports", REPORTS):
extra_permissions = ReportsAdminModule().get_extra_permissions()
assert len(extra_permissions) == 3
assert SalesReport.identifier in extra_permissions
assert TotalSales.identifier in extra_permissions
assert SalesPerHour.identifier in extra_permissions
with admin_only_urls():
view_func = ReportView.as_view()
response = view_func(request)
response.render()
response = view_func(request, pk=None) # "new mode"
response.render()
assert response.content
soup = BeautifulSoup(response.content)
assert soup.find("div", {"class": "content-block"}).text == "No reports available"
expected_report_identifiers = []
for report_cls in [SalesReport, TotalSales, SalesPerHour]:
expected_report_identifiers.append(report_cls.identifier)
set_permissions_for_group(permission_group, [report_cls.identifier])
response = view_func(request, pk=None) # "new mode"
response.render()
assert response.content
soup = BeautifulSoup(response.content)
for option in soup.find("select", {"id": "id_report"}).findAll("option"):
assert option["value"] in expected_report_identifiers
def test_reports_admin_permissions(rf):
shop = get_default_shop() # We need a shop to exists
staff_user = get_default_staff_user(shop)
permission_group = get_default_permission_group()
staff_user.groups = [permission_group]
request = apply_request_middleware(rf.get("/"), user=staff_user)
request.user = staff_user
with replace_modules([ReportsAdminModule]):
with override_provides("reports", REPORTS):
extra_permissions = ReportsAdminModule().get_extra_permissions()
assert len(extra_permissions) == 3
assert SalesReport.identifier in extra_permissions
assert TotalSales.identifier in extra_permissions
assert SalesPerHour.identifier in extra_permissions
with admin_only_urls():
view_func = ReportView.as_view()
response = view_func(request)
response.render()
response = view_func(request, pk=None) # "new mode"
response.render()
assert response.content
soup = BeautifulSoup(response.content)
assert soup.find("div", {"class": "content-block"}).text == "No reports available"
expected_report_identifiers = []
for report_cls in [SalesReport, TotalSales, SalesPerHour]:
expected_report_identifiers.append(report_cls.identifier)
set_permissions_for_group(permission_group, [report_cls.identifier])
response = view_func(request, pk=None) # "new mode"
response.render()
assert response.content
soup = BeautifulSoup(response.content)
for option in soup.find("select", {"id": "id_report"}).findAll("option"):
assert option["value"] in expected_report_identifiers
def test_export_customer_sample(rf):
# create input: shop, request to use in process(request, ids) method
base_view = ExportContactsCSVAction()
random_customer = create_random_person()
request = apply_request_middleware(rf.get("/"),
user=get_default_staff_user())
view_instance = ContactListView()
view_instance.request = request
view_settings = ViewSettings(Contact, ContactListView.default_columns,
view_instance)
setting_cols = view_settings.columns
customer_from_query = base_view.get_queryset(request, view_instance,
[random_customer.pk])[0]
assert customer_from_query.pk == random_customer.pk
response = base_view.process(request, [random_customer.pk])
assert response.status_code == 200
content = response.content.decode("utf-8")
cvs_reader = csv.reader(io.StringIO(content))
body = list(cvs_reader)
headers = body.pop(0)
for dr in setting_cols:
index = setting_cols.index(dr)
assert (strip_tags(
dr.get_display_value(
view_settings.view_context,
random_customer))) == body[0][0].split(";")[index]
assert len(view_settings.columns) == len(headers[0].split(";"))
def test_delivery_and_confirmation_pdf(shop, supplier):
product = create_product("simple-test-product-%s-" % shop.pk, shop)
order = create_order_with_product(product, supplier, 6, 6, shop=shop)
shipment = order.create_shipment_of_all_products(supplier)
request = apply_request_middleware(rf.get("/"),
user=get_default_staff_user())
response = get_delivery_pdf(request, shipment.id)
assert response.status_code == 200
response = get_confirmation_pdf(request, order.id)
assert response.status_code == 200
def test_url_buttons_permission(rf, button, permission, instance):
request = rf.get("/")
assert isinstance(button, instance)
if button is not None:
request.user = factories.get_default_staff_user()
assert not "".join(bit for bit in button.render(request))
set_permissions_for_group(request.user.groups.first(), (permission, ))
assert "".join(bit for bit in button.render(request))
def test_toolbar_button_permissions(rf, button_class, kwargs):
permissions = set(["shuup.add_product", "shuup.delete_product", "shuup.change_product"])
request = rf.get("/")
request.user = factories.get_default_staff_user()
button = button_class(required_permissions=permissions, **kwargs)
rendered_button = "".join(bit for bit in button.render(request))
assert not rendered_button
# Set permissions for the user
set_permissions_for_group(request.user.groups.first(), permissions)
rendered_button = "".join(bit for bit in button.render(request))
assert rendered_button
def test_toolbar_button_permissions(rf, button_class, kwargs):
permissions = set(["shuup.add_product", "shuup.delete_product", "shuup.change_product"])
request = rf.get("/")
request.user = factories.get_default_staff_user()
button = button_class(required_permissions=permissions, **kwargs)
rendered_button = "".join(bit for bit in button.render(request))
assert not rendered_button
# Set permissions for the user
set_permissions_for_group(request.user.groups.first(), permissions)
rendered_button = "".join(bit for bit in button.render(request))
assert rendered_button
def test_dashboard_blocks_permissions(rf, client):
with replace_modules([ARestrictedTestModule]):
request = rf.get("/")
request.user = get_default_staff_user(get_default_shop()) # Dashboard permission is added by default
request.session = client.session
view = DashboardView(request=request)
assert not view.get_context_data()["blocks"]
# By default there is only dashboard permission so to be
# able to see some blocks permission to some admin module
# providing dashboard bocks needed.
set_permissions_for_group(
request.user.groups.first(), set("dashboard") | set(ARestrictedTestModule().get_required_permissions())
)
view = DashboardView(request=request)
assert view.get_context_data()["blocks"]
def test_dashboard_blocks_permissions(rf, client):
with replace_modules([ARestrictedTestModule]):
request = rf.get("/")
request.user = get_default_staff_user(get_default_shop()) # Dashboard permission is added by default
request.session = client.session
view = DashboardView(request=request)
assert not view.get_context_data()["blocks"]
# By default there is only dashboard permission so to be
# able to see some blocks permission to some admin module
# providing dashboard bocks needed.
set_permissions_for_group(
request.user.groups.first(),
set("dashboard") | set(ARestrictedTestModule().get_required_permissions())
)
view = DashboardView(request=request)
assert view.get_context_data()["blocks"]
def test_adding_extra_fields_to_the_delivery(rf):
try:
import weasyprint
except ImportError:
pytest.skip()
shop = get_default_shop()
supplier = get_default_supplier()
product = create_product("simple-test-product", shop)
order = create_order_with_product(product, supplier, 6, 6, shop=shop)
shipment = order.create_shipment_of_all_products(supplier)
request = apply_request_middleware(rf.get("/"),
user=get_default_staff_user())
with override_provides("order_printouts_delivery_extra_fields", [
"shuup_tests.order_printouts.test_printouts:PrintoutTestDeliveryExtraFields",
]):
response = get_delivery_html(request, shipment.id)
assert response.status_code == 200
assert "123456789" in response.content.decode()
assert "Random" in response.content.decode()
def test_permissions_for_menu_entries(rf, admin_user):
request = rf.get("/")
request.user = factories.get_default_staff_user()
permission_group = request.user.groups.first()
set_permissions_for_group(
permission_group,
set("dashboard") | set(ARestrictedTestModule().get_required_permissions())
)
with replace_modules([ARestrictedTestModule]):
categories = get_menu_entry_categories(request)
assert categories
# Make sure category is displayed if user has correct permissions
test_category_menu_entries = [cat for cat in categories if cat.name == "RestrictedTest"][0]
assert any(me.text == "OK" for me in test_category_menu_entries)
# No menu items should be displayed if user has no permissions
set_permissions_for_group(permission_group, set())
categories = get_menu_entry_categories(request)
assert not categories
def test_permissions_for_menu_entries(rf, admin_user):
request = rf.get("/")
request.user = factories.get_default_staff_user()
permission_group = request.user.groups.first()
set_permissions_for_group(
permission_group,
set("dashboard") | set(ARestrictedTestModule().get_required_permissions())
)
with replace_modules([ARestrictedTestModule]):
categories = get_menu_entry_categories(request)
assert categories
# Make sure category is displayed if user has correct permissions
test_category_menu_entries = [cat for cat in categories if cat.name == "RestrictedTest"][0]
assert any(me.text == "OK" for me in test_category_menu_entries)
# No menu items should be displayed if user has no permissions
set_permissions_for_group(permission_group, set())
categories = get_menu_entry_categories(request)
assert not categories
def test_model_url_with_permissions():
permissions = set(["shop_product.new", "shop_product.delete", "shop_product.edit"])
shop = get_default_shop()
p = get_default_product()
# If no user is given, don't check for permissions
assert get_model_url(p, shop=shop)
# If a user is given and no permissions are provided, check for default model permissions
user = get_default_staff_user()
with pytest.raises(NoModelUrl):
assert get_model_url(p, user=user, shop=shop)
# If a user is given and permissions are provided, check for those permissions
assert get_model_url(p, user=user, required_permissions=(), shop=shop)
with pytest.raises(NoModelUrl):
assert get_model_url(p, user=user, required_permissions=["shop_product.new"], shop=shop)
# Confirm that url is returned with correct permissions
set_permissions_for_group(user.groups.first(), permissions)
assert get_model_url(p, user=user, shop=shop)
assert get_model_url(p, user=user, required_permissions=permissions, shop=shop)
