def test_basket_orderability_change_shop_product(rf): StoredBasket.objects.all().delete() shop = get_default_shop() supplier = get_default_supplier() product = create_product(printable_gibberish(), shop=shop, supplier=supplier, default_price=50) request = rf.get("/") request.session = {} request.shop = shop apply_request_middleware(request) basket = get_basket(request) line = basket.add_product( supplier=supplier, shop=shop, product=product, quantity=1, force_new_line=True, extra={"foo": "foo"} ) assert len(basket.get_lines()) == 1 assert len(basket.get_unorderable_lines()) == 0 product.get_shop_instance(shop).delete() basket.uncache() assert basket.dirty assert len(basket.get_lines()) == 0 assert len(basket.get_unorderable_lines()) == 1
def test_user_detail_contact_seed(rf, admin_user): get_default_shop() contact = create_random_person() # Using random data for name and email would need escaping when # checking if it is rendered, therefore use something very basic instead contact.name = "Matti Perustyyppi" contact.email = "*****@*****.**" contact.save() view_func = UserDetailView.as_view() # Check that fields populate . . . request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}), user=admin_user) response = view_func(request) response.render() content = force_text(response.content) assert force_text(contact.first_name) in content assert force_text(contact.last_name) in content assert force_text(contact.email) in content # POST the password too to create the user . . . post = extract_form_fields(BeautifulSoup(content)) post["password"] = "******" request.method = "POST" request.POST = post response = view_func(request) assert response.status_code < 500 # Check this new user is visible in the details now user = Contact.objects.get(pk=contact.pk).user request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}), user=admin_user) response = view_func(request, pk=user.pk) response.render() content = force_text(response.content) assert force_text(contact.first_name) in content assert force_text(contact.last_name) in content assert force_text(contact.email) in content
def test_user_detail_works_at_all(rf, admin_user): shop = get_default_shop() user = get_user_model().objects.create( username=printable_gibberish(20), first_name=printable_gibberish(10), last_name=printable_gibberish(10), password="******" ) view_func = UserDetailView.as_view() response = view_func(apply_request_middleware(rf.get("/"), user=admin_user), pk=user.pk) assert response.status_code == 200 response.render() assert force_text(user) in force_text(response.content) response = view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=user.pk) assert response.status_code < 500 and not get_user_model().objects.get(pk=user.pk).is_active with pytest.raises(Problem): view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=admin_user.pk) user = get_user_model().objects.create( username=printable_gibberish(20), first_name=printable_gibberish(10), last_name=printable_gibberish(10), password="******", is_staff=True, is_superuser=False ) shop.staff_members.add(user) # non superusers can't see superusers with pytest.raises(Http404): view_func(apply_request_middleware(rf.get("/"), user=user), pk=admin_user.pk)
def _test_coupon_code_delete_view(rf, index): shop = factories.get_shop(identifier="shop%s" % index, enabled=True) staff_user = factories.create_random_user(is_staff=True) shop.staff_members.add(staff_user) code = "code-%s" % index coupon = CouponCode.objects.create(code=code) coupon.shops = [shop] extra_coupon = CouponCode.objects.create(code="extra-coupon-%s" % index) extra_coupon.shops = [shop] assert CouponCode.objects.filter(code=code).exists() view_func = CouponCodeDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) response = view_func(request, pk=coupon.pk) if hasattr(response, "render"): response.render() assert response.status_code == 302 assert not CouponCode.objects.filter(code=code).exists() # Make sure that this staff can't remove other people discounts other_coupons = CouponCode.objects.exclude(shops=shop) coupon_count = other_coupons.count() for coupon in other_coupons: view_func = CouponCodeDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) with pytest.raises(Http404): response = view_func(request, pk=coupon.pk) if hasattr(response, "render"): response.render() assert coupon_count == CouponCode.objects.exclude(shops=shop).count()
def test_simple_search_word_finder(rf): cache.clear() view = SearchView.as_view() name = "Savage Garden" sku = UNLIKELY_STRING prod = create_product( sku=sku, name=name, keywords="truly, madly, deeply", description="Descriptive text", shop=get_default_shop() ) resp = view(apply_request_middleware(rf.get("/"))) assert prod not in resp.context_data["object_list"], "No query no results" partial_sku = sku[:int(len(sku)/2)] valid_searches = ["Savage", "savage", "truly", "madly", "truly madly", "truly garden", "text", sku, partial_sku] for query in valid_searches: resp = view(apply_request_middleware(rf.get("/", {"q": query}))) assert name in resp.rendered_content invalid_searches = ["saavage", "", sku[::-1]] for query in invalid_searches: resp = view(apply_request_middleware(rf.get("/", {"q": query}))) assert name not in resp.rendered_content
def test_mass_action_multishop(rf, admin_user): def create_shop(name): return Shop.objects.create( name="foobar", identifier=name, status=ShopStatus.ENABLED, public_name=name, currency=get_default_currency().code ) shop_one = get_default_shop() shop_two = create_shop("foobar") product = get_default_product() shop_product_one = product.get_shop_instance(shop_one) shop_product_two = ShopProduct.objects.create(shop=shop_two, product=product) shop_product_two.save() assert shop_product_one.visibility == ShopProductVisibility.ALWAYS_VISIBLE assert shop_product_two.visibility == ShopProductVisibility.ALWAYS_VISIBLE request = apply_request_middleware(rf.get("/"), user=admin_user, shop=shop_one) InvisibleMassAction().process(request, 'all') shop_product_one.refresh_from_db() shop_product_two.refresh_from_db() assert shop_product_one.visibility == ShopProductVisibility.NOT_VISIBLE assert shop_product_two.visibility == ShopProductVisibility.ALWAYS_VISIBLE request = apply_request_middleware(rf.get("/"), user=admin_user, shop=shop_one) VisibleMassAction().process(request, 'all') shop_product_one.refresh_from_db() shop_product_two.refresh_from_db() assert shop_product_two.visibility == ShopProductVisibility.ALWAYS_VISIBLE assert shop_product_one.visibility == ShopProductVisibility.ALWAYS_VISIBLE
def test_discounted_price(rf): shop = factories.get_default_shop() supplier = factories.get_default_supplier() request = rf.get("/") request.shop = shop apply_request_middleware(request) assert request.shop == shop original_price = 10 product = factories.create_product("test1", shop=shop, supplier=supplier, default_price=original_price) shop_product = product.get_shop_instance(shop) # Set discount with discount amount for $2 discount_amount = 2 discount = Discount.objects.create( active=True, product=product, supplier=supplier, discount_amount_value=discount_amount) discount.shops = [shop] # Even though the supplier is matching with the product there is no discount # since the supplier is not in pricing context. assert not hasattr(request, "supplier") assert supplier in shop_product.suppliers.all() assert product.get_price_info(request).price == request.shop.create_price(10) setattr(request, "supplier", supplier) assert product.get_price_info(request).price == request.shop.create_price(8) # No discount once we change the discount supplier new_supplier = Supplier.objects.create(identifier="*") discount.supplier = new_supplier discount.save() assert product.get_price_info(request).price == request.shop.create_price(10)
def get_request_for_contact_tests(rf): activate("en") request = rf.get("/") request.shop = get_shop(prices_include_tax=True) get_payment_method(request.shop) apply_request_middleware(request) return request
def test_product_edit_view_multipleshops(rf): """ Check whether a staff user from Shop A can see the product from Shop B when the staff user is only attached to Shop A """ with override_settings(E-Commerce_ENABLE_MULTIPLE_SHOPS=True): shop1 = get_default_shop() shop2 = get_new_shop(identifier="shop2", domain="shop2", name="Shop 2") shop2_staff = create_random_user(is_staff=True) shop2.staff_members.add(shop2_staff) product = create_product("shop1-product", shop=shop1) shop_product = product.get_shop_instance(shop1) request = apply_request_middleware(rf.get("/", HTTP_HOST=shop2.domain), user=shop2_staff) view_func = ProductEditView.as_view() with pytest.raises(Http404): view_func(request, pk=shop_product.pk) view_func = ProductListView.as_view() payload = {"jq": json.dumps({"perPage": 100, "page": 1}), "shop": shop2.pk} request = apply_request_middleware(rf.get("/", payload, HTTP_HOST=shop2.domain), user=shop2_staff) response = view_func(request) assert response.status_code == 200 data = json.loads(response.content.decode("utf-8")) assert len(data["items"]) == 0
def test_iframe_mode(rf, admin_user, extra_query_param, extra_query_value, expected_script): get_default_shop() view = load("E-Commerce.admin.modules.categories.views:CategoryEditView").as_view() request = apply_request_middleware(rf.get("/", {"mode": "iframe"}), user=admin_user) response = view(request) if hasattr(response, "render"): response.render() assert 200 <= response.status_code < 300 content = force_text(response.content) post = extract_form_fields(BeautifulSoup(content, "lxml")) post.update({ "base-name__en": "Name" }) post.pop("base-image") # save iframe mode request = apply_request_middleware(rf.post("/", post), user=admin_user) request.GET = request.GET.copy() request.GET["mode"] = "iframe" if extra_query_param: request.GET[extra_query_param] = extra_query_value response = view(request) assert response.status_code == 302 client = Client() client.login(username="******", password="******") response = client.get(response.url) assert response.status_code == 200 assert expected_script in force_text(response.content)
def test_edit_view_adding_messages_to_form_group(rf, admin_user): shop = get_default_shop() # obvious prerequisite product = get_default_product() shop_product = product.get_shop_instance(shop) view = ProductEditView.as_view() request = apply_request_middleware(rf.get("/"), user=admin_user) response = view(request, pk=shop_product.pk) response.render() assert 200 <= response.status_code < 300 assert ProductEditView.add_form_errors_as_messages content = force_text(response.content) post = extract_form_fields(BeautifulSoup(content, "lxml")) post_data = { # Error in the base form part "base-name__en": "", } post.update(post_data) request = apply_request_middleware(rf.post("/", post), user=admin_user) response = view(request, pk=shop_product.pk) errors = response.context_data["form"].errors assert "base" in errors assert "name__en" in errors["base"]
def test_get_shop(rf, get_shop_fn): with override_settings(E-Commerce_ENABLE_MULTIPLE_SHOPS=True): activate("en") shop1 = Shop.objects.create(identifier="shop1", status=ShopStatus.ENABLED) shop2 = Shop.objects.create(identifier="shop2", status=ShopStatus.ENABLED) normal_user = factories.create_random_user() staff_user = factories.create_random_user(is_staff=True) request = apply_request_middleware(rf.post("/"), user=normal_user, skip_session=True) # user not staff assert get_shop_fn(request) is None # staff user now with pytest.raises(PermissionDenied) as exc: request = apply_request_middleware(rf.post("/"), user=staff_user) assert exc.value == "You are not a staff member of this shop" # no shop set assert get_shop_fn(request) is None # adds the user to a shop shop1.staff_members.add(staff_user) request = apply_request_middleware(rf.post("/"), user=staff_user, skip_session=True) assert get_shop_fn(request) == shop1 # adds the user to another shop shop2.staff_members.add(staff_user) # still the first shop as we do not set any assert get_shop_fn(request) == shop1 for shop in [shop1, shop2]: request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) assert get_shop_fn(request) == shop
def test_save_cart_errors(rf, regular_user): get_default_shop() request = apply_request_middleware(rf.post("/", { "title": "test" })) response = CartSaveView.as_view()(request) data = json.loads(response.content.decode("utf8")) assert response.status_code == 403, "can't save cart as anonymous user" assert not data["ok"], "can't save cart without title" customer = get_person_contact(regular_user) request = apply_request_middleware(rf.post("/", { "title": "" }), customer=customer, user=regular_user) response = CartSaveView.as_view()(request) data = json.loads(response.content.decode("utf8")) assert response.status_code == 400 assert not data["ok"], "can't save cart without title" request = apply_request_middleware(rf.post("/", { "title": "test" }), customer=customer, user=regular_user) response = CartSaveView.as_view()(request) data = json.loads(response.content.decode("utf8")) assert response.status_code == 400 assert not data["ok"], "can't save an empty cart"
def test_process_stock_managed(rf, admin_user): supplier = get_simple_supplier(stock_managed=False) shop = get_default_shop() product = create_product("simple-test-product", shop) request = apply_request_middleware(rf.get("/", data={"stock_managed": True}), user=admin_user) with pytest.raises(Exception) as ex: # Should raise exception becasue only POST is allowed response = process_stock_managed(request, supplier.id, product.id) request = apply_request_middleware(rf.post("/", data={"stock_managed": True}), user=admin_user) response = process_stock_managed(request, supplier.id, product.id) assert response.status_code == 200 # Check no stock count sc = StockCount.objects.filter(supplier=supplier, product=product).first() assert sc.logical_count == 0 # Check stock count managed by default assert sc.stock_managed == True # Now test with stock managed turned off request = apply_request_middleware(rf.post("/", data={"stock_managed": False}), user=admin_user) response = process_stock_managed(request, supplier.id, product.id) assert response.status_code == 200 # Check stock management is disabled for product sc = StockCount.objects.filter( supplier=supplier, product=product).first() assert sc.stock_managed == False # Now test with stock managed turned on request = apply_request_middleware(rf.post("/", data={"stock_managed": True}), user=admin_user) response = process_stock_managed(request, supplier.id, product.id) assert response.status_code == 200 # Check stock management is enabled for product sc = StockCount.objects.filter( supplier=supplier, product=product).first() assert sc.stock_managed == True
def test_contact_company_list_multishop(rf): with override_settings(E-Commerce_MANAGE_CONTACTS_PER_SHOP=True, E-Commerce_ENABLE_MULTIPLE_SHOPS=True): staff_user = create_random_user(is_staff=True) shop1 = get_shop(identifier="shop-1", enabled=True) shop2 = get_shop(identifier="shop-2", enabled=True) shop1.staff_members.add(staff_user) shop2.staff_members.add(staff_user) # only available in shop2 contact = create_random_person(locale="en_US", minimum_name_comp_len=5, shop=shop2) # only available in shop1 company = create_random_company() company.add_to_shop(shop1) view = ContactListView() request = apply_request_middleware(rf.get("/"), user=staff_user, shop=shop1) view.request = request assert company in view.get_queryset() assert contact not in view.get_queryset() request = apply_request_middleware(rf.get("/"), user=staff_user, shop=shop2) view.request = request assert contact in view.get_queryset() assert company not in view.get_queryset()
def test_force_views_only_for_staff(rf): shop = factories.get_default_shop() user = factories.create_random_user(is_staff=True) person_contact = get_person_contact(user) # Start forcing. There shouldn't be any changes to # request customer due calling the force functions since # those just do the redirect in case the current is user # is not shop staff. request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact _call_force_view(request, force_anonymous_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact _call_force_view(request, force_person_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact _call_force_view(request, force_company_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact assert get_company_contact(user) is None
def test_shop_wizard_pane(rf, admin_user, settings): settings.E-Commerce_SETUP_WIZARD_PANE_SPEC = [ "E-Commerce.admin.modules.shops.views:ShopWizardPane" ] shop = Shop.objects.create() get_currency("USD") assert not shop.contact_address assert not TaxClass.objects.exists() fields = _extract_fields(rf, admin_user) fields["shop-logo"] = "" # Correct init value for this is not None, but empty string request = apply_request_middleware(rf.post("/", data=fields), user=admin_user, shop=shop) response = WizardView.as_view()(request) # fields are missing assert response.status_code == 400 fields["shop-public_name__fi"] = "test shop" fields["shop-currency"] = "USD" fields["address-name"] = "TEST" fields["address-city"] = "TEST" fields["address-region_code"] = "CA" fields["address-street"] = "test" fields["address-country"] = "US" request = apply_request_middleware(rf.post("/", data=fields), user=admin_user, shop=shop) response = WizardView.as_view()(request) assert response.status_code == 200 shop.refresh_from_db() shop.set_current_language("fi") assert shop.name == "test shop" assert shop.public_name == "test shop" assert shop.logo is None assert shop.contact_address assert shop.currency == "USD" assert TaxClass.objects.exists() assert_redirect_to_dashboard(rf, admin_user, shop)
def assert_config_value(rf, admin_user, form_id, key, value, expected_value, shop=None): if not shop: shop = get_default_shop() request = apply_request_middleware(rf.get("/"), user=admin_user) view_func = SystemSettingsView.as_view() response = view_func(request) assert response.status_code == 200 form_field = "%s-%s" % (form_id, key) data = {form_field: value} request = apply_request_middleware(rf.post("/", data=data), user=admin_user) response = view_func(request) assert response.status_code == 302 if expected_value == "unset": expected_value = value assert configuration.get(None, key) == expected_value assert len(messages.get_messages(request)) == 1 # Double save the form and the configuration should still be unchanged response = view_func(request) assert response.status_code == 302 assert configuration.get(None, key) == expected_value assert len(messages.get_messages(request)) == 2 return shop
def test_save_marketing_check(rf, admin_user): admin_contact = get_person_contact(admin_user) shop = get_default_shop() with override_settings(E-Commerce_CHECKOUT_CONFIRM_FORM_PROPERTIES={}): request = apply_request_middleware(rf.get("/"), shop=shop, user=admin_user, customer=admin_contact) form = ConfirmForm(request=request) assert form.fields["marketing"].initial is False assert form.fields["marketing"].widget.__class__ == forms.CheckboxInput admin_contact.options = {} admin_contact.options["marketing_permission_asked"] = True admin_contact.save() form = ConfirmForm(request=request) assert form.fields["marketing"].initial is False assert form.fields["marketing"].widget.__class__ == forms.HiddenInput admin_contact.marketing_permission = True admin_contact.save() form = ConfirmForm(request=request) assert form.fields["marketing"].initial is True assert form.fields["marketing"].widget.__class__ == forms.HiddenInput # test with anonymous request = apply_request_middleware(rf.get("/"), shop=shop, user=admin_user, customer=AnonymousContact()) form = ConfirmForm(request=request) assert form.fields["marketing"].initial is False assert form.fields["marketing"].widget.__class__ == forms.CheckboxInput
def test_multishops_middleware(rf, host): with override_provides("xtheme", [ "E-Commerce_tests.xtheme.utils:FauxTheme", "E-Commerce_tests.xtheme.utils:FauxTheme2" ]): shop1 = Shop.objects.create(identifier="shop1", domain="shop-1") shop2 = Shop.objects.create(identifier="shop2", domain="shop-test-2") theme_settings_shop1 = ThemeSettings.objects.create(theme_identifier=FauxTheme.identifier, shop=shop1) theme_settings_shop2 = ThemeSettings.objects.create(theme_identifier=FauxTheme2.identifier, shop=shop2) request = rf.get("/") request.META["HTTP_HOST"] = host # should apply the correct shop and the template apply_request_middleware(request) if host == "shop-1.somedomain.com": assert request.shop.id == shop1.id assert get_middleware_current_theme().identifier == FauxTheme.identifier assert get_middleware_current_theme().settings_obj.id == theme_settings_shop1.id else: assert request.shop.id == shop2.id assert get_middleware_current_theme().identifier == FauxTheme2.identifier assert get_middleware_current_theme().settings_obj.id == theme_settings_shop2.id
def test_delete_payment(admin_user, rf): product = get_default_product() shop_product = product.get_shop_instance(get_default_shop()) shop_product.default_price_value = 20 shop_product.save() order = create_random_order(customer=create_random_person(), products=(product,), completion_probability=0) payment_amount = order.taxful_total_price_value # create a payment view = OrderCreatePaymentView.as_view() request = apply_request_middleware(rf.post("/", {"amount": payment_amount}), user=admin_user) response = view(request, pk=order.pk) assert response.status_code == 302 order.refresh_from_db() assert order.is_paid() # delete the payment payment = order.payments.last() view = OrderDeletePaymentView.as_view() request = apply_request_middleware(rf.post("/", {"payment": payment.pk}), user=admin_user) response = view(request, pk=order.pk) assert response.status_code == 302 order.refresh_from_db() assert order.is_not_paid()
def init_test(request, shop, prices): apply_request_middleware(request) parent = create_product("parent_product", shop=shop) children = [create_product("child-%d" % price, shop=shop, default_price=price) for price in prices] for child in children: child.link_to_parent(parent) return parent
def test_field_provider(rf, admin_user): activate("en") shop = factories.get_default_shop() gdpr_settings = GDPRSettings.get_for_shop(shop) gdpr_settings.enabled = True gdpr_settings.save() # create privacy policy GDPR document privacy_policy = ensure_gdpr_privacy_policy(shop) page_consent_key = "accept_%d" % privacy_policy.pk request = apply_request_middleware(rf.post("/"), shop=shop, user=admin_user) field_provider = GDPRFieldProvider() # call twice.. the field should be there while the user hasn't consented to the page for test in range(2): fields = field_provider.get_fields(request=request) assert page_consent_key in [f.name for f in fields] # consent to the page, the field shouldn't be there create_user_consent_for_all_documents(shop, admin_user) fields = field_provider.get_fields(request=request) assert page_consent_key not in [f.name for f in fields] # change the document version - field must be there again privacy_policy.save() fields = field_provider.get_fields(request=request) assert page_consent_key in [f.name for f in fields] # check if the field is shown for anonymous request = apply_request_middleware(rf.post("/"), shop=shop, user=AnonymousUser()) fields = field_provider.get_fields(request=request) assert page_consent_key in [f.name for f in fields]
def test_simple_product_works(rf): product = get_default_product() request = rf.get("/") apply_request_middleware(request) assert product.get_child_price_range(request) == (None, None) assert product.get_cheapest_child_price_info(request) is None assert product.get_cheapest_child_price(request) is None
def test_admin_edit(rf, admin_user): shop = get_default_shop() group = get_default_customer_group(shop) cgpd = ContactGroupPriceDisplay.objects.for_group_and_shop(group, shop) view = ContactGroupPriceDisplayEditView.as_view() options = get_price_display_options_for_group_and_shop(group, shop) assert options.show_prices request = apply_request_middleware(rf.get("/"), user=admin_user) response = view(request, pk=cgpd.pk) response.render() content = force_text(response.content) data = extract_form_fields(BeautifulSoup(content)) data.update({ "price_display_mode": [PriceDisplayChoices.HIDE.value], "group": group.id, }) request = apply_request_middleware(rf.post("/", data), user=admin_user, shop=shop) response = view(request, pk=cgpd.pk) assert response.status_code == 302 # save successful group = get_default_customer_group(shop) options = get_price_display_options_for_group_and_shop(group, shop) assert options.show_prices is False assert options.include_taxes is None # none, with_taxes, without_taxes, hide k = "price_display_mode" data.update({k: [PriceDisplayChoices.NONE.value]}) request = apply_request_middleware(rf.post("/", data), user=admin_user, shop=shop) response = view(request, pk=cgpd.pk) assert response.status_code == 302 # save successful options = get_price_display_options_for_group_and_shop(group, shop) assert options.show_prices is True # default assert options.include_taxes is None data.update({k: [PriceDisplayChoices.WITH_TAXES.value]}) request = apply_request_middleware(rf.post("/", data), user=admin_user, shop=shop) response = view(request, pk=cgpd.pk) assert response.status_code == 302 # save successful options = get_price_display_options_for_group_and_shop(group, shop) assert options.show_prices is True # default assert options.include_taxes is True data.update({k: [PriceDisplayChoices.WITHOUT_TAXES.value]}) request = apply_request_middleware(rf.post("/", data), user=admin_user, shop=shop) response = view(request, pk=cgpd.pk) assert response.status_code == 302 # save successful options = get_price_display_options_for_group_and_shop(group, shop) assert options.show_prices is True assert options.include_taxes is False
def get_context(rf, customer=None): request = rf.get("/") request.shop = factories.get_default_shop() apply_request_middleware(request) if customer: request.customer = customer return get_jinja_context(**{"request": request})
def test_login_as_user_errors(rf, admin_user, regular_user): get_default_shop() view_func = LoginAsUserView.as_view() request = apply_request_middleware(rf.post("/"), user=regular_user, skip_session=True) # log in as self with pytest.raises(Problem): view_func(request, pk=regular_user.pk) user = UserFactory() get_person_contact(user) # non superuser trying to login as someone else with pytest.raises(PermissionDenied): view_func(request, pk=user.pk) request = apply_request_middleware(rf.post("/"), user=admin_user) user.is_superuser = True user.save() # user is trying to login as another superuser with pytest.raises(PermissionDenied): view_func(request, pk=user.pk) user.is_superuser = False user.is_staff = True user.save() # user is trying to login as a staff user with pytest.raises(PermissionDenied): view_func(request, pk=user.pk) user.is_staff = False user.is_active = False user.save() # user is trying to login as an inactive user with pytest.raises(Problem): view_func(request, pk=user.pk)
def test_contact_edit_multishop(rf): with override_settings(E-Commerce_MANAGE_CONTACTS_PER_SHOP=True, E-Commerce_ENABLE_MULTIPLE_SHOPS=True): staff_user = create_random_user(is_staff=True) shop1 = get_shop(identifier="shop-1", enabled=True) shop2 = get_shop(identifier="shop-2", enabled=True) shop1.staff_members.add(staff_user) shop2.staff_members.add(staff_user) contact = create_random_person(locale="en_US", minimum_name_comp_len=5, shop=shop2) # only available in shop2 assert contact.registered_in(shop2) assert contact.in_shop(shop2) request = apply_request_middleware(rf.get("/"), user=staff_user, shop=shop1) view = ContactDetailView.as_view() # contact not found for this shop with pytest.raises(Http404): response = view(request, pk=contact.id) request = apply_request_middleware(rf.get("/"), user=staff_user, shop=shop2) response = view(request, pk=contact.id) assert response.status_code == 200 assert contact.registered_in(shop2) assert contact.in_shop(shop2) assert not contact.registered_in(shop1) assert not contact.in_shop(shop1)
def test_user_list(rf, admin_user): shop = get_default_shop() user = get_user_model().objects.create( username=printable_gibberish(20), first_name=printable_gibberish(10), last_name=printable_gibberish(10), password="******", is_staff=True, is_superuser=False ) shop.staff_members.add(user) view_func = UserListView.as_view() request = rf.get("/", {"jq": json.dumps({"perPage": 100, "page": 1})}) # check with superuser response = view_func(apply_request_middleware(request, user=admin_user)) assert response.status_code == 200 data = json.loads(response.content.decode("utf-8")) assert len(data["items"]) == 2 # check with staff user response = view_func(apply_request_middleware(request, user=user)) assert response.status_code == 200 data = json.loads(response.content.decode("utf-8")) assert len(data["items"]) == 1
def test_basket_shipping_error(rf): StoredBasket.objects.all().delete() shop = get_default_shop() supplier = get_default_supplier() shipped_product = create_product( printable_gibberish(), shop=shop, supplier=supplier, default_price=50, shipping_mode=ShippingMode.SHIPPED ) unshipped_product = create_product( printable_gibberish(), shop=shop, supplier=supplier, default_price=50, shipping_mode=ShippingMode.NOT_SHIPPED ) request = rf.get("/") request.session = {} request.shop = shop apply_request_middleware(request) basket = get_basket(request) # With a shipped product but no shipping methods, we oughta get an error basket.add_product(supplier=supplier, shop=shop, product=shipped_product, quantity=1) assert any(ve.code == "no_common_shipping" for ve in basket.get_validation_errors()) basket.clear_all() # But with an unshipped product, we should not basket.add_product(supplier=supplier, shop=shop, product=unshipped_product, quantity=1) assert not any(ve.code == "no_common_shipping" for ve in basket.get_validation_errors())