Exemple #1
0
class OrgaPowerUserTest(OrgaBasicTest):
    def setUp(self):
        super(OrgaPowerUserTest, self).setUp()
        self.client = PowerUserAuthClient()
        self.expected_code = 200
        self.expected_save_code = 302
        self.expect_templates = True

    def test_access_to_orga_edit(self):
        url = reverse('organization-update', kwargs={'pk': self.orga.pk})
        super(OrgaPowerUserTest, self).test_access_to_orga_edit()

        self.orga.address_canton = 'VD'
        self.orga.save()

        initial = self.orga.__dict__.copy()
        del(initial['id'])
        del(initial['created_on'])
        del(initial['address_ptr_id'])
        del(initial['_state'])

        # Test some update, that must go through
        initial['address_canton'] = 'JU'

        response = self.client.post(url, initial)
        self.assertEqual(response.status_code, self.expected_save_code, url)

        neworga = Organization.objects.get(pk=self.orga.id)
        self.assertEqual(neworga.address_canton, 'JU')
Exemple #2
0
 def setUp(self):
     # Every test needs a client.
     self.client = PowerUserAuthClient()
     self.article = Article.objects.create(
         title='TestArticle',
         body='<h1>Test Body</h1>',
         published=True)
Exemple #3
0
class PowerUserTest(TestCase):
    def setUp(self):
        # Every test needs a client.
        self.client = PowerUserAuthClient()
        self.article = Article.objects.create(
            title='TestArticle',
            body='<h1>Test Body</h1>',
            published=True)

    def test_my_accesses(self):
        for symbolicurl in ['article-update',
                            'article-delete',
                            ]:
            response = self.client.get(
                reverse(symbolicurl, kwargs={'pk': self.article.pk}))
            self.assertEqual(response.status_code, 200, symbolicurl)

        response = self.client.get(reverse('article-create'))
        self.assertEqual(response.status_code, 200, 'Article creation')
Exemple #4
0
 def setUp(self):
     super(OrgaPowerUserTest, self).setUp()
     self.client = PowerUserAuthClient()
     self.expected_code = 200
     self.expected_save_code = 302
     self.expect_templates = True
Exemple #5
0
 def setUp(self):
     self.client = PowerUserAuthClient()
     super(PowerUserTest, self).setUp()
Exemple #6
0
class PowerUserTest(SeasonTestCaseMixin):
    def setUp(self):
        self.client = PowerUserAuthClient()
        super(PowerUserTest, self).setUp()

    def test_access_to_season_list(self):
        for symbolicurl in restrictedgenericurls:
            url = reverse(symbolicurl)
            # Final URL is forbidden
            response = self.client.get(url, follow=True)
            self.assertEqual(response.status_code, 200, url)

    def test_access_to_season_detail(self):
        for symbolicurl in restrictedspecificurls:
            url = reverse(symbolicurl, kwargs={'pk': self.season.pk})
            # Final URL is OK
            response = self.client.get(url, follow=True)
            self.assertEqual(response.status_code, 200, url)
        for symbolicurl in restrictedhelperspecificurls:
            for helper in self.users:
                url = reverse(
                    symbolicurl,
                    kwargs={
                        'pk': self.season.pk,
                        'helperpk': helper.pk
                        })
                # Final URL is OK
                response = self.client.get(url, follow=True)
                self.assertEqual(response.status_code, 200, url)

    def test_access_to_foreignsession(self):
        for session in self.foreignsessions:
            urls = [
                reverse(
                    'session-list',
                    kwargs={
                        'seasonpk': self.foreignseason.pk,
                        'year': session.day.year,
                        'week': session.day.strftime('%W'),
                    }),
                reverse(
                    'session-create',
                    kwargs={
                        'seasonpk': self.foreignseason.pk,
                    }),
                reverse(
                    'session-detail',
                    kwargs={
                        'seasonpk': self.foreignseason.pk,
                        'pk': session.pk,
                    }),
                reverse(
                    'session-update',
                    kwargs={
                        'seasonpk': self.foreignseason.pk,
                        'pk': session.pk,
                    }),
                reverse(
                    'session-staff-choices',
                    kwargs={
                        'seasonpk': self.foreignseason.pk,
                        'pk': session.pk,
                    }),
                reverse(
                    'session-delete',
                    kwargs={
                        'seasonpk': self.foreignseason.pk,
                        'pk': session.pk,
                    }),
            ]
            for url in urls:
                # Final URL is forbidden
                response = self.client.get(url, follow=True)
                self.assertEqual(response.status_code, 200, url)

    def test_access_to_mysession(self):
        for session in self.sessions:
            urls = [
                reverse(
                    'session-list',
                    kwargs={
                        'seasonpk': self.season.pk,
                        'year': session.day.year,
                        'week': session.day.strftime('%W'),
                    }),
                reverse(
                    'session-create',
                    kwargs={
                        'seasonpk': self.season.pk,
                    }),
                reverse(
                    'session-detail',
                    kwargs={
                        'seasonpk': self.season.pk,
                        'pk': session.pk,
                    }),
                reverse(
                    'session-update',
                    kwargs={
                        'seasonpk': self.season.pk,
                        'pk': session.pk,
                    }),
                reverse(
                    'session-staff-choices',
                    kwargs={
                        'seasonpk': self.season.pk,
                        'pk': session.pk,
                    }),
                reverse(
                    'session-delete',
                    kwargs={
                        'seasonpk': self.season.pk,
                        'pk': session.pk,
                    }),
            ]
            for url in urls:
                # Final URL is forbidden
                response = self.client.get(url, follow=True)
                self.assertEqual(response.status_code, 200, url)
Exemple #7
0
class PowerUserTest(ProfileTestCase):
    def setUp(self):
        super(PowerUserTest, self).setUp()
        self.client = PowerUserAuthClient()

    def test_my_allowances(self):
        for symbolicurl in myurlsforall + myurlsforoffice:
            for exportformat in ["csv", "ods", "xls"]:
                url = tryurl(symbolicurl, self.client.user, exportformat)
                response = self.client.get(url)
                self.assertEqual(response.status_code, 200, url)

    def test_otherusers_access(self):
        for symbolicurl in othersurls:
            for otheruser in self.users:
                url = tryurl(symbolicurl, otheruser)
                response = self.client.get(url)
                self.assertEqual(response.status_code, 200, url)

    def test_send_creds(self):
        nmails = 0
        for otheruser in self.users:
            url = tryurl("user-sendcredentials", otheruser)
            response = self.client.get(url)
            self.assertEqual(response.status_code, 200, url)
            # Now post to it, to get the mail sent
            response = self.client.post(url, {})
            self.assertEqual(response.status_code, 302, url)

            nmails += 1
            self.assertEqual(len(mail.outbox), nmails)

            # Verify what they are from the DB
            dbuser = get_user_model().objects.get(pk=otheruser.pk)
            self.assertTrue(dbuser.is_active)
            self.assertTrue(dbuser.has_usable_password())
            self.assertTrue(dbuser.profile.can_login)

            # Second try should fail, now that each of the users has a
            # a valid email and got a password sent
            response = self.client.get(url)
            self.assertEqual(response.status_code, 403, url)

            # Unallowed to re-send creds either
            url = tryurl("user-resendcredentials", otheruser)
            response = self.client.get(url)
            self.assertEqual(response.status_code, 403, url)

    def test_other_profile_accesses(self):
        for user in self.users:
            # Pre-update profile and user
            user.profile.formation = FORMATION_M1
            user.profile.save()
            url = reverse("user-update", kwargs={"pk": user.pk})
            response = self.client.get(url)
            self.assertEqual(response.status_code, 200, url)

            initial = self.getprofileinitial(user)
            # Test some update, that must go through
            initial["first_name"] = "newfirstname"
            initial["activity_cantons"] = ["JU", "VD", "GE"]

            # And some that mustn't
            initial["formation"] = FORMATION_M2
            initial["affiliation_canton"] = "VD"

            response = self.client.post(url, initial)
            self.assertEqual(response.status_code, 302, url)

            # Get our user from DB
            her = get_user_model().objects.get(pk=user.pk)

            # Updated
            self.assertEqual(her.first_name, "newfirstname")
            # Pas de VD parce que le canton d'affiliation est 'VD'
            self.assertEqual(her.profile.activity_cantons, ["JU", "GE"])

            # Updated as well
            self.assertEqual(her.profile.formation, FORMATION_M2)
            self.assertEqual(her.profile.affiliation_canton, "VD")

    def test_autocompletes(self):
        # All autocompletes are permitted
        for al in profile_autocompletes:
            url = reverse("autocomplete_light_autocomplete", kwargs={"autocomplete": al})
            response = self.client.get(url)
            self.assertEqual(response.status_code, 200, url)