class OrgaPowerUserTest(OrgaBasicTest): def setUp(self): super(OrgaPowerUserTest, self).setUp() self.client = PowerUserAuthClient() self.expected_code = 200 self.expected_save_code = 302 self.expect_templates = True def test_access_to_orga_edit(self): url = reverse('organization-update', kwargs={'pk': self.orga.pk}) super(OrgaPowerUserTest, self).test_access_to_orga_edit() self.orga.address_canton = 'VD' self.orga.save() initial = self.orga.__dict__.copy() del(initial['id']) del(initial['created_on']) del(initial['address_ptr_id']) del(initial['_state']) # Test some update, that must go through initial['address_canton'] = 'JU' response = self.client.post(url, initial) self.assertEqual(response.status_code, self.expected_save_code, url) neworga = Organization.objects.get(pk=self.orga.id) self.assertEqual(neworga.address_canton, 'JU')
def setUp(self): # Every test needs a client. self.client = PowerUserAuthClient() self.article = Article.objects.create( title='TestArticle', body='<h1>Test Body</h1>', published=True)
class PowerUserTest(TestCase): def setUp(self): # Every test needs a client. self.client = PowerUserAuthClient() self.article = Article.objects.create( title='TestArticle', body='<h1>Test Body</h1>', published=True) def test_my_accesses(self): for symbolicurl in ['article-update', 'article-delete', ]: response = self.client.get( reverse(symbolicurl, kwargs={'pk': self.article.pk})) self.assertEqual(response.status_code, 200, symbolicurl) response = self.client.get(reverse('article-create')) self.assertEqual(response.status_code, 200, 'Article creation')
def setUp(self): super(OrgaPowerUserTest, self).setUp() self.client = PowerUserAuthClient() self.expected_code = 200 self.expected_save_code = 302 self.expect_templates = True
def setUp(self): self.client = PowerUserAuthClient() super(PowerUserTest, self).setUp()
class PowerUserTest(SeasonTestCaseMixin): def setUp(self): self.client = PowerUserAuthClient() super(PowerUserTest, self).setUp() def test_access_to_season_list(self): for symbolicurl in restrictedgenericurls: url = reverse(symbolicurl) # Final URL is forbidden response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 200, url) def test_access_to_season_detail(self): for symbolicurl in restrictedspecificurls: url = reverse(symbolicurl, kwargs={'pk': self.season.pk}) # Final URL is OK response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 200, url) for symbolicurl in restrictedhelperspecificurls: for helper in self.users: url = reverse( symbolicurl, kwargs={ 'pk': self.season.pk, 'helperpk': helper.pk }) # Final URL is OK response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 200, url) def test_access_to_foreignsession(self): for session in self.foreignsessions: urls = [ reverse( 'session-list', kwargs={ 'seasonpk': self.foreignseason.pk, 'year': session.day.year, 'week': session.day.strftime('%W'), }), reverse( 'session-create', kwargs={ 'seasonpk': self.foreignseason.pk, }), reverse( 'session-detail', kwargs={ 'seasonpk': self.foreignseason.pk, 'pk': session.pk, }), reverse( 'session-update', kwargs={ 'seasonpk': self.foreignseason.pk, 'pk': session.pk, }), reverse( 'session-staff-choices', kwargs={ 'seasonpk': self.foreignseason.pk, 'pk': session.pk, }), reverse( 'session-delete', kwargs={ 'seasonpk': self.foreignseason.pk, 'pk': session.pk, }), ] for url in urls: # Final URL is forbidden response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 200, url) def test_access_to_mysession(self): for session in self.sessions: urls = [ reverse( 'session-list', kwargs={ 'seasonpk': self.season.pk, 'year': session.day.year, 'week': session.day.strftime('%W'), }), reverse( 'session-create', kwargs={ 'seasonpk': self.season.pk, }), reverse( 'session-detail', kwargs={ 'seasonpk': self.season.pk, 'pk': session.pk, }), reverse( 'session-update', kwargs={ 'seasonpk': self.season.pk, 'pk': session.pk, }), reverse( 'session-staff-choices', kwargs={ 'seasonpk': self.season.pk, 'pk': session.pk, }), reverse( 'session-delete', kwargs={ 'seasonpk': self.season.pk, 'pk': session.pk, }), ] for url in urls: # Final URL is forbidden response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 200, url)
class PowerUserTest(ProfileTestCase): def setUp(self): super(PowerUserTest, self).setUp() self.client = PowerUserAuthClient() def test_my_allowances(self): for symbolicurl in myurlsforall + myurlsforoffice: for exportformat in ["csv", "ods", "xls"]: url = tryurl(symbolicurl, self.client.user, exportformat) response = self.client.get(url) self.assertEqual(response.status_code, 200, url) def test_otherusers_access(self): for symbolicurl in othersurls: for otheruser in self.users: url = tryurl(symbolicurl, otheruser) response = self.client.get(url) self.assertEqual(response.status_code, 200, url) def test_send_creds(self): nmails = 0 for otheruser in self.users: url = tryurl("user-sendcredentials", otheruser) response = self.client.get(url) self.assertEqual(response.status_code, 200, url) # Now post to it, to get the mail sent response = self.client.post(url, {}) self.assertEqual(response.status_code, 302, url) nmails += 1 self.assertEqual(len(mail.outbox), nmails) # Verify what they are from the DB dbuser = get_user_model().objects.get(pk=otheruser.pk) self.assertTrue(dbuser.is_active) self.assertTrue(dbuser.has_usable_password()) self.assertTrue(dbuser.profile.can_login) # Second try should fail, now that each of the users has a # a valid email and got a password sent response = self.client.get(url) self.assertEqual(response.status_code, 403, url) # Unallowed to re-send creds either url = tryurl("user-resendcredentials", otheruser) response = self.client.get(url) self.assertEqual(response.status_code, 403, url) def test_other_profile_accesses(self): for user in self.users: # Pre-update profile and user user.profile.formation = FORMATION_M1 user.profile.save() url = reverse("user-update", kwargs={"pk": user.pk}) response = self.client.get(url) self.assertEqual(response.status_code, 200, url) initial = self.getprofileinitial(user) # Test some update, that must go through initial["first_name"] = "newfirstname" initial["activity_cantons"] = ["JU", "VD", "GE"] # And some that mustn't initial["formation"] = FORMATION_M2 initial["affiliation_canton"] = "VD" response = self.client.post(url, initial) self.assertEqual(response.status_code, 302, url) # Get our user from DB her = get_user_model().objects.get(pk=user.pk) # Updated self.assertEqual(her.first_name, "newfirstname") # Pas de VD parce que le canton d'affiliation est 'VD' self.assertEqual(her.profile.activity_cantons, ["JU", "GE"]) # Updated as well self.assertEqual(her.profile.formation, FORMATION_M2) self.assertEqual(her.profile.affiliation_canton, "VD") def test_autocompletes(self): # All autocompletes are permitted for al in profile_autocompletes: url = reverse("autocomplete_light_autocomplete", kwargs={"autocomplete": al}) response = self.client.get(url) self.assertEqual(response.status_code, 200, url)