def setUp(self): # login POST dicts self.super_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.super_email_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.super_email_bad_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.adduser_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.changeuser_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.deleteuser_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.joepublic_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'}
def setUp(self): """Test setup.""" # Setup permissions, for our users who can add, change, and delete. # We can't put this into the fixture, because the content type id # and the permission id could be different on each run of the test. opts = Article._meta # User who can add Articles add_user = User.objects.get(username='******') add_user.user_permissions.add(get_perm(Article, opts.get_add_permission())) # User who can change Articles change_user = User.objects.get(username='******') change_user.user_permissions.add(get_perm(Article, opts.get_change_permission())) # User who can delete Articles delete_user = User.objects.get(username='******') delete_user.user_permissions.add(get_perm(Article, opts.get_delete_permission())) delete_user.user_permissions.add(get_perm(Section, Section._meta.get_delete_permission())) # login POST dicts self.super_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.super_email_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.super_email_bad_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.adduser_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.changeuser_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.deleteuser_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'} self.joepublic_login = {'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******'}
def testAddView(self): """Test add view restricts access and actually adds items.""" add_dict = { 'content': '<p>great article</p>', 'date_0': '2008-03-18', 'date_1': '10:54:39', 'section': 1 } # Change User should not have access to add articles self.client.get('/test_admin/admin/') self.client.post('/test_admin/admin/', self.changeuser_login) request = self.client.get('/test_admin/admin/admin_views/article/add/') self.failUnlessEqual(request.status_code, 403) # Try POST just to make sure post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.failUnlessEqual(post.status_code, 403) self.failUnlessEqual(Article.objects.all().count(), 1) self.client.get('/test_admin/admin/logout/') # Add user may login and POST to add view, then redirect to admin root self.client.get('/test_admin/admin/') self.client.post('/test_admin/admin/', self.adduser_login) post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.assertRedirects(post, '/test_admin/admin/') self.failUnlessEqual(Article.objects.all().count(), 2) self.client.get('/test_admin/admin/logout/') # Super can add too, but is redirected to the change list view self.client.get('/test_admin/admin/') self.client.post('/test_admin/admin/', self.super_login) post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.assertRedirects(post, '/test_admin/admin/admin_views/article/') self.failUnlessEqual(Article.objects.all().count(), 3) self.client.get('/test_admin/admin/logout/') # Check and make sure that if user expires, data still persists post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.assertContains( post, 'Please log in again, because your session has expired.') self.super_login['post_data'] = _encode_post_data(add_dict) post = self.client.post('/test_admin/admin/admin_views/article/add/', self.super_login) self.assertRedirects(post, '/test_admin/admin/admin_views/article/') self.failUnlessEqual(Article.objects.all().count(), 4) self.client.get('/test_admin/admin/logout/')
def testAddView(self): """Test add view restricts access and actually adds items.""" add_dict = {'title' : 'Døm ikke', 'content': '<p>great article</p>', 'date_0': '2008-03-18', 'date_1': '10:54:39', 'section': 1} # Change User should not have access to add articles self.client.get('/test_admin/admin/') self.client.post('/test_admin/admin/', self.changeuser_login) request = self.client.get('/test_admin/admin/admin_views/article/add/') self.failUnlessEqual(request.status_code, 403) # Try POST just to make sure post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.failUnlessEqual(post.status_code, 403) self.failUnlessEqual(Article.objects.all().count(), 1) self.client.get('/test_admin/admin/logout/') # Add user may login and POST to add view, then redirect to admin root self.client.get('/test_admin/admin/') self.client.post('/test_admin/admin/', self.adduser_login) post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.assertRedirects(post, '/test_admin/admin/') self.failUnlessEqual(Article.objects.all().count(), 2) self.client.get('/test_admin/admin/logout/') # Super can add too, but is redirected to the change list view self.client.get('/test_admin/admin/') self.client.post('/test_admin/admin/', self.super_login) post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.assertRedirects(post, '/test_admin/admin/admin_views/article/') self.failUnlessEqual(Article.objects.all().count(), 3) self.client.get('/test_admin/admin/logout/') # Check and make sure that if user expires, data still persists post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict) self.assertContains(post, 'Please log in again, because your session has expired.') self.super_login['post_data'] = _encode_post_data(add_dict) post = self.client.post('/test_admin/admin/admin_views/article/add/', self.super_login) self.assertRedirects(post, '/test_admin/admin/admin_views/article/') self.failUnlessEqual(Article.objects.all().count(), 4) self.client.get('/test_admin/admin/logout/')
def setUp(self): """Test setup.""" # Setup permissions, for our users who can add, change, and delete. # We can't put this into the fixture, because the content type id # and the permission id could be different on each run of the test. opts = Article._meta # User who can add Articles add_user = User.objects.get(username='******') add_user.user_permissions.add( get_perm(Article, opts.get_add_permission())) # User who can change Articles change_user = User.objects.get(username='******') change_user.user_permissions.add( get_perm(Article, opts.get_change_permission())) # User who can delete Articles delete_user = User.objects.get(username='******') delete_user.user_permissions.add( get_perm(Article, opts.get_delete_permission())) delete_user.user_permissions.add( get_perm(Section, Section._meta.get_delete_permission())) # login POST dicts self.super_login = { 'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******' } self.super_email_login = { 'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******' } self.super_email_bad_login = { 'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******' } self.adduser_login = { 'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******' } self.changeuser_login = { 'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******' } self.deleteuser_login = { 'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******' } self.joepublic_login = { 'post_data': _encode_post_data({}), LOGIN_FORM_KEY: 1, 'username': '******', 'password': '******' }