def setUp(self):
# login POST dicts
self.super_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.super_email_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.super_email_bad_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.adduser_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.changeuser_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.deleteuser_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.joepublic_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
def setUp(self):
"""Test setup."""
# Setup permissions, for our users who can add, change, and delete.
# We can't put this into the fixture, because the content type id
# and the permission id could be different on each run of the test.
opts = Article._meta
# User who can add Articles
add_user = User.objects.get(username='******')
add_user.user_permissions.add(get_perm(Article,
opts.get_add_permission()))
# User who can change Articles
change_user = User.objects.get(username='******')
change_user.user_permissions.add(get_perm(Article,
opts.get_change_permission()))
# User who can delete Articles
delete_user = User.objects.get(username='******')
delete_user.user_permissions.add(get_perm(Article,
opts.get_delete_permission()))
delete_user.user_permissions.add(get_perm(Section,
Section._meta.get_delete_permission()))
# login POST dicts
self.super_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.super_email_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.super_email_bad_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.adduser_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.changeuser_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.deleteuser_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
self.joepublic_login = {'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'}
def testAddView(self):
"""Test add view restricts access and actually adds items."""
add_dict = {
'content': '<p>great article</p>',
'date_0': '2008-03-18',
'date_1': '10:54:39',
'section': 1
}
# Change User should not have access to add articles
self.client.get('/test_admin/admin/')
self.client.post('/test_admin/admin/', self.changeuser_login)
request = self.client.get('/test_admin/admin/admin_views/article/add/')
self.failUnlessEqual(request.status_code, 403)
# Try POST just to make sure
post = self.client.post('/test_admin/admin/admin_views/article/add/',
add_dict)
self.failUnlessEqual(post.status_code, 403)
self.failUnlessEqual(Article.objects.all().count(), 1)
self.client.get('/test_admin/admin/logout/')
# Add user may login and POST to add view, then redirect to admin root
self.client.get('/test_admin/admin/')
self.client.post('/test_admin/admin/', self.adduser_login)
post = self.client.post('/test_admin/admin/admin_views/article/add/',
add_dict)
self.assertRedirects(post, '/test_admin/admin/')
self.failUnlessEqual(Article.objects.all().count(), 2)
self.client.get('/test_admin/admin/logout/')
# Super can add too, but is redirected to the change list view
self.client.get('/test_admin/admin/')
self.client.post('/test_admin/admin/', self.super_login)
post = self.client.post('/test_admin/admin/admin_views/article/add/',
add_dict)
self.assertRedirects(post, '/test_admin/admin/admin_views/article/')
self.failUnlessEqual(Article.objects.all().count(), 3)
self.client.get('/test_admin/admin/logout/')
# Check and make sure that if user expires, data still persists
post = self.client.post('/test_admin/admin/admin_views/article/add/',
add_dict)
self.assertContains(
post, 'Please log in again, because your session has expired.')
self.super_login['post_data'] = _encode_post_data(add_dict)
post = self.client.post('/test_admin/admin/admin_views/article/add/',
self.super_login)
self.assertRedirects(post, '/test_admin/admin/admin_views/article/')
self.failUnlessEqual(Article.objects.all().count(), 4)
self.client.get('/test_admin/admin/logout/')
def testAddView(self):
"""Test add view restricts access and actually adds items."""
add_dict = {'title' : 'Døm ikke',
'content': '<p>great article</p>',
'date_0': '2008-03-18', 'date_1': '10:54:39',
'section': 1}
# Change User should not have access to add articles
self.client.get('/test_admin/admin/')
self.client.post('/test_admin/admin/', self.changeuser_login)
request = self.client.get('/test_admin/admin/admin_views/article/add/')
self.failUnlessEqual(request.status_code, 403)
# Try POST just to make sure
post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict)
self.failUnlessEqual(post.status_code, 403)
self.failUnlessEqual(Article.objects.all().count(), 1)
self.client.get('/test_admin/admin/logout/')
# Add user may login and POST to add view, then redirect to admin root
self.client.get('/test_admin/admin/')
self.client.post('/test_admin/admin/', self.adduser_login)
post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict)
self.assertRedirects(post, '/test_admin/admin/')
self.failUnlessEqual(Article.objects.all().count(), 2)
self.client.get('/test_admin/admin/logout/')
# Super can add too, but is redirected to the change list view
self.client.get('/test_admin/admin/')
self.client.post('/test_admin/admin/', self.super_login)
post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict)
self.assertRedirects(post, '/test_admin/admin/admin_views/article/')
self.failUnlessEqual(Article.objects.all().count(), 3)
self.client.get('/test_admin/admin/logout/')
# Check and make sure that if user expires, data still persists
post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict)
self.assertContains(post, 'Please log in again, because your session has expired.')
self.super_login['post_data'] = _encode_post_data(add_dict)
post = self.client.post('/test_admin/admin/admin_views/article/add/', self.super_login)
self.assertRedirects(post, '/test_admin/admin/admin_views/article/')
self.failUnlessEqual(Article.objects.all().count(), 4)
self.client.get('/test_admin/admin/logout/')
def setUp(self):
"""Test setup."""
# Setup permissions, for our users who can add, change, and delete.
# We can't put this into the fixture, because the content type id
# and the permission id could be different on each run of the test.
opts = Article._meta
# User who can add Articles
add_user = User.objects.get(username='******')
add_user.user_permissions.add(
get_perm(Article, opts.get_add_permission()))
# User who can change Articles
change_user = User.objects.get(username='******')
change_user.user_permissions.add(
get_perm(Article, opts.get_change_permission()))
# User who can delete Articles
delete_user = User.objects.get(username='******')
delete_user.user_permissions.add(
get_perm(Article, opts.get_delete_permission()))
delete_user.user_permissions.add(
get_perm(Section, Section._meta.get_delete_permission()))
# login POST dicts
self.super_login = {
'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'
}
self.super_email_login = {
'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'
}
self.super_email_bad_login = {
'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'
}
self.adduser_login = {
'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'
}
self.changeuser_login = {
'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'
}
self.deleteuser_login = {
'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'
}
self.joepublic_login = {
'post_data': _encode_post_data({}),
LOGIN_FORM_KEY: 1,
'username': '******',
'password': '******'
}
