def test_cannot_access(test_case: TestCase, url: str, expected_url: str, data: dict = None): """Check if test_case cannot access url with GET request and POST request with optional data and is redirected to expected_url.""" response = test_case.client.get(url) test_case.assertRedirects(response, expected_url=expected_url) response = test_case.client.post(url, data) test_case.assertRedirects(response, expected_url=expected_url)
def test_can_access(test_case: TestCase, url: str, get_redirect_url: str = None, post_redirect_url: str = None, data: dict = None): """Check if test_case can access url with GET request and POST request with optional data and is redirected to expected url, if specified.""" response = test_case.client.get(url) if get_redirect_url: test_case.assertRedirects(response, expected_url=get_redirect_url) else: test_case.assertEqual(response.status_code, 200) response = test_case.client.post(url, data) if post_redirect_url: test_case.assertRedirects(response, expected_url=post_redirect_url) else: test_case.assertEqual(response.status_code, 200)
def checkAccessPermissions(test: TestCase, url: str, httpMethod: str, permissionLevel: PermissionLevel, user: User = None, redirectUrl: str = "", data: dict = {}) -> None: client = Client() # Ensure the correct type of user makes the request if permissionLevel == PermissionLevel.LEVEL_USER: if user is None: user = User.objects.get(username='******') elif user.is_superuser: user.is_superuser = False User.save(user) elif permissionLevel == PermissionLevel.LEVEL_ADMIN: if user is None: user = User.objects.get(username='******') elif not user.is_superuser: user.is_superuser = True User.save(user) # Ensure the correct user is logged in if user: client.force_login(user) # Issue a HTTP request. response = getattr(client, httpMethod)(url, data=data, follow=(bool(redirectUrl)), secure=True) # Ensure that a 200 OK response is received test.assertEqual(response.status_code, 200) # Ensure we were redirected to the correct page if redirectUrl: # Ensure a redirection to the expected URL took place test.assertRedirects(response, redirectUrl) # Check if we get redirected to the login page if not logged in, but a login is required # Skip this check if we expect a different redirect (which was already checked earlier) if permissionLevel <= PermissionLevel.LEVEL_PUBLIC or redirectUrl: return # Ensure the client is not logged in client.logout() # Issue a HTTP request. response = getattr(client, httpMethod)(url, data=data, follow=True, secure=True) # Ensure that a 200 OK response is received test.assertEqual(response.status_code, 200) # Ensure a redirection to the login page took place test.assertRedirects(response, '{0}?next={1}'.format(settings.LOGIN_URL, url)) # Check if we get redirected to the login page if we're not an admin if permissionLevel <= PermissionLevel.LEVEL_USER: return # Ensure the client is not logged in client.force_login(user) # Issue a HTTP request. response = getattr(client, httpMethod)(url, data=data, follow=True, secure=True) # Ensure that a 200 OK response is received test.assertEqual(response.status_code, 200) # Ensure a redirection to the login page took place test.assertRedirects(response, '{0}?next={1}'.format(settings.LOGIN_URL, url))