class EntryDeleteViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory(username='******') self.user.set_password('password') self.other = PersonaFactory(username='******') self.user.save() self.other.save() self.entry = EntryFactory(title='かわずたんだよ☆', author=self.user) def test_anonymous_user_can_not_delete_via_delete_view(self): '''非ログインユーザーは記事の削除ができない''' r = self.client.post('/blogs/author_kawaztan/1/delete/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/author_kawaztan/1/delete/') self.assertEqual(self.entry.title, 'かわずたんだよ☆') def test_other_user_cannot_delete_via_delete_view(self): '''作者以外のユーザーは記事の削除ができない''' self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/blogs/author_kawaztan/1/delete/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/author_kawaztan/1/delete/') self.assertEqual(self.entry.title, 'かわずたんだよ☆') def test_author_can_delete_via_delete_view(self): '''作者は記事を削除できる''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/blogs/author_kawaztan/1/delete/') self.assertRedirects(r, '/blogs/') self.assertEqual(Entry.objects.count(), 0)
class ProjectJoinViewTestCase(TestCase): def setUp(self): self.project = ProjectFactory() self.user = PersonaFactory() self.user.set_password('password') self.user.save() def test_anonymous_cannnot_join_project(self): ''' Tests anonymous users attempt to access to ProjectJoinViewTestCase with GET method, redirects to Login page. ''' r = self.client.get('/projects/1/join/') self.assertRedirects(r, '{0}?next={1}'.format(settings.LOGIN_URL, '/projects/1/join/')) def test_get_method_is_not_allowed(self): ''' Tests authorized attempt to access to ProjectJoinViewTestCase with GET method, it returns 405 ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/projects/1/join/') self.assertEqual(r.status_code, 405) def test_user_can_join_project_via_project_join_view(self): ''' Tests user can join to project via ProjectJoinView then redirects to project permalinks ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/projects/1/join/') self.assertRedirects(r, '/projects/{}/'.format(self.project.slug)) self.assertEqual(self.project.members.count(), 2) self.assertTrue(self.user in self.project.members.all())
class EntryAuthorMonthArchiveViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() self.entries = ( EntryFactory(), EntryFactory(author=self.user), EntryFactory(pub_state='protected'), EntryFactory(pub_state='protected', author=self.user), EntryFactory(pub_state='draft'), ) def test_anonymous_can_view_only_public_entries_of_the_author(self): ''' Tests anonymous user can view public Entry written by specific author in the month only. The protected entries are not displayed. ''' user = AnonymousUser() entry = self.entries[0] lt = get_local_time(entry.published_at) r = self.client.get('/blogs/{0}/{1}/{2}/'.format(self.user.username, lt.year, lt.month)) self.assertTemplateUsed('blogs/entry_archive_month.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[1]) def test_wille_can_view_only_public_entries_of_the_author(self): ''' Tests wille user can view public Entry written by specific author in the month only. The protected entries are not displayed. ''' self.assertTrue(self.client.login(username=self.wille, password='******')) entry = self.entries[0] lt = get_local_time(entry.published_at) r = self.client.get('/blogs/{0}/{1}/{2}/'.format(self.user.username, lt.year, lt.month)) self.assertTemplateUsed('blogs/entry_archive_month.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[1]) def test_authenticated_can_view_all_publish_entries_of_the_author(self): ''' Tests authenticated user can view all published entries written by specific author in the month. ''' entry = self.entries[0] self.assertTrue(self.client.login(username=self.user, password='******')) lt = get_local_time(entry.published_at) r = self.client.get('/blogs/{0}/{1}/{2}/'.format(self.user.username, lt.year, lt.month)) self.assertTemplateUsed('blogs/entry_archive_month.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two entries') self.assertEqual(list[0], self.entries[3], 'protected') self.assertEqual(list[1], self.entries[1], 'public')
class EntryMonthArchiveViewTestCase(TestCase): def setUp(self): self.entries = ( EntryFactory(), EntryFactory(pub_state='protected'), EntryFactory(pub_state='draft'), ) self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_can_view_only_public_entries(self): ''' Tests anonymous user can view public Entry written in the month only. The protected entries are not displayed. ''' user = AnonymousUser() entry = self.entries[0] lt = get_local_time(entry.published_at) r = self.client.get('/blogs/{0}/{1}/'.format(lt.year, lt.month)) self.assertTemplateUsed('blogs/entry_archive_month.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[0]) def test_wille_can_view_only_public_entries(self): ''' Tests wille user can view public Entry written in the month only. The protected entries are not displayed. ''' self.assertTrue( self.client.login(username=self.wille, password='******')) entry = self.entries[0] lt = get_local_time(entry.published_at) r = self.client.get('/blogs/{0}/{1}/'.format(lt.year, lt.month)) self.assertTemplateUsed('blogs/entry_archive_month.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[0]) def test_authenticated_can_view_all_publish_entries(self): ''' Tests authenticated user can view all published entries written in the month. ''' entry = self.entries[0] self.assertTrue( self.client.login(username=self.user, password='******')) lt = get_local_time(entry.published_at) r = self.client.get('/blogs/{0}/{1}/'.format(lt.year, lt.month)) self.assertTemplateUsed('blogs/entry_archive_month.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two entries') self.assertEqual(list[0], self.entries[1], 'protected') self.assertEqual(list[1], self.entries[0], 'public')
class AnnouncementListViewTestCase(TestCase): def setUp(self): self.announcements = ( AnnouncementFactory(), AnnouncementFactory(pub_state='protected'), AnnouncementFactory(pub_state='draft'), ) self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_can_view_only_public_announcements(self): ''' Tests anonymous user can view public Announcement only. The protected announcements are not displayed. ''' user = AnonymousUser() r = self.client.get('/announcements/') self.assertTemplateUsed('announcements/announcement_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one announcement') self.assertEqual(list[0], self.announcements[0]) def test_wille_can_view_only_public_announcements(self): ''' Tests wille user can view public Announcement only. The protected announcements are not displayed. ''' self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.get('/announcements/') self.assertTemplateUsed('announcements/announcement_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one announcement') self.assertEqual(list[0], self.announcements[0]) def test_authenticated_can_view_all_publish_announcements(self): ''' Tests authenticated user can view all published announcements. ''' self.assertTrue( self.client.login(username=self.user, password='******')) r = self.client.get('/announcements/') self.assertTemplateUsed('announcements/announcement_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two announcements') self.assertTrue(self.announcements[1] in list) self.assertTrue(self.announcements[0] in list) def test_paginate_by(self): """ paginator_byが5件にセットされている """ self.assertEqual(AnnouncementListView.paginate_by, 5)
class EntryDetailViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() def test_anonymous_user_can_view_public_entry(self): '''Tests anonymous user can view public entry''' entry = EntryFactory() r = self.client.get(entry.get_absolute_url()) self.assertTemplateUsed(r, 'blogs/entry_detail.html') self.assertEqual(r.context_data['object'], entry) def test_authorized_user_can_view_public_entry(self): '''Tests authorized user can view public entry''' entry = EntryFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(entry.get_absolute_url()) self.assertTemplateUsed(r, 'blogs/entry_detail.html') self.assertEqual(r.context_data['object'], entry) def test_anonymous_user_can_not_view_protected_entry(self): '''Tests anonymous user can not view protected entry''' entry = EntryFactory(pub_state='protected') r = self.client.get(entry.get_absolute_url()) self.assertRedirects(r, '{0}?next={1}'.format(settings.LOGIN_URL, entry.get_absolute_url())) def test_authorized_user_can_view_protected_entry(self): '''Tests authorized user can view public entry''' entry = EntryFactory(pub_state='protected') self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(entry.get_absolute_url()) self.assertTemplateUsed(r, 'blogs/entry_detail.html') self.assertEqual(r.context_data['object'], entry) def test_anonymous_user_can_not_view_draft_entry(self): '''Tests anonymous user can not view draft entry''' entry = EntryFactory(pub_state='draft') r = self.client.get(entry.get_absolute_url()) self.assertRedirects(r, '{0}?next={1}'.format(settings.LOGIN_URL, entry.get_absolute_url())) def test_others_can_not_view_draft_entry(self): ''' Tests others can not view draft entry User will redirect to '/entries/1/update/' ''' entry = EntryFactory(pub_state='draft') self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(entry.get_absolute_url()) self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/{}/1/update/'.format(entry.author.username)) def test_organizer_can_view_draft_entry(self): '''Tests organizer can view draft entry on update view''' entry = EntryFactory(pub_state='draft', author=self.user) self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(entry.get_absolute_url()) self.assertTemplateUsed(r, 'blogs/entry_form.html') self.assertEqual(r.context_data['object'], entry)
class EntryAuthorTodayArchiveViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() self.entries = ( EntryFactory(), EntryFactory(author=self.user), EntryFactory(pub_state='protected'), EntryFactory(pub_state='protected', author=self.user), EntryFactory(pub_state='draft'), ) def test_anonymous_can_view_only_public_entries_of_the_author(self): ''' Tests anonymous user can view public Entry written by specific author on today only. The protected entries are not displayed. ''' entry = self.entries[0] r = self.client.get('/blogs/{}/today/'.format(self.user.username)) self.assertTemplateUsed('blogs/entry_archive_day.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[1]) def test_wille_can_view_only_public_entries_of_the_author(self): ''' Tests wille user can view public Entry written by specific author on today only. The protected entries are not displayed. ''' entry = self.entries[0] self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.get('/blogs/{}/today/'.format(self.user.username)) self.assertTemplateUsed('blogs/entry_archive_day.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[1]) def test_authenticated_can_view_all_publish_entries_of_the_author(self): ''' Tests authenticated user can view all published entries written by specific author on today. ''' entry = self.entries[0] self.assertTrue( self.client.login(username=self.user, password='******')) r = self.client.get('/blogs/{}/today/'.format(self.user.username)) self.assertTemplateUsed('blogs/entry_archive_day.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two entries') self.assertEqual(list[0], self.entries[3], 'protected') self.assertEqual(list[1], self.entries[1], 'public')
class AnnouncementListViewTestCase(TestCase): def setUp(self): self.announcements = ( AnnouncementFactory(), AnnouncementFactory(pub_state='protected'), AnnouncementFactory(pub_state='draft'), ) self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_can_view_only_public_announcements(self): ''' Tests anonymous user can view public Announcement only. The protected announcements are not displayed. ''' user = AnonymousUser() r = self.client.get('/announcements/') self.assertTemplateUsed('announcements/announcement_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one announcement') self.assertEqual(list[0], self.announcements[0]) def test_wille_can_view_only_public_announcements(self): ''' Tests wille user can view public Announcement only. The protected announcements are not displayed. ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/announcements/') self.assertTemplateUsed('announcements/announcement_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one announcement') self.assertEqual(list[0], self.announcements[0]) def test_authenticated_can_view_all_publish_announcements(self): ''' Tests authenticated user can view all published announcements. ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/announcements/') self.assertTemplateUsed('announcements/announcement_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two announcements') self.assertTrue(self.announcements[1] in list) self.assertTrue(self.announcements[0] in list) def test_paginate_by(self): """ paginator_byが5件にセットされている """ self.assertEqual(AnnouncementListView.paginate_by, 5)
class EventListViewTestCase(TestCase): def setUp(self): arguments_list = ( (-3, -2, {'pub_state':'public'}), # 2000/9/1 ~ 2000/9/2 (1, 2, {'pub_state':'public'}), # 2000/9/5 ~ 2000/9/6 (-2, -1, {'pub_state':'protected'}), # 2000/9/3 ~ 2000/9/4 (0, 1, {'pub_state':'protected'}), # 2000/9/4 ~ 2000/9/5 (-3, -2, {'pub_state':'draft'}), # 2000/9/2 ~ 2000/9/3 (1, 2, {'pub_state':'draft'}), # 2000/9/5 ~ 2000/9/6 ) self.events = [event_factory_with_relative(*args) for args in arguments_list] self.user = PersonaFactory() self.user.set_password('password') self.user.save() def test_anonymous_can_view_only_public_events(self): ''' Tests anonymous user can view public Events only. The protected events are not displayed. ''' user = AnonymousUser() r = self.client.get('/events/') self.assertTemplateUsed('events/event_list.html') self.assertTrue('object_list', r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one event') self.assertEqual(list[0], self.events[1], '2000/9/5 ~ 6 public') def test_authenticated_can_view_all_publish_events(self): ''' Tests authenticated user can view all published events. ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/events/') self.assertTemplateUsed('events/event_list.html') self.assertTrue('object_list', r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two events') self.assertEqual(list[0], self.events[3], '2000/9/5 ~ 6 protected') self.assertEqual(list[1], self.events[1], '2000/9/5 ~ 6 public') def test_list_with_categories(self): """ イベントリストでCategoryのfilterが有効になっている """ category = CategoryFactory() event1 = EventFactory(category=category) event2 = EventFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/events/?category={}'.format(category.pk)) self.assertTemplateUsed(r, 'events/event_list.html') self.assertEqual(r.context['filter'].qs.count(), 1) self.assertTrue(event1 in r.context['filter'].qs)
class EntryAuthorYearArchiveViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() self.entries = ( EntryFactory(), EntryFactory(author=self.user), EntryFactory(pub_state='protected'), EntryFactory(pub_state='protected', author=self.user), EntryFactory(pub_state='draft'), ) def test_anonymous_can_view_only_public_entries_of_the_author(self): ''' Tests anonymous user can view public Entry written by specific author in the year only. The protected entries are not displayed. ''' user = AnonymousUser() r = self.client.get('/blogs/{0}/{1}/'.format( self.user.username, self.entries[0].published_at.year)) self.assertTemplateUsed('blogs/entry_archive_year.html') self.assertTrue('date_list' in r.context_data) list = r.context_data['date_list'] self.assertEqual(list.count(), 1, 'date_list has one month') def test_wille_can_view_only_public_entries_of_the_author(self): ''' Tests wille user can view public Entry written by specific author in the year only. The protected entries are not displayed. ''' self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.get('/blogs/{0}/{1}/'.format( self.user.username, self.entries[0].published_at.year)) self.assertTemplateUsed('blogs/entry_archive_year.html') self.assertTrue('date_list' in r.context_data) list = r.context_data['date_list'] self.assertEqual(list.count(), 1, 'date_list has one month') def test_authenticated_can_view_all_publish_entries_of_the_author(self): ''' Tests authenticated user can view all published entries written by specific author in the year. ''' self.assertTrue( self.client.login(username=self.user, password='******')) r = self.client.get('/blogs/{0}/{1}/'.format( self.user.username, self.entries[0].published_at.year)) self.assertTemplateUsed('blogs/entry_archive_year.html') self.assertTrue('date_list' in r.context_data) list = r.context_data['date_list'] self.assertEqual(list.count(), 1, 'date_list has one month')
class EntryTodayArchiveViewTestCase(TestCase): def setUp(self): self.entries = ( EntryFactory(), EntryFactory(pub_state='protected'), EntryFactory(pub_state='draft'), ) self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_can_view_only_public_entries(self): ''' Tests anonymous user can view public Entry written on today only. The protected entries are not displayed. ''' entry = self.entries[0] user = AnonymousUser() r = self.client.get('/blogs/today/') self.assertTemplateUsed('blogs/entry_archive_day.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[0]) def test_wille_can_view_only_public_entries(self): ''' Tests wille user can view public Entry written on today only. The protected entries are not displayed. ''' self.assertTrue(self.client.login(username=self.wille, password='******')) entry = self.entries[0] r = self.client.get('/blogs/today/') self.assertTemplateUsed('blogs/entry_archive_day.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[0]) def test_authenticated_can_view_all_publish_entries(self): ''' Tests authenticated user can view all published entries written on today. ''' entry = self.entries[0] self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/blogs/today/') self.assertTemplateUsed('blogs/entry_archive_day.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two entries') self.assertEqual(list[0], self.entries[1], 'protected') self.assertEqual(list[1], self.entries[0], 'public')
class ProjectListViewTestCase(TestCase): def setUp(self): self.projects = ( ProjectFactory(), ProjectFactory(pub_state='protected'), ProjectFactory(pub_state='draft'), ) self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_can_view_only_public_projects(self): ''' Tests anonymous user can view public Project only. The protected projects are not displayed. ''' user = AnonymousUser() r = self.client.get('/projects/') self.assertTemplateUsed('projects/project_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one project') self.assertEqual(list[0], self.projects[0]) def test_wille_can_view_only_public_projects(self): ''' Tests wille user can view public Project only. The protected projects are not displayed. ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/projects/') self.assertTemplateUsed('projects/project_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one project') self.assertEqual(list[0], self.projects[0]) def test_authenticated_can_view_all_publish_projects(self): ''' Tests authenticated user can view all published projects. ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/projects/') self.assertTemplateUsed('projects/project_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two projects') self.assertEqual(list[0], self.projects[1], 'protected') self.assertEqual(list[1], self.projects[0], 'public')
class EntryAuthorYearArchiveViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() self.entries = ( EntryFactory(), EntryFactory(author=self.user), EntryFactory(pub_state='protected'), EntryFactory(pub_state='protected', author=self.user), EntryFactory(pub_state='draft'), ) def test_anonymous_can_view_only_public_entries_of_the_author(self): ''' Tests anonymous user can view public Entry written by specific author in the year only. The protected entries are not displayed. ''' user = AnonymousUser() r = self.client.get('/blogs/{0}/{1}/'.format(self.user.username, self.entries[0].publish_at.year)) self.assertTemplateUsed('blogs/entry_archive_year.html') self.assertTrue('date_list' in r.context_data) list = r.context_data['date_list'] self.assertEqual(list.count(), 1, 'date_list has one month') def test_wille_can_view_only_public_entries_of_the_author(self): ''' Tests wille user can view public Entry written by specific author in the year only. The protected entries are not displayed. ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/blogs/{0}/{1}/'.format(self.user.username, self.entries[0].publish_at.year)) self.assertTemplateUsed('blogs/entry_archive_year.html') self.assertTrue('date_list' in r.context_data) list = r.context_data['date_list'] self.assertEqual(list.count(), 1, 'date_list has one month') def test_authenticated_can_view_all_publish_entries_of_the_author(self): ''' Tests authenticated user can view all published entries written by specific author in the year. ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/blogs/{0}/{1}/'.format(self.user.username, self.entries[0].publish_at.year)) self.assertTemplateUsed('blogs/entry_archive_year.html') self.assertTrue('date_list' in r.context_data) list = r.context_data['date_list'] self.assertEqual(list.count(), 1, 'date_list has one month')
class ProjectDeleteViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() self.other = PersonaFactory() self.other.set_password('password') self.other.save() self.project = ProjectFactory(administrator=self.user) def test_administrator_can_delete_via_project_delete_view(self): ''' Tests administrators can delete its own projects via ProjectDeleteView ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/projects/1/delete/', {}) self.assertEqual(Project.objects.count(), 0) self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_member_cannot_delete_via_project_delete_view(self): ''' Tests members cannot delete its projects via ProjectDeleteView ''' self.assertTrue(self.client.login(username=self.other, password='******')) self.project.join(self.other) r = self.client.post('/projects/1/delete/', {}) self.assertEqual(Project.objects.count(), 1) def test_other_cannot_delete_via_project_delete_view(self): ''' Tests others cannot delete projects via ProjectDeleteView ''' self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/projects/1/delete/', {}) self.assertEqual(Project.objects.count(), 1) def test_wille_cannot_delete_via_project_delete_view(self): ''' Tests wille cannot delete projects via ProjectDeleteView ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.post('/projects/1/delete/', {}) self.assertEqual(Project.objects.count(), 1) def test_anonymous_cannot_delete_via_project_delete_view(self): ''' Tests anonymous cannot delete projects via ProjectDeleteView ''' r = self.client.post('/projects/1/delete/', {}) self.assertEqual(Project.objects.count(), 1)
class AnnouncementCreateViewTestCase(ViewTestCaseBase): template_path = 'announcements/announcement_form.html' def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.nerv = PersonaFactory(role='nerv') self.nerv.set_password('password') self.nerv.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_reverse_url(self): """ AnnouncementCreateViewの逆引き """ self.assertEqual( reverse('announcements_announcement_create'), '/announcements/create/', ) def test_anonymous_user_can_not_create_view(self): '''Tests anonymous user can not view AnnouncementCreateView''' r = self.client.get('/announcements/create/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/create/') def test_wille_user_can_not_view_announcement_create_view(self): '''Tests wille user can not view AnnouncementCreateView''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/announcements/create/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/create/') def test_general_user_can_not_view_announcement_create_view(self): '''Tests general user can not view AnnouncementCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/announcements/create/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/create/') def test_staff_user_can_view_announcement_create_view(self): '''Tests staff user can view AnnouncementCreateView''' self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.get('/announcements/create/') self.assertTemplateUsed(r, 'announcements/announcement_form.html') self.assertFalse('object' in r.context_data) def test_anonymous_user_can_not_create_via_create_view(self): '''Tests anonymous user can not create announcement via AnnouncementCreateView''' r = self.client.post('/announcements/create/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/create/') def test_wille_user_can_not_create_via_create_view(self): '''Tests wille user can not create announcement via AnnouncementCreateView''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.post('/announcements/create/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/create/') def test_staff_user_can_create_via_create_view(self): '''Tests staff user can create announcement via AnnouncementCreateView''' self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/create/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.title, '【悲報】データ消えました') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_authorized_user_can_create_via_create_view(self): '''Tests authorized user can create announcement via AnnouncementCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/announcements/create/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/create/') def test_set_last_modifier_user(self): """ お知らせを作成したときにlast_modifierとauthorがセットされる """ self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/create/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.author, self.nerv) self.assertEqual(e.last_modifier, self.nerv) def test_staffs_cannot_modify_author_id(self): ''' Tests authorized user cannot modify author id. In announcement creation form, `author` is exist as hidden field. So user can modify `author` to invalid values. This test checks that `author` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/create/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True, 'author' : other.pk }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.author, self.nerv) self.assertNotEqual(e.author, other) self.assertTrue('messages' in r.cookies, "No messages are appeared")
class AnnouncementDeleteViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory(role='nerv') self.user.set_password('password') self.user.save() self.nerv = PersonaFactory(role='nerv') self.nerv.set_password('password') self.nerv.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() self.other = PersonaFactory() self.other.set_password('password') self.other.save() self.announcement = AnnouncementFactory(author=self.user) def test_author_can_delete_via_announcement_delete_view(self): ''' Tests author can delete its own announcements via AnnouncementDeleteView ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertRedirects(r, '/announcements/') self.assertEqual(Announcement.objects.count(), 0) self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_staff_can_delete_via_announcement_delete_view(self): ''' Tests members can delete its announcements via AnnouncementDeleteView ''' self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertRedirects(r, '/announcements/') self.assertEqual(Announcement.objects.count(), 0) self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_other_cannot_delete_via_announcement_delete_view(self): ''' Tests others cannot delete announcements via AnnouncementDeleteView ''' self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertEqual(Announcement.objects.count(), 1) self.assertRedirects(r, '{0}?next=/announcements/1/delete/'.format(settings.LOGIN_URL)) def test_wille_cannot_delete_via_announcement_delete_view(self): ''' Tests wille cannot delete announcements via AnnouncementDeleteView ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertEqual(Announcement.objects.count(), 1) self.assertRedirects(r, '{0}?next=/announcements/1/delete/'.format(settings.LOGIN_URL)) def test_anonymous_cannot_delete_via_announcement_delete_view(self): ''' Tests anonymous cannot delete announcements via AnnouncementDeleteView ''' r = self.client.post('/announcements/1/delete/', {}) self.assertEqual(Announcement.objects.count(), 1) self.assertRedirects(r, '{0}?next=/announcements/1/delete/'.format(settings.LOGIN_URL))
class EntryCreateViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() def test_anonymous_user_can_not_create_view(self): '''Tests anonymous user can not view EntryCreateView''' r = self.client.get('/blogs/{}/create/'.format(self.user.username)) self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/{}/create/'.format(self.user.username)) def test_authorized_user_can_view_entry_create_view(self): '''Tests authorized user can view EntryCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/blogs/{}/create/'.format(self.user.username)) self.assertTemplateUsed(r, 'blogs/entry_form.html') self.assertFalse('object' in r.context_data) def test_anonymous_user_can_not_create_via_create_view(self): '''Tests anonymous user can not create entry via EntryCreateView''' r = self.client.post('/blogs/{}/create/'.format(self.user.username), { 'pub_state' : 'public', 'title' : '日記です', 'body' : '天気が良かったです', }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/{}/create/'.format(self.user.username)) def test_authorized_user_can_create_via_create_view(self): '''Tests authorized user can create entry via EntryCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/blogs/{}/create/'.format(self.user.username), { 'pub_state' : 'public', 'title' : '日記です', 'body' : '天気が良かったです', }) today = datetime.date.today() self.assertRedirects(r, '/blogs/{0}/{1}/{2}/{3}/1/'.format(self.user.username, today.year, today.month, today.day)) self.assertEqual(Entry.objects.count(), 1) e = Entry.objects.get(pk=1) self.assertEqual(e.title, '日記です') def test_user_cannot_modify_author_id(self): ''' Tests authorized user cannot modify author id. In entry creation form, `author` is exist as hidden field. So user can modify `author` to invalid values. This test checks that `author` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/blogs/{0}/create/'.format(self.user.username), { 'pub_state' : 'public', 'title' : '日記です', 'body' : '天気が良かったです', 'author' : other.pk # crackers attempt to masquerade }) today = datetime.date.today() self.assertRedirects(r, '/blogs/{0}/{1}/{2}/{3}/1/'.format(self.user.username, today.year, today.month, today.day)) self.assertEqual(Entry.objects.count(), 1) e = Entry.objects.get(pk=1) self.assertEqual(e.author, self.user) self.assertNotEqual(e.author, other)
class ProjectCreateViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.category = CategoryFactory() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_user_can_not_create_view(self): '''Tests anonymous user can not view ProjectCreateView''' r = self.client.get('/projects/create/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/create/') def test_wille_user_can_not_view_project_create_view(self): '''Tests wille user can not view ProjectCreateView''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/projects/create/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/create/') def test_authorized_user_can_view_project_create_view(self): '''Tests authorized user can view ProjectCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/projects/create/') self.assertTemplateUsed(r, 'projects/project_form.html') self.assertFalse('object' in r.context_data) def test_anonymous_user_can_not_create_via_create_view(self): '''Tests anonymous user can not create project via ProjectCreateView''' r = self.client.post('/projects/create/', { 'pub_state' : 'public', 'title' : '音楽ファンタジー', 'status' : 'planning', 'body' : 'ルシがファルシでコクーン', 'slug' : 'music-fantasy', 'category' : self.category.pk }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/create/') def test_wille_user_can_not_create_via_create_view(self): '''Tests wille user can not create project via ProjectCreateView''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.post('/projects/create/', { 'pub_state' : 'public', 'title' : '音楽ファンタジー', 'status' : 'planning', 'body' : 'ルシがファルシでコクーン', 'slug' : 'music-fantasy', 'category' : self.category.pk }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/create/') def test_authorized_user_can_create_via_create_view(self): '''Tests authorized user can create project via ProjectCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/projects/create/', { 'pub_state' : 'public', 'title' : '音楽ファンタジー', 'status' : 'planning', 'body' : 'ルシがファルシでコクーン', 'slug' : 'music-fantasy', 'category' : self.category.pk }) self.assertRedirects(r, '/projects/music-fantasy/') self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.title, '音楽ファンタジー') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_authorized_user_can_create_via_create_view(self): ''' プロジェクト作成時にlast_modifierがセットされる ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/projects/create/', { 'pub_state' : 'public', 'title' : '音楽ファンタジー', 'status' : 'planning', 'body' : 'ルシがファルシでコクーン', 'slug' : 'music-fantasy', 'category' : self.category.pk }) self.assertRedirects(r, '/projects/music-fantasy/') self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.last_modifier, self.user) self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_user_cannot_modify_administrator_id(self): ''' Tests authorized user cannot modify administrator id. In project creation form, `administrator` is exist as hidden field. So user can modify `administrator` to invalid values. This test checks that `administrator` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/projects/create/', { 'pub_state' : 'public', 'title' : '音楽ファンタジー', 'status' : 'planning', 'body' : 'ルシがファルシでコクーン', 'slug' : 'music-fantasy', 'category' : self.category.pk, 'administrator' : other.pk # crackers attempt to masquerade }) self.assertRedirects(r, '/projects/music-fantasy/') self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.administrator, self.user) self.assertNotEqual(e.administrator, other)
class ProjectUpdateViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory(username='******') self.user.set_password('password') self.other = PersonaFactory(username='******') self.other.set_password('password') self.user.save() self.other.save() self.project = ProjectFactory(title='かわずたんのゲームだよ☆', administrator=self.user) self.category = CategoryFactory() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_user_can_not_view_project_update_view(self): '''Tests anonymous user can not view ProjectUpdateView''' r = self.client.get('/projects/1/update/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/1/update/') def test_wille_user_can_not_view_project_update_view(self): '''Tests wille user can not view ProjectUpdateView''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/projects/1/update/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/1/update/') def test_authorized_user_can_view_project_update_view(self): ''' Tests authorized user can view ProjectUpdateView ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/projects/1/update/') self.assertTemplateUsed(r, 'projects/project_form.html') self.assertTrue('object' in r.context_data) self.assertEqual(r.context_data['object'], self.project) def test_member_can_view_project_update_view(self): ''' Tests project members can view ProjectUpdateView ''' self.project.join(self.other) self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.get('/projects/1/update/') self.assertTemplateUsed(r, 'projects/project_form.html') self.assertTrue('object' in r.context_data) self.assertEqual(r.context_data['object'], self.project) def test_anonymous_user_can_not_update_via_update_view(self): ''' Tests anonymous user can not update project via ProjectUpdateView It will redirect to LOGIN_URL ''' r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : 'クラッカーだよー', 'body' : 'うえーい', }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/1/update/') self.assertEqual(self.project.title, 'かわずたんのゲームだよ☆') def test_wille_user_can_not_update_via_update_view(self): ''' Tests wille user can not update project via ProjectUpdateView It will redirect to LOGIN_URL ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : '外部ユーザーだよーん', 'body' : 'うえーい', }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/1/update/') self.assertEqual(self.project.title, 'かわずたんのゲームだよ☆') def test_other_user_cannot_update_via_update_view(self): ''' Tests other user cannot update project via ProjectUpdateView It will redirect to LOGIN_URL ''' self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : 'いたずら日記です', 'body' : '黒かわずたんだよーん', }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/1/update/') self.assertEqual(self.project.title, 'かわずたんのゲームだよ☆') def test_administrator_can_update_via_update_view(self): '''Tests administrator user can update project via ProjectUpdateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : 'やっぱり書き換えます!', 'body' : 'うえーい', 'status' : 'planning', 'category' : self.category.pk }) self.assertRedirects(r, '/projects/{}/'.format(self.project.slug)) self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.title, 'やっぱり書き換えます!') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_member_can_update_via_update_view(self): '''Tests project member can update project via ProjectUpdateView''' self.project.join(self.other) self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : 'やっぱり書き換えます!', 'body' : 'うえーい', 'status' : 'planning', 'category' : self.category.pk }) self.assertRedirects(r, '/projects/{}/'.format(self.project.slug)) self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.title, 'やっぱり書き換えます!') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_set_last_modifier_via_update_view(self): """ プロジェクト編集時にlast_modifierがセットされる """ self.project.join(self.other) self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : 'やっぱり書き換えます!', 'body' : 'うえーい', 'status' : 'planning', 'category' : self.category.pk }) self.assertRedirects(r, '/projects/{}/'.format(self.project.slug)) self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.last_modifier, self.other) self.assertNotEqual(e.last_modifier, e.administrator) self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_user_cannot_update_slug(self): '''Tests anyone cannot update prject's slug''' self.assertTrue(self.client.login(username=self.user, password='******')) old_slug = self.project.slug r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : 'やっぱり書き換えます!', 'body' : 'うえーい', 'status' : 'planning', 'category' : self.category.pk, 'slug' : 'new-slug' }) self.assertRedirects(r, '/projects/{}/'.format(self.project.slug)) self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.slug, old_slug) self.assertNotEqual(e.slug, 'new-slug') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_user_cannot_modify_administrator_id(self): ''' Tests authorized user cannot modify administrator id. In project update form, `administrator` is exist as hidden field. So user can modify `administrator` to invalid values. This test checks that `administrator` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/projects/1/update/', { 'pub_state' : 'public', 'title' : 'ID書き換えます!', 'body' : 'うえーい', 'status' : 'planning', 'category' : self.category.pk, 'administrator' : other.pk # crackers attempt to masquerade }) self.assertRedirects(r, '/projects/{}/'.format(self.project.slug)) self.assertEqual(Project.objects.count(), 1) e = Project.objects.get(pk=1) self.assertEqual(e.administrator, self.user) self.assertNotEqual(e.administrator, other) self.assertEqual(e.title, 'ID書き換えます!') self.assertTrue('messages' in r.cookies, "No messages are appeared")
class ProjectDetailViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_user_can_view_public_project(self): '''Tests anonymous user can view public project''' project = ProjectFactory() r = self.client.get(project.get_absolute_url()) self.assertTemplateUsed(r, 'projects/project_detail.html') self.assertEqual(r.context_data['object'], project) def test_authorized_user_can_view_public_project(self): '''Tests authorized user can view public project''' project = ProjectFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(project.get_absolute_url()) self.assertTemplateUsed(r, 'projects/project_detail.html') self.assertEqual(r.context_data['object'], project) def test_anonymous_user_can_not_view_protected_project(self): '''Tests anonymous user can not view protected project''' project = ProjectFactory(pub_state='protected') r = self.client.get(project.get_absolute_url()) self.assertRedirects(r, '{0}?next={1}'.format(settings.LOGIN_URL, project.get_absolute_url())) def test_authorized_user_can_view_protected_project(self): '''Tests authorized user can view public project''' project = ProjectFactory(pub_state='protected') self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(project.get_absolute_url()) self.assertTemplateUsed(r, 'projects/project_detail.html') self.assertEqual(r.context_data['object'], project) def test_wille_user_can_not_view_protected_project(self): ''' Tests wille user can not view any protected projects ''' project = ProjectFactory(pub_state='protected') self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get(project.get_absolute_url()) self.assertRedirects(r, '{0}?next={1}'.format(settings.LOGIN_URL, project.get_absolute_url())) def test_anonymous_user_can_not_view_draft_project(self): '''Tests anonymous user can not view draft project''' project = ProjectFactory(pub_state='draft') r = self.client.get(project.get_absolute_url()) self.assertRedirects(r, '{0}?next={1}'.format(settings.LOGIN_URL, project.get_absolute_url())) def test_others_can_not_view_draft_project(self): ''' Tests others can not view draft project User will redirect to '/projects/1/update/' ''' project = ProjectFactory(pub_state='draft') self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(project.get_absolute_url()) self.assertRedirects(r, settings.LOGIN_URL + '?next=/projects/{}/update/'.format(project.pk)) def test_administrator_can_view_draft_project(self): '''Tests administrator can view draft project on update view''' project = ProjectFactory(pub_state='draft', administrator=self.user) self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get(project.get_absolute_url()) self.assertTemplateUsed(r, 'projects/project_form.html') self.assertEqual(r.context_data['object'], project)
class EntryListViewTestCase(TestCase): def setUp(self): self.entries = ( EntryFactory(), EntryFactory(pub_state='protected'), EntryFactory(pub_state='draft'), ) self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_context_has_paginator(self): """ EntryListViewのcontextにpaginatorが含まれている """ r = self.client.get('/blogs/') self.assertTrue('page_obj' in r.context) self.assertTrue('paginator' in r.context) def test_paginate_by(self): """ ProjectListViewでは1ページに5個までしかブログが含まれない また、ページネーションができていて、次のページには残りのオブジェクトが含まれている """ for i in range(7): EntryFactory() # setUpで作ったpublic1個と、今作った7個で8こあるはず r = self.client.get('/blogs/') object_list = r.context['object_list'] self.assertEqual(len(object_list), 5) r = self.client.get('/blogs/?page=2') object_list = r.context['object_list'] self.assertEqual(len(object_list), 3) def test_anonymous_can_view_only_public_entries(self): ''' Tests anonymous user can view public Entry only. The protected entries are not displayed. ''' user = AnonymousUser() r = self.client.get('/blogs/') self.assertTemplateUsed('blogs/entry_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[0]) def test_wille_can_view_only_public_entries(self): ''' Tests wille user can view public Entry only. The protected entries are not displayed. ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/blogs/') self.assertTemplateUsed('blogs/entry_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one entry') self.assertEqual(list[0], self.entries[0]) def test_authenticated_can_view_all_publish_entries(self): ''' Tests authenticated user can view all published entries. ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/blogs/') self.assertTemplateUsed('blogs/entry_list.html') self.assertTrue('object_list' in r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two entries') self.assertEqual(list[0], self.entries[1], 'protected') self.assertEqual(list[1], self.entries[0], 'public')
class EntryUpdateViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory(username='******') self.user.set_password('password') self.other = PersonaFactory(username='******') self.user.save() self.other.save() self.entry = EntryFactory(title='かわずたんだよ☆', author=self.user) def test_anonymous_user_can_not_view_entry_update_view(self): '''Tests anonymous user can not view EntryUpdateView''' r = self.client.get('/blogs/author_kawaztan/1/update/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/author_kawaztan/1/update/') def test_authorized_user_can_view_entry_update_view(self): ''' Tests authorized user can view EntryUpdateView ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/blogs/author_kawaztan/1/update/') self.assertTemplateUsed(r, 'blogs/entry_form.html') self.assertTrue('object' in r.context_data) self.assertEqual(r.context_data['object'], self.entry) def test_anonymous_user_can_not_update_via_update_view(self): ''' Tests anonymous user can not update entry via EntryUpdateView It will redirect to LOGIN_URL ''' r = self.client.post('/blogs/author_kawaztan/1/update/', { 'pub_state' : 'public', 'title' : 'クラッカーだよー', 'body' : 'うえーい', }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/author_kawaztan/1/update/') self.assertEqual(self.entry.title, 'かわずたんだよ☆') def test_other_user_cannot_update_via_update_view(self): ''' Tests other user cannot update entry via EntryUpdateView It will redirect to LOGIN_URL ''' self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/blogs/author_kawaztan/1/update/', { 'pub_state' : 'public', 'title' : 'いたずら日記です', 'body' : '黒かわずたんだよーん', }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/blogs/author_kawaztan/1/update/') self.assertEqual(self.entry.title, 'かわずたんだよ☆') def test_author_can_update_via_update_view(self): '''Tests author user can update entry via EntryUpdateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/blogs/author_kawaztan/1/update/', { 'pub_state' : 'public', 'title' : 'やっぱり書き換えます!', 'body' : 'うえーい', }) tz = get_default_timezone() published_at = self.entry.published_at.astimezone(tz) self.assertRedirects(r, '/blogs/author_kawaztan/{0}/{1}/{2}/1/'.format(published_at.year, published_at.month, published_at.day)) self.assertEqual(Entry.objects.count(), 1) e = Entry.objects.get(pk=1) self.assertEqual(e.title, 'やっぱり書き換えます!') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_user_cannot_modify_author_id(self): ''' Tests authorized user cannot modify author id. In entry update form, `author` is exist as hidden field. So user can modify `author` to invalid values. This test checks that `author` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/blogs/author_kawaztan/1/update/', { 'pub_state' : 'public', 'title' : 'ID書き換えます!', 'body' : 'うえーい', 'author' : other.pk # crackers attempt to masquerade }) tz = get_default_timezone() published_at = self.entry.published_at.astimezone(tz) self.assertRedirects(r, '/blogs/author_kawaztan/{0}/{1}/{2}/1/'.format(published_at.year, published_at.month, published_at.day)) self.assertEqual(Entry.objects.count(), 1) e = Entry.objects.get(pk=1) self.assertEqual(e.author, self.user) self.assertNotEqual(e.author, other) self.assertEqual(e.title, 'ID書き換えます!') self.assertTrue('messages' in r.cookies, "No messages are appeared")
class EventCreateViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() def test_anonymous_user_can_not_view_event_create_view(self): '''Tests anonymous user can not view EventCreateView''' r = self.client.get('/events/create/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/events/create/') def test_authorized_user_can_view_event_create_view(self): '''Tests authorized user can view EventCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/events/create/') self.assertTemplateUsed(r, 'events/event_form.html') self.assertFalse('object' in r.context_data) def test_anonymous_user_can_not_create_via_create_view(self): '''Tests anonymous user can not create event via EventCreateView''' r = self.client.post('/events/create/', { 'pub_state': 'public', 'title': 'テストイベント', 'body': 'うえーい', 'period_start': datetime.datetime.now()+datetime.timedelta(hours=1), 'period_end': datetime.datetime.now()+datetime.timedelta(hours=3), }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/events/create/') def test_authorized_user_can_create_via_create_view(self): '''Tests authorized user can create event via EventCreateView''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/events/create/', { 'pub_state' : 'public', 'title' : 'テストイベント', 'body' : 'うえーい', 'period_start': datetime.datetime.now()+datetime.timedelta(hours=1), 'period_end': datetime.datetime.now()+datetime.timedelta(hours=3) }) self.assertRedirects(r, '/events/1/') self.assertEqual(Event.objects.count(), 1) e = Event.objects.get(pk=1) self.assertEqual(e.title, 'テストイベント') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_user_cannot_modify_organizer_id(self): ''' Tests authorized user cannot modify organizer id. In event creation form, `organizer` is exist as hidden field. So user can modify `organizer` to invalid values. This test checks that `organizer` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.post('/events/create/', { 'pub_state' : 'public', 'title' : 'テストイベント', 'body' : 'うえーい', 'period_start': datetime.datetime.now()+datetime.timedelta(hours=1), 'period_end': datetime.datetime.now()+datetime.timedelta(hours=3), 'organizer' : other.pk # crackers attempt to masquerade }) self.assertRedirects(r, '/events/1/') self.assertEqual(Event.objects.count(), 1) e = Event.objects.get(pk=1) self.assertEqual(e.organizer, self.user) self.assertNotEqual(e.organizer, other) self.assertTrue('messages' in r.cookies, "No messages are appeared")
class EventYearListViewTestCase(TestCase): def setUp(self): arguments_list = ( (-3, -2, {'pub_state':'public'}), # 2000/9/1 ~ 2000/9/2 (1, 2, {'pub_state':'public'}), # 2000/9/5 ~ 2000/9/6 (365, 366, {'pub_state':'public'}), # 2001/9/5 ~ 2001/9/6 (-2, -1, {'pub_state':'protected'}), # 2000/9/2 ~ 2000/9/3 (0, 3, {'pub_state':'protected'}), # 2000/9/4 ~ 2000/9/5 (367, 368, {'pub_state':'protected'}), # 2001/9/7 ~ 2001/9/8 (-3, -2, {'pub_state':'draft'}), # 2000/9/2 ~ 2000/9/3 (1, 2, {'pub_state':'draft'}), # 2000/9/5 ~ 2000/9/6 ) self.events = [event_factory_with_relative(*args) for args in arguments_list] self.user = PersonaFactory() self.user.set_password('password') self.user.save() def test_anonymous_can_view_only_public_events(self): ''' Tests anonymous user can view public Events only via EventYearListView. The protected events are not displayed. The ended events are also displayed. ''' r = self.client.get('/events/archive/2000/') self.assertTemplateUsed('events/event_archive_year.html') self.assertTrue('object_list', r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two events') self.assertEqual(list[0], self.events[0], '2000/9/5 ~ 6 public') self.assertEqual(list[1], self.events[1], '2000/9/1 ~ 2 public') def test_anonymous_can_view_only_public_events_other_year(self): ''' Tests anonymous user can view public Events only via EventYearListView. The protected events are not displayed. The ended events are also displayed. ''' r = self.client.get('/events/archive/2001/') self.assertTemplateUsed('events/event_archive_year.html') self.assertTrue('object_list', r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 1, 'object_list has one event') self.assertEqual(list[0], self.events[2], '2001/9/5 ~ 6 public') def test_authenticated_can_view_all_publish_events(self): ''' Tests authenticated user can view all published events via EventYearListView. ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/events/archive/2000/') self.assertTemplateUsed('events/event_archive_year.html') self.assertTrue('object_list', r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 4, 'object_list has four events') self.assertEqual(list[0], self.events[0], '2000/9/5 ~ 6 public') self.assertEqual(list[1], self.events[3], '2000/9/5 ~ 6 protected') self.assertEqual(list[2], self.events[4], '2000/9/2 ~ 3 public') self.assertEqual(list[3], self.events[1], '2000/9/2 ~ 3 protected') def test_authenticated_can_view_all_publish_events_other_year(self): ''' Tests authenticated user can view all published events via EventYearListView. ''' self.assertTrue(self.client.login(username=self.user, password='******')) r = self.client.get('/events/archive/2001/') self.assertTemplateUsed('events/event_archive_year.html') self.assertTrue('object_list', r.context_data) list = r.context_data['object_list'] self.assertEqual(list.count(), 2, 'object_list has two events') self.assertEqual(list[0], self.events[2], '2001/9/6 ~ 7 protected') self.assertEqual(list[1], self.events[5], '2001/9/4 ~ 5 public')
class AnnouncementCreateViewTestCase(ViewTestCaseBase): template_path = 'announcements/announcement_form.html' def setUp(self): self.user = PersonaFactory() self.user.set_password('password') self.user.save() self.nerv = PersonaFactory(role='nerv') self.nerv.set_password('password') self.nerv.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_reverse_url(self): """ AnnouncementCreateViewの逆引き """ self.assertEqual( reverse('announcements_announcement_create'), '/announcements/create/', ) def test_anonymous_user_can_not_create_view(self): '''Tests anonymous user can not view AnnouncementCreateView''' r = self.client.get('/announcements/create/') self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/create/') def test_wille_user_can_not_view_announcement_create_view(self): '''Tests wille user can not view AnnouncementCreateView''' self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.get('/announcements/create/') self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/create/') def test_general_user_can_not_view_announcement_create_view(self): '''Tests general user can not view AnnouncementCreateView''' self.assertTrue( self.client.login(username=self.user, password='******')) r = self.client.get('/announcements/create/') self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/create/') def test_staff_user_can_view_announcement_create_view(self): '''Tests staff user can view AnnouncementCreateView''' self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.get('/announcements/create/') self.assertTemplateUsed(r, 'announcements/announcement_form.html') self.assertFalse('object' in r.context_data) def test_anonymous_user_can_not_create_via_create_view(self): '''Tests anonymous user can not create announcement via AnnouncementCreateView''' r = self.client.post( '/announcements/create/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True }) self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/create/') def test_wille_user_can_not_create_via_create_view(self): '''Tests wille user can not create announcement via AnnouncementCreateView''' self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.post( '/announcements/create/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True }) self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/create/') def test_staff_user_can_create_via_create_view(self): '''Tests staff user can create announcement via AnnouncementCreateView''' self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.post( '/announcements/create/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.title, '【悲報】データ消えました') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_authorized_user_can_create_via_create_view(self): '''Tests authorized user can create announcement via AnnouncementCreateView''' self.assertTrue( self.client.login(username=self.user, password='******')) r = self.client.post( '/announcements/create/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True }) self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/create/') def test_set_last_modifier_user(self): """ お知らせを作成したときにlast_modifierとauthorがセットされる """ self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.post( '/announcements/create/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.author, self.nerv) self.assertEqual(e.last_modifier, self.nerv) def test_staffs_cannot_modify_author_id(self): ''' Tests authorized user cannot modify author id. In announcement creation form, `author` is exist as hidden field. So user can modify `author` to invalid values. This test checks that `author` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.post( '/announcements/create/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True, 'author': other.pk }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.author, self.nerv) self.assertNotEqual(e.author, other) self.assertTrue('messages' in r.cookies, "No messages are appeared")
class AnnouncementUpdateViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory(username='******', role='nerv') self.user.set_password('password') self.other = PersonaFactory(username='******') self.other.set_password('password') self.user.save() self.other.save() self.nerv = PersonaFactory(role='nerv', username='******') self.nerv.set_password('password') self.nerv.save() self.announcement = AnnouncementFactory(title='かわずたんのお知らせだよ☆', author=self.user) self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_user_can_not_view_announcement_update_view(self): '''Tests anonymous user can not view AnnouncementUpdateView''' r = self.client.get('/announcements/1/update/') self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/1/update/') def test_wille_user_can_not_view_announcement_update_view(self): '''Tests wille user can not view AnnouncementUpdateView''' self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.get('/announcements/1/update/') self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/1/update/') def test_general_user_can_not_view_announcement_update_view(self): ''' Tests general user can view AnnouncementUpdateView ''' self.assertTrue( self.client.login(username=self.other, password='******')) r = self.client.get('/announcements/1/update/') self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/1/update/') def test_staff_can_view_announcement_update_view(self): ''' Tests staff members can view AnnouncementUpdateView ''' self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.get('/announcements/1/update/') self.assertTemplateUsed(r, 'announcements/announcement_form.html') self.assertTrue('object' in r.context_data) self.assertEqual(r.context_data['object'], self.announcement) def test_anonymous_user_can_not_update_via_update_view(self): ''' Tests anonymous user can not update announcement via AnnouncementUpdateView It will redirect to LOGIN_URL ''' r = self.client.post( '/announcements/1/update/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True, }) self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/1/update/') self.assertEqual(self.announcement.title, 'かわずたんのお知らせだよ☆') def test_wille_user_can_not_update_via_update_view(self): ''' Tests wille user can not update announcement via AnnouncementUpdateView It will redirect to LOGIN_URL ''' self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.post( '/announcements/1/update/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True, }) self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/1/update/') self.assertEqual(self.announcement.title, 'かわずたんのお知らせだよ☆') def test_other_user_cannot_update_via_update_view(self): ''' Tests other user cannot update announcement via AnnouncementUpdateView It will redirect to LOGIN_URL ''' self.assertTrue( self.client.login(username=self.other, password='******')) r = self.client.post( '/announcements/1/update/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True, }) self.assertRedirects( r, settings.LOGIN_URL + '?next=/announcements/1/update/') self.assertEqual(self.announcement.title, 'かわずたんのお知らせだよ☆') def test_staff_can_update_via_update_view(self): '''Tests author user can update announcement via AnnouncementUpdateView''' self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.post( '/announcements/1/update/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True, }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.title, '【悲報】データ消えました') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_set_last_modifier_via_update_view(self): """ お知らせを更新したとき、last_modifierがセットされる """ previous_modifier = self.announcement.last_modifier self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.post( '/announcements/1/update/', { 'pub_state': 'public', 'title': '【悲報】データ消えました', 'body': 'サードインパクトだ!', 'silently': True, }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.last_modifier, self.nerv) self.assertNotEqual(e.last_modifier, previous_modifier) def test_user_cannot_modify_author_id(self): ''' Tests authorized user cannot modify author id. In announcement update form, `author` is exist as hidden field. So user can modify `author` to invalid values. This test checks that `author` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.post( '/announcements/1/update/', { 'pub_state': 'public', 'title': 'ID書き換えます!', 'body': 'サードインパクトだ!', 'silently': True, 'author': other.pk # crackers attempt to masquerade }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.author, self.user) self.assertNotEqual(e.author, other) self.assertEqual(e.title, 'ID書き換えます!') self.assertTrue('messages' in r.cookies, "No messages are appeared")
class AnnouncementUpdateViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory(username='******', role='nerv') self.user.set_password('password') self.other = PersonaFactory(username='******') self.other.set_password('password') self.user.save() self.other.save() self.nerv = PersonaFactory(role='nerv', username='******') self.nerv.set_password('password') self.nerv.save() self.announcement = AnnouncementFactory(title='かわずたんのお知らせだよ☆', author=self.user) self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() def test_anonymous_user_can_not_view_announcement_update_view(self): '''Tests anonymous user can not view AnnouncementUpdateView''' r = self.client.get('/announcements/1/update/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/1/update/') def test_wille_user_can_not_view_announcement_update_view(self): '''Tests wille user can not view AnnouncementUpdateView''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.get('/announcements/1/update/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/1/update/') def test_general_user_can_not_view_announcement_update_view(self): ''' Tests general user can view AnnouncementUpdateView ''' self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.get('/announcements/1/update/') self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/1/update/') def test_staff_can_view_announcement_update_view(self): ''' Tests staff members can view AnnouncementUpdateView ''' self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.get('/announcements/1/update/') self.assertTemplateUsed(r, 'announcements/announcement_form.html') self.assertTrue('object' in r.context_data) self.assertEqual(r.context_data['object'], self.announcement) def test_anonymous_user_can_not_update_via_update_view(self): ''' Tests anonymous user can not update announcement via AnnouncementUpdateView It will redirect to LOGIN_URL ''' r = self.client.post('/announcements/1/update/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True, }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/1/update/') self.assertEqual(self.announcement.title, 'かわずたんのお知らせだよ☆') def test_wille_user_can_not_update_via_update_view(self): ''' Tests wille user can not update announcement via AnnouncementUpdateView It will redirect to LOGIN_URL ''' self.assertTrue(self.client.login(username=self.wille, password='******')) r = self.client.post('/announcements/1/update/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True, }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/1/update/') self.assertEqual(self.announcement.title, 'かわずたんのお知らせだよ☆') def test_other_user_cannot_update_via_update_view(self): ''' Tests other user cannot update announcement via AnnouncementUpdateView It will redirect to LOGIN_URL ''' self.assertTrue(self.client.login(username=self.other, password='******')) r = self.client.post('/announcements/1/update/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True, }) self.assertRedirects(r, settings.LOGIN_URL + '?next=/announcements/1/update/') self.assertEqual(self.announcement.title, 'かわずたんのお知らせだよ☆') def test_staff_can_update_via_update_view(self): '''Tests author user can update announcement via AnnouncementUpdateView''' self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/1/update/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True, }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.title, '【悲報】データ消えました') self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_set_last_modifier_via_update_view(self): """ お知らせを更新したとき、last_modifierがセットされる """ previous_modifier = self.announcement.last_modifier self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/1/update/', { 'pub_state' : 'public', 'title' : '【悲報】データ消えました', 'body' : 'サードインパクトだ!', 'silently' : True, }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.last_modifier, self.nerv) self.assertNotEqual(e.last_modifier, previous_modifier) def test_user_cannot_modify_author_id(self): ''' Tests authorized user cannot modify author id. In announcement update form, `author` is exist as hidden field. So user can modify `author` to invalid values. This test checks that `author` will be set by `request.user` ''' other = PersonaFactory() self.assertTrue(self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/1/update/', { 'pub_state' : 'public', 'title' : 'ID書き換えます!', 'body' : 'サードインパクトだ!', 'silently' : True, 'author' : other.pk # crackers attempt to masquerade }) self.assertRedirects(r, '/announcements/1/') self.assertEqual(Announcement.objects.count(), 1) e = Announcement.objects.get(pk=1) self.assertEqual(e.author, self.user) self.assertNotEqual(e.author, other) self.assertEqual(e.title, 'ID書き換えます!') self.assertTrue('messages' in r.cookies, "No messages are appeared")
class AnnouncementDeleteViewTestCase(TestCase): def setUp(self): self.user = PersonaFactory(role='nerv') self.user.set_password('password') self.user.save() self.nerv = PersonaFactory(role='nerv') self.nerv.set_password('password') self.nerv.save() self.wille = PersonaFactory(role='wille') self.wille.set_password('password') self.wille.save() self.other = PersonaFactory() self.other.set_password('password') self.other.save() self.announcement = AnnouncementFactory(author=self.user) def test_author_can_delete_via_announcement_delete_view(self): ''' Tests author can delete its own announcements via AnnouncementDeleteView ''' self.assertTrue( self.client.login(username=self.user, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertRedirects(r, '/announcements/') self.assertEqual(Announcement.objects.count(), 0) self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_staff_can_delete_via_announcement_delete_view(self): ''' Tests members can delete its announcements via AnnouncementDeleteView ''' self.assertTrue( self.client.login(username=self.nerv, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertRedirects(r, '/announcements/') self.assertEqual(Announcement.objects.count(), 0) self.assertTrue('messages' in r.cookies, "No messages are appeared") def test_other_cannot_delete_via_announcement_delete_view(self): ''' Tests others cannot delete announcements via AnnouncementDeleteView ''' self.assertTrue( self.client.login(username=self.other, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertEqual(Announcement.objects.count(), 1) self.assertRedirects( r, '{0}?next=/announcements/1/delete/'.format(settings.LOGIN_URL)) def test_wille_cannot_delete_via_announcement_delete_view(self): ''' Tests wille cannot delete announcements via AnnouncementDeleteView ''' self.assertTrue( self.client.login(username=self.wille, password='******')) r = self.client.post('/announcements/1/delete/', {}) self.assertEqual(Announcement.objects.count(), 1) self.assertRedirects( r, '{0}?next=/announcements/1/delete/'.format(settings.LOGIN_URL)) def test_anonymous_cannot_delete_via_announcement_delete_view(self): ''' Tests anonymous cannot delete announcements via AnnouncementDeleteView ''' r = self.client.post('/announcements/1/delete/', {}) self.assertEqual(Announcement.objects.count(), 1) self.assertRedirects( r, '{0}?next=/announcements/1/delete/'.format(settings.LOGIN_URL))