def test_printouts_no_addresses(rf): try: import weasyprint except ImportError: pytest.skip() shop = get_default_shop() supplier = get_default_supplier() product = create_product("simple-test-product", shop) order = create_order_with_product(product, supplier, 6, 6, shop=shop) order.billing_address = None order.save() shipment = order.create_shipment_of_all_products(supplier) request = apply_request_middleware(rf.get("/"), user=get_default_staff_user()) response = get_delivery_pdf(request, shipment.id) assert response.status_code == 200 response = get_confirmation_pdf(request, order.id) assert response.status_code == 200 order.shipping_address = None order.save() response = get_delivery_pdf(request, shipment.id) assert response.status_code == 200 response = get_confirmation_pdf(request, order.id) assert response.status_code == 200
def test_user_permission_cache_bump(rf): user = factories.get_default_staff_user() group_a = Group.objects.create(name="Group A") group_b = Group.objects.create(name="Group B") group_a_permissions = ["purchase", "sell"] group_b_permissions = ["delete", "create"] set_permissions_for_group(group_a, set(group_a_permissions)) set_permissions_for_group(group_b, set(group_b_permissions)) all_permissions = set(group_a_permissions + group_b_permissions) # as user is not in any group, it misses all the groups assert get_missing_permissions(user, all_permissions) == all_permissions # add the user to Group A user.groups.add(group_a) # the user misses the group_b permissions assert get_missing_permissions(user, all_permissions) == set(group_b_permissions) # make the user be part only of group b group_b.user_set.add(user) group_a.user_set.remove(user) # the user misses the group_a permissions assert get_missing_permissions(user, all_permissions) == set(group_a_permissions) # user is part of all groups user.groups.set([group_a, group_b]) assert get_missing_permissions(user, all_permissions) == set()
def test_model_url_with_permissions(): permissions = set( ["shop_product.new", "shop_product.delete", "shop_product.edit"]) shop = get_default_shop() p = get_default_product() # If no user is given, don't check for permissions assert get_model_url(p, shop=shop) # If a user is given and no permissions are provided, check for default model permissions user = get_default_staff_user() with pytest.raises(NoModelUrl): assert get_model_url(p, user=user, shop=shop) # If a user is given and permissions are provided, check for those permissions assert get_model_url(p, user=user, required_permissions=(), shop=shop) with pytest.raises(NoModelUrl): assert get_model_url(p, user=user, required_permissions=["shop_product.new"], shop=shop) # Confirm that url is returned with correct permissions set_permissions_for_group(user.groups.first(), permissions) assert get_model_url(p, user=user, shop=shop) assert get_model_url(p, user=user, required_permissions=permissions, shop=shop)
def test_reports_admin_permissions(rf): shop = get_default_shop() # We need a shop to exists staff_user = get_default_staff_user(shop) permission_group = get_default_permission_group() staff_user.groups.add(permission_group) request = apply_request_middleware(rf.get("/"), user=staff_user) request.user = staff_user with replace_modules([ReportsAdminModule]): with override_provides("reports", REPORTS): extra_permissions = ReportsAdminModule().get_extra_permissions() assert len(extra_permissions) == 3 assert SalesReport.identifier in extra_permissions assert TotalSales.identifier in extra_permissions assert SalesPerHour.identifier in extra_permissions with admin_only_urls(): view_func = ReportView.as_view() response = view_func(request) response.render() response = view_func(request, pk=None) # "new mode" response.render() assert response.content soup = BeautifulSoup(response.content) assert soup.find("div", {"class": "content-block"}).text == "No reports available" expected_report_identifiers = [] for report_cls in [SalesReport, TotalSales, SalesPerHour]: expected_report_identifiers.append(report_cls.identifier) set_permissions_for_group(permission_group, [report_cls.identifier]) response = view_func(request, pk=None) # "new mode" response.render() assert response.content soup = BeautifulSoup(response.content) for option in soup.find("select", {"id": "id_report"}).findAll("option"): assert option["value"] in expected_report_identifiers
def test_reports_admin_permissions(rf): shop = get_default_shop() # We need a shop to exists staff_user = get_default_staff_user(shop) permission_group = get_default_permission_group() staff_user.groups = [permission_group] request = apply_request_middleware(rf.get("/"), user=staff_user) request.user = staff_user with replace_modules([ReportsAdminModule]): with override_provides("reports", REPORTS): extra_permissions = ReportsAdminModule().get_extra_permissions() assert len(extra_permissions) == 3 assert SalesReport.identifier in extra_permissions assert TotalSales.identifier in extra_permissions assert SalesPerHour.identifier in extra_permissions with admin_only_urls(): view_func = ReportView.as_view() response = view_func(request) response.render() response = view_func(request, pk=None) # "new mode" response.render() assert response.content soup = BeautifulSoup(response.content) assert soup.find("div", {"class": "content-block"}).text == "No reports available" expected_report_identifiers = [] for report_cls in [SalesReport, TotalSales, SalesPerHour]: expected_report_identifiers.append(report_cls.identifier) set_permissions_for_group(permission_group, [report_cls.identifier]) response = view_func(request, pk=None) # "new mode" response.render() assert response.content soup = BeautifulSoup(response.content) for option in soup.find("select", {"id": "id_report"}).findAll("option"): assert option["value"] in expected_report_identifiers
def test_export_customer_sample(rf): # create input: shop, request to use in process(request, ids) method base_view = ExportContactsCSVAction() random_customer = create_random_person() request = apply_request_middleware(rf.get("/"), user=get_default_staff_user()) view_instance = ContactListView() view_instance.request = request view_settings = ViewSettings(Contact, ContactListView.default_columns, view_instance) setting_cols = view_settings.columns customer_from_query = base_view.get_queryset(request, view_instance, [random_customer.pk])[0] assert customer_from_query.pk == random_customer.pk response = base_view.process(request, [random_customer.pk]) assert response.status_code == 200 content = response.content.decode("utf-8") cvs_reader = csv.reader(io.StringIO(content)) body = list(cvs_reader) headers = body.pop(0) for dr in setting_cols: index = setting_cols.index(dr) assert (strip_tags( dr.get_display_value( view_settings.view_context, random_customer))) == body[0][0].split(";")[index] assert len(view_settings.columns) == len(headers[0].split(";"))
def test_delivery_and_confirmation_pdf(shop, supplier): product = create_product("simple-test-product-%s-" % shop.pk, shop) order = create_order_with_product(product, supplier, 6, 6, shop=shop) shipment = order.create_shipment_of_all_products(supplier) request = apply_request_middleware(rf.get("/"), user=get_default_staff_user()) response = get_delivery_pdf(request, shipment.id) assert response.status_code == 200 response = get_confirmation_pdf(request, order.id) assert response.status_code == 200
def test_url_buttons_permission(rf, button, permission, instance): request = rf.get("/") assert isinstance(button, instance) if button is not None: request.user = factories.get_default_staff_user() assert not "".join(bit for bit in button.render(request)) set_permissions_for_group(request.user.groups.first(), (permission, )) assert "".join(bit for bit in button.render(request))
def test_toolbar_button_permissions(rf, button_class, kwargs): permissions = set(["shuup.add_product", "shuup.delete_product", "shuup.change_product"]) request = rf.get("/") request.user = factories.get_default_staff_user() button = button_class(required_permissions=permissions, **kwargs) rendered_button = "".join(bit for bit in button.render(request)) assert not rendered_button # Set permissions for the user set_permissions_for_group(request.user.groups.first(), permissions) rendered_button = "".join(bit for bit in button.render(request)) assert rendered_button
def test_dashboard_blocks_permissions(rf, client): with replace_modules([ARestrictedTestModule]): request = rf.get("/") request.user = get_default_staff_user(get_default_shop()) # Dashboard permission is added by default request.session = client.session view = DashboardView(request=request) assert not view.get_context_data()["blocks"] # By default there is only dashboard permission so to be # able to see some blocks permission to some admin module # providing dashboard bocks needed. set_permissions_for_group( request.user.groups.first(), set("dashboard") | set(ARestrictedTestModule().get_required_permissions()) ) view = DashboardView(request=request) assert view.get_context_data()["blocks"]
def test_adding_extra_fields_to_the_delivery(rf): try: import weasyprint except ImportError: pytest.skip() shop = get_default_shop() supplier = get_default_supplier() product = create_product("simple-test-product", shop) order = create_order_with_product(product, supplier, 6, 6, shop=shop) shipment = order.create_shipment_of_all_products(supplier) request = apply_request_middleware(rf.get("/"), user=get_default_staff_user()) with override_provides("order_printouts_delivery_extra_fields", [ "shuup_tests.order_printouts.test_printouts:PrintoutTestDeliveryExtraFields", ]): response = get_delivery_html(request, shipment.id) assert response.status_code == 200 assert "123456789" in response.content.decode() assert "Random" in response.content.decode()
def test_permissions_for_menu_entries(rf, admin_user): request = rf.get("/") request.user = factories.get_default_staff_user() permission_group = request.user.groups.first() set_permissions_for_group( permission_group, set("dashboard") | set(ARestrictedTestModule().get_required_permissions()) ) with replace_modules([ARestrictedTestModule]): categories = get_menu_entry_categories(request) assert categories # Make sure category is displayed if user has correct permissions test_category_menu_entries = [cat for cat in categories if cat.name == "RestrictedTest"][0] assert any(me.text == "OK" for me in test_category_menu_entries) # No menu items should be displayed if user has no permissions set_permissions_for_group(permission_group, set()) categories = get_menu_entry_categories(request) assert not categories
def test_model_url_with_permissions(): permissions = set(["shop_product.new", "shop_product.delete", "shop_product.edit"]) shop = get_default_shop() p = get_default_product() # If no user is given, don't check for permissions assert get_model_url(p, shop=shop) # If a user is given and no permissions are provided, check for default model permissions user = get_default_staff_user() with pytest.raises(NoModelUrl): assert get_model_url(p, user=user, shop=shop) # If a user is given and permissions are provided, check for those permissions assert get_model_url(p, user=user, required_permissions=(), shop=shop) with pytest.raises(NoModelUrl): assert get_model_url(p, user=user, required_permissions=["shop_product.new"], shop=shop) # Confirm that url is returned with correct permissions set_permissions_for_group(user.groups.first(), permissions) assert get_model_url(p, user=user, shop=shop) assert get_model_url(p, user=user, required_permissions=permissions, shop=shop)