def test_customer_access(self): """ A Customer cannot access any URL """ # not logged-in for url in self.issue_urls_get: response = self.client.get(url['url'], data=url['data'], follow=True) self.assertTrue(main_helpers.is_login_page(response)) for url in self.issue_urls_post: response = self.client.post(url['url'], url['data'], follow=True) self.assertTrue(main_helpers.is_login_page(response)) # logged-in. Should redirect to dashboard self.client.login(self.user.email) for url in self.issue_urls_get: response = self.client.get(url['url'], data=url['data'], follow=True) self.assertEqual(response.status_code, 403) for url in self.issue_urls_post: response = self.client.post(url['url'], url['data'], follow=True) self.assertEqual(response.status_code, 403)
def test_customer_access(self): """ A Customer cannot access any URL """ # not logged-in for url in self.urls_get: response = self.client.get(url, follow=True) self.assertTrue(is_login_page(response)) for url in self.urls_post: response = self.client.post(url['url'], url['data'], follow=True) self.assertTrue(is_login_page(response)) # logged-in. Should throw a 403 or redirect to login self.client.login(self.user.email) for url in self.urls_get: response = self.client.get(url, follow=True) if response.status_code != 403: self.assertRedirects(response, reverse('wl_dashboard:tables_customer'), status_code=302, target_status_code=200) for url in self.urls_post: response = self.client.post(url['url'], url['data'], follow=True) if response.status_code != 403: self.assertRedirects(response, reverse('wl_dashboard:tables_customer'), status_code=302, target_status_code=200)
def test_user_not_logged_is_redirected_to_login(self): """ A user not logged in should be redirected to the login page and not see a 403 """ customer1 = create_random_customer() self.client.login(customer1) self.client.get(reverse('wl_applications:new_application')) self.client.get(reverse('wl_applications:select_licence_type', args=(1,))) application = Application.objects.first() self.assertIsNotNone(application) # check that the state of the application is temp self.assertEqual(application.processing_status, 'temp') response = self.client.post(reverse('wl_applications:preview')) # check that client is redirected to checkout self.assertRedirects(response, reverse('wl_payments:checkout_application', args=(application.pk,)), status_code=302, target_status_code=200, fetch_redirect_response=False) application.refresh_from_db() # check that the state of the application is new/underreview self.assertEqual(application.processing_status, 'new') self.assertEqual('under_review', application.customer_status) # logout self.client.logout() response = self.client.get(reverse('wl_applications:edit_application', args=[application.pk]), follow=True) self.assertEqual(200, response.status_code) self.assertTrue(is_login_page(response))
def test_customer_access(self): """ A Customer cannot access any URL """ # not logged-in for url in self.process_urls_get: response = self.client.get(url, follow=True) self.assertTrue(is_login_page(response)) for url in self.process_urls_post: response = self.client.post(url['url'], url['data'], follow=True) self.assertTrue(is_login_page(response)) # logged-in. Should get a 403 self.client.login(self.user.email) for url in self.process_urls_get: response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 403) for url in self.process_urls_post: response = self.client.post(url['url'], url['data'], follow=True) self.assertEqual(response.status_code, 403)
def test_user_not_logged_is_redirected_to_login(self): """ A user not logged in should be redirected to the login page and not see a 403 """ customer1 = create_random_customer() application = helpers.create_application(user=customer1) self.assertEqual('draft', application.customer_status) my_urls = [ reverse('applications:edit_application', args=[application.licence_type.code, application.pk]), reverse('applications:enter_details_existing_application', args=[application.licence_type.code, application.pk]), reverse('applications:preview', args=[application.licence_type.code, application.pk]) ] for url in my_urls: response = self.client.get(url, follow=True) self.assertEqual(200, response.status_code, msg="Wrong status code {1} for {0}".format(url, response.status_code)) self.assertTrue(is_login_page(response)) # lodge the application self.client.login(customer1.email) url = reverse('applications:preview', args=[application.licence_type.code, application.pk]) session = self.client.session session['application'] = { 'customer_pk': customer1.pk, 'profile_pk': application.applicant_profile.pk, 'data': { 'project_title': 'Test' } } session.save() self.client.post(url) application.refresh_from_db() self.assertEqual('under_review', application.customer_status) # logout self.client.logout() for url in my_urls: response = self.client.get(url, follow=True) self.assertEqual(200, response.status_code) self.assertTrue(is_login_page(response))