def staff_client(client, program_data): """ Fixture for a Django client that has a logged-in staff user """ staff_user_profile = create_enrolled_profile(program_data.program, role=Staff.ROLE_ID) client.force_login(staff_user_profile.user) return client
def test_props(self, program_data): """ Fixture that provides test properties for FinancialAidDetailView test cases """ user = create_enrolled_profile(program_data.program).user pending_fa = FinancialAidFactory.create( user=user, tier_program=program_data.tier_programs["25k"], status=FinancialAidStatus.PENDING_DOCS ) docs_sent_url = reverse( "financial_aid", kwargs={"financial_aid_id": pending_fa.id} ) docs_sent_date = now_in_utc().date() docs_sent_request_params = dict( content_type="application/json", data=json.dumps({ "date_documents_sent": docs_sent_date.strftime("%Y-%m-%d") }) ) return SimpleNamespace( user=user, pending_fa=pending_fa, docs_sent_url=docs_sent_url, docs_sent_request_params=docs_sent_request_params, docs_sent_date=docs_sent_date, )
def test_staff_of_different_program(self, client, program_review_url): """ Not allowed for staff of different program """ new_program, _ = create_program() new_staff_user = create_enrolled_profile(new_program, role=Staff.ROLE_ID).user client.force_login(new_staff_user) assert client.get(program_review_url).status_code == status.HTTP_403_FORBIDDEN
def test_inadequate_permissions(self, client, program_data, test_props, role): """ Tests FinancialAidDetailView for user without permission to edit document status """ unpermitted_user = create_enrolled_profile(program_data.program, role=role).user client.force_login(unpermitted_user) resp = client.patch(test_props.docs_sent_url, **test_props.docs_sent_request_params) assert resp.status_code == status.HTTP_403_FORBIDDEN
def test_not_staff(self, client, program_data, program_review_url, role): """ Test that the view is restricted for non-staff users """ client.force_login( create_enrolled_profile(program_data.program, role=role).user) assert client.get( program_review_url).status_code == status.HTTP_403_FORBIDDEN
def test_different_programs_staff(self): """Different program's staff should not be allowed to send email for this program""" program, _ = create_program() staff_user = create_enrolled_profile(program, Staff.ROLE_ID).user self.client.force_login(staff_user) self.make_http_request(self.client.post, self.url, status.HTTP_403_FORBIDDEN, data=self.request_data)
def test_not_allowed_staff_of_different_program(self, role): """Not allowed for staff or instructors of different program""" program, _ = create_program() staff_user = create_enrolled_profile(program, role=role).user self.client.force_login(staff_user) self.make_http_request(self.client.patch, self.action_url, status.HTTP_403_FORBIDDEN, data=self.data)
def test_not_staff(self, client, program_data, program_review_url, role): """ Test that the view is restricted for non-staff users """ client.force_login(create_enrolled_profile(program_data.program, role=role).user) assert client.get(program_review_url).status_code == status.HTTP_403_FORBIDDEN