예제 #1
0
def test_user_detail_works_at_all(rf, admin_user):
    shop = get_default_shop()
    user = get_user_model().objects.create(
        username=printable_gibberish(20),
        first_name=printable_gibberish(10),
        last_name=printable_gibberish(10),
        password="******"
    )
    view_func = UserDetailView.as_view()
    response = view_func(apply_request_middleware(rf.get("/"), user=admin_user), pk=user.pk)
    assert response.status_code == 200
    response.render()
    assert force_text(user) in force_text(response.content)
    response = view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=user.pk)
    assert response.status_code < 500 and not get_user_model().objects.get(pk=user.pk).is_active
    with pytest.raises(Problem):
        view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=admin_user.pk)

    user = get_user_model().objects.create(
        username=printable_gibberish(20),
        first_name=printable_gibberish(10),
        last_name=printable_gibberish(10),
        password="******",
        is_staff=True,
        is_superuser=False
    )
    shop.staff_members.add(user)
    # non superusers can't see superusers
    with pytest.raises(Http404):
        view_func(apply_request_middleware(rf.get("/"), user=user), pk=admin_user.pk)
예제 #2
0
def test_user_detail_and_login_as_url(rf, admin_user):
    shop = get_default_shop()
    user = get_user_model().objects.create(username=printable_gibberish(20),
                                           first_name=printable_gibberish(10),
                                           last_name=printable_gibberish(10),
                                           password="******")
    view_func = UserDetailView.as_view()
    response = view_func(apply_request_middleware(rf.get("/"),
                                                  user=admin_user),
                         pk=user.pk)
    assert response.status_code == 200
    response.render()
    assert force_text(user) in force_text(response.content)
    login_as_url = reverse("shuup_admin:user.login-as", kwargs={"pk": user.pk})
    assert force_text(login_as_url) in force_text(response.content)

    with override_settings(SHUUP_ADMIN_LOGIN_AS_REDIRECT_VIEW="giberish"):
        response = view_func(apply_request_middleware(rf.get("/"),
                                                      user=admin_user),
                             pk=user.pk)
        assert response.status_code == 200
        response.render()
        assert force_text(user) in force_text(response.content)
        login_as_url = reverse("shuup_admin:user.login-as",
                               kwargs={"pk": user.pk})
        assert force_text(login_as_url) not in force_text(response.content)
예제 #3
0
def test_user_detail_contact_seed(rf, admin_user):
    get_default_shop()
    contact = create_random_person()

    # Using random data for name and email would need escaping when
    # checking if it is rendered, therefore use something very basic instead
    contact.name = "Matti Perustyyppi"
    contact.email = "*****@*****.**"
    contact.save()

    view_func = UserDetailView.as_view()
    # Check that fields populate . . .
    request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}), user=admin_user)
    response = view_func(request)
    response.render()
    content = force_text(response.content)
    assert force_text(contact.first_name) in content
    assert force_text(contact.last_name) in content
    assert force_text(contact.email) in content
    # POST the password too to create the user . . .
    post = extract_form_fields(BeautifulSoup(content))
    post["password"] = "******"
    request.method = "POST"
    request.POST = post
    response = view_func(request)
    assert response.status_code < 500
    # Check this new user is visible in the details now
    user = Contact.objects.get(pk=contact.pk).user
    request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}), user=admin_user)
    response = view_func(request, pk=user.pk)
    response.render()
    content = force_text(response.content)
    assert force_text(contact.first_name) in content
    assert force_text(contact.last_name) in content
    assert force_text(contact.email) in content
예제 #4
0
def test_user_detail_contact_seed(rf):
    get_default_shop()
    contact = create_random_person()

    # Using random data for name and email would need escaping when
    # checking if it is rendered, therefore use something very basic instead
    contact.name = "Matti Perustyyppi"
    contact.email = "*****@*****.**"
    contact.save()

    view_func = UserDetailView.as_view()
    # Check that fields populate . . .
    request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}))
    response = view_func(request)
    response.render()
    content = force_text(response.content)
    assert force_text(contact.first_name) in content
    assert force_text(contact.last_name) in content
    assert force_text(contact.email) in content
    # POST the password too to create the user . . .
    post = extract_form_fields(BeautifulSoup(content))
    post["password"] = "******"
    request.method = "POST"
    request.POST = post
    response = view_func(request)
    assert response.status_code < 500
    # Check this new user is visible in the details now
    user = Contact.objects.get(pk=contact.pk).user
    request = apply_request_middleware(rf.get("/", {"contact_id": contact.pk}))
    response = view_func(request, pk=user.pk)
    response.render()
    content = force_text(response.content)
    assert force_text(contact.first_name) in content
    assert force_text(contact.last_name) in content
    assert force_text(contact.email) in content
예제 #5
0
def test_user_detail_works_at_all(rf, admin_user):
    shop = get_default_shop()
    user = get_user_model().objects.create(
        username=printable_gibberish(20),
        first_name=printable_gibberish(10),
        last_name=printable_gibberish(10),
        password="******"
    )
    view_func = UserDetailView.as_view()
    response = view_func(apply_request_middleware(rf.get("/"), user=admin_user), pk=user.pk)
    assert response.status_code == 200
    response.render()
    assert force_text(user) in force_text(response.content)
    response = view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=user.pk)
    assert response.status_code < 500 and not get_user_model().objects.get(pk=user.pk).is_active
    with pytest.raises(Problem):
        view_func(apply_request_middleware(rf.post("/", {"set_is_active": "0"}), user=admin_user), pk=admin_user.pk)

    user = get_user_model().objects.create(
        username=printable_gibberish(20),
        first_name=printable_gibberish(10),
        last_name=printable_gibberish(10),
        password="******",
        is_staff=True,
        is_superuser=False
    )
    shop.staff_members.add(user)
    # non superusers can't see superusers
    with pytest.raises(Http404):
        view_func(apply_request_middleware(rf.get("/"), user=user), pk=admin_user.pk)
예제 #6
0
def test_user_create(rf, admin_user):
    get_default_shop()
    view_func = UserDetailView.as_view()
    before_count = get_user_model().objects.count()
    response = view_func(
        apply_request_middleware(rf.post(
            "/", {
                "username": "******",
                "email": "*****@*****.**",
                "first_name": "test",
                "last_name": "test",
                "password": "******",
                "send_confirmation": True
            }),
                                 user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 1
    assert not len(mail.outbox), "mail not sent since user is not staff"

    response = view_func(
        apply_request_middleware(rf.post(
            "/", {
                "username": "******",
                "email": "*****@*****.**",
                "first_name": "test",
                "last_name": "test",
                "password": "******",
                "is_staff": True,
                "send_confirmation": True
            }),
                                 user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 2
    assert len(mail.outbox) == 1, "mail sent"

    user = get_user_model().objects.create(username=printable_gibberish(20),
                                           first_name=printable_gibberish(10),
                                           last_name=printable_gibberish(10),
                                           password="******",
                                           is_staff=True,
                                           is_superuser=False)
    response = view_func(apply_request_middleware(rf.get("/", user=user)))
    assert response.status_code == 200
    response.render()
    assert "Staff status" not in force_text(response.content)
    assert "Superuser status" not in force_text(response.content)
예제 #7
0
def test_user_create(rf, admin_user):
    shop = get_default_shop()
    view_func = UserDetailView.as_view()
    before_count = get_user_model().objects.count()
    response = view_func(
        apply_request_middleware(rf.post(
            "/", {
                "username": "******",
                "email": "*****@*****.**",
                "first_name": "test",
                "last_name": "test",
                "password": "******",
                "send_confirmation": True
            }),
                                 user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 1
    last_user = get_user_model().objects.last()
    assert last_user not in shop.staff_members.all()
    assert not len(mail.outbox), "mail not sent since user is not staff"

    response = view_func(
        apply_request_middleware(rf.post(
            "/", {
                "username": "******",
                "email": "*****@*****.**",
                "first_name": "test",
                "last_name": "test",
                "password": "******",
                "is_staff": True,
                "send_confirmation": True
            }),
                                 user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 2
    last_user = get_user_model().objects.last()
    assert last_user in shop.staff_members.all()
    assert len(mail.outbox) == 1, "mail sent"

    user = get_user_model().objects.create(username=printable_gibberish(20),
                                           first_name=printable_gibberish(10),
                                           last_name=printable_gibberish(10),
                                           password="******",
                                           is_staff=True,
                                           is_superuser=False)
    response = view_func(
        apply_request_middleware(rf.get("/"), user=user, skip_session=True))
    assert response.status_code == 200
    response.render()
    assert "Staff status" not in force_text(response.content)
    assert "Superuser status" not in force_text(response.content)

    # remove user staff permission
    view_func = UserChangePermissionsView.as_view()
    response = view_func(apply_request_middleware(rf.post(
        "/", {"is_staff": False}),
                                                  user=admin_user),
                         pk=last_user.id)
    assert response.status_code == 302
    last_user = get_user_model().objects.last()
    assert last_user not in shop.staff_members.all()

    # add again
    view_func = UserChangePermissionsView.as_view()
    response = view_func(apply_request_middleware(rf.post(
        "/", {"is_staff": True}),
                                                  user=admin_user),
                         pk=last_user.id)
    assert response.status_code == 302
    last_user = get_user_model().objects.last()
    assert last_user in shop.staff_members.all()

    # create a superuser
    view_func = UserDetailView.as_view()
    response = view_func(
        apply_request_middleware(rf.post(
            "/", {
                "username": "******",
                "email": "*****@*****.**",
                "first_name": "test",
                "last_name": "test",
                "password": "******",
                "is_staff": True,
                "is_superuser": True,
                "send_confirmation": False
            }),
                                 user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 4
    last_user = get_user_model().objects.last()
    # superuser shouldn't be added to staff members
    assert last_user not in shop.staff_members.all()

    # change the superuser
    response = view_func(apply_request_middleware(rf.post(
        "/", {
            "username": "******",
            "email": "*****@*****.**",
            "first_name": "test2",
            "last_name": "test",
            "password": "******",
            "is_staff": True,
            "is_superuser": True,
        }),
                                                  user=admin_user),
                         pk=last_user.pk)
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 4
    last_user = get_user_model().objects.last()
    # superuser shouldn't be added to staff members
    assert last_user not in shop.staff_members.all()
예제 #8
0
def test_user_create(rf, admin_user):
    shop = get_default_shop()
    view_func = UserDetailView.as_view()
    before_count = get_user_model().objects.count()
    response = view_func(apply_request_middleware(rf.post("/", {
        "username": "******",
        "email": "*****@*****.**",
        "first_name": "test",
        "last_name": "test",
        "password": "******",
        "send_confirmation": True
    }), user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 1
    last_user = get_user_model().objects.last()
    assert last_user not in shop.staff_members.all()
    assert not len(mail.outbox), "mail not sent since user is not staff"

    response = view_func(apply_request_middleware(rf.post("/", {
        "username": "******",
        "email": "*****@*****.**",
        "first_name": "test",
        "last_name": "test",
        "password": "******",
        "is_staff": True,
        "send_confirmation": True
    }), user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 2
    last_user = get_user_model().objects.last()
    assert last_user in shop.staff_members.all()
    assert len(mail.outbox) == 1, "mail sent"

    user = get_user_model().objects.create(
        username=printable_gibberish(20),
        first_name=printable_gibberish(10),
        last_name=printable_gibberish(10),
        password="******",
        is_staff=True,
        is_superuser=False
    )
    response = view_func(apply_request_middleware(rf.get("/"), user=user, skip_session=True))
    assert response.status_code == 200
    response.render()
    assert "Staff status" not in force_text(response.content)
    assert "Superuser status" not in force_text(response.content)

    # remove user staff permission
    view_func = UserChangePermissionsView.as_view()
    response = view_func(apply_request_middleware(rf.post("/", {
        "is_staff": False
    }), user=admin_user), pk=last_user.id)
    assert response.status_code == 302
    last_user = get_user_model().objects.last()
    assert last_user not in shop.staff_members.all()

    # add again
    view_func = UserChangePermissionsView.as_view()
    response = view_func(apply_request_middleware(rf.post("/", {
        "is_staff": True
    }), user=admin_user), pk=last_user.id)
    assert response.status_code == 302
    last_user = get_user_model().objects.last()
    assert last_user in shop.staff_members.all()

    # create a superuser
    view_func = UserDetailView.as_view()
    response = view_func(apply_request_middleware(rf.post("/", {
        "username": "******",
        "email": "*****@*****.**",
        "first_name": "test",
        "last_name": "test",
        "password": "******",
        "is_staff": True,
        "is_superuser": True,
        "send_confirmation": False
    }), user=admin_user))
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 4
    last_user = get_user_model().objects.last()
    # superuser shouldn't be added to staff members
    assert last_user not in shop.staff_members.all()

    # change the superuser
    response = view_func(apply_request_middleware(rf.post("/", {
        "username": "******",
        "email": "*****@*****.**",
        "first_name": "test2",
        "last_name": "test",
        "password": "******",
        "is_staff": True,
        "is_superuser": True,
    }), user=admin_user), pk=last_user.pk)
    assert response.status_code == 302
    assert get_user_model().objects.count() == before_count + 4
    last_user = get_user_model().objects.last()
    # superuser shouldn't be added to staff members
    assert last_user not in shop.staff_members.all()