def test_admin_permission_middleware_no_user(client, settings):
settings.AUTHENTICATION_BACKENDS = AUTHENTICATION_BACKENDS_CLASSES
settings.FEATURE_ENFORCE_STAFF_SSO_ENABLED = True
reload_urlconf()
response = client.get(reverse('admin:login'))
assert response.status_code == 302
assert response.url == reverse('authbroker_client:login')
def test_admin_permission_middleware_authorised_no_staff(
client, settings, admin_user):
settings.AUTHENTICATION_BACKENDS = AUTHENTICATION_BACKENDS_CLASSES
settings.FEATURE_ENFORCE_STAFF_SSO_ENABLED = True
reload_urlconf()
client.force_login(admin_user)
response = client.get(reverse('admin:login'))
assert response.status_code == 302
def test_no_user_cannot_access_user_changelist(self):
settings.AUTHENTICATION_BACKENDS = self.AUTHENTICATION_BACKENDS_CLASSES
settings.FEATURE_ENFORCE_STAFF_SSO_ENABLED = True
reload_urlconf()
url = reverse('admin:user_user_changelist')
response = self.client.get(url)
assert response.status_code == 302
def test_nonsuperuser_cannot_access_user_changelist(self):
non_admin_user = UserFactory(is_staff=False)
non_admin_user.save()
settings.AUTHENTICATION_BACKENDS = self.AUTHENTICATION_BACKENDS_CLASSES
settings.FEATURE_ENFORCE_STAFF_SSO_ENABLED = True
reload_urlconf()
self.client.force_login(non_admin_user)
url = reverse('admin:user_user_changelist')
response = self.client.get(url)
assert response.status_code == 302