def it_does_not_show_users_if_not_admin(self, client, mocker):
session_dict = {
'user': {
'access_area': 'email,'
},
'user_profile': {
'name': 'test name',
'email': '*****@*****.**'
}
}
users = [{
'access_area': 'admin'
}, {
'id': 'test id',
'email': '*****@*****.**',
'access_area': 'email,event,'
}, {
'id': 'test2 id',
'email': '*****@*****.**',
'access_area': 'email,magazine,'
}]
mocker.patch('app.api_client.get_users', return_value=users)
mock_sessions(mocker, session_dict)
response = client.get(url_for('main.admin_users'),
follow_redirects=True)
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
user_col = page.select('.row .col-2')
assert not user_col
def it_does_not_log_in_email_in_wrong_domain(self, client, mocker):
mock_oauth2session(mocker, url_for('main.callback'), 'test@invalid_domain.com')
session_dict = {
'oauth_state': 'state'
}
mock_sessions(mocker, session_dict)
class MockResponse:
status_code = 400
def json(self):
return {'message': 'test@invalid_domain.com not in correct domain'}
class MockException:
response = MockResponse()
e = HTTPError.create(MockException())
mocker.patch('app.main.views.os.environ', {})
mocker.patch('app.main.views.api_client.get_user', return_value=None)
mocker.patch('app.main.views.api_client.create_user', side_effect=e)
response = client.get(url_for(
'main.callback'
))
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
err_message = page.select_one('.col-sm')
assert err_message.text.strip() == 'test@invalid_domain.com not in correct domain, '\
'please contact the website administrators to get an email in correct domain'
def it_restricts_areas_for_non_admin(self, client, mocker, areas):
session_dict = {
'user': {
'access_area': areas
},
'user_profile': {
'name': 'test name',
'email': '*****@*****.**'
}
}
users = [
{
'access_area': areas
}
]
mock_sessions(mocker, session_dict)
mocker.patch('app.api_client.get_users', return_value=users)
response = client.get(url_for(
'main.admin'
), follow_redirects=True)
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
_areas = page.select('#content .row div')
areas = [
"{}".format("Events / Attendance" if a == 'event' else a.capitalize() + 's')
for a in areas.split(',') if a
]
assert len(_areas) == len(areas)
area_strs = [a.text.strip() for a in _areas]
assert set(area_strs) == set(areas)
def it_shows_all_areas_for_admin(self, client, mocker, access_areas):
session_dict = {
'user': {
'access_area': 'admin'
},
'user_profile': {
'name': 'test name',
'email': '*****@*****.**'
}
}
users = [
{
'access_area': 'admin'
}
]
mock_sessions(mocker, session_dict)
mocker.patch('app.api_client.get_users', return_value=users)
response = client.get(url_for(
'main.admin'
), follow_redirects=True)
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
areas = page.select('#content .row div')
assert len(areas) == 8
area_strs = [a.text.strip() for a in areas]
assert set(access_areas) == set(area_strs)
def it_redirects_to_google_auth(self, client, mocker):
mock_oauth2session(mocker, 'http://auth_url')
mock_sessions(mocker)
response = client.get(url_for('main.admin'))
assert response.status_code == 302
assert response.location == 'http://auth_url'
def it_updates_user_access_areas(self, client, mocker):
form_users = [{
'user_id': {
'data': 'test id'
},
'email': {
'data': 'y'
},
'order': {
'data': 'y'
},
'event': {
'data': 'y'
},
'admin': {},
'magazine': {
'data': 'y'
},
'cache': {},
'announcement': {},
'article': {},
}, {
'user_id': {
'data': 'test2 id'
},
'email': {
'data': 'y'
},
'order': {},
'admin': {},
'event': {},
'magazine': {
'data': 'y'
},
'cache': {},
'announcement': {},
'article': {},
}]
mock_form = MockForm(form_users)
mocker.patch('app.api_client.get_users', return_value=users)
mock_api_client = mocker.patch(
'app.api_client.update_user_access_area')
mocker.patch('app.main.views.admin.admin.UserListForm',
return_value=mock_form)
mock_sessions(mocker, session_dict)
client.post(url_for('main.admin_users'))
mock_api_client.assert_called_once_with(users[1]['id'],
'event,email,order,magazine,')
def it_shows_some_checked_fields(self, client, mocker):
session_dict = {
'user': {
'access_area': 'admin'
},
'user_profile': {
'name': 'test name',
'email': '*****@*****.**'
}
}
users = [
{
'access_area': 'admin'
},
{
'id': 'test id',
'email': '*****@*****.**',
'access_area': 'email,event,'
}
]
mocker.patch('app.api_client.get_users', return_value=users)
mock_sessions(mocker, session_dict)
response = client.get(url_for(
'main.admin_users'
), follow_redirects=True)
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
rows = page.select('.row')
row = BeautifulSoup("<html>{}</html>".format(rows[1]), 'html.parser')
email = row.select_one('.col-2')
assert email.text.strip() == users[1]['email']
user_id = row.select_one('.col-2 input')
assert user_id.get('value') == users[1]['id']
areas = row.select('.col input')
checked_areas = [a for a in areas if a.has_attr('checked')]
assert len(checked_areas) == 2
assert checked_areas[0].get('name') == 'users-0-event'
assert checked_areas[1].get('name') == 'users-0-email'
def it_stores_the_profile_in_session(self, client, mocker):
mock_oauth2session(mocker, url_for('main.callback'))
session_dict = {'oauth_state': 'state'}
mock_sessions(mocker, session_dict)
mocker.patch('app.main.views.os.environ', {})
mocker.patch('app.main.views.api_client.get_user', return_value=Mock())
response = client.get(url_for('main.callback'))
assert response.status_code == 302
assert session_dict['user_profile'] == {
'name': 'test user',
'email': '*****@*****.**'
}
def it_shows_multiple_users_to_manage(self, client, mocker):
session_dict = {
'user': {
'access_area': 'admin'
},
'user_profile': {
'name': 'test name',
'email': '*****@*****.**'
}
}
users = [
{
'access_area': 'admin'
},
{
'id': 'test id',
'email': '*****@*****.**',
'access_area': 'email,event,'
},
{
'id': 'test2 id',
'email': '*****@*****.**',
'access_area': 'email,report,'
}
]
mocker.patch('app.api_client.get_users', return_value=users)
mock_sessions(mocker, session_dict)
response = client.get(url_for(
'main.admin_users'
), follow_redirects=True)
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
rows = page.select('.row')
row = BeautifulSoup("<html>{}{}</html>".format(rows[1], rows[2]), 'html.parser')
emails = row.select('.col-2')
assert emails[0].text.strip() == users[1]['email']
assert emails[1].text.strip() == users[2]['email']
user_ids = row.select('.col-2 input')
assert user_ids[0].get('value') == users[1]['id']
assert user_ids[1].get('value') == users[2]['id']
def it_does_not_update_if_unchanged(self, client, mocker):
session_dict = {
'user': {
'access_area': 'email,'
},
'user_profile': {
'name': 'test name',
'email': '*****@*****.**'
}
}
users = [{
'access_area': 'admin'
}, {
'id': 'test id',
'email': '*****@*****.**',
'access_area': 'event,email,'
}, {
'id': 'test2 id',
'email': '*****@*****.**',
'access_area': 'email,magazine,'
}]
form_users = [{
'user_id': {
'data': 'test id'
},
'email': {
'data': 'y'
},
'event': {
'data': 'y'
},
'admin': {},
'magazine': {},
'shop': {},
'announcement': {},
'article': {},
}, {
'user_id': {
'data': 'test2 id'
},
'email': {
'data': 'y'
},
'admin': {},
'event': {},
'magazine': {
'data': 'y'
},
'shop': {},
'announcement': {},
'article': {},
}]
mock_form = MockForm(form_users)
mocker.patch('app.api_client.get_users', return_value=users)
mock_api_client = mocker.patch(
'app.api_client.update_user_access_area')
mocker.patch('app.main.views.admin.admin.UserListForm',
return_value=mock_form)
mock_sessions(mocker, session_dict)
client.post(url_for('main.admin_users'))
mock_api_client.assert_not_called()
