def test_user_can_manage(self):
policy = PolicyFactory()
user = UserFactory()
policy.managers.add(user)
policy.save()
is_granted = user.has_perm('subscription.manage_policy', policy)
self.assertEqual(is_granted, True)
def test_valid_manager(self):
policy = PolicyFactory()
user = User.objects.create_user(username='******', password='******')
self.client.login(username=user.username, password='******')
policy.managers.add(user)
policy.save()
response = self.client.get(self.url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, str(policy))
def test_acccount_add_granted(self):
policy = PolicyFactory()
policy.managers.add(self.user_granted)
policy.save()
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:subscription:account_add')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_filtered_listing(self):
policy = PolicyFactory()
user = User.objects.create_user(username='******', password='******')
policy.managers.add(user)
policy.save()
IndividualAccountFactory.create_batch(2, policy=policy)
IndividualAccountFactory.create_batch(3)
self.client.login(username=user.username, password='******')
response = self.client.get(self.url)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.context['object_list']), 2)
def test_acccount_delete_restricted(self):
policy = PolicyFactory()
policy.save()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:subscription:account_delete',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def test_permissions_ko(self):
policy = PolicyFactory()
user = User.objects.create_user(username='******', password='******')
self.client.login(username=user.username, password='******')
policy.managers.add(user)
policy.save()
account = IndividualAccountFactory()
url = reverse('userspace:subscription:account_delete',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def test_menu_subscription_presence(self):
policy = PolicyFactory()
user = UserFactory(username="******")
user.set_password("user")
user.save()
policy.managers.add(user)
policy.save()
url = reverse('userspace:subscription:account_list')
self.client.login(username="******", password="******")
response = self.client.get(reverse('userspace:dashboard'))
self.assertContains(response, url)
def test_acccount_reset_password_granted(self):
policy = PolicyFactory()
policy.managers.add(self.user_granted)
policy.save()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:subscription:account_reset_pwd',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_can_grant_access_to_an_article_if_it_is_associatd_to_an_institutional_account(self):
# Setup
issue = IssueFactory.create(
journal=self.journal, date_published=dt.datetime.now(), localidentifier='test',
open_access=True)
article = ArticleFactory.create(issue=issue)
policy = PolicyFactory.create(max_accounts=2)
policy.access_journal.add(self.journal)
organisation = OrganisationFactory.create()
institutional_account = InstitutionalAccountFactory(
institution=organisation, policy=policy)
InstitutionIPAddressRangeFactory.build(
institutional_account=institutional_account,
ip_start='192.168.1.2', ip_end='192.168.1.4')
class MyView(ArticleAccessCheckMixin):
def get_article(self):
return article
request = self.factory.get('/')
parameters = request.META.copy()
parameters['HTTP_X_FORWARDED_FOR'] = '192.168.1.3'
request.META = parameters
view = MyView()
view.request = request
# Run # check
self.assertTrue(view.has_access())
def test_empty_pwd(self):
policy = PolicyFactory()
user = User.objects.create_user(username='******', password='******')
self.client.login(username=user.username, password='******')
policy.managers.add(user)
policy.save()
account = IndividualAccountFactory(policy=policy)
old_pwd = account.password
url = reverse('userspace:subscription:account_reset_pwd',
args=(account.pk, ))
response = self.client.post(url, {'password': ''})
self.assertEqual(response.status_code, 302)
same_account = IndividualAccount.objects.get(id=account.pk)
self.assertEqual(IndividualAccount.objects.count(), 1)
self.assertNotEqual(same_account.password, old_pwd)
self.assertEqual(same_account.email, account.email)
