def test_farewell_screen_fails(self):
response = self.client.post(reverse('farewell_screen',
kwargs={'door_id': door.id}),
follow=True)
test_response_is_failed_login(self, response)
login_as_user(self.client)
response = self.client.post(reverse('farewell_screen',
kwargs={'door_id': door.id}),
follow=True)
test_response_is_landing_page(
self,
response) # landing since we don't have the right credentials
login_as_user_with_permissions(self.client,
['change_areaaccessrecord'])
response = self.client.post(reverse('farewell_screen',
kwargs={'door_id': door.id}),
follow=True)
self.assertEqual(response.status_code,
405) # POST isn't accepted, only GET
response = self.client.get(reverse('farewell_screen',
kwargs={'door_id': 999}),
follow=True)
self.assertEqual(response.status_code, 404) # wrong door id
response = self.client.get(reverse('farewell_screen',
kwargs={'door_id': door.id}),
follow=True)
self.assertEqual(response.status_code, 200) # All good now
self.assertTrue("farewell_screen" in response.request['PATH_INFO'])
def test_login_to_area(self):
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
follow=True)
test_response_is_failed_login(self, response)
login_as_user(self.client)
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
follow=True)
test_response_is_landing_page(
self,
response) # landing since we don't have the right credentials
user = login_as_user_with_permissions(self.client,
['add_areaaccessrecord'])
response = self.client.get(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertEqual(response.status_code,
405) # GET isn't accepted, only POST
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': 999}),
follow=True)
self.assertEqual(response.status_code, 404) # wrong door id
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
follow=True)
self.assertContains(response, "Your badge wasn't recognized")
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': 999},
follow=True)
self.assertContains(response, "Your badge wasn't recognized")
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertContains(
response=response,
text="You are not a member of any active projects",
status_code=200) # user does not have active projects
user.projects.add(
Project.objects.create(
name="Project1",
account=Account.objects.create(name="Account1")))
user.save()
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertContains(response=response,
text="Physical access denied",
status_code=200) # user does not have access
user.physical_access_levels.add(
PhysicalAccessLevel.objects.create(
name="cleanroom access",
area=door.area,
schedule=PhysicalAccessLevel.Schedule.ALWAYS))
user.save()
door.area.maximum_capacity = 1
door.area.save()
# add a logged in person so capacity is reached
AreaAccessRecord.objects.create(
area=door.area,
customer=User.objects.create(username='******',
first_name='Test',
last_name='Staff',
is_staff=True,
badge_number=2222),
project=Project.objects.get(name="Project1"),
start=datetime.now())
staff = User.objects.create(username='******',
first_name='Test',
last_name='Staff',
is_staff=True,
badge_number=11111)
staff.projects.add(Project.objects.get(name="Project1"))
staff.physical_access_levels.add(
PhysicalAccessLevel.objects.get(name="cleanroom access"))
staff.save()
self.client.force_login(user=user)
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertContains(response,
"This area has reached its maximum capacity.")
# staff can still login
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertContains(response=response,
text="You're logged in to the ",
status_code=200)
self.assertTrue(
AreaAccessRecord.objects.filter(
area=door.area,
customer=User.objects.get(
badge_number=staff.badge_number)).exists())
# try again user, should fail
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertContains(response,
"This area has reached its maximum capacity.")
# increase capacity so user can login
door.area.maximum_capacity = 5
door.area.save()
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertContains(response=response,
text="You're logged in to the ",
status_code=200)
self.assertTrue(
AreaAccessRecord.objects.filter(
area=door.area,
customer=User.objects.get(
badge_number=user.badge_number)).exists())
def test_staff_login_to_area(self):
staff = login_as_staff(self.client)
tablet_user = login_as_user_with_permissions(self.client,
['add_areaaccessrecord'])
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertEqual(response.status_code, 200)
self.assertTrue("You are not a member of any active projects" in str(
response.content)) # user does not have active projects
staff.projects.add(
Project.objects.create(
name="Maintenance",
account=Account.objects.create(name="Maintenance Account")))
staff.save()
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertTrue("Physical access denied" in str(response.content))
# create an area an allow staff access without granting it to them
access = PhysicalAccessLevel.objects.create(
allow_staff_access=True,
name="cleanroom access",
area=door.area,
schedule=PhysicalAccessLevel.Schedule.ALWAYS)
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertEqual(response.status_code, 200)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertTrue("You're logged in to the " in str(response.content))
# try to login again
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertTrue("already logged into"
in str(response.content)) # user already logged in
response = self.client.post(reverse('logout_of_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertEqual(response.status_code, 200)
test_response_is_landing_page(
self, response) # tablet user does not have permission to logout
tablet_user.user_permissions.add(
Permission.objects.get(codename='change_areaaccessrecord'))
tablet_user.save()
response = self.client.post(reverse('logout_of_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertTrue("now logged out of the" in str(response.content))
# now undo access and try explicitly
access.allow_staff_access = False
access.save()
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertTrue("Physical access denied" in str(response.content))
# also work by explicitly giving access to staff
staff.physical_access_levels.add(access)
staff.save()
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': staff.badge_number},
follow=True)
self.assertEqual(response.status_code, 200)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertTrue("You're logged in to the " in str(response.content))
self.assertTrue(
AreaAccessRecord.objects.filter(
area=door.area,
customer=User.objects.get(
badge_number=staff.badge_number)).exists())
def test_login_to_area(self):
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
follow=True)
test_response_is_login_page(self, response)
login_as_user(self.client)
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
follow=True)
test_response_is_landing_page(
self,
response) # landing since we don't have the right credentials
user = login_as_user_with_permissions(self.client,
['add_areaaccessrecord'])
response = self.client.get(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertEqual(response.status_code,
405) # GET isn't accepted, only POST
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': 999}),
follow=True)
self.assertEqual(response.status_code, 404) # wrong door id
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
follow=True)
self.assertTrue(
"Your badge wasn\\'t recognized" in str(response.content))
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': 999},
follow=True)
self.assertTrue(
"Your badge wasn\\'t recognized" in str(response.content))
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertEqual(response.status_code, 200)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertTrue("You are not a member of any active projects" in str(
response.content)) # user does not have active projects
user.projects.add(
Project.objects.create(
name="Project1",
account=Account.objects.create(name="Account1")))
user.save()
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertEqual(response.status_code, 200)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertTrue("Physical access denied"
in str(response.content)) # user does not have access
user.physical_access_levels.add(
PhysicalAccessLevel.objects.create(
name="cleanroom access",
area=door.area,
schedule=PhysicalAccessLevel.Schedule.ALWAYS))
user.save()
response = self.client.post(reverse('login_to_area',
kwargs={'door_id': door.id}),
data={'badge_number': user.badge_number},
follow=True)
self.assertEqual(response.status_code, 200)
self.assertTrue(
f"login_to_area/{door.id}" in response.request['PATH_INFO'])
self.assertTrue("You're logged in to the " in str(response.content))
self.assertTrue(
AreaAccessRecord.objects.filter(
area=door.area,
customer=User.objects.get(
badge_number=user.badge_number)).exists())