def test_q_register_redirect(self): """ just like test_q_register_post, but tries to fill out the "honeypot" field :return: """ redirect_to = "/test/" query_limit = FuzzyInt(0, 10) with self.assertNumQueries(query_limit): request_url = add_parameters_to_url( reverse("register"), next=redirect_to # adding the redirection parameter here ) response = self.client.get(request_url) registration_form = response.context["form"] post_data = get_data_from_form(registration_form, include={ settings.HONEYPOT_FIELD_NAME: u"", # the honeypot field }) post_data["username"] = "******" post_data["password1"] = "PaSsWoRd123!" post_data["password2"] = "PaSsWoRd123!" response = self.client.post(request_url, data=post_data, follow=True) self.assertEqual(response.status_code, 200) self.assertEqual(response.request["PATH_INFO"], redirect_to)
def test_add_parameters_to_context(self): test_params = { "one": "one", "two": "two", "three": "three," } request_url = add_parameters_to_url(reverse("test"), **test_params) request = self.factory.get(request_url) context = add_parameters_to_context(request) for key, value in test_params.iteritems(): self.assertEqual(context[key], value)
def test_redirect_legacy_projects(self): test_params = { "a": "a", "b": "b", } current_request_url = add_parameters_to_url(reverse("project", kwargs={ "project_name": "current_project", }), **test_params) legacy_request_url = add_parameters_to_url(reverse("project", kwargs={ "project_name": "legacy_project", }), **test_params) # check that a non-legacy view did not redirect and returned a normal status_code... response = self.client.get(current_request_url) with self.assertRaises(AssertionError): self.assertRedirects(response, expected_url=LEGACY_HOST+current_request_url) self.assertEqual(response.status_code, 200) import ipdb; ipdb.set_trace() # TODO: THIS ASSERTION FAILS # check that a legacy view did redirect and the status_code was either 301 or 302... response = self.client.get(legacy_request_url) self.assertRedirects(response, expected_url=LEGACY_HOST+legacy_request_url, status_code=FuzzyInt(301, 302), fetch_redirect_response=False)
def q_customize_new(request, project_name=None, ontology_key=None, document_type=None): # save any request parameters... # (in case of redirection) context = add_parameters_to_context(request) # check the arguments... validity, project, ontology, model_proxy, msg = validate_view_arguments( project_name=project_name, ontology_key=ontology_key, document_type=document_type ) if not validity: return q_error(request, msg) # check authentication... # (not using "@login_required" b/c some projects ignore authentication) current_user = request.user if project.authenticated: if not current_user.is_authenticated(): next_page = add_parameters_to_url(reverse("account_login"), next=request.path) return HttpResponseRedirect(next_page) if not is_admin_of(current_user, project): next_page = reverse("project", kwargs={"project_name": project_name}) msg = "You have tried to view a restricted resource for this project. Please consider joining." messages.add_message(request, messages.WARNING, msg) return HttpResponseRedirect(next_page) # get (or set) customization objects from the cache... session_key = get_key_from_request(request) cached_customizations_key = "{0}_customizations".format(session_key) model_customization = get_or_create_cached_object(request.session, cached_customizations_key, get_new_customizations, **{ "project": project, "ontology": ontology, "model_proxy": model_proxy, # "key": model_proxy.name, "key": model_proxy.key, } ) if current_user.is_authenticated(): set_owner(model_customization, evaluate_lazy_object(current_user)) # setup top-level form... # (subforms are handled by the load-on-demand paradigm) model_customization_form_class = MODEL_CUSTOMIZATION_FORM_MAP["form_class"] model_customization_form = model_customization_form_class( instance=model_customization, form_name=MODEL_CUSTOMIZATION_FORM_MAP["form_name"].format(safe_key=model_customization.key.replace('-', '_')), scope_prefix=MODEL_CUSTOMIZATION_FORM_MAP["form_scope_prefix"], # prefix=?!? ) # work out various paths, so that ng can reload things as needed... view_url_dirname = request.path.rsplit('/', 1)[0] api_url_dirname = reverse("customization-list").rsplit('/', 1)[0] # gather all the extra information required by the template... template_context = { "project": project, "ontology": ontology, "proxy": model_proxy, "view_url_dirname": view_url_dirname, "api_url_dirname": api_url_dirname, "session_key": session_key, "customization": model_customization, "form": model_customization_form, } return render_to_response('questionnaire/q_customize.html', template_context, context_instance=context)
def q_edit_new(request, project_name=None, ontology_key=None, document_type=None): # save any request parameters... # (in case of redirection) context = add_parameters_to_context(request) # check the arguments... validity, project, ontology, model_proxy, model_customization, msg = validate_view_arguments( project_name=project_name, ontology_key=ontology_key, document_type=document_type ) if not validity: return q_error(request, msg) # check authentication... # (not using "@login_required" b/c some projects ignore authentication) current_user = request.user if project.authenticated: if not current_user.is_authenticated(): next_page = add_parameters_to_url(reverse("account_login"), next=request.path) return HttpResponseRedirect(next_page) if not is_user_of(current_user, project): next_page = reverse("project", kwargs={"project_name": project_name}) msg = "You have tried to view a restricted resource for this project. Please consider joining." messages.add_message(request, messages.WARNING, msg) return HttpResponseRedirect(next_page) # get (or set) realization objects from the cache... session_key = get_key_from_request(request) cached_realizations_key = "{0}_realizations".format(session_key) model_realization = get_or_create_cached_object(request.session, cached_realizations_key, get_new_realizations, **{ "project": project, "ontology": ontology, "model_proxy": model_proxy, "key": model_proxy.name, } ) if current_user.is_authenticated(): set_owner(model_realization, evaluate_lazy_object(current_user)) model_realization.is_root = True # TODO: COME UP W/ A BETTER WAY OF DEALING W/ "is_root" # no forms are created here, # instead the load-on-demand paradigm is used, # work out various paths, so that ng can reload things as needed... view_url_dirname = request.path.rsplit('/', 1)[0] api_url_dirname = reverse("realization-list").rsplit('/', 1)[0] # gather all the extra information required by the template... template_context = { "project": project, "ontology": ontology, "proxy": model_proxy, "view_url_dirname": view_url_dirname, "api_url_dirname": api_url_dirname, "session_key": session_key, "customization": model_customization, "realization": model_realization, "read_only": "false", # passing "false" instead of False b/c this is a JS variable } return render_to_response('questionnaire/q_edit.html', template_context, context_instance=context)
def q_edit_existing(request, project_name=None, ontology_key=None, document_type=None, realization_pk=None): # save any request parameters... # (in case of redirection) context = add_parameters_to_context(request) # check the arguments... validity, project, ontology, model_proxy, model_customization, msg = validate_view_arguments( project_name=project_name, ontology_key=ontology_key, document_type=document_type ) if not validity: return q_error(request, msg) # check authentication... # (not using "@login_required" b/c some projects ignore authentication) current_user = request.user if project.authenticated: if not current_user.is_authenticated(): next_page = add_parameters_to_url(reverse("account_login"), next=request.path) return HttpResponseRedirect(next_page) if not is_user_of(current_user, project): next_page = reverse("project", kwargs={"project_name": project_name}) msg = "You have tried to view a restricted resource for this project. Please consider joining." messages.add_message(request, messages.WARNING, msg) return HttpResponseRedirect(next_page) # get (or set) realization objects from the cache... # note that unlike in "q_edit_new" above, this bit is enclosed in a try/catch block try: session_key = get_key_from_request(request) cached_realizations_key = "{0}_realizations".format(session_key) model_realization = get_or_create_cached_object(request.session, cached_realizations_key, get_existing_realizations, **{ "project": project, "ontology": ontology, "model_proxy": model_proxy, "model_id": realization_pk } ) except ObjectDoesNotExist: msg = "Cannot find a document with an id of '{0}' for that project/ontology/document type combination.".format(realization_pk) return q_error(request, msg) # no forms are created here, # instead the load-on-demand paradigm is used, # work out various paths, so that ng can reload things as needed... # (notice these are slightly different than in "q_edit_new" above view_url_dirname = request.path.rsplit('/', 1)[0] api_url_dirname = reverse("realization-detail", kwargs={"pk": model_realization.pk}).rsplit('/', 2)[0] # gather all the extra information required by the template... template_context = { "project": project, "ontology": ontology, "proxy": model_proxy, "view_url_dirname": view_url_dirname, "api_url_dirname": api_url_dirname, "session_key": session_key, "customization": model_customization, "realization": model_realization, "read_only": "false", # passing "false" instead of False b/c this is a JS variable } return render_to_response('questionnaire/q_edit.html', template_context, context_instance=context)