def test_partner_filtering(self): """Users can filter by partner""" if not self.partner_filtering: return # We can't tell if its working unless they have permission to see # other users' records user = CtsUserFactory(role=ROLE_MANAGER) partner1 = self.partner partner2 = CtsUserFactory(role=ROLE_PARTNER) partner1_item = self.item_for_partner(partner1) partner2_item = self.item_for_partner(partner2) queryset = self.filter_class._meta.model.objects.all() # Filter to only partner1 items data = {'partner': partner1.pk} filter = self.filter_class(data=data, queryset=queryset, user=user) pks = filter.qs.values_list('pk', flat=True) self.assertIn(partner1_item.id, pks) self.assertNotIn(partner2_item.id, pks) # Filter to only partner2 items data = {'partner': partner2.pk} filter = self.filter_class(data=data, queryset=queryset, user=user) pks = filter.qs.values_list('pk', flat=True) self.assertNotIn(partner1_item.id, pks) self.assertIn(partner2_item.id, pks)
def test_user_edit_duplicate_email(self): user = CtsUserFactory() user2 = CtsUserFactory() data = model_to_dict(user) data['email'] = user2.email form = CtsUserEditForm(instance=user, data=data) self.assertFalse(form.is_valid()) self.assertIn('email', form.errors)
def test_update_deviceid(self, mock_ona_form_submissions, mock_get_form_definition): # A later scan can update the user/device connection user2 = CtsUserFactory(code='test2', deviceid='device_foo') user3 = CtsUserFactory(code='test3', deviceid='device_foo') submission = json.loads(USER_CODE_DATA) mock_ona_form_submissions.return_value = [submission] verify_deviceid.run() # "new" user now has device self.assertEqual('device_foo', CtsUser.objects.get(pk=self.user.pk).deviceid) # and previous users do not self.assertEqual('', CtsUser.objects.get(pk=user2.pk).deviceid) self.assertEqual('', CtsUser.objects.get(pk=user3.pk).deviceid)
def test_is_just_partner(self): user = CtsUserFactory(role=ROLE_PARTNER, is_superuser=False) self.assertTrue(user.is_just_partner()) user.role = ROLE_COORDINATOR user.save() self.assertFalse(user.is_just_partner()) user.role = ROLE_PARTNER user.is_superuser = True user.save() self.assertFalse(user.is_just_partner()) user = CtsUserFactory(role=ROLE_PARTNER, is_superuser=False) self.assertTrue(user.is_just_partner()) manager_group = Group.objects.get(name=ROLE_MANAGER) user.groups.add(manager_group) self.assertFalse(user.is_just_partner())
def test_list(self): user = CtsUserFactory() rsp = self.client.get(reverse('user_list')) self.assertEqual(200, rsp.status_code) self.assertContains(rsp, user.name, msg_prefix=rsp.content.decode('utf-8'))
def setUp(self): super(KitDeleteViewTest, self).setUp() self.user = CtsUserFactory(email="*****@*****.**", password="******", role=ROLE_COORDINATOR) assert self.client.login(email="*****@*****.**", password="******") assert self.user.has_perm('shipments.delete_kit')
def setUp(self): super(ReportTestMixin, self).setUp() self.user = CtsUserFactory(email="*****@*****.**") self.user.set_password("password") self.user.save() assert self.client.login(email="*****@*****.**", password="******") self.url = reverse(self.report_class.get_report_url_name())
def test_just_partner(self): # Partner may not view another's shipment self.just_partner() user2 = CtsUserFactory() self.shipment.partner = user2 self.shipment.save() rsp = self.client.get(self.url) self.assertEqual(404, rsp.status_code)
def test_just_partner_get_other(self): # Partner may not view other partners' shipments # Just acts like it's not there (404) self.just_partner() partner = CtsUserFactory(role=ROLE_PARTNER) self.shipment.partner = partner self.shipment.save() rsp = self.client.get(self.url) self.assert404(rsp)
def can_see_other_partners_records(self, user): """Return True if the user can see other partners' records""" other_partner = CtsUserFactory(role=ROLE_PARTNER) item = self.item_for_partner(other_partner) queryset = self.filter_class._meta.model.objects.all() filter = self.filter_class(data={}, queryset=queryset, user=user) pks = filter.qs.values_list('pk', flat=True) return item.id in pks
def test_just_partner(self): # Partner may not view another's shipment self.url = reverse('summary_manifests', kwargs={'pk': self.shipment.pk}) self.just_partner() self.shipment.partner = CtsUserFactory() self.shipment.save() rsp = self.client.get(self.url) self.assertEqual(404, rsp.status_code)
def test_just_partner(self): # Partner may view a shipment's package items, but only if it's the user's shipment self.just_partner() rsp = self.client.get(self.url) self.assertEqual(200, rsp.status_code) self.shipment.partner = CtsUserFactory() self.shipment.save() rsp = self.client.get(self.url) self.assertEqual(404, rsp.status_code)
def test_post_user(self): # The API is read-only. Any POST should return a 405 user = CtsUserFactory(name="barney fife") rsp = self.call_api('/api/auth/users/%d/' % user.pk) self.assertEqual(200, rsp.status_code) data = json.loads(rsp.content) data['name'] = "Freddy Fife" rsp = self.post_api('/api/auth/users/%d/' % user.pk, data=data) self.assertEqual(405, rsp.status_code)
def test_hex_color(self): # missing # user = CtsUserFactory(colour='555aaa') with self.assertRaises(ValidationError): user.full_clean() # not 3 or 6 user = CtsUserFactory(colour='#5544') with self.assertRaises(ValidationError): user.full_clean() # alpha out of range user = CtsUserFactory(colour='#JJJKKK') with self.assertRaises(ValidationError): user.full_clean() # short version user.colour = '#FFF' user.full_clean() # long version user.colour = '#FFFCCC' user.full_clean()
def test_reset_api_token_post_without_permission(self): self.user.role = ROLE_PARTNER # least permissions self.user.save() user = CtsUserFactory() original_token = user.auth_token.key url = reverse('reset_api_token', kwargs={'pk': user.pk}) rsp = self.client.post(url) self.assertEqual(403, rsp.status_code) user = CtsUser.objects.get(pk=user.pk) self.assertEqual(original_token, user.auth_token.key)
def test_just_partner(self): # Partner may not view another's shipment # For this view, means other shipments are omitted from the view self.just_partner() self.shipment.partner = CtsUserFactory() self.shipment.save() rsp = self.client.get(self.url) context = rsp.context shipments = context['shipments'] self.assertNotIn(self.shipment, shipments)
def test_user_edit(self): user = CtsUserFactory() data = model_to_dict(user) data['mobile'] = '+1134234' form = CtsUserEditForm(instance=user, data=data) self.assertTrue(form.is_valid()) user = form.save() user = CtsUser.objects.get(pk=user.pk) self.assertEqual(data['mobile'], user.mobile)
def test_duplicate_email(self): data = { 'email': '*****@*****.**', 'password1': 'password', 'password2': 'password', } initial = {'is_active': True, 'name': '', 'email': ''} CtsUserFactory(email=data['email']) form = CtsUserCreationForm(initial=initial, data=data) self.assertFalse(form.is_valid()) self.assertIn('email', form.errors)
def test_mobile_validator(self): # text user = CtsUserFactory(mobile='555aaa') with self.assertRaises(ValidationError): user.full_clean() # optional + user.mobile = '+555' user.full_clean() # optional - user.mobile = '555-555-555' user.full_clean()
def test_create_duplicate_email(self): data = { 'name': 'test', 'email': '*****@*****.**', 'mobile': '999', 'skype': 'testtest', 'role': ROLE_PARTNER, 'is_active': True, } CtsUserFactory(email=data['email']) url = reverse('new_cts_user_modal') rsp = self.client.post(url, data=data) self.assertEqual(400, rsp.status_code)
def test_just_partner(self): # Partner may not view another's shipment self.just_partner() self.shipment.partner = CtsUserFactory() self.shipment.save() self.url = reverse('package_barcodes', kwargs={ 'pk': self.shipment.pk, 'size': 6, 'labels': '3,4' }) rsp = self.client.get(self.url) self.assertEqual(404, rsp.status_code)
def test_post_good(self): partner = CtsUserFactory(role=ROLE_PARTNER) data = { 'description': 'DESCRIPTION', 'shipment_date': force_text(timezone.now().date()), 'estimated_delivery': 2, 'partner': partner.id, 'store_release': 'foo' } rsp = self.client.post(reverse('create_shipment'), data=data) if rsp.status_code == 400: self.fail(rsp.context['form'].errors) new_shipment = Shipment.objects.exclude(pk=self.shipment.pk).get() next_url = reverse('edit_shipment', kwargs={'pk': new_shipment.pk}) self.assertRedirects(rsp, next_url) self.assertEqual('DESCRIPTION', new_shipment.description)
def test_post_good(self): partner = CtsUserFactory(role=ROLE_PARTNER) data = { 'description': 'DESCRIPTION', 'shipment_date': force_text(timezone.now().date()), 'estimated_delivery': 2, 'partner': partner.id, 'store_release': 'foo' } rsp = self.client.post(self.url, data=data) if rsp.status_code == 400: self.fail(rsp.context['form'].errors) self.assertRedirects(rsp, reverse('edit_shipment', args=[self.shipment.pk])) shipment = Shipment.objects.get(pk=self.shipment.pk) self.assertEqual(data['description'], shipment.description)
def test_delete(self): # Delete a user # Need to be logged in as one user, then delete another user user = CtsUserFactory() url = reverse('user_delete', args=[user.pk]) rsp = self.client.get(url) self.assertEqual(200, rsp.status_code) self.assertContains(rsp, 'Confirm') CtsUser.objects.get(pk=user.pk) # Now delete it! # Should really just change them to not active. rsp = self.client.post(url) if rsp.status_code == 400: self.fail(rsp.context['form'].errors) self.assertRedirects(rsp, reverse('user_list')) user = CtsUser.objects.get(pk=user.pk) self.assertFalse(user.is_active)
def test_save_sets_groups(self): user = CtsUserFactory(role=ROLE_PARTNER) self.assertTrue(user.groups.filter(name=ROLE_PARTNER).exists()) self.assertFalse(user.groups.filter(name=ROLE_OFFICER).exists()) self.assertFalse(user.groups.filter(name=ROLE_COORDINATOR).exists()) user.role = ROLE_OFFICER user.save() self.assertFalse(user.groups.filter(name=ROLE_PARTNER).exists()) self.assertTrue(user.groups.filter(name=ROLE_OFFICER).exists()) self.assertFalse(user.groups.filter(name=ROLE_COORDINATOR).exists()) user.role = ROLE_COORDINATOR user.save() self.assertFalse(user.groups.filter(name=ROLE_PARTNER).exists()) self.assertTrue(user.groups.filter(name=ROLE_OFFICER).exists()) self.assertTrue(user.groups.filter(name=ROLE_COORDINATOR).exists()) user.role = ROLE_PARTNER user.save() self.assertTrue(user.groups.filter(name=ROLE_PARTNER).exists()) self.assertFalse(user.groups.filter(name=ROLE_OFFICER).exists()) self.assertFalse(user.groups.filter(name=ROLE_COORDINATOR).exists())
def test_skype_validator(self): # space user = CtsUserFactory(skype='aaa aaa') with self.assertRaises(ValidationError): user.full_clean() # starts with non-letter user.skype = '$asdfasdf' with self.assertRaises(ValidationError): user.full_clean() # < 5 chars user.skype = 'asdff' with self.assertRaises(ValidationError): user.full_clean() # > 32 chars user.skype = ''.join( random.choice(string.lowercase) for i in range(33)) with self.assertRaises(ValidationError): user.full_clean() user.skype = ''.join( random.choice(string.lowercase) for i in range(10)) user.full_clean()
def setUp(self): super(TestReportList, self).setUp() self.user = CtsUserFactory(email="*****@*****.**") self.user.set_password("password") self.user.save() assert self.client.login(email="*****@*****.**", password="******")
def setUp(self): self.user = CtsUserFactory(code=QR_CODE) reset_bad_form_ids() forget_form_definitions()
def test_has_role(self): user = CtsUserFactory(role=ROLE_PARTNER) self.assertTrue(user.has_role(ROLE_PARTNER)) self.assertFalse(user.has_role(ROLE_COORDINATOR)) user.groups.add(Group.objects.get(name=ROLE_COORDINATOR)) self.assertTrue(user.has_role(ROLE_COORDINATOR))
def setUp(self): self.user = CtsUserFactory(email='*****@*****.**', password='******') assert self.client.login(email='*****@*****.**', password="******")