def test_shopper_cannot_remove_shopper(self):
shopper = test_utils.create_shopper()
requester = test_utils.create_requester(shoppers=[shopper])
self.assertIn(shopper, requester.shoppers.all())
self.login_user(shopper.user)
resp = self.remove_shopper(shopper)
self.assertResponseIsPermissionDenied(resp)
def test_shopper_can_claim_requested_item(self):
shopper = test_utils.create_shopper()
requested_item = test_utils.create_requested_item(shopper=shopper)
self.login_user(shopper.user)
self.claim_item(requested_item)
requested_item.refresh_from_db()
self.assertEqual(requested_item.shopper, shopper)
def test_requester_can_remove_shopper(self):
shopper = test_utils.create_shopper()
requester = test_utils.create_requester(shoppers=[shopper])
self.assertIn(shopper, requester.shoppers.all())
self.login_user(requester.user)
self.remove_shopper(shopper)
self.assertNotIn(shopper, requester.shoppers.all())
def test_invite_link_is_updated_once_invite_is_accepted(self):
requester = test_utils.create_requester()
original_invite_token = requester.invite_token
shopper = test_utils.create_shopper()
self.login_user(shopper.user)
self.get(requester.invite_link)
self.assertIn(shopper, requester.shoppers.all())
requester.refresh_from_db()
self.assertNotEqual(original_invite_token, requester.invite_token)
def test_unauthorized_user_cannot_delete_comment(self):
requested_item = test_utils.create_requested_item(
shopper=test_utils.create_shopper())
comment = test_utils.create_comment(requested_item=requested_item)
requester = test_utils.create_requester()
self.login_user(requester.user)
resp = self.delete_comment(comment)
self.assertResponseIsPermissionDenied(resp)
def test_user_can_delete_comment(self):
shopper = test_utils.create_shopper()
requested_item = test_utils.create_requested_item(shopper=shopper)
comment = test_utils.create_comment(author=shopper.user,
requested_item=requested_item)
self.assertEqual(requested_item.comments.count(), 1)
self.login_user(shopper.user)
resp = self.delete_comment(comment)
self.assertEqual(requested_item.comments.count(), 0)
def test_user_can_create_comment(self):
comment_body = 'Bar'
shopper = test_utils.create_shopper()
requested_item = test_utils.create_requested_item(shopper=shopper)
self.login_user(shopper.user)
self.create_comment(requested_item, {'body': comment_body})
requested_item.refresh_from_db()
self.assertEqual(requested_item.comments.count(), 1)
comment = requested_item.comments.first()
self.assertEqual(comment_body, comment.body)
def test_shopper_can_accept_invite(self):
requester = test_utils.create_requester()
shopper = test_utils.create_shopper()
self.login_user(shopper.user)
self.get(requester.invite_link)
self.assertIn(shopper, requester.shoppers.all())
def test_user_must_be_logged_in_to_accept_invite(self):
requester = test_utils.create_requester()
shopper = test_utils.create_shopper()
resp = self.get(requester.invite_link)
self.assertResponseIsRedirect(resp)
self.assertNotIn(shopper, requester.shoppers.all())
def test_shopper_cannot_view_detail_of_unauthorized_requester(self):
shopper = test_utils.create_shopper()
requester = test_utils.create_requester()
self.login_user(shopper.user)
resp = self.view_requester_detail(requester)
self.assertResponseIsPermissionDenied(resp)
def test_shopper_cannot_view_shopper_detail(self):
shopper_one = test_utils.create_shopper()
shopper_two = test_utils.create_shopper()
self.login_user(shopper_one.user)
resp = self.view_shopper_detail(shopper_two)
self.assertResponseIsPermissionDenied(resp)
def test_shoppers_cannot_can_view_shopper_list(self):
shopper = test_utils.create_shopper()
self.login_user(shopper.user)
resp = self.client.get(reverse('core:shoppers'))
self.assertResponseIsPermissionDenied(resp)
def test_unauthorized_shopper_cannot_claim_requested_item(self):
requested_item = test_utils.create_requested_item()
shopper = test_utils.create_shopper()
self.login_user(shopper.user)
resp = self.claim_item(requested_item)
self.assertResponseIsPermissionDenied(resp)
def test_shopper_cannot_delete_requested_items(self):
shopper = test_utils.create_shopper()
requested_item = test_utils.create_requested_item()
self.login_user(shopper.user)
resp = self.delete_requested_item(requested_item)
self.assertResponseIsPermissionDenied(resp)
def test_shoppers_cannot_create_requested_items(self):
shopper = test_utils.create_shopper()
self.login_user(shopper.user)
resp = self.visit_requested_items()
self.assertResponseIsPermissionDenied(resp)
def test_shopper_cannot_access_requesters_requested_items_list(self):
shopper = test_utils.create_shopper()
self.login_user(shopper.user)
resp = self.view_requested_items()
self.assertResponseIsPermissionDenied(resp)