def test_redirect(self): """ Redirecting with redirect stub """ crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG) memb = Member.objects.get(offering=crs, person__userid="ggbaker") p = Page(offering=crs, label="Test") p.save() v = PageVersion(page=p, title="Test Page", wikitext="one +two+ three +four+", editor=memb) v.save() c = Client() # normal pages still viewable url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'Test'}) response = c.get(url) self.assertEqual(response.status_code, 200) v = PageVersion(page=p, redirect='NewLocation', editor=memb) v.save() response = c.get(url) self.assertEqual(response.status_code, 301) redir_url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'NewLocation'}) self.assertTrue(response['location'].endswith(redir_url))
def test_inaccessible_pages(self): # Presumably, our booking that starts more than 5 years ago is the one generated in the fixtures. If there are # others that old, it should at least be the first. unit = Unit.objects.get(slug='cmpt') booking = BookingRecord.objects.filter(start_time__lte=self.long_start, location__unit=unit).first() location = booking.location roomtype = location.room_type client = Client() # First, without logging in: url = reverse('space:index') response = client.get(url) self.assertEqual(response.status_code, 302) # Now log in but without the correct role client.login_user('pba7') response = client.get(url) self.assertEqual(response.status_code, 403) # We darn well better not be able to delete anything without the proper role: url = reverse('space:delete_booking', kwargs={'booking_id': booking.id}) response = client.post(url, follow=True) self.assertEqual(response.status_code, 403) url = reverse('space:delete_location', kwargs={'location_id': location.id}) response = client.post(url, follow=True) self.assertEqual(response.status_code, 403) url = reverse('space:delete_roomtype', kwargs={'roomtype_id': roomtype.id}) response = client.post(url, follow=True) self.assertEqual(response.status_code, 403)
def test_staff_page(self): """ Check the requires_course_staff_by_slug decorator. """ # a URL and some members/non-members url = reverse('grades.views.class_list', kwargs={'course_slug': TEST_COURSE_SLUG}) instr = "ggbaker" ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='TA')[0].person.userid student = "0aaa0" nobody = "0bbb6" client = Client() # try without logging in response = client.get(url) self.assertEquals(response.status_code, 302) # try as instructor client.login_user(instr) response = client.get(url) self.assertEquals(response.status_code, 200) validate_content(self, response.content, url) # try as TA client.login_user(ta) response = client.get(url) self.assertEquals(response.status_code, 200) # try as student client.login_user(student) response = client.get(url) self.assertEquals(response.status_code, 403) # try as non-member client.login_user(nobody) response = client.get(url) self.assertEquals(response.status_code, 403)
def test_course_page(self): """ Check out a course front-page """ _, c = create_offering() client = Client() # not logged in: should be redirected to login page response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 302) # log in as student "0aaa0" client.login_user("0aaa0") p = Person.objects.get(userid="0aaa0") # not in the course: should get 403 Forbidden response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 403) # add to course and try again m = Member(person=p, offering=c, role="STUD", credits=3, career="UGRD", added_reason="UNK") m.save() response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 200) validate_content(self, response.content, c.get_absolute_url()) # dropped students should be forbidden m.role="DROP" m.save() response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 403)
def test_staff_page(self): """ Check the requires_course_staff_by_slug decorator. """ # a URL and some members/non-members url = reverse('grades.views.class_list', kwargs={'course_slug': TEST_COURSE_SLUG}) instr = "ggbaker" ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='TA')[0].person.userid student = "0aaa0" nobody = "0bbb6" client = Client() # try without logging in response = client.get(url) self.assertEquals(response.status_code, 302) # try as instructor client.login_user(instr) response = client.get(url) self.assertEquals(response.status_code, 200) validate_content(self, response.content, url) # try as TA client.login_user(ta) response = client.get(url) self.assertEquals(response.status_code, 200) # try as student client.login_user(student) response = client.get(url) self.assertEquals(response.status_code, 403) # try as non-member client.login_user(nobody) response = client.get(url) self.assertEquals(response.status_code, 403)
def test_grad_quicksearch(self): """ Tests grad quicksearch (index page) functionality """ client = Client() test_auth(client, 'ggbaker') response = client.get(reverse('grad.views.index')) self.assertEqual(response.status_code, 200) # AJAX calls for autocomplete return JSON response = client.get(reverse('grad.views.quick_search')+'?term=grad') self.assertEqual(response.status_code, 200) self.assertEqual(response['content-type'], 'application/json') # get this grad's slug from the search autocomplete = json.loads(response.content) grad_slug = [d['value'] for d in autocomplete if d['value'].startswith(self.gs_userid)][0] # search submit with gradstudent slug redirects to page response = client.get(reverse('grad.views.quick_search')+'?search='+grad_slug) self.assertEqual(response.status_code, 302) self.assertTrue(response['location'].endswith( reverse('grad.views.view', kwargs={'grad_slug': grad_slug}) )) # search submit with non-slug redirects to "did you mean" page response = client.get(reverse('grad.views.quick_search')+'?search=' + self.gs_userid[0:4]) self.assertEqual(response.status_code, 302) self.assertTrue(response['location'].endswith( reverse('grad.views.not_found')+"?search=" + self.gs_userid[0:4] )) response = client.get(response['location']) gradlist = response.context['grads'] self.assertEqual(len(gradlist), 1) self.assertEqual(gradlist[0], GradStudent.objects.get(person__userid=self.gs_userid))
def test_course_page(self): """ Check out a course front-page """ _, c = create_offering() client = Client() # not logged in: should be redirected to login page response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 302) # log in as student "0aaa0" client.login_user("0aaa0") p = Person.objects.get(userid="0aaa0") # not in the course: should get 403 Forbidden response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 403) # add to course and try again m = Member(person=p, offering=c, role="STUD", credits=3, career="UGRD", added_reason="UNK") m.save() response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 200) validate_content(self, response.content, c.get_absolute_url()) # dropped students should be forbidden m.role="DROP" m.save() response = client.get(c.get_absolute_url()) self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self): client = Client() # First, without logging in: url = reverse('outreach:outreach_index') response = client.get(url) self.assertEqual(response.status_code, 302) # Now log in but without the correct role client.login_user('pba7') response = client.get(url) self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self): client = Client() # First, without logging in: url = reverse('outreach:outreach_index') response = client.get(url) self.assertEqual(response.status_code, 302) # Now log in but without the correct role client.login_user('pba7') response = client.get(url) self.assertEqual(response.status_code, 403)
def test_impersonation(self): """ Test impersonation logic """ client = Client() url = reverse('offering:groups:groupmanage', kwargs={'course_slug': TEST_COURSE_SLUG}) # login as a sysadmin client.login_user('pba7') # not instructor, so can't really access response = client.get(url) self.assertEquals(response.status_code, 403) # ...but can impersonate instructor response = client.get(url, {"__impersonate": "ggbaker"}) self.assertEquals(response.status_code, 200) self.assertContains(response, 'Logged in as ggbaker') # login as student client.login_user("0aaa0") # can access normally response = client.get(url) self.assertEquals(response.status_code, 200) self.assertContains(response, 'Logged in as 0aaa0') # try to impersonate anybody: not allowed response = client.get(url, {"__impersonate": "0aaa1"}) self.assertEquals(response.status_code, 403) response = client.get(url, {"__impersonate": "ggbaker"}) self.assertEquals(response.status_code, 403) # login as instructor client.login_user("ggbaker") # can access course page response = client.get(url) self.assertEquals(response.status_code, 200) self.assertContains(response, 'Logged in as ggbaker') # try to impersonate non-student: not allowed response = client.get(url, {"__impersonate": "dzhao"}) self.assertEquals(response.status_code, 403) # try to impersonate student: should be them response = client.get(url, {"__impersonate": "0aaa0"}) self.assertEquals(response.status_code, 200) self.assertContains(response, 'Logged in as 0aaa0') # try some other course: shouldn't be able to impersonate url = reverse('offering:groups:groupmanage', kwargs={'course_slug': '1114-cmpt-310-d100'}) response = client.get(url, {"__impersonate": "0aaa0"}) self.assertEquals(response.status_code, 403) # try non-course URL as non-admin: shouldn't be able to impersonate client.login_user("diana") url = reverse('dashboard:index', kwargs={}) response = client.get(url, {"__impersonate": "0aaa0"}) self.assertEquals(response.status_code, 403)
def test_permissions(self): """ Make sure the basic permission things are as-expected. """ c = Client() # a role reminder: users with the role, but not others r = Reminder( reminder_type='ROLE', role='ADVS', unit=Unit.objects.get(slug='cmpt'), date_type='SEM', week=4, weekday=0, person=Person.objects.get(userid='ggbaker'), title='Advisor reminder', content='foo', ) r.save() url = reverse('reminders:view', kwargs={'reminder_slug': r.slug}) c.login_user('ggbaker') resp = c.get(url) self.assertEqual(resp.status_code, 404) c.login_user('dzhao') resp = c.get(url) self.assertEqual(resp.status_code, 200) # a personal reminder: that person only r = Reminder(reminder_type='PERS', date_type='YEAR', month='5', day=31, person=Person.objects.get(userid='ggbaker'), title='Personal reminder', content='### Heading\n\nfoo *bar*', config={'markup': 'markdown'}) r.save() url = reverse('reminders:view', kwargs={'reminder_slug': r.slug}) c.login_user('ggbaker') resp = c.get(url) self.assertEqual(resp.status_code, 200) c.login_user('dzhao') resp = c.get(url) self.assertEqual(resp.status_code, 404) # test the HTML generation while we're here self.assertEqual(r.html_content().replace('\n', ''), '<h3>Heading</h3><p>foo <em>bar</em></p>')
def test_impersonation(self): """ Test impersonation logic """ client = Client() url = reverse('offering:groups:groupmanage', kwargs={'course_slug': TEST_COURSE_SLUG}) # login as a sysadmin client.login_user('pba7') # not instructor, so can't really access response = client.get(url) self.assertEqual(response.status_code, 403) # ...but can impersonate instructor response = client.get(url, {"__impersonate": "ggbaker"}) self.assertEqual(response.status_code, 200) self.assertContains(response, 'Logged in as ggbaker') # login as student client.login_user("0aaa0") # can access normally response = client.get(url) self.assertEqual(response.status_code, 200) self.assertContains(response, 'Logged in as 0aaa0') # try to impersonate anybody: not allowed response = client.get(url, {"__impersonate": "0aaa1"}) self.assertEqual(response.status_code, 403) response = client.get(url, {"__impersonate": "ggbaker"}) self.assertEqual(response.status_code, 403) # login as instructor client.login_user("ggbaker") # can access course page response = client.get(url) self.assertEqual(response.status_code, 200) self.assertContains(response, 'Logged in as ggbaker') # try to impersonate non-student: not allowed response = client.get(url, {"__impersonate": "dzhao"}) self.assertEqual(response.status_code, 403) # try to impersonate student: should be them response = client.get(url, {"__impersonate": "0aaa0"}) self.assertEqual(response.status_code, 200) self.assertContains(response, 'Logged in as 0aaa0') # try some other course: shouldn't be able to impersonate url = reverse('offering:groups:groupmanage', kwargs={'course_slug': '1114-cmpt-310-d100'}) response = client.get(url, {"__impersonate": "0aaa0"}) self.assertEqual(response.status_code, 403) # try non-course URL as non-admin: shouldn't be able to impersonate client.login_user("diana") url = reverse('dashboard:index', kwargs={}) response = client.get(url, {"__impersonate": "0aaa0"}) self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self): client = Client() contract_id = 1 url = reverse('sessionals:sessionals_index') response = client.get(url) self.assertEqual(response.status_code, 302) # Now log in but without the correct role client.login_user('foo') response = client.get(url) self.assertEqual(response.status_code, 403) url = reverse('sessionals:delete_contract', kwargs={'contract_id': contract_id}) response = client.post(url, follow=True) self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self): client = Client() contract_id = 1 url = reverse('sessionals:sessionals_index') response = client.get(url) self.assertEquals(response.status_code, 302) # Now log in but without the correct role client.login_user('foo') response = client.get(url) self.assertEquals(response.status_code, 403) url = reverse('sessionals:delete_contract', kwargs={'contract_id': contract_id}) response = client.post(url, follow=True) self.assertEquals(response.status_code, 403)
def test_workflow(self): """ Test the privacy policy workflow and page exclusions """ # clear privacy agreement from test data p = Person.objects.get(userid='dzhao') p.config = {} p.save() client = Client() client.login_user(p.userid) privacy_url = reverse('privacy.views.privacy') # non-role page should still render url = reverse('dashboard.views.index') basic_page_tests(self, client, url) # but role page should redirect to agreement url = reverse('advisornotes.views.advising') response = client.get(url) self.assertRedirects(response, privacy_url + '?next=' + url) # check privacy page basic_page_tests(self, client, privacy_url) # submit and expect recorded agreement response = client.post(privacy_url + '?next=' + url, {'agree': 'on'}) self.assertRedirects(response, url) p = Person.objects.get(userid='dzhao') self.assertTrue(p.config['privacy_signed']) # now we should be able to access basic_page_tests(self, client, url)
def test_annual_teaching(self): """ Test the annual teaching value entry field """ person = Person.objects.get(userid='ggbaker') unit = Unit.objects.get(slug='cmpt') editor = Person.objects.get(userid='dzhao') etype = 'NORM_TEACH' event = CareerEvent.objects.filter(unit=unit, person=person, event_type=etype)[0] event.config['load'] = 2 # 2 courses/semester in database should be 6/year to the user event.get_handler().save(editor) c = Client() c.login_user(editor.userid) # make sure the form renders with value="6" url = reverse('faculty:change_event', kwargs={'userid': person.userid, 'event_slug': event.slug}) resp = c.get(url) inputs = [l for l in resp.content.split(b'\n') if b'name="load"' in l] inputs_correct_value = [l for l in inputs if b'value="6"' in l] self.assertEqual(len(inputs_correct_value), 1) # POST a change and make sure the right value ends up in the DB data = { 'start_date_0': '2000-09-01', 'end_date_0': '', 'unit': str(unit.id), 'load': '5', 'comments': '', } c.post(url, data) new_ce = CareerEvent.objects.filter(unit=unit, person=person, event_type=etype)[0] self.assertEqual(new_ce.config['load'], '5/3')
def test_workflow(self): """ Test the privacy policy workflow and page exclusions """ # clear privacy agreement from test data p = Person.objects.get(userid='dzhao') p.config = {} p.save() client = Client() client.login_user(p.userid) privacy_url = reverse('config:privacy') # non-role page should still render url = reverse('dashboard:index') basic_page_tests(self, client, url) # but role page should redirect to agreement url = reverse('advising:advising') response = client.get(url) self.assertRedirects(response, privacy_url + '?next=' + url) # check privacy page basic_page_tests(self, client, privacy_url) # submit and expect recorded agreement response = client.post(privacy_url + '?next=' + url, {'agree': 'on'}) self.assertRedirects(response, url) p = Person.objects.get(userid='dzhao') self.assertTrue(p.config['privacy_signed']) # now we should be able to access basic_page_tests(self, client, url)
def test_grad_letters(self): """ Check handling of letters for grad students """ client = Client() test_auth(client, 'ggbaker') gs = GradStudent.objects.get(person__userid=self.gs_userid) # get template text and make sure substitutions are made lt = LetterTemplate.objects.get(label="Funding") url = reverse('grad.views.get_letter_text', kwargs={'grad_slug': gs.slug, 'letter_template_id': lt.id}) response = client.get(url) self.assertEqual(response.status_code, 200) self.assertContains(response, 'M Grad is making satisfactory progress') content = unicode(response.content) # create a letter with that content l = Letter(student=gs, date=datetime.date.today(), to_lines="The Student\nSFU", template=lt, created_by='ggbaker', content=content) l.save() url = reverse('grad.views.view_letter', kwargs={'grad_slug': gs.slug, 'letter_slug': l.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('grad.views.copy_letter', kwargs={'grad_slug': gs.slug, 'letter_slug': l.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200)
def test_pages(self): """ Test basic page rendering """ c = Client() c.login_user('dzhao') test_views(self, c, 'ra:', ['search', 'new', 'accounts_index', 'new_account', 'projects_index', 'new_project', 'semester_config', 'browse'], {}) test_views(self, c, 'ra:', ['found'], {}, qs='search=grad') ra = RAAppointment.objects.filter(unit__label='CMPT')[0] p = ra.person test_views(self, c, 'ra:', ['student_appointments', 'new_student'], {'userid': p.userid}) test_views(self, c, 'ra:', ['edit', 'reappoint', 'view',], {'ra_slug': ra.slug}) # No offer text yet, we should get a redirect when trying to edit the letter text: url = reverse('ra:edit_letter', kwargs={'ra_slug': ra.slug}) response = c.get(url) self.assertEqual(response.status_code, 302) # Let's add some offer text and try again. ra.offer_letter_text='Some test text here' ra.save() test_views(self, c, 'ra:', ['edit_letter'], {'ra_slug': ra.slug}) # Make sure we can add attachments test_views(self, c, 'ra:', ['new_attachment'], {'ra_slug': ra.slug}) acct = Account.objects.filter(unit__label='CMPT')[0] test_views(self, c, 'ra:', ['edit_account'], {'account_slug': acct.slug}) proj = Project.objects.filter(unit__label='CMPT')[0] test_views(self, c, 'ra:', ['edit_project'], {'project_slug': proj.slug})
def test_pages(self): """ Test basic page rendering """ c = Client() c.login_user('dzhao') test_views(self, c, 'ra:', ['dashboard', 'new_request', 'browse'], {}) ra = RAAppointment.objects.filter(unit__label='CMPT')[0] p = ra.person test_views(self, c, 'ra:', ['edit', 'view'], {'ra_slug': ra.slug}) # No offer text yet, we should get a redirect when trying to edit the letter text: url = reverse('ra:edit_letter', kwargs={'ra_slug': ra.slug}) response = c.get(url) self.assertEqual(response.status_code, 302) # Let's add some offer text and try again. ra.offer_letter_text = 'Some test text here' ra.save() test_views(self, c, 'ra:', ['edit_letter'], {'ra_slug': ra.slug}) # Make sure we can add attachments test_views(self, c, 'ra:', ['new_attachment'], {'ra_slug': ra.slug}) # NEW RA # test basic pages test_views(self, c, 'ra:', [ 'browse_appointments', 'new_request', 'dashboard', 'active_appointments', 'advanced_search' ], {}) # test search test_views(self, c, 'ra:', ['appointee_appointments', 'supervisor_appointments'], {'userid': p.userid}) # create test rarequest u = Unit.objects.get(slug='cmpt') s = Person.objects.get(userid='dzhao') req = RARequest(person=p, unit=u, author=s, supervisor=s, config={}, hiring_category='RA', start_date=date(2021, 6, 1), end_date=date(2021, 9, 1), total_pay=1000) req.save() # test pages associated with an rarequest test_views(self, c, 'ra:', [ 'view_request', 'edit_request', 'reappoint_request', 'edit_request_notes', 'request_paf', 'request_offer_letter_update', 'new_admin_attachment' ], {'ra_slug': req.slug})
def test_that_grad_search_returns_200_ok(self): """ Tests that /grad/search is available. """ client = Client() test_auth(client, 'ggbaker') response = client.get(reverse('grad.views.search')) self.assertEqual(response.status_code, 200)
def test_that_grad_search_returns_200_ok(self): """ Tests that /grad/search is available. """ client = Client() client.login_user('dzhao') response = client.get(reverse('grad.views.search')) self.assertEqual(response.status_code, 200)
def test_that_grad_search_returns_200_ok(self): """ Tests that /grad/search is available. """ client = Client() test_auth(client, 'ggbaker') response = client.get(reverse('grad.views.search')) self.assertEqual(response.status_code, 200)
def test_that_grad_search_with_csv_option_returns_csv(self): client = Client() client.login_user('dzhao') response = client.get(reverse('grad.views.search'), { 'columns': 'person.first_name', 'csv': 'sure' }) self.assertEqual(response.status_code, 200) self.assertEqual(response['Content-Type'], 'text/csv')
def test_planning_admin_returns_403_forbidden(self): """ Tests basic page authentication for instructor """ raise SkipTest() client = Client() client.login_user("ggbaker") response = client.get(reverse('planning.views.admin_index')) self.assertEqual(response.status_code, 403)
def test_planning_admin_returns_403_forbidden(self): """ Tests basic page authentication for instructor """ raise SkipTest() client = Client() client.login_user("ggbaker") response = client.get(reverse('planning.views.admin_index')) self.assertEqual(response.status_code, 403)
def test_page_load(self): """ Tests that various pages load """ # as instructor... client = Client() client.login_user("ggbaker") url = reverse('offering:discussion:discussion_index', kwargs={'course_slug': self.offering.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('offering:discussion:create_topic', kwargs={'course_slug': self.offering.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('offering:discussion:view_topic', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('offering:discussion:change_topic_status', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('offering:discussion:download', kwargs={'course_slug': self.offering.slug}) response = basic_page_tests(self, client, url, check_valid=False) self.assertEqual(response.status_code, 200) # as the author of the topic/message client = Client() client.login_user(self.topic.author.person.userid) url = reverse('offering:discussion:edit_topic', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) client = Client() client.login_user(self.message.author.person.userid) url = reverse('offering:discussion:edit_message', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug, 'message_slug': self.message.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('offering:discussion:remove_message', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug, 'message_slug': self.message.slug}) response = client.post(url) self.assertEqual(response.status_code, 302) self.assertEqual(DiscussionMessage.objects.get(id=self.message.id).status, 'HID') # Make sure students can't download the json dump of discussions: member = Member.objects.filter(offering=self.offering, role='STUD').exclude(person__userid__isnull=True).first() client = Client() client.login_user(member.person.userid) url = reverse('offering:discussion:download', kwargs={'course_slug': self.offering.slug}) response = client.get(url) self.assertEqual(response.status_code, 403)
def test_grad_quicksearch(self): """ Tests grad quicksearch (index page) functionality """ client = Client() test_auth(client, 'ggbaker') response = client.get(reverse('grad.views.index')) self.assertEqual(response.status_code, 200) # AJAX calls for autocomplete return JSON response = client.get( reverse('grad.views.quick_search') + '?term=grad') self.assertEqual(response.status_code, 200) self.assertEqual(response['content-type'], 'application/json') # get this grad's slug from the search autocomplete = json.loads(response.content) grad_slug = [ d['value'] for d in autocomplete if d['value'].startswith(self.gs_userid) ][0] # search submit with gradstudent slug redirects to page response = client.get( reverse('grad.views.quick_search') + '?search=' + grad_slug) self.assertEqual(response.status_code, 302) self.assertTrue(response['location'].endswith( reverse('grad.views.view', kwargs={'grad_slug': grad_slug}))) # search submit with non-slug redirects to "did you mean" page response = client.get( reverse('grad.views.quick_search') + '?search=' + self.gs_userid[0:4]) self.assertEqual(response.status_code, 302) self.assertTrue(response['location'].endswith( reverse('grad.views.not_found') + "?search=" + self.gs_userid[0:4])) response = client.get(response['location']) gradlist = response.context['grads'] self.assertEqual(len(gradlist), 1) self.assertEqual( gradlist[0], GradStudent.objects.get(person__userid=self.gs_userid))
def test_role_access(self): r = Role.objects.filter(role='SYSA')[0] p = r.person p.config['privacy_signed'] = True p.save() client = Client() client.login_user(r.person.userid) url = reverse('sysadmin:new_role') # test data role expires in the future: should allow. resp = client.get(url) self.assertEqual(resp.status_code, 200) # expire the role: should now forbid. r.expiry = date.today() - timedelta(days=2) r.save() resp = client.get(url) self.assertEqual(resp.status_code, 403)
def test_migration_redirect(self): """ Redirecting after a migration """ c = Client() c.login_user('0aaa0') # sample pages crs = self._sample_setup() # fake the course-has-been-migrated situation p = crs.page_set.exclude(label='Index').first() p.config['migrated_to'] = ['2000sp-subj-000-d1', 'PageLabel'] p.can_read = 'ALL' p.save() url = reverse('offering:pages:view_page', kwargs={ 'course_slug': crs.slug, 'page_label': p.label }) # without course setting, shouldn't redirect resp = c.get(url) self.assertEqual(resp.status_code, 200) # instructor said yes to redirects: make sure page redirects crs.config['redirect_pages'] = True crs.save() resp = c.get(url) self.assertEqual(resp.status_code, 301) # instructor should see a "this will usually redirect" message c.login_user('ggbaker') resp = c.get(url) self.assertEqual(resp.status_code, 200) self.assertIn('redirect_url', resp.context) # make sure prevent_redirect is honoured c.login_user('0aaa0') p.config['prevent_redirect'] = True p.save() resp = c.get(url) self.assertEqual(resp.status_code, 200)
def test_role_access(self): r = Role.objects.filter(role='SYSA')[0] p = r.person p.config['privacy_signed'] = True p.config['privacy_da_signed'] = True p.save() client = Client() client.login_user(r.person.userid) url = reverse('sysadmin:new_role') # test data role expires in the future: should allow. resp = client.get(url) self.assertEqual(resp.status_code, 200) # expire the role: should now forbid. r.expiry = date.today() - timedelta(days=2) r.save() resp = client.get(url) self.assertEqual(resp.status_code, 403)
def test_permissions(self): """ Make sure the basic permission things are as-expected. """ c = Client() # a role reminder: users with the role, but not others r = Reminder(reminder_type='ROLE', role='ADVS', unit=Unit.objects.get(slug='cmpt'), date_type='SEM', week=4, weekday=0, person=Person.objects.get(userid='ggbaker'), title='Advisor reminder', content='foo',) r.save() url = reverse('reminders:view', kwargs={'reminder_slug': r.slug}) c.login_user('ggbaker') resp = c.get(url) self.assertEqual(resp.status_code, 404) c.login_user('dzhao') resp = c.get(url) self.assertEqual(resp.status_code, 200) # a personal reminder: that person only r = Reminder(reminder_type='PERS', date_type='YEAR', month='5', day=31, person=Person.objects.get(userid='ggbaker'), title='Personal reminder', content='### Heading\n\nfoo *bar*', config={'markup': 'markdown'}) r.save() url = reverse('reminders:view', kwargs={'reminder_slug': r.slug}) c.login_user('ggbaker') resp = c.get(url) self.assertEqual(resp.status_code, 200) c.login_user('dzhao') resp = c.get(url) self.assertEqual(resp.status_code, 404) # test the HTML generation while we're here self.assertEqual(r.html_content().replace('\n', ''), '<h3>Heading</h3><p>foo <em>bar</em></p>')
def test_migration_redirect(self): """ Redirecting after a migration """ c = Client() c.login_user('0aaa0') # sample pages crs = self._sample_setup() # fake the course-has-been-migrated situation p = crs.page_set.exclude(label='Index').first() p.config['migrated_to'] = ['2000sp-subj-000-d1', 'PageLabel'] p.can_read = 'ALL' p.save() url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': p.label}) # without course setting, shouldn't redirect resp = c.get(url) self.assertEqual(resp.status_code, 200) # instructor said yes to redirects: make sure page redirects crs.config['redirect_pages'] = True crs.save() resp = c.get(url) self.assertEqual(resp.status_code, 301) # instructor should see a "this will usually redirect" message c.login_user('ggbaker') resp = c.get(url) self.assertEqual(resp.status_code, 200) self.assertIn('redirect_url', resp.context) # make sure prevent_redirect is honoured c.login_user('0aaa0') p.config['prevent_redirect'] = True p.save() resp = c.get(url) self.assertEqual(resp.status_code, 200)
def test_inaccessible_pages(self): client = Client() # First, without logging in: url = reverse('space:index') response = client.get(url) self.assertEqual(response.status_code, 302) # Now log in but without the correct role client.login_user('pba7') response = client.get(url) self.assertEqual(response.status_code, 403) # We darn well better not be able to delete anything without the proper role: url = reverse('space:delete_booking', kwargs={'booking_id': self.booking.id}) response = client.post(url, follow=True) self.assertEqual(response.status_code, 403) url = reverse('space:delete_location', kwargs={'location_id': self.location.id}) response = client.post(url, follow=True) self.assertEqual(response.status_code, 403) url = reverse('space:delete_roomtype', kwargs={'roomtype_id': self.roomtype.id}) response = client.post(url, follow=True) self.assertEqual(response.status_code, 403)
def test_ajax(self): client = Client() call_command('update_index', 'coredata', verbosity=0) # make sure we have the same data in DB and haystack # test person autocomplete client.login_user("dzhao") p = Person.objects.get(userid='ggbaker') url = reverse('data:student_search') response = client.get(url, {'term': 'ggba'}) self.assertEqual(response.status_code, 200) self.assertEqual(response['content-type'], 'application/json') # should find this person data = json.loads(response.content.decode('utf8')) emplids = [str(d['value']) for d in data] self.assertIn(str(p.emplid), emplids)
def test_timing(self): """ Ensure that the quiz timing rules are enforced for students """ c = Client() c.login_user(self.s0.person.userid) url = reverse('offering:quiz:index', kwargs={'course_slug': self.offering.slug, 'activity_slug': self.activity.slug}) # quiz created in .setUp() is ongoing response = c.get(url) self.assertTemplateUsed(response, 'quizzes/index_student.html') self.assertEqual(response.status_code, 200) # quiz in the future shouldn't be visible self.quiz.start = now + hour self.quiz.end = now + 2*hour self.quiz.save() response = c.get(url) self.assertTemplateUsed(response, 'quizzes/unavailable.html') self.assertEqual(response.status_code, 403) # neither should a quiz in the past self.quiz.start = now - 2*hour self.quiz.end = now - hour self.quiz.save() response = c.get(url) self.assertTemplateUsed(response, 'quizzes/unavailable.html') self.assertEqual(response.status_code, 403) # but the student with the special case has it honoured c.login_user(self.s1.person.userid) response = c.get(url) self.assertTemplateUsed(response, 'quizzes/index_student.html') self.assertEqual(response.status_code, 200)
def test_front_page(self): # log in as student in the course userid = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role="STUD")[0].person.userid client = Client() client.login_user(userid) response = client.get("/") self.assertEqual(response.status_code, 200) # this student is in this course: check for a link to its page (but it only appears after start of semester) c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG) if c.semester.start < datetime.date.today(): self.assertContains(response, '<a href="%s"' % (c.get_absolute_url()) ) validate_content(self, response.content, "index page")
def test_redirect(self): """ Redirecting with redirect stub """ crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG) memb = Member.objects.get(offering=crs, person__userid="ggbaker") p = Page(offering=crs, label="Test") p.save() v = PageVersion(page=p, title="Test Page", wikitext="one +two+ three +four+", editor=memb) v.save() c = Client() # normal pages still viewable url = reverse('offering:pages:view_page', kwargs={ 'course_slug': crs.slug, 'page_label': 'Test' }) response = c.get(url) self.assertEqual(response.status_code, 200) v = PageVersion(page=p, redirect='NewLocation', editor=memb) v.save() response = c.get(url) self.assertEqual(response.status_code, 301) redir_url = reverse('offering:pages:view_page', kwargs={ 'course_slug': crs.slug, 'page_label': 'NewLocation' }) self.assertTrue(response['location'].endswith(redir_url))
def test_front_page(self): # log in as student in the course userid = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role="STUD")[0].person.userid client = Client() client.login_user(userid) response = client.get("/") self.assertEqual(response.status_code, 200) # this student is in this course: check for a link to its page (but it only appears after start of semester) c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG) if c.semester.start < datetime.date.today(): self.assertContains(response, '<a href="%s"' % (c.get_absolute_url()) ) validate_content(self, response.content, "index page")
def test_ajax(self): client = Client() call_command('update_index', 'coredata', verbosity=0) # make sure we have the same data in DB and haystack # test person autocomplete client.login_user("dzhao") p = Person.objects.get(userid='ggbaker') url = reverse('data:student_search') response = client.get(url, {'term': 'ggba'}) self.assertEqual(response.status_code, 200) self.assertEqual(response['content-type'], 'application/json') # should find this person data = json.loads(response.content) emplids = [str(d['value']) for d in data] self.assertIn(str(p.emplid), emplids)
def test_pages(self): """ Test basic page rendering """ c = Client() c.login_user('dzhao') test_views(self, c, 'ra:', [ 'search', 'new', 'accounts_index', 'new_account', 'projects_index', 'new_project', 'semester_config', 'browse' ], {}) test_views(self, c, 'ra:', ['found'], {}, qs='search=grad') test_views(self, c, 'ra:', ['dashboard', 'new_request'], {}) ra = RAAppointment.objects.filter(unit__label='CMPT')[0] p = ra.person test_views(self, c, 'ra:', ['student_appointments', 'new_student'], {'userid': p.userid}) test_views(self, c, 'ra:', [ 'edit', 'reappoint', 'view', ], {'ra_slug': ra.slug}) # No offer text yet, we should get a redirect when trying to edit the letter text: url = reverse('ra:edit_letter', kwargs={'ra_slug': ra.slug}) response = c.get(url) self.assertEqual(response.status_code, 302) # Let's add some offer text and try again. ra.offer_letter_text = 'Some test text here' ra.save() test_views(self, c, 'ra:', ['edit_letter'], {'ra_slug': ra.slug}) # Make sure we can add attachments test_views(self, c, 'ra:', ['new_attachment'], {'ra_slug': ra.slug}) acct = Account.objects.filter(unit__label='CMPT')[0] test_views(self, c, 'ra:', ['edit_account'], {'account_slug': acct.slug}) proj = Project.objects.filter(unit__label='CMPT')[0] test_views(self, c, 'ra:', ['edit_project'], {'project_slug': proj.slug})
def test_grad_letters(self): """ Check handling of letters for grad students """ client = Client() client.login_user('dzhao') gs = self.gs # get template text and make sure substitutions are made lt = LetterTemplate.objects.get(label="Funding") url = reverse('grad.views.get_letter_text', kwargs={ 'grad_slug': gs.slug, 'letter_template_id': lt.id }) response = client.get(url) self.assertEqual(response.status_code, 200) self.assertContains( response, gs.person.get_title() + ' ' + gs.person.last_name + ' is making satisfactory progress') content = response.content.decode('utf-8') # create a letter with that content l = Letter(student=gs, date=datetime.date.today(), to_lines="The Student\nSFU", template=lt, created_by='ggbaker', content=content) l.save() url = reverse('grad.views.view_letter', kwargs={ 'grad_slug': gs.slug, 'letter_slug': l.slug }) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('grad.views.copy_letter', kwargs={ 'grad_slug': gs.slug, 'letter_slug': l.slug }) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200)
def test_course_browser(self): client = Client() s, c = create_offering() # the main search/filter page url = reverse('browse:browse_courses') response = basic_page_tests(self, client, url) # AJAX request for table data url += '?tabledata=yes&data_type=json&iDisplayStart=0&iDisplayLength=10&iSortingCols=0' response = client.get(url) data = json.loads(response.content.decode('utf8')) self.assertEqual(len(data['aaData']), 10) # courseoffering detail page url = reverse('browse:browse_courses_info', kwargs={'course_slug': TEST_COURSE_SLUG}) response = basic_page_tests(self, client, url)
def test_course_browser(self): client = Client() s, c = create_offering() # the main search/filter page url = reverse('coredata.views.browse_courses') response = basic_page_tests(self, client, url) # AJAX request for table data url += '?tabledata=yes&data_type=json&iDisplayLength=25' response = client.get(url) data = json.loads(response.content) self.assertEquals(len(data['aaData']), 25) # courseoffering detail page url = reverse('coredata.views.browse_courses_info', kwargs={'course_slug': TEST_COURSE_SLUG}) response = basic_page_tests(self, client, url)
def test_staff_page(self): """ Check the requires_course_staff_by_slug decorator. """ # force the test course's semester to be "current" so the TA still has access semester = CourseOffering.objects.get(slug=TEST_COURSE_SLUG).semester today = datetime.date.today() semester.start = today semester.end = today + datetime.timedelta(days=90) semester.save() # a URL and some members/non-members url = reverse('offering:class_list', kwargs={'course_slug': TEST_COURSE_SLUG}) instr = "ggbaker" ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='TA')[0].person.userid student = "0aaa0" nobody = "0bbb6" client = Client() # try without logging in response = client.get(url) self.assertEqual(response.status_code, 302) # try as instructor client.login_user(instr) response = client.get(url) self.assertEqual(response.status_code, 200) validate_content(self, response.content, url) # try as TA. client.login_user(ta) response = client.get(url) self.assertEqual(response.status_code, 200) # try as student client.login_user(student) response = client.get(url) self.assertEqual(response.status_code, 403) # try as non-member client.login_user(nobody) response = client.get(url) self.assertEqual(response.status_code, 403) # try again as TA, but cheat by changing the semester for the course first. We also have to change something # else, in this case, the section, in order to avoid violating unique constraints when saving it. c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG) c.semester = Semester.current() c.section = 'q100' c.save() client.login_user(ta) response = client.get(url) self.assertEqual(response.status_code, 200)
def test_course_browser(self): client = Client() s, c = create_offering() # the main search/filter page url = reverse('browse:browse_courses') response = basic_page_tests(self, client, url) # AJAX request for table data url += '?tabledata=yes&data_type=json&iDisplayStart=0&iDisplayLength=10&iSortingCols=0' response = client.get(url) data = json.loads(response.content.decode('utf8')) self.assertEqual(len(data['aaData']), 10) # courseoffering detail page url = reverse('browse:browse_courses_info', kwargs={'course_slug': TEST_COURSE_SLUG}) response = basic_page_tests(self, client, url)
def test_annual_teaching(self): """ Test the annual teaching value entry field """ person = Person.objects.get(userid='ggbaker') unit = Unit.objects.get(slug='cmpt') editor = Person.objects.get(userid='dzhao') etype = 'NORM_TEACH' event = CareerEvent.objects.filter(unit=unit, person=person, event_type=etype)[0] event.config[ 'load'] = 2 # 2 courses/semester in database should be 6/year to the user event.get_handler().save(editor) c = Client() c.login_user(editor.userid) # make sure the form renders with value="6" url = reverse('faculty:change_event', kwargs={ 'userid': person.userid, 'event_slug': event.slug }) resp = c.get(url) inputs = [l for l in resp.content.split(b'\n') if b'name="load"' in l] inputs_correct_value = [l for l in inputs if b'value="6"' in l] self.assertEqual(len(inputs_correct_value), 1) # POST a change and make sure the right value ends up in the DB data = { 'start_date_0': '2000-09-01', 'end_date_0': '', 'unit': str(unit.id), 'load': '5', 'comments': '', } c.post(url, data) new_ce = CareerEvent.objects.filter(unit=unit, person=person, event_type=etype)[0] self.assertEqual(new_ce.config['load'], '5/3')
def test_staff_page(self): """ Check the requires_course_staff_by_slug decorator. """ # a URL and some members/non-members url = reverse('offering:class_list', kwargs={'course_slug': TEST_COURSE_SLUG}) instr = "ggbaker" ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='TA')[0].person.userid student = "0aaa0" nobody = "0bbb6" client = Client() # try without logging in response = client.get(url) self.assertEqual(response.status_code, 302) # try as instructor client.login_user(instr) response = client.get(url) self.assertEqual(response.status_code, 200) validate_content(self, response.content, url) # try as TA. client.login_user(ta) response = client.get(url) self.assertEqual(response.status_code, 200) # try as student client.login_user(student) response = client.get(url) self.assertEqual(response.status_code, 403) # try as non-member client.login_user(nobody) response = client.get(url) self.assertEqual(response.status_code, 403) # try again as TA, but cheat by changing the semester for the course first. We also have to change something # else, in this case, the section, in order to avoid violating unique constraints when saving it. c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG) c.semester = Semester.current() c.section = 'q100' c.save() client.login_user(ta) response = client.get(url) self.assertEqual(response.status_code, 200)
def test_userconfig(self): """ Test user configuration """ tokenre = re.compile("^[0-9a-f]{32}$") client = Client() userid = "0aaa0" client.login_user(userid) configurl = reverse('config:config', kwargs={}) response = client.get(configurl) self.assertEqual(response.status_code, 200) self.assertContains(response, "You do not currently have the external news feed") self.assertContains(response, "You do not currently have the external calendar") # activate calendar url = reverse('config:create_calendar_url', kwargs={}) response = client.post(url, {'agree': 'on'}) self.assertEqual(response.status_code, 302) response = client.get(configurl) self.assertEqual(response.status_code, 200) self.assertContains(response, "You do not currently have the external news feed") self.assertContains(response, "You can get your calendar as iCalendar") confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config') self.assertEqual(len(confs), 1) uc = confs[0] token = uc.value['token'] self.assertIsNotNone(tokenre.match(token)) url = reverse('calendar:calendar_ical', kwargs={'token': token, 'userid': userid}) response = client.get(url) self.assertEqual(response.status_code, 200) self.assertContains(response, "BEGIN:VCALENDAR") self.assertContains(response, "END:VCALENDAR") # change calendar URL url = reverse('config:create_calendar_url', kwargs={}) response = client.post(url, {'agree': 'on'}) self.assertEqual(response.status_code, 302) confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config') self.assertEqual(len(confs), 1) self.assertNotEqual(token, confs[0].value['token']) # disable and re-enable calendar URL url = reverse('config:disable_calendar_url', kwargs={}) response = client.post(url, {'agree': 'on'}) self.assertEqual(response.status_code, 302) confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config') self.assertEqual(len(confs), 1) self.assertTrue('token' not in confs[0].value) url = reverse('config:create_calendar_url', kwargs={}) response = client.post(url, {'agree': 'on'}) confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config') self.assertEqual(len(confs), 1) self.assertIsNotNone(tokenre.match(confs[0].value['token'])) # activate feed url = reverse('config:create_news_url', kwargs={}) response = client.post(url, {'agree': 'on'}) self.assertEqual(response.status_code, 302) response = client.get(configurl) self.assertEqual(response.status_code, 200) self.assertContains(response, "Your external news feed is currently enabled") self.assertContains(response, "You can get your calendar as iCalendar") confs = UserConfig.objects.filter(user__userid=userid, key='feed-token') self.assertEqual(len(confs), 1) uc = confs[0] token = uc.value['token'] self.assertIsNotNone(tokenre.match(token)) url = reverse('news:atom_feed', kwargs={'token': token, 'userid': userid}) response = client.get(url) self.assertEqual(response.status_code, 200) self.assertContains(response, '<feed xmlns="http://www.w3.org/2005/Atom">') # change feed URL url = reverse('config:create_news_url', kwargs={}) response = client.post(url, {'agree': 'on'}) self.assertEqual(response.status_code, 302) confs = UserConfig.objects.filter(user__userid=userid, key='feed-token') self.assertEqual(len(confs), 1) self.assertNotEqual(token, confs[0].value['token']) # disable and re-enable feed URL url = reverse('config:disable_news_url', kwargs={}) response = client.post(url, {'agree': 'on'}) self.assertEqual(response.status_code, 302) confs = UserConfig.objects.filter(user__userid=userid, key='feed-token') self.assertEqual(len(confs), 0) url = reverse('config:create_news_url', kwargs={}) response = client.post(url, {'agree': 'on'}) confs = UserConfig.objects.filter(user__userid=userid, key='feed-token') self.assertEqual(len(confs), 1) self.assertIsNotNone(tokenre.match(confs[0].value['token']))
def test_permissions(self): """ Test page access control behaviour. """ crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG) memb = Member.objects.filter(offering=crs, role='INST').first() inst = memb.person ta = Member.objects.filter(offering=crs, role='TA').first().person stud = Member.objects.filter(offering=crs, role='STUD').first().person non_member = Person.objects.get(userid='dixon') assert not Member.objects.filter(offering=crs, person=non_member) p = Page(offering=crs, label="Test", can_read='STAF', can_write='INST') p.save() v = PageVersion(page=p, title="Test Page", wikitext="Page contents", editor=memb) v.save() # page-viewing permissions c = Client() url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'Test'}) c.logout() response = c.get(url) self.assertEqual(response.status_code, 403) c.login_user(inst.userid) response = c.get(url) self.assertEqual(response.status_code, 200) c.login_user(ta.userid) response = c.get(url) self.assertEqual(response.status_code, 200) c.login_user(stud.userid) response = c.get(url) self.assertEqual(response.status_code, 403) c.login_user(non_member.userid) response = c.get(url) self.assertEqual(response.status_code, 403) # ... but with a PagePermission object, non_member can access pp = PagePermission(person=non_member, offering=crs, role='INST') pp.save() response = c.get(url) self.assertEqual(response.status_code, 200) # page-editing permissions url = reverse('offering:pages:edit_page', kwargs={'course_slug': crs.slug, 'page_label': 'Test'}) c.logout() response = c.get(url) self.assertEqual(response.status_code, 302) # redirect to log in c.login_user(inst.userid) response = c.get(url) self.assertEqual(response.status_code, 200) c.login_user(ta.userid) response = c.get(url) self.assertEqual(response.status_code, 403) c.login_user(stud.userid) response = c.get(url) self.assertEqual(response.status_code, 403) # editing with PagePermission not implemented c.login_user(non_member.userid) response = c.get(url) self.assertEqual(response.status_code, 403)
def test_new_nonstudent_not_advisor(self): client = Client() client.login_user("0ppp0") response = client.get(reverse('advising:new_nonstudent')) self.assertEqual(response.status_code, 403, "Student shouldn't have access")
def test_grad_student_pages(self): """ Check the pages for a grad student and make sure they all load """ client = Client() test_auth(client, 'ggbaker') gs = self.__make_test_grad() lt = LetterTemplate(unit=gs.program.unit, label='Template', content="This is the\n\nletter for {{first_name}}.") lt.save() url = reverse('grad.views.get_letter_text', kwargs={'grad_slug': gs.slug, 'letter_template_id': lt.id}) content = client.get(url).content Letter(student=gs, template=lt, date=datetime.date.today(), content=content).save() url = reverse('grad.views.view', kwargs={'grad_slug': gs.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) # sections of the main gradstudent view that can be loaded for section in all_sections: url = reverse('grad.views.view', kwargs={'grad_slug': gs.slug}) # check fragment fetch for AJAX try: response = client.get(url, {'section': section}) self.assertEqual(response.status_code, 200) except: print "with section==" + repr(section) raise # check section in page try: response = basic_page_tests(self, client, url + '?_escaped_fragment_=' + section) self.assertEqual(response.status_code, 200) except: print "with section==" + repr(section) raise # check all sections together url = url + '?_escaped_fragment_=' + ','.join(all_sections) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) # check management pages for view in ['financials', 'manage_general', 'manage_requirements', 'manage_scholarships', 'manage_otherfunding', 'manage_promises', 'manage_letters', 'manage_status', 'manage_supervisors', 'manage_program', 'manage_start_end_semesters', 'manage_financialcomments', 'manage_defence', 'manage_progress', 'manage_documents']: try: url = reverse('grad.views.'+view, kwargs={'grad_slug': gs.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) except: print "with view==" + repr(view) raise for style in STYLES: url = reverse('grad.views.financials', kwargs={'grad_slug': gs.slug, 'style': style}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200) url = reverse('grad.views.new_letter', kwargs={'grad_slug': gs.slug, 'letter_template_slug': lt.slug}) response = basic_page_tests(self, client, url) self.assertEqual(response.status_code, 200)
def test_that_grad_search_with_csv_option_returns_csv(self): client = Client() test_auth(client, 'ggbaker') response = client.get(reverse('grad.views.search'), {'columns':'person.first_name', 'csv':'sure'}) self.assertEqual(response.status_code, 200) self.assertEqual(response['Content-Type'], 'text/csv')
class BasicTest(TestCase): fixtures = ['basedata', 'coredata', 'grades'] def setUp(self): self.c_slug = TEST_COURSE_SLUG self.client = Client() def test_add_activity_components(self): c = CourseOffering.objects.get(slug = self.c_slug) #add a numeric activity and its components a = NumericActivity(offering = c, name = 'test_assignment_1', \ short_name = 'ta1', status = 'RLS', \ due_date = datetime.now(), max_grade = 100, position = 0) a.save() co1 = ActivityComponent(numeric_activity = a, title = 'part1', max_mark = 20, position = 1) co2 = ActivityComponent(numeric_activity = a, title = 'part2', max_mark = 30, position = 2) co3 = ActivityComponent(numeric_activity = a, title = 'part3', max_mark = 50, position = 3) co1.save() co2.save() co3.save() self.client.login_user('ggbaker') response = basic_page_tests(self, self.client, reverse('offering:marking:manage_activity_components', args=(self.c_slug,a.slug))) forms = response.context['formset'].forms self.assertEqual(forms[0].instance.title, 'part1') self.assertEqual(forms[1].instance.title, 'part2') self.assertEqual(forms[2].instance.title, 'part3') def test_add_common_problems(self): c = CourseOffering.objects.get(slug = self.c_slug) a = NumericActivity(offering = c, name = 'test_assignment_1', \ short_name = 'ta1', status = 'RLS', \ due_date = datetime.now(), max_grade = 100, position = 1) a.save() co1 = ActivityComponent(numeric_activity = a, title = 'part1', max_mark = 50, position = 1) co2 = ActivityComponent(numeric_activity = a, title = 'part2', max_mark = 50, position = 2) co1.save() co2.save() #add some common problems cp1 = CommonProblem(activity_component = co1, title = 'cp1', penalty="0") cp2 = CommonProblem(activity_component = co1, title = 'cp2', penalty="1.12") cp3 = CommonProblem(activity_component = co2, title = 'cp3', penalty="-2.3") cp1.save() cp2.save() cp3.save() self.client.login_user('ggbaker') response = basic_page_tests(self, self.client, reverse('offering:marking:manage_common_problems', args=(self.c_slug,a.slug))) forms = response.context['formset'].forms ins0 = forms[0].instance ins1 = forms[1].instance ins2 = forms[2].instance self.assertEqual(ins0.title, 'cp1') self.assertEqual(ins0.activity_component, co1) self.assertEqual(ins1.title, 'cp2') self.assertEqual(ins1.activity_component, co1) self.assertEqual(ins2.title, 'cp3') self.assertEqual(ins2.activity_component, co2) #test the marking page as well url = reverse('offering:marking:marking_student', args=(self.c_slug, a.slug, '0aaa0')) response = basic_page_tests(self, self.client, url) mark_components = response.context['component_data'] com1 = mark_components[0] com2 = mark_components[1] self.assertEqual(com1['component'], co1) self.assertEqual(len(com1['common_problems']), 2) self.assertEqual(com2['component'], co2) self.assertEqual(len(com2['common_problems']), 1) def test_post_activity_components(self): c = CourseOffering.objects.get(slug = self.c_slug) #add a numeric activity and its components a = NumericActivity(offering = c, name = 'test_assignment_1', \ short_name = 'ta1', status = 'RLS', \ due_date = datetime.now(), max_grade = 100, position = 0) a.save() self.client.login_user('ggbaker') url = reverse('offering:marking:manage_activity_components', args=(self.c_slug, a.slug)) # 2 forms for the first 2 components to add post_data = {'form-0-id' : ['', ''], 'form-1-id' : ['', ''], 'form-0-title': ['part1'], 'form-1-title': ['part2'], 'form-0-max_mark' : ['20'], 'form-1-max_mark': ['20'], 'form-0-description' : ['basic1'], 'form-1-description': ['basic2'], 'form-TOTAL_FORMS' : ['3'], 'form-INITIAL_FORMS':['0']} response = self.client.post(url, post_data, follow = True) self.assertEqual(response.status_code, 200) cps = ActivityComponent.objects.filter(numeric_activity = a, deleted = False) self.assertEqual(len(cps), 2) self.assertEqual(cps[0].title, 'part1') self.assertEqual(cps[1].title, 'part2') # keep the first 2 components, and add 2 more new components post_data2 = {'form-2-id' : ['', ''], 'form-3-id' : ['', ''], 'form-2-title': ['part3'], 'form-3-title': ['part4'], 'form-2-max_mark' : ['30'], 'form-3-max_mark': ['30'], 'form-2-description' : ['advanced1'], 'form-3-description': ['advanced2'], } post_data.update(post_data2) post_data['form-0-id'] = [str(cps[0].id), str(cps[0].id)] post_data['form-1-id'] = [str(cps[1].id), str(cps[1].id)] post_data['form-INITIAL_FORMS'] = ['2'] post_data['form-TOTAL_FORMS'] = ['5'] response = self.client.post(url, post_data, follow = True) self.assertEqual(response.status_code, 200) cps = ActivityComponent.objects.filter(numeric_activity = a, deleted = False) self.assertEqual(len(cps), 4) self.assertEqual(cps[2].title, 'part3') self.assertEqual(cps[3].title, 'part4') def test_group_setMark(self): c = CourseOffering.objects.get(slug = self.c_slug) #add a numeric activity a = NumericActivity(offering = c, name = 'test_assignment_1', \ short_name = 'ta1', status = 'RLS', \ due_date = datetime.now(), max_grade = 100, position = 0) a.save() #take 2 students to make a group stud1 = Member.objects.get(person = Person.objects.get(userid = '0aaa0'), offering = c) stud2 = Member.objects.get(person = Person.objects.get(userid = '0aaa1'), offering = c) group = Group.objects.create(courseoffering = c, name = 'hello', manager = stud1) member1 = GroupMember.objects.create(group = group, student = stud1, confirmed = True, activity=a) member2 = GroupMember.objects.create(group = group, student = stud2, confirmed = True, activity=a) MARK = 30 group_mark = GroupActivityMark(group = group, numeric_activity = a) group_mark.setMark(MARK, entered_by='ggbaker') group_mark.save() num_grades = NumericGrade.objects.filter(activity = a).order_by('member__person__userid') self.assertEqual(len(num_grades), 2) self.assertEqual(num_grades[0].member, stud1) self.assertEqual(num_grades[0].value, MARK) self.assertEqual(num_grades[0].flag, 'GRAD') self.assertEqual(num_grades[1].member, stud2) self.assertEqual(num_grades[1].value, MARK) self.assertEqual(num_grades[1].flag, 'GRAD') def test_mark_history(self): c = CourseOffering.objects.get(slug = self.c_slug) #add a numeric activity a = NumericActivity(offering = c, name = 'test_assignment_1', \ short_name = 'ta1', status = 'RLS', \ due_date = datetime.now(), max_grade = 100, position = 0) a.save() #take 2 students to make a group stud1 = Member.objects.get(person = Person.objects.get(userid = '0aaa0'), offering = c) stud2 = Member.objects.get(person = Person.objects.get(userid = '0aaa1'), offering = c) group = Group.objects.create(courseoffering = c, name = 'hello', manager = stud1) member1 = GroupMember.objects.create(group = group, student = stud1, confirmed = True, activity=a) member2 = GroupMember.objects.create(group = group, student = stud2, confirmed = True, activity=a) ngrade = NumericGrade(activity = a, member = stud2) ngrade.save(entered_by='ggbaker') #assign mark to 0aaa1 individually twice and via the group twice, make some interval between saves std_mark = StudentActivityMark(numeric_grade = ngrade, created_by = 'ggbaker') std_mark.setMark(20, entered_by='ggbaker') std_mark.save() group_mark = GroupActivityMark(group = group, numeric_activity = a, created_by = 'ggbaker') group_mark.setMark(30, entered_by='ggbaker') group_mark.save() std_mark = StudentActivityMark(numeric_grade = ngrade, created_by = 'ggbaker') std_mark.setMark(40, entered_by='ggbaker') std_mark.save() group_mark = GroupActivityMark(group = group, numeric_activity = a, created_by = 'ggbaker') group_mark.setMark(50, entered_by='ggbaker') group_mark.save() self.client.login_user('ggbaker') response = self.client.get(reverse('offering:marking:mark_history_student', args=(self.c_slug, a.slug, '0aaa1'))) self.assertEqual(response.status_code, 200) latest_act_mark = response.context['current_mark'] self.assertEqual(len(response.context['marks_individual']), 2) self.assertEqual(len(response.context['marks_via_group']), 2) self.assertEqual(group_mark, latest_act_mark) def test_frontend(self): client = Client() client.login_user('ggbaker') # set up a course c = CourseOffering.objects.get(slug = self.c_slug) a1 = NumericActivity(offering = c, name = 'test_assignment_1', \ short_name = 'ta1', status = 'RLS', \ due_date = datetime.now(), max_grade = 100, position = 0, group=True) a1.save() a2 = NumericActivity(offering = c, name = 'test_assignment_1', \ short_name = 'ta1', status = 'RLS', \ due_date = datetime.now(), max_grade = 100, position = 0, group=False) a2.save() stud1 = Member.objects.get(person = Person.objects.get(userid = '0aaa0'), offering = c) stud2 = Member.objects.get(person = Person.objects.get(userid = '0aaa1'), offering = c) instr = Member.objects.get(person = Person.objects.get(userid = 'ggbaker'), offering = c) group = Group.objects.create(courseoffering = c, name = 'hello', manager = stud1) member1 = GroupMember.objects.create(group = group, student = stud1, confirmed = True, activity=a1) member2 = GroupMember.objects.create(group = group, student = stud2, confirmed = True, activity=a1) # marking form (student) url = reverse('offering:marking:marking_student', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug, 'userid':stud1.person.userid}) response = basic_page_tests(self, client, url) ac = ActivityComponent(numeric_activity=a2, max_mark=5, title="AC Title", description="AC Description", position=1, deleted=False) ac.save() ac = ActivityComponent(numeric_activity=a2, max_mark=5, title="AC Title2", description="AC Description2", position=2, deleted=False) ac.save() cp = CommonProblem(activity_component=ac, title="CP title", penalty=2, description="Cp description", deleted=False) cp.save() response = basic_page_tests(self, client, url) # submit the form and check that objects were created PENALTY = '12.5' # Percentage CMP_1_VALUE = '5.5' CMP_2_VALUE = '3' ADJ = '1.25'# Adjustments are subtracted TOTAL_MARK = ((Decimal(CMP_1_VALUE) + Decimal(CMP_2_VALUE) - Decimal(ADJ)) * (1 - (Decimal(PENALTY) / 100))).quantize(Decimal('.01'), rounding=ROUND_HALF_EVEN) response = client.post(url, {'cmp-1-value': float(CMP_1_VALUE), 'cmp-1-comment': 'perfect part 1', 'cmp-2-value': float(CMP_2_VALUE), 'cmp-2-comment': 'ok', 'mark_adjustment': float(ADJ), 'mark_adjustment_reason': 'reason', 'late_penalty': float(PENALTY), 'overall_comment': 'overall'}) self.assertEqual(response.status_code, 302) sam = StudentActivityMark.objects.filter(activity=a2, numeric_grade__member=stud1) self.assertEqual(len(sam), 1) sam = sam[0] self.assertEqual(sam.mark_adjustment, Decimal(ADJ)) self.assertEqual(sam.late_penalty, Decimal(PENALTY)) self.assertEqual(sam.overall_comment, 'overall') self.assertEqual(sam.mark, TOTAL_MARK) acms = sam.activitycomponentmark_set.all() self.assertEqual(len(acms), 2) self.assertEqual(acms[0].value, Decimal(CMP_1_VALUE)) self.assertEqual(acms[0].comment, 'perfect part 1') g = NumericGrade.objects.get(activity=a2, member=stud1) self.assertEqual(g.value, TOTAL_MARK) # make sure we get old data for "mark based on" response = basic_page_tests(self, client, url + "?base_activity_mark="+str(sam.id)) #self.assertContains(response, 'name="cmp-1-value" type="text" value="{0}'.format(CMP_1_VALUE)) #self.assertContains(response, 'name="late_penalty" type="text" value="{0}'.format(PENALTY)) # look at the "view details" page url = reverse('offering:marking:mark_summary_student', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug, 'userid':stud1.person.userid}) response = basic_page_tests(self, client, url) self.assertContains(response, 'perfect part 1') # marking form (group) url = reverse('offering:marking:marking_student', kwargs={'course_slug':c.slug, 'activity_slug':a1.slug, 'userid':stud1.person.userid}) response = basic_page_tests(self, client, url) ac = ActivityComponent(numeric_activity=a1, max_mark=5, title="AC Title", description="AC Description", position=1, deleted=False) ac.save() ac = ActivityComponent(numeric_activity=a1, max_mark=5, title="AC Title2", description="AC Description2", position=2, deleted=False) ac.save() cp = CommonProblem(activity_component=ac, title="CP title", penalty=2, description="Cp description", deleted=False) cp.save() response = basic_page_tests(self, client, url) # common problem form url = reverse('offering:marking:manage_common_problems', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug}) response = basic_page_tests(self, client, url) # mark all (student and group) url = reverse('offering:mark_all_students', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug}) response = basic_page_tests(self, client, url) # mark all (student and group) url = reverse('offering:mark_all_groups', kwargs={'course_slug':c.slug, 'activity_slug':a1.slug}) response = basic_page_tests(self, client, url)
class IntegrationTestCase(TestCase): fixtures = ['test_data', 'onlineforms/extra_test_data'] def setUp(self): self.client = Client() def test_valid_simple_initial_form_submission_loggedin(self): logged_in_person = Person.objects.get(userid="ggbaker") self.client.login_user(logged_in_person.userid) old_form_submission_count = len(FormSubmission.objects.all()) old_sheet_submission_count = len(SheetSubmission.objects.all()) url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-simple-form"}) response = basic_page_tests(self, self.client, url) self.assertEqual(response.status_code, 200) # make sure it's not displaying the add-nonsfu form self.assertNotContains(response, '<input type="hidden" name="add-nonsfu" value="True"/>') # check for some important fields # note: the keys are the slugs of the field fill_data = {"favorite-color": "Black", "reason": "Because it's metal", "second-favorite-color": "Green"} # submit the form post_data = { '0': fill_data["favorite-color"], '1': fill_data["reason"], '2': fill_data["second-favorite-color"], 'submit': "Yesplease", } response = self.client.post(url, post_data, follow=True) self.assertEqual(response.status_code, 200) # check that a success messaging is being displayed self.assertContains(response, '<li class="success">') # check that one form submission and one sheet submission got created self.assertEqual(old_form_submission_count + 1, len(FormSubmission.objects.all())) self.assertEqual(old_sheet_submission_count + 1, len(SheetSubmission.objects.all())) # find the submission in the database form_submission = FormSubmission.objects.latest('id') self.assertTrue(form_submission) sheet_submission = SheetSubmission.objects.latest('id') self.assertTrue(sheet_submission) self.assertEqual(sheet_submission.form_submission, form_submission) # make sure the person we logged in as got form initiator credits self.assertTrue(form_submission.initiator.isSFUPerson()) self.assertEqual(form_submission.initiator.sfuFormFiller, logged_in_person) # do the same for the sheet submission self.assertTrue(sheet_submission.filler.isSFUPerson()) self.assertEqual(sheet_submission.filler.sfuFormFiller, logged_in_person) # verify the data field_submissions = FieldSubmission.objects.filter(sheet_submission=sheet_submission).order_by('field__order') self.assertEqual(len(fill_data), len(field_submissions)) for field_submission in field_submissions: self.assertEqual(fill_data[field_submission.field.slug], field_submission.data['info']) # check the sheet submission and form submission status self.assertEqual(sheet_submission.status, "DONE") # form submissions is pending until someone manually marks it done self.assertEqual(form_submission.status, "PEND") def test_valid_simple_initial_form_submission_anonymous(self): person = {'first_name': "Alan", 'last_name': "Turing", 'email_address': "*****@*****.**"} old_form_submission_count = len(FormSubmission.objects.all()) old_sheet_submission_count = len(SheetSubmission.objects.all()) url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-simple-form"}) response = basic_page_tests(self, self.client, url) self.assertEqual(response.status_code, 200) # check that the non sfu form is up self.assertContains(response, '<input type="hidden" name="add-nonsfu" value="True"/>') # check for some important fields # note: the keys are the slugs of the field fill_data = {"favorite-color": "Black", "reason": "Because it's metal", "second-favorite-color": "Green"} # submit the form post_data = { 'first_name': person["first_name"], 'last_name': person["last_name"], 'email_address': person["email_address"], 'add-nonsfu': True, '0': fill_data["favorite-color"], '1': fill_data["reason"], '2': fill_data["second-favorite-color"], 'submit': "Okay go", } response = self.client.post(url, post_data, follow=True) self.assertEqual(response.status_code, 200) # check that a success messaging is being displayed self.assertContains(response, '<li class="success">') # check that one form submission and one sheet submission got created self.assertEqual(old_form_submission_count + 1, len(FormSubmission.objects.all())) self.assertEqual(old_sheet_submission_count + 1, len(SheetSubmission.objects.all())) # find the submission in the database form_submission = FormSubmission.objects.latest('id') self.assertTrue(form_submission) sheet_submission = SheetSubmission.objects.latest('id') self.assertTrue(sheet_submission) self.assertEqual(sheet_submission.form_submission, form_submission) # make sure the person we logged in as got form initiator credits self.assertFalse(form_submission.initiator.isSFUPerson()) self.assertEqual(form_submission.initiator.name(), "%s %s" % (person["first_name"], person["last_name"])) self.assertEqual(form_submission.initiator.email(), person["email_address"]) # do the same for the sheet submission self.assertFalse(sheet_submission.filler.isSFUPerson()) self.assertEqual(form_submission.initiator.name(), "%s %s" % (person["first_name"], person["last_name"])) self.assertEqual(form_submission.initiator.email(), person["email_address"]) # verify the data field_submissions = FieldSubmission.objects.filter(sheet_submission=sheet_submission).order_by('field__order') self.assertEqual(len(fill_data), len(field_submissions)) for field_submission in field_submissions: self.assertEqual(fill_data[field_submission.field.slug], field_submission.data['info']) # check the sheet submission and form submission status self.assertEqual(sheet_submission.status, "DONE") # form submissions is pending until someone manually marks it done self.assertEqual(form_submission.status, "PEND") def test_invalid_nonsfu_missing_elements(self): old_form_submission_count = len(FormSubmission.objects.all()) old_sheet_submission_count = len(SheetSubmission.objects.all()) url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-simple-form"}) response = basic_page_tests(self, self.client, url) # test with each field missing person_nofirst = {'first_name': "", 'last_name': "Turing", 'email_address': "*****@*****.**"} person_nolast = {'first_name': "Alan", 'last_name': "", 'email_address': "*****@*****.**"} person_noemail = {'first_name': "Alan", 'last_name': "Turing", 'email_address': ""} people = [person_nofirst, person_nolast, person_noemail] fill_data = {"favorite-color": "Black", "reason": "Because it's metal", "second-favorite-color": "Green"} for person in people: # submit with empty user info post_data = { 'first_name': person['first_name'], 'last_name': person['last_name'], 'email_address': person['email_address'], 'add-nonsfu': True, '0': fill_data["favorite-color"], '1': fill_data["reason"], '2': fill_data["second-favorite-color"], 'submit': "Yes", } response = self.client.post(url, post_data, follow=True) self.assertEqual(response.status_code, 200) # make sure no success self.assertNotContains(response, '<li class="success">') # make sure there was an error self.assertContains(response, '<li class="error">') # make sure nothing got added to the database self.assertEqual(old_form_submission_count, len(FormSubmission.objects.all())) self.assertEqual(old_sheet_submission_count, len(SheetSubmission.objects.all())) def test_invalid_forbidden_initial(self): # this form doesn't allow non-sfu students to fill it out, so if we # are not logged in and we try to access it it should return forbidden url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-multi-sheet-form"}) response = self.client.get(url) self.assertEqual(response.status_code, 302)
class ViewTestCase(TestCase): fixtures = ['basedata', 'coredata', 'onlineforms', 'onlineforms/extra_test_data'] slug_data = {'formgroup_slug': "cmpt-admins", 'formsubmit_slug': "submission-comp-simple-form-2", 'form_slug': "comp-simple-form", 'sheet_slug': "initial", 'field_slug': "favorite-color", 'sheetsubmit_slug': "submission-initial-2", 'secret_url': "b50d3a695edf877df2a2100376d493f1aec5c26a", 'non_initial_sheet_slug': "initial-000", 'non_initial_sheetsubmit_slug': "submission-noninitial"} def setUp(self): self.client = Client() logged_in_person = Person.objects.get(userid="dzhao") self.client.login_user(logged_in_person.userid) # make sure the sheetsub is owned by the logged in user (to correct for wonky test data) sheetsub = SheetSubmission.objects.get(form_submission__slug=self.slug_data["formsubmit_slug"], slug=self.slug_data["sheetsubmit_slug"]) ff = sheetsub.filler ff.sfuFormFiller = logged_in_person ff.save() def test_no_arg_pages(self): views = ['manage_groups', 'new_group', 'admin_list_all', 'admin_assign_any', 'list_all', 'new_form', 'index'] self.run_basic_page_tests(views, {}) def test_formgroup_pages(self): views = ['manage_group'] args = {'formgroup_slug': self.slug_data["formgroup_slug"]} self.run_basic_page_tests(views, args) def test_form_pages(self): views = ['view_form', 'edit_form', 'preview_form', 'new_sheet', 'sheet_submission_initial'] args = {'form_slug': self.slug_data["form_slug"]} self.run_basic_page_tests(views, args) def test_sheet_pages(self): views = ['edit_sheet', 'edit_sheet_info', 'new_field'] args = {'form_slug': self.slug_data["form_slug"], 'sheet_slug': self.slug_data["sheet_slug"]} self.run_basic_page_tests(views, args) def test_field_pages(self): views = ['edit_field'] args = {'form_slug': self.slug_data["form_slug"], 'sheet_slug': self.slug_data["sheet_slug"], 'field_slug': self.slug_data["field_slug"]} self.run_basic_page_tests(views, args) def test_form_submission_pages(self): views = ['view_submission'] args = {'form_slug': self.slug_data["form_slug"], 'formsubmit_slug': self.slug_data["formsubmit_slug"]} self.run_basic_page_tests(views, args) def test_secret_url_pages(self): views = ['sheet_submission_via_url'] args = {'secret_url': self.slug_data["secret_url"]} self.run_basic_page_tests(views, args) def test_total_submission_pages(self): views = ['sheet_submission_subsequent'] args = {'form_slug': self.slug_data["form_slug"], 'sheet_slug': self.slug_data["non_initial_sheet_slug"], 'formsubmit_slug': self.slug_data["formsubmit_slug"], 'sheetsubmit_slug': self.slug_data["non_initial_sheetsubmit_slug"]} self.run_basic_page_tests(views, args) views = ['admin_return_sheet'] del args['sheet_slug'] self.run_basic_page_tests(views, args) def test_admin_submission(self): views = ['view_submission',] args = {'form_slug': self.slug_data["form_slug"], 'formsubmit_slug': self.slug_data["formsubmit_slug"]} self.run_basic_page_tests(views, args) sheetsub = SheetSubmission.objects.get(form_submission__slug=self.slug_data["formsubmit_slug"], slug=self.slug_data["sheetsubmit_slug"]) sheetsub.status = 'DONE' sheetsub.save() self.run_basic_page_tests(views, args) def run_basic_page_tests(self, views, arguments): for view in views: try: url = reverse('onlineforms:' + view, kwargs=arguments) response = basic_page_tests(self, self.client, url) self.assertEqual(response.status_code, 200) except: print("with view==" + repr(view)) raise def test_returning_initial_sheet(self): # We should no longer be able to return the initial sheet. args = {'form_slug': self.slug_data["form_slug"], 'formsubmit_slug': self.slug_data["formsubmit_slug"], 'sheetsubmit_slug': self.slug_data["sheetsubmit_slug"]} try: url = reverse('onlineforms:admin_return_sheet', kwargs=args) response = self.client.get(url) self.assertEqual(response.status_code, 302) except: print("with view == views.admin_return_sheet") raise
def test_new_nonstudent_is_advisor(self): client = Client() client.login_user("dzhao") response = client.get(reverse('advising:new_nonstudent')) self.assertEqual(response.status_code, 200)
class APITest(TestCase): fixtures = ['basedata', 'coredata'] def setUp(self): self.faketime = 525942870 self.client = Client() # create a Consumer (and associated stuff) try: u = User.objects.get(username='******') except User.DoesNotExist: u = User(username='******') u.save() try: c = Consumer.objects.get(name='Test Consumer') except Consumer.DoesNotExist: c = Consumer(name='Test Consumer') c.description = 'Consumer to do some tests with' c.status = ACCEPTED c.user = u c.xauth_allowed = False c.generate_random_codes() c.save() self.consumer = c i = ConsumerInfo(consumer=c) i.admin_contact = '*****@*****.**' i.permissions = ['courses'] i.timestamp = self.faketime - 10 # make sure the ConsumerInfo was there "before" the Token was created i.save() self.consumerinfo = i # create an access token so we can jump in to requests try: t = Token.objects.get(token_type=Token.ACCESS, consumer=c, user=u) except Token.DoesNotExist: t = Token(token_type=Token.ACCESS, consumer=c, user=u, timestamp=self.faketime) t.is_approved = True t.generate_random_codes() t.verifier = VERIFIER t.save() self.token = t def test_consumerinfo(self): # replace time.time with a function that always returns ( 7:14AM, Sept 1, 1986 ) # make sure we get the right ConsumerInfo object for a token i0 = ConsumerInfo(consumer=self.consumer, admin_contact='foo', permissions=['everything', 'nothing']) i0.timestamp = self.faketime - 100 i0.save() i2 = ConsumerInfo(consumer=self.consumer, admin_contact='foo', permissions=['something']) i2.timestamp = self.faketime + 100 i2.save() # we should retrieve the most recent before token creation: this is what the user agreed to. perms = ConsumerInfo.allowed_permissions(self.token) self.assertEqual(perms, ['courses']) # if it has been deactivated, then no permissions remain self.consumerinfo.deactivated = True self.consumerinfo.save() perms = ConsumerInfo.allowed_permissions(self.token) self.assertEqual(perms, []) def test_head_request(self): "Make sure HEAD requests work with the cache mixin" self.client.login_user('ggbaker') url = reverse('api:APIRoot', kwargs={}) resp = self.client.head(url) def test_all_endpoints(self): client = self.client client.login_user("ggbaker") tester = APIEndpointTester(client, self) tester.check_endpoint('api:APIRoot', {}) tester.check_endpoint('api:MyOfferings', {}) tester.check_endpoint('api:OfferingInfo', {'course_slug': TEST_COURSE_SLUG}) tester.check_endpoint('api:OfferingActivities', {'course_slug': TEST_COURSE_SLUG}) tester.check_endpoint('api:OfferingGrades', {'course_slug': TEST_COURSE_SLUG}) tester.check_endpoint('api:OfferingStats', {'course_slug': TEST_COURSE_SLUG}) tester.check_endpoint('api:OfferingStudents', {'course_slug': TEST_COURSE_SLUG}) tester.check_found_links() def test_class_list_permission(self): """ Check that the class list API endpoint has the right permissions """ client = self.client # no auth: should be forbidden url = reverse('api:OfferingStudents', kwargs={'course_slug': TEST_COURSE_SLUG}) resp = self.client.get(url) self.assertEqual(resp.status_code, 403) data = json.loads(resp.content.decode('utf8')) self.assertIsInstance(data, dict) self.assertEqual(list(data.keys()), ['detail']) # as instructor: should return class list client.login_user("ggbaker") url = reverse('api:OfferingStudents', kwargs={'course_slug': TEST_COURSE_SLUG}) resp = self.client.get(url) self.assertEqual(resp.status_code, 200) data = json.loads(resp.content.decode('utf8')) self.assertIsInstance(data, list) self.assertEqual({d['userid'] for d in data}, {m.person.userid for m in Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='STUD') .select_related('person')}) # as a student: should be forbidden client.login_user("0aaa0") url = reverse('api:OfferingStudents', kwargs={'course_slug': TEST_COURSE_SLUG}) resp = self.client.get(url) self.assertEqual(resp.status_code, 403) data = json.loads(resp.content.decode('utf8')) self.assertIsInstance(data, dict) self.assertEqual(list(data.keys()), ['detail'])