def test_redirect(self):
"""
Redirecting with redirect stub
"""
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.get(offering=crs, person__userid="ggbaker")
p = Page(offering=crs, label="Test")
p.save()
v = PageVersion(page=p, title="Test Page", wikitext="one +two+ three +four+", editor=memb)
v.save()
c = Client()
# normal pages still viewable
url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'Test'})
response = c.get(url)
self.assertEqual(response.status_code, 200)
v = PageVersion(page=p, redirect='NewLocation', editor=memb)
v.save()
response = c.get(url)
self.assertEqual(response.status_code, 301)
redir_url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'NewLocation'})
self.assertTrue(response['location'].endswith(redir_url))
def test_inaccessible_pages(self):
# Presumably, our booking that starts more than 5 years ago is the one generated in the fixtures. If there are
# others that old, it should at least be the first.
unit = Unit.objects.get(slug='cmpt')
booking = BookingRecord.objects.filter(start_time__lte=self.long_start, location__unit=unit).first()
location = booking.location
roomtype = location.room_type
client = Client()
# First, without logging in:
url = reverse('space:index')
response = client.get(url)
self.assertEqual(response.status_code, 302)
# Now log in but without the correct role
client.login_user('pba7')
response = client.get(url)
self.assertEqual(response.status_code, 403)
# We darn well better not be able to delete anything without the proper role:
url = reverse('space:delete_booking', kwargs={'booking_id': booking.id})
response = client.post(url, follow=True)
self.assertEqual(response.status_code, 403)
url = reverse('space:delete_location', kwargs={'location_id': location.id})
response = client.post(url, follow=True)
self.assertEqual(response.status_code, 403)
url = reverse('space:delete_roomtype', kwargs={'roomtype_id': roomtype.id})
response = client.post(url, follow=True)
self.assertEqual(response.status_code, 403)
def test_staff_page(self):
"""
Check the requires_course_staff_by_slug decorator.
"""
# a URL and some members/non-members
url = reverse('grades.views.class_list', kwargs={'course_slug': TEST_COURSE_SLUG})
instr = "ggbaker"
ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='TA')[0].person.userid
student = "0aaa0"
nobody = "0bbb6"
client = Client()
# try without logging in
response = client.get(url)
self.assertEquals(response.status_code, 302)
# try as instructor
client.login_user(instr)
response = client.get(url)
self.assertEquals(response.status_code, 200)
validate_content(self, response.content, url)
# try as TA
client.login_user(ta)
response = client.get(url)
self.assertEquals(response.status_code, 200)
# try as student
client.login_user(student)
response = client.get(url)
self.assertEquals(response.status_code, 403)
# try as non-member
client.login_user(nobody)
response = client.get(url)
self.assertEquals(response.status_code, 403)
def test_course_page(self):
"""
Check out a course front-page
"""
_, c = create_offering()
client = Client()
# not logged in: should be redirected to login page
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 302)
# log in as student "0aaa0"
client.login_user("0aaa0")
p = Person.objects.get(userid="0aaa0")
# not in the course: should get 403 Forbidden
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 403)
# add to course and try again
m = Member(person=p, offering=c, role="STUD", credits=3, career="UGRD", added_reason="UNK")
m.save()
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 200)
validate_content(self, response.content, c.get_absolute_url())
# dropped students should be forbidden
m.role="DROP"
m.save()
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 403)
def test_staff_page(self):
"""
Check the requires_course_staff_by_slug decorator.
"""
# a URL and some members/non-members
url = reverse('grades.views.class_list', kwargs={'course_slug': TEST_COURSE_SLUG})
instr = "ggbaker"
ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='TA')[0].person.userid
student = "0aaa0"
nobody = "0bbb6"
client = Client()
# try without logging in
response = client.get(url)
self.assertEquals(response.status_code, 302)
# try as instructor
client.login_user(instr)
response = client.get(url)
self.assertEquals(response.status_code, 200)
validate_content(self, response.content, url)
# try as TA
client.login_user(ta)
response = client.get(url)
self.assertEquals(response.status_code, 200)
# try as student
client.login_user(student)
response = client.get(url)
self.assertEquals(response.status_code, 403)
# try as non-member
client.login_user(nobody)
response = client.get(url)
self.assertEquals(response.status_code, 403)
def test_grad_quicksearch(self):
"""
Tests grad quicksearch (index page) functionality
"""
client = Client()
test_auth(client, 'ggbaker')
response = client.get(reverse('grad.views.index'))
self.assertEqual(response.status_code, 200)
# AJAX calls for autocomplete return JSON
response = client.get(reverse('grad.views.quick_search')+'?term=grad')
self.assertEqual(response.status_code, 200)
self.assertEqual(response['content-type'], 'application/json')
# get this grad's slug from the search
autocomplete = json.loads(response.content)
grad_slug = [d['value'] for d in autocomplete if d['value'].startswith(self.gs_userid)][0]
# search submit with gradstudent slug redirects to page
response = client.get(reverse('grad.views.quick_search')+'?search='+grad_slug)
self.assertEqual(response.status_code, 302)
self.assertTrue(response['location'].endswith( reverse('grad.views.view', kwargs={'grad_slug': grad_slug}) ))
# search submit with non-slug redirects to "did you mean" page
response = client.get(reverse('grad.views.quick_search')+'?search=' + self.gs_userid[0:4])
self.assertEqual(response.status_code, 302)
self.assertTrue(response['location'].endswith( reverse('grad.views.not_found')+"?search=" + self.gs_userid[0:4] ))
response = client.get(response['location'])
gradlist = response.context['grads']
self.assertEqual(len(gradlist), 1)
self.assertEqual(gradlist[0], GradStudent.objects.get(person__userid=self.gs_userid))
def test_course_page(self):
"""
Check out a course front-page
"""
_, c = create_offering()
client = Client()
# not logged in: should be redirected to login page
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 302)
# log in as student "0aaa0"
client.login_user("0aaa0")
p = Person.objects.get(userid="0aaa0")
# not in the course: should get 403 Forbidden
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 403)
# add to course and try again
m = Member(person=p, offering=c, role="STUD", credits=3, career="UGRD", added_reason="UNK")
m.save()
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 200)
validate_content(self, response.content, c.get_absolute_url())
# dropped students should be forbidden
m.role="DROP"
m.save()
response = client.get(c.get_absolute_url())
self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self):
client = Client()
# First, without logging in:
url = reverse('outreach:outreach_index')
response = client.get(url)
self.assertEqual(response.status_code, 302)
# Now log in but without the correct role
client.login_user('pba7')
response = client.get(url)
self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self):
client = Client()
# First, without logging in:
url = reverse('outreach:outreach_index')
response = client.get(url)
self.assertEqual(response.status_code, 302)
# Now log in but without the correct role
client.login_user('pba7')
response = client.get(url)
self.assertEqual(response.status_code, 403)
def test_impersonation(self):
"""
Test impersonation logic
"""
client = Client()
url = reverse('offering:groups:groupmanage',
kwargs={'course_slug': TEST_COURSE_SLUG})
# login as a sysadmin
client.login_user('pba7')
# not instructor, so can't really access
response = client.get(url)
self.assertEquals(response.status_code, 403)
# ...but can impersonate instructor
response = client.get(url, {"__impersonate": "ggbaker"})
self.assertEquals(response.status_code, 200)
self.assertContains(response, 'Logged in as ggbaker')
# login as student
client.login_user("0aaa0")
# can access normally
response = client.get(url)
self.assertEquals(response.status_code, 200)
self.assertContains(response, 'Logged in as 0aaa0')
# try to impersonate anybody: not allowed
response = client.get(url, {"__impersonate": "0aaa1"})
self.assertEquals(response.status_code, 403)
response = client.get(url, {"__impersonate": "ggbaker"})
self.assertEquals(response.status_code, 403)
# login as instructor
client.login_user("ggbaker")
# can access course page
response = client.get(url)
self.assertEquals(response.status_code, 200)
self.assertContains(response, 'Logged in as ggbaker')
# try to impersonate non-student: not allowed
response = client.get(url, {"__impersonate": "dzhao"})
self.assertEquals(response.status_code, 403)
# try to impersonate student: should be them
response = client.get(url, {"__impersonate": "0aaa0"})
self.assertEquals(response.status_code, 200)
self.assertContains(response, 'Logged in as 0aaa0')
# try some other course: shouldn't be able to impersonate
url = reverse('offering:groups:groupmanage',
kwargs={'course_slug': '1114-cmpt-310-d100'})
response = client.get(url, {"__impersonate": "0aaa0"})
self.assertEquals(response.status_code, 403)
# try non-course URL as non-admin: shouldn't be able to impersonate
client.login_user("diana")
url = reverse('dashboard:index', kwargs={})
response = client.get(url, {"__impersonate": "0aaa0"})
self.assertEquals(response.status_code, 403)
def test_permissions(self):
"""
Make sure the basic permission things are as-expected.
"""
c = Client()
# a role reminder: users with the role, but not others
r = Reminder(
reminder_type='ROLE',
role='ADVS',
unit=Unit.objects.get(slug='cmpt'),
date_type='SEM',
week=4,
weekday=0,
person=Person.objects.get(userid='ggbaker'),
title='Advisor reminder',
content='foo',
)
r.save()
url = reverse('reminders:view', kwargs={'reminder_slug': r.slug})
c.login_user('ggbaker')
resp = c.get(url)
self.assertEqual(resp.status_code, 404)
c.login_user('dzhao')
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
# a personal reminder: that person only
r = Reminder(reminder_type='PERS',
date_type='YEAR',
month='5',
day=31,
person=Person.objects.get(userid='ggbaker'),
title='Personal reminder',
content='### Heading\n\nfoo *bar*',
config={'markup': 'markdown'})
r.save()
url = reverse('reminders:view', kwargs={'reminder_slug': r.slug})
c.login_user('ggbaker')
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
c.login_user('dzhao')
resp = c.get(url)
self.assertEqual(resp.status_code, 404)
# test the HTML generation while we're here
self.assertEqual(r.html_content().replace('\n', ''),
'<h3>Heading</h3><p>foo <em>bar</em></p>')
def test_impersonation(self):
"""
Test impersonation logic
"""
client = Client()
url = reverse('offering:groups:groupmanage', kwargs={'course_slug': TEST_COURSE_SLUG})
# login as a sysadmin
client.login_user('pba7')
# not instructor, so can't really access
response = client.get(url)
self.assertEqual(response.status_code, 403)
# ...but can impersonate instructor
response = client.get(url, {"__impersonate": "ggbaker"})
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'Logged in as ggbaker')
# login as student
client.login_user("0aaa0")
# can access normally
response = client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'Logged in as 0aaa0')
# try to impersonate anybody: not allowed
response = client.get(url, {"__impersonate": "0aaa1"})
self.assertEqual(response.status_code, 403)
response = client.get(url, {"__impersonate": "ggbaker"})
self.assertEqual(response.status_code, 403)
# login as instructor
client.login_user("ggbaker")
# can access course page
response = client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'Logged in as ggbaker')
# try to impersonate non-student: not allowed
response = client.get(url, {"__impersonate": "dzhao"})
self.assertEqual(response.status_code, 403)
# try to impersonate student: should be them
response = client.get(url, {"__impersonate": "0aaa0"})
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'Logged in as 0aaa0')
# try some other course: shouldn't be able to impersonate
url = reverse('offering:groups:groupmanage', kwargs={'course_slug': '1114-cmpt-310-d100'})
response = client.get(url, {"__impersonate": "0aaa0"})
self.assertEqual(response.status_code, 403)
# try non-course URL as non-admin: shouldn't be able to impersonate
client.login_user("diana")
url = reverse('dashboard:index', kwargs={})
response = client.get(url, {"__impersonate": "0aaa0"})
self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self):
client = Client()
contract_id = 1
url = reverse('sessionals:sessionals_index')
response = client.get(url)
self.assertEqual(response.status_code, 302)
# Now log in but without the correct role
client.login_user('foo')
response = client.get(url)
self.assertEqual(response.status_code, 403)
url = reverse('sessionals:delete_contract', kwargs={'contract_id': contract_id})
response = client.post(url, follow=True)
self.assertEqual(response.status_code, 403)
def test_inaccessible_pages(self):
client = Client()
contract_id = 1
url = reverse('sessionals:sessionals_index')
response = client.get(url)
self.assertEquals(response.status_code, 302)
# Now log in but without the correct role
client.login_user('foo')
response = client.get(url)
self.assertEquals(response.status_code, 403)
url = reverse('sessionals:delete_contract',
kwargs={'contract_id': contract_id})
response = client.post(url, follow=True)
self.assertEquals(response.status_code, 403)
def test_workflow(self):
"""
Test the privacy policy workflow and page exclusions
"""
# clear privacy agreement from test data
p = Person.objects.get(userid='dzhao')
p.config = {}
p.save()
client = Client()
client.login_user(p.userid)
privacy_url = reverse('privacy.views.privacy')
# non-role page should still render
url = reverse('dashboard.views.index')
basic_page_tests(self, client, url)
# but role page should redirect to agreement
url = reverse('advisornotes.views.advising')
response = client.get(url)
self.assertRedirects(response, privacy_url + '?next=' + url)
# check privacy page
basic_page_tests(self, client, privacy_url)
# submit and expect recorded agreement
response = client.post(privacy_url + '?next=' + url, {'agree': 'on'})
self.assertRedirects(response, url)
p = Person.objects.get(userid='dzhao')
self.assertTrue(p.config['privacy_signed'])
# now we should be able to access
basic_page_tests(self, client, url)
def test_annual_teaching(self):
"""
Test the annual teaching value entry field
"""
person = Person.objects.get(userid='ggbaker')
unit = Unit.objects.get(slug='cmpt')
editor = Person.objects.get(userid='dzhao')
etype = 'NORM_TEACH'
event = CareerEvent.objects.filter(unit=unit, person=person, event_type=etype)[0]
event.config['load'] = 2 # 2 courses/semester in database should be 6/year to the user
event.get_handler().save(editor)
c = Client()
c.login_user(editor.userid)
# make sure the form renders with value="6"
url = reverse('faculty:change_event', kwargs={'userid': person.userid, 'event_slug': event.slug})
resp = c.get(url)
inputs = [l for l in resp.content.split(b'\n') if b'name="load"' in l]
inputs_correct_value = [l for l in inputs if b'value="6"' in l]
self.assertEqual(len(inputs_correct_value), 1)
# POST a change and make sure the right value ends up in the DB
data = {
'start_date_0': '2000-09-01',
'end_date_0': '',
'unit': str(unit.id),
'load': '5',
'comments': '',
}
c.post(url, data)
new_ce = CareerEvent.objects.filter(unit=unit, person=person, event_type=etype)[0]
self.assertEqual(new_ce.config['load'], '5/3')
def test_workflow(self):
"""
Test the privacy policy workflow and page exclusions
"""
# clear privacy agreement from test data
p = Person.objects.get(userid='dzhao')
p.config = {}
p.save()
client = Client()
client.login_user(p.userid)
privacy_url = reverse('config:privacy')
# non-role page should still render
url = reverse('dashboard:index')
basic_page_tests(self, client, url)
# but role page should redirect to agreement
url = reverse('advising:advising')
response = client.get(url)
self.assertRedirects(response, privacy_url + '?next=' + url)
# check privacy page
basic_page_tests(self, client, privacy_url)
# submit and expect recorded agreement
response = client.post(privacy_url + '?next=' + url, {'agree': 'on'})
self.assertRedirects(response, url)
p = Person.objects.get(userid='dzhao')
self.assertTrue(p.config['privacy_signed'])
# now we should be able to access
basic_page_tests(self, client, url)
def test_grad_letters(self):
"""
Check handling of letters for grad students
"""
client = Client()
test_auth(client, 'ggbaker')
gs = GradStudent.objects.get(person__userid=self.gs_userid)
# get template text and make sure substitutions are made
lt = LetterTemplate.objects.get(label="Funding")
url = reverse('grad.views.get_letter_text', kwargs={'grad_slug': gs.slug, 'letter_template_id': lt.id})
response = client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'M Grad is making satisfactory progress')
content = unicode(response.content)
# create a letter with that content
l = Letter(student=gs, date=datetime.date.today(), to_lines="The Student\nSFU", template=lt, created_by='ggbaker', content=content)
l.save()
url = reverse('grad.views.view_letter', kwargs={'grad_slug': gs.slug, 'letter_slug': l.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('grad.views.copy_letter', kwargs={'grad_slug': gs.slug, 'letter_slug': l.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
def test_pages(self):
"""
Test basic page rendering
"""
c = Client()
c.login_user('dzhao')
test_views(self, c, 'ra:', ['search', 'new', 'accounts_index', 'new_account', 'projects_index',
'new_project', 'semester_config', 'browse'], {})
test_views(self, c, 'ra:', ['found'], {}, qs='search=grad')
ra = RAAppointment.objects.filter(unit__label='CMPT')[0]
p = ra.person
test_views(self, c, 'ra:', ['student_appointments', 'new_student'], {'userid': p.userid})
test_views(self, c, 'ra:', ['edit', 'reappoint', 'view',], {'ra_slug': ra.slug})
# No offer text yet, we should get a redirect when trying to edit the letter text:
url = reverse('ra:edit_letter', kwargs={'ra_slug': ra.slug})
response = c.get(url)
self.assertEqual(response.status_code, 302)
# Let's add some offer text and try again.
ra.offer_letter_text='Some test text here'
ra.save()
test_views(self, c, 'ra:', ['edit_letter'], {'ra_slug': ra.slug})
# Make sure we can add attachments
test_views(self, c, 'ra:', ['new_attachment'], {'ra_slug': ra.slug})
acct = Account.objects.filter(unit__label='CMPT')[0]
test_views(self, c, 'ra:', ['edit_account'], {'account_slug': acct.slug})
proj = Project.objects.filter(unit__label='CMPT')[0]
test_views(self, c, 'ra:', ['edit_project'], {'project_slug': proj.slug})
def test_pages(self):
"""
Test basic page rendering
"""
c = Client()
c.login_user('dzhao')
test_views(self, c, 'ra:', ['dashboard', 'new_request', 'browse'], {})
ra = RAAppointment.objects.filter(unit__label='CMPT')[0]
p = ra.person
test_views(self, c, 'ra:', ['edit', 'view'], {'ra_slug': ra.slug})
# No offer text yet, we should get a redirect when trying to edit the letter text:
url = reverse('ra:edit_letter', kwargs={'ra_slug': ra.slug})
response = c.get(url)
self.assertEqual(response.status_code, 302)
# Let's add some offer text and try again.
ra.offer_letter_text = 'Some test text here'
ra.save()
test_views(self, c, 'ra:', ['edit_letter'], {'ra_slug': ra.slug})
# Make sure we can add attachments
test_views(self, c, 'ra:', ['new_attachment'], {'ra_slug': ra.slug})
# NEW RA
# test basic pages
test_views(self, c, 'ra:', [
'browse_appointments', 'new_request', 'dashboard',
'active_appointments', 'advanced_search'
], {})
# test search
test_views(self, c, 'ra:',
['appointee_appointments', 'supervisor_appointments'],
{'userid': p.userid})
# create test rarequest
u = Unit.objects.get(slug='cmpt')
s = Person.objects.get(userid='dzhao')
req = RARequest(person=p,
unit=u,
author=s,
supervisor=s,
config={},
hiring_category='RA',
start_date=date(2021, 6, 1),
end_date=date(2021, 9, 1),
total_pay=1000)
req.save()
# test pages associated with an rarequest
test_views(self, c, 'ra:', [
'view_request', 'edit_request', 'reappoint_request',
'edit_request_notes', 'request_paf', 'request_offer_letter_update',
'new_admin_attachment'
], {'ra_slug': req.slug})
def test_that_grad_search_returns_200_ok(self):
"""
Tests that /grad/search is available.
"""
client = Client()
test_auth(client, 'ggbaker')
response = client.get(reverse('grad.views.search'))
self.assertEqual(response.status_code, 200)
def test_that_grad_search_returns_200_ok(self):
"""
Tests that /grad/search is available.
"""
client = Client()
client.login_user('dzhao')
response = client.get(reverse('grad.views.search'))
self.assertEqual(response.status_code, 200)
def test_that_grad_search_returns_200_ok(self):
"""
Tests that /grad/search is available.
"""
client = Client()
test_auth(client, 'ggbaker')
response = client.get(reverse('grad.views.search'))
self.assertEqual(response.status_code, 200)
def test_that_grad_search_with_csv_option_returns_csv(self):
client = Client()
client.login_user('dzhao')
response = client.get(reverse('grad.views.search'), {
'columns': 'person.first_name',
'csv': 'sure'
})
self.assertEqual(response.status_code, 200)
self.assertEqual(response['Content-Type'], 'text/csv')
def test_planning_admin_returns_403_forbidden(self):
"""
Tests basic page authentication for instructor
"""
raise SkipTest()
client = Client()
client.login_user("ggbaker")
response = client.get(reverse('planning.views.admin_index'))
self.assertEqual(response.status_code, 403)
def test_planning_admin_returns_403_forbidden(self):
"""
Tests basic page authentication for instructor
"""
raise SkipTest()
client = Client()
client.login_user("ggbaker")
response = client.get(reverse('planning.views.admin_index'))
self.assertEqual(response.status_code, 403)
def test_page_load(self):
"""
Tests that various pages load
"""
# as instructor...
client = Client()
client.login_user("ggbaker")
url = reverse('offering:discussion:discussion_index', kwargs={'course_slug': self.offering.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('offering:discussion:create_topic', kwargs={'course_slug': self.offering.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('offering:discussion:view_topic', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('offering:discussion:change_topic_status', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('offering:discussion:download', kwargs={'course_slug': self.offering.slug})
response = basic_page_tests(self, client, url, check_valid=False)
self.assertEqual(response.status_code, 200)
# as the author of the topic/message
client = Client()
client.login_user(self.topic.author.person.userid)
url = reverse('offering:discussion:edit_topic', kwargs={'course_slug': self.offering.slug, 'topic_slug': self.topic.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
client = Client()
client.login_user(self.message.author.person.userid)
url = reverse('offering:discussion:edit_message', kwargs={'course_slug': self.offering.slug,
'topic_slug': self.topic.slug, 'message_slug': self.message.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('offering:discussion:remove_message', kwargs={'course_slug': self.offering.slug,
'topic_slug': self.topic.slug, 'message_slug': self.message.slug})
response = client.post(url)
self.assertEqual(response.status_code, 302)
self.assertEqual(DiscussionMessage.objects.get(id=self.message.id).status, 'HID')
# Make sure students can't download the json dump of discussions:
member = Member.objects.filter(offering=self.offering, role='STUD').exclude(person__userid__isnull=True).first()
client = Client()
client.login_user(member.person.userid)
url = reverse('offering:discussion:download', kwargs={'course_slug': self.offering.slug})
response = client.get(url)
self.assertEqual(response.status_code, 403)
def test_grad_quicksearch(self):
"""
Tests grad quicksearch (index page) functionality
"""
client = Client()
test_auth(client, 'ggbaker')
response = client.get(reverse('grad.views.index'))
self.assertEqual(response.status_code, 200)
# AJAX calls for autocomplete return JSON
response = client.get(
reverse('grad.views.quick_search') + '?term=grad')
self.assertEqual(response.status_code, 200)
self.assertEqual(response['content-type'], 'application/json')
# get this grad's slug from the search
autocomplete = json.loads(response.content)
grad_slug = [
d['value'] for d in autocomplete
if d['value'].startswith(self.gs_userid)
][0]
# search submit with gradstudent slug redirects to page
response = client.get(
reverse('grad.views.quick_search') + '?search=' + grad_slug)
self.assertEqual(response.status_code, 302)
self.assertTrue(response['location'].endswith(
reverse('grad.views.view', kwargs={'grad_slug': grad_slug})))
# search submit with non-slug redirects to "did you mean" page
response = client.get(
reverse('grad.views.quick_search') + '?search=' +
self.gs_userid[0:4])
self.assertEqual(response.status_code, 302)
self.assertTrue(response['location'].endswith(
reverse('grad.views.not_found') + "?search=" +
self.gs_userid[0:4]))
response = client.get(response['location'])
gradlist = response.context['grads']
self.assertEqual(len(gradlist), 1)
self.assertEqual(
gradlist[0],
GradStudent.objects.get(person__userid=self.gs_userid))
def test_role_access(self):
r = Role.objects.filter(role='SYSA')[0]
p = r.person
p.config['privacy_signed'] = True
p.save()
client = Client()
client.login_user(r.person.userid)
url = reverse('sysadmin:new_role')
# test data role expires in the future: should allow.
resp = client.get(url)
self.assertEqual(resp.status_code, 200)
# expire the role: should now forbid.
r.expiry = date.today() - timedelta(days=2)
r.save()
resp = client.get(url)
self.assertEqual(resp.status_code, 403)
def test_migration_redirect(self):
"""
Redirecting after a migration
"""
c = Client()
c.login_user('0aaa0')
# sample pages
crs = self._sample_setup()
# fake the course-has-been-migrated situation
p = crs.page_set.exclude(label='Index').first()
p.config['migrated_to'] = ['2000sp-subj-000-d1', 'PageLabel']
p.can_read = 'ALL'
p.save()
url = reverse('offering:pages:view_page',
kwargs={
'course_slug': crs.slug,
'page_label': p.label
})
# without course setting, shouldn't redirect
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
# instructor said yes to redirects: make sure page redirects
crs.config['redirect_pages'] = True
crs.save()
resp = c.get(url)
self.assertEqual(resp.status_code, 301)
# instructor should see a "this will usually redirect" message
c.login_user('ggbaker')
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
self.assertIn('redirect_url', resp.context)
# make sure prevent_redirect is honoured
c.login_user('0aaa0')
p.config['prevent_redirect'] = True
p.save()
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
def test_role_access(self):
r = Role.objects.filter(role='SYSA')[0]
p = r.person
p.config['privacy_signed'] = True
p.config['privacy_da_signed'] = True
p.save()
client = Client()
client.login_user(r.person.userid)
url = reverse('sysadmin:new_role')
# test data role expires in the future: should allow.
resp = client.get(url)
self.assertEqual(resp.status_code, 200)
# expire the role: should now forbid.
r.expiry = date.today() - timedelta(days=2)
r.save()
resp = client.get(url)
self.assertEqual(resp.status_code, 403)
def test_permissions(self):
"""
Make sure the basic permission things are as-expected.
"""
c = Client()
# a role reminder: users with the role, but not others
r = Reminder(reminder_type='ROLE', role='ADVS', unit=Unit.objects.get(slug='cmpt'),
date_type='SEM', week=4, weekday=0,
person=Person.objects.get(userid='ggbaker'), title='Advisor reminder', content='foo',)
r.save()
url = reverse('reminders:view', kwargs={'reminder_slug': r.slug})
c.login_user('ggbaker')
resp = c.get(url)
self.assertEqual(resp.status_code, 404)
c.login_user('dzhao')
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
# a personal reminder: that person only
r = Reminder(reminder_type='PERS',
date_type='YEAR', month='5', day=31,
person=Person.objects.get(userid='ggbaker'), title='Personal reminder',
content='### Heading\n\nfoo *bar*', config={'markup': 'markdown'})
r.save()
url = reverse('reminders:view', kwargs={'reminder_slug': r.slug})
c.login_user('ggbaker')
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
c.login_user('dzhao')
resp = c.get(url)
self.assertEqual(resp.status_code, 404)
# test the HTML generation while we're here
self.assertEqual(r.html_content().replace('\n', ''), '<h3>Heading</h3><p>foo <em>bar</em></p>')
def test_migration_redirect(self):
"""
Redirecting after a migration
"""
c = Client()
c.login_user('0aaa0')
# sample pages
crs = self._sample_setup()
# fake the course-has-been-migrated situation
p = crs.page_set.exclude(label='Index').first()
p.config['migrated_to'] = ['2000sp-subj-000-d1', 'PageLabel']
p.can_read = 'ALL'
p.save()
url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': p.label})
# without course setting, shouldn't redirect
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
# instructor said yes to redirects: make sure page redirects
crs.config['redirect_pages'] = True
crs.save()
resp = c.get(url)
self.assertEqual(resp.status_code, 301)
# instructor should see a "this will usually redirect" message
c.login_user('ggbaker')
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
self.assertIn('redirect_url', resp.context)
# make sure prevent_redirect is honoured
c.login_user('0aaa0')
p.config['prevent_redirect'] = True
p.save()
resp = c.get(url)
self.assertEqual(resp.status_code, 200)
def test_inaccessible_pages(self):
client = Client()
# First, without logging in:
url = reverse('space:index')
response = client.get(url)
self.assertEqual(response.status_code, 302)
# Now log in but without the correct role
client.login_user('pba7')
response = client.get(url)
self.assertEqual(response.status_code, 403)
# We darn well better not be able to delete anything without the proper role:
url = reverse('space:delete_booking', kwargs={'booking_id': self.booking.id})
response = client.post(url, follow=True)
self.assertEqual(response.status_code, 403)
url = reverse('space:delete_location', kwargs={'location_id': self.location.id})
response = client.post(url, follow=True)
self.assertEqual(response.status_code, 403)
url = reverse('space:delete_roomtype', kwargs={'roomtype_id': self.roomtype.id})
response = client.post(url, follow=True)
self.assertEqual(response.status_code, 403)
def test_ajax(self):
client = Client()
call_command('update_index', 'coredata', verbosity=0) # make sure we have the same data in DB and haystack
# test person autocomplete
client.login_user("dzhao")
p = Person.objects.get(userid='ggbaker')
url = reverse('data:student_search')
response = client.get(url, {'term': 'ggba'})
self.assertEqual(response.status_code, 200)
self.assertEqual(response['content-type'], 'application/json')
# should find this person
data = json.loads(response.content.decode('utf8'))
emplids = [str(d['value']) for d in data]
self.assertIn(str(p.emplid), emplids)
def test_timing(self):
"""
Ensure that the quiz timing rules are enforced for students
"""
c = Client()
c.login_user(self.s0.person.userid)
url = reverse('offering:quiz:index', kwargs={'course_slug': self.offering.slug, 'activity_slug': self.activity.slug})
# quiz created in .setUp() is ongoing
response = c.get(url)
self.assertTemplateUsed(response, 'quizzes/index_student.html')
self.assertEqual(response.status_code, 200)
# quiz in the future shouldn't be visible
self.quiz.start = now + hour
self.quiz.end = now + 2*hour
self.quiz.save()
response = c.get(url)
self.assertTemplateUsed(response, 'quizzes/unavailable.html')
self.assertEqual(response.status_code, 403)
# neither should a quiz in the past
self.quiz.start = now - 2*hour
self.quiz.end = now - hour
self.quiz.save()
response = c.get(url)
self.assertTemplateUsed(response, 'quizzes/unavailable.html')
self.assertEqual(response.status_code, 403)
# but the student with the special case has it honoured
c.login_user(self.s1.person.userid)
response = c.get(url)
self.assertTemplateUsed(response, 'quizzes/index_student.html')
self.assertEqual(response.status_code, 200)
def test_front_page(self):
# log in as student in the course
userid = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role="STUD")[0].person.userid
client = Client()
client.login_user(userid)
response = client.get("/")
self.assertEqual(response.status_code, 200)
# this student is in this course: check for a link to its page (but it only appears after start of semester)
c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
if c.semester.start < datetime.date.today():
self.assertContains(response, '<a href="%s"' % (c.get_absolute_url()) )
validate_content(self, response.content, "index page")
def test_redirect(self):
"""
Redirecting with redirect stub
"""
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.get(offering=crs, person__userid="ggbaker")
p = Page(offering=crs, label="Test")
p.save()
v = PageVersion(page=p,
title="Test Page",
wikitext="one +two+ three +four+",
editor=memb)
v.save()
c = Client()
# normal pages still viewable
url = reverse('offering:pages:view_page',
kwargs={
'course_slug': crs.slug,
'page_label': 'Test'
})
response = c.get(url)
self.assertEqual(response.status_code, 200)
v = PageVersion(page=p, redirect='NewLocation', editor=memb)
v.save()
response = c.get(url)
self.assertEqual(response.status_code, 301)
redir_url = reverse('offering:pages:view_page',
kwargs={
'course_slug': crs.slug,
'page_label': 'NewLocation'
})
self.assertTrue(response['location'].endswith(redir_url))
def test_front_page(self):
# log in as student in the course
userid = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role="STUD")[0].person.userid
client = Client()
client.login_user(userid)
response = client.get("/")
self.assertEqual(response.status_code, 200)
# this student is in this course: check for a link to its page (but it only appears after start of semester)
c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
if c.semester.start < datetime.date.today():
self.assertContains(response, '<a href="%s"' % (c.get_absolute_url()) )
validate_content(self, response.content, "index page")
def test_ajax(self):
client = Client()
call_command('update_index', 'coredata', verbosity=0) # make sure we have the same data in DB and haystack
# test person autocomplete
client.login_user("dzhao")
p = Person.objects.get(userid='ggbaker')
url = reverse('data:student_search')
response = client.get(url, {'term': 'ggba'})
self.assertEqual(response.status_code, 200)
self.assertEqual(response['content-type'], 'application/json')
# should find this person
data = json.loads(response.content)
emplids = [str(d['value']) for d in data]
self.assertIn(str(p.emplid), emplids)
def test_pages(self):
"""
Test basic page rendering
"""
c = Client()
c.login_user('dzhao')
test_views(self, c, 'ra:', [
'search', 'new', 'accounts_index', 'new_account', 'projects_index',
'new_project', 'semester_config', 'browse'
], {})
test_views(self, c, 'ra:', ['found'], {}, qs='search=grad')
test_views(self, c, 'ra:', ['dashboard', 'new_request'], {})
ra = RAAppointment.objects.filter(unit__label='CMPT')[0]
p = ra.person
test_views(self, c, 'ra:', ['student_appointments', 'new_student'],
{'userid': p.userid})
test_views(self, c, 'ra:', [
'edit',
'reappoint',
'view',
], {'ra_slug': ra.slug})
# No offer text yet, we should get a redirect when trying to edit the letter text:
url = reverse('ra:edit_letter', kwargs={'ra_slug': ra.slug})
response = c.get(url)
self.assertEqual(response.status_code, 302)
# Let's add some offer text and try again.
ra.offer_letter_text = 'Some test text here'
ra.save()
test_views(self, c, 'ra:', ['edit_letter'], {'ra_slug': ra.slug})
# Make sure we can add attachments
test_views(self, c, 'ra:', ['new_attachment'], {'ra_slug': ra.slug})
acct = Account.objects.filter(unit__label='CMPT')[0]
test_views(self, c, 'ra:', ['edit_account'],
{'account_slug': acct.slug})
proj = Project.objects.filter(unit__label='CMPT')[0]
test_views(self, c, 'ra:', ['edit_project'],
{'project_slug': proj.slug})
def test_grad_letters(self):
"""
Check handling of letters for grad students
"""
client = Client()
client.login_user('dzhao')
gs = self.gs
# get template text and make sure substitutions are made
lt = LetterTemplate.objects.get(label="Funding")
url = reverse('grad.views.get_letter_text',
kwargs={
'grad_slug': gs.slug,
'letter_template_id': lt.id
})
response = client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(
response,
gs.person.get_title() + ' ' + gs.person.last_name +
' is making satisfactory progress')
content = response.content.decode('utf-8')
# create a letter with that content
l = Letter(student=gs,
date=datetime.date.today(),
to_lines="The Student\nSFU",
template=lt,
created_by='ggbaker',
content=content)
l.save()
url = reverse('grad.views.view_letter',
kwargs={
'grad_slug': gs.slug,
'letter_slug': l.slug
})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('grad.views.copy_letter',
kwargs={
'grad_slug': gs.slug,
'letter_slug': l.slug
})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
def test_course_browser(self):
client = Client()
s, c = create_offering()
# the main search/filter page
url = reverse('browse:browse_courses')
response = basic_page_tests(self, client, url)
# AJAX request for table data
url += '?tabledata=yes&data_type=json&iDisplayStart=0&iDisplayLength=10&iSortingCols=0'
response = client.get(url)
data = json.loads(response.content.decode('utf8'))
self.assertEqual(len(data['aaData']), 10)
# courseoffering detail page
url = reverse('browse:browse_courses_info', kwargs={'course_slug': TEST_COURSE_SLUG})
response = basic_page_tests(self, client, url)
def test_course_browser(self):
client = Client()
s, c = create_offering()
# the main search/filter page
url = reverse('coredata.views.browse_courses')
response = basic_page_tests(self, client, url)
# AJAX request for table data
url += '?tabledata=yes&data_type=json&iDisplayLength=25'
response = client.get(url)
data = json.loads(response.content)
self.assertEquals(len(data['aaData']), 25)
# courseoffering detail page
url = reverse('coredata.views.browse_courses_info', kwargs={'course_slug': TEST_COURSE_SLUG})
response = basic_page_tests(self, client, url)
def test_staff_page(self):
"""
Check the requires_course_staff_by_slug decorator.
"""
# force the test course's semester to be "current" so the TA still has access
semester = CourseOffering.objects.get(slug=TEST_COURSE_SLUG).semester
today = datetime.date.today()
semester.start = today
semester.end = today + datetime.timedelta(days=90)
semester.save()
# a URL and some members/non-members
url = reverse('offering:class_list',
kwargs={'course_slug': TEST_COURSE_SLUG})
instr = "ggbaker"
ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG,
role='TA')[0].person.userid
student = "0aaa0"
nobody = "0bbb6"
client = Client()
# try without logging in
response = client.get(url)
self.assertEqual(response.status_code, 302)
# try as instructor
client.login_user(instr)
response = client.get(url)
self.assertEqual(response.status_code, 200)
validate_content(self, response.content, url)
# try as TA.
client.login_user(ta)
response = client.get(url)
self.assertEqual(response.status_code, 200)
# try as student
client.login_user(student)
response = client.get(url)
self.assertEqual(response.status_code, 403)
# try as non-member
client.login_user(nobody)
response = client.get(url)
self.assertEqual(response.status_code, 403)
# try again as TA, but cheat by changing the semester for the course first. We also have to change something
# else, in this case, the section, in order to avoid violating unique constraints when saving it.
c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
c.semester = Semester.current()
c.section = 'q100'
c.save()
client.login_user(ta)
response = client.get(url)
self.assertEqual(response.status_code, 200)
def test_course_browser(self):
client = Client()
s, c = create_offering()
# the main search/filter page
url = reverse('browse:browse_courses')
response = basic_page_tests(self, client, url)
# AJAX request for table data
url += '?tabledata=yes&data_type=json&iDisplayStart=0&iDisplayLength=10&iSortingCols=0'
response = client.get(url)
data = json.loads(response.content.decode('utf8'))
self.assertEqual(len(data['aaData']), 10)
# courseoffering detail page
url = reverse('browse:browse_courses_info',
kwargs={'course_slug': TEST_COURSE_SLUG})
response = basic_page_tests(self, client, url)
def test_annual_teaching(self):
"""
Test the annual teaching value entry field
"""
person = Person.objects.get(userid='ggbaker')
unit = Unit.objects.get(slug='cmpt')
editor = Person.objects.get(userid='dzhao')
etype = 'NORM_TEACH'
event = CareerEvent.objects.filter(unit=unit,
person=person,
event_type=etype)[0]
event.config[
'load'] = 2 # 2 courses/semester in database should be 6/year to the user
event.get_handler().save(editor)
c = Client()
c.login_user(editor.userid)
# make sure the form renders with value="6"
url = reverse('faculty:change_event',
kwargs={
'userid': person.userid,
'event_slug': event.slug
})
resp = c.get(url)
inputs = [l for l in resp.content.split(b'\n') if b'name="load"' in l]
inputs_correct_value = [l for l in inputs if b'value="6"' in l]
self.assertEqual(len(inputs_correct_value), 1)
# POST a change and make sure the right value ends up in the DB
data = {
'start_date_0': '2000-09-01',
'end_date_0': '',
'unit': str(unit.id),
'load': '5',
'comments': '',
}
c.post(url, data)
new_ce = CareerEvent.objects.filter(unit=unit,
person=person,
event_type=etype)[0]
self.assertEqual(new_ce.config['load'], '5/3')
def test_staff_page(self):
"""
Check the requires_course_staff_by_slug decorator.
"""
# a URL and some members/non-members
url = reverse('offering:class_list', kwargs={'course_slug': TEST_COURSE_SLUG})
instr = "ggbaker"
ta = Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='TA')[0].person.userid
student = "0aaa0"
nobody = "0bbb6"
client = Client()
# try without logging in
response = client.get(url)
self.assertEqual(response.status_code, 302)
# try as instructor
client.login_user(instr)
response = client.get(url)
self.assertEqual(response.status_code, 200)
validate_content(self, response.content, url)
# try as TA.
client.login_user(ta)
response = client.get(url)
self.assertEqual(response.status_code, 200)
# try as student
client.login_user(student)
response = client.get(url)
self.assertEqual(response.status_code, 403)
# try as non-member
client.login_user(nobody)
response = client.get(url)
self.assertEqual(response.status_code, 403)
# try again as TA, but cheat by changing the semester for the course first. We also have to change something
# else, in this case, the section, in order to avoid violating unique constraints when saving it.
c = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
c.semester = Semester.current()
c.section = 'q100'
c.save()
client.login_user(ta)
response = client.get(url)
self.assertEqual(response.status_code, 200)
def test_userconfig(self):
"""
Test user configuration
"""
tokenre = re.compile("^[0-9a-f]{32}$")
client = Client()
userid = "0aaa0"
client.login_user(userid)
configurl = reverse('config:config', kwargs={})
response = client.get(configurl)
self.assertEqual(response.status_code, 200)
self.assertContains(response, "You do not currently have the external news feed")
self.assertContains(response, "You do not currently have the external calendar")
# activate calendar
url = reverse('config:create_calendar_url', kwargs={})
response = client.post(url, {'agree': 'on'})
self.assertEqual(response.status_code, 302)
response = client.get(configurl)
self.assertEqual(response.status_code, 200)
self.assertContains(response, "You do not currently have the external news feed")
self.assertContains(response, "You can get your calendar as iCalendar")
confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config')
self.assertEqual(len(confs), 1)
uc = confs[0]
token = uc.value['token']
self.assertIsNotNone(tokenre.match(token))
url = reverse('calendar:calendar_ical', kwargs={'token': token, 'userid': userid})
response = client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, "BEGIN:VCALENDAR")
self.assertContains(response, "END:VCALENDAR")
# change calendar URL
url = reverse('config:create_calendar_url', kwargs={})
response = client.post(url, {'agree': 'on'})
self.assertEqual(response.status_code, 302)
confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config')
self.assertEqual(len(confs), 1)
self.assertNotEqual(token, confs[0].value['token'])
# disable and re-enable calendar URL
url = reverse('config:disable_calendar_url', kwargs={})
response = client.post(url, {'agree': 'on'})
self.assertEqual(response.status_code, 302)
confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config')
self.assertEqual(len(confs), 1)
self.assertTrue('token' not in confs[0].value)
url = reverse('config:create_calendar_url', kwargs={})
response = client.post(url, {'agree': 'on'})
confs = UserConfig.objects.filter(user__userid=userid, key='calendar-config')
self.assertEqual(len(confs), 1)
self.assertIsNotNone(tokenre.match(confs[0].value['token']))
# activate feed
url = reverse('config:create_news_url', kwargs={})
response = client.post(url, {'agree': 'on'})
self.assertEqual(response.status_code, 302)
response = client.get(configurl)
self.assertEqual(response.status_code, 200)
self.assertContains(response, "Your external news feed is currently enabled")
self.assertContains(response, "You can get your calendar as iCalendar")
confs = UserConfig.objects.filter(user__userid=userid, key='feed-token')
self.assertEqual(len(confs), 1)
uc = confs[0]
token = uc.value['token']
self.assertIsNotNone(tokenre.match(token))
url = reverse('news:atom_feed', kwargs={'token': token, 'userid': userid})
response = client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, '<feed xmlns="http://www.w3.org/2005/Atom">')
# change feed URL
url = reverse('config:create_news_url', kwargs={})
response = client.post(url, {'agree': 'on'})
self.assertEqual(response.status_code, 302)
confs = UserConfig.objects.filter(user__userid=userid, key='feed-token')
self.assertEqual(len(confs), 1)
self.assertNotEqual(token, confs[0].value['token'])
# disable and re-enable feed URL
url = reverse('config:disable_news_url', kwargs={})
response = client.post(url, {'agree': 'on'})
self.assertEqual(response.status_code, 302)
confs = UserConfig.objects.filter(user__userid=userid, key='feed-token')
self.assertEqual(len(confs), 0)
url = reverse('config:create_news_url', kwargs={})
response = client.post(url, {'agree': 'on'})
confs = UserConfig.objects.filter(user__userid=userid, key='feed-token')
self.assertEqual(len(confs), 1)
self.assertIsNotNone(tokenre.match(confs[0].value['token']))
def test_permissions(self):
"""
Test page access control behaviour.
"""
crs = CourseOffering.objects.get(slug=TEST_COURSE_SLUG)
memb = Member.objects.filter(offering=crs, role='INST').first()
inst = memb.person
ta = Member.objects.filter(offering=crs, role='TA').first().person
stud = Member.objects.filter(offering=crs, role='STUD').first().person
non_member = Person.objects.get(userid='dixon')
assert not Member.objects.filter(offering=crs, person=non_member)
p = Page(offering=crs, label="Test", can_read='STAF', can_write='INST')
p.save()
v = PageVersion(page=p, title="Test Page", wikitext="Page contents", editor=memb)
v.save()
# page-viewing permissions
c = Client()
url = reverse('offering:pages:view_page', kwargs={'course_slug': crs.slug, 'page_label': 'Test'})
c.logout()
response = c.get(url)
self.assertEqual(response.status_code, 403)
c.login_user(inst.userid)
response = c.get(url)
self.assertEqual(response.status_code, 200)
c.login_user(ta.userid)
response = c.get(url)
self.assertEqual(response.status_code, 200)
c.login_user(stud.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
c.login_user(non_member.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
# ... but with a PagePermission object, non_member can access
pp = PagePermission(person=non_member, offering=crs, role='INST')
pp.save()
response = c.get(url)
self.assertEqual(response.status_code, 200)
# page-editing permissions
url = reverse('offering:pages:edit_page', kwargs={'course_slug': crs.slug, 'page_label': 'Test'})
c.logout()
response = c.get(url)
self.assertEqual(response.status_code, 302) # redirect to log in
c.login_user(inst.userid)
response = c.get(url)
self.assertEqual(response.status_code, 200)
c.login_user(ta.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
c.login_user(stud.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
# editing with PagePermission not implemented
c.login_user(non_member.userid)
response = c.get(url)
self.assertEqual(response.status_code, 403)
def test_new_nonstudent_not_advisor(self):
client = Client()
client.login_user("0ppp0")
response = client.get(reverse('advising:new_nonstudent'))
self.assertEqual(response.status_code, 403, "Student shouldn't have access")
def test_grad_student_pages(self):
"""
Check the pages for a grad student and make sure they all load
"""
client = Client()
test_auth(client, 'ggbaker')
gs = self.__make_test_grad()
lt = LetterTemplate(unit=gs.program.unit, label='Template', content="This is the\n\nletter for {{first_name}}.")
lt.save()
url = reverse('grad.views.get_letter_text', kwargs={'grad_slug': gs.slug, 'letter_template_id': lt.id})
content = client.get(url).content
Letter(student=gs, template=lt, date=datetime.date.today(), content=content).save()
url = reverse('grad.views.view', kwargs={'grad_slug': gs.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
# sections of the main gradstudent view that can be loaded
for section in all_sections:
url = reverse('grad.views.view', kwargs={'grad_slug': gs.slug})
# check fragment fetch for AJAX
try:
response = client.get(url, {'section': section})
self.assertEqual(response.status_code, 200)
except:
print "with section==" + repr(section)
raise
# check section in page
try:
response = basic_page_tests(self, client, url + '?_escaped_fragment_=' + section)
self.assertEqual(response.status_code, 200)
except:
print "with section==" + repr(section)
raise
# check all sections together
url = url + '?_escaped_fragment_=' + ','.join(all_sections)
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
# check management pages
for view in ['financials',
'manage_general',
'manage_requirements',
'manage_scholarships',
'manage_otherfunding',
'manage_promises',
'manage_letters',
'manage_status',
'manage_supervisors',
'manage_program',
'manage_start_end_semesters',
'manage_financialcomments',
'manage_defence',
'manage_progress',
'manage_documents']:
try:
url = reverse('grad.views.'+view, kwargs={'grad_slug': gs.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
except:
print "with view==" + repr(view)
raise
for style in STYLES:
url = reverse('grad.views.financials', kwargs={'grad_slug': gs.slug, 'style': style})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
url = reverse('grad.views.new_letter', kwargs={'grad_slug': gs.slug, 'letter_template_slug': lt.slug})
response = basic_page_tests(self, client, url)
self.assertEqual(response.status_code, 200)
def test_that_grad_search_with_csv_option_returns_csv(self):
client = Client()
test_auth(client, 'ggbaker')
response = client.get(reverse('grad.views.search'), {'columns':'person.first_name', 'csv':'sure'})
self.assertEqual(response.status_code, 200)
self.assertEqual(response['Content-Type'], 'text/csv')
class BasicTest(TestCase):
fixtures = ['basedata', 'coredata', 'grades']
def setUp(self):
self.c_slug = TEST_COURSE_SLUG
self.client = Client()
def test_add_activity_components(self):
c = CourseOffering.objects.get(slug = self.c_slug)
#add a numeric activity and its components
a = NumericActivity(offering = c, name = 'test_assignment_1', \
short_name = 'ta1', status = 'RLS', \
due_date = datetime.now(), max_grade = 100, position = 0)
a.save()
co1 = ActivityComponent(numeric_activity = a, title = 'part1', max_mark = 20, position = 1)
co2 = ActivityComponent(numeric_activity = a, title = 'part2', max_mark = 30, position = 2)
co3 = ActivityComponent(numeric_activity = a, title = 'part3', max_mark = 50, position = 3)
co1.save()
co2.save()
co3.save()
self.client.login_user('ggbaker')
response = basic_page_tests(self, self.client, reverse('offering:marking:manage_activity_components', args=(self.c_slug,a.slug)))
forms = response.context['formset'].forms
self.assertEqual(forms[0].instance.title, 'part1')
self.assertEqual(forms[1].instance.title, 'part2')
self.assertEqual(forms[2].instance.title, 'part3')
def test_add_common_problems(self):
c = CourseOffering.objects.get(slug = self.c_slug)
a = NumericActivity(offering = c, name = 'test_assignment_1', \
short_name = 'ta1', status = 'RLS', \
due_date = datetime.now(), max_grade = 100, position = 1)
a.save()
co1 = ActivityComponent(numeric_activity = a, title = 'part1', max_mark = 50, position = 1)
co2 = ActivityComponent(numeric_activity = a, title = 'part2', max_mark = 50, position = 2)
co1.save()
co2.save()
#add some common problems
cp1 = CommonProblem(activity_component = co1, title = 'cp1', penalty="0")
cp2 = CommonProblem(activity_component = co1, title = 'cp2', penalty="1.12")
cp3 = CommonProblem(activity_component = co2, title = 'cp3', penalty="-2.3")
cp1.save()
cp2.save()
cp3.save()
self.client.login_user('ggbaker')
response = basic_page_tests(self, self.client, reverse('offering:marking:manage_common_problems', args=(self.c_slug,a.slug)))
forms = response.context['formset'].forms
ins0 = forms[0].instance
ins1 = forms[1].instance
ins2 = forms[2].instance
self.assertEqual(ins0.title, 'cp1')
self.assertEqual(ins0.activity_component, co1)
self.assertEqual(ins1.title, 'cp2')
self.assertEqual(ins1.activity_component, co1)
self.assertEqual(ins2.title, 'cp3')
self.assertEqual(ins2.activity_component, co2)
#test the marking page as well
url = reverse('offering:marking:marking_student', args=(self.c_slug, a.slug, '0aaa0'))
response = basic_page_tests(self, self.client, url)
mark_components = response.context['component_data']
com1 = mark_components[0]
com2 = mark_components[1]
self.assertEqual(com1['component'], co1)
self.assertEqual(len(com1['common_problems']), 2)
self.assertEqual(com2['component'], co2)
self.assertEqual(len(com2['common_problems']), 1)
def test_post_activity_components(self):
c = CourseOffering.objects.get(slug = self.c_slug)
#add a numeric activity and its components
a = NumericActivity(offering = c, name = 'test_assignment_1', \
short_name = 'ta1', status = 'RLS', \
due_date = datetime.now(), max_grade = 100, position = 0)
a.save()
self.client.login_user('ggbaker')
url = reverse('offering:marking:manage_activity_components', args=(self.c_slug, a.slug))
# 2 forms for the first 2 components to add
post_data = {'form-0-id' : ['', ''], 'form-1-id' : ['', ''],
'form-0-title': ['part1'], 'form-1-title': ['part2'],
'form-0-max_mark' : ['20'], 'form-1-max_mark': ['20'],
'form-0-description' : ['basic1'], 'form-1-description': ['basic2'],
'form-TOTAL_FORMS' : ['3'], 'form-INITIAL_FORMS':['0']}
response = self.client.post(url, post_data, follow = True)
self.assertEqual(response.status_code, 200)
cps = ActivityComponent.objects.filter(numeric_activity = a, deleted = False)
self.assertEqual(len(cps), 2)
self.assertEqual(cps[0].title, 'part1')
self.assertEqual(cps[1].title, 'part2')
# keep the first 2 components, and add 2 more new components
post_data2 = {'form-2-id' : ['', ''], 'form-3-id' : ['', ''],
'form-2-title': ['part3'], 'form-3-title': ['part4'],
'form-2-max_mark' : ['30'], 'form-3-max_mark': ['30'],
'form-2-description' : ['advanced1'], 'form-3-description': ['advanced2'],
}
post_data.update(post_data2)
post_data['form-0-id'] = [str(cps[0].id), str(cps[0].id)]
post_data['form-1-id'] = [str(cps[1].id), str(cps[1].id)]
post_data['form-INITIAL_FORMS'] = ['2']
post_data['form-TOTAL_FORMS'] = ['5']
response = self.client.post(url, post_data, follow = True)
self.assertEqual(response.status_code, 200)
cps = ActivityComponent.objects.filter(numeric_activity = a, deleted = False)
self.assertEqual(len(cps), 4)
self.assertEqual(cps[2].title, 'part3')
self.assertEqual(cps[3].title, 'part4')
def test_group_setMark(self):
c = CourseOffering.objects.get(slug = self.c_slug)
#add a numeric activity
a = NumericActivity(offering = c, name = 'test_assignment_1', \
short_name = 'ta1', status = 'RLS', \
due_date = datetime.now(), max_grade = 100, position = 0)
a.save()
#take 2 students to make a group
stud1 = Member.objects.get(person = Person.objects.get(userid = '0aaa0'), offering = c)
stud2 = Member.objects.get(person = Person.objects.get(userid = '0aaa1'), offering = c)
group = Group.objects.create(courseoffering = c, name = 'hello', manager = stud1)
member1 = GroupMember.objects.create(group = group, student = stud1, confirmed = True, activity=a)
member2 = GroupMember.objects.create(group = group, student = stud2, confirmed = True, activity=a)
MARK = 30
group_mark = GroupActivityMark(group = group, numeric_activity = a)
group_mark.setMark(MARK, entered_by='ggbaker')
group_mark.save()
num_grades = NumericGrade.objects.filter(activity = a).order_by('member__person__userid')
self.assertEqual(len(num_grades), 2)
self.assertEqual(num_grades[0].member, stud1)
self.assertEqual(num_grades[0].value, MARK)
self.assertEqual(num_grades[0].flag, 'GRAD')
self.assertEqual(num_grades[1].member, stud2)
self.assertEqual(num_grades[1].value, MARK)
self.assertEqual(num_grades[1].flag, 'GRAD')
def test_mark_history(self):
c = CourseOffering.objects.get(slug = self.c_slug)
#add a numeric activity
a = NumericActivity(offering = c, name = 'test_assignment_1', \
short_name = 'ta1', status = 'RLS', \
due_date = datetime.now(), max_grade = 100, position = 0)
a.save()
#take 2 students to make a group
stud1 = Member.objects.get(person = Person.objects.get(userid = '0aaa0'), offering = c)
stud2 = Member.objects.get(person = Person.objects.get(userid = '0aaa1'), offering = c)
group = Group.objects.create(courseoffering = c, name = 'hello', manager = stud1)
member1 = GroupMember.objects.create(group = group, student = stud1, confirmed = True, activity=a)
member2 = GroupMember.objects.create(group = group, student = stud2, confirmed = True, activity=a)
ngrade = NumericGrade(activity = a, member = stud2)
ngrade.save(entered_by='ggbaker')
#assign mark to 0aaa1 individually twice and via the group twice, make some interval between saves
std_mark = StudentActivityMark(numeric_grade = ngrade, created_by = 'ggbaker')
std_mark.setMark(20, entered_by='ggbaker')
std_mark.save()
group_mark = GroupActivityMark(group = group, numeric_activity = a, created_by = 'ggbaker')
group_mark.setMark(30, entered_by='ggbaker')
group_mark.save()
std_mark = StudentActivityMark(numeric_grade = ngrade, created_by = 'ggbaker')
std_mark.setMark(40, entered_by='ggbaker')
std_mark.save()
group_mark = GroupActivityMark(group = group, numeric_activity = a, created_by = 'ggbaker')
group_mark.setMark(50, entered_by='ggbaker')
group_mark.save()
self.client.login_user('ggbaker')
response = self.client.get(reverse('offering:marking:mark_history_student', args=(self.c_slug, a.slug, '0aaa1')))
self.assertEqual(response.status_code, 200)
latest_act_mark = response.context['current_mark']
self.assertEqual(len(response.context['marks_individual']), 2)
self.assertEqual(len(response.context['marks_via_group']), 2)
self.assertEqual(group_mark, latest_act_mark)
def test_frontend(self):
client = Client()
client.login_user('ggbaker')
# set up a course
c = CourseOffering.objects.get(slug = self.c_slug)
a1 = NumericActivity(offering = c, name = 'test_assignment_1', \
short_name = 'ta1', status = 'RLS', \
due_date = datetime.now(), max_grade = 100, position = 0, group=True)
a1.save()
a2 = NumericActivity(offering = c, name = 'test_assignment_1', \
short_name = 'ta1', status = 'RLS', \
due_date = datetime.now(), max_grade = 100, position = 0, group=False)
a2.save()
stud1 = Member.objects.get(person = Person.objects.get(userid = '0aaa0'), offering = c)
stud2 = Member.objects.get(person = Person.objects.get(userid = '0aaa1'), offering = c)
instr = Member.objects.get(person = Person.objects.get(userid = 'ggbaker'), offering = c)
group = Group.objects.create(courseoffering = c, name = 'hello', manager = stud1)
member1 = GroupMember.objects.create(group = group, student = stud1, confirmed = True, activity=a1)
member2 = GroupMember.objects.create(group = group, student = stud2, confirmed = True, activity=a1)
# marking form (student)
url = reverse('offering:marking:marking_student', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug, 'userid':stud1.person.userid})
response = basic_page_tests(self, client, url)
ac = ActivityComponent(numeric_activity=a2, max_mark=5, title="AC Title", description="AC Description", position=1, deleted=False)
ac.save()
ac = ActivityComponent(numeric_activity=a2, max_mark=5, title="AC Title2", description="AC Description2", position=2, deleted=False)
ac.save()
cp = CommonProblem(activity_component=ac, title="CP title", penalty=2, description="Cp description", deleted=False)
cp.save()
response = basic_page_tests(self, client, url)
# submit the form and check that objects were created
PENALTY = '12.5' # Percentage
CMP_1_VALUE = '5.5'
CMP_2_VALUE = '3'
ADJ = '1.25'# Adjustments are subtracted
TOTAL_MARK = ((Decimal(CMP_1_VALUE) + Decimal(CMP_2_VALUE) - Decimal(ADJ)) *
(1 - (Decimal(PENALTY) / 100))).quantize(Decimal('.01'), rounding=ROUND_HALF_EVEN)
response = client.post(url, {'cmp-1-value': float(CMP_1_VALUE), 'cmp-1-comment': 'perfect part 1',
'cmp-2-value': float(CMP_2_VALUE), 'cmp-2-comment': 'ok', 'mark_adjustment': float(ADJ),
'mark_adjustment_reason': 'reason', 'late_penalty': float(PENALTY),
'overall_comment': 'overall'})
self.assertEqual(response.status_code, 302)
sam = StudentActivityMark.objects.filter(activity=a2, numeric_grade__member=stud1)
self.assertEqual(len(sam), 1)
sam = sam[0]
self.assertEqual(sam.mark_adjustment, Decimal(ADJ))
self.assertEqual(sam.late_penalty, Decimal(PENALTY))
self.assertEqual(sam.overall_comment, 'overall')
self.assertEqual(sam.mark, TOTAL_MARK)
acms = sam.activitycomponentmark_set.all()
self.assertEqual(len(acms), 2)
self.assertEqual(acms[0].value, Decimal(CMP_1_VALUE))
self.assertEqual(acms[0].comment, 'perfect part 1')
g = NumericGrade.objects.get(activity=a2, member=stud1)
self.assertEqual(g.value, TOTAL_MARK)
# make sure we get old data for "mark based on"
response = basic_page_tests(self, client, url + "?base_activity_mark="+str(sam.id))
#self.assertContains(response, 'name="cmp-1-value" type="text" value="{0}'.format(CMP_1_VALUE))
#self.assertContains(response, 'name="late_penalty" type="text" value="{0}'.format(PENALTY))
# look at the "view details" page
url = reverse('offering:marking:mark_summary_student', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug, 'userid':stud1.person.userid})
response = basic_page_tests(self, client, url)
self.assertContains(response, 'perfect part 1')
# marking form (group)
url = reverse('offering:marking:marking_student', kwargs={'course_slug':c.slug,
'activity_slug':a1.slug, 'userid':stud1.person.userid})
response = basic_page_tests(self, client, url)
ac = ActivityComponent(numeric_activity=a1, max_mark=5, title="AC Title",
description="AC Description", position=1, deleted=False)
ac.save()
ac = ActivityComponent(numeric_activity=a1, max_mark=5, title="AC Title2",
description="AC Description2", position=2, deleted=False)
ac.save()
cp = CommonProblem(activity_component=ac, title="CP title", penalty=2,
description="Cp description", deleted=False)
cp.save()
response = basic_page_tests(self, client, url)
# common problem form
url = reverse('offering:marking:manage_common_problems', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug})
response = basic_page_tests(self, client, url)
# mark all (student and group)
url = reverse('offering:mark_all_students', kwargs={'course_slug':c.slug, 'activity_slug':a2.slug})
response = basic_page_tests(self, client, url)
# mark all (student and group)
url = reverse('offering:mark_all_groups', kwargs={'course_slug':c.slug, 'activity_slug':a1.slug})
response = basic_page_tests(self, client, url)
class IntegrationTestCase(TestCase):
fixtures = ['test_data', 'onlineforms/extra_test_data']
def setUp(self):
self.client = Client()
def test_valid_simple_initial_form_submission_loggedin(self):
logged_in_person = Person.objects.get(userid="ggbaker")
self.client.login_user(logged_in_person.userid)
old_form_submission_count = len(FormSubmission.objects.all())
old_sheet_submission_count = len(SheetSubmission.objects.all())
url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-simple-form"})
response = basic_page_tests(self, self.client, url)
self.assertEqual(response.status_code, 200)
# make sure it's not displaying the add-nonsfu form
self.assertNotContains(response, '<input type="hidden" name="add-nonsfu" value="True"/>')
# check for some important fields
# note: the keys are the slugs of the field
fill_data = {"favorite-color": "Black", "reason": "Because it's metal", "second-favorite-color": "Green"}
# submit the form
post_data = {
'0': fill_data["favorite-color"],
'1': fill_data["reason"],
'2': fill_data["second-favorite-color"],
'submit': "Yesplease",
}
response = self.client.post(url, post_data, follow=True)
self.assertEqual(response.status_code, 200)
# check that a success messaging is being displayed
self.assertContains(response, '<li class="success">')
# check that one form submission and one sheet submission got created
self.assertEqual(old_form_submission_count + 1, len(FormSubmission.objects.all()))
self.assertEqual(old_sheet_submission_count + 1, len(SheetSubmission.objects.all()))
# find the submission in the database
form_submission = FormSubmission.objects.latest('id')
self.assertTrue(form_submission)
sheet_submission = SheetSubmission.objects.latest('id')
self.assertTrue(sheet_submission)
self.assertEqual(sheet_submission.form_submission, form_submission)
# make sure the person we logged in as got form initiator credits
self.assertTrue(form_submission.initiator.isSFUPerson())
self.assertEqual(form_submission.initiator.sfuFormFiller, logged_in_person)
# do the same for the sheet submission
self.assertTrue(sheet_submission.filler.isSFUPerson())
self.assertEqual(sheet_submission.filler.sfuFormFiller, logged_in_person)
# verify the data
field_submissions = FieldSubmission.objects.filter(sheet_submission=sheet_submission).order_by('field__order')
self.assertEqual(len(fill_data), len(field_submissions))
for field_submission in field_submissions:
self.assertEqual(fill_data[field_submission.field.slug], field_submission.data['info'])
# check the sheet submission and form submission status
self.assertEqual(sheet_submission.status, "DONE")
# form submissions is pending until someone manually marks it done
self.assertEqual(form_submission.status, "PEND")
def test_valid_simple_initial_form_submission_anonymous(self):
person = {'first_name': "Alan", 'last_name': "Turing", 'email_address': "*****@*****.**"}
old_form_submission_count = len(FormSubmission.objects.all())
old_sheet_submission_count = len(SheetSubmission.objects.all())
url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-simple-form"})
response = basic_page_tests(self, self.client, url)
self.assertEqual(response.status_code, 200)
# check that the non sfu form is up
self.assertContains(response, '<input type="hidden" name="add-nonsfu" value="True"/>')
# check for some important fields
# note: the keys are the slugs of the field
fill_data = {"favorite-color": "Black", "reason": "Because it's metal", "second-favorite-color": "Green"}
# submit the form
post_data = {
'first_name': person["first_name"],
'last_name': person["last_name"],
'email_address': person["email_address"],
'add-nonsfu': True,
'0': fill_data["favorite-color"],
'1': fill_data["reason"],
'2': fill_data["second-favorite-color"],
'submit': "Okay go",
}
response = self.client.post(url, post_data, follow=True)
self.assertEqual(response.status_code, 200)
# check that a success messaging is being displayed
self.assertContains(response, '<li class="success">')
# check that one form submission and one sheet submission got created
self.assertEqual(old_form_submission_count + 1, len(FormSubmission.objects.all()))
self.assertEqual(old_sheet_submission_count + 1, len(SheetSubmission.objects.all()))
# find the submission in the database
form_submission = FormSubmission.objects.latest('id')
self.assertTrue(form_submission)
sheet_submission = SheetSubmission.objects.latest('id')
self.assertTrue(sheet_submission)
self.assertEqual(sheet_submission.form_submission, form_submission)
# make sure the person we logged in as got form initiator credits
self.assertFalse(form_submission.initiator.isSFUPerson())
self.assertEqual(form_submission.initiator.name(), "%s %s" % (person["first_name"], person["last_name"]))
self.assertEqual(form_submission.initiator.email(), person["email_address"])
# do the same for the sheet submission
self.assertFalse(sheet_submission.filler.isSFUPerson())
self.assertEqual(form_submission.initiator.name(), "%s %s" % (person["first_name"], person["last_name"]))
self.assertEqual(form_submission.initiator.email(), person["email_address"])
# verify the data
field_submissions = FieldSubmission.objects.filter(sheet_submission=sheet_submission).order_by('field__order')
self.assertEqual(len(fill_data), len(field_submissions))
for field_submission in field_submissions:
self.assertEqual(fill_data[field_submission.field.slug], field_submission.data['info'])
# check the sheet submission and form submission status
self.assertEqual(sheet_submission.status, "DONE")
# form submissions is pending until someone manually marks it done
self.assertEqual(form_submission.status, "PEND")
def test_invalid_nonsfu_missing_elements(self):
old_form_submission_count = len(FormSubmission.objects.all())
old_sheet_submission_count = len(SheetSubmission.objects.all())
url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-simple-form"})
response = basic_page_tests(self, self.client, url)
# test with each field missing
person_nofirst = {'first_name': "", 'last_name': "Turing", 'email_address': "*****@*****.**"}
person_nolast = {'first_name': "Alan", 'last_name': "", 'email_address': "*****@*****.**"}
person_noemail = {'first_name': "Alan", 'last_name': "Turing", 'email_address': ""}
people = [person_nofirst, person_nolast, person_noemail]
fill_data = {"favorite-color": "Black", "reason": "Because it's metal", "second-favorite-color": "Green"}
for person in people:
# submit with empty user info
post_data = {
'first_name': person['first_name'],
'last_name': person['last_name'],
'email_address': person['email_address'],
'add-nonsfu': True,
'0': fill_data["favorite-color"],
'1': fill_data["reason"],
'2': fill_data["second-favorite-color"],
'submit': "Yes",
}
response = self.client.post(url, post_data, follow=True)
self.assertEqual(response.status_code, 200)
# make sure no success
self.assertNotContains(response, '<li class="success">')
# make sure there was an error
self.assertContains(response, '<li class="error">')
# make sure nothing got added to the database
self.assertEqual(old_form_submission_count, len(FormSubmission.objects.all()))
self.assertEqual(old_sheet_submission_count, len(SheetSubmission.objects.all()))
def test_invalid_forbidden_initial(self):
# this form doesn't allow non-sfu students to fill it out, so if we
# are not logged in and we try to access it it should return forbidden
url = reverse('onlineforms.views.sheet_submission_initial', kwargs={'form_slug': "comp-multi-sheet-form"})
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
class ViewTestCase(TestCase):
fixtures = ['basedata', 'coredata', 'onlineforms', 'onlineforms/extra_test_data']
slug_data = {'formgroup_slug': "cmpt-admins",
'formsubmit_slug': "submission-comp-simple-form-2",
'form_slug': "comp-simple-form",
'sheet_slug': "initial",
'field_slug': "favorite-color",
'sheetsubmit_slug': "submission-initial-2",
'secret_url': "b50d3a695edf877df2a2100376d493f1aec5c26a",
'non_initial_sheet_slug': "initial-000",
'non_initial_sheetsubmit_slug': "submission-noninitial"}
def setUp(self):
self.client = Client()
logged_in_person = Person.objects.get(userid="dzhao")
self.client.login_user(logged_in_person.userid)
# make sure the sheetsub is owned by the logged in user (to correct for wonky test data)
sheetsub = SheetSubmission.objects.get(form_submission__slug=self.slug_data["formsubmit_slug"], slug=self.slug_data["sheetsubmit_slug"])
ff = sheetsub.filler
ff.sfuFormFiller = logged_in_person
ff.save()
def test_no_arg_pages(self):
views = ['manage_groups',
'new_group',
'admin_list_all',
'admin_assign_any',
'list_all',
'new_form',
'index']
self.run_basic_page_tests(views, {})
def test_formgroup_pages(self):
views = ['manage_group']
args = {'formgroup_slug': self.slug_data["formgroup_slug"]}
self.run_basic_page_tests(views, args)
def test_form_pages(self):
views = ['view_form', 'edit_form', 'preview_form', 'new_sheet', 'sheet_submission_initial']
args = {'form_slug': self.slug_data["form_slug"]}
self.run_basic_page_tests(views, args)
def test_sheet_pages(self):
views = ['edit_sheet', 'edit_sheet_info', 'new_field']
args = {'form_slug': self.slug_data["form_slug"], 'sheet_slug': self.slug_data["sheet_slug"]}
self.run_basic_page_tests(views, args)
def test_field_pages(self):
views = ['edit_field']
args = {'form_slug': self.slug_data["form_slug"],
'sheet_slug': self.slug_data["sheet_slug"],
'field_slug': self.slug_data["field_slug"]}
self.run_basic_page_tests(views, args)
def test_form_submission_pages(self):
views = ['view_submission']
args = {'form_slug': self.slug_data["form_slug"], 'formsubmit_slug': self.slug_data["formsubmit_slug"]}
self.run_basic_page_tests(views, args)
def test_secret_url_pages(self):
views = ['sheet_submission_via_url']
args = {'secret_url': self.slug_data["secret_url"]}
self.run_basic_page_tests(views, args)
def test_total_submission_pages(self):
views = ['sheet_submission_subsequent']
args = {'form_slug': self.slug_data["form_slug"],
'sheet_slug': self.slug_data["non_initial_sheet_slug"],
'formsubmit_slug': self.slug_data["formsubmit_slug"],
'sheetsubmit_slug': self.slug_data["non_initial_sheetsubmit_slug"]}
self.run_basic_page_tests(views, args)
views = ['admin_return_sheet']
del args['sheet_slug']
self.run_basic_page_tests(views, args)
def test_admin_submission(self):
views = ['view_submission',]
args = {'form_slug': self.slug_data["form_slug"], 'formsubmit_slug': self.slug_data["formsubmit_slug"]}
self.run_basic_page_tests(views, args)
sheetsub = SheetSubmission.objects.get(form_submission__slug=self.slug_data["formsubmit_slug"], slug=self.slug_data["sheetsubmit_slug"])
sheetsub.status = 'DONE'
sheetsub.save()
self.run_basic_page_tests(views, args)
def run_basic_page_tests(self, views, arguments):
for view in views:
try:
url = reverse('onlineforms:' + view, kwargs=arguments)
response = basic_page_tests(self, self.client, url)
self.assertEqual(response.status_code, 200)
except:
print("with view==" + repr(view))
raise
def test_returning_initial_sheet(self):
# We should no longer be able to return the initial sheet.
args = {'form_slug': self.slug_data["form_slug"],
'formsubmit_slug': self.slug_data["formsubmit_slug"],
'sheetsubmit_slug': self.slug_data["sheetsubmit_slug"]}
try:
url = reverse('onlineforms:admin_return_sheet', kwargs=args)
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
except:
print("with view == views.admin_return_sheet")
raise
def test_new_nonstudent_is_advisor(self):
client = Client()
client.login_user("dzhao")
response = client.get(reverse('advising:new_nonstudent'))
self.assertEqual(response.status_code, 200)
class APITest(TestCase):
fixtures = ['basedata', 'coredata']
def setUp(self):
self.faketime = 525942870
self.client = Client()
# create a Consumer (and associated stuff)
try:
u = User.objects.get(username='******')
except User.DoesNotExist:
u = User(username='******')
u.save()
try:
c = Consumer.objects.get(name='Test Consumer')
except Consumer.DoesNotExist:
c = Consumer(name='Test Consumer')
c.description = 'Consumer to do some tests with'
c.status = ACCEPTED
c.user = u
c.xauth_allowed = False
c.generate_random_codes()
c.save()
self.consumer = c
i = ConsumerInfo(consumer=c)
i.admin_contact = '*****@*****.**'
i.permissions = ['courses']
i.timestamp = self.faketime - 10 # make sure the ConsumerInfo was there "before" the Token was created
i.save()
self.consumerinfo = i
# create an access token so we can jump in to requests
try:
t = Token.objects.get(token_type=Token.ACCESS, consumer=c, user=u)
except Token.DoesNotExist:
t = Token(token_type=Token.ACCESS, consumer=c, user=u, timestamp=self.faketime)
t.is_approved = True
t.generate_random_codes()
t.verifier = VERIFIER
t.save()
self.token = t
def test_consumerinfo(self):
# replace time.time with a function that always returns ( 7:14AM, Sept 1, 1986 )
# make sure we get the right ConsumerInfo object for a token
i0 = ConsumerInfo(consumer=self.consumer, admin_contact='foo', permissions=['everything', 'nothing'])
i0.timestamp = self.faketime - 100
i0.save()
i2 = ConsumerInfo(consumer=self.consumer, admin_contact='foo', permissions=['something'])
i2.timestamp = self.faketime + 100
i2.save()
# we should retrieve the most recent before token creation: this is what the user agreed to.
perms = ConsumerInfo.allowed_permissions(self.token)
self.assertEqual(perms, ['courses'])
# if it has been deactivated, then no permissions remain
self.consumerinfo.deactivated = True
self.consumerinfo.save()
perms = ConsumerInfo.allowed_permissions(self.token)
self.assertEqual(perms, [])
def test_head_request(self):
"Make sure HEAD requests work with the cache mixin"
self.client.login_user('ggbaker')
url = reverse('api:APIRoot', kwargs={})
resp = self.client.head(url)
def test_all_endpoints(self):
client = self.client
client.login_user("ggbaker")
tester = APIEndpointTester(client, self)
tester.check_endpoint('api:APIRoot', {})
tester.check_endpoint('api:MyOfferings', {})
tester.check_endpoint('api:OfferingInfo', {'course_slug': TEST_COURSE_SLUG})
tester.check_endpoint('api:OfferingActivities', {'course_slug': TEST_COURSE_SLUG})
tester.check_endpoint('api:OfferingGrades', {'course_slug': TEST_COURSE_SLUG})
tester.check_endpoint('api:OfferingStats', {'course_slug': TEST_COURSE_SLUG})
tester.check_endpoint('api:OfferingStudents', {'course_slug': TEST_COURSE_SLUG})
tester.check_found_links()
def test_class_list_permission(self):
"""
Check that the class list API endpoint has the right permissions
"""
client = self.client
# no auth: should be forbidden
url = reverse('api:OfferingStudents', kwargs={'course_slug': TEST_COURSE_SLUG})
resp = self.client.get(url)
self.assertEqual(resp.status_code, 403)
data = json.loads(resp.content.decode('utf8'))
self.assertIsInstance(data, dict)
self.assertEqual(list(data.keys()), ['detail'])
# as instructor: should return class list
client.login_user("ggbaker")
url = reverse('api:OfferingStudents', kwargs={'course_slug': TEST_COURSE_SLUG})
resp = self.client.get(url)
self.assertEqual(resp.status_code, 200)
data = json.loads(resp.content.decode('utf8'))
self.assertIsInstance(data, list)
self.assertEqual({d['userid'] for d in data},
{m.person.userid for m in Member.objects.filter(offering__slug=TEST_COURSE_SLUG, role='STUD')
.select_related('person')})
# as a student: should be forbidden
client.login_user("0aaa0")
url = reverse('api:OfferingStudents', kwargs={'course_slug': TEST_COURSE_SLUG})
resp = self.client.get(url)
self.assertEqual(resp.status_code, 403)
data = json.loads(resp.content.decode('utf8'))
self.assertIsInstance(data, dict)
self.assertEqual(list(data.keys()), ['detail'])
