def test_comment_visibility(admin_user): shop = factories.get_default_shop() admin_contact = get_person_contact(admin_user) staff_user = factories.create_random_user("en", is_staff=True) staff_contact = get_person_contact(staff_user) shop.staff_members.add(staff_user) normal_user = factories.create_random_user("en") normal_contact = get_person_contact(normal_user) task_type = TaskType.objects.create(name="Request", shop=shop) task = create_task(shop, admin_contact, task_type, "my task") task.comment(admin_contact, "This is only visibile for super users", TaskCommentVisibility.ADMINS_ONLY) task.comment(staff_contact, "This is only visibile for staff only", TaskCommentVisibility.STAFF_ONLY) task.comment(normal_contact, "This is visibile for everyone", TaskCommentVisibility.PUBLIC) # admin see all comments assert task.comments.for_contact(admin_contact).count() == 3 # staff see all public + staff only assert task.comments.for_contact(staff_contact).count() == 2 # normal contact see all public assert task.comments.for_contact(normal_contact).count() == 1 # anonymous contact see all public assert task.comments.for_contact(AnonymousContact()).count() == 1
def test_get_shop(rf, get_shop_fn): with override_settings(E-Commerce_ENABLE_MULTIPLE_SHOPS=True): activate("en") shop1 = Shop.objects.create(identifier="shop1", status=ShopStatus.ENABLED) shop2 = Shop.objects.create(identifier="shop2", status=ShopStatus.ENABLED) normal_user = factories.create_random_user() staff_user = factories.create_random_user(is_staff=True) request = apply_request_middleware(rf.post("/"), user=normal_user, skip_session=True) # user not staff assert get_shop_fn(request) is None # staff user now with pytest.raises(PermissionDenied) as exc: request = apply_request_middleware(rf.post("/"), user=staff_user) assert exc.value == "You are not a staff member of this shop" # no shop set assert get_shop_fn(request) is None # adds the user to a shop shop1.staff_members.add(staff_user) request = apply_request_middleware(rf.post("/"), user=staff_user, skip_session=True) assert get_shop_fn(request) == shop1 # adds the user to another shop shop2.staff_members.add(staff_user) # still the first shop as we do not set any assert get_shop_fn(request) == shop1 for shop in [shop1, shop2]: request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) assert get_shop_fn(request) == shop
def _test_happy_hours_delete_view(rf, index): shop = factories.get_shop(identifier="shop%s" % index, enabled=True) staff_user = factories.create_random_user(is_staff=True) shop.staff_members.add(staff_user) happy_hour_name = "The Hour %s" % index happy_hour = HappyHour.objects.create(name=happy_hour_name) happy_hour.shops = [shop] extra_happy_hour= HappyHour.objects.create(name="Extra Hour %s" % index) extra_happy_hour.shops = [shop] assert HappyHour.objects.filter(name=happy_hour_name).exists() view_func = HappyHourDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) response = view_func(request, pk=happy_hour.pk) if hasattr(response, "render"): response.render() assert response.status_code == 302 assert not HappyHour.objects.filter(name=happy_hour_name).exists() # Make sure that this staff can't remove other people discounts other_exceptions = HappyHour.objects.exclude(shops=shop) exception_count = other_exceptions.count() for coupon in other_exceptions: view_func = HappyHourDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) with pytest.raises(Http404): response = view_func(request, pk=coupon.pk) if hasattr(response, "render"): response.render() assert exception_count == HappyHour.objects.exclude(shops=shop).count()
def test_set_non_shop_member_customer(rf): """ Set some customer to the basket that is not member of the shop """ with override_settings(**CORE_BASKET_SETTINGS): shop = factories.get_shop(False) assert shop != factories.get_default_shop() user = factories.create_random_user() request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = get_person_contact(user) assert basket.shop == factories.get_default_shop() person = factories.create_random_person() person.shops.add(shop) company = factories.create_random_company() company.add_to_shop(shop) for customer in [person, company]: with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, customer) assert exc.value.code == "invalid_customer_shop" assert basket.customer == get_person_contact(user)
def test_authenticate_form_without_consent_checkboxes(client): activate("en") shop = factories.get_default_shop() user = factories.create_random_user("en") user.email = "*****@*****.**" user.set_password("1234") user.save() consent_text = printable_gibberish() gdpr_settings = GDPRSettings.get_for_shop(shop) gdpr_settings.enabled = True gdpr_settings.skip_consent_on_auth = True gdpr_settings.auth_consent_text = consent_text gdpr_settings.save() # create privacy policy GDPR document privacy_policy = ensure_gdpr_privacy_policy(shop) redirect_target = "/redirect-success/" client = SmartClient() login_url = reverse("E-Commerce:login") response = client.get(login_url) soup = BeautifulSoup(response.content) login_form = soup.find("form", {"action": "/login/"}) assert len(login_form.findAll("input")) == 4 assert consent_text in login_form.text # user didn't check the privacy policy agreement response = client.post(login_url, data={ "username": user.email, "password": "******", REDIRECT_FIELD_NAME: redirect_target }) assert response.status_code == 302
def test_company_contact_for_shop_staff(rf, admin_user): company_contact = get_company_contact(admin_user) assert company_contact is None shop = factories.get_default_shop() # Let's create shop for the shop staff company_contact = get_company_contact_for_shop_staff(shop, admin_user) company_contact = get_company_contact_for_shop_staff(shop, admin_user) assert company_contact is not None # Let's create second staff member to make sure all good with # creating company contact for shop staff. new_staff_user = factories.create_random_user() with pytest.raises(AssertionError): get_company_contact_for_shop_staff(shop, new_staff_user) new_staff_user.is_staff = True new_staff_user.save() with pytest.raises(AssertionError): # Since the new staff is not in shop members. The admin user # passed since he is also superuser. get_company_contact_for_shop_staff(shop, new_staff_user) shop.staff_members.add(new_staff_user) assert company_contact == get_company_contact_for_shop_staff(shop, new_staff_user) # Make sure both user has person contact linked to the company contact company_members = company_contact.members.all() assert get_person_contact(admin_user) in company_members assert get_person_contact(new_staff_user) in company_members
def test_update_injection(): shop = factories.get_default_shop() client = SmartClient() index_url = reverse("E-Commerce:index") page = ensure_gdpr_privacy_policy(shop) shop_gdpr = GDPRSettings.get_for_shop(shop) shop_gdpr.enabled = True shop_gdpr.privacy_policy = page shop_gdpr.save() assert_update(client, index_url, False) # nothing consented in past, should not show user = factories.create_random_user("en") password = "******" user.set_password(password) user.save() client.login(username=user.username, password=password) assert_update(client, index_url, False) # no consent given, should not be visible create_user_consent_for_all_documents(shop, user) assert_update(client, index_url, False) with reversion.create_revision(): page.save() assert not is_documents_consent_in_sync(shop, user) assert_update(client, index_url, True) # consent client.get(reverse("E-Commerce:gdpr_policy_consent", kwargs=dict(page_id=page.pk))) assert is_documents_consent_in_sync(shop, user) assert_update(client, index_url, False)
def test_category_tour(browser, admin_user, live_server, settings): shop = factories.get_default_shop() shop2 = factories.get_shop(identifier="shop2") admin_user_2 = factories.create_random_user(is_staff=True, is_superuser=True) admin_user_2.set_password("password") admin_user_2.save() shop.staff_members.add(admin_user) shop.staff_members.add(admin_user_2) for user in [admin_user, admin_user_2]: initialize_admin_browser_test(browser, live_server, settings, username=user.username, tour_complete=False) wait_until_condition(browser, lambda x: x.is_text_present("Welcome!")) browser.visit(live_server + "/sa/categories/new") wait_until_condition(browser, lambda x: x.is_text_present("Add a new product category"), timeout=30) wait_until_condition(browser, lambda x: x.is_element_present_by_css(".shepherd-button.btn-primary")) click_element(browser, ".shepherd-button.btn-primary") wait_until_condition(browser, lambda x: not x.is_element_present_by_css(".shepherd-button")) wait_until_condition(browser, lambda x: is_tour_complete(shop, "category", user)) # check whether the tour is shown again browser.visit(live_server + "/sa/categories/new") wait_until_condition(browser, lambda x: not x.is_text_present("Add a new product category")) browser.visit(live_server + "/logout") browser.visit(live_server + "/sa") assert is_tour_complete(shop2, "category", user) is False
def _test_coupon_code_list_view(rf, index): shop = factories.get_shop(identifier="shop%s" % index, enabled=True) staff_user = factories.create_random_user(is_staff=True) shop.staff_members.add(staff_user) coupon_code = CouponCode.objects.create(code="%s" % index) coupon_code.shops = [shop] view_func = CouponCodeListView.as_view() request = apply_request_middleware( rf.get("/", { "jq": json.dumps({"perPage": 100, "page": 1}) }), user=staff_user, shop=shop) set_shop(request, shop) response = view_func(request) if hasattr(response, "render"): response.render() assert response.status_code == 200 view_instance = CouponCodeListView() view_instance.request = request assert request.shop == shop assert view_instance.get_queryset().count() == 1 data = json.loads(view_instance.get(request).content.decode("UTF-8")) assert len(data["items"]) == 1 coupon_code_data = [item for item in data["items"] if item["_id"] == coupon_code.pk][0] assert coupon_code_data["usages"] == 0
def test_force_views_only_for_staff(rf): shop = factories.get_default_shop() user = factories.create_random_user(is_staff=True) person_contact = get_person_contact(user) # Start forcing. There shouldn't be any changes to # request customer due calling the force functions since # those just do the redirect in case the current is user # is not shop staff. request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact _call_force_view(request, force_anonymous_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact _call_force_view(request, force_person_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact _call_force_view(request, force_company_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact assert get_company_contact(user) is None
def _test_coupon_code_delete_view(rf, index): shop = factories.get_shop(identifier="shop%s" % index, enabled=True) staff_user = factories.create_random_user(is_staff=True) shop.staff_members.add(staff_user) code = "code-%s" % index coupon = CouponCode.objects.create(code=code) coupon.shops = [shop] extra_coupon = CouponCode.objects.create(code="extra-coupon-%s" % index) extra_coupon.shops = [shop] assert CouponCode.objects.filter(code=code).exists() view_func = CouponCodeDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) response = view_func(request, pk=coupon.pk) if hasattr(response, "render"): response.render() assert response.status_code == 302 assert not CouponCode.objects.filter(code=code).exists() # Make sure that this staff can't remove other people discounts other_coupons = CouponCode.objects.exclude(shops=shop) coupon_count = other_coupons.count() for coupon in other_coupons: view_func = CouponCodeDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) with pytest.raises(Http404): response = view_func(request, pk=coupon.pk) if hasattr(response, "render"): response.render() assert coupon_count == CouponCode.objects.exclude(shops=shop).count()
def test_add_product_with_extra_parent_line(rf): """ Add product to basket with extra info and parent line """ with override_settings(**CORE_BASKET_SETTINGS): shop = factories.get_default_shop() user = factories.create_random_user() product = factories.create_product("product", shop, factories.get_default_supplier(), 10) request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = get_person_contact(user) cmd_response = basket_commands.handle_add(request, basket, product.id, 1, extra={"more": "stuff"}) line_id1 = cmd_response["line_id"] assert cmd_response["ok"] line1 = basket.get_basket_line(line_id1) assert line1._data["more"] == "stuff" cmd_response = basket_commands.handle_add( request, basket, product.id, 1, parent_line=line1, force_new_line=True) line_id2 = cmd_response["line_id"] assert cmd_response["ok"] line2 = basket.get_basket_line(line_id2) assert not line2._data assert line_id1 != line_id2 assert line2.parent_line.line_id == line_id1
def test_reset_admin_user_password(client): get_default_shop() user = factories.create_random_user("en", is_staff=True, is_active=True, email=REGULAR_USER_EMAIL) user.set_password(REGULAR_USER_PASSWORD) user.save(update_fields=("password",)) assert len(mail.outbox) == 0 response = client.post(reverse("E-Commerce_admin:request_password"), data={ "email": user.email }) assert response.status_code == 302 assert response.get("location") assert response.get("location").endswith(reverse("E-Commerce_admin:login")) assert len(mail.outbox) == 1 email_content = mail.outbox[0].body url = email_content[email_content.find("http"):] _, _, _, _, _, uid, token, _ = url.split("/") new_password = "******" response = client.post(reverse("E-Commerce_admin:recover_password", kwargs=dict(uidb64=uid, token=token)), data={ "new_password1": new_password, "new_password2": new_password }) assert response.status_code == 302 assert response.get("location") assert response.get("location").endswith(reverse("E-Commerce_admin:login")) assert len(mail.outbox) == 1 user.refresh_from_db() assert user.check_password(new_password)
def _test_happy_hours_list_view(rf, index): shop = factories.get_shop(identifier="shop%s" % index, enabled=True) staff_user = factories.create_random_user(is_staff=True) shop.staff_members.add(staff_user) happy_hour = HappyHour.objects.create(name="After Work %s" % index) happy_hour.shops = [shop] view_func = HappyHourListView.as_view() request = apply_request_middleware( rf.get("/", { "jq": json.dumps({"perPage": 100, "page": 1}) }), user=staff_user, shop=shop) set_shop(request, shop) response = view_func(request) if hasattr(response, "render"): response.render() assert response.status_code == 200 view_instance = HappyHourListView() view_instance.request = request assert request.shop == shop assert view_instance.get_queryset().count() == 1 data = json.loads(view_instance.get(request).content.decode("UTF-8")) assert len(data["items"]) == 1
def _test_exception_delete_view(rf, index): shop = factories.get_shop(identifier="shop%s" % index, enabled=True) staff_user = factories.create_random_user(is_staff=True) shop.staff_members.add(staff_user) exception_name = "Exception %s" % index exception = AvailabilityException.objects.create( name=exception_name, start_datetime=now(), end_datetime=now()) exception.shops = [shop] extra_exception = AvailabilityException.objects.create( name="Extra Exception %s" % index, start_datetime=now(), end_datetime=now()) extra_exception.shops = [shop] assert AvailabilityException.objects.filter(name=exception_name).exists() view_func = AvailabilityExceptionDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) response = view_func(request, pk=exception.pk) if hasattr(response, "render"): response.render() assert response.status_code == 302 assert not AvailabilityException.objects.filter(name=exception_name).exists() # Make sure that this staff can't remove other people discounts other_exceptions = AvailabilityException.objects.exclude(shops=shop) exception_count = other_exceptions.count() for coupon in other_exceptions: view_func = AvailabilityExceptionDeleteView.as_view() request = apply_request_middleware(rf.post("/"), user=staff_user, shop=shop) set_shop(request, shop) with pytest.raises(Http404): response = view_func(request, pk=coupon.pk) if hasattr(response, "render"): response.render() assert exception_count == AvailabilityException.objects.exclude(shops=shop).count()
def test_product_tour(browser, admin_user, live_server, settings): shop = factories.get_default_shop() shop2 = factories.get_shop(identifier="shop2") admin_user_2 = factories.create_random_user(is_staff=True, is_superuser=True) admin_user_2.set_password("password") admin_user_2.save() product = factories.get_default_product() shop_product = product.get_shop_instance(shop) shop.staff_members.add(admin_user) shop.staff_members.add(admin_user_2) for user in [admin_user, admin_user_2]: initialize_admin_browser_test(browser, live_server, settings, username=user.username, tour_complete=False) wait_until_condition(browser, lambda x: x.is_text_present("Welcome!")) browser.visit(live_server + "/sa/products/%d/" % shop_product.pk) wait_until_condition(browser, lambda x: x.is_text_present(shop_product.product.name)) # as this is added through javascript, add an extra timeout wait_until_condition(browser, lambda x: x.is_text_present("You are adding a product."), timeout=30) wait_until_condition(browser, lambda x: x.is_element_present_by_css(".shepherd-button.btn-primary")) click_element(browser, ".shepherd-button.btn-primary") category_targets = [ "a.shepherd-enabled[href='#basic-information-section']", "a.shepherd-enabled[href='#additional-details-section']", "a.shepherd-enabled[href='#manufacturer-section']", "a.shepherd-enabled[href*='-additional-section']", "a.shepherd-enabled[href='#product-media-section']", "a.shepherd-enabled[href='#product-images-section']", "a.shepherd-enabled[href='#contact-group-pricing-section']", "a.shepherd-enabled[href='#contact-group-discount-section']" ] # Scroll top before starting to click. For some reason the first # item is not found without this. For Firefox or Chrome the browser # does not do any extra scroll which could hide the first item. # Steps are scrollTo false on purpose since the scrollTo true is the # config which does not work in real world. browser.execute_script("window.scrollTo(0,0)") for target in category_targets: try: wait_until_condition(browser, lambda x: x.is_element_present_by_css(target)) browser.find_by_css(".shepherd-button.btn-primary").last.click() except ElementNotInteractableException: move_to_element(browser, ".shepherd-button.btn-primary") wait_until_condition(browser, lambda x: x.is_element_present_by_css(target)) browser.find_by_css(".shepherd-button.btn-primary").last.click() wait_until_condition(browser, lambda x: is_tour_complete(shop, "product", user)) # check whether the tour is shown again browser.visit(live_server + "/sa/products/%d/" % shop_product.pk) wait_until_condition(browser, lambda x: not x.is_text_present("You are adding a product."), timeout=20) assert is_tour_complete(shop2, "product", user) is False browser.visit(live_server + "/logout") browser.visit(live_server + "/sa")
def test_set_company_customer(rf): """ Set a company as the basket customer """ with override_settings(**CORE_BASKET_SETTINGS): user = factories.create_random_user() request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = get_person_contact(user) person = factories.create_random_person() company = factories.create_random_company() # no orderer provided with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, company) assert exc.value.code == "invalid_orderer" assert basket.customer == get_person_contact(user) # orderer provided but not member of the company with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, company, person) assert exc.value.code == "orderer_not_company_member" assert basket.customer == get_person_contact(user) # orderer provided but user not member of the company company.members.add(person) with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, company, person) assert exc.value.code == "not_company_member" assert basket.customer == get_person_contact(user) # staff and admin can add any the company and orderer without being member of the company superuser = factories.create_random_user(is_superuser=True) staff = factories.create_random_user(is_staff=True) basket.shop.staff_members.add(staff) for user in [superuser, staff]: basket.customer = None basket.orderer = None request = apply_request_middleware(rf.get("/"), user=user) assert basket_commands.handle_set_customer(request, basket, company, person)["ok"] is True assert basket.customer == company assert basket.orderer == person
def test_product_campaigns_section(rf, admin_user): shop = factories.get_default_shop() supplier = factories.get_default_supplier() product = factories.create_product("test", shop=shop, supplier=supplier, default_price=10) campaign1 = _create_active_campaign(shop, supplier, product) campaign2 = _create_active_campaign(shop, None, product) shop_staff_user = factories.create_random_user(is_staff=True) shop.staff_members.add(shop_staff_user) supplier_staff_user = factories.create_random_user(username=supplier.identifier, is_staff=True) shop.staff_members.add(supplier_staff_user) supplier_provider = "E-Commerce.testing.supplier_provider.UsernameSupplierProvider" with override_settings(E-Commerce_ADMIN_SUPPLIER_PROVIDER_SPEC=supplier_provider): request = apply_request_middleware(rf.get("/"), user=admin_user) request.shop = shop assert get_supplier(request) is None context = ProductCampaignsSection.get_context_data(product, request) assert context[shop]["basket_campaigns"].count() == 2 request = apply_request_middleware(rf.get("/"), user=shop_staff_user) request.shop = shop assert get_supplier(request) is None context = ProductCampaignsSection.get_context_data(product, request) assert context[shop]["basket_campaigns"].count() == 2 request = apply_request_middleware(rf.get("/"), user=supplier_staff_user) request.shop = shop assert get_supplier(request) == supplier context = ProductCampaignsSection.get_context_data(product, request) assert context[shop]["basket_campaigns"].count() == 1 campaign1.supplier = None campaign1.save() context = ProductCampaignsSection.get_context_data(product, request) assert context[shop]["basket_campaigns"].count() == 0 BasketCampaign.objects.update(supplier=supplier) context = ProductCampaignsSection.get_context_data(product, request) assert context[shop]["basket_campaigns"].count() == 2
def test_set_shop(rf, set_shop_fn, get_shop_fn): with override_settings(E-Commerce_ENABLE_MULTIPLE_SHOPS=True): activate("en") factories.get_default_shop() shop1 = Shop.objects.create(identifier="shop1", status=ShopStatus.ENABLED) shop2 = Shop.objects.create(identifier="shop2", status=ShopStatus.ENABLED) normal_user = factories.create_random_user() staff_user = factories.create_random_user(is_staff=True) request = apply_request_middleware(rf.post("/"), user=normal_user, skip_session=True) # user not staff with pytest.raises(PermissionDenied) as exc: set_shop_fn(request, shop1) assert exc.value == "You must be a staff user" # staff user now with pytest.raises(PermissionDenied) as exc: request = apply_request_middleware(rf.post("/"), user=staff_user) assert exc.value == "You are not a staff member of this shop" # the user is not member of the shop staff with pytest.raises(PermissionDenied): set_shop_fn(request, shop1) assert get_shop_fn(request) is None # user is member of the shop staff shop1.staff_members.add(staff_user) request = apply_request_middleware(rf.post("/"), user=staff_user, skip_session=True) set_shop_fn(request, shop1) assert get_shop_fn(request) == shop1 # can't set a shop which user is not member with pytest.raises(PermissionDenied): set_shop_fn(request, shop2) assert get_shop_fn(request) == shop1 # adds the user to another shop shop2.staff_members.add(staff_user) set_shop_fn(request, shop2) assert get_shop_fn(request) == shop2
def test_set_different_customer(rf): """ Set some customer to the basket that is not the request one """ with override_settings(**CORE_BASKET_SETTINGS): user = factories.create_random_user() request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = get_person_contact(user) person1 = factories.create_random_person() with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, person1) assert exc.value.code == "no_permission" assert basket.customer == get_person_contact(user) # with superuser person2 = factories.create_random_person() superuser = factories.create_random_user(is_superuser=True) request = apply_request_middleware(rf.get("/"), user=superuser) assert basket_commands.handle_set_customer(request, basket, person2)["ok"] is True assert basket.customer == person2 assert basket.orderer == person2 # with staff user not member of the shop person3 = factories.create_random_person() staff = factories.create_random_user(is_staff=True) request = apply_request_middleware(rf.get("/"), user=staff) with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, person3) assert exc.value.code == "no_permission" assert basket.customer == person2 assert basket.orderer == person2 # with staff user member of the shop person4 = factories.create_random_person() staff_member = factories.create_random_user(is_staff=True) basket.shop.staff_members.add(staff_member) request = apply_request_middleware(rf.get("/"), user=staff_member) assert basket_commands.handle_set_customer(request, basket, person4)["ok"] is True assert basket.customer == person4 assert basket.orderer == person4
def test_home_tour(browser, admin_user, live_server, settings): shop = factories.get_default_shop() shop2 = factories.get_shop(identifier="shop2") admin_user_2 = factories.create_random_user(is_staff=True, is_superuser=True) admin_user_2.set_password("password") admin_user_2.save() shop.staff_members.add(admin_user) shop.staff_members.add(admin_user_2) for user in [admin_user, admin_user_2]: initialize_admin_browser_test(browser, live_server, settings, username=user.username, tour_complete=False) wait_until_condition(browser, lambda x: x.is_text_present("Welcome!")) browser.visit(live_server + "/sa/home") wait_until_condition(browser, lambda x: x.is_text_present("Hi, new shop owner!"), timeout=30) wait_until_condition(browser, lambda x: x.is_element_present_by_css(".shepherd-button.btn-primary")) click_element(browser, ".shepherd-button.btn-primary") category_targets = [ ".shepherd-enabled[data-target-id='category-1'", ".shepherd-enabled[data-target-id='category-2'", ".shepherd-enabled[data-target-id='category-3'", ".shepherd-enabled[data-target-id='category-5'", ".shepherd-enabled[data-target-id='category-9'", ".shepherd-enabled[data-target-id='category-4'", ".shepherd-enabled[data-target-id='category-6'", ".shepherd-enabled[data-target-id='category-7'", ".shepherd-enabled[data-target-id='category-8'", ".shepherd-enabled#site-search", ".shepherd-enabled.shop-btn.visit-store", ] for target in category_targets: wait_until_condition(browser, lambda x: x.is_element_present_by_css(target)) move_to_element(browser, ".shepherd-button.btn-primary") browser.find_by_css(".shepherd-button.btn-primary").last.click() wait_until_condition(browser, lambda x: x.is_text_present("We're done!"), timeout=30) move_to_element(browser, ".shepherd-button.btn-primary") browser.find_by_css(".shepherd-button.btn-primary").last.click() wait_until_condition(browser, lambda x: is_tour_complete(shop, "home", user)) # check whether the tour is shown again browser.visit(live_server + "/sa/home") wait_until_condition(browser, lambda x: not x.is_text_present("Hi, new shop owner!")) browser.visit(live_server + "/logout") browser.visit(live_server + "/sa") wait_until_condition(browser, lambda x: not x.is_text_present("Hi, new shop owner!")) assert is_tour_complete(shop2, "home", user) is False
def test_set_from_customer_to_anonymous(rf): """ Set anonymous to the basket customer """ with override_settings(**CORE_BASKET_SETTINGS): user = factories.create_random_user() request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = get_person_contact(user) assert basket_commands.handle_set_customer(request, basket, AnonymousContact())["ok"] is True assert basket.customer == AnonymousContact() assert basket.orderer == AnonymousContact() assert basket.creator == user
def test_edit_object_view_no_permissions(rf): user = factories.create_random_user("en", is_staff=True) shop = factories.get_default_shop() shop.staff_members.add(user) view = EditObjectView.as_view() product = factories.create_product("p1", shop, factories.get_default_supplier()) model = ".".join(ContentType.objects.get_for_model(product).natural_key()) # no permission with pytest.raises(Problem) as error: _get_edit_object_view(rf, view, model, product.id, user, shop) assert "You do not have the required permission" in str(error)
def test_serialize_data(): """ Test contact dashboard views """ activate("en") shop = factories.get_default_shop() customer = factories.create_random_person("en") user = factories.create_random_user("en") user.set_password("1234") user.save() customer.user = user customer.default_billing_address = factories.create_random_address() customer.default_shipping_address = factories.create_random_address() customer.save() company = factories.create_random_company() company.default_billing_address = factories.create_random_address() company.default_shipping_address = factories.create_random_address() company.save() company.members.add(customer) product = factories.create_product("p1", shop, factories.get_default_supplier()) for basket_customer in [customer, company]: [factories.create_random_order(basket_customer, [product]) for order in range(3)] client = SmartClient() client.login(username=user.username, password="******") response = client.get(reverse("E-Commerce:gdpr_customer_dashboard")) assert response.status_code == 200 assert "My Data" in response.content.decode("utf-8") response = client.post(reverse("E-Commerce:gdpr_download_data")) assert response._headers["content-disposition"][0] == "Content-Disposition" assert response.status_code == 200 from E-Commerce.tasks.models import Task, TaskType from E-Commerce.gdpr.models import GDPR_ANONYMIZE_TASK_TYPE_IDENTIFIER response = client.post(reverse("E-Commerce:gdpr_anonymize_account")) assert response.status_code == 302 assert response.url.endswith(reverse("E-Commerce:index")) task_type = TaskType.objects.get(identifier=GDPR_ANONYMIZE_TASK_TYPE_IDENTIFIER, shop=shop) assert Task.objects.get(type=task_type, shop=shop) user.refresh_from_db() assert user.is_active is False refreshed_customer = PersonContact.objects.get(id=customer.id) assert refreshed_customer.is_active is False assert refreshed_customer.name == customer.name # nothing changed yet
def test_add_product(rf): """ Add product to basket """ with override_settings(**CORE_BASKET_SETTINGS): shop = factories.get_default_shop() user = factories.create_random_user() product = factories.create_product("product", shop, factories.get_default_supplier(), 10) request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = get_person_contact(user) cmd_response = basket_commands.handle_add(request, basket, product.id, 1) assert cmd_response["ok"] assert cmd_response["line_id"] assert cmd_response["added"] == 1 assert len(basket.get_lines()) == 1
def test_basket_with_custom_shop(rf): """ Set a different shop for basket """ with override_settings(**CORE_BASKET_SETTINGS): shop1 = factories.get_default_shop() shop2 = factories.get_shop(identifier="shop2") user = factories.create_random_user() request = apply_request_middleware(rf.get("/"), user=user, shop=shop1) basket_class = cached_load("E-Commerce_BASKET_CLASS_SPEC") basket = basket_class(request, "basket", shop=shop2) assert basket.shop == shop2 product_shop2 = factories.create_product("product_shop2", shop2, factories.get_default_supplier(), 10) line = basket.add_product(factories.get_default_supplier(), shop2, product_shop2, 1) assert line.shop == shop2
def test_force_contact_views(rf): shop = factories.get_default_shop() user = factories.create_random_user(is_staff=True) shop.staff_members.add(user) person_contact = get_person_contact(user) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact # Force contact to anonymous contact _call_force_view(request, force_anonymous_contact) # Re-process middlewares so we check the force contact request = apply_request_middleware(rf.get("/"), user=user) assert request.customer.is_anonymous assert get_person_contact(user).is_anonymous assert_all_good_with_random_user() # Force contact to person contact _call_force_view(request, force_person_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact assert get_person_contact(user) == person_contact assert_all_good_with_random_user() # Force contact to company contact. This also ensures # company contact for staff user if does not exists. _call_force_view(request, force_company_contact) request = apply_request_middleware(rf.get("/"), user=user) assert get_company_contact(user) == request.customer assert person_contact in request.customer.members.all() assert request.person == person_contact assert_all_good_with_random_user() # Finally force back to person contact. Now without # forcing the request would have company contact # since company contact for shop staff was created # while forcing company. _call_force_view(request, force_person_contact) request = apply_request_middleware(rf.get("/"), user=user) assert request.customer == person_contact assert get_person_contact(user) == person_contact assert get_company_contact(user) is None assert_all_good_with_random_user()
def test_suppliers_edit(rf, admin_user): shop = factories.get_default_shop() edit_view = SupplierEditView.as_view() staff_user = factories.create_random_user("en", is_staff=True) shop.staff_members.add(staff_user) with override_settings(E-Commerce_ENABLE_MULTIPLE_SUPPLIERS=True): for index, user in enumerate([admin_user, staff_user]): payload = { "base-name": "Supplier Name %d" % index, "base-description__en": "Supplier Description %d" % index, "base-type": SupplierType.INTERNAL.value, "base-module_identifier": "", "base-shops": shop.pk, "base-enabled": "on", "base-logo": "", "base-is_approved": "on", "address-name": "Address Name %d" % index, "address-email": "*****@*****.**", "address-phone": "23742578329", "address-tax_number": "ABC123", "address-street": "Streetz", "address-postal_code": "90014", "address-city": "Los Angeles", "address-region_code": "CA", "address-country": "US" } request = apply_request_middleware(rf.post("/", payload), user=user) response = edit_view(request) assert response.status_code == 302 supplier = Supplier.objects.last() assert response.url == reverse("E-Commerce_admin:supplier.edit", kwargs=dict(pk=supplier.pk)) assert supplier.name == payload["base-name"] assert supplier.description == payload["base-description__en"] assert supplier.shops.count() == 1 assert supplier.enabled assert supplier.is_approved assert supplier.contact_address.name == payload["address-name"] request = apply_request_middleware(rf.get("/"), user=user) response = edit_view(request, **{"pk": supplier.pk}) assert response.status_code == 200
def test_set_from_anonymous_to_customer_auth(rf): """ Set some random customer to the basket when authenticated """ with override_settings(**CORE_BASKET_SETTINGS): user = factories.create_random_user() request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = AnonymousContact() # can not set the customer for something different as the request customer with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, factories.create_random_person()) assert exc.value.code == "no_permission" assert basket.customer == AnonymousContact() assert basket_commands.handle_set_customer(request, basket, get_person_contact(user))["ok"] is True assert basket.customer == get_person_contact(user)
def test_anonymous_set_company_customer(rf): """ Set a company as the basket customer """ with override_settings(**CORE_BASKET_SETTINGS): user = factories.create_random_user() request = apply_request_middleware(rf.get("/"), user=user) basket = get_basket(request, "basket") basket.customer = AnonymousContact() person = factories.create_random_person() company = factories.create_random_company() company.members.add(person) with pytest.raises(ValidationError) as exc: basket_commands.handle_set_customer(request, basket, company, person) assert exc.value.code == "not_company_member" assert basket.customer == AnonymousContact()