* Add tests for the documents settings.

* Add tests for the document view.
bgroff · Oct 12, 2018 · 83e59d6 · 83e59d6
1 parent 778c6d8
commit 83e59d6
Show file tree

Hide file tree

Showing 8 changed files with 279 additions and 102 deletions.
diff --git a/django_kala/django_kala/test_settings.py b/django_kala/django_kala/test_settings.py
@@ -81,3 +81,5 @@
     'PLATFORM_MANAGER'
 )
 
+EXPORT_QUEUE = 'test'
+CELERY_BROKER_URL = 'memory://'
diff --git a/django_kala/projects/views/documents/document.py b/django_kala/projects/views/documents/document.py
@@ -1,49 +1,49 @@
 from django.conf import settings
-from django.contrib.auth.mixins import LoginRequiredMixin
+from django.contrib.auth.decorators import login_required
 from django.core.exceptions import PermissionDenied
 from django.shortcuts import get_object_or_404, redirect
 from django.urls import reverse
+from django.utils.decorators import method_decorator
 from django.utils.translation import ugettext as _
 from django.views import View
 from django.views.generic import TemplateView
+
 from documents.models import Document
 from projects.models import Project
 from projects.tasks.export_document import ExportDocumentTask
 
 
-class DocumentView(LoginRequiredMixin, TemplateView):
+class DocumentView(TemplateView):
     template_name = 'documents/document.html'
 
     def get_context_data(self, **kwargs):
         return {
             'project': self.project,
             'organization': self.project.organization,
-            'document': self.document,
-            'can_manage': self.document.can_manage(self.request.user),
-            'can_create': self.document.can_create(self.request.user),
-            'can_invite': self.document.can_invite(self.request.user)
+            'document': self.document
         }
 
+    @method_decorator(login_required)
     def dispatch(self, request, project_pk, document_pk, *args, **kwargs):
         self.project = get_object_or_404(Project.objects.active(), pk=project_pk)
         self.document = get_object_or_404(
             Document.objects.active().prefetch_related(
                 'documentversion_set',
                 'documentversion_set__user'
             ),
-            pk=document_pk)
+            pk=document_pk
+        )
         if not self.document.can_create(request.user):
             raise PermissionDenied(_('You do not have permissions to view this document.'))
         return super(DocumentView, self).dispatch(request, *args, **kwargs)
 
 
-class ExportDocumentView(LoginRequiredMixin, View):
+class ExportDocumentView(View):
 
+    @method_decorator(login_required)
     def dispatch(self, request, project_pk, document_pk, *args, **kwargs):
         self.project = get_object_or_404(Project.objects.active(), pk=project_pk)
-        self.document = get_object_or_404(
-            Document.objects.active(),
-            pk=document_pk)
+        self.document = get_object_or_404(Document.objects.active(), pk=document_pk)
 
         if not self.document.can_create(request.user):
             raise PermissionDenied(_('You do not have permissions to view this document.'))

diff --git a/django_kala/projects/views/documents/settings/tests/__init__.py b/django_kala/projects/views/documents/settings/tests/__init__.py
@@ -1,85 +0,0 @@
-from django.test import Client
-from django.urls import reverse
-from rest_framework.status import HTTP_403_FORBIDDEN, HTTP_200_OK, HTTP_302_FOUND
-
-from auth.tests.factories import UserFactory
-from documents.tests.factories import DocumentFactory
-from organizations.tests.factories import OrganizationFactory
-from projects.tests.factories import ProjectFactory
-
-
-def setup():
-    user = UserFactory.create()
-    organization = OrganizationFactory.create()
-    project = ProjectFactory.create(organization=organization)
-    document = DocumentFactory.create(project=project)
-
-    return user, organization, project, document, Client()
-
-
-def login(client, user):
-    user.set_password('test')
-    user.save()
-    return client.login(username=user.email, password='test')
-
-
-def user_permissions_test(view, client, user, organization, project, document, args):
-    # Not logged in should redirect to the login page
-    response = client.get(reverse(view, args=args), follow=True)
-    assert response.redirect_chain[0][0] == '{0}?next={1}'.format(
-        reverse('users:login'),
-        reverse(view, args=args)
-    )
-    assert response.redirect_chain[0][1] == HTTP_302_FOUND
-
-    assert login(client, user)
-
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_403_FORBIDDEN
-
-    # Test correct permissions
-    organization.add_manage(user)
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_200_OK
-    organization.delete_manage(user)
-
-    project.add_manage(user)
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_200_OK
-    project.delete_manage(user)
-
-    document.add_manage(user)
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_200_OK
-    document.delete_manage(user)
-
-    # Super user does what they want
-    user.is_superuser = True
-    user.save()
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_200_OK
-    user.is_superuser = False
-    user.save()
-
-    # Test that other permissions do not work
-    organization.add_create(user)
-    organization.add_invite(user)
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_403_FORBIDDEN
-    organization.delete_create(user)
-    organization.delete_invite(user)
-
-    project.add_create(user)
-    project.add_invite(user)
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_403_FORBIDDEN
-    project.delete_create(user)
-    project.delete_invite(user)
-
-    document.add_create(user)
-    document.add_invite(user)
-    response = client.get(reverse(view, args=args))
-    assert response.status_code == HTTP_403_FORBIDDEN
-    document.delete_create(user)
-    document.delete_invite(user)
-

diff --git a/django_kala/projects/views/documents/settings/tests/test_archive.py b/django_kala/projects/views/documents/settings/tests/test_archive.py
@@ -2,13 +2,13 @@
 from django.urls import reverse
 from rest_framework.status import HTTP_302_FOUND
 
-from . import setup, login, user_permissions_test
+from projects.views.documents.tests import setup, login, user_permissions_test_manage
 
 
 @pytest.mark.django_db
 def test_user_permissions_for_document_archive():
     user, organization, project, document, client = setup()
-    user_permissions_test(
+    user_permissions_test_manage(
         view='projects:document_archive',
         client=client,
         user=user,

diff --git a/django_kala/projects/views/documents/settings/tests/test_details.py b/django_kala/projects/views/documents/settings/tests/test_details.py
@@ -3,13 +3,13 @@
 from rest_framework.status import HTTP_200_OK, HTTP_302_FOUND
 
 from projects.models import Category
-from . import setup, login, user_permissions_test
+from projects.views.documents.tests import setup, login, user_permissions_test_manage
 
 
 @pytest.mark.django_db
 def test_user_permissions_for_document_details():
     user, organization, project, document, client = setup()
-    user_permissions_test(
+    user_permissions_test_manage(
         view='projects:document_details',
         client=client,
         user=user,

diff --git a/django_kala/projects/views/documents/settings/tests/test_manage_access.py b/django_kala/projects/views/documents/settings/tests/test_manage_access.py
@@ -3,13 +3,13 @@
 from rest_framework.status import HTTP_200_OK, HTTP_302_FOUND
 
 from auth.tests.factories import UserFactory
-from . import setup, login, user_permissions_test
+from projects.views.documents.tests import setup, login, user_permissions_test_manage
 
 
 @pytest.mark.django_db
 def test_user_permissions_for_document_manage_access():
     user, organization, project, document, client = setup()
-    user_permissions_test(
+    user_permissions_test_manage(
         view='projects:document_manage_access',
         client=client,
         user=user,

diff --git a/django_kala/projects/views/documents/tests/__init__.py b/django_kala/projects/views/documents/tests/__init__.py
@@ -0,0 +1,153 @@
+from django.test import Client
+from django.urls import reverse
+from rest_framework.status import HTTP_302_FOUND, HTTP_403_FORBIDDEN, HTTP_200_OK
+
+from auth.tests.factories import UserFactory
+from documents.tests.factories import DocumentFactory
+from organizations.tests.factories import OrganizationFactory
+from projects.tests.factories import ProjectFactory
+
+
+def setup():
+    user = UserFactory.create()
+    organization = OrganizationFactory.create()
+    project = ProjectFactory.create(organization=organization)
+    document = DocumentFactory.create(project=project)
+
+    return user, organization, project, document, Client()
+
+
+def login(client, user):
+    user.set_password('test')
+    user.save()
+    return client.login(username=user.email, password='test')
+
+
+def user_permissions_test_manage(view, client, user, organization, project, document, args):
+    # Not logged in should redirect to the login page
+    response = client.get(reverse(view, args=args), follow=True)
+    assert response.redirect_chain[0][0] == '{0}?next={1}'.format(
+        reverse('users:login'),
+        reverse(view, args=args)
+    )
+    assert response.redirect_chain[0][1] == HTTP_302_FOUND
+
+    assert login(client, user)
+
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_403_FORBIDDEN
+
+    # Test correct permissions
+    organization.add_manage(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    organization.delete_manage(user)
+
+    project.add_manage(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    project.delete_manage(user)
+
+    document.add_manage(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    document.delete_manage(user)
+
+    # Super user does what they want
+    user.is_superuser = True
+    user.save()
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    user.is_superuser = False
+    user.save()
+
+    # Test that other permissions do not work
+    organization.add_create(user)
+    organization.add_invite(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_403_FORBIDDEN
+    organization.delete_create(user)
+    organization.delete_invite(user)
+
+    project.add_create(user)
+    project.add_invite(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_403_FORBIDDEN
+    project.delete_create(user)
+    project.delete_invite(user)
+
+    document.add_create(user)
+    document.add_invite(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_403_FORBIDDEN
+    document.delete_create(user)
+    document.delete_invite(user)
+
+
+def user_permissions_test_create(view, client, user, organization, project, document, args):
+    # Not logged in should redirect to the login page
+    response = client.get(reverse(view, args=args), follow=True)
+    assert response.redirect_chain[0][0] == '{0}?next={1}'.format(
+        reverse('users:login'),
+        reverse(view, args=args)
+    )
+    assert response.redirect_chain[0][1] == HTTP_302_FOUND
+
+    assert login(client, user)
+
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_403_FORBIDDEN
+
+    # Test correct permissions
+    organization.add_manage(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    organization.delete_manage(user)
+
+    project.add_manage(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    project.delete_manage(user)
+
+    document.add_manage(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    document.delete_manage(user)
+
+    # Super user does what they want
+    user.is_superuser = True
+    user.save()
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    user.is_superuser = False
+    user.save()
+
+    organization.add_create(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    organization.delete_create(user)
+
+    organization.add_invite(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    organization.delete_invite(user)
+
+    project.add_create(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    project.delete_create(user)
+
+    project.add_invite(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    project.delete_invite(user)
+
+    document.add_create(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    document.delete_create(user)
+
+    document.add_invite(user)
+    response = client.get(reverse(view, args=args))
+    assert response.status_code == HTTP_200_OK
+    document.delete_invite(user)