-
Notifications
You must be signed in to change notification settings - Fork 13
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Add tests for the documents settings views.
* Fixed authentication bugs found by the tests.
- Loading branch information
Showing
8 changed files
with
322 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 changes: 5 additions & 5 deletions
10
django_kala/projects/views/documents/settings/manage_access.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
85 changes: 85 additions & 0 deletions
85
django_kala/projects/views/documents/settings/tests/__init__.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
from django.test import Client | ||
from django.urls import reverse | ||
from rest_framework.status import HTTP_403_FORBIDDEN, HTTP_200_OK, HTTP_302_FOUND | ||
|
||
from auth.tests.factories import UserFactory | ||
from documents.tests.factories import DocumentFactory | ||
from organizations.tests.factories import OrganizationFactory | ||
from projects.tests.factories import ProjectFactory | ||
|
||
|
||
def setup(): | ||
user = UserFactory.create() | ||
organization = OrganizationFactory.create() | ||
project = ProjectFactory.create(organization=organization) | ||
document = DocumentFactory.create(project=project) | ||
|
||
return user, organization, project, document, Client() | ||
|
||
|
||
def login(client, user): | ||
user.set_password('test') | ||
user.save() | ||
return client.login(username=user.email, password='test') | ||
|
||
|
||
def user_permissions_test(view, client, user, organization, project, document, args): | ||
# Not logged in should redirect to the login page | ||
response = client.get(reverse(view, args=args), follow=True) | ||
assert response.redirect_chain[0][0] == '{0}?next={1}'.format( | ||
reverse('users:login'), | ||
reverse(view, args=args) | ||
) | ||
assert response.redirect_chain[0][1] == HTTP_302_FOUND | ||
|
||
assert login(client, user) | ||
|
||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_403_FORBIDDEN | ||
|
||
# Test correct permissions | ||
organization.add_manage(user) | ||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_200_OK | ||
organization.delete_manage(user) | ||
|
||
project.add_manage(user) | ||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_200_OK | ||
project.delete_manage(user) | ||
|
||
document.add_manage(user) | ||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_200_OK | ||
document.delete_manage(user) | ||
|
||
# Super user does what they want | ||
user.is_superuser = True | ||
user.save() | ||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_200_OK | ||
user.is_superuser = False | ||
user.save() | ||
|
||
# Test that other permissions do not work | ||
organization.add_create(user) | ||
organization.add_invite(user) | ||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_403_FORBIDDEN | ||
organization.delete_create(user) | ||
organization.delete_invite(user) | ||
|
||
project.add_create(user) | ||
project.add_invite(user) | ||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_403_FORBIDDEN | ||
project.delete_create(user) | ||
project.delete_invite(user) | ||
|
||
document.add_create(user) | ||
document.add_invite(user) | ||
response = client.get(reverse(view, args=args)) | ||
assert response.status_code == HTTP_403_FORBIDDEN | ||
document.delete_create(user) | ||
document.delete_invite(user) | ||
|
40 changes: 40 additions & 0 deletions
40
django_kala/projects/views/documents/settings/tests/test_archive.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
import pytest | ||
from django.urls import reverse | ||
from rest_framework.status import HTTP_302_FOUND | ||
|
||
from . import setup, login, user_permissions_test | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_user_permissions_for_document_archive(): | ||
user, organization, project, document, client = setup() | ||
user_permissions_test( | ||
view='projects:document_archive', | ||
client=client, | ||
user=user, | ||
organization=organization, | ||
project=project, | ||
document=document, | ||
args=[project.pk, document.pk] | ||
) | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_archive(): | ||
user, organization, project, document, client = setup() | ||
document.add_manage(user) | ||
assert login(client, user) | ||
|
||
# Valid case | ||
response = client.post( | ||
path=reverse('projects:document_archive', args=[project.pk, document.pk]), | ||
data={ | ||
'archive': 'Test Project', | ||
}, | ||
follow=True | ||
) | ||
assert response.redirect_chain[0][0] == reverse('projects:document_archive', args=[project.pk, document.pk]) | ||
assert response.redirect_chain[0][1] == HTTP_302_FOUND | ||
|
||
document.refresh_from_db() | ||
assert document.is_active == False |
55 changes: 55 additions & 0 deletions
55
django_kala/projects/views/documents/settings/tests/test_details.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
import pytest | ||
from django.urls import reverse | ||
from rest_framework.status import HTTP_200_OK, HTTP_302_FOUND | ||
|
||
from projects.models import Category | ||
from . import setup, login, user_permissions_test | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_user_permissions_for_document_details(): | ||
user, organization, project, document, client = setup() | ||
user_permissions_test( | ||
view='projects:document_details', | ||
client=client, | ||
user=user, | ||
organization=organization, | ||
project=project, | ||
document=document, | ||
args=[project.pk, document.pk] | ||
) | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_updated_details(): | ||
user, organization, project, document, client = setup() | ||
document.add_manage(user) | ||
assert login(client, user) | ||
|
||
# Valid case | ||
category = Category.objects.create(name='Test Category', project=project, type='test') | ||
response = client.post( | ||
path=reverse('projects:document_details', args=[project.pk, document.pk]), | ||
data={ | ||
'name': 'Test Project', | ||
'category': category.pk, | ||
'tags': ['test, tags'] | ||
}, | ||
follow=True | ||
) | ||
assert response.redirect_chain[0][0] == reverse('projects:document_details', args=[project.pk, document.pk]) | ||
assert response.redirect_chain[0][1] == HTTP_302_FOUND | ||
|
||
document.refresh_from_db() | ||
assert document.name == 'Test Project' | ||
assert document.category.name == category.name | ||
assert len(document.tags.all()) == 2 | ||
|
||
# Invalid form | ||
response = client.post( | ||
path=reverse('projects:document_details', args=[project.pk, document.pk]), | ||
data={ | ||
'foo': 'bar', | ||
} | ||
) | ||
assert response.status_code == HTTP_200_OK |
Oops, something went wrong.