From e9111efe25408d330ca62d7966a164542d3e9918 Mon Sep 17 00:00:00 2001 From: "Ernest W. Durbin III" Date: Mon, 23 Nov 2020 11:34:31 -0500 Subject: [PATCH] remove access guards on new sponsorship application --- sponsors/tests/test_views.py | 46 ++++++++++++++---------------------- sponsors/views.py | 21 +++------------- 2 files changed, 21 insertions(+), 46 deletions(-) diff --git a/sponsors/tests/test_views.py b/sponsors/tests/test_views.py index 9f1a1845f..9d1bf7acb 100644 --- a/sponsors/tests/test_views.py +++ b/sponsors/tests/test_views.py @@ -70,34 +70,6 @@ def test_display_form_with_errors_if_invalid_post(self): self.assertIsInstance(form, SponsorshiptBenefitsForm) self.assertTrue(form.errors) - def test_login_required(self): - redirect_url = f"{settings.LOGIN_URL}?next={self.url}" - self.client.logout() - - r = self.client.get(self.url) - - self.assertRedirects(r, redirect_url) - - def test_not_staff_no_group_not_allowed(self): - redirect_url = f"{settings.LOGIN_URL}?next={self.url}" - self.user.is_staff = False - self.user.save() - self.client.force_login(self.user) - - r = self.client.get(self.url) - - self.assertRedirects(r, redirect_url, fetch_redirect_response=False) - - def test_group_allowed(self): - redirect_url = f"{settings.LOGIN_URL}?next={self.url}" - self.user.groups.add(self.group) - self.user.save() - self.client.force_login(self.user) - - r = self.client.get(self.url) - - self.assertEqual(r.status_code, 200, "user in group should have access") - def test_valid_post_redirect_user_to_next_form_step_and_save_info_in_cookies(self): package = baker.make("sponsors.SponsorshipPackage") for benefit in self.program_1_benefits: @@ -141,6 +113,24 @@ def test_capacity_flag_when_needed(self): r = self.client.get(self.url) self.assertEqual(True, r.context["capacities_met"]) + def test_redirect_to_login(self): + redirect_url = ( + f"{settings.LOGIN_URL}?next={reverse('new_sponsorship_application')}" + ) + package = baker.make("sponsors.SponsorshipPackage") + for benefit in self.program_1_benefits: + benefit.packages.add(package) + + data = { + "benefits_psf": [b.id for b in self.program_1_benefits], + "benefits_working_group": [b.id for b in self.program_2_benefits], + "package": package.id, + } + self.client.logout() + response = self.client.post(self.url, data=data) + + self.assertRedirects(response, redirect_url, fetch_redirect_response=False) + class NewSponsorshipApplicationViewTests(TestCase): url = reverse_lazy("new_sponsorship_application") diff --git a/sponsors/views.py b/sponsors/views.py index e8197f6f9..185510f5f 100644 --- a/sponsors/views.py +++ b/sponsors/views.py @@ -3,7 +3,7 @@ from django.conf import settings from django.contrib import messages from django.contrib.auth.decorators import login_required -from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin +from django.contrib.auth.mixins import LoginRequiredMixin from django.db import transaction from django.utils.decorators import method_decorator from django.http import JsonResponse @@ -24,24 +24,10 @@ from sponsors.forms import SponsorshiptBenefitsForm, SponsorshipApplicationForm -class SelectSponsorshipApplicationBenefitsView(UserPassesTestMixin, FormView): +class SelectSponsorshipApplicationBenefitsView(FormView): form_class = SponsorshiptBenefitsForm template_name = "sponsors/sponsorship_benefits_form.html" - # TODO: Remove UserPassesTestMixin when launched, also remove following methods - def test_func(self): - return ( - self.request.user.is_staff - or self.request.user.groups.filter(name="Sponsorship Preview").exists() - ) - - def permission_denied_message(self): - msg = "New Sponsorship Application is not yet generally available, check back soon!" - messages.add_message(self.request, messages.INFO, msg) - return msg - - # END TODO - def get_context_data(self, *args, **kwargs): programs = SponsorshipProgram.objects.all() packages = SponsorshipPackage.objects.all() @@ -65,8 +51,7 @@ def get_success_url(self): if self.request.user.is_authenticated: return reverse_lazy("new_sponsorship_application") else: - # TODO unit test this scenario after removing UserPassesTestMixin - return settings.LOGIN_URL + return f"{settings.LOGIN_URL}?next={reverse('new_sponsorship_application')}" def get_initial(self): return cookies.get_sponsorship_selected_benefits(self.request)