inpt/ponytracker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

check perms in views & some tests (not enought)

Browse source
This commit is contained in:
Élie Bouttier 2014-08-11 23:56:06 -07:00
parent 53e954ca9c
commit a06a248e68
2 changed files with 127 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

113
issue/tests.py
View file

@ -102,42 +102,119 @@ class TestViews(TestCase):
fixtures = ['test_perms']
def setUp(self):
self.client.login(username='admin', password='admin')
def test_404(self):
response = self.client.get('/deliberately/broken')
self.assertEqual(response.status_code, 404)
def test_home(self):
def test_home_as_anonymous(self):
expected = Project.objects.filter(name='project-1')
url = reverse('list-project')
self.assertEqual(url, '/')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.context['projects']), 2)
self.assertQuerysetEqual(expected, response.context['projects'], lambda x: x)
def test_home_redirection(self):
Project.objects.all().delete()
expected_url = reverse('add-project')
def test_home_as_user1(self):
expected = Project.objects.filter(name='project-1')
self.client.login(username='user1', password='user1')
url = reverse('list-project')
self.assertEqual(url, '/')
response = self.client.get(url)
self.assertRedirects(response, expected_url)
self.assertEqual(response.status_code, 200)
self.assertQuerysetEqual(expected, response.context['projects'], lambda x: x, ordered=False)
self.assertNotContains(response, 'New project')
def test_add_project(self):
expected_url = reverse('list-project-permission', args=['test'])
def test_home_as_user2(self):
expected = Project.objects.all()
self.client.login(username='user2', password='user2')
url = reverse('list-project')
self.assertEqual(url, '/')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertQuerysetEqual(expected, response.context['projects'], lambda x: x, ordered=False)
self.assertNotContains(response, 'New project')
def test_home_as_user3(self):
expected = Project.objects.filter(name='project-1')
self.client.login(username='user3', password='user3')
url = reverse('list-project')
self.assertEqual(url, '/')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertQuerysetEqual(expected, response.context['projects'], lambda x: x, ordered=False)
self.assertContains(response, 'New project')
def test_add_project_granted(self):
self.client.login(username='user3', password='user3')
expected_url = reverse('list-project-permission', args=['project-3'])
url = reverse('add-project')
response = self.client.post(url, {
'name': 'test',
'display_name': 'Test',
'description': 'Testing purpose only.',
'name': 'project-3',
'display_name': 'Project 3',
'description': 'This is the third project.',
})
self.assertRedirects(response, expected_url)
self.assertEqual(Project.objects.count(), 3)
self.assertQuerysetEqual(Project.objects.all(), ['project-1', 'project-2', 'project-3'], lambda x: x.name, ordered=False)
def test_delete_project(self):
def test_add_project_forbidden(self):
self.client.login(username='user1', password='user1')
url = reverse('add-project')
response = self.client.post(url, {
'name': 'project-3',
'display_name': 'Project 3',
'description': 'This is the third project.',
})
self.assertEqual(response.status_code, 403)
self.assertQuerysetEqual(Project.objects.all(), ['project-1', 'project-2'], lambda x: x.name, ordered=False)
def test_add_project_forbidden_ano(self):
expected_url = reverse('login') + '?next=' + reverse('add-project')
url = reverse('add-project')
response = self.client.post(url, {
'name': 'project-3',
'display_name': 'Project 3',
'description': 'This is the third project.',
})
self.assertRedirects(response, expected_url)
self.assertQuerysetEqual(Project.objects.all(), ['project-1', 'project-2'], lambda x: x.name, ordered=False)
def test_delete_project_granted(self):
self.client.login(username='user1', password='user1')
expected_url = reverse('list-project')
url = reverse('delete-project', args=['project-1'])
response = self.client.get(url)
self.assertRedirects(response, expected_url)
self.assertEqual(Project.objects.count(), 1)
self.assertEqual(Project.objects.first().name, 'project-2')
self.assertQuerysetEqual(Project.objects.all(), ['project-2'], lambda x: x.name, ordered=False)
def test_delete_project_forbidden(self):
self.client.login(username='user2', password='user2')
url = reverse('delete-project', args=['project-1'])
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
self.assertQuerysetEqual(Project.objects.all(), ['project-1', 'project-2'], lambda x: x.name, ordered=False)
def test_delete_project_forbidden_ano(self):
expected_url = reverse('login') + '?next=' + reverse('delete-project', args=['project-1'])
url = reverse('delete-project', args=['project-1'])
response = self.client.get(url)
self.assertRedirects(response, expected_url)
self.assertQuerysetEqual(Project.objects.all(), ['project-1', 'project-2'], lambda x: x.name, ordered=False)
def test_list_issue_granted(self):
self.client.login(username='user2', password='user2')
url = reverse('list-issue', args=['project-2'])
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_list_issue_forbidden(self):
self.client.login(username='user1', password='user1')
expected_url = reverse('login') + '?next=' + reverse('list-issue', args=['project-2'])
url = reverse('list-issue', args=['project-2'])
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
def test_list_issue_forbidden_ano(self):
expected_url = reverse('login') + '?next=' + reverse('list-issue', args=['project-2'])
url = reverse('list-issue', args=['project-2'])
response = self.client.get(url)
self.assertRedirects(response, expected_url)