forked from DGNum/gestioCOF
Fix tests
This commit is contained in:
parent
1450b65dcd
commit
47f406e09e
3 changed files with 44 additions and 40 deletions
|
@ -284,7 +284,11 @@ class TemporaryAuthTests(TestCase):
|
|||
self.perm = Permission.objects.get(
|
||||
content_type__app_label="kfet", codename="is_team"
|
||||
)
|
||||
self.user2.user_permissions.add(self.perm)
|
||||
self.perm2 = Permission.objects.get(
|
||||
content_type__app_label="kfet", codename="can_force_close"
|
||||
)
|
||||
self.user1.user_permissions.add(self.perm)
|
||||
self.user2.user_permissions.add(self.perm, self.perm2)
|
||||
|
||||
def test_context_processor(self):
|
||||
"""
|
||||
|
@ -295,7 +299,7 @@ class TemporaryAuthTests(TestCase):
|
|||
r = self.client.post("/k-fet/accounts/000/edit", HTTP_KFETPASSWORD="kfet_user2")
|
||||
|
||||
self.assertEqual(r.context["user"], self.user1)
|
||||
self.assertNotIn("kfet.is_team", r.context["perms"])
|
||||
self.assertNotIn("kfet.can_force_close", r.context["perms"])
|
||||
|
||||
def test_auth_not_persistent(self):
|
||||
"""
|
||||
|
|
|
@ -112,7 +112,7 @@ class AccountPwdForm(forms.Form):
|
|||
|
||||
def save(self, commit=True):
|
||||
password = self.cleaned_data["pwd1"]
|
||||
self.account.set_password(password)
|
||||
self.account.change_pwd(password)
|
||||
if commit:
|
||||
self.account.save()
|
||||
|
||||
|
|
|
@ -11,6 +11,7 @@ from django.utils import timezone
|
|||
from .. import KFET_DELETED_TRIGRAMME
|
||||
from ..auth import KFET_GENERIC_TRIGRAMME
|
||||
from ..auth.models import KFetGroup
|
||||
from ..auth.utils import hash_password
|
||||
from ..config import kfet_config
|
||||
from ..models import (
|
||||
Account,
|
||||
|
@ -296,8 +297,8 @@ class AccountReadViewTests(ViewTestCaseMixin, TestCase):
|
|||
|
||||
class AccountUpdateViewTests(ViewTestCaseMixin, TestCase):
|
||||
url_name = "kfet.account.update"
|
||||
url_kwargs = {"trigramme": "001"}
|
||||
url_expected = "/k-fet/accounts/001/edit"
|
||||
url_kwargs = {"trigramme": "100"}
|
||||
url_expected = "/k-fet/accounts/100/edit"
|
||||
|
||||
http_methods = ["GET", "POST"]
|
||||
|
||||
|
@ -317,26 +318,16 @@ class AccountUpdateViewTests(ViewTestCaseMixin, TestCase):
|
|||
"promo": "",
|
||||
# 'is_frozen': not checked
|
||||
# Account password
|
||||
"pwd1": "",
|
||||
"pwd2": "",
|
||||
"pwd1": "changed_pwd",
|
||||
"pwd2": "changed_pwd",
|
||||
}
|
||||
|
||||
def get_users_extra(self):
|
||||
return {
|
||||
"user1": create_user("user1", "001"),
|
||||
"team1": create_team("team1", "101", perms=["kfet.change_account"]),
|
||||
"team2": create_team("team2", "102"),
|
||||
}
|
||||
|
||||
# Users with forbidden access users should get a 404 here, to avoid leaking trigrams
|
||||
# See issue #224
|
||||
def test_forbidden(self):
|
||||
for method in ["get", "post"]:
|
||||
for user in self.auth_forbidden:
|
||||
self.assertRedirectsToLoginOr404(user, method, self.url_expected)
|
||||
self.assertRedirectsToLoginOr404(
|
||||
user, method, "/k-fet/accounts/NEX/edit"
|
||||
)
|
||||
|
||||
def assertRedirectsToLoginOr404(self, user, method, url):
|
||||
client = Client()
|
||||
meth = getattr(client, method)
|
||||
|
@ -356,46 +347,55 @@ class AccountUpdateViewTests(ViewTestCaseMixin, TestCase):
|
|||
r = self.client.get(self.url)
|
||||
self.assertEqual(r.status_code, 200)
|
||||
|
||||
def test_get_ok_self(self):
|
||||
client = Client()
|
||||
client.login(username="user1", password="user1")
|
||||
r = client.get(self.url)
|
||||
self.assertEqual(r.status_code, 200)
|
||||
|
||||
def test_post_ok(self):
|
||||
client = Client()
|
||||
client.login(username="team1", password="team1")
|
||||
|
||||
r = client.post(self.url, self.post_data)
|
||||
r = client.post(self.url, self.post_data, follow=True)
|
||||
self.assertRedirects(r, reverse("kfet.account.read", args=["051"]))
|
||||
|
||||
self.accounts["user1"].refresh_from_db()
|
||||
self.users["user1"].refresh_from_db()
|
||||
# Comportement attendu : compte modifié,
|
||||
# utilisateur/mdp inchangé, warning pour le mdp
|
||||
|
||||
self.accounts["team"].refresh_from_db()
|
||||
self.users["team"].refresh_from_db()
|
||||
|
||||
self.assertInstanceExpected(
|
||||
self.accounts["user1"],
|
||||
{"first_name": "first", "last_name": "last", "trigramme": "051"},
|
||||
self.accounts["team"],
|
||||
{"first_name": "team", "last_name": "member", "trigramme": "051"},
|
||||
)
|
||||
self.assertEqual(self.accounts["team"].password, hash_password("kfetpwd_team"))
|
||||
|
||||
self.assertTrue(
|
||||
any("mot de passe" in str(msg).casefold() for msg in r.context["messages"])
|
||||
)
|
||||
|
||||
def test_post_ok_self(self):
|
||||
client = Client()
|
||||
client.login(username="user1", password="user1")
|
||||
r = self.client.post(self.url, self.post_data, follow=True)
|
||||
self.assertRedirects(r, reverse("kfet.account.read", args=["051"]))
|
||||
|
||||
post_data = {"first_name": "The first", "last_name": "The last"}
|
||||
self.accounts["team"].refresh_from_db()
|
||||
self.users["team"].refresh_from_db()
|
||||
|
||||
r = client.post(self.url, post_data)
|
||||
self.assertRedirects(r, reverse("kfet.account.read", args=["001"]))
|
||||
|
||||
self.accounts["user1"].refresh_from_db()
|
||||
self.users["user1"].refresh_from_db()
|
||||
# Comportement attendu : compte/mdp modifié, utilisateur inchangé
|
||||
|
||||
self.assertInstanceExpected(
|
||||
self.accounts["user1"], {"first_name": "first", "last_name": "last"}
|
||||
self.accounts["team"],
|
||||
{"first_name": "team", "last_name": "member", "trigramme": "051"},
|
||||
)
|
||||
self.assertEqual(self.accounts["team"].password, hash_password("changed_pwd"))
|
||||
|
||||
def test_post_forbidden(self):
|
||||
r = self.client.post(self.url, self.post_data)
|
||||
self.assertForbiddenKfet(r)
|
||||
client = Client()
|
||||
client.login(username="team2", password="team2")
|
||||
r = client.post(self.url, self.post_data)
|
||||
|
||||
self.assertTrue(
|
||||
any(
|
||||
"permission refusée" in str(msg).casefold()
|
||||
for msg in r.context["messages"]
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
class AccountDeleteViewTests(ViewTestCaseMixin, TestCase):
|
||||
|
|
Loading…
Reference in a new issue