forked from DGNum/gestioCOF
Add tests for kfet views.
kfet.tests.testcases embed mixins for TestCase: - TestCaseMixin provides assertion helpers, - ViewTestCaseMixin provides a few basic tests, which are common to every view. kfet.tests.utils provides helpers for users and permissions management. Each kfet view get a testcase (at least very basic) in kfet.tests.test_views.
This commit is contained in:
Aurélien Delobelle
parent
343b52f986
commit
2cfce1c921
4 changed files with 2265 additions and 206 deletions
|
|
@ -1,16 +1,114 @@
|
|||
from unittest import mock
|
||||
from urllib.parse import parse_qs, urlparse
|
||||
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.http import QueryDict
|
||||
from django.test import Client
|
||||
from django.utils import timezone
|
||||
|
||||
from .utils import create_root, create_team, create_user
|
||||
|
||||
|
||||
class ViewTestCaseMixin:
|
||||
class TestCaseMixin:
|
||||
def assertForbidden(self, response):
|
||||
request = response.wsgi_request
|
||||
|
||||
try:
|
||||
try:
|
||||
# Is this an HTTP Forbidden response ?
|
||||
self.assertEqual(response.status_code, 403)
|
||||
except AssertionError:
|
||||
# A redirection to the login view is fine too.
|
||||
|
||||
# Let's build the login url with the 'next' param on current
|
||||
# page.
|
||||
full_path = request.get_full_path()
|
||||
|
||||
querystring = QueryDict(mutable=True)
|
||||
querystring['next'] = full_path
|
||||
|
||||
login_url = '/login?' + querystring.urlencode(safe='/')
|
||||
|
||||
# We don't focus on what the login view does.
|
||||
# So don't fetch the redirect.
|
||||
self.assertRedirects(
|
||||
response, login_url,
|
||||
fetch_redirect_response=False,
|
||||
)
|
||||
except AssertionError:
|
||||
raise AssertionError(
|
||||
"%(http_method)s request at %(path)s should be forbidden for "
|
||||
"%(username)s user.\n"
|
||||
"Response isn't 403, nor a redirect to login view. Instead, "
|
||||
"response code is %(code)d." % {
|
||||
'http_method': request.method,
|
||||
'path': request.get_full_path(),
|
||||
'username': (
|
||||
"'{}'".format(request.user)
|
||||
if request.user.is_authenticated()
|
||||
else 'anonymous'
|
||||
),
|
||||
'code': response.status_code,
|
||||
}
|
||||
)
|
||||
|
||||
def assertForbiddenKfet(self, response, form_ctx='form'):
|
||||
try:
|
||||
self.assertEqual(response.status_code, 200)
|
||||
try:
|
||||
form = response.context[form_ctx]
|
||||
self.assertIn("Permission refusée", form.non_field_errors())
|
||||
except (AssertionError, AttributeError, KeyError):
|
||||
messages = [str(msg) for msg in response.context['messages']]
|
||||
self.assertIn("Permission refusée", messages)
|
||||
except AssertionError:
|
||||
request = response.wsgi_request
|
||||
raise AssertionError(
|
||||
"%(http_method)s request at %(path)s should raise an error "
|
||||
"for %(username)s user.\n"
|
||||
"Cannot find any errors in non-field errors of form "
|
||||
"'%(form_ctx)s', nor in messages." % {
|
||||
'http_method': request.method,
|
||||
'path': request.get_full_path(),
|
||||
'username': (
|
||||
"'%s'" % request.user
|
||||
if request.user.is_authenticated()
|
||||
else 'anonymous'
|
||||
),
|
||||
'form_ctx': form_ctx,
|
||||
}
|
||||
)
|
||||
|
||||
def assertInstanceExpected(self, instance, expected):
|
||||
for attr, expected_value in expected.items():
|
||||
value = getattr(instance, attr)
|
||||
if callable(value):
|
||||
value = value()
|
||||
self.assertEqual(value, expected_value)
|
||||
|
||||
def assertUrlsEqual(self, actual, expected):
|
||||
if type(expected) == dict:
|
||||
parsed = urlparse(actual)
|
||||
checks = ['scheme', 'netloc', 'path', 'params']
|
||||
for check in checks:
|
||||
self.assertEqual(
|
||||
getattr(parsed, check),
|
||||
expected.get(check, ''),
|
||||
)
|
||||
self.assertDictEqual(
|
||||
parse_qs(parsed.query),
|
||||
expected.get('query', {}),
|
||||
)
|
||||
else:
|
||||
self.assertEqual(actual, expected)
|
||||
|
||||
|
||||
class ViewTestCaseMixin(TestCaseMixin):
|
||||
url_name = None
|
||||
url_expected = None
|
||||
|
||||
http_methods = ['GET']
|
||||
|
||||
auth_user = None
|
||||
auth_forbidden = []
|
||||
|
||||
|
|
@ -22,6 +120,11 @@ class ViewTestCaseMixin:
|
|||
patcher_messages.start()
|
||||
self.addCleanup(patcher_messages.stop)
|
||||
|
||||
# A test can mock 'django.utils.timezone.now' and give this as return
|
||||
# value. E.g. it is useful if the test checks values of 'auto_now' or
|
||||
# 'auto_now_add' fields.
|
||||
self.now = timezone.now()
|
||||
|
||||
self.users = {}
|
||||
self.accounts = {}
|
||||
|
||||
|
|
@ -58,6 +161,11 @@ class ViewTestCaseMixin:
|
|||
if hasattr(user.profile, 'account_kfet'):
|
||||
self.accounts[label] = user.profile.account_kfet
|
||||
|
||||
def get_user(self, label):
|
||||
if self.auth_user is not None:
|
||||
return self.auth_user
|
||||
return self.auth_user_mapping.get(label)
|
||||
|
||||
@property
|
||||
def urls_conf(self):
|
||||
return [{
|
||||
|
|
@ -81,62 +189,24 @@ class ViewTestCaseMixin:
|
|||
def url(self):
|
||||
return self.t_urls[0]
|
||||
|
||||
def assertForbidden(self, response):
|
||||
request = response.wsgi_request
|
||||
|
||||
try:
|
||||
try:
|
||||
# Is this an HTTP Forbidden response ?
|
||||
self.assertEqual(response.status_code, 403)
|
||||
except AssertionError:
|
||||
# A redirection to the login view is fine too.
|
||||
|
||||
# Let's build the login url with the 'next' param on current
|
||||
# page.
|
||||
full_path = request.get_full_path()
|
||||
|
||||
querystring = QueryDict(mutable=True)
|
||||
querystring['next'] = full_path
|
||||
|
||||
login_url = '/login?' + querystring.urlencode(safe='/')
|
||||
|
||||
# We don't focus on what the login view does.
|
||||
# So don't fetch the redirect.
|
||||
self.assertRedirects(
|
||||
response, login_url,
|
||||
fetch_redirect_response=False,
|
||||
)
|
||||
except AssertionError:
|
||||
raise AssertionError(
|
||||
"%(http_method)s request at %(path)s should be forbidden for "
|
||||
"%(username)s user.\n"
|
||||
"Response isn't 403, nor a redirect to login view. Instead, "
|
||||
"response code is %(code)d." % {
|
||||
'http_method': request.method,
|
||||
'path': request.get_full_path(),
|
||||
'username': (
|
||||
"'{}'".format(request.user.username)
|
||||
if request.user.username
|
||||
else 'anonymous'
|
||||
),
|
||||
'code': response.status_code,
|
||||
}
|
||||
)
|
||||
|
||||
def assertForbiddenKfet(self, response):
|
||||
self.assertEqual(response.status_code, 200)
|
||||
form = response.context['form']
|
||||
self.assertIn("Permission refusée", form.non_field_errors)
|
||||
|
||||
def test_urls(self):
|
||||
for url, conf in zip(self.t_urls, self.urls_conf):
|
||||
self.assertEqual(url, conf['expected'])
|
||||
|
||||
def test_forbidden(self):
|
||||
for creds in self.auth_forbidden:
|
||||
for url in self.t_urls:
|
||||
client = Client()
|
||||
if creds is not None:
|
||||
client.login(username=creds, password=creds)
|
||||
r = client.get(url)
|
||||
self.assertForbidden(r)
|
||||
for method in self.http_methods:
|
||||
for user in self.auth_forbidden:
|
||||
for url in self.t_urls:
|
||||
self.check_forbidden(method, url, user)
|
||||
|
||||
def check_forbidden(self, method, url, user=None):
|
||||
method = method.lower()
|
||||
client = Client()
|
||||
if user is not None:
|
||||
client.login(username=user, password=user)
|
||||
|
||||
send_request = getattr(client, method)
|
||||
data = getattr(self, '{}_data'.format(method), {})
|
||||
|
||||
r = send_request(url, data)
|
||||
self.assertForbidden(r)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue