forked from DGNum/gestioCOF
142 lines
4.4 KiB
Python
142 lines
4.4 KiB
Python
from unittest import mock
|
|
|
|
from django.core.urlresolvers import reverse
|
|
from django.http import QueryDict
|
|
from django.test import Client
|
|
|
|
from .utils import create_root, create_team, create_user
|
|
|
|
|
|
class ViewTestCaseMixin:
|
|
url_name = None
|
|
url_expected = None
|
|
|
|
auth_user = None
|
|
auth_forbidden = []
|
|
|
|
def setUp(self):
|
|
# Signals handlers on login/logout send messages.
|
|
# Due to the way the Django' test Client performs login, this raise an
|
|
# error. As workaround, we mock the Django' messages module.
|
|
patcher_messages = mock.patch('gestioncof.signals.messages')
|
|
patcher_messages.start()
|
|
self.addCleanup(patcher_messages.stop)
|
|
|
|
self.users = {}
|
|
self.accounts = {}
|
|
|
|
for label, user in {**self.users_base, **self.users_extra}.items():
|
|
self.register_user(label, user)
|
|
|
|
if self.auth_user:
|
|
# The wrapper is a sanity check.
|
|
self.assertTrue(
|
|
self.client.login(
|
|
username=self.auth_user,
|
|
password=self.auth_user,
|
|
)
|
|
)
|
|
|
|
@property
|
|
def users_base(self):
|
|
# Format desc: username, password, trigramme
|
|
return {
|
|
# user, user, 000
|
|
'user': create_user(),
|
|
# team, team, 100
|
|
'team': create_team(),
|
|
# root, root, 200
|
|
'root': create_root(),
|
|
}
|
|
|
|
@property
|
|
def users_extra(self):
|
|
return {}
|
|
|
|
def register_user(self, label, user):
|
|
self.users[label] = user
|
|
if hasattr(user.profile, 'account_kfet'):
|
|
self.accounts[label] = user.profile.account_kfet
|
|
|
|
@property
|
|
def urls_conf(self):
|
|
return [{
|
|
'name': self.url_name,
|
|
'args': getattr(self, 'url_args', []),
|
|
'kwargs': getattr(self, 'url_kwargs', {}),
|
|
'expected': self.url_expected,
|
|
}]
|
|
|
|
@property
|
|
def t_urls(self):
|
|
return [
|
|
reverse(
|
|
url_conf['name'],
|
|
args=url_conf.get('args', []),
|
|
kwargs=url_conf.get('kwargs', {}),
|
|
)
|
|
for url_conf in self.urls_conf]
|
|
|
|
@property
|
|
def url(self):
|
|
return self.t_urls[0]
|
|
|
|
def assertForbidden(self, response):
|
|
request = response.wsgi_request
|
|
|
|
try:
|
|
try:
|
|
# Is this an HTTP Forbidden response ?
|
|
self.assertEqual(response.status_code, 403)
|
|
except AssertionError:
|
|
# A redirection to the login view is fine too.
|
|
|
|
# Let's build the login url with the 'next' param on current
|
|
# page.
|
|
full_path = request.get_full_path()
|
|
|
|
querystring = QueryDict(mutable=True)
|
|
querystring['next'] = full_path
|
|
|
|
login_url = '/login?' + querystring.urlencode(safe='/')
|
|
|
|
# We don't focus on what the login view does.
|
|
# So don't fetch the redirect.
|
|
self.assertRedirects(
|
|
response, login_url,
|
|
fetch_redirect_response=False,
|
|
)
|
|
except AssertionError:
|
|
raise AssertionError(
|
|
"%(http_method)s request at %(path)s should be forbidden for "
|
|
"%(username)s user.\n"
|
|
"Response isn't 403, nor a redirect to login view. Instead, "
|
|
"response code is %(code)d." % {
|
|
'http_method': request.method,
|
|
'path': request.get_full_path(),
|
|
'username': (
|
|
"'{}'".format(request.user.username)
|
|
if request.user.username
|
|
else 'anonymous'
|
|
),
|
|
'code': response.status_code,
|
|
}
|
|
)
|
|
|
|
def assertForbiddenKfet(self, response):
|
|
self.assertEqual(response.status_code, 200)
|
|
form = response.context['form']
|
|
self.assertIn("Permission refusée", form.non_field_errors)
|
|
|
|
def test_urls(self):
|
|
for url, conf in zip(self.t_urls, self.urls_conf):
|
|
self.assertEqual(url, conf['expected'])
|
|
|
|
def test_forbidden(self):
|
|
for creds in self.auth_forbidden:
|
|
for url in self.t_urls:
|
|
client = Client()
|
|
if creds is not None:
|
|
client.login(username=creds, password=creds)
|
|
r = client.get(url)
|
|
self.assertForbidden(r)
|