kpsul/kfet/tests/testcases.py

from unittest import mock

from django.core.urlresolvers import reverse
from django.http import QueryDict
from django.test import Client

from .utils import create_root, create_team, create_user


class ViewTestCaseMixin:
    url_name = None
    url_expected = None

    auth_user = None
    auth_forbidden = []

    def setUp(self):
        # Signals handlers on login/logout send messages.
        # Due to the way the Django' test Client performs login, this raise an
        # error. As workaround, we mock the Django' messages module.
        patcher_messages = mock.patch('gestioncof.signals.messages')
        patcher_messages.start()
        self.addCleanup(patcher_messages.stop)

        self.users = {}
        self.accounts = {}

        for label, user in {**self.users_base, **self.users_extra}.items():
            self.register_user(label, user)

        if self.auth_user:
            # The wrapper is a sanity check.
            self.assertTrue(
                self.client.login(
                    username=self.auth_user,
                    password=self.auth_user,
                )
            )

    @property
    def users_base(self):
        # Format desc: username, password, trigramme
        return {
            # user, user, 000
            'user': create_user(),
            # team, team, 100
            'team': create_team(),
            # root, root, 200
            'root': create_root(),
        }

    @property
    def users_extra(self):
        return {}

    def register_user(self, label, user):
        self.users[label] = user
        if hasattr(user.profile, 'account_kfet'):
            self.accounts[label] = user.profile.account_kfet

    @property
    def urls_conf(self):
        return [{
            'name': self.url_name,
            'args': getattr(self, 'url_args', []),
            'kwargs': getattr(self, 'url_kwargs', {}),
            'expected': self.url_expected,
        }]

    @property
    def t_urls(self):
        return [
            reverse(
                url_conf['name'],
                args=url_conf.get('args', []),
                kwargs=url_conf.get('kwargs', {}),
            )
            for url_conf in self.urls_conf]

    @property
    def url(self):
        return self.t_urls[0]

    def assertForbidden(self, response):
        request = response.wsgi_request

        try:
            try:
                # Is this an HTTP Forbidden response ?
                self.assertEqual(response.status_code, 403)
            except AssertionError:
                # A redirection to the login view is fine too.

                # Let's build the login url with the 'next' param on current
                # page.
                full_path = request.get_full_path()

                querystring = QueryDict(mutable=True)
                querystring['next'] = full_path

                login_url = '/login?' + querystring.urlencode(safe='/')

                # We don't focus on what the login view does.
                # So don't fetch the redirect.
                self.assertRedirects(
                    response, login_url,
                    fetch_redirect_response=False,
                )
        except AssertionError:
            raise AssertionError(
                "%(http_method)s request at %(path)s should be forbidden for "
                "%(username)s user.\n"
                "Response isn't 403, nor a redirect to login view. Instead, "
                "response code is %(code)d." % {
                    'http_method': request.method,
                    'path': request.get_full_path(),
                    'username': (
                        "'{}'".format(request.user.username)
                        if request.user.username
                        else 'anonymous'
                    ),
                    'code': response.status_code,
                }
            )

    def assertForbiddenKfet(self, response):
        self.assertEqual(response.status_code, 200)
        form = response.context['form']
        self.assertIn("Permission refusée", form.non_field_errors)

    def test_urls(self):
        for url, conf in zip(self.t_urls, self.urls_conf):
            self.assertEqual(url, conf['expected'])

    def test_forbidden(self):
        for creds in self.auth_forbidden:
            for url in self.t_urls:
                client = Client()
                if creds is not None:
                    client.login(username=creds, password=creds)
                r = client.get(url)
                self.assertForbidden(r)