Home Explore Help
Sign In
221V
/
Misago
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1a1ddb395a
Branches Tags
Misago
/
misago
/
admin
/
tests
/
test_admin_views.py

test_admin_views.py 6.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189 
  1. from django.contrib.auth import get_user_model
    2. 

  2. from django.test import TestCase
    3. 

  3. from django.urls import reverse
    4. 

  4. 

  5. from ..testutils import AdminTestCase
    6. 

  6. from ..views import get_protected_namespace
    7. 

  7. 

  8. 

  9. class FakeRequest(object):
    10. 

  10.     def __init__(self, path):
    11. 

  11.         self.path = path
    12. 

  12.         self.path_info = path
    13. 

  13. 

  14. 

  15. class AdminProtectedNamespaceTests(TestCase):
    16. 

  16.     def test_valid_cases(self):
    17. 

  17.         """get_protected_namespace returns true for protected links"""
    18. 

  18.         links_prefix = reverse('misago:admin:index')
    19. 

  19.         TEST_CASES = (
    20. 

  20.             '',
    21. 

  21.             'somewhere/',
    22. 

  22.             'ejksajdlksajldjskajdlksajlkdas',
    23. 

  23.         )
    24. 

  24. 

  25.         for case in TEST_CASES:
    26. 

  26.             request = FakeRequest(links_prefix + case)
    27. 

  27.             self.assertEqual(get_protected_namespace(request), 'misago:admin')
    28. 

  28. 

  29.     def test_invalid_cases(self):
    30. 

  30.         """get_protected_namespace returns none for other links"""
    31. 

  31.         TEST_CASES = (
    32. 

  32.             '/',
    33. 

  33.             '/somewhere/',
    34. 

  34.             '/ejksajdlksajldjskajdlksajlkdas',
    35. 

  35.         )
    36. 

  36. 

  37.         for case in TEST_CASES:
    38. 

  38.             request = FakeRequest(case)
    39. 

  39.             self.assertEqual(get_protected_namespace(request), None)
    40. 

  40. 

  41. 

  42. class AdminLoginViewTests(TestCase):
    43. 

  43.     def test_login_returns_200_on_get(self):
    44. 

  44.         """unauthenticated request to admin index produces login form"""
    45. 

  45.         response = self.client.get(reverse('misago:admin:index'))
    46. 

  46. 

  47.         self.assertContains(response, 'Sign in')
    48. 

  48.         self.assertContains(response, 'Username or e-mail')
    49. 

  49.         self.assertContains(response, 'Password')
    50. 

  50. 

  51.     def test_login_returns_200_on_invalid_post(self):
    52. 

  52.         """form handles invalid data gracefully"""
    53. 

  53.         response = self.client.post(
    54. 

  54.             reverse('misago:admin:index'),
    55. 

  55.             data={'username': 'Nope', 'password': 'Nope'})
    56. 

  56. 

  57.         self.assertContains(response, "Login or password is incorrect.")
    58. 

  58.         self.assertContains(response, "Sign in")
    59. 

  59.         self.assertContains(response, "Username or e-mail")
    60. 

  60.         self.assertContains(response, "Password")
    61. 

  61. 

  62.     def test_login_denies_non_staff_non_superuser(self):
    63. 

  63.         """login rejects user thats non staff and non superuser"""
    64. 

  64.         User = get_user_model()
    65. 

  65.         user = User.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
    66. 

  66. 

  67.         user.is_staff = False
    68. 

  68.         user.is_superuser = False
    69. 

  69.         user.save()
    70. 

  70. 

  71.         response = self.client.post(
    72. 

  72.             reverse('misago:admin:index'),
    73. 

  73.             data={'username': 'Bob', 'password': 'Pass.123'})
    74. 

  74. 

  75.         self.assertContains(response, "Your account does not have admin privileges.")
    76. 

  76. 

  77.     def test_login_denies_non_staff_superuser(self):
    78. 

  78.         """login rejects user thats non staff and superuser"""
    79. 

  79.         User = get_user_model()
    80. 

  80.         user = User.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
    81. 

  81. 

  82.         user.is_staff = False
    83. 

  83.         user.is_superuser = True
    84. 

  84.         user.save()
    85. 

  85. 

  86.         response = self.client.post(
    87. 

  87.             reverse('misago:admin:index'),
    88. 

  88.             data={'username': 'Bob', 'password': 'Pass.123'})
    89. 

  89. 

  90.         self.assertContains(response, "Your account does not have admin privileges.")
    91. 

  91. 

  92.     def test_login_signs_in_staff_non_superuser(self):
    93. 

  93.         """login passess user thats staff and non superuser"""
    94. 

  94.         User = get_user_model()
    95. 

  95.         user = User.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
    96. 

  96. 

  97.         user.is_staff = True
    98. 

  98.         user.is_superuser = False
    99. 

  99.         user.save()
    100. 

  100. 

  101.         response = self.client.post(
    102. 

  102.             reverse('misago:admin:index'),
    103. 

  103.             data={'username': 'Bob', 'password': 'Pass.123'})
    104. 

  104. 

  105.         self.assertEqual(response.status_code, 302)
    106. 

  106. 

  107.     def test_login_signs_in_staff_superuser(self):
    108. 

  108.         """login passess user thats staff and superuser"""
    109. 

  109.         User = get_user_model()
    110. 

  110.         user = User.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
    111. 

  111. 

  112.         user.is_staff = True
    113. 

  113.         user.is_superuser = True
    114. 

  114.         user.save()
    115. 

  115. 

  116.         response = self.client.post(
    117. 

  117.             reverse('misago:admin:index'),
    118. 

  118.             data={'username': 'Bob', 'password': 'Pass.123'})
    119. 

  119. 

  120.         self.assertEqual(response.status_code, 302)
    121. 

  121. 

  122. 

  123. class AdminLogoutTests(AdminTestCase):
    124. 

  124.     def test_admin_logout(self):
    125. 

  125.         """admin logout logged from admin only"""
    126. 

  126.         response = self.client.post(reverse('misago:admin:logout'))
    127. 

  127.         self.assertEqual(response.status_code, 302)
    128. 

  128. 

  129.         response = self.client.get(reverse('misago:admin:index'))
    130. 

  130.         self.assertContains(response, "Your admin session has been closed.")
    131. 

  131. 

  132.         response = self.client.get(reverse('misago:index'))
    133. 

  133.         self.assertContains(response, self.user.username)
    134. 

  134. 

  135.     def test_complete_logout(self):
    136. 

  136.         """complete logout logged from both admin and site"""
    137. 

  137.         response = self.client.post(reverse('misago:logout'))
    138. 

  138.         self.assertEqual(response.status_code, 302)
    139. 

  139. 

  140.         response = self.client.get(reverse('misago:admin:index'))
    141. 

  141.         self.assertContains(response, "Sign in")
    142. 

  142. 

  143.         response = self.client.get(reverse('misago:index'))
    144. 

  144.         self.assertContains(response, "Sign in")
    145. 

  145. 

  146. 

  147. class AdminViewAccessTests(AdminTestCase):
    148. 

  148.     def test_admin_denies_non_staff_non_superuser(self):
    149. 

  149.         """admin middleware rejects user thats non staff and non superuser"""
    150. 

  150.         self.user.is_staff = False
    151. 

  151.         self.user.is_superuser = False
    152. 

  152.         self.user.save()
    153. 

  153. 

  154.         response = self.client.get(reverse('misago:admin:index'))
    155. 

  155.         self.assertContains(response, "Sign in")
    156. 

  156. 

  157.     def test_admin_denies_non_staff_superuser(self):
    158. 

  158.         """admin middleware rejects user thats non staff and superuser"""
    159. 

  159.         self.user.is_staff = False
    160. 

  160.         self.user.is_superuser = True
    161. 

  161.         self.user.save()
    162. 

  162. 

  163.         response = self.client.get(reverse('misago:admin:index'))
    164. 

  164.         self.assertContains(response, "Sign in")
    165. 

  165. 

  166.     def test_admin_passess_in_staff_non_superuser(self):
    167. 

  167.         """admin middleware passess user thats staff and non superuser"""
    168. 

  168.         self.user.is_staff = True
    169. 

  169.         self.user.is_superuser = False
    170. 

  170.         self.user.save()
    171. 

  171. 

  172.         response = self.client.get(reverse('misago:admin:index'))
    173. 

  173.         self.assertContains(response, self.user.username)
    174. 

  174. 

  175.     def test_admin_passess_in_staff_superuser(self):
    176. 

  176.         """admin middleware passess user thats staff and superuser"""
    177. 

  177.         self.user.is_staff = True
    178. 

  178.         self.user.is_superuser = True
    179. 

  179.         self.user.save()
    180. 

  180. 

  181.         response = self.client.get(reverse('misago:admin:index'))
    182. 

  182.         self.assertContains(response, self.user.username)
    183. 

  183. 

  184. class AdminIndexViewTests(AdminTestCase):
    185. 

  185.     def test_view_returns_200(self):
    186. 

  186.         """admin index view returns 200"""
    187. 

  187.         response = self.client.get(reverse('misago:admin:index'))
    188. 

  188. 

  189.         self.assertContains(response, self.user.username)
    190.