diff --git a/input/tests/__init__.py b/input/tests/__init__.py index da17d30..e44ead7 100644 --- a/input/tests/__init__.py +++ b/input/tests/__init__.py @@ -1,2 +1,2 @@ from .models import ModelTestCase -from .views import ViewTestCase +from .views import AuthenticatedViewTestCase, AnonymousViewTestCase diff --git a/input/tests/views.py b/input/tests/views.py index 5c0950d..53101d5 100644 --- a/input/tests/views.py +++ b/input/tests/views.py @@ -1,9 +1,10 @@ from django.test import TestCase -from input.utils.testing import request +from input.models import Library +from input.utils.testing import create_superuser, login, request -class ViewTestCase(TestCase): +class AnonymousViewTestCase(TestCase): def test_index(self): response = request(self, 'index') @@ -91,3 +92,42 @@ class ViewTestCase(TestCase): 'duration': 'Test', 'notes': '', }) + + +class AuthenticatedViewTestCase(TestCase): + + @classmethod + def setUpTestData(cls): + cls.user = create_superuser('staff') + + def setUp(self): + login(self) + + def test_export(self): + request(self, 'export') + + def helper_auth_deny(self, view, expected): + obj = Library.objects.create(library='Test') + + request(self, view, args=[obj.type, obj.id]) + + obj.refresh_from_db(fields=['granted']) + + self.assertEqual(obj.granted, expected) + + def helper_auth_deny_error(self, view): + response = request(self, view, args=['TEST', 1]) + + self.assertContains(response, 'ERROR') + + def test_authorize(self): + self.helper_auth_deny('authorize', True) + + def test_authorize_error(self): + self.helper_auth_deny_error('authorize') + + def test_deny(self): + self.helper_auth_deny('deny', False) + + def test_deny_error(self): + self.helper_auth_deny_error('deny') diff --git a/input/utils/testing.py b/input/utils/testing.py index 2481df7..d82768e 100644 --- a/input/utils/testing.py +++ b/input/utils/testing.py @@ -1,5 +1,7 @@ from typing import Any, Iterable, Mapping, Union, Tuple, Protocol +from django.apps import apps +from django.conf import settings from django.http import HttpRequest, HttpResponse from django.http.response import HttpResponseRedirectBase, StreamingHttpResponse from django.shortcuts import resolve_url @@ -112,3 +114,39 @@ def request( test_case.assertEqual(response.status_code, status_code, msg=msg) return response + + +def login(test_case: SimpleTestCase, user=None, password: str = None) -> bool: + """ + Logs in the user trying to use the raw password or the given password. + Force logs in the user when no password is found. + """ + + user = user or getattr(test_case, 'user') + password = password or getattr(user, 'raw_password', password) + + if password is None: + return test_case.client.force_login(user=user) or True + + return test_case.client.login(username=user.username, password=password) + + +def create_user(username: str, *, model=None, **kwargs): + model = model or apps.get_model(settings.AUTH_USER_MODEL) + password = kwargs.setdefault('password', 'P4sSW0rD') + + kwargs.setdefault('email', f'{username}@test.case') + kwargs.setdefault(model.USERNAME_FIELD, username) + + user = model.objects.create_user(**kwargs) + + user.raw_password = password + + return user + + +def create_superuser(username: str, **kwargs): + kwargs['is_superuser'] = True + kwargs['is_staff'] = True + + return create_user(username, **kwargs) diff --git a/input/views.py b/input/views.py index bc02e07..46c92c7 100755 --- a/input/views.py +++ b/input/views.py @@ -36,8 +36,6 @@ def auth_deny(choice, pk, auth): MODELS[choice].set_granted(pk, auth) - return False - @login_required def export(request): @@ -50,8 +48,7 @@ def authorize(request, choice, pk): '''If IF grant a support they click a link in a mail which leads here. We write the granted field in the database here and set a timestamp.''' - ret = auth_deny(choice, pk, True) - if ret: + if ret := auth_deny(choice, pk, True): return ret else: return HttpResponse(f"AUTHORIZED! choice: {choice}, pk: {pk}") @@ -62,8 +59,7 @@ def deny(request, choice, pk): '''If IF denies a support they click a link in a mail which leads here We write the granted field in the database here.''' - ret = auth_deny(choice, pk, False) - if ret: + if ret := auth_deny(choice, pk, False): return ret else: return HttpResponse(f"DENIED! choice: {choice}, pk: {pk}")