Skip to content

Commit

Permalink
update appalerts and adminalerts perm tests (#1267)
Browse files Browse the repository at this point in the history
  • Loading branch information
@mikkonie
mikkonie committed Sep 8, 2023
1 parent 792a099 commit 867d645
Show file tree
Hide file tree
Showing 3 changed files with 174 additions and 102 deletions.
142 changes: 83 additions & 59 deletions adminalerts/tests/test_permissions.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
"""Permission tests for the adminalerts app"""
"""Test for UI view permissions in the adminalerts app"""

from django.test import override_settings
from django.urls import reverse
Expand All @@ -9,8 +9,8 @@
from adminalerts.tests.test_models import AdminAlertMixin


class TestAdminAlertPermissions(AdminAlertMixin, TestSiteAppPermissionBase):
"""Tests for AdminAlert permissions"""
class AdminalertsPermissionTestBase(AdminAlertMixin, TestSiteAppPermissionBase):
"""Base test class for adminalerts UI view permission tests"""

def setUp(self):
super().setUp()
Expand All @@ -22,99 +22,123 @@ def setUp(self):
active=True,
)

def test_alert_list(self):
"""Test permissions for AdminAlert list"""
url = reverse('adminalerts:list')

class TestAdminAlertListView(AdminalertsPermissionTestBase):
"""Permission tests for AdminAlertListView"""

def setUp(self):
super().setUp()
self.url = reverse('adminalerts:list')

def test_get(self):
"""Test AdminAlertListView GET"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_alert_list_anon(self):
"""Test permissions for AdminAlert list with anonymous access"""
url = reverse('adminalerts:list')
def test_get_anon(self):
"""Test GET with anonymous access"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)


def test_alert_detail(self):
"""Test permissions for AdminAlert details"""
url = reverse(
class TestAdminAlertDetailView(AdminalertsPermissionTestBase):
"""Permission tests for dminAlertDetailView"""

def setUp(self):
super().setUp()
self.url = reverse(
'adminalerts:detail', kwargs={'adminalert': self.alert.sodar_uuid}
)

def test_get(self):
"""Test AdminAlertDetailView GET"""
good_users = [self.superuser, self.regular_user]
bad_users = [self.anonymous]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_alert_detail_anon(self):
"""Test permissions for AdminAlert details with anonymous access"""
url = reverse(
'adminalerts:detail', kwargs={'adminalert': self.alert.sodar_uuid}
)
def test_get_anon(self):
"""Test GET with anonymous access"""
good_users = [self.superuser, self.regular_user]
bad_users = [self.anonymous]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)

def test_alert_create(self):
"""Test permissions for AdminAlert creation"""
url = reverse('adminalerts:create')

class TestAdminAlertCreateView(AdminalertsPermissionTestBase):
"""Permission tests for AdminAlertCreateView"""

def setUp(self):
super().setUp()
self.url = reverse('adminalerts:create')

def test_get(self):
"""Test AdminAlertCreateView GET"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_alert_create_anon(self):
"""Test permissions for AdminAlert creation with anonymous access"""
url = reverse('adminalerts:create')
def test_get_anon(self):
"""Test GET with anonymous access"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)


def test_alert_update(self):
"""Test permissions for AdminAlert updating"""
url = reverse(
class TestAdminAlertUpdateView(AdminalertsPermissionTestBase):
"""Permission tests for AdminAlertUpdateView"""

def setUp(self):
super().setUp()
self.url = reverse(
'adminalerts:update', kwargs={'adminalert': self.alert.sodar_uuid}
)

def test_get(self):
"""Test AdminAlertUpdateView GET"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_alert_update_anon(self):
"""Test permissions for AdminAlert updating with anonymous access"""
url = reverse(
'adminalerts:update', kwargs={'adminalert': self.alert.sodar_uuid}
)
def test_get_anon(self):
"""Test GET with anonymous access"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)

def test_alert_delete(self):
"""Test permissions for AdminAlert deletion"""
url = reverse(

class TestAdminAlertDeleteView(AdminalertsPermissionTestBase):
"""Permission tests for AdminAlertDeleteView"""

def setUp(self):
super().setUp()
self.url = reverse(
'adminalerts:delete', kwargs={'adminalert': self.alert.sodar_uuid}
)

def test_get(self):
"""Test AdminAlertDeleteView GET"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_alert_delete_anon(self):
"""Test permissions for AdminAlert deletion with anonymous access"""
url = reverse(
'adminalerts:delete', kwargs={'adminalert': self.alert.sodar_uuid}
)
def test_get_anon(self):
"""Test GET with anonymous access"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, bad_users, 302)
28 changes: 13 additions & 15 deletions adminalerts/tests/test_permissions_ajax.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@
from adminalerts.tests.test_models import AdminAlertMixin


class TestAdminAlertPermissions(AdminAlertMixin, TestSiteAppPermissionBase):
"""Tests for AdminAlert views"""
class TestAdminAlertActiveToggleAjaxView(
AdminAlertMixin, TestSiteAppPermissionBase
):
"""Permission tests for AdminAlertActiveToggleAjaxView"""

def setUp(self):
super().setUp()
Expand All @@ -21,23 +23,19 @@ def setUp(self):
description='description',
active=True,
)

def test_active_toggle(self):
"""Test permissions for activation Ajax view"""
url = reverse(
self.url = reverse(
'adminalerts:ajax_active_toggle',
kwargs={'adminalert': self.alert.sodar_uuid},
)

def test_post(self):
"""Test AdminAlertActiveToggleAjaxView POST"""
good_users = [self.superuser]
bad_users = [self.anonymous, self.regular_user]
self.assert_response(url, good_users, 200, method='POST')
self.assert_response(url, bad_users, 403, method='POST')
self.assert_response(self.url, good_users, 200, method='POST')
self.assert_response(self.url, bad_users, 403, method='POST')

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_active_toggle_anon(self):
"""Test permissions for activation Ajax view with anonymous access"""
url = reverse(
'adminalerts:ajax_active_toggle',
kwargs={'adminalert': self.alert.sodar_uuid},
)
self.assert_response(url, self.anonymous, 403, method='POST')
def test_post_anon(self):
"""Test POST with anonymous access"""
self.assert_response(self.url, self.anonymous, 403, method='POST')
106 changes: 78 additions & 28 deletions appalerts/tests/test_permissions.py
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
"""Permission tests for the appalerts app"""
"""Test for view permissions in the appalerts app"""

from django.test import override_settings
from django.urls import reverse


# Projectroles dependency
from projectroles.tests.test_permissions import TestSiteAppPermissionBase

from appalerts.tests.test_models import AppAlertMixin


class TestAppAlertPermissions(AppAlertMixin, TestSiteAppPermissionBase):
"""Tests for AppAlert permissions"""
class AppalertsPermissionTestBase(AppAlertMixin, TestSiteAppPermissionBase):
"""Base test class for appalerts view permission tests"""

def setUp(self):
super().setUp()
Expand All @@ -21,46 +21,96 @@ def setUp(self):
user=self.regular_user, url=reverse('home')
)

def test_list(self):
"""Test permissions for the alert list view"""
url = reverse('appalerts:list')

class TestAppAlertListView(AppalertsPermissionTestBase):
"""Permission tests for AppAlertListView"""

def setUp(self):
super().setUp()
self.url = reverse('appalerts:list')

def test_get(self):
"""Test AppAlertListView GET"""
good_users = [
self.superuser,
self.regular_user,
self.no_alert_user,
]
bad_users = [self.anonymous]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 302)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, self.anonymous, 302)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_get_anon(self):
"""Test GET with anonymous access"""
self.assert_response(self.url, self.anonymous, 302)


def test_redirect(self):
"""Test permissions for the alert list view"""
url = reverse(
class TestAppAlertRedirectView(AppalertsPermissionTestBase):
"""Permission tests for AppAlertLinkRedirectView"""

def setUp(self):
super().setUp()
self.url = reverse(
'appalerts:redirect', kwargs={'appalert': self.alert.sodar_uuid}
)
bad_url = reverse('appalerts:list')
self.bad_redirect_url = reverse('appalerts:list')

def test_get(self):
"""Test AppAlertLinkRedirectView GET"""
good_users = [self.regular_user]
bad_users = [self.superuser, self.no_alert_user, self.anonymous]
self.assert_response(
url, good_users, 302, redirect_user=reverse('home')
self.url, good_users, 302, redirect_user=reverse('home')
)
self.assert_response(
self.url, bad_users, 302, redirect_user=self.bad_redirect_url
)
self.assert_response(url, bad_users, 302, redirect_user=bad_url)

def test_ajax_status(self):
"""Test permissions for the alert status ajax view"""
url = reverse('appalerts:ajax_status')
@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_get_anon(self):
"""Test GET with anonymous access"""
self.assert_response(
self.url, self.anonymous, 302, redirect_user=self.bad_redirect_url
)


class TestAppAlertStatusAjaxView(AppalertsPermissionTestBase):
"""Permission tests for AppAlertStatusAjaxView"""

def setUp(self):
super().setUp()
self.url = reverse('appalerts:ajax_status')

def test_get(self):
"""Test AppAlertStatusAjaxView GET"""
good_users = [self.superuser, self.regular_user, self.no_alert_user]
bad_users = [self.anonymous]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 403)
self.assert_response(self.url, good_users, 200)
self.assert_response(self.url, self.anonymous, 403)

def test_ajax_dismiss(self):
"""Test permissions for the alert dismiss ajax view"""
url = reverse(
@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_get_anon(self):
"""Test GET with anonymous access"""
self.assert_response(self.url, self.anonymous, 403)


class TestAppAlertDismissAjaxView(AppalertsPermissionTestBase):
"""Permission tests for AppAlertDismissAjaxView"""

def setUp(self):
super().setUp()
self.url = reverse(
'appalerts:ajax_dismiss', kwargs={'appalert': self.alert.sodar_uuid}
)

def test_post(self):
"""Test AppAlertDismissAjaxView POST"""
good_users = [self.regular_user]
bad_users = [self.superuser, self.no_alert_user]
self.assert_response(url, good_users, 200, method='POST')
self.assert_response(url, bad_users, 404, method='POST')
self.assert_response(url, self.anonymous, 403, method='POST')
self.assert_response(self.url, good_users, 200, method='POST')
self.assert_response(self.url, bad_users, 404, method='POST')
self.assert_response(self.url, self.anonymous, 403, method='POST')

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_post_anon(self):
"""Test POST with anonymous access"""
self.assert_response(self.url, self.anonymous, 403, method='POST')

0 comments on commit 867d645

Please sign in to comment.