diff --git a/apps/accounts/admin.py b/apps/accounts/admin.py index bdbb51be..dedc916e 100644 --- a/apps/accounts/admin.py +++ b/apps/accounts/admin.py @@ -1,11 +1,9 @@ -from typing import Optional from django.db import models from django.core.mail import send_mail from django.core.exceptions import PermissionDenied from django.conf import settings from django.contrib import messages from django.contrib import admin -from django.http.request import HttpRequest from django.urls import reverse from django.http import HttpResponseRedirect from django.contrib.auth.admin import UserAdmin, GroupAdmin, Group diff --git a/apps/accounts/tests/test_admin.py b/apps/accounts/tests/test_admin.py index 34e89590..e407828d 100644 --- a/apps/accounts/tests/test_admin.py +++ b/apps/accounts/tests/test_admin.py @@ -527,15 +527,26 @@ def test_user_admin_displays_managed_providers_and_dcs( assert datacenter.name in user_admin.managed_datacenters(sample_hoster_user) def test_user_cannot_access_another_user_change_view( - self, db, sample_hoster_user, greenweb_staff_user + self, db, client, sample_hoster_user, greenweb_staff_user ): - user_admin = ac_admin.CustomUserAdmin(ac_models.User, admin_site.greenweb_admin) - request = MagicMock() - request.user = sample_hoster_user - response = user_admin.change_view(request, str(greenweb_staff_user.id)) + client.force_login(sample_hoster_user) + change_user_url = urls.reverse( + "greenweb_admin:accounts_user_change", args=[greenweb_staff_user.id] + ) + response = client.get(change_user_url) assert response.status_code == 302 assert response.url == "/admin/" + def test_staff_can_access_another_user_change_view( + self, db, client, sample_hoster_user, greenweb_staff_user + ): + client.force_login(greenweb_staff_user) + change_user_url = urls.reverse( + "greenweb_admin:accounts_user_change", args=[sample_hoster_user.id] + ) + response = client.get(change_user_url) + assert response.status_code == 200 + def test_provider_request_accessible_by_admin( db,