diff options
Diffstat (limited to 'ctrack/users/tests')
-rw-r--r-- | ctrack/users/tests/test_functional.py | 124 | ||||
-rw-r--r-- | ctrack/users/tests/test_models.py | 10 | ||||
-rw-r--r-- | ctrack/users/tests/test_views.py | 142 |
3 files changed, 260 insertions, 16 deletions
diff --git a/ctrack/users/tests/test_functional.py b/ctrack/users/tests/test_functional.py new file mode 100644 index 0000000..5622ab3 --- /dev/null +++ b/ctrack/users/tests/test_functional.py @@ -0,0 +1,124 @@ +""" +Functional tests. Are probably SLOW thanks to using Selenium to load a browser instance. + +The use case being tested here is related to a user being able to log in and hit +the correct page, containing their details. Those details depend on whether they are +a regular user or a stakeholder user. +""" + +import time + +import pytest +from django.contrib.auth.models import Permission + +from ctrack.users.models import User + +pytestmark = pytest.mark.django_db + + +def test_regular_user_can_log_in(browser, live_server): + + # Toss McBride is an OES user. He logs into the system... + User.objects.create_user(username="toss", password="knob") + browser.get(live_server + "/accounts/login") + browser.find_element_by_id("id_login").send_keys("toss") + browser.find_element_by_id("id_password").send_keys("knob") + browser.find_element_by_id("sign_in_button").submit() + time.sleep(1) + current_url = browser.current_url + assert current_url == live_server + "/" + + type_user_message = browser.find_elements_by_tag_name("p") + assert "THIS IS A TEMPLATE FOR A REGULAR USER" in [ + m.text for m in type_user_message + ] + + +def test_stakeholder_can_log_in_and_see_their_home(browser, live_server, stakeholder): + # Toss McBride is an OES user. He logs into the system... + + user = User.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + org = user.stakeholder.person.get_organisation_name() + user.save() + browser.get(live_server + "/accounts/login") + browser.find_element_by_id("id_login").send_keys("toss") + browser.find_element_by_id("id_password").send_keys("knob") + browser.find_element_by_id("sign_in_button").submit() + time.sleep(1) + current_url = browser.current_url + assert current_url == live_server + "/" + + p_tags = browser.find_elements_by_tag_name("p") + h2_tags = browser.find_elements_by_tag_name("h2") + assert "THIS IS A TEMPLATE FOR A STAKEHOLDER USER" in [m.text for m in p_tags] + assert org in [m.text for m in h2_tags] + assert ( + f"{user.stakeholder.person.first_name} {user.stakeholder.person.last_name}" + in [m.text for m in p_tags] + ) + + +def test_stakeholder_can_log_in_but_receieved_permisson_denied_when_off_piste( + browser, live_server, stakeholder +): + user = User.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + browser.get(live_server + "/accounts/login") + browser.find_element_by_id("id_login").send_keys("toss") + browser.find_element_by_id("id_password").send_keys("knob") + browser.find_element_by_id("sign_in_button").submit() + time.sleep(1) + # Try to browser to Organisations list + browser.get(live_server + "/organisations") + assert "Sorry. You do not have permission to view this page." in [ + x.text for x in browser.find_elements_by_tag_name("p") + ] + + +def test_stakeholder_user_with_permissions_can_view_page( + browser, live_server, stakeholder +): + user = User.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + org_list_permission = Permission.objects.get(name="Can view organisation") + + # Add the permission to view an Organisation, which is set on OrganisationListView + assert user.user_permissions.count() == 0 + user.user_permissions.add(org_list_permission) + assert user.user_permissions.count() == 1 + user.save() + + browser.get(live_server + "/accounts/login") + browser.find_element_by_id("id_login").send_keys("toss") + browser.find_element_by_id("id_password").send_keys("knob") + browser.find_element_by_id("sign_in_button").submit() + time.sleep(1) + # Try to browser to Organisations list + browser.get(live_server + "/organisations") + assert "Organisations" in browser.title + + +def test_stakeholder_user_can_see_requisite_subtitles_on_home_page( + browser, live_server, stakeholder +): + user = User.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + browser.get(live_server + "/accounts/login") + browser.find_element_by_id("id_login").send_keys("toss") + browser.find_element_by_id("id_password").send_keys("knob") + browser.find_element_by_id("sign_in_button").submit() + time.sleep(1) + current_url = browser.current_url + assert current_url == live_server + "/" + + # On the other side, he sees some basic details about himself. + assert "ctrack - Department for Transport" in browser.title + + h2 = browser.find_elements_by_tag_name("h2") + assert "Incident Reporting" in [x.text for x in h2] + assert "Audits and Inspections" in [x.text for x in h2] + assert "NIS systems" in [x.text for x in h2] + assert "DfT Engagement" in [x.text for x in h2] diff --git a/ctrack/users/tests/test_models.py b/ctrack/users/tests/test_models.py index 2d45cca..368be34 100644 --- a/ctrack/users/tests/test_models.py +++ b/ctrack/users/tests/test_models.py @@ -1,6 +1,6 @@ import pytest -from ctrack.users.stakeholder import Stakeholder +from ctrack.organisations.models import Stakeholder pytestmark = pytest.mark.django_db @@ -16,10 +16,14 @@ def test_user_is_person_object(user): assert user -def test_stakeholder_model(person): +def test_stakeholder_model(person, user): """ A stakeholder is someone who is part of the regime but also has user access to the the system. """ stakeholder = Stakeholder(person=person) - assert stakeholder + org = person.organisation.name + user.stakeholder = stakeholder + assert user.stakeholder.person.first_name == "Toss" + assert user.is_stakeholder is True + assert user.get_organisation_name() == org diff --git a/ctrack/users/tests/test_views.py b/ctrack/users/tests/test_views.py index 3299cd6..8dc4825 100644 --- a/ctrack/users/tests/test_views.py +++ b/ctrack/users/tests/test_views.py @@ -1,7 +1,9 @@ import pytest -from django.contrib.auth import get_user_model +from django.contrib.auth.models import Permission from django.test import RequestFactory +from ctrack.core.views import home_page +from ctrack.organisations.views import OrganisationListView from ctrack.users.models import User from ctrack.users.views import UserDetailView, UserRedirectView, UserUpdateView @@ -44,23 +46,137 @@ class TestUserRedirectView: view.request = request - assert view.get_redirect_url() == f"/users/{user.username}/" + assert view.get_redirect_url() == "/" -def test_profile_view_contains_organisation_information(): - """url: users/username - This is where users are redirected to when they log in and where I want to capture - information about the user - particularly if they are an OES user. +def test_profile_view_contains_organisation_information( + person, user, request_factory, stakeholder +): """ - user = get_user_model().objects.create_user( - username="testy", email="testy@test.com", password="test1020" - ) - factory = RequestFactory() - request = factory.get(f"/users/{user.username}") + This tests the context_data - not the rendered page... We'll do that in the + next test. + """ + org_name = person.organisation.name + user.stakeholder = stakeholder + user.save() + request = request_factory.get(f"/users/{user.username}") + # we have to do the following to simulate logged-in user # Django Advanced Testing Topics request.user = user + + # We pass 'username' rather than 'slug' here because we are setting 'slug_url_kwarg' in our CBV. response = UserDetailView.as_view()(request, username=user.username) + + assert response.status_code == 200 + assert response.context_data["user"].username == user.username + assert response.context_data["user"].is_stakeholder is True + assert response.context_data["user"].stakeholder.person.first_name == "Toss" + + # Two ways of getting the organisaton name + assert ( + response.context_data["user"].stakeholder.person.get_organisation_name() + == org_name + ) + assert response.context_data["user"].get_organisation_name() == org_name + assert response.context_data["user"].stakeholder.person.first_name == "Toss" + + +def test_home_page_h1_tag_with_client(client, django_user_model): + """ + Basic test of HTML from the home page. + """ + django_user_model.objects.create_user(username="toss", password="knob") + client.login(username="toss", password="knob") + response = client.get("/") + assert response.status_code == 200 + assert response.content[:15] == b"<!DOCTYPE html>" + assert b"<title>ctrack - Department for Transport</title>" in response.content + assert b"<h1>Welcome to ctrack - Department for Transport</h1>" in response.content + assert b"</html>" in response.content + + +def test_regular_user_redirected_to_their_template_on_login( + django_user_model, request_factory: RequestFactory +): + """ + When a user logs in without a stakeholder mapping, they get sent to the regular user + template. + """ + user = django_user_model.objects.create_user(username="toss", password="knob") + request = request_factory.get("/") + request.user = user + response = home_page(request) + assert response.status_code == 200 + assert b"<p>THIS IS A TEMPLATE FOR A REGULAR USER</p>" in response.content + + +def test_stakeholder_redirected_to_their_template_on_login( + django_user_model, request_factory: RequestFactory, stakeholder +): + """ + When a user logs in WITH a stakeholder mapping, they get sent to the stakehoder user + template. + """ + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + request = request_factory.get("/") + request.user = user + response = home_page(request) + assert response.status_code == 200 + assert b"THIS IS A TEMPLATE FOR A STAKEHOLDER USER" in response.content + + +def test_stakeholder_returns_is_stakeholder( + django_user_model, request_factory, stakeholder +): + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + request = request_factory.get("/") + request.user = user + assert request.user.is_stakeholder is True + + +def test_stakeholder_user_is_not_staff(django_user_model, stakeholder): + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + assert user.is_staff is False + + +def test_stakeholder_user_gets_301_when_trying_to_access_view_with_perm_set( + django_user_model, client, stakeholder +): + """ + No permissions are set when a regular user is created. This test knows that a suitable + permission is set on the ctrack.organisations.view.OrganisationListView, and therefore we + would expect a redirect/403 persmission denied response when trying to reach it with a + regular user. + """ + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + client.login(username="toss", password="knob") + response = client.get(path="https://localhost:8000/organisations") + assert ( + response.status_code == 301 + ) # This page redirects to 403.html, hence why its a 301 (I think) + + +@pytest.mark.skip("Explore why this does not pass - it passess in functional style") +def test_staff_user_gets_200_when_trying_to_access_view_with_perm_set( + django_user_model, client, stakeholder +): + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + org_list_permission = Permission.objects.get(name="Can view organisation") + assert user.user_permissions.count() == 0 + user.user_permissions.add(org_list_permission) + assert user.has_perm("organisations.view_organisation") + user.save() + logged_in = client.login(username="toss", password="knob") + assert logged_in is True + response = client.get("/organisations") assert response.status_code == 200 - # TODO - work out how we can attach an organisation to the User model - assert False, "This does nothing yet" |