From fa674ad70439cea0de962b87e5ac4c4dc0fa16f7 Mon Sep 17 00:00:00 2001 From: Matthew Lemon Date: Wed, 27 May 2020 16:21:51 +0100 Subject: working through permissions issues --- ctrack/users/models.py | 3 ++- ctrack/users/tests/test_functional.py | 24 +++++++++++++++++++---- ctrack/users/tests/test_models.py | 4 ++-- ctrack/users/tests/test_views.py | 37 +++++++++++++++++++++++++++++++++-- 4 files changed, 59 insertions(+), 9 deletions(-) (limited to 'ctrack/users') diff --git a/ctrack/users/models.py b/ctrack/users/models.py index 688254f..052efd6 100644 --- a/ctrack/users/models.py +++ b/ctrack/users/models.py @@ -16,6 +16,7 @@ class User(AbstractUser): def get_absolute_url(self): return reverse("users:detail", kwargs={"username": self.username}) + @property def is_stakeholder(self): if self.stakeholder is not None: return True @@ -23,5 +24,5 @@ class User(AbstractUser): return False def get_organisation_name(self): - if self.is_stakeholder(): + if self.is_stakeholder: return self.stakeholder.person.organisation.name diff --git a/ctrack/users/tests/test_functional.py b/ctrack/users/tests/test_functional.py index 1edb17e..74d72d0 100644 --- a/ctrack/users/tests/test_functional.py +++ b/ctrack/users/tests/test_functional.py @@ -15,7 +15,7 @@ from ctrack.users.models import User pytestmark = pytest.mark.django_db -def test_regular_user_can_log_in(browser, person, live_server): +def test_regular_user_can_log_in(browser, live_server): # Toss McBride is an OES user. He logs into the system... User.objects.create_user(username="toss", password="knob") @@ -38,9 +38,7 @@ def test_regular_user_can_log_in(browser, person, live_server): ] -def test_stakeholder_can_log_in_and_see_their_home( - browser, person, live_server, stakeholder -): +def test_stakeholder_can_log_in_and_see_their_home(browser, live_server, stakeholder): # Toss McBride is an OES user. He logs into the system... user = User.objects.create_user(username="toss", password="knob") @@ -64,3 +62,21 @@ def test_stakeholder_can_log_in_and_see_their_home( assert "THIS IS A TEMPLATE FOR A STAKEHOLDER USER" in [ m.text for m in type_user_message ] + + +def test_stakeholder_can_log_in_but_receieved_permisson_denied_when_off_piste( + browser, live_server, stakeholder +): + user = User.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + browser.get(live_server + "/accounts/login") + browser.find_element_by_id("id_login").send_keys("toss") + browser.find_element_by_id("id_password").send_keys("knob") + browser.find_element_by_id("sign_in_button").submit() + time.sleep(1) + # Try to browser to Organisations list + browser.get(live_server + "/organisations") + assert "Sorry. You are not authorised to view that page." in [ + x.text for x in browser.find_elements_by_tag_name("p") + ] diff --git a/ctrack/users/tests/test_models.py b/ctrack/users/tests/test_models.py index 402c41b..368be34 100644 --- a/ctrack/users/tests/test_models.py +++ b/ctrack/users/tests/test_models.py @@ -24,6 +24,6 @@ def test_stakeholder_model(person, user): stakeholder = Stakeholder(person=person) org = person.organisation.name user.stakeholder = stakeholder - assert user.stakeholder.person.first_name == "Chinaplate" - assert user.is_stakeholder() is True + assert user.stakeholder.person.first_name == "Toss" + assert user.is_stakeholder is True assert user.get_organisation_name() == org diff --git a/ctrack/users/tests/test_views.py b/ctrack/users/tests/test_views.py index 6f458a3..ae7fbd7 100644 --- a/ctrack/users/tests/test_views.py +++ b/ctrack/users/tests/test_views.py @@ -68,7 +68,7 @@ def test_profile_view_contains_organisation_information( assert response.status_code == 200 assert response.context_data["user"].username == user.username - assert response.context_data["user"].is_stakeholder() is True + assert response.context_data["user"].is_stakeholder is True assert response.context_data["user"].stakeholder.person.first_name == "Toss" # Two ways of getting the organisaton name @@ -110,7 +110,7 @@ def test_regular_user_redirected_to_their_template_on_login( def test_stakeholder_redirected_to_their_template_on_login( - django_user_model, person, request_factory: RequestFactory, stakeholder + django_user_model, request_factory: RequestFactory, stakeholder ): """ When a user logs in WITH a stakeholder mapping, they get sent to the stakehoder user @@ -124,3 +124,36 @@ def test_stakeholder_redirected_to_their_template_on_login( response = home_page(request) assert response.status_code == 200 assert b"THIS IS A TEMPLATE FOR A STAKEHOLDER USER" in response.content + + +def test_stakeholder_returns_is_stakeholder( + django_user_model, request_factory, stakeholder +): + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + request = request_factory.get("/") + request.user = user + assert request.user.is_stakeholder is True + + +def test_stakeholder_user_is_not_staff(django_user_model, stakeholder): + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + assert user.is_staff is False + + +def test_user_received_persmission_denied_when_accessing_disallowed_page( + django_user_model, request_factory, stakeholder +): + user = django_user_model.objects.create_user(username="toss", password="knob") + user.stakeholder = stakeholder + user.save() + assert user.has_perm("ctrack.organisations.view_organisation") is True + user.user_permissions.clear() + assert user.has_perm("ctrack.organisations.view_organisation") is False + request = request_factory.get("/organisations") + request.user = user + response = home_page(request) + assert response.status_code == 403 -- cgit v1.2.3