Commit df1239d4 authored by Enrico Zini's avatar Enrico Zini
Browse files

Moved impersonate tests to new app. refs: #12

parent 529cdf7e
from __future__ import annotations
from django.test import TestCase
from django.urls import reverse
from backend.unittest import PersonFixtureMixin
# Create your tests here.
class TestPermissions(PersonFixtureMixin, TestCase):
@classmethod
def __add_extra_tests__(cls):
non_fd = ["pending", "dc", "dc_ga", "dm", "dm_ga", "dd_nu", "dd_u", "dd_e", "dd_r", "activeam", "oldam"]
fd = ["fd", "dam"]
for visitor in [None] + non_fd:
for visited in non_fd + fd:
cls._add_method(cls._test_impersonate_fail, visitor, visited)
for visitor in fd:
for visited in non_fd + fd:
cls._add_method(cls._test_impersonate_success, visitor, visited)
def _test_impersonate_success(self, visitor, visited):
client = self.make_test_client(visitor)
response = client.post(reverse("impersonate"), data={"pk": self.persons[visited].pk, "next": "/"})
self.assertRedirectMatches(response, "^/$")
def _test_impersonate_fail(self, visitor, visited):
client = self.make_test_client(visitor)
response = client.post(reverse("impersonate"), data={"pk": self.persons[visited].pk})
self.assertPermissionDenied(response)
......@@ -21,7 +21,10 @@ class Impersonate(View):
messages.add_message(request, messages.INFO, _("Impersonation canceled"))
user = effective_user
else:
try:
user = User.objects.get(pk=pk)
except User.DoesNotExist:
raise PermissionDenied
request.session["impersonate"] = user.pk
messages.info(request, _("Impersonating {}").format(user))
......
from __future__ import annotations
from django.test import TestCase
from django.urls import reverse
from backend.unittest import PersonFixtureMixin
......@@ -7,33 +8,12 @@ import json
class TestPermissions(PersonFixtureMixin, TestCase):
@classmethod
def __add_extra_tests__(cls):
non_fd = ["pending", "dc", "dc_ga", "dm", "dm_ga", "dd_nu", "dd_u", "dd_e", "dd_r", "activeam", "oldam"]
fd = ["fd", "dam"]
for visitor in [None] + non_fd:
for visited in non_fd + fd:
cls._add_method(cls._test_impersonate_fail, visitor, visited)
for visitor in fd:
for visited in non_fd + fd:
cls._add_method(cls._test_impersonate_success, visitor, visited)
for visitor in None, "pending", "dc", "dc_ga", "dm", "dm_ga", "dd_e", "dd_r":
cls._add_method(cls._test_export_fail, visitor)
for visitor in "dd_nu", "dd_u", "activeam", "oldam", "fd", "dam":
cls._add_method(cls._test_export_success, visitor)
def _test_impersonate_success(self, visitor, visited):
client = self.make_test_client(visitor)
response = client.get(reverse("impersonate", kwargs={"key": self.persons[visited].lookup_key}))
self.assertRedirectMatches(response, "^/$")
def _test_impersonate_fail(self, visitor, visited):
client = self.make_test_client(visitor)
response = client.get(reverse("impersonate", kwargs={"key": self.persons[visited].lookup_key}))
self.assertPermissionDenied(response)
def _test_export_success(self, visitor):
self.persons.dc.email = "private@example.org"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment