From 069bc9b735c0473aed9946104ab85238d065bea1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C4=93teris=20Caune?= Date: Tue, 29 Jan 2019 19:57:18 +0200 Subject: [PATCH] Test cases for adding project, removing project and leaving project. --- hc/accounts/tests/test_add_project.py | 27 +++++++++++++++++ hc/accounts/tests/test_close_account.py | 4 --- hc/accounts/tests/test_profile.py | 19 ++++++++++++ hc/accounts/tests/test_project.py | 11 +++++-- hc/accounts/tests/test_remove_project.py | 37 ++++++++++++++++++++++++ hc/accounts/views.py | 8 ++--- hc/front/views.py | 2 +- hc/test.py | 1 + 8 files changed, 97 insertions(+), 12 deletions(-) create mode 100644 hc/accounts/tests/test_add_project.py create mode 100644 hc/accounts/tests/test_remove_project.py diff --git a/hc/accounts/tests/test_add_project.py b/hc/accounts/tests/test_add_project.py new file mode 100644 index 00000000..93198678 --- /dev/null +++ b/hc/accounts/tests/test_add_project.py @@ -0,0 +1,27 @@ +from hc.accounts.models import Project +from hc.test import BaseTestCase + + +class RemoveProjectTestCase(BaseTestCase): + + def setUp(self): + super(RemoveProjectTestCase, self).setUp() + + self.url = "/projects/%s/remove/" % self.project.code + + def test_it_works(self): + self.client.login(username="alice@example.org", password="password") + r = self.client.post("/projects/add/", {"name": "My Second Project"}) + + p = Project.objects.get(owner=self.alice, name="My Second Project") + self.assertRedirects(r, "/projects/%s/checks/" % p.code) + self.assertEqual(str(p.code), p.badge_key) + + # Alice's current project should be the just created one + self.profile.refresh_from_db() + self.assertEqual(self.profile.current_project, p) + + def test_it_rejects_get(self): + self.client.login(username="alice@example.org", password="password") + r = self.client.get("/projects/add/") + self.assertEqual(r.status_code, 405) diff --git a/hc/accounts/tests/test_close_account.py b/hc/accounts/tests/test_close_account.py index 5a89ace5..a02666a7 100644 --- a/hc/accounts/tests/test_close_account.py +++ b/hc/accounts/tests/test_close_account.py @@ -20,10 +20,6 @@ class CloseAccountTestCase(BaseTestCase): alices = User.objects.filter(username="alice") self.assertFalse(alices.exists()) - # Alice should be gone - alices = User.objects.filter(username="alice") - self.assertFalse(alices.exists()) - # Bob's current team should now be None self.bobs_profile.refresh_from_db() self.assertIsNone(self.bobs_profile.current_project) diff --git a/hc/accounts/tests/test_profile.py b/hc/accounts/tests/test_profile.py index 16c4c6c0..88a29483 100644 --- a/hc/accounts/tests/test_profile.py +++ b/hc/accounts/tests/test_profile.py @@ -108,3 +108,22 @@ class ProfileTestCase(BaseTestCase): self.assertEqual(len(mail.outbox), 1) expected_subject = "Change email address on %s" % settings.SITE_NAME self.assertEqual(mail.outbox[0].subject, expected_subject) + + def test_leaving_works(self): + self.client.login(username="bob@example.org", password="password") + + form = {"code": str(self.project.code), "leave_project": "1"} + r = self.client.post("/accounts/profile/", form) + self.assertContains(r, "Left project") + self.assertNotContains(r, "Alice's Project") + + self.bobs_profile.refresh_from_db() + self.assertIsNone(self.bobs_profile.current_project) + self.assertFalse(self.bob.memberships.exists()) + + def test_leaving_checks_membership(self): + self.client.login(username="charlie@example.org", password="password") + + form = {"code": str(self.project.code), "leave_project": "1"} + r = self.client.post("/accounts/profile/", form) + self.assertEqual(r.status_code, 400) diff --git a/hc/accounts/tests/test_project.py b/hc/accounts/tests/test_project.py index b9804597..a7595083 100644 --- a/hc/accounts/tests/test_project.py +++ b/hc/accounts/tests/test_project.py @@ -11,6 +11,11 @@ class ProfileTestCase(BaseTestCase): self.url = "/projects/%s/settings/" % self.project.code + def test_it_checks_access(self): + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 404) + def test_it_shows_api_keys(self): self.project.api_key_readonly = "R" * 32 self.project.save() @@ -44,7 +49,7 @@ class ProfileTestCase(BaseTestCase): form = {"revoke_api_keys": "1"} r = self.client.post(self.url, form) - assert r.status_code == 200 + self.assertEqual(r.status_code, 200) self.project.refresh_from_db() self.assertEqual(self.project.api_key, "") @@ -69,8 +74,8 @@ class ProfileTestCase(BaseTestCase): self.assertFalse(member.user.project_set.exists()) # And an email should have been sent - subj = ('You have been invited to join' - ' alice@example.org on %s' % settings.SITE_NAME) + subj = ("You have been invited to join" + " Alice's Project on %s" % settings.SITE_NAME) self.assertEqual(mail.outbox[0].subject, subj) def test_it_checks_team_size(self): diff --git a/hc/accounts/tests/test_remove_project.py b/hc/accounts/tests/test_remove_project.py new file mode 100644 index 00000000..2faf6627 --- /dev/null +++ b/hc/accounts/tests/test_remove_project.py @@ -0,0 +1,37 @@ +from hc.api.models import Check +from hc.test import BaseTestCase + + +class RemoveProjectTestCase(BaseTestCase): + + def setUp(self): + super(RemoveProjectTestCase, self).setUp() + + self.url = "/projects/%s/remove/" % self.project.code + + def test_it_works(self): + Check.objects.create(project=self.project, tags="foo a-B_1 baz@") + + self.client.login(username="alice@example.org", password="password") + r = self.client.post(self.url) + self.assertRedirects(r, "/") + + # Alice's current project should be not set + self.profile.refresh_from_db() + self.assertEqual(self.profile.current_project, None) + + # Alice should not own any projects + self.assertFalse(self.alice.project_set.exists()) + + # Check should be gone + self.assertFalse(Check.objects.exists()) + + def test_it_rejects_get(self): + self.client.login(username="alice@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 405) + + def test_it_checks_access(self): + self.client.login(username="bob@example.org", password="password") + r = self.client.post(self.url) + self.assertEqual(r.status_code, 404) diff --git a/hc/accounts/views.py b/hc/accounts/views.py index f06b4587..ed7e7b8d 100644 --- a/hc/accounts/views.py +++ b/hc/accounts/views.py @@ -11,7 +11,7 @@ from django.contrib.auth.decorators import login_required from django.contrib.auth.models import User from django.core import signing from django.http import HttpResponseForbidden, HttpResponseBadRequest -from django.shortcuts import redirect, render +from django.shortcuts import get_object_or_404, redirect, render from django.utils.timezone import now from django.urls import resolve, Resolver404 from django.views.decorators.csrf import csrf_exempt @@ -238,7 +238,7 @@ def add_project(request): @login_required def project(request, code): - project = Project.objects.get(code=code, owner_id=request.user.id) + project = get_object_or_404(Project, code=code, owner=request.user) ctx = { "page": "project", @@ -483,6 +483,6 @@ def close(request): @require_POST @login_required def remove_project(request, code): - project = Project.objects.get(code=code, owner=request.user) + project = get_object_or_404(Project, code=code, owner=request.user) project.delete() - return redirect("hc-profile") + return redirect("hc-index") diff --git a/hc/front/views.py b/hc/front/views.py index ebb27ee3..d043e210 100644 --- a/hc/front/views.py +++ b/hc/front/views.py @@ -83,7 +83,7 @@ def _get_project_for_user(request, project_code): """ Return true if current user has access to the specified account. """ if request.user.is_superuser: - q = Project.objects.all() + q = Project.objects else: q = request.profile.projects() diff --git a/hc/test.py b/hc/test.py index eb6ebc2b..84579d12 100644 --- a/hc/test.py +++ b/hc/test.py @@ -15,6 +15,7 @@ class BaseTestCase(TestCase): self.alice.save() self.project = Project(owner=self.alice, api_key="X" * 32) + self.project.name = "Alice's Project" self.project.badge_key = self.alice.username self.project.save()