_get_check_for_user and _get_channel_for_user are always be used with an authenticated user, so don't need to handle the unauthenticated case.

2020-03-01 22:45:33 +02:00 · 2020-03-01 22:45:33 +02:00 · dd3820c0d5
commit dd3820c0d5
parent 4bcfba728e
2 changed files with 28 additions and 26 deletions
--- a/hc/front/tests/test_ping_details.py
+++ b/hc/front/tests/test_ping_details.py
@ -2,57 +2,60 @@ from hc.api.models import Check, Ping
 from hc.test import BaseTestCase


-class LastPingTestCase(BaseTestCase):
+class PingDetailsTestCase(BaseTestCase):
+    def setUp(self):
+        super(PingDetailsTestCase, self).setUp()
+        self.check = Check.objects.create(project=self.project)
+        self.url = "/checks/%s/last_ping/" % self.check.code
+
    def test_it_works(self):
-        check = Check.objects.create(project=self.project)
-        Ping.objects.create(owner=check, body="this is body")
+        Ping.objects.create(owner=self.check, body="this is body")

        self.client.login(username="alice@example.org", password="password")
-        r = self.client.get("/checks/%s/last_ping/" % check.code)
+        r = self.client.get(self.url)
        self.assertContains(r, "this is body", status_code=200)

+    def test_it_requires_logged_in_user(self):
+        Ping.objects.create(owner=self.check, body="this is body")
+
+        r = self.client.get(self.url)
+        self.assertRedirects(r, "/accounts/login/?next=" + self.url)
+
    def test_it_shows_fail(self):
-        check = Check.objects.create(project=self.project)
-        Ping.objects.create(owner=check, kind="fail")
+        Ping.objects.create(owner=self.check, kind="fail")

        self.client.login(username="alice@example.org", password="password")
-        r = self.client.get("/checks/%s/last_ping/" % check.code)
+        r = self.client.get(self.url)
        self.assertContains(r, "/fail", status_code=200)

    def test_it_shows_start(self):
-        check = Check.objects.create(project=self.project)
-        Ping.objects.create(owner=check, kind="start")
+        Ping.objects.create(owner=self.check, kind="start")

        self.client.login(username="alice@example.org", password="password")
-        r = self.client.get("/checks/%s/last_ping/" % check.code)
+        r = self.client.get(self.url)
        self.assertContains(r, "/start", status_code=200)

    def test_it_accepts_n(self):
-        check = Check.objects.create(project=self.project)
-
        # remote_addr, scheme, method, ua, body:
-        check.ping("1.2.3.4", "http", "post", "tester", "foo-123", "success")
-        check.ping("1.2.3.4", "http", "post", "tester", "bar-456", "success")
+        self.check.ping("1.2.3.4", "http", "post", "tester", "foo-123", "success")
+        self.check.ping("1.2.3.4", "http", "post", "tester", "bar-456", "success")

        self.client.login(username="alice@example.org", password="password")

-        r = self.client.get("/checks/%s/pings/1/" % check.code)
+        r = self.client.get("/checks/%s/pings/1/" % self.check.code)
        self.assertContains(r, "foo-123", status_code=200)

-        r = self.client.get("/checks/%s/pings/2/" % check.code)
+        r = self.client.get("/checks/%s/pings/2/" % self.check.code)
        self.assertContains(r, "bar-456", status_code=200)

    def test_it_allows_cross_team_access(self):
-        check = Check.objects.create(project=self.project)
-        Ping.objects.create(owner=check, body="this is body")
+        Ping.objects.create(owner=self.check, body="this is body")

        self.client.login(username="bob@example.org", password="password")
-        r = self.client.get("/checks/%s/last_ping/" % check.code)
+        r = self.client.get(self.url)
        self.assertEqual(r.status_code, 200)

    def test_it_handles_missing_ping(self):
-        check = Check.objects.create(project=self.project)
-
        self.client.login(username="alice@example.org", password="password")
-        r = self.client.get("/checks/%s/pings/123/" % check.code)
+        r = self.client.get("/checks/%s/pings/123/" % self.check.code)
        self.assertContains(r, "No additional information is", status_code=200)
--- a/hc/front/views.py
+++ b/hc/front/views.py
@ -92,8 +92,7 @@ def _tags_statuses(checks):
 def _get_check_for_user(request, code):
    """ Return specified check if current user has access to it. """

-    if not request.user.is_authenticated:
-        raise Http404("not found")
+    assert request.user.is_authenticated

    q = Check.objects
    if not request.user.is_superuser:
@ -109,8 +108,7 @@ def _get_check_for_user(request, code):
 def _get_channel_for_user(request, code):
    """ Return specified channel if current user has access to it. """

-    if not request.user.is_authenticated:
-        raise Http404("not found")
+    assert request.user.is_authenticated

    q = Channel.objects
    if not request.user.is_superuser:
@ -443,6 +441,7 @@ def cron_preview(request):
    return render(request, "front/cron_preview.html", ctx)


+@login_required
 def ping_details(request, code, n=None):
    check = _get_check_for_user(request, code)
    q = Ping.objects.filter(owner=check)