-
Notifications
You must be signed in to change notification settings - Fork 2
/
tests.py
120 lines (100 loc) · 6.75 KB
/
tests.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
from django.test import TestCase
from django.contrib.auth.models import User
from django.urls import reverse
from easy_docs.models import Documentation
class StaffProtectedViewsTest(TestCase):
def setUp(self):
# Create a staff user
self.staff_user = User.objects.create_user(username='staff_user', password='password')
self.staff_user.is_staff = True
self.staff_user.save()
# Create a non-staff user
self.non_staff_user = User.objects.create_user(username='non_staff_user', password='password')
# Create a public document
self.public_document = Documentation.objects.create(title='Public Document', content='This is a public document', public=True, reference_url='/test/')
# Create a non-public document
self.non_public_document = Documentation.objects.create(title='Non-Public Document', content='This is a non-public document', public=False, reference_url='/test2/')
def test_public_document_accessible_by_staff(self):
self.client.login(username='staff_user', password='password')
response = self.client.get(reverse('get_document', args=[self.public_document.reference_url]))
self.assertEqual(response.status_code, 200)
response = self.client.get(reverse('documentation', args=[self.public_document.title_slug]))
self.assertEqual(response.status_code, 200)
def test_public_document_accessible_by_non_staff(self):
self.client.login(username='non_staff_user', password='password')
response = self.client.get(reverse('get_document', args=[self.public_document.reference_url]))
self.assertEqual(response.status_code, 200)
response = self.client.get(reverse('documentation', args=[self.public_document.title_slug]))
self.assertEqual(response.status_code, 200)
def test_non_public_document_accessible_by_staff(self):
self.client.login(username='staff_user', password='password')
response = self.client.get(reverse('get_document', args=[self.non_public_document.reference_url]))
self.assertEqual(response.status_code, 200)
response = self.client.get(reverse('documentation', args=[self.non_public_document.title_slug]))
self.assertEqual(response.status_code, 200)
def test_non_public_document_not_accessible_by_non_staff(self):
self.client.login(username='non_staff_user', password='password')
response = self.client.get(reverse('get_document', args=[self.non_public_document.reference_url]))
self.assertContains(response, "Sorry, the document you requested does not exist.", status_code=200) # 200 because it's a custom error page
response = self.client.get(reverse('documentation', args=[self.non_public_document.title_slug]))
self.assertEqual(response.status_code, 404)
def test_non_staff_cannot_edit_document(self):
self.client.login(username='non_staff_user', password='password')
response = self.client.get(reverse('edit_document', args=[self.public_document.pk]))
self.assertEqual(response.status_code, 302) #redirects to login page
def test_staff_can_edit_document(self):
self.client.login(username='staff_user', password='password')
response = self.client.get(reverse('edit_document', args=[self.public_document.pk]))
self.assertEqual(response.status_code, 200)
def test_non_staff_cannot_edit_private_document(self):
self.client.login(username='non_staff_user', password='password')
response = self.client.get(reverse('edit_document', args=[self.non_public_document.pk]))
self.assertEqual(response.status_code, 302) #redirects to login page)
def test_staff_can_edit_private_document(self):
self.client.login(username='staff_user', password='password')
response = self.client.get(reverse('edit_document', args=[self.non_public_document.pk]))
self.assertEqual(response.status_code, 200)
def test_non_staff_cannot_edit_document_from_slug(self):
self.client.login(username='non_staff_user', password='password')
response = self.client.get(reverse('edit_document', args=[self.public_document.pk]) + '?slug_view=true')
self.assertEqual(response.status_code, 302) #redirects to login page
def test_non_staff_cannot_view_document_history(self):
self.client.login(username='non_staff_user', password='password')
response = self.client.get(reverse('view_history', args=[self.public_document.pk]))
self.assertEqual(response.status_code, 404)
def test_non_staff_cannot_revert_document(self):
self.client.login(username='non_staff_user', password='password')
self.public_document.content = 'New content'
self.public_document.save()
history = self.public_document.history.first()
response = self.client.get(reverse('revert_history', args=[self.public_document.pk, history.pk]))
self.assertEqual(response.status_code, 302) #redirects to login page
def test_non_staff_cannot_view_document_from_history(self):
self.client.login(username='non_staff_user', password='password')
self.public_document.content = 'New content'
self.public_document.save()
history = self.public_document.history.first()
response = self.client.get(reverse('view_history_document', args=[self.public_document.pk, history.pk]))
self.assertEqual(response.status_code, 302) #redirects to login page
def test_staff_can_view_document_history(self):
self.client.login(username='staff_user', password='password')
response = self.client.get(reverse('view_history', args=[self.public_document.pk]))
self.assertEqual(response.status_code, 200)
def test_staff_can_revert_document(self):
self.client.login(username='staff_user', password='password')
self.public_document.content = 'New content'
self.public_document.save()
history = self.public_document.history.first()
response = self.client.get(reverse('revert_history', args=[self.public_document.pk, history.pk]))
self.assertEqual(response.status_code, 200)
def test_staff_can_view_document_from_history(self):
self.client.login(username='staff_user', password='password')
self.public_document.content = 'New content'
self.public_document.save()
history = self.public_document.history.first()
response = self.client.get(reverse('view_history_document', args=[self.public_document.pk, history.pk]))
self.assertEqual(response.status_code, 200)
def test_staff_can_view_document_from_slug(self):
self.client.login(username='staff_user', password='password')
response = self.client.get(reverse('edit_document', args=[self.public_document.pk]) + '?slug_view=true')
self.assertEqual(response.status_code, 200)