feat(tests): teste les middlewares visitor
Parent
31d686a971
révision
8dae54257f
|
@ -899,8 +899,70 @@ class TestAnonymousEngagement(ManagerOnlyViewMixin):
|
|||
response = client.post(link, {'is_active': False}, follow=True)
|
||||
index_html = bs(response.content, 'html.parser')
|
||||
results = index_html.select('.cruditor-table tbody tr')
|
||||
# ci-dessous: on a pas selectionné la bonne td
|
||||
assert results[0].select('td')[5].html.string == '<span class="false">✘</span>'
|
||||
span_false = results[0].select('td')[4].span
|
||||
assert str(span_false) == '<span class="false">✘</span>'
|
||||
|
||||
# on le supprime
|
||||
link = index_html.select('a.delete-link')[0]['href']
|
||||
response = client.post(link, {}, follow=True)
|
||||
index_html = bs(response.content, 'html.parser')
|
||||
results = index_html.select('.cruditor-table tbody tr')
|
||||
assert len(results) == 1
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
class TestVisitor:
|
||||
@pytest.fixture(autouse=True)
|
||||
def setup(self, association):
|
||||
cls = type(self)
|
||||
cls.association = association
|
||||
cls.url = reverse(
|
||||
'base:association:self-benevalo:create',
|
||||
args=[cls.association.id],
|
||||
)
|
||||
|
||||
def test_anonymous_benevalo_form_deny(self, client):
|
||||
response = client.get(self.url)
|
||||
assert response.status_code == 404
|
||||
|
||||
def test_visitor_benevalo_form_create(
|
||||
self,
|
||||
client,
|
||||
anonymous_engagement,
|
||||
category,
|
||||
):
|
||||
response = client.get(anonymous_engagement.url)
|
||||
assert response.status_code == 200
|
||||
response = client.post(
|
||||
anonymous_engagement.url,
|
||||
{
|
||||
'title': "obéissance civile",
|
||||
'distance': '23',
|
||||
'execution_date': '2023-01-25',
|
||||
'category': category.id,
|
||||
},
|
||||
)
|
||||
assert response.status_code == 302
|
||||
url = response.headers['Location']
|
||||
response = client.get(url)
|
||||
index_html = bs(response.content, 'html.parser')
|
||||
results = index_html.select('.cruditor-table tbody tr')
|
||||
assert len(results) == 1
|
||||
|
||||
def test_visitor_cannot_access_another_association_benevalos(
|
||||
self,
|
||||
client,
|
||||
anonymous_engagement,
|
||||
fake_association,
|
||||
):
|
||||
response = client.get(anonymous_engagement.url)
|
||||
assert response.status_code == 200
|
||||
url = reverse(
|
||||
'base:association:self-benevalo:create',
|
||||
args=[fake_association.id],
|
||||
)
|
||||
response = client.get(url)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
|
|
|
@ -196,3 +196,8 @@ def closed_registration(settings):
|
|||
@pytest.fixture
|
||||
def moderated_registration(settings):
|
||||
settings.MODERATED_REGISTRATION = True
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def anonymous_engagement(association):
|
||||
return models.AnonymousEngagement.objects.create(association=association)
|
||||
|
|
|
@ -0,0 +1,124 @@
|
|||
from django.conf import settings
|
||||
from django.contrib.auth.middleware import AuthenticationMiddleware
|
||||
from django.contrib.sessions.middleware import SessionMiddleware
|
||||
from django.http import HttpResponse
|
||||
from django.http.response import HttpResponseBadRequest
|
||||
|
||||
import pytest
|
||||
|
||||
from .. import VisitorRequestMiddleware, VisitorSessionMiddleware
|
||||
|
||||
|
||||
class MockSessionMiddleware(SessionMiddleware):
|
||||
def process_request(self, request):
|
||||
# we slightly change the SessionMiddleware
|
||||
# so that it doesn't erase a session if
|
||||
# one already exists
|
||||
if not getattr(request, 'session', None):
|
||||
super().process_request(request)
|
||||
|
||||
|
||||
def test_view(request):
|
||||
"""
|
||||
The final view returns a response
|
||||
containing the request, so that our tests
|
||||
can check what happened with `response.request`
|
||||
"""
|
||||
response = HttpResponse('')
|
||||
response.request = request
|
||||
return response
|
||||
|
||||
|
||||
def middleware_pipe(request):
|
||||
return MockSessionMiddleware(
|
||||
AuthenticationMiddleware(
|
||||
VisitorRequestMiddleware(VisitorSessionMiddleware(test_view))
|
||||
)
|
||||
)(request)
|
||||
|
||||
|
||||
def test_no_visitor(rf):
|
||||
request = rf.get('/')
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor is None
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_visitor_not_exists(rf):
|
||||
request = rf.get('/', {'vuid': '72115ed4-ed0f-4e2b-b9b6-5084a9293c6a'})
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor is None
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_invalid_visitor(rf, anonymous_engagement):
|
||||
anonymous_engagement.deactivate()
|
||||
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor is None
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_malformed_uuid(rf):
|
||||
request = rf.get('/', {'vuid': 'toto'})
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert isinstance(response, HttpResponseBadRequest)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_visitor_in_request(rf, anonymous_engagement):
|
||||
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor == anonymous_engagement
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_session_is_created(rf, anonymous_engagement):
|
||||
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor == anonymous_engagement
|
||||
assert (
|
||||
response.request.session[settings.VISITOR_SESSION_KEY]
|
||||
== anonymous_engagement.session_data
|
||||
)
|
||||
|
||||
request = rf.get('/')
|
||||
# pass session to next request
|
||||
request.session = response.request.session
|
||||
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor == anonymous_engagement
|
||||
assert (
|
||||
response.request.session[settings.VISITOR_SESSION_KEY]
|
||||
== anonymous_engagement.session_data
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_session_is_cleared_on_bad_cookie(rf, anonymous_engagement):
|
||||
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor == anonymous_engagement
|
||||
assert (
|
||||
response.request.session[settings.VISITOR_SESSION_KEY]
|
||||
== anonymous_engagement.session_data
|
||||
)
|
||||
|
||||
# damage session cookie
|
||||
response.request.session[settings.VISITOR_SESSION_KEY] = 'bad'
|
||||
|
||||
request = rf.get('/')
|
||||
# pass session to next request
|
||||
request.session = response.request.session
|
||||
|
||||
response = middleware_pipe(request)
|
||||
|
||||
assert response.request.visitor is None
|
|
@ -2,7 +2,7 @@
|
|||
With these settings, tests run faster.
|
||||
"""
|
||||
from .base import * # noqa
|
||||
from .base import env
|
||||
from .base import INSTALLED_APPS, env
|
||||
|
||||
# GENERAL
|
||||
# ------------------------------------------------------------------------------
|
||||
|
@ -15,6 +15,8 @@ SECRET_KEY = env('DJANGO_SECRET_KEY', default='CHANGEME!!!')
|
|||
# https://docs.djangoproject.com/en/stable/ref/settings/#test-runner
|
||||
TEST_RUNNER = 'django.test.runner.DiscoverRunner'
|
||||
|
||||
INSTALLED_APPS += ['benevalibre.utils.tests']
|
||||
|
||||
# CACHES
|
||||
# ------------------------------------------------------------------------------
|
||||
# https://docs.djangoproject.com/en/stable/ref/settings/#caches
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import uuid
|
||||
from datetime import timedelta
|
||||
|
||||
from django.conf import settings
|
||||
from django.db import models
|
||||
|
@ -157,7 +158,9 @@ class Visitor(models.Model):
|
|||
def reactivate(self):
|
||||
"""Reactivate the token so it can be reused."""
|
||||
self.is_active = True
|
||||
self.expires_at = tz_now() + self.DEFAULT_TOKEN_EXPIRY
|
||||
self.expires_at = tz_now() + timedelta(
|
||||
minutes=settings.VISITOR_TOKEN_EXPIRY
|
||||
)
|
||||
self.save()
|
||||
|
||||
def __str__(self):
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
from ..models import Visitor
|
||||
|
||||
|
||||
class ConcreteVisitor(Visitor):
|
||||
pass
|
|
@ -0,0 +1,52 @@
|
|||
from datetime import timedelta
|
||||
|
||||
from django.utils.timezone import now
|
||||
|
||||
import pytest
|
||||
|
||||
from benevalibre.exceptions import InvalidVisitorPass
|
||||
|
||||
from .models import ConcreteVisitor
|
||||
|
||||
|
||||
class TestVisitor:
|
||||
def test_has_expired(self):
|
||||
visitor = ConcreteVisitor(
|
||||
is_active=True,
|
||||
expires_at=now() - timedelta(days=1),
|
||||
)
|
||||
assert visitor.has_expired
|
||||
|
||||
def test_is_valid(self):
|
||||
visitor = ConcreteVisitor(is_active=True, expires_at=None)
|
||||
assert visitor.is_valid
|
||||
|
||||
def test_visitor_inactive_not_validate(self):
|
||||
visitor = ConcreteVisitor(is_active=False, expires_at=None)
|
||||
with pytest.raises(InvalidVisitorPass):
|
||||
visitor.validate()
|
||||
|
||||
def test_visitor_expired_not_validate(self):
|
||||
visitor = ConcreteVisitor(
|
||||
is_active=True,
|
||||
expires_at=now() - timedelta(days=1),
|
||||
)
|
||||
with pytest.raises(InvalidVisitorPass):
|
||||
visitor.validate()
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_visitor_deactivation(self):
|
||||
visitor = ConcreteVisitor(is_active=True, expires_at=None)
|
||||
visitor.deactivate()
|
||||
assert not visitor.is_active
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_visitor_activation(self):
|
||||
visitor = ConcreteVisitor(
|
||||
is_active=True,
|
||||
expires_at=now() - timedelta(days=1),
|
||||
)
|
||||
visitor.reactivate()
|
||||
assert visitor.is_valid
|
||||
assert visitor.expires_at > now() + timedelta(minutes=299)
|
||||
assert visitor.expires_at < now() + timedelta(minutes=300)
|
Chargement…
Référencer dans un nouveau ticket