feat(tests): teste les middlewares visitor

user_anonymized
Antoine 2023-01-26 14:41:05 +01:00
Parent 31d686a971
révision 8dae54257f
9 fichiers modifiés avec 257 ajouts et 4 suppressions

Voir le fichier

@ -899,8 +899,70 @@ class TestAnonymousEngagement(ManagerOnlyViewMixin):
response = client.post(link, {'is_active': False}, follow=True)
index_html = bs(response.content, 'html.parser')
results = index_html.select('.cruditor-table tbody tr')
# ci-dessous: on a pas selectionné la bonne td
assert results[0].select('td')[5].html.string == '<span class="false">✘</span>'
span_false = results[0].select('td')[4].span
assert str(span_false) == '<span class="false">✘</span>'
# on le supprime
link = index_html.select('a.delete-link')[0]['href']
response = client.post(link, {}, follow=True)
index_html = bs(response.content, 'html.parser')
results = index_html.select('.cruditor-table tbody tr')
assert len(results) == 1
@pytest.mark.django_db
class TestVisitor:
@pytest.fixture(autouse=True)
def setup(self, association):
cls = type(self)
cls.association = association
cls.url = reverse(
'base:association:self-benevalo:create',
args=[cls.association.id],
)
def test_anonymous_benevalo_form_deny(self, client):
response = client.get(self.url)
assert response.status_code == 404
def test_visitor_benevalo_form_create(
self,
client,
anonymous_engagement,
category,
):
response = client.get(anonymous_engagement.url)
assert response.status_code == 200
response = client.post(
anonymous_engagement.url,
{
'title': "obéissance civile",
'distance': '23',
'execution_date': '2023-01-25',
'category': category.id,
},
)
assert response.status_code == 302
url = response.headers['Location']
response = client.get(url)
index_html = bs(response.content, 'html.parser')
results = index_html.select('.cruditor-table tbody tr')
assert len(results) == 1
def test_visitor_cannot_access_another_association_benevalos(
self,
client,
anonymous_engagement,
fake_association,
):
response = client.get(anonymous_engagement.url)
assert response.status_code == 200
url = reverse(
'base:association:self-benevalo:create',
args=[fake_association.id],
)
response = client.get(url)
assert response.status_code == 404
@pytest.mark.django_db

Voir le fichier

@ -196,3 +196,8 @@ def closed_registration(settings):
@pytest.fixture
def moderated_registration(settings):
settings.MODERATED_REGISTRATION = True
@pytest.fixture
def anonymous_engagement(association):
return models.AnonymousEngagement.objects.create(association=association)

Voir le fichier

Voir le fichier

@ -0,0 +1,124 @@
from django.conf import settings
from django.contrib.auth.middleware import AuthenticationMiddleware
from django.contrib.sessions.middleware import SessionMiddleware
from django.http import HttpResponse
from django.http.response import HttpResponseBadRequest
import pytest
from .. import VisitorRequestMiddleware, VisitorSessionMiddleware
class MockSessionMiddleware(SessionMiddleware):
def process_request(self, request):
# we slightly change the SessionMiddleware
# so that it doesn't erase a session if
# one already exists
if not getattr(request, 'session', None):
super().process_request(request)
def test_view(request):
"""
The final view returns a response
containing the request, so that our tests
can check what happened with `response.request`
"""
response = HttpResponse('')
response.request = request
return response
def middleware_pipe(request):
return MockSessionMiddleware(
AuthenticationMiddleware(
VisitorRequestMiddleware(VisitorSessionMiddleware(test_view))
)
)(request)
def test_no_visitor(rf):
request = rf.get('/')
response = middleware_pipe(request)
assert response.request.visitor is None
@pytest.mark.django_db
def test_visitor_not_exists(rf):
request = rf.get('/', {'vuid': '72115ed4-ed0f-4e2b-b9b6-5084a9293c6a'})
response = middleware_pipe(request)
assert response.request.visitor is None
@pytest.mark.django_db
def test_invalid_visitor(rf, anonymous_engagement):
anonymous_engagement.deactivate()
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
response = middleware_pipe(request)
assert response.request.visitor is None
@pytest.mark.django_db
def test_malformed_uuid(rf):
request = rf.get('/', {'vuid': 'toto'})
response = middleware_pipe(request)
assert isinstance(response, HttpResponseBadRequest)
@pytest.mark.django_db
def test_visitor_in_request(rf, anonymous_engagement):
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
response = middleware_pipe(request)
assert response.request.visitor == anonymous_engagement
@pytest.mark.django_db
def test_session_is_created(rf, anonymous_engagement):
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
response = middleware_pipe(request)
assert response.request.visitor == anonymous_engagement
assert (
response.request.session[settings.VISITOR_SESSION_KEY]
== anonymous_engagement.session_data
)
request = rf.get('/')
# pass session to next request
request.session = response.request.session
response = middleware_pipe(request)
assert response.request.visitor == anonymous_engagement
assert (
response.request.session[settings.VISITOR_SESSION_KEY]
== anonymous_engagement.session_data
)
@pytest.mark.django_db
def test_session_is_cleared_on_bad_cookie(rf, anonymous_engagement):
request = rf.get('/', {'vuid': anonymous_engagement.uuid})
response = middleware_pipe(request)
assert response.request.visitor == anonymous_engagement
assert (
response.request.session[settings.VISITOR_SESSION_KEY]
== anonymous_engagement.session_data
)
# damage session cookie
response.request.session[settings.VISITOR_SESSION_KEY] = 'bad'
request = rf.get('/')
# pass session to next request
request.session = response.request.session
response = middleware_pipe(request)
assert response.request.visitor is None

Voir le fichier

@ -2,7 +2,7 @@
With these settings, tests run faster.
"""
from .base import * # noqa
from .base import env
from .base import INSTALLED_APPS, env
# GENERAL
# ------------------------------------------------------------------------------
@ -15,6 +15,8 @@ SECRET_KEY = env('DJANGO_SECRET_KEY', default='CHANGEME!!!')
# https://docs.djangoproject.com/en/stable/ref/settings/#test-runner
TEST_RUNNER = 'django.test.runner.DiscoverRunner'
INSTALLED_APPS += ['benevalibre.utils.tests']
# CACHES
# ------------------------------------------------------------------------------
# https://docs.djangoproject.com/en/stable/ref/settings/#caches

Voir le fichier

@ -1,4 +1,5 @@
import uuid
from datetime import timedelta
from django.conf import settings
from django.db import models
@ -157,7 +158,9 @@ class Visitor(models.Model):
def reactivate(self):
"""Reactivate the token so it can be reused."""
self.is_active = True
self.expires_at = tz_now() + self.DEFAULT_TOKEN_EXPIRY
self.expires_at = tz_now() + timedelta(
minutes=settings.VISITOR_TOKEN_EXPIRY
)
self.save()
def __str__(self):

Voir le fichier

@ -0,0 +1,5 @@
from ..models import Visitor
class ConcreteVisitor(Visitor):
pass

Voir le fichier

@ -0,0 +1,52 @@
from datetime import timedelta
from django.utils.timezone import now
import pytest
from benevalibre.exceptions import InvalidVisitorPass
from .models import ConcreteVisitor
class TestVisitor:
def test_has_expired(self):
visitor = ConcreteVisitor(
is_active=True,
expires_at=now() - timedelta(days=1),
)
assert visitor.has_expired
def test_is_valid(self):
visitor = ConcreteVisitor(is_active=True, expires_at=None)
assert visitor.is_valid
def test_visitor_inactive_not_validate(self):
visitor = ConcreteVisitor(is_active=False, expires_at=None)
with pytest.raises(InvalidVisitorPass):
visitor.validate()
def test_visitor_expired_not_validate(self):
visitor = ConcreteVisitor(
is_active=True,
expires_at=now() - timedelta(days=1),
)
with pytest.raises(InvalidVisitorPass):
visitor.validate()
@pytest.mark.django_db
def test_visitor_deactivation(self):
visitor = ConcreteVisitor(is_active=True, expires_at=None)
visitor.deactivate()
assert not visitor.is_active
@pytest.mark.django_db
def test_visitor_activation(self):
visitor = ConcreteVisitor(
is_active=True,
expires_at=now() - timedelta(days=1),
)
visitor.reactivate()
assert visitor.is_valid
assert visitor.expires_at > now() + timedelta(minutes=299)
assert visitor.expires_at < now() + timedelta(minutes=300)