matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Improve multi user delete view. Add view tests for the user management app.

Browse Source
This commit is contained in:
Roberto Rosario
2015-10-22 04:23:16 -04:00
parent 11d6b100b4
commit 10f2bd6226
4 changed files with 208 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
mayan/apps/user_management/apps.py
View File

@@ -25,6 +25,7 @@ from .links import (
class UserManagementApp(MayanAppConfig):
app_url = 'accounts'
name = 'user_management'
test = True
verbose_name = _('User management')
def ready(self):

3
mayan/apps/user_management/tests/literals.py
View File

@@ -3,7 +3,7 @@ from __future__ import unicode_literals
__all__ = (
'TEST_ADMIN_EMAIL', 'TEST_ADMIN_PASSWORD', 'TEST_ADMIN_USERNAME',
'TEST_GROUP', 'TEST_USER_EMAIL', 'TEST_USER_PASSWORD',
'TEST_USER_USERNAME'
'TEST_USER_PASSWORD_EDITED', 'TEST_USER_USERNAME'
)
TEST_ADMIN_EMAIL = 'admin@example.com'
@@ -13,4 +13,5 @@ TEST_ADMIN_USERNAME = 'test_admin'
TEST_GROUP = 'test group'
TEST_USER_EMAIL = 'user@example.com'
TEST_USER_PASSWORD = 'test user password'
TEST_USER_PASSWORD_EDITED = 'test user password edited'
TEST_USER_USERNAME = 'test_user'

184
mayan/apps/user_management/tests/test_views.py Normal file
View File

@@ -0,0 +1,184 @@
from __future__ import unicode_literals
from django.contrib.auth import get_user_model
from common.tests.test_views import GenericViewTestCase
from documents.permissions import permission_document_view
from ..permissions import (
permission_user_delete, permission_user_edit, permission_user_view
)
from .literals import (
TEST_USER_PASSWORD, TEST_USER_PASSWORD_EDITED, TEST_USER_USERNAME
)
TEST_USER_TO_DELETE_USERNAME = 'user_to_delete'
class UserManagementViewTestCase(GenericViewTestCase):
def test_user_set_password_view_no_permissions(self):
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_set_password', args=(self.user.pk,), data={
'new_password_1': TEST_USER_PASSWORD_EDITED,
'new_password_2': TEST_USER_PASSWORD_EDITED
}
)
self.assertEqual(response.status_code, 403)
user = get_user_model().objects.get(username=TEST_USER_USERNAME)
self.client.logout()
logged_in = self.client.login(
username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD_EDITED
)
response = self.get('common:current_user_details')
self.assertEqual(response.status_code, 302)
def test_user_set_password_view_with_permissions(self):
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_edit.stored_permission)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_set_password', args=(self.user.pk,), data={
'new_password_1': TEST_USER_PASSWORD_EDITED,
'new_password_2': TEST_USER_PASSWORD_EDITED
}, follow=True
)
self.assertContains(response, text='Successfull', status_code=200)
self.client.logout()
logged_in = self.client.login(
username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD_EDITED
)
response = self.get('common:current_user_details')
self.assertEqual(response.status_code, 200)
def test_user_multiple_set_password_view_no_permissions(self):
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_multiple_set_password', data={
'id_list': self.user.pk,
'new_password_1': TEST_USER_PASSWORD_EDITED,
'new_password_2': TEST_USER_PASSWORD_EDITED
}
)
self.assertEqual(response.status_code, 403)
user = get_user_model().objects.get(username=TEST_USER_USERNAME)
self.client.logout()
logged_in = self.client.login(
username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD_EDITED
)
response = self.get('common:current_user_details')
self.assertEqual(response.status_code, 302)
def test_user_multiple_set_password_view_with_permissions(self):
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_edit.stored_permission)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_multiple_set_password', data={
'id_list': self.user.pk,
'new_password_1': TEST_USER_PASSWORD_EDITED,
'new_password_2': TEST_USER_PASSWORD_EDITED
}, follow=True
)
self.assertContains(response, text='Successfull', status_code=200)
self.client.logout()
logged_in = self.client.login(
username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD_EDITED
)
response = self.get('common:current_user_details')
self.assertEqual(response.status_code, 200)
def test_user_delete_view_no_permissions(self):
user = get_user_model().objects.create(
username=TEST_USER_TO_DELETE_USERNAME
)
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_delete', args=(user.pk,)
)
self.assertEqual(response.status_code, 403)
self.assertEqual(get_user_model().objects.count(), 3)
def test_user_delete_view_with_permissions(self):
user = get_user_model().objects.create(
username=TEST_USER_TO_DELETE_USERNAME
)
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_delete.stored_permission)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_delete', args=(user.pk,), follow=True
)
self.assertContains(response, text='deleted', status_code=200)
self.assertEqual(get_user_model().objects.count(), 2)
def test_user_multiple_delete_view_no_permissions(self):
user = get_user_model().objects.create(
username=TEST_USER_TO_DELETE_USERNAME
)
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_multiple_delete', data={
'id_list': user.pk
}
)
self.assertEqual(response.status_code, 403)
self.assertEqual(get_user_model().objects.count(), 3)
def test_user_multiple_delete_view_with_permissions(self):
user = get_user_model().objects.create(
username=TEST_USER_TO_DELETE_USERNAME
)
self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
self.role.permissions.add(permission_user_delete.stored_permission)
self.role.permissions.add(permission_user_view.stored_permission)
response = self.post(
'user_management:user_multiple_delete', data={
'id_list': user.pk,
}, follow=True
)
self.assertContains(response, text='deleted', status_code=200)
self.assertEqual(get_user_model().objects.count(), 2)

38
mayan/apps/user_management/views.py
View File

@@ -191,15 +191,12 @@ def user_delete(request, user_id=None, user_id_list=None):
post_action_redirect = None
if user_id:
users = [get_object_or_404(User, pk=user_id)]
users = get_user_model().objects.filter(pk=user_id)
post_action_redirect = reverse('user_management:user_list')
elif user_id_list:
users = [
get_object_or_404(
User, pk=user_id
) for user_id in user_id_list.split(',')
]
else:
users = get_user_model().objects.filter(pk__in=user_id_list)
if not users:
messages.error(request, _('Must provide at least one user.'))
return HttpResponseRedirect(
request.META.get(
@@ -240,8 +237,8 @@ def user_delete(request, user_id=None, user_id_list=None):
'previous': previous,
'next': next,
}
if len(users) == 1:
context['object'] = users[0]
if users.count() == 1:
context['object'] = users.first()
context['title'] = _('Delete the user: %s?') % ', '.join([unicode(d) for d in users])
elif len(users) > 1:
context['title'] = _('Delete the users: %s?') % ', '.join([unicode(d) for d in users])
@@ -254,7 +251,9 @@ def user_delete(request, user_id=None, user_id_list=None):
def user_multiple_delete(request):
return user_delete(
request, user_id_list=request.GET.get('id_list', [])
request, user_id_list=request.GET.get(
'id_list', request.POST.get('id_list', '')
).split(',')
)
@@ -263,11 +262,12 @@ def user_set_password(request, user_id=None, user_id_list=None):
post_action_redirect = None
if user_id:
users = [get_object_or_404(User, pk=user_id)]
users = get_user_model().objects.filter(pk=user_id)
post_action_redirect = reverse('user_management:user_list')
elif user_id_list:
users = [get_object_or_404(User, pk=user_id) for user_id in user_id_list.split(',')]
else:
users = get_user_model().objects.filter(pk__in=user_id_list)
if not users:
messages.error(request, _('Must provide at least one user.'))
return HttpResponseRedirect(
request.META.get(
@@ -283,7 +283,9 @@ def user_set_password(request, user_id=None, user_id_list=None):
password_1 = form.cleaned_data['new_password_1']
password_2 = form.cleaned_data['new_password_2']
if password_1 != password_2:
messages.error(request, _('Passwords do not match, try again.'))
messages.error(
request, _('Passwords do not match, try again.')
)
else:
for user in users:
try:
@@ -322,8 +324,8 @@ def user_set_password(request, user_id=None, user_id_list=None):
'form': form,
}
if len(users) == 1:
context['object'] = users[0]
if users.count() == 1:
context['object'] = users.first()
context['title'] = _('Reseting password for user: %s') % ', '.join([unicode(d) for d in users])
elif len(users) > 1:
context['title'] = _('Reseting password for users: %s') % ', '.join([unicode(d) for d in users])
@@ -336,5 +338,7 @@ def user_set_password(request, user_id=None, user_id_list=None):
def user_multiple_set_password(request):
return user_set_password(
request, user_id_list=request.GET.get('id_list', [])
request, user_id_list=request.GET.get(
'id_list', request.POST.get('id_list', '')
).split(',')
)