need to fix check for list-workouts for strange user

2020-01-19 12:43:41 +01:00
parent 17f2b568ff
commit 69f95ae852
2 changed files with 357 additions and 313 deletions
--- a/rowers/tests/test_permissions2.py
+++ b/rowers/tests/test_permissions2.py
@@ -108,6 +108,26 @@ class PermissionsViewTests(TestCase):
            'workouts': ubasic_workouts,
        }

+        ustrange = UserFactory(username='strangeuser')
+        rstrange = Rower.objects.create(user=ustrange,
+                                      birthdate=faker.profile()['birthdate'],
+                                      gdproptin=True,surveydone=True,gdproptindate=timezone.now(),
+                                           rowerplan='basic',clubsize=10)
+
+        ustrange_workouts = WorkoutFactory.create_batch(5, user=rstrange)
+        rcoach.save()
+
+        ustrangepassword = faker.word()
+        ustrange.set_password(ustrangepassword)
+        ustrange.save()
+
+        self.ustrange = {
+            'user': ustrange,
+            'password': ustrangepassword,
+            'username': ustrange.username,
+            'workouts': ustrange_workouts,
+        }
+

        ## TeamPro, TeamCoach, TeamSelfCoach

@@ -144,6 +164,24 @@ class PermissionsViewTests(TestCase):
            'workoutid': True,
            'userid': False,
            }
+            ),
+        ('workouts_view',
+            {
+            'anonymous': False,
+            'anonymous_response':302,
+            'own': 'basic',
+            'own_response': 200,
+            'own_nonperm': 302,
+            'member': 'basic',
+            'member_response': 200,
+            'member_nonperm': 404,
+            'coachee': 'coach',
+            'coachee_response': 200,
+            'coachee_nonperm': 404,
+            'is_staff': False,
+            'workoutid': False,
+            'userid': True,
+            }
            )
    ]

@@ -205,15 +243,21 @@ class PermissionsViewTests(TestCase):
                    workouts = notuser['workouts']
                    url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
                    falseurlstotest.append(url)
+            elif permissions['userid']:
+                url = reverse(view,kwargs={'userid':thisuser['user'].id})
+                urlstotest.append(url)
+                if notuser:
+                    url = reverse(view,kwargs={'userid':self.ustrange['user'].id})
+                    falseurlstotest.append(url)

-                for url in urlstotest:
+            for url in urlstotest:
                    print(url)
                    login = self.c.login(username = thisuser['username'],password = thisuser['password'])
                    result = self.c.get(url)
                    self.assertEqual(result.status_code, permissions['own_response'])

-                for url in falseurlstotest:
+            for url in falseurlstotest:
                    print(url)
                    login = self.c.login(username = notuser['username'],password = notuser['password'])
                    result = self.c.get(url)
-                    self.assertEqual(result.status_code, permissions['own_response'])
+                    self.assertEqual(result.status_code, permissions['own_nonperm'])