sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

added tests for coach

Browse Source
This commit is contained in:
Sander Roosendaal
2020-01-20 21:46:52 +01:00
parent 45808ec954
commit f505fbb74e
1 changed files with 79 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
rowers/tests/test_permissions2.py
View File

@@ -149,6 +149,7 @@ class PermissionsViewTests(TestCase):
self.uplan['user'].rower.team.add(self.teamcoach)
self.ubasic['user'].rower.team.add(self.teamcoach)
self.ucoach['user'].rower.team.add(self.teamcoach)
self.upro['user'].rower.team.add(self.teamcoach)
self.upro['user'].rower.team.add(self.teamplan)
self.uplan2['user'].rower.team.add(self.teamplan)
@@ -294,10 +295,10 @@ class PermissionsViewTests(TestCase):
# test logged as user with no permissions (e.g. too low plan)
for url in falseurlstotest:
print(url)
login = self.c.login(username = notuser['username'],password = notuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code, permissions['own_nonperm'])
print(url)
login = self.c.login(username = notuser['username'],password = notuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code, permissions['own_nonperm'])
# test as user with permissions, accessing object of non-related user
for url in otheruserurls:
@@ -314,7 +315,7 @@ class PermissionsViewTests(TestCase):
@patch('requests.get',side_effect=mocked_requests)
@patch('requests.post',side_effect=mocked_requests)
@patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data)
def test_permissions_own(
def test_permissions_member(
self,view,permissions,
mocked_sqlalchemy,
mocked_read_df_sql,
@@ -329,27 +330,29 @@ class PermissionsViewTests(TestCase):
falseurlstotest = []
otheruserurls = []
if permissions['own'] == 'basic':
if permissions['member'] == 'basic':
thisuser = self.ubasic
memberuser = self.uplan
notuser = None
elif permissions['own'] == 'pro':
elif permissions['member'] == 'pro':
thisuser = self.upro
memberuser = self.uplan
notuser = self.ubasic
elif permissions['own'] == 'plan':
elif permissions['member'] == 'plan':
thisuser = self.uplan
memberuser = self.ubasic
notuser = self.upro
elif permissions['own'] == 'coach':
elif permissions['member'] == 'coach':
thisuser = self.ucoach
memberuser = self.uplan
notuser = self.uplan
if permissions['workoutid']:
workouts = thisuser['workouts']
workouts = memberuser['workouts']
url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
urlstotest.append(url)
if notuser:
workouts = notuser['workouts']
url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
falseurlstotest.append(url)
elif permissions['userid']:
url = reverse(view,kwargs={'userid':thisuser['user'].id})
@@ -360,17 +363,73 @@ class PermissionsViewTests(TestCase):
# test logged in as user who has permissions
for url in urlstotest:
print(url)
login = self.c.login(username = thisuser['username'],password = thisuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code, permissions['own_response'])
print(url)
login = self.c.login(username = thisuser['username'],password = thisuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code, permissions['member_response'])
# test logged as user with no permissions (e.g. too low plan)
for url in falseurlstotest:
print(url)
login = self.c.login(username = notuser['username'],password = notuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code, permissions['own_nonperm'])
print(url)
login = self.c.login(username = notuser['username'],password = notuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code, permissions['member_nonperm'])
# test as user with permissions, accessing object of non-related user
for url in otheruserurls:
print(url)
login = self.c.login(username=thisuser['username'],password = thisuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code,403)
# Test access for logged in users - accessing coachee
@parameterized.expand(viewstotest)
@patch('rowers.dataprep.create_engine')
@patch('rowers.dataprep.read_df_sql')
@patch('rowers.dataprep.getsmallrowdata_db')
@patch('requests.get',side_effect=mocked_requests)
@patch('requests.post',side_effect=mocked_requests)
@patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data)
def test_permissions_member(
self,view,permissions,
mocked_sqlalchemy,
mocked_read_df_sql,
mocked_getsmallrowdata_db,
mock_get,
mock_post,
mocked_get_video_data,
):
if permissions['own'] and not permissions['is_staff']:
urlstotest = []
falseurlstotest = []
otheruserurls = []
if permissions['coachee'] == 'coach':
thisuser = self.ucoach
coacheeuser = self.ubasic
notuser = self.uplan
if permissions['workoutid']:
workouts = coacheeuser['workouts']
url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
urlstotest.append(url)
elif permissions['userid']:
url = reverse(view,kwargs={'userid':coacheeuser['user'].id})
urlstotest.append(url)
url = reverse(view,kwargs={'userid':self.ustrange['user'].id})
otheruserurls.append(url)
# test logged in as user who has permissions
for url in urlstotest:
print(url)
login = self.c.login(username = thisuser['username'],password = thisuser['password'])
result = self.c.get(url)
self.assertEqual(result.status_code, permissions['coachee_response'])
# test as user with permissions, accessing object of non-related user
for url in otheruserurls: