added tests for coach
This commit is contained in:
Sander Roosendaal
@@ -149,6 +149,7 @@ class PermissionsViewTests(TestCase):
|
|||||||
self.uplan['user'].rower.team.add(self.teamcoach)
|
self.uplan['user'].rower.team.add(self.teamcoach)
|
||||||
self.ubasic['user'].rower.team.add(self.teamcoach)
|
self.ubasic['user'].rower.team.add(self.teamcoach)
|
||||||
self.ucoach['user'].rower.team.add(self.teamcoach)
|
self.ucoach['user'].rower.team.add(self.teamcoach)
|
||||||
|
self.upro['user'].rower.team.add(self.teamcoach)
|
||||||
|
|
||||||
self.upro['user'].rower.team.add(self.teamplan)
|
self.upro['user'].rower.team.add(self.teamplan)
|
||||||
self.uplan2['user'].rower.team.add(self.teamplan)
|
self.uplan2['user'].rower.team.add(self.teamplan)
|
||||||
@@ -294,10 +295,10 @@ class PermissionsViewTests(TestCase):
|
|||||||
|
|
||||||
# test logged as user with no permissions (e.g. too low plan)
|
# test logged as user with no permissions (e.g. too low plan)
|
||||||
for url in falseurlstotest:
|
for url in falseurlstotest:
|
||||||
print(url)
|
print(url)
|
||||||
login = self.c.login(username = notuser['username'],password = notuser['password'])
|
login = self.c.login(username = notuser['username'],password = notuser['password'])
|
||||||
result = self.c.get(url)
|
result = self.c.get(url)
|
||||||
self.assertEqual(result.status_code, permissions['own_nonperm'])
|
self.assertEqual(result.status_code, permissions['own_nonperm'])
|
||||||
|
|
||||||
# test as user with permissions, accessing object of non-related user
|
# test as user with permissions, accessing object of non-related user
|
||||||
for url in otheruserurls:
|
for url in otheruserurls:
|
||||||
@@ -314,7 +315,7 @@ class PermissionsViewTests(TestCase):
|
|||||||
@patch('requests.get',side_effect=mocked_requests)
|
@patch('requests.get',side_effect=mocked_requests)
|
||||||
@patch('requests.post',side_effect=mocked_requests)
|
@patch('requests.post',side_effect=mocked_requests)
|
||||||
@patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data)
|
@patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data)
|
||||||
def test_permissions_own(
|
def test_permissions_member(
|
||||||
self,view,permissions,
|
self,view,permissions,
|
||||||
mocked_sqlalchemy,
|
mocked_sqlalchemy,
|
||||||
mocked_read_df_sql,
|
mocked_read_df_sql,
|
||||||
@@ -329,27 +330,29 @@ class PermissionsViewTests(TestCase):
|
|||||||
falseurlstotest = []
|
falseurlstotest = []
|
||||||
otheruserurls = []
|
otheruserurls = []
|
||||||
|
|
||||||
if permissions['own'] == 'basic':
|
if permissions['member'] == 'basic':
|
||||||
thisuser = self.ubasic
|
thisuser = self.ubasic
|
||||||
|
memberuser = self.uplan
|
||||||
notuser = None
|
notuser = None
|
||||||
elif permissions['own'] == 'pro':
|
elif permissions['member'] == 'pro':
|
||||||
thisuser = self.upro
|
thisuser = self.upro
|
||||||
|
memberuser = self.uplan
|
||||||
notuser = self.ubasic
|
notuser = self.ubasic
|
||||||
elif permissions['own'] == 'plan':
|
elif permissions['member'] == 'plan':
|
||||||
thisuser = self.uplan
|
thisuser = self.uplan
|
||||||
|
memberuser = self.ubasic
|
||||||
notuser = self.upro
|
notuser = self.upro
|
||||||
elif permissions['own'] == 'coach':
|
elif permissions['member'] == 'coach':
|
||||||
thisuser = self.ucoach
|
thisuser = self.ucoach
|
||||||
|
memberuser = self.uplan
|
||||||
notuser = self.uplan
|
notuser = self.uplan
|
||||||
|
|
||||||
|
|
||||||
if permissions['workoutid']:
|
if permissions['workoutid']:
|
||||||
workouts = thisuser['workouts']
|
workouts = memberuser['workouts']
|
||||||
url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
|
url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
|
||||||
urlstotest.append(url)
|
urlstotest.append(url)
|
||||||
if notuser:
|
if notuser:
|
||||||
workouts = notuser['workouts']
|
|
||||||
url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
|
|
||||||
falseurlstotest.append(url)
|
falseurlstotest.append(url)
|
||||||
elif permissions['userid']:
|
elif permissions['userid']:
|
||||||
url = reverse(view,kwargs={'userid':thisuser['user'].id})
|
url = reverse(view,kwargs={'userid':thisuser['user'].id})
|
||||||
@@ -360,17 +363,73 @@ class PermissionsViewTests(TestCase):
|
|||||||
|
|
||||||
# test logged in as user who has permissions
|
# test logged in as user who has permissions
|
||||||
for url in urlstotest:
|
for url in urlstotest:
|
||||||
print(url)
|
print(url)
|
||||||
login = self.c.login(username = thisuser['username'],password = thisuser['password'])
|
login = self.c.login(username = thisuser['username'],password = thisuser['password'])
|
||||||
result = self.c.get(url)
|
result = self.c.get(url)
|
||||||
self.assertEqual(result.status_code, permissions['own_response'])
|
self.assertEqual(result.status_code, permissions['member_response'])
|
||||||
|
|
||||||
# test logged as user with no permissions (e.g. too low plan)
|
# test logged as user with no permissions (e.g. too low plan)
|
||||||
for url in falseurlstotest:
|
for url in falseurlstotest:
|
||||||
print(url)
|
print(url)
|
||||||
login = self.c.login(username = notuser['username'],password = notuser['password'])
|
login = self.c.login(username = notuser['username'],password = notuser['password'])
|
||||||
result = self.c.get(url)
|
result = self.c.get(url)
|
||||||
self.assertEqual(result.status_code, permissions['own_nonperm'])
|
self.assertEqual(result.status_code, permissions['member_nonperm'])
|
||||||
|
|
||||||
|
# test as user with permissions, accessing object of non-related user
|
||||||
|
for url in otheruserurls:
|
||||||
|
print(url)
|
||||||
|
login = self.c.login(username=thisuser['username'],password = thisuser['password'])
|
||||||
|
result = self.c.get(url)
|
||||||
|
self.assertEqual(result.status_code,403)
|
||||||
|
|
||||||
|
# Test access for logged in users - accessing coachee
|
||||||
|
@parameterized.expand(viewstotest)
|
||||||
|
@patch('rowers.dataprep.create_engine')
|
||||||
|
@patch('rowers.dataprep.read_df_sql')
|
||||||
|
@patch('rowers.dataprep.getsmallrowdata_db')
|
||||||
|
@patch('requests.get',side_effect=mocked_requests)
|
||||||
|
@patch('requests.post',side_effect=mocked_requests)
|
||||||
|
@patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data)
|
||||||
|
def test_permissions_member(
|
||||||
|
self,view,permissions,
|
||||||
|
mocked_sqlalchemy,
|
||||||
|
mocked_read_df_sql,
|
||||||
|
mocked_getsmallrowdata_db,
|
||||||
|
mock_get,
|
||||||
|
mock_post,
|
||||||
|
mocked_get_video_data,
|
||||||
|
):
|
||||||
|
|
||||||
|
if permissions['own'] and not permissions['is_staff']:
|
||||||
|
urlstotest = []
|
||||||
|
falseurlstotest = []
|
||||||
|
otheruserurls = []
|
||||||
|
|
||||||
|
if permissions['coachee'] == 'coach':
|
||||||
|
thisuser = self.ucoach
|
||||||
|
coacheeuser = self.ubasic
|
||||||
|
notuser = self.uplan
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
if permissions['workoutid']:
|
||||||
|
workouts = coacheeuser['workouts']
|
||||||
|
url = reverse(view,kwargs={'id':encoder.encode_hex(workouts[0].id)})
|
||||||
|
urlstotest.append(url)
|
||||||
|
|
||||||
|
elif permissions['userid']:
|
||||||
|
url = reverse(view,kwargs={'userid':coacheeuser['user'].id})
|
||||||
|
urlstotest.append(url)
|
||||||
|
|
||||||
|
url = reverse(view,kwargs={'userid':self.ustrange['user'].id})
|
||||||
|
otheruserurls.append(url)
|
||||||
|
|
||||||
|
# test logged in as user who has permissions
|
||||||
|
for url in urlstotest:
|
||||||
|
print(url)
|
||||||
|
login = self.c.login(username = thisuser['username'],password = thisuser['password'])
|
||||||
|
result = self.c.get(url)
|
||||||
|
self.assertEqual(result.status_code, permissions['coachee_response'])
|
||||||
|
|
||||||
# test as user with permissions, accessing object of non-related user
|
# test as user with permissions, accessing object of non-related user
|
||||||
for url in otheruserurls:
|
for url in otheruserurls:
|
||||||
|
|||||||
Reference in New Issue
Block a user