Skip to content

Commit

Permalink
WIP testing
Browse files Browse the repository at this point in the history
  • Loading branch information
@marksweb
marksweb committed Dec 23, 2024
1 parent 2bea4cd commit fdb5675
Show file tree
Hide file tree
Showing 2 changed files with 150 additions and 0 deletions.
148 changes: 148 additions & 0 deletions blog/tests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,154 @@ def test_past_future_ordering(self):


class ViewsTestCase(DateTimeMixin, TestCase):
"""
TODO:
* anon users can't see unpublished entries at all (list or detail)
* logged in users (non-staff) can't see unpublished entries at all
* staff users without write permission on BlogEntry can't see unpublished
entries at all
* staff users with write permission on BlogEntry can't see unpublished
entries in the list, but can view the detail page
"""

# def test_anonymous_user_cant_see_entries(self):
# """
# A test which creates an unpublished entry and then loads the list view
# followed by detail view as an anonymous user to check that the entry cannot
# be seen.
# """
# e1 = Entry.objects.create(
# pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
# )
# e2 = Entry.objects.create(
# pub_date=self.yesterday, is_active=True, headline="active", slug="b"
# )
# response = self.client.get(reverse("weblog:index"))
# self.assertNotContains(response, "active")
# response = self.client.get(
# reverse(
# "weblog:entry",
# kwargs={
# "year": e1.pub_date.year,
# "month": e1.pub_date.month,
# "day": e1.pub_date.day,
# "slug": e1.slug,
# },
# )
# )
# self.assertEqual(response.status_code, 404)
# response = self.client.get(
# reverse(
# "weblog:entry",
# kwargs={
# "year": e2.pub_date.year,
# "month": e2.pub_date.month,
# "day": e2.pub_date.day,
# "slug": e2.slug,
# },
# )
# )
# self.assertEqual(response.status_code, 404)
#
# def test_logged_in_user_cant_see_entries(self):
# """
# A test which creates an unpublished entry and then loads the list view
# followed by detail view as a non-staff user to check that the entry cannot be
# seen.
# """
# e = Entry.objects.create(
# pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
# )
# user = User.objects.create_user("user", "[email protected]", "password")
# self.client.force_login(user)
# response = self.client.get(reverse("weblog:index"))
# self.assertNotContains(response, "active")
# response = self.client.get(
# reverse(
# "weblog:entry",
# kwargs={
# "year": e.pub_date.year,
# "month": e.pub_date.month,
# "day": e.pub_date.day,
# "slug": e.slug,
# },
# )
# )
# self.assertEqual(response.status_code, 404)
#
# def test_staff_no_write_permission_cant_see_entries(self):
# """
# A test which creates an unpublished entry and then loads the list view
# followed by detail view as a staff user without blog write permissions to
# check that the entry cannot be seen.
# """
# e1 = Entry.objects.create(
# pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
# )
# e2 = Entry.objects.create(
# pub_date=self.yesterday, is_active=True, headline="active", slug="b"
# )
# user = User.objects.create_user(
# "staff", "[email protected]", "password", is_staff=True
# )
# self.client.force_login(user)
# response = self.client.get(reverse("weblog:index"))
#
# self.assertContains(response, "active")
# response = self.client.get(
# reverse(
# "weblog:entry",
# kwargs={
# "year": e1.pub_date.year,
# "month": e1.pub_date.month,
# "day": e1.pub_date.day,
# "slug": e1.slug,
# },
# )
# )
# self.assertEqual(response.status_code, 404)
# response = self.client.get(
# reverse(
# "weblog:entry",
# kwargs={
# "year": e2.pub_date.year,
# "month": e2.pub_date.month,
# "day": e2.pub_date.day,
# "slug": e2.slug,
# },
# )
# )
# self.assertEqual(response.status_code, 404)

def test_staff_with_write_permission_can_see_unpublished_detail_view(self):
"""
staff users with write permission on BlogEntry can't see unpublished entries
in the list, but can view the detail page
"""
e1 = Entry.objects.create(
pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
)
user = User.objects.create(username="staff", is_staff=True)
self.client.force_login(user)
self.assertEqual(Entry.objects.all().count(), 1)
response = self.client.get(reverse("weblog:index"))
self.assertEqual(response.status_code, 404)

response = self.client.get(
reverse(
"weblog:entry",
kwargs={
"year": e1.pub_date.year,
"month": e1.pub_date.month,
"day": e1.pub_date.day,
"slug": e1.slug,
},
)
)
request = response.context["request"]
self.assertTrue(request.user.is_staff)
self.assertEqual(response.status_code, 200)

def test_no_past_upcoming_events(self):
"""
Make sure there are no past event in the "upcoming events" sidebar (#399)
Expand Down
2 changes: 2 additions & 0 deletions blog/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@ class BlogDateDetailView(BlogViewMixin, DateDetailView):
def get_queryset(self):
"""Allows staff users to view unpublished entries"""
if self.request.user.is_staff:
print("\n\nSTAFF USER\n\n")
return Entry.objects.all()
else:
print("\n\nNORMAL USER\n\n")
return Entry.objects.published()

0 comments on commit fdb5675

Please sign in to comment.