nofusscomputing/centurion_erp
1
0
Fork 0
Code Issues Wiki Activity

test: refactor history permission tests to use an abstract class of test cases

Browse Source 
!27 #15
This commit is contained in:
Jon Lockwood
2024-06-16 01:43:07 +09:30
parent dbcb282548
commit ceb1929d8c
10 changed files with 200 additions and 607 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
app/core/tests/abstract/history_permissions.py Normal file
View File

@ -0,0 +1,115 @@
import pytest
import unittest
from django.contrib.auth.models import User
from django.shortcuts import reverse
from django.test import TestCase, Client
from core.models.history import History
from itam.models.device import Device
class HistoryPermissions:
"""Test cases for accessing History """
item: object
"""Created Model
Create a new item.
"""
model = History
""" The history Model """
namespace: str = ''
""" URL namespace for the history view"""
name_view: str = '_history'
""" URL view name for history """
no_permissions_user: User
"""A User with no permissions to access the item
Create in `setUpTestData`
"""
different_organization_user: User
"""A User with the correct permissions to access the item
This user must be in a different organization than the item
Create in `setUpTestData`
"""
view_user: User
"""A User with the correct permissions to access the item
This user must be in the same organization as the item
Create in `setUpTestData`
"""
def test_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.item._meta.model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.item._meta.model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.item._meta.model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.item._meta.model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200

98
app/itam/tests/device/test_device_history_permission.py
View File

@ -1,38 +1,25 @@
# from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import reverse
from django.test import TestCase, Client
import pytest
import unittest
import requests
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase
from access.models import Organization, Team, TeamUsers, Permission
from core.tests.abstract.history_permissions import HistoryPermissions
from itam.models.device import Device
from core.models.history import History
class DeviceHistoryPermissions(TestCase):
class DeviceHistoryPermissions(TestCase, HistoryPermissions):
item_model = Device
model = History
model_name = 'history'
app_label = 'core'
namespace = ''
name_view = '_history'
@classmethod
def setUpTestData(self):
"""Setup Test
@ -56,8 +43,6 @@ class DeviceHistoryPermissions(TestCase):
name = 'deviceone'
)
self.history_model_name = self.item._meta.model_name
self.history = self.model.objects.get(
item_pk = self.item.id,
item_class = self.item._meta.model_name,
@ -65,10 +50,10 @@ class DeviceHistoryPermissions(TestCase):
)
view_permissions = Permission.objects.get(
codename = 'view_' + self.model_name,
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.app_label,
model = self.model_name,
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
@ -105,66 +90,3 @@ class DeviceHistoryPermissions(TestCase):
team = different_organization_team,
user = self.different_organization_user
)
def test_auth_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_auth_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200

96
app/itam/tests/device_model/test_device_model_history_permission.py
View File

@ -1,38 +1,25 @@
# from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import reverse
from django.test import TestCase, Client
import pytest
import unittest
import requests
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase, Client
from access.models import Organization, Team, TeamUsers, Permission
from core.tests.abstract.history_permissions import HistoryPermissions
from itam.models.device import DeviceModel
from core.models.history import History
class DeviceModelHistoryPermissions(TestCase):
class DeviceModelHistoryPermissions(TestCase, HistoryPermissions):
item_model = DeviceModel
model = History
model_name = 'history'
app_label = 'core'
namespace = ''
name_view = '_history'
@classmethod
def setUpTestData(self):
"""Setup Test
@ -65,10 +52,10 @@ class DeviceModelHistoryPermissions(TestCase):
)
view_permissions = Permission.objects.get(
codename = 'view_' + self.model_name,
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.app_label,
model = self.model_name,
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
@ -105,66 +92,3 @@ class DeviceModelHistoryPermissions(TestCase):
team = different_organization_team,
user = self.different_organization_user
)
def test_auth_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_auth_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200

97
app/itam/tests/operating_system/test_operating_system_history_permission.py
View File

@ -1,38 +1,26 @@
# from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import reverse
from django.test import TestCase, Client
import pytest
import unittest
import requests
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase, Client
from access.models import Organization, Team, TeamUsers, Permission
from core.tests.abstract.history_permissions import HistoryPermissions
from itam.models.operating_system import OperatingSystem
from core.models.history import History
class OperatingSystemHistoryPermissions(TestCase):
class OperatingSystemHistoryPermissions(TestCase, HistoryPermissions):
item_model = OperatingSystem
model = History
model_name = 'history'
app_label = 'core'
namespace = ''
name_view = '_history'
@classmethod
def setUpTestData(self):
"""Setup Test
@ -65,10 +53,10 @@ class OperatingSystemHistoryPermissions(TestCase):
)
view_permissions = Permission.objects.get(
codename = 'view_' + self.model_name,
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.app_label,
model = self.model_name,
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
@ -105,66 +93,3 @@ class OperatingSystemHistoryPermissions(TestCase):
team = different_organization_team,
user = self.different_organization_user
)
def test_auth_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_auth_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200

96
app/itam/tests/software/test_software_history_permission.py
View File

@ -1,38 +1,25 @@
# from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import reverse
from django.test import TestCase, Client
import pytest
import unittest
import requests
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase, Client
from access.models import Organization, Team, TeamUsers, Permission
from core.tests.abstract.history_permissions import HistoryPermissions
from itam.models.software import Software
from core.models.history import History
class SoftwareHistoryPermissions(TestCase):
class SoftwareHistoryPermissions(TestCase, HistoryPermissions):
item_model = Software
model = History
model_name = 'history'
app_label = 'core'
namespace = ''
name_view = '_history'
@classmethod
def setUpTestData(self):
"""Setup Test
@ -65,10 +52,10 @@ class SoftwareHistoryPermissions(TestCase):
)
view_permissions = Permission.objects.get(
codename = 'view_' + self.model_name,
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.app_label,
model = self.model_name,
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
@ -105,66 +92,3 @@ class SoftwareHistoryPermissions(TestCase):
team = different_organization_team,
user = self.different_organization_user
)
def test_auth_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_auth_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200

99
app/settings/tests/software_category/test_software_category_history_permission.py → app/itam/tests/software_category/test_software_category_history_permission.py
View File

@ -1,39 +1,25 @@
# from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import reverse
from django.test import TestCase, Client
import pytest
import unittest
import requests
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase, Client
from access.models import Organization, Team, TeamUsers, Permission
from core.tests.abstract.history_permissions import HistoryPermissions
from itam.models.software import SoftwareCategory
from core.models.history import History
class SoftwareCategoryHistoryPermissions(TestCase):
class SoftwareCategoryHistoryPermissions(TestCase, HistoryPermissions):
item_model = SoftwareCategory
model = History
model_name = 'history'
app_label = 'core'
namespace = ''
name_view = '_history'
@classmethod
def setUpTestData(self):
"""Setup Test
@ -66,10 +52,10 @@ class SoftwareCategoryHistoryPermissions(TestCase):
)
view_permissions = Permission.objects.get(
codename = 'view_' + self.model_name,
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.app_label,
model = self.model_name,
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
@ -105,67 +91,4 @@ class SoftwareCategoryHistoryPermissions(TestCase):
TeamUsers.objects.create(
team = different_organization_team,
user = self.different_organization_user
)
def test_auth_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_auth_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200
)

97
app/settings/tests/device_type/test_device_type_history_permission.py
View File

@ -1,39 +1,25 @@
# from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import reverse
from django.test import TestCase, Client
import pytest
import unittest
import requests
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase, Client
from access.models import Organization, Team, TeamUsers, Permission
from core.tests.abstract.history_permissions import HistoryPermissions
from itam.models.device import DeviceType
from core.models.history import History
class DeviceTypeHistoryPermissions(TestCase):
class DeviceTypeHistoryPermissions(TestCase, HistoryPermissions):
item_model = DeviceType
model = History
model_name = 'history'
app_label = 'core'
namespace = ''
name_view = '_history'
@classmethod
def setUpTestData(self):
"""Setup Test
@ -66,10 +52,10 @@ class DeviceTypeHistoryPermissions(TestCase):
)
view_permissions = Permission.objects.get(
codename = 'view_' + self.model_name,
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.app_label,
model = self.model_name,
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
@ -106,66 +92,3 @@ class DeviceTypeHistoryPermissions(TestCase):
team = different_organization_team,
user = self.different_organization_user
)
def test_auth_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_auth_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200

96
app/settings/tests/manufacturer/test_manufacturer_history_permission.py
View File

@ -1,38 +1,25 @@
# from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import reverse
from django.test import TestCase, Client
import pytest
import unittest
import requests
from django.contrib.auth.models import AnonymousUser, User
from django.contrib.contenttypes.models import ContentType
from django.test import TestCase, Client
from access.models import Organization, Team, TeamUsers, Permission
from core.models.history import History
from core.models.manufacturer import Manufacturer
from core.tests.abstract.history_permissions import HistoryPermissions
class ManufacturerHistoryPermissions(TestCase):
class ManufacturerHistoryPermissions(TestCase, HistoryPermissions):
item_model = Manufacturer
model = History
model_name = 'history'
app_label = 'core'
namespace = ''
name_view = '_history'
@classmethod
def setUpTestData(self):
"""Setup Test
@ -65,10 +52,10 @@ class ManufacturerHistoryPermissions(TestCase):
)
view_permissions = Permission.objects.get(
codename = 'view_' + self.model_name,
codename = 'view_' + self.model._meta.model_name,
content_type = ContentType.objects.get(
app_label = self.app_label,
model = self.model_name,
app_label = self.model._meta.app_label,
model = self.model._meta.model_name,
)
)
@ -105,66 +92,3 @@ class ManufacturerHistoryPermissions(TestCase):
team = different_organization_team,
user = self.different_organization_user
)
def test_auth_view_history_user_anon_denied(self):
""" Check correct permission for view
Attempt to view as anon user
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
response = client.get(url)
assert response.status_code == 302 and response.url.startswith('/account/login')
def test_auth_view_history_no_permission_denied(self):
""" Check correct permission for view
Attempt to view with user missing permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.no_permissions_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_different_organizaiton_denied(self):
""" Check correct permission for view
Attempt to view with user from different organization
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.different_organization_user)
response = client.get(url)
assert response.status_code == 403
def test_auth_view_history_has_permission(self):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
url = reverse(self.namespace + self.name_view, kwargs={'model_name': self.history_model_name, 'model_pk': self.item.id})
client.force_login(self.view_user)
response = client.get(url)
assert response.status_code == 200