Skip to content

Commit fdb5675

Browse files
markswebmarksweb
committed
WIP testing
1 parent 2bea4cd commit fdb5675

File tree

2 files changed

+150
-0
lines changed

2 files changed

+150
-0
lines changed

blog/tests.py

+148
Original file line numberDiff line numberDiff line change
@@ -179,6 +179,154 @@ def test_past_future_ordering(self):
179179

180180

181181
class ViewsTestCase(DateTimeMixin, TestCase):
182+
"""
183+
TODO:
184+
* anon users can't see unpublished entries at all (list or detail)
185+
* logged in users (non-staff) can't see unpublished entries at all
186+
* staff users without write permission on BlogEntry can't see unpublished
187+
entries at all
188+
* staff users with write permission on BlogEntry can't see unpublished
189+
entries in the list, but can view the detail page
190+
"""
191+
192+
# def test_anonymous_user_cant_see_entries(self):
193+
# """
194+
# A test which creates an unpublished entry and then loads the list view
195+
# followed by detail view as an anonymous user to check that the entry cannot
196+
# be seen.
197+
# """
198+
# e1 = Entry.objects.create(
199+
# pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
200+
# )
201+
# e2 = Entry.objects.create(
202+
# pub_date=self.yesterday, is_active=True, headline="active", slug="b"
203+
# )
204+
# response = self.client.get(reverse("weblog:index"))
205+
# self.assertNotContains(response, "active")
206+
# response = self.client.get(
207+
# reverse(
208+
# "weblog:entry",
209+
# kwargs={
210+
# "year": e1.pub_date.year,
211+
# "month": e1.pub_date.month,
212+
# "day": e1.pub_date.day,
213+
# "slug": e1.slug,
214+
# },
215+
# )
216+
# )
217+
# self.assertEqual(response.status_code, 404)
218+
# response = self.client.get(
219+
# reverse(
220+
# "weblog:entry",
221+
# kwargs={
222+
# "year": e2.pub_date.year,
223+
# "month": e2.pub_date.month,
224+
# "day": e2.pub_date.day,
225+
# "slug": e2.slug,
226+
# },
227+
# )
228+
# )
229+
# self.assertEqual(response.status_code, 404)
230+
#
231+
# def test_logged_in_user_cant_see_entries(self):
232+
# """
233+
# A test which creates an unpublished entry and then loads the list view
234+
# followed by detail view as a non-staff user to check that the entry cannot be
235+
# seen.
236+
# """
237+
# e = Entry.objects.create(
238+
# pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
239+
# )
240+
# user = User.objects.create_user("user", "[email protected]", "password")
241+
# self.client.force_login(user)
242+
# response = self.client.get(reverse("weblog:index"))
243+
# self.assertNotContains(response, "active")
244+
# response = self.client.get(
245+
# reverse(
246+
# "weblog:entry",
247+
# kwargs={
248+
# "year": e.pub_date.year,
249+
# "month": e.pub_date.month,
250+
# "day": e.pub_date.day,
251+
# "slug": e.slug,
252+
# },
253+
# )
254+
# )
255+
# self.assertEqual(response.status_code, 404)
256+
#
257+
# def test_staff_no_write_permission_cant_see_entries(self):
258+
# """
259+
# A test which creates an unpublished entry and then loads the list view
260+
# followed by detail view as a staff user without blog write permissions to
261+
# check that the entry cannot be seen.
262+
# """
263+
# e1 = Entry.objects.create(
264+
# pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
265+
# )
266+
# e2 = Entry.objects.create(
267+
# pub_date=self.yesterday, is_active=True, headline="active", slug="b"
268+
# )
269+
# user = User.objects.create_user(
270+
# "staff", "[email protected]", "password", is_staff=True
271+
# )
272+
# self.client.force_login(user)
273+
# response = self.client.get(reverse("weblog:index"))
274+
#
275+
# self.assertContains(response, "active")
276+
# response = self.client.get(
277+
# reverse(
278+
# "weblog:entry",
279+
# kwargs={
280+
# "year": e1.pub_date.year,
281+
# "month": e1.pub_date.month,
282+
# "day": e1.pub_date.day,
283+
# "slug": e1.slug,
284+
# },
285+
# )
286+
# )
287+
# self.assertEqual(response.status_code, 404)
288+
# response = self.client.get(
289+
# reverse(
290+
# "weblog:entry",
291+
# kwargs={
292+
# "year": e2.pub_date.year,
293+
# "month": e2.pub_date.month,
294+
# "day": e2.pub_date.day,
295+
# "slug": e2.slug,
296+
# },
297+
# )
298+
# )
299+
# self.assertEqual(response.status_code, 404)
300+
301+
def test_staff_with_write_permission_can_see_unpublished_detail_view(self):
302+
"""
303+
staff users with write permission on BlogEntry can't see unpublished entries
304+
in the list, but can view the detail page
305+
"""
306+
e1 = Entry.objects.create(
307+
pub_date=self.yesterday, is_active=False, headline="inactive", slug="a"
308+
)
309+
user = User.objects.create(username="staff", is_staff=True)
310+
self.client.force_login(user)
311+
self.assertEqual(Entry.objects.all().count(), 1)
312+
response = self.client.get(reverse("weblog:index"))
313+
self.assertEqual(response.status_code, 404)
314+
315+
response = self.client.get(
316+
reverse(
317+
"weblog:entry",
318+
kwargs={
319+
"year": e1.pub_date.year,
320+
"month": e1.pub_date.month,
321+
"day": e1.pub_date.day,
322+
"slug": e1.slug,
323+
},
324+
)
325+
)
326+
request = response.context["request"]
327+
self.assertTrue(request.user.is_staff)
328+
self.assertEqual(response.status_code, 200)
329+
182330
def test_no_past_upcoming_events(self):
183331
"""
184332
Make sure there are no past event in the "upcoming events" sidebar (#399)

blog/views.py

+2
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,8 @@ class BlogDateDetailView(BlogViewMixin, DateDetailView):
5050
def get_queryset(self):
5151
"""Allows staff users to view unpublished entries"""
5252
if self.request.user.is_staff:
53+
print("\n\nSTAFF USER\n\n")
5354
return Entry.objects.all()
5455
else:
56+
print("\n\nNORMAL USER\n\n")
5557
return Entry.objects.published()

0 commit comments

Comments
 (0)