diff --git a/dashboards/tests/__init__.py b/dashboards/tests/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/dashboards/tests/__init__.py diff --git a/dashboards/tests/test_redirecting_auth.py b/dashboards/tests/test_redirecting_auth.py new file mode 100644 index 0000000..4278cf6 --- /dev/null +++ b/dashboards/tests/test_redirecting_auth.py @@ -0,0 +1,66 @@ +from django.test import TestCase, Client, override_settings +from django.core.urlresolvers import resolve +from reports.views import ReportView +from subjects.models import Subject, Tag +from users.models import User +from topics.models import Topic, Resource +from chat.models import Conversation, TalkMessages +from categories.models import Category +from datetime import datetime +from log.models import Log +from django.db.models import Q +from django.http import HttpResponse, JsonResponse + + +class RedirectingRulesTest(TestCase): + + def setUp(self): + self.c = Client() + self.student = User.objects.create(username = "student01", email= "student01@amadeus.br") + self.student.set_password("amadeus") #because of the hash function used + self.student.save() + if self.c.login(email="student01@amadeus.br", password="amadeus"): + print("student01 logged in") + + + self.student02 = User.objects.create(username= "student02", email = "student02@amadeus.br") + self.student02.set_password("amadeus") + self.student02.save() + c1 = Category.objects.create(name ="test category", visible = True) + c1.coordinators.add(self.student02) + c1.save() + + + @override_settings(STATICFILES_STORAGE = None) # added decorator + def test_admin_connection(self): + admin = User.objects.create_superuser(username="admin" ,email="admin@amadeus.br", password="amadeus") + admin.save() + self.c.logout() + if self.c.login(email="admin@amadeus.br", password="amadeus"): + print("admin logged in") + + response = self.c.get('/dashboards/general/') + self.assertEqual(response.status_code, 200) + + @override_settings(STATICFILES_STORAGE = None) # added decorator + def test_admin_dashboard_redirect(self): + #as student 01 is already logged in + response = self.c.get('/dashboards/general/') + self.assertEqual(response.status_code, 302) + + @override_settings(STATICFILES_STORAGE = None) # added decorator + def test_category_redirect(self): + response = self.c.get('/dashboards/categories/') + self.assertEqual(response.status_code, 302) + print("a user which is not a coordinator is any category was redirected") + + @override_settings(STATICFILES_STORAGE = None) # added decorator + def test_category_connection(self): + self.c.logout() + if self.c.login(email="student02@amadeus.br", password="amadeus"): + print("student 02 logged in") + + response = self.c.get('/dashboards/categories/') + + self.assertEqual(response.status_code, 200) + print("coordinator is accessing category dashboard") \ No newline at end of file diff --git a/dashboards/views.py b/dashboards/views.py index 3af6ca2..a746fbe 100644 --- a/dashboards/views.py +++ b/dashboards/views.py @@ -24,6 +24,8 @@ from log.mixins import LogMixin from log.decorators import log_decorator_ajax from log.models import Log +from amadeus.permissions import has_category_permissions + class GeneralView(LogMixin, generic.TemplateView): template_name = "dashboards/general.html" @@ -77,7 +79,11 @@ class CategoryView(LogMixin, generic.TemplateView): log_context = {} def dispatch(self, request, *args, **kwargs): - return super(CategoryView, self).dispatch(request, *args, **kwargs) + if Category.objects.filter(coordinators__id = self.request.user.id).exists() or self.request.user.is_staff: + return super(CategoryView, self).dispatch(request, *args, **kwargs) + else: + return redirect('users:login') + def get_context_data(self, **kwargs): context = {} -- libgit2 0.21.2