Smoke and permissions tests

And various bug / permissions config tweaks to accompany
2018-03-26 00:37:29 -07:00 · 2018-03-26 00:37:29 -07:00 · f4d1da0ab7
commit f4d1da0ab7
parent 0d7a933d1c
7 changed files with 161 additions and 49 deletions
--- a/todo/tests/test_views.py
+++ b/todo/tests/test_views.py
@ -0,0 +1,112 @@
+import pytest
+
+from django.urls import reverse
+
+from todo.models import Item, TaskList
+
+"""
+First the "smoketests" - do they respond at all for a logged in admin user?
+Next permissions tests - some views should respond for staffers only.
+After that, view contents and behaviors.
+"""
+
+# ### SMOKETESTS ###
+
+@pytest.mark.django_db
+def test_todo_setup(todo_setup):
+    assert Item.objects.all().count() == 3
+
+
+def test_view_list_lists(todo_setup, admin_client):
+    url = reverse('todo:lists')
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_view_reorder(todo_setup, admin_client):
+    url = reverse('todo:reorder_tasks')
+    response = admin_client.get(url)
+    assert response.status_code == 201  # Special case return value expected
+
+
+def test_view_external_add(todo_setup, admin_client, settings):
+    default_list = TaskList.objects.first()
+    settings.TODO_DEFAULT_LIST_ID = default_list.id
+    assert settings.TODO_DEFAULT_LIST_ID == default_list.id
+    url = reverse('todo:external_add')
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_view_mine(todo_setup, admin_client):
+    url = reverse('todo:mine')
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_view_list_completed(todo_setup, admin_client):
+    tlist = TaskList.objects.get(slug="zip")
+    url = reverse('todo:list_detail_completed', kwargs={'list_id': tlist.id, 'list_slug': tlist.slug})
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_view_list(todo_setup, admin_client):
+    tlist = TaskList.objects.get(slug="zip")
+    url = reverse('todo:list_detail', kwargs={'list_id': tlist.id, 'list_slug': tlist.slug})
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_del_list(todo_setup, admin_client):
+    tlist = TaskList.objects.get(slug="zip")
+    url = reverse('todo:del_list', kwargs={'list_id': tlist.id, 'list_slug': tlist.slug})
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_view_add_list(todo_setup, admin_client):
+    url = reverse('todo:add_list')
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_view_task_detail(todo_setup, admin_client):
+    task = Item.objects.first()
+    url = reverse('todo:task_detail', kwargs={'task_id': task.id})
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+def test_view_search(todo_setup, admin_client):
+    url = reverse('todo:search')
+    response = admin_client.get(url)
+    assert response.status_code == 200
+
+
+# ### PERMISSIONS ###
+
+"""
+Some views are for staff users only. We've already smoke-tested with Admin user -
+try these with normal user.
+"""
+
+
+def test_view_add_list_nonadmin(todo_setup, client):
+    url = reverse('todo:add_list')
+    client.login(username="you", password="password")
+    response = client.get(url)
+    assert response.status_code == 302  # Redirects to login. Would prefer 403...
+
+
+def test_view_del_list_nonadmin(todo_setup, client):
+    tlist = TaskList.objects.get(slug="zip")
+    url = reverse('todo:del_list', kwargs={'list_id': tlist.id, 'list_slug': tlist.slug})
+    client.login(username="you", password="password")
+    response = client.get(url)
+    assert response.status_code == 302  # Redirects to login. Would prefer 403...
+
+
+# TODO
+# View a task that's not in one of my groups?
+# Mark complete