tests: add a check for unprivileged access to /manage/

2016-07-20 13:34:52 +02:00 · 2016-07-20 13:34:52 +02:00 · e36d4b9772
parent 9a6bfd81f8
commit e36d4b9772
1 changed files with 13 additions and 0 deletions
--- a/tests/test_manager.py
+++ b/tests/test_manager.py
@ -9,6 +9,14 @@ from chrono.agendas.models import Agenda, Event, Booking

 pytestmark = pytest.mark.django_db

+@pytest.fixture
+def simple_user():
+    try:
+        user = User.objects.get(username='user')
+    except User.DoesNotExist:
+        user = User.objects.create_user('user', password='user')
+    return user
+
@pytest.fixture
 def admin_user():
    try:
@ -30,6 +38,11 @@ def test_unlogged_access(app):
    # connect while not being logged in
    assert app.get('/manage/', status=302).location == 'http://localhost:80/login/?next=/manage/'

+def test_simple_user_access(app, simple_user):
+    # connect while being logged as a simple user, access should be forbidden
+    app = login(app, username='user', password='user')
+    assert app.get('/manage/', status=403)
+
 def test_home_redirect(app):
    assert app.get('/', status=302).location == 'http://localhost:80/manage/'