# -*- coding: utf-8 -*- from __future__ import unicode_literals import copy import json from django.contrib.auth.models import User, Group from django.utils.encoding import force_text from django.utils.timezone import make_aware, now, localtime import datetime import freezegun import mock import pytest import requests from webtest import Upload from chrono.agendas.models import ( Agenda, Booking, Desk, Event, MeetingType, TimePeriod, TimePeriodException, TimePeriodExceptionSource, ) pytestmark = pytest.mark.django_db @pytest.fixture def simple_user(): try: user = User.objects.get(username='user') except User.DoesNotExist: user = User.objects.create_user('user', password='user') return user @pytest.fixture def manager_user(): try: user = User.objects.get(username='manager') except User.DoesNotExist: user = User.objects.create_user('manager', password='manager') group, created = Group.objects.get_or_create(name='Managers') if created: group.save() user.groups.set([group]) return user @pytest.fixture def admin_user(): try: user = User.objects.get(username='admin') except User.DoesNotExist: user = User.objects.create_superuser('admin', email=None, password='admin') return user @pytest.fixture def api_user(): try: user = User.objects.get(username='api-user') except User.DoesNotExist: user = User.objects.create( username='john.doe', first_name=u'John', last_name=u'Doe', email='john.doe@example.net' ) user.set_password('password') user.save() return user def login(app, username='admin', password='admin'): login_page = app.get('/login/') login_form = login_page.forms[0] login_form['username'] = username login_form['password'] = password resp = login_form.submit() assert resp.status_int == 302 return app def test_unlogged_access(app): # connect while not being logged in assert app.get('/manage/', status=302).location.endswith('/login/?next=/manage/') def test_simple_user_access(app, simple_user): # connect while being logged as a simple user, access should be forbidden app = login(app, username='user', password='user') assert app.get('/manage/', status=403) def test_manager_user_access(app, manager_user): # connect while being logged as a manager user, access should be granted if # there's at least an agenda that is viewable or editable. app = login(app, username='manager', password='manager') assert app.get('/manage/', status=403) agenda = Agenda(label=u'Foo bar') agenda.save() assert app.get('/manage/', status=403) agenda.view_role = manager_user.groups.all()[0] agenda.edit_role = None agenda.save() assert app.get('/manage/', status=200) agenda.edit_role = manager_user.groups.all()[0] agenda.view_role = None agenda.save() assert app.get('/manage/', status=200) def test_home_redirect(app): assert app.get('/', status=302).location.endswith('/manage/') def test_access(app, admin_user): app = login(app) resp = app.get('/manage/', status=200) assert '