Skip to content

Model Permissions Add Test Cases

Tests for checking model Add permissions

Source code in app/app/tests/abstract/model_permissions.py 
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
class ModelPermissionsAdd:
    """ Tests for checking model Add permissions """

    app_namespace: str = None

    url_name_add: str

    url_add_kwargs: dict = None

    add_data: dict = None


    @pytest.mark.skip(reason="ToDO: write test")
    def test_model_requires_attribute_parent_model(self):
        """ Child model requires 'django view' attribute 'parent_model'

        When a child-model is added the parent model is required so that the organization can be detrmined.
        """

        pass


    def test_model_add_user_anon_denied(self):
        """ Check correct permission for add 

        Attempt to add as anon user
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


        response = client.put(url, data=self.add_data)

        assert response.status_code == 302 and response.url.startswith('/account/login')

    # @pytest.mark.skip(reason="ToDO: figure out why fails")
    def test_model_add_no_permission_denied(self):
        """ Check correct permission for add

        Attempt to add as user with no permissions
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


        client.force_login(self.no_permissions_user)
        response = client.post(url, data=self.add_data)

        assert response.status_code == 403


    # @pytest.mark.skip(reason="ToDO: figure out why fails")
    def test_model_add_different_organization_denied(self):
        """ Check correct permission for add

        attempt to add as user from different organization
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


        client.force_login(self.different_organization_user)
        response = client.post(url, data=self.add_data)

        assert response.status_code == 403


    def test_model_add_permission_view_denied(self):
        """ Check correct permission for add

        Attempt to add a user with view permission
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


        client.force_login(self.view_user)
        response = client.post(url, data=self.add_data)

        assert response.status_code == 403


    def test_model_add_has_permission(self):
        """ Check correct permission for add 

        Attempt to add as user with no permission
        """

        client = Client()
        url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


        client.force_login(self.add_user)
        response = client.post(url, data=self.add_data)

        assert response.status_code == 200

Attributes

app_namespace: str = None

url_name_add: str

url_add_kwargs: dict = None

add_data: dict = None

Functions

test_model_requires_attribute_parent_model()

Child model requires 'django view' attribute 'parent_model'

When a child-model is added the parent model is required so that the organization can be detrmined.

Source code in app/app/tests/abstract/model_permissions.py 
121
122
123
124
125
126
127
128
@pytest.mark.skip(reason="ToDO: write test")
def test_model_requires_attribute_parent_model(self):
    """ Child model requires 'django view' attribute 'parent_model'

    When a child-model is added the parent model is required so that the organization can be detrmined.
    """

    pass

test_model_add_user_anon_denied()

Check correct permission for add

Attempt to add as anon user

Source code in app/app/tests/abstract/model_permissions.py 
131
132
133
134
135
136
137
138
139
140
141
142
143
def test_model_add_user_anon_denied(self):
    """ Check correct permission for add 

    Attempt to add as anon user
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


    response = client.put(url, data=self.add_data)

    assert response.status_code == 302 and response.url.startswith('/account/login')

test_model_add_no_permission_denied()

Check correct permission for add

Attempt to add as user with no permissions

Source code in app/app/tests/abstract/model_permissions.py 
146
147
148
149
150
151
152
153
154
155
156
157
158
159
def test_model_add_no_permission_denied(self):
    """ Check correct permission for add

    Attempt to add as user with no permissions
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


    client.force_login(self.no_permissions_user)
    response = client.post(url, data=self.add_data)

    assert response.status_code == 403

test_model_add_different_organization_denied()

Check correct permission for add

attempt to add as user from different organization

Source code in app/app/tests/abstract/model_permissions.py 
163
164
165
166
167
168
169
170
171
172
173
174
175
176
def test_model_add_different_organization_denied(self):
    """ Check correct permission for add

    attempt to add as user from different organization
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


    client.force_login(self.different_organization_user)
    response = client.post(url, data=self.add_data)

    assert response.status_code == 403

test_model_add_permission_view_denied()

Check correct permission for add

Attempt to add a user with view permission

Source code in app/app/tests/abstract/model_permissions.py 
179
180
181
182
183
184
185
186
187
188
189
190
191
192
def test_model_add_permission_view_denied(self):
    """ Check correct permission for add

    Attempt to add a user with view permission
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


    client.force_login(self.view_user)
    response = client.post(url, data=self.add_data)

    assert response.status_code == 403

test_model_add_has_permission()

Check correct permission for add

Attempt to add as user with no permission

Source code in app/app/tests/abstract/model_permissions.py 
195
196
197
198
199
200
201
202
203
204
205
206
207
208
def test_model_add_has_permission(self):
    """ Check correct permission for add 

    Attempt to add as user with no permission
    """

    client = Client()
    url = reverse(self.app_namespace + ':' + self.url_name_add, kwargs=self.url_add_kwargs)


    client.force_login(self.add_user)
    response = client.post(url, data=self.add_data)

    assert response.status_code == 200

About:

This page forms part of our Project Centurion ERP.

Page Metadata
Version: ToDo: place files short git commit here
Date Created: 2024-06-15
Date Edited: 2024-07-09

Contribution:

Would You like to contribute to our Centurion ERP project? You can assist in the following ways:

 

ToDo: Add the page list of contributors