From fe06a0ff8e5699ce55f60767483b7620bf339141 Mon Sep 17 00:00:00 2001 From: Yohan Boniface Date: Fri, 13 Dec 2024 14:44:54 +0100 Subject: [PATCH] chore: add more tests for team related views --- umap/tests/test_dashboard.py | 82 +++++++++++++++++++++++++++++++++++ umap/tests/test_team_views.py | 33 +++++++++++++- umap/tests/test_views.py | 74 ------------------------------- 3 files changed, 114 insertions(+), 75 deletions(-) create mode 100644 umap/tests/test_dashboard.py diff --git a/umap/tests/test_dashboard.py b/umap/tests/test_dashboard.py new file mode 100644 index 000000000..30debc41c --- /dev/null +++ b/umap/tests/test_dashboard.py @@ -0,0 +1,82 @@ +import pytest +from django.contrib.auth import get_user_model +from django.urls import reverse + +from umap.models import Map + +from .base import MapFactory, UserFactory + +User = get_user_model() + +pytestmark = pytest.mark.django_db + + +def test_user_dashboard_is_restricted_to_logged_in(client): + response = client.get(reverse("user_dashboard")) + assert response.status_code == 302 + assert response["Location"] == "/en/login/?next=/en/me" + + +def test_user_dashboard_display_user_maps(client, map): + client.login(username=map.owner.username, password="123123") + response = client.get(reverse("user_dashboard")) + assert response.status_code == 200 + body = response.content.decode() + assert map.name in body + assert f"{map.get_absolute_url()}?edit" in body + assert f"{map.get_absolute_url()}?share" in body + assert f"/map/{map.pk}/download" in body + assert "Everyone (public)" in body + assert "Owner only" in body + + +def test_user_dashboard_do_not_display_blocked_user_maps(client, map): + map.share_status = Map.BLOCKED + map.save() + client.login(username=map.owner.username, password="123123") + response = client.get(reverse("user_dashboard")) + assert response.status_code == 200 + body = response.content.decode() + assert map.name not in body + + +def test_user_dashboard_do_not_display_deleted_user_maps(client, map): + map.share_status = Map.DELETED + map.save() + client.login(username=map.owner.username, password="123123") + response = client.get(reverse("user_dashboard")) + assert response.status_code == 200 + body = response.content.decode() + assert map.name not in body + + +@pytest.mark.parametrize("share_status", [Map.DRAFT, Map.PRIVATE, Map.PUBLIC, Map.OPEN]) +def test_user_dashboard_display_user_team_maps(client, map, team, user, share_status): + user.teams.add(team) + user.save() + map.team = team + map.share_status = share_status + map.save() + assert map.owner != user + client.login(username=user.username, password="123123") + response = client.get(reverse("user_dashboard")) + assert response.status_code == 200 + body = response.content.decode() + assert map.name in body + assert map.get_absolute_url() in body + + +def test_user_dashboard_display_user_maps_distinct(client, map): + # cf https://github.com/umap-project/umap/issues/1325 + anonymap = MapFactory(name="Map witout owner should not appear") + user1 = UserFactory(username="user1") + user2 = UserFactory(username="user2") + map.editors.add(user1) + map.editors.add(user2) + map.save() + client.login(username=map.owner.username, password="123123") + response = client.get(reverse("user_dashboard")) + assert response.status_code == 200 + body = response.content.decode() + assert body.count(f'test map') == 1 + assert body.count(anonymap.name) == 0 diff --git a/umap/tests/test_team_views.py b/umap/tests/test_team_views.py index 7bce42b04..299280564 100644 --- a/umap/tests/test_team_views.py +++ b/umap/tests/test_team_views.py @@ -1,7 +1,7 @@ import pytest from django.urls import reverse -from umap.models import Team +from umap.models import Map, Team pytestmark = pytest.mark.django_db @@ -15,6 +15,37 @@ def test_can_see_team_maps(client, map, team): assert map.name in response.content.decode() +def test_others_cannot_see_team_private_maps_in_team_page(client, map, team, user): + map.team = team + map.share_status = Map.PRIVATE + map.save() + url = reverse("team_maps", args=(team.pk,)) + response = client.get(url) + assert response.status_code == 200 + assert map.name not in response.content.decode() + # User is not in team + client.login(username=user.username, password="123123") + response = client.get(url) + assert response.status_code == 200 + assert map.name not in response.content.decode() + + +@pytest.mark.parametrize("share_status", [Map.PRIVATE, Map.DRAFT]) +def test_members_can_see_private_maps_in_team_page( + client, map, team, user, share_status +): + map.team = team + map.share_status = share_status + map.save() + user.teams.add(team) + user.save() + url = reverse("team_maps", args=(team.pk,)) + client.login(username=user.username, password="123123") + response = client.get(url) + assert response.status_code == 200 + assert map.name not in response.content.decode() + + def test_user_can_see_their_teams(client, team, user): user.teams.add(team) user.save() diff --git a/umap/tests/test_views.py b/umap/tests/test_views.py index 420fe16e6..a0de69f86 100644 --- a/umap/tests/test_views.py +++ b/umap/tests/test_views.py @@ -267,80 +267,6 @@ def test_change_user_slug(client, user, settings): assert f"/en/user/{user.pk}/" in response.content.decode() -@pytest.mark.django_db -def test_user_dashboard_is_restricted_to_logged_in(client): - response = client.get(reverse("user_dashboard")) - assert response.status_code == 302 - assert response["Location"] == "/en/login/?next=/en/me" - - -@pytest.mark.django_db -def test_user_dashboard_display_user_maps(client, map): - client.login(username=map.owner.username, password="123123") - response = client.get(reverse("user_dashboard")) - assert response.status_code == 200 - body = response.content.decode() - assert map.name in body - assert f"{map.get_absolute_url()}?edit" in body - assert f"{map.get_absolute_url()}?share" in body - assert f"/map/{map.pk}/download" in body - assert "Everyone (public)" in body - assert "Owner only" in body - - -@pytest.mark.django_db -def test_user_dashboard_do_not_display_blocked_user_maps(client, map): - map.share_status = Map.BLOCKED - map.save() - client.login(username=map.owner.username, password="123123") - response = client.get(reverse("user_dashboard")) - assert response.status_code == 200 - body = response.content.decode() - assert map.name not in body - - -@pytest.mark.django_db -def test_user_dashboard_do_not_display_deleted_user_maps(client, map): - map.share_status = Map.DELETED - map.save() - client.login(username=map.owner.username, password="123123") - response = client.get(reverse("user_dashboard")) - assert response.status_code == 200 - body = response.content.decode() - assert map.name not in body - - -@pytest.mark.django_db -def test_user_dashboard_display_user_team_maps(client, map, team, user): - user.teams.add(team) - user.save() - map.team = team - map.save() - client.login(username=user.username, password="123123") - response = client.get(reverse("user_dashboard")) - assert response.status_code == 200 - body = response.content.decode() - assert map.name in body - assert map.get_absolute_url() in body - - -@pytest.mark.django_db -def test_user_dashboard_display_user_maps_distinct(client, map): - # cf https://github.com/umap-project/umap/issues/1325 - anonymap = MapFactory(name="Map witout owner should not appear") - user1 = UserFactory(username="user1") - user2 = UserFactory(username="user2") - map.editors.add(user1) - map.editors.add(user2) - map.save() - client.login(username=map.owner.username, password="123123") - response = client.get(reverse("user_dashboard")) - assert response.status_code == 200 - body = response.content.decode() - assert body.count(f'test map') == 1 - assert body.count(anonymap.name) == 0 - - @pytest.mark.django_db def test_logout_should_return_redirect(client, user, settings): client.login(username=user.username, password="123123")