django-fritzconnection_ynh/tests/test_django_project.py

166 lines
5.5 KiB
Python
Raw Normal View History

2022-08-16 09:47:54 +02:00
from axes.models import AccessLog
2022-04-02 17:44:57 +02:00
from bx_django_utils.test_utils.html_assertion import HtmlAssertionMixin
from django.conf import settings
2022-04-02 17:44:57 +02:00
from django.contrib.auth.models import User
from django.test import override_settings
from django.test.testcases import TestCase
from django.urls.base import reverse
from django_yunohost_integration.test_utils import generate_basic_auth
2022-04-02 20:35:22 +02:00
import djfritz
2022-04-02 17:44:57 +02:00
@override_settings(DEBUG=False)
class DjangoYnhTestCase(HtmlAssertionMixin, TestCase):
def setUp(self):
super().setUp()
# Always start a fresh session:
self.client = self.client_class()
def test_settings(self):
assert settings.PATH_URL == 'app_path'
assert str(settings.FINALPATH).endswith('/local_test/opt_yunohost')
assert str(settings.PUBLIC_PATH).endswith('/local_test/var_www')
assert str(settings.LOG_FILE).endswith('/local_test/var_log_django-fritzconnection.log')
2022-04-02 17:44:57 +02:00
assert settings.ROOT_URLCONF == 'urls'
2022-08-16 09:47:54 +02:00
def test_config_panel_settings(self):
# config_panel.toml settings, set via tests.conftest.pytest_configure():
assert settings.DEBUG_ENABLED == '0' and settings.DEBUG is False
assert settings.LOG_LEVEL == 'INFO'
assert settings.ADMIN_EMAIL == 'foo-bar@test.tld'
assert settings.DEFAULT_FROM_EMAIL == 'django_app@test.tld'
def test_auth(self):
assert settings.PATH_URL == 'app_path'
2022-04-02 20:35:22 +02:00
assert reverse('admin:index') == '/app_path/admin/'
2022-04-02 17:44:57 +02:00
# SecurityMiddleware should redirects all non-HTTPS requests to HTTPS:
assert settings.SECURE_SSL_REDIRECT is True
response = self.client.get('/app_path/admin/', secure=False)
2022-04-02 17:44:57 +02:00
self.assertRedirects(
response,
status_code=301, # permanent redirect
expected_url='https://testserver/app_path/admin/',
2022-04-08 18:13:57 +02:00
fetch_redirect_response=False,
2022-04-02 20:35:22 +02:00
)
response = self.client.get('/app_path/admin/', secure=True)
self.assertRedirects(
response,
expected_url='/app_path/admin/login/?next=%2Fapp_path%2Fadmin%2F',
2022-04-02 20:35:22 +02:00
fetch_redirect_response=False,
)
2022-04-02 17:44:57 +02:00
def test_create_unknown_user(self):
assert reverse('admin:index') == '/app_path/admin/'
2022-04-02 17:44:57 +02:00
assert User.objects.count() == 0
self.client.cookies['SSOwAuthUser'] = 'test'
response = self.client.get(
2022-04-02 20:35:22 +02:00
path='/app_path/admin/',
2022-04-02 17:44:57 +02:00
HTTP_REMOTE_USER='test',
HTTP_AUTH_USER='test',
HTTP_AUTHORIZATION='basic dGVzdDp0ZXN0MTIz',
2022-08-16 09:47:54 +02:00
secure=True,
2022-04-02 17:44:57 +02:00
)
assert User.objects.count() == 1
user = User.objects.first()
assert user.username == 'test'
assert user.is_active is True
2022-08-16 09:47:54 +02:00
assert user.is_staff is True # Set by: conf.setup_user.setup_project_user
2022-04-02 17:44:57 +02:00
assert user.is_superuser is False
self.assert_html_parts(
response,
parts=(
2022-04-02 20:35:22 +02:00
(
'<title>Site administration | django-fritzconnection'
f' v{djfritz.__version__}</title>'
),
2022-04-02 17:44:57 +02:00
'<strong>test</strong>',
),
)
def test_wrong_auth_user(self):
assert User.objects.count() == 0
2022-08-16 09:47:54 +02:00
assert AccessLog.objects.count() == 0
2022-04-02 17:44:57 +02:00
self.client.cookies['SSOwAuthUser'] = 'test'
response = self.client.get(
path='/app_path/',
2022-04-02 17:44:57 +02:00
HTTP_REMOTE_USER='test',
HTTP_AUTH_USER='foobar', # <<< wrong user name
HTTP_AUTHORIZATION='basic dGVzdDp0ZXN0MTIz',
2022-08-16 09:47:54 +02:00
secure=True,
2022-04-02 17:44:57 +02:00
)
assert User.objects.count() == 1
user = User.objects.first()
assert user.username == 'test'
assert user.is_active is True
2022-08-16 09:47:54 +02:00
assert user.is_staff is True # Set by: conf.setup_user.setup_project_user
2022-04-02 17:44:57 +02:00
assert user.is_superuser is False
2022-08-16 09:47:54 +02:00
assert AccessLog.objects.count() == 1
2022-04-02 17:44:57 +02:00
assert response.status_code == 403 # Forbidden
def test_wrong_cookie(self):
assert User.objects.count() == 0
2022-08-16 09:47:54 +02:00
assert AccessLog.objects.count() == 0
2022-04-02 17:44:57 +02:00
self.client.cookies['SSOwAuthUser'] = 'foobar' # <<< wrong user name
response = self.client.get(
path='/app_path/',
2022-04-02 17:44:57 +02:00
HTTP_REMOTE_USER='test',
HTTP_AUTH_USER='test',
HTTP_AUTHORIZATION='basic dGVzdDp0ZXN0MTIz',
2022-08-16 09:47:54 +02:00
secure=True,
2022-04-02 17:44:57 +02:00
)
assert User.objects.count() == 1
user = User.objects.first()
assert user.username == 'test'
assert user.is_active is True
2022-08-16 09:47:54 +02:00
assert user.is_staff is True # Set by: conf.setup_user.setup_project_user
2022-04-02 17:44:57 +02:00
assert user.is_superuser is False
2022-08-16 09:47:54 +02:00
assert AccessLog.objects.count() == 1
2022-04-02 17:44:57 +02:00
assert response.status_code == 403 # Forbidden
def test_wrong_authorization_user(self):
assert User.objects.count() == 0
self.client.cookies['SSOwAuthUser'] = 'test'
response = self.client.get(
path='/app_path/',
2022-04-02 17:44:57 +02:00
HTTP_REMOTE_USER='test',
HTTP_AUTH_USER='test',
2022-04-02 20:35:22 +02:00
HTTP_AUTHORIZATION=generate_basic_auth(
2022-08-16 09:47:54 +02:00
username='foobar', # <<< wrong user name
password='test123',
),
secure=True,
2022-04-02 17:44:57 +02:00
)
assert User.objects.count() == 1
user = User.objects.first()
assert user.username == 'test'
assert user.is_active is True
2022-08-16 09:47:54 +02:00
assert user.is_staff is True # Set by: conf.setup_user.setup_project_user
2022-04-02 17:44:57 +02:00
assert user.is_superuser is False
2022-08-16 09:47:54 +02:00
assert AccessLog.objects.count() == 1
2022-04-02 17:44:57 +02:00
assert response.status_code == 403 # Forbidden