From 4c25ae29283c67c58feccc7f70ac15f6c704e23f Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Mon, 2 Nov 2020 18:09:24 +0100 Subject: [PATCH] Test team validation --- apps/participation/tests.py | 198 ++++++++++++++++++++++++++++++++++-- apps/participation/views.py | 14 ++- 2 files changed, 202 insertions(+), 10 deletions(-) diff --git a/apps/participation/tests.py b/apps/participation/tests.py index df4a7d9..1836e2a 100644 --- a/apps/participation/tests.py +++ b/apps/participation/tests.py @@ -5,11 +5,17 @@ from django.test import TestCase from django.urls import reverse from registration.models import StudentRegistration -from .models import Participation, Question, Team, Video +from .models import Participation, Question, Team class TestStudentParticipation(TestCase): def setUp(self) -> None: + self.superuser = User.objects.create_superuser( + username="admin", + email="admin@example.com", + password="toto1234", + ) + self.user = User.objects.create( first_name="Toto", last_name="Toto", @@ -33,16 +39,31 @@ class TestStudentParticipation(TestCase): question="Pourquoi l'existence précède l'essence ?") self.client.force_login(self.user) + self.second_user = User.objects.create( + first_name="Lalala", + last_name="Lalala", + email="lalala@example.com", + password="lalala", + ) + StudentRegistration.objects.create( + user=self.second_user, + student_class=11, + school="Moon", + give_contact_to_animath=True, + email_confirmed=True, + ) + self.second_team = Team.objects.create( + name="Poor team", + trigram="FFF", + access_code="qwerty", + grant_animath_access_videos=True, + ) + def test_admin_pages(self): """ Load Django-admin pages. """ - superuser = User.objects.create_superuser( - username="admin", - email="admin@example.com", - password="toto1234", - ) - self.client.force_login(superuser) + self.client.force_login(self.superuser) # Test team pages response = self.client.get(reverse("admin:index") + "participation/team/") @@ -173,6 +194,161 @@ class TestStudentParticipation(TestCase): response = self.client.get(reverse("participation:team_detail", args=(self.team.pk,))) self.assertEqual(response.status_code, 200) + # Can't see other teams + self.second_user.registration.team = self.second_team + self.second_user.registration.save() + self.client.force_login(self.second_user) + response = self.client.get(reverse("participation:team_detail", args=(self.team.participation.pk,))) + self.assertEqual(response.status_code, 403) + + def test_request_validate_team(self): + """ + The team ask for validation. + """ + self.user.registration.team = self.team + self.user.registration.save() + + second_user = User.objects.create( + first_name="Blublu", + last_name="Blublu", + email="blublu@example.com", + password="blublu", + ) + StudentRegistration.objects.create( + user=second_user, + student_class=12, + school="Jupiter", + give_contact_to_animath=True, + email_confirmed=True, + team=self.team, + photo_authorization="authorization/photo/mai-linh", + ) + + third_user = User.objects.create( + first_name="Zupzup", + last_name="Zupzup", + email="zupzup@example.com", + password="zupzup", + ) + StudentRegistration.objects.create( + user=third_user, + student_class=10, + school="Sun", + give_contact_to_animath=False, + email_confirmed=True, + team=self.team, + photo_authorization="authorization/photo/yohann", + ) + + self.client.force_login(self.superuser) + # Admin users can't ask for validation + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="RequestValidationForm", + engagement=True, + )) + self.assertEqual(resp.status_code, 200) + + self.client.force_login(self.user) + + self.assertIsNone(self.team.participation.valid) + + resp = self.client.get(reverse("participation:team_detail", args=(self.team.pk,))) + self.assertEqual(resp.status_code, 200) + self.assertFalse(resp.context["can_validate"]) + # Can't validate + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="RequestValidationForm", + engagement=True, + )) + self.assertEqual(resp.status_code, 200) + + self.user.registration.photo_authorization = "authorization/photo/ananas" + self.user.registration.save() + + resp = self.client.get(reverse("participation:team_detail", args=(self.team.pk,))) + self.assertEqual(resp.status_code, 200) + self.assertFalse(resp.context["can_validate"]) + + self.team.participation.problem = 2 + self.team.participation.save() + + resp = self.client.get(reverse("participation:team_detail", args=(self.team.pk,))) + self.assertEqual(resp.status_code, 200) + self.assertTrue(resp.context["can_validate"]) + + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="RequestValidationForm", + engagement=True, + )) + self.assertRedirects(resp, reverse("participation:team_detail", args=(self.team.pk,)), 302, 200) + self.team.participation.refresh_from_db() + self.assertFalse(self.team.participation.valid) + self.assertIsNotNone(self.team.participation.valid) + + # Team already asked for validation + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="RequestValidationForm", + engagement=True, + )) + self.assertEqual(resp.status_code, 200) + + def test_validate_team(self): + """ + A team asked for validation. Try to validate it. + """ + self.team.participation.valid = False + self.team.participation.save() + + # No right to do that + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="ValidateParticipationForm", + message="J'ai 4 ans", + validate=True, + )) + self.assertEqual(resp.status_code, 200) + + self.client.force_login(self.superuser) + + resp = self.client.get(reverse("participation:team_detail", args=(self.team.pk,))) + self.assertEqual(resp.status_code, 200) + + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="ValidateParticipationForm", + message="Woops I didn't said anything", + )) + self.assertEqual(resp.status_code, 200) + + # Test invalidate team + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="ValidateParticipationForm", + message="Wsh nope", + invalidate=True, + )) + self.assertRedirects(resp, reverse("participation:team_detail", args=(self.team.pk,)), 302, 200) + self.team.participation.refresh_from_db() + self.assertIsNone(self.team.participation.valid) + + # Team did not ask validation + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="ValidateParticipationForm", + message="Bienvenue ça va être trop cool", + validate=True, + )) + self.assertEqual(resp.status_code, 200) + + self.team.participation.valid = False + self.team.participation.save() + + # Test validate team + resp = self.client.post(reverse("participation:team_detail", args=(self.team.pk,)), data=dict( + _form_type="ValidateParticipationForm", + message="Bienvenue ça va être trop cool", + validate=True, + )) + self.assertRedirects(resp, reverse("participation:team_detail", args=(self.team.pk,)), 302, 200) + self.team.participation.refresh_from_db() + self.assertTrue(self.team.participation.valid) + def test_update_team(self): """ Try to update team information. @@ -215,6 +391,7 @@ class TestStudentParticipation(TestCase): self.user.registration.team = self.team self.user.registration.save() + # Can't see the participation if it is not valid response = self.client.get(reverse("participation:my_participation_detail")) self.assertRedirects(response, reverse("participation:participation_detail", args=(self.team.participation.pk,)), @@ -230,6 +407,13 @@ class TestStudentParticipation(TestCase): response = self.client.get(reverse("participation:participation_detail", args=(self.team.participation.pk,))) self.assertEqual(response.status_code, 200) + # Can't see other participations + self.second_user.registration.team = self.second_team + self.second_user.registration.save() + self.client.force_login(self.second_user) + response = self.client.get(reverse("participation:participation_detail", args=(self.team.participation.pk,))) + self.assertEqual(response.status_code, 403) + def test_upload_video(self): """ Try to send a solution video link. diff --git a/apps/participation/views.py b/apps/participation/views.py index 95b0a75..064c25a 100644 --- a/apps/participation/views.py +++ b/apps/participation/views.py @@ -144,7 +144,8 @@ class TeamDetailView(LoginRequiredMixin, FormMixin, ProcessFormView, DetailView) user = request.user self.object = self.get_object() # Ensure that the user is an admin or a member of the team - if user.registration.is_admin or user.registration.participates and user.registration.team.pk == kwargs["pk"]: + if user.registration.is_admin or user.registration.participates and \ + user.registration.team and user.registration.team.pk == kwargs["pk"]: return super().get(request, *args, **kwargs) raise PermissionDenied @@ -171,7 +172,6 @@ class TeamDetailView(LoginRequiredMixin, FormMixin, ProcessFormView, DetailView) return RequestValidationForm elif self.request.POST["_form_type"] == "ValidateParticipationForm": return ValidateParticipationForm - return None def form_valid(self, form): self.object = self.get_object() @@ -182,6 +182,13 @@ class TeamDetailView(LoginRequiredMixin, FormMixin, ProcessFormView, DetailView) if self.object.participation.valid is not None: form.add_error(None, _("The validation of the team is already done or pending.")) return self.form_invalid(form) + if not (self.object.students.count() >= 3 and + all(r.email_confirmed for r in self.object.students.all()) and + all(r.photo_authorization for r in self.object.students.all()) and + self.object.participation.problem): + form.add_error(None, _("The team can't be validated: missing email address confirmations, " + "photo authorizations, people or the chosen problem is not set.")) + return self.form_invalid(form) self.object.participation.valid = False self.object.participation.save() @@ -218,7 +225,7 @@ class TeamDetailView(LoginRequiredMixin, FormMixin, ProcessFormView, DetailView) form.add_error(None, _("You must specify if you validate the registration or not.")) return self.form_invalid(form) - return super().form_invalid(form) + return super().form_valid(form) def get_success_url(self): return self.request.path @@ -347,6 +354,7 @@ class ParticipationDetailView(LoginRequiredMixin, DetailView): if not self.get_object().valid: raise PermissionDenied(_("The team is not validated yet.")) if user.registration.is_admin or user.registration.participates \ + and user.registration.team.participation \ and user.registration.team.participation.pk == kwargs["pk"]: return super().dispatch(request, *args, **kwargs) raise PermissionDenied