ynerant/plateforme-corres2math
1
0
Fork 0
mirror of https://gitlab.com/animath/si/plateforme-corres2math.git synced 2025-02-11 17:41:18 +00:00
Code Issues Releases Wiki Activity

Test user impersonification

Browse Source
This commit is contained in:
Yohann D'ANELLO 2020-11-02 12:08:01 +01:00
parent 5fc46e74d2
commit 62b883467c
2 changed files with 25 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
apps/registration/tests.py
View File

@ -18,6 +18,13 @@ class TestIndexPage(TestCase):
response = self.client.get(reverse("index")) response = self.client.get(reverse("index"))
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
def test_not_authenticated(self):
"""
Try to load some pages without being authenticated.
"""
response = self.client.get(reverse("registration:reset_admin"))
self.assertRedirects(response, reverse("login") + "?next=" + reverse("registration:reset_admin"), 302, 200)
class TestRegistration(TestCase): class TestRegistration(TestCase):
def setUp(self) -> None: def setUp(self) -> None:
@ -255,6 +262,23 @@ class TestRegistration(TestCase):
self.assertEqual(response.status_code, 403) self.assertEqual(response.status_code, 403)
os.remove("media/authorization/photo/example") os.remove("media/authorization/photo/example")
def test_impersonate(self):
"""
Admin can impersonate other people to act as them.
"""
response = self.client.get(reverse("registration:user_impersonate", args=(0x7ffff42ff,)))
self.assertEqual(response.status_code, 404)
# Impersonate student account
response = self.client.get(reverse("registration:user_impersonate", args=(self.student.pk,)))
self.assertRedirects(response, reverse("registration:user_detail", args=(self.student.pk,)), 302, 200)
self.assertEqual(self.client.session["_fake_user_id"], self.student.id)
# Reset admin view
response = self.client.get(reverse("registration:reset_admin"))
self.assertRedirects(response, reverse("index"), 302, 200)
self.assertFalse("_fake_user_id" in self.client.session)
def test_string_render(self): def test_string_render(self):
# TODO These string field tests will be removed when used in a template # TODO These string field tests will be removed when used in a template
self.assertRaises(NotImplementedError, lambda: Registration().type) self.assertRaises(NotImplementedError, lambda: Registration().type)

3
apps/registration/views.py
View File

@ -256,7 +256,6 @@ class UserImpersonateView(LoginRequiredMixin, RedirectView):
session = request.session session = request.session
session["admin"] = request.user.pk session["admin"] = request.user.pk
session["_fake_user_id"] = kwargs["pk"] session["_fake_user_id"] = kwargs["pk"]
return redirect(request.path)
return super().dispatch(request, *args, **kwargs) return super().dispatch(request, *args, **kwargs)
def get_redirect_url(self, *args, **kwargs): def get_redirect_url(self, *args, **kwargs):
@ -274,4 +273,4 @@ class ResetAdminView(LoginRequiredMixin, View):
return self.handle_no_permission() return self.handle_no_permission()
if "_fake_user_id" in request.session: if "_fake_user_id" in request.session:
del request.session["_fake_user_id"] del request.session["_fake_user_id"]
return redirect(request.GET.get("path", "/")) return redirect(request.GET.get("path", reverse_lazy("index")))