From 5cc57587aa46b6f54a4e5395b222279f6eddb27d Mon Sep 17 00:00:00 2001 From: Ross Date: Mon, 27 Nov 2023 12:08:45 +0000 Subject: [PATCH] fix a load of test --- anatomy/tests/test_anatomy_exams.py | 4 +- generic/templates/generic/cid_group_base.html | 33 ++++--- .../templates/generic/cidusergroup_form.html | 45 ++++----- generic/tests/test_trainees.py | 4 +- longs/tests/test_longs_exams.py | 4 +- rad/static/css/anatomy.css | 4 +- rad/tests/test_helpers.py | 4 +- rad/tests/test_user_access.py | 91 +++++++++++++++++++ rad/views.py | 13 ++- rapids/tests/test_rapids_exams.py | 4 +- rapids/tests/test_urls.py | 6 +- templates/accounts_bulk_create.html | 4 +- templates/cid_scores.html | 34 +++++-- templates/profile.html | 12 +-- templates/user_scores.html | 12 ++- templates/user_update_profile.html | 2 +- 16 files changed, 209 insertions(+), 67 deletions(-) diff --git a/anatomy/tests/test_anatomy_exams.py b/anatomy/tests/test_anatomy_exams.py index 3b8e01e3..6eca2334 100644 --- a/anatomy/tests/test_anatomy_exams.py +++ b/anatomy/tests/test_anatomy_exams.py @@ -300,11 +300,11 @@ def test_exams(db, client): search_exam = ( cid_scores_soup.find("div", {"id": "exam-assigned"}) .find("ul", {"class": exam.app_name}) - .find_all("li", attrs={"data-exam-id": exam.pk}) + .find("li", attrs={"data-exam-id": exam.pk}) ) assert search_exam assert exam.name in str(search_exam) - assert "Active" in str(search_exam) + assert len(search_exam.find("button", {"class": "start-button"})) > 0 # assert "Active" in assigned_exams # check it is active invalid_exam = cid_scores_soup.find_all( diff --git a/generic/templates/generic/cid_group_base.html b/generic/templates/generic/cid_group_base.html index bb1c837f..58307b9b 100644 --- a/generic/templates/generic/cid_group_base.html +++ b/generic/templates/generic/cid_group_base.html @@ -3,28 +3,33 @@ {% block navigation %} {{block.super}} -
- Group: {{group.name}}-> {% if group_type == "cid" %} +
+ Group: {{group.name}}-> {% if not group %} - Group / - Edit Users / - Edit Exams / - Delete + Group / + Edit Users / + Edit Exams / + Delete {% else %} - Group / - Edit Users / - Edit Exams / - Delete + Group / + Edit Users / + Edit Exams / + Delete {% endif %} {% else %} - Group / - Edit Users / - Edit Exams / - Delete + + {% if group %} +
+ Group: {{group.name}}-> + Group / + Edit Users / + Edit Exams / + Delete + {% endif %} {% endif %} {% endblock %} \ No newline at end of file diff --git a/generic/templates/generic/cidusergroup_form.html b/generic/templates/generic/cidusergroup_form.html index 87df0c35..a9e758ab 100755 --- a/generic/templates/generic/cidusergroup_form.html +++ b/generic/templates/generic/cidusergroup_form.html @@ -5,10 +5,10 @@ {% endblock %} {% block js %} -{{form.media}} + {{form.media}} - + {% endblock %} @@ -20,28 +20,31 @@

Add New Group

Use this form to create a CID user group. {% endif %} -
- {% csrf_token %} + + {% csrf_token %} - - {{ form.as_table }} -
- + + {{ form.as_table }} +
+ -

Users can be added to the group here

-

Users

+ {% if cidusergroup %} +

Users can be added to the group here

- - Count: {{cidusergroup.ciduser_set.count}} - +
+ Count: {{cidusergroup.ciduser_set.count}} + {% endif %} + + + {% endblock %} \ No newline at end of file diff --git a/generic/tests/test_trainees.py b/generic/tests/test_trainees.py index cf22c0f9..1bb17491 100644 --- a/generic/tests/test_trainees.py +++ b/generic/tests/test_trainees.py @@ -44,6 +44,7 @@ def test_trainee_stuff(client, create_cid_manager, create_users): print(UserProfile.objects.all().count()) assert UserProfile.objects.all().count() == 5 + print(UserProfile.objects.filter(peninsula_trainee=True)) assert UserProfile.objects.filter(peninsula_trainee=True).count() == 4 response = client.get(reverse(f"trainees")) @@ -59,9 +60,10 @@ def test_trainee_stuff(client, create_cid_manager, create_users): response = client.get(reverse(f"trainees")) assert response.status_code == 200 - trainee_rows = BeautifulSoup(response.content, "html.parser").find( + trainee_rows = BeautifulSoup(response.content, "html.parser").find_all( "tr", {"class": "trainee"} ) + print(trainee_rows) assert ( len(trainee_rows) == UserProfile.objects.filter(peninsula_trainee=True).count() diff --git a/longs/tests/test_longs_exams.py b/longs/tests/test_longs_exams.py index c7c96869..4fa29872 100644 --- a/longs/tests/test_longs_exams.py +++ b/longs/tests/test_longs_exams.py @@ -442,11 +442,11 @@ def test_exams(db, client): search_exam = ( cid_scores_soup.find("div", {"id": "exam-assigned"}) .find("ul", {"class": exam.app_name}) - .find_all("li", attrs={"data-exam-id": exam.pk}) + .find("li", attrs={"data-exam-id": exam.pk}) ) assert search_exam assert exam.name in str(search_exam) - assert "Active" in str(search_exam) + assert len(search_exam.find("button", {"class": "start-button"})) > 0 # assert "Active" in assigned_exams # check it is active invalid_exam = cid_scores_soup.find_all( diff --git a/rad/static/css/anatomy.css b/rad/static/css/anatomy.css index b7c9a798..9d4d8762 100644 --- a/rad/static/css/anatomy.css +++ b/rad/static/css/anatomy.css @@ -1057,7 +1057,7 @@ table .peninsula-trainee::before { user-select: none; } -.form-control { +.form-control, .form-control:focus, .form-control option { background-color: unset; color: unset -} \ No newline at end of file +} diff --git a/rad/tests/test_helpers.py b/rad/tests/test_helpers.py index bc708918..e57e9025 100644 --- a/rad/tests/test_helpers.py +++ b/rad/tests/test_helpers.py @@ -340,11 +340,11 @@ class ExamTester: search_exam = ( cid_scores_soup.find("div", {"id": "exam-assigned"}) .find("ul", {"class": self.exam.app_name.lower()}) - .find_all("li", attrs={"data-exam-id": self.exam.pk}) + .find("li", attrs={"data-exam-id": self.exam.pk}) ) assert search_exam assert self.exam.name in str(search_exam) - assert "Active" in str(search_exam) + assert len(search_exam.find("button", {"class": "start-button"})) > 0 # assert "Active" in assigned_exams # check it is active invalid_exam = cid_scores_soup.find_all( diff --git a/rad/tests/test_user_access.py b/rad/tests/test_user_access.py index e69de29b..39a64d00 100644 --- a/rad/tests/test_user_access.py +++ b/rad/tests/test_user_access.py @@ -0,0 +1,91 @@ + +from django.urls import reverse + +from rich.pretty import pprint + +from bs4 import BeautifulSoup + +from django.contrib.auth.models import Group +import pytest + + +@pytest.fixture +def create_users(db, django_user_model): + user1 = django_user_model.objects.create_user( + "user1", "user1@user.com", "password" + ) + user2 = django_user_model.objects.create_user( + "user2", "user2@user.com", "password" + ) + #g = Group.objects.create(name="cid_user_manager") + #g.save() + #user.groups.add(g) + return user1, user2 + +@pytest.fixture +def create_cid_manager(db, django_user_model): + user = django_user_model.objects.create_user( + "cid_user", "cid@user.com", "password1234" + ) + g = Group.objects.create(name="cid_user_manager") + g.save() + user.groups.add(g) + return user + +def test_profile_access_and_management(db, client, create_users, create_cid_manager): + + response = client.get(reverse(f"profile")) + + # should redirect to login page + assert response.status_code == 302 + assert "accounts/login/" in response.url + # Test login + + client.login(username="user1", password="password") + + response = client.get(reverse(f"profile")) + + assert response.status_code == 200 + + soup = BeautifulSoup(response.content, "html.parser") + + assert soup.find(id="username").text == "user1" + assert soup.find(id="email").text == "user1@user.com" + + # Check the links to change password and update profile + password_url = soup.find(id="password-change")["href"] + print(password_url) + password_change_response = client.get(password_url) + assert password_change_response.status_code == 200 + + password_soup = BeautifulSoup(password_change_response.content, "html.parser") + assert "Old password" in password_soup.text + assert "New password" in password_soup.text + + update_profile = soup.find(id="update-profile-link")["href"] + + assert update_profile == reverse("account_profile_update", kwargs={"slug": "user1"}) + + # check we can't access another users profile + response_fail = client.get(reverse("account_profile_update", kwargs={"slug": "user2"})) + assert response_fail.status_code == 404 + print(response_fail.content) + + # And that we can access our own + update_profile_response = client.get(reverse("account_profile_update", kwargs={"slug": "user1"})) + assert update_profile_response.status_code == 200 + + assert "peninsula_trainee" not in BeautifulSoup(update_profile_response.content, "html.parser").text + + update_response = client.post(reverse("account_profile_update", kwargs={"slug": "user1"}), { + "registration_number": 1234567 + }) + assert update_response.status_code == 302 + # we reirect back to profile page on form submission + assert update_response.url == reverse("profile") + + # check that the form has updated + update_profile_response = client.get(reverse("account_profile_update", kwargs={"slug": "user1"})) + assert BeautifulSoup(update_profile_response.content, "html.parser").find(id="id_registration_number")["value"] + + diff --git a/rad/views.py b/rad/views.py index ce28068e..3c3b343e 100644 --- a/rad/views.py +++ b/rad/views.py @@ -636,6 +636,8 @@ class UpdateUserProfileView(UpdateView): if request.user.is_superuser or request.user.groups.filter(name="cid_user_manager").exists(): self.fields = ["supervisor", "grade", "registration_number", "peninsula_trainee"] # Check permissions for the request.user here + elif request.user != self.get_object().user: + raise Http404 elif request.user.userprofile.peninsula_trainee: self.fields = ["supervisor", "grade", "registration_number"] @@ -645,9 +647,14 @@ class UpdateUserProfileView(UpdateView): def get_success_url(self): - view_name = "account_profile" - # No need for reverse_lazy here, because it's called inside the method - return reverse(view_name, kwargs={"slug": self.object.username}) + if self.request.user.is_superuser or self.request.user.groups.filter(name="cid_user_manager").exists(): + view_name = "account_profile" + # No need for reverse_lazy here, because it's called inside the method + return reverse(view_name, kwargs={"slug": self.object.username}) + else: + return reverse("profile") + + # class UpdateUser(TemplateView): # diff --git a/rapids/tests/test_rapids_exams.py b/rapids/tests/test_rapids_exams.py index 418635f0..4feadba6 100644 --- a/rapids/tests/test_rapids_exams.py +++ b/rapids/tests/test_rapids_exams.py @@ -332,11 +332,11 @@ def test_exams(db, client): search_exam = ( cid_scores_soup.find("div", {"id": "exam-assigned"}) .find("ul", {"class": exam.app_name}) - .find_all("li", attrs={"data-exam-id": exam.pk}) + .find("li", attrs={"data-exam-id": exam.pk}) ) assert search_exam assert exam.name in str(search_exam) - assert "Active" in str(search_exam) + assert len(search_exam.find("button", {"class": "start-button"})) > 0 # assert "Active" in assigned_exams # check it is active invalid_exam = cid_scores_soup.find_all( diff --git a/rapids/tests/test_urls.py b/rapids/tests/test_urls.py index fe06831d..712e2a0b 100644 --- a/rapids/tests/test_urls.py +++ b/rapids/tests/test_urls.py @@ -241,7 +241,10 @@ def test_cid_management(client, create_cid_manager, django_user_model): for url in urls: response = client.get(url) - assert response.status_code == 403 + if response.status_code == 302: + assert "accounts/login/" in response.url + else: + assert response.status_code == 403 pass @@ -250,6 +253,7 @@ def test_cid_management(client, create_cid_manager, django_user_model): client.force_login(cid_manager) for url in urls: + print(url) response = client.get(url) assert response.status_code == 200 diff --git a/templates/accounts_bulk_create.html b/templates/accounts_bulk_create.html index 64402909..7aaeac18 100644 --- a/templates/accounts_bulk_create.html +++ b/templates/accounts_bulk_create.html @@ -26,8 +26,8 @@ - - + +
First nameLast nameEmailGradeSupervisorSupervisor email
name 1last name 1email1@email.comgrade 1supervisor 1Supervisor@email.com
name 2last name 2email2@email.comgrade 2supervisor 2Supervisor2@email.com
name 1last name 1email1@email.comST1supervisor 1Supervisor@email.com
name 2last name 2email2@email.comST2supervisor 2Supervisor2@email.com
diff --git a/templates/cid_scores.html b/templates/cid_scores.html index 781973c5..d7f89e1f 100644 --- a/templates/cid_scores.html +++ b/templates/cid_scores.html @@ -3,16 +3,38 @@ {% block content %}

CID: {{ cid }}

+

Assigned exams

The following exams will be available to take when active. {% for exam_type, exams in available_exams %} -

{{exam_type|title}}

- + {% if exams %} +

{{exam_type|title}}

+
    + {% for exam in exams %} +
  • {{exam.name}} + {% if exam.active %} + + + + {% endif %} + {% if exam.publish_results %} + + + + {% endif %} +
  • + {% endfor %} +
+ {% endif %} {% endfor %}
diff --git a/templates/profile.html b/templates/profile.html index 8ee02904..e9540f26 100644 --- a/templates/profile.html +++ b/templates/profile.html @@ -5,14 +5,14 @@

Profile

- Username: {{ user.username }} + Username: {{ user.username }}
- Email: {{ user.email }} + Email: {{ user.email }}
- Name: {{ user.first_name }} - {{ user.last_name }} + Name: {{ user.first_name }} + {{ user.last_name }}
Grade: {{ user.userprofile.grade }} @@ -54,11 +54,11 @@

- Change password + Change password {% if request.user|has_group:"cid_user_manager" %} Update user details {% endif %} - Update user profile + Update user profile
{% endblock %} \ No newline at end of file diff --git a/templates/user_scores.html b/templates/user_scores.html index b87505c5..9b1a135e 100644 --- a/templates/user_scores.html +++ b/templates/user_scores.html @@ -21,8 +21,16 @@ diff --git a/templates/user_update_profile.html b/templates/user_update_profile.html index 932d7203..925ec5c6 100644 --- a/templates/user_update_profile.html +++ b/templates/user_update_profile.html @@ -4,7 +4,7 @@ {% block content %}

Editing user: {{object.username}}

- This form allows you to edit additional user details. + This form allows you to edit your profile details. If your supervisor is not available on the system please contact: ross.kruger@nhs.net. {% if request.user|has_group:"cid_user_manager" %} Name and emails can be edited here