keep tring
This commit is contained in:
@@ -145,11 +145,9 @@
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" href="{% url 'atlas:question_schema_overview' %}" title="View and edit question schemas"><i class="bi bi-journal-text me-1" aria-hidden="true"></i>Question Schemas</a>
|
||||
</li>
|
||||
{% if request.user.is_staff %}
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" href="{% url 'atlas:multiuser_dashboard' %}" title="Multiuser case sync and review"><i class="bi bi-people me-1" aria-hidden="true"></i>Multiuser Sync</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" href="{% url 'atlas:help' %}" title="View the atlas help pages"><i class="bi bi-question-circle me-1" aria-hidden="true"></i>Help</a>
|
||||
</li>
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
|
||||
<div class="row">
|
||||
<!-- Sidebar: Start a new session -->
|
||||
{% if request.user.is_staff %}
|
||||
<div class="col-md-4 mb-4">
|
||||
<div class="card shadow-sm border-secondary">
|
||||
<div class="card-header bg-dark text-white fw-bold">
|
||||
@@ -34,9 +35,11 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<!-- Main content: Sessions list -->
|
||||
<div class="col-md-8">
|
||||
<div class="{% if request.user.is_staff %}col-md-8{% else %}col-12{% endif %}">
|
||||
{% if request.user.is_staff %}
|
||||
<!-- My Sessions -->
|
||||
<div class="card shadow-sm mb-4 bg-dark text-white border-secondary">
|
||||
<div class="card-header bg-secondary text-white fw-bold">
|
||||
@@ -88,6 +91,7 @@
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<!-- Active public sessions -->
|
||||
<div class="card shadow-sm bg-dark text-white border-secondary">
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import pytest
|
||||
from django.urls import reverse
|
||||
from django.contrib.auth import get_user_model
|
||||
from atlas.models import Case, MultiuserSession
|
||||
from pytest_django.asserts import assertContains, assertRedirects
|
||||
|
||||
@@ -21,11 +22,14 @@ def test_multiuser_dashboard_view_anonymous_redirect(client):
|
||||
assertRedirects(response, f"{reverse('login')}?next={reverse('atlas:multiuser_dashboard')}")
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiuser_dashboard_lists_sessions(client, create_user):
|
||||
def test_multiuser_dashboard_lists_sessions_staff(client, create_user):
|
||||
user = create_user
|
||||
user.is_staff = True
|
||||
user.save()
|
||||
session1 = MultiuserSession.objects.create(name="User Session 1", creator=user)
|
||||
|
||||
other_user = create_user
|
||||
User = get_user_model()
|
||||
other_user = User.objects.create_user(username="other", password="password", email="other@test.com")
|
||||
session2 = MultiuserSession.objects.create(name="Other Session 2", creator=other_user)
|
||||
|
||||
client.force_login(user)
|
||||
@@ -35,18 +39,46 @@ def test_multiuser_dashboard_lists_sessions(client, create_user):
|
||||
assertContains(response, "Other Session 2")
|
||||
assertContains(response, "Start New Session")
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiuser_dashboard_lists_sessions_non_staff(client, create_user):
|
||||
user = create_user
|
||||
|
||||
User = get_user_model()
|
||||
other_user = User.objects.create_user(username="other", password="password", email="other@test.com")
|
||||
other_user.is_staff = True
|
||||
other_user.save()
|
||||
session2 = MultiuserSession.objects.create(name="Other Session 2", creator=other_user)
|
||||
|
||||
client.force_login(user)
|
||||
response = client.get(reverse("atlas:multiuser_dashboard"))
|
||||
assert response.status_code == 200
|
||||
assertContains(response, "Other Session 2")
|
||||
assert "Start New Session" not in response.content.decode("utf-8")
|
||||
assert "Sessions You Managed" not in response.content.decode("utf-8")
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiuser_create_session_action(client, create_user):
|
||||
client.force_login(create_user)
|
||||
user = create_user
|
||||
user.is_staff = True
|
||||
user.save()
|
||||
client.force_login(user)
|
||||
response = client.post(reverse("atlas:multiuser_create_session"), data={"name": "My New Session"})
|
||||
|
||||
session = MultiuserSession.objects.get(name="My New Session")
|
||||
assertRedirects(response, reverse("atlas:multiuser_session_detail", kwargs={"session_id": session.id}))
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiuser_session_detail_manager_vs_participant(client, create_user):
|
||||
manager = create_user
|
||||
participant = create_user
|
||||
def test_multiuser_create_session_action_non_staff_denied(client, create_user):
|
||||
user = create_user
|
||||
client.force_login(user)
|
||||
response = client.post(reverse("atlas:multiuser_create_session"), data={"name": "Denied Session"})
|
||||
assert response.status_code == 302 # Redirected to admin login page because of @staff_member_required
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiuser_session_detail_manager_vs_participant(client):
|
||||
User = get_user_model()
|
||||
manager = User.objects.create_user(username="manager", password="password", email="manager@test.com")
|
||||
participant = User.objects.create_user(username="participant", password="password", email="participant@test.com")
|
||||
session = MultiuserSession.objects.create(name="Collaboration Session", creator=manager)
|
||||
|
||||
# Manager view
|
||||
@@ -64,9 +96,10 @@ def test_multiuser_session_detail_manager_vs_participant(client, create_user):
|
||||
assertContains(response, "You are viewing this session in real-time")
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiuser_search_cases_permission(client, create_user):
|
||||
manager = create_user
|
||||
participant = create_user
|
||||
def test_multiuser_search_cases_permission(client):
|
||||
User = get_user_model()
|
||||
manager = User.objects.create_user(username="manager", password="password", email="manager@test.com")
|
||||
participant = User.objects.create_user(username="participant", password="password", email="participant@test.com")
|
||||
session = MultiuserSession.objects.create(name="Search Session", creator=manager)
|
||||
|
||||
# Participant cannot search
|
||||
@@ -80,9 +113,10 @@ def test_multiuser_search_cases_permission(client, create_user):
|
||||
assert response.status_code == 200
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiuser_load_case_action(client, create_user, make_case):
|
||||
manager = create_user
|
||||
participant = create_user
|
||||
def test_multiuser_load_case_action(client, make_case):
|
||||
User = get_user_model()
|
||||
manager = User.objects.create_user(username="manager", password="password", email="manager@test.com")
|
||||
participant = User.objects.create_user(username="participant", password="password", email="participant@test.com")
|
||||
session = MultiuserSession.objects.create(name="Load Case Session", creator=manager)
|
||||
|
||||
case = make_case(title="Multiuser Dicom Case")
|
||||
|
||||
+5
-5
@@ -10480,7 +10480,7 @@ def collection_case_displaysetup(request, collection_id, case_number=None, case_
|
||||
})
|
||||
|
||||
|
||||
@staff_member_required
|
||||
@login_required
|
||||
def multiuser_dashboard(request):
|
||||
import datetime
|
||||
from django.utils import timezone
|
||||
@@ -10505,7 +10505,7 @@ def multiuser_create_session(request):
|
||||
return redirect("atlas:multiuser_session_detail", session_id=session.id)
|
||||
|
||||
|
||||
@staff_member_required
|
||||
@login_required
|
||||
def multiuser_session_detail(request, session_id):
|
||||
session = get_object_or_404(MultiuserSession, id=session_id)
|
||||
is_manager = (request.user == session.creator)
|
||||
@@ -10517,7 +10517,7 @@ def multiuser_session_detail(request, session_id):
|
||||
})
|
||||
|
||||
|
||||
@staff_member_required
|
||||
@login_required
|
||||
def multiuser_search_cases(request, session_id):
|
||||
from django.http import HttpResponseForbidden
|
||||
session = get_object_or_404(MultiuserSession, id=session_id)
|
||||
@@ -10537,7 +10537,7 @@ def multiuser_search_cases(request, session_id):
|
||||
})
|
||||
|
||||
|
||||
@staff_member_required
|
||||
@login_required
|
||||
def multiuser_case_content_partial(request, session_id):
|
||||
session = get_object_or_404(MultiuserSession, id=session_id)
|
||||
case = session.active_case
|
||||
@@ -10558,7 +10558,7 @@ def multiuser_case_content_partial(request, session_id):
|
||||
})
|
||||
|
||||
|
||||
@staff_member_required
|
||||
@login_required
|
||||
@require_POST
|
||||
def multiuser_load_case(request, session_id):
|
||||
from django.http import HttpResponseForbidden
|
||||
|
||||
@@ -8,7 +8,7 @@ DEBUG = False
|
||||
|
||||
# Local Postgres defaults align with docker-compose.test.yml.
|
||||
DATABASES["default"] = {
|
||||
"ENGINE": "django.db.backends.postgresql",
|
||||
"ENGINE": os.environ.get("TEST_DB_ENGINE", "django.db.backends.postgresql"),
|
||||
"NAME": os.environ.get("TEST_DB_NAME", os.environ.get("POSTGRES_DB", "rad")),
|
||||
"USER": os.environ.get("TEST_DB_USER", os.environ.get("POSTGRES_USER", "django")),
|
||||
"PASSWORD": os.environ.get("TEST_DB_PASSWORD", os.environ.get("POSTGRES_PASSWORD", "postgres")),
|
||||
|
||||
Reference in New Issue
Block a user