Files
penracourses/rad/tests/test_user_access.py
T
Ross 63ea4cdf23 Add downsample series functionality and related UI updates
- Implemented asynchronous downsample task for series with progress tracking.
- Added new URL endpoint for downsample status.
- Updated Series model to include source_series_instance_uid.
- Enhanced case display template with new buttons for series actions.
- Added password reset functionality in user profile with appropriate alerts.
- Created migration for new source_series_instance_uid field in Series model.
2026-05-18 16:20:38 +01:00

143 lines
4.6 KiB
Python

from django.urls import reverse
from django.core import mail
from rich.pretty import pprint
from bs4 import BeautifulSoup
from django.contrib.auth.models import Group
import pytest
@pytest.fixture
def create_users(db, django_user_model):
user1 = django_user_model.objects.create_user(
"user1", "user1@user.com", "password"
)
user2 = django_user_model.objects.create_user(
"user2", "user2@user.com", "password"
)
#g = Group.objects.create(name="cid_user_manager")
#g.save()
#user.groups.add(g)
return user1, user2
@pytest.fixture
def create_cid_manager(db, django_user_model):
user = django_user_model.objects.create_user(
"cid_user", "cid@user.com", "password1234"
)
g = Group.objects.create(name="cid_user_manager")
g.save()
user.groups.add(g)
return user
def test_profile_access_and_management(db, client, create_users, create_cid_manager):
response = client.get(reverse(f"profile"))
# should redirect to login page
assert response.status_code == 302
assert "accounts/login/" in response.url
# Test login
client.login(username="user1", password="password")
response = client.get(reverse(f"profile"))
assert response.status_code == 200
soup = BeautifulSoup(response.content, "html.parser")
assert soup.find(id="username").text == "user1"
assert soup.find(id="email").text == "user1@user.com"
# Check the links to change password and update profile
password_url = soup.find(id="password-change")["href"]
print(password_url)
password_change_response = client.get(password_url)
assert password_change_response.status_code == 200
password_soup = BeautifulSoup(password_change_response.content, "html.parser")
assert "Old password" in password_soup.text
assert "New password" in password_soup.text
update_profile = soup.find(id="update-profile-link")["href"]
assert update_profile == reverse("account_profile_update", kwargs={"slug": "user1"})
# check we can't access another users profile
response_fail = client.get(reverse("account_profile_update", kwargs={"slug": "user2"}))
assert response_fail.status_code == 404
print(response_fail.content)
# And that we can access our own
update_profile_response = client.get(reverse("account_profile_update", kwargs={"slug": "user1"}))
assert update_profile_response.status_code == 200
assert "peninsula_trainee" not in BeautifulSoup(update_profile_response.content, "html.parser").text
update_response = client.post(reverse("account_profile_update", kwargs={"slug": "user1"}), {
"registration_number": 1234567
})
assert update_response.status_code == 302
# we reirect back to profile page on form submission
assert update_response.url == reverse("profile")
# check that the form has updated
update_profile_response = client.get(reverse("account_profile_update", kwargs={"slug": "user1"}))
assert BeautifulSoup(update_profile_response.content, "html.parser").find(id="id_registration_number")["value"]
@pytest.mark.django_db
def test_create_user_reuses_existing_account(client, create_cid_manager, django_user_model):
existing_user = django_user_model.objects.create_user(
username="existing@example.com",
email="existing@example.com",
password="password123",
first_name="Old",
last_name="Name",
)
client.force_login(create_cid_manager)
response = client.post(
reverse("create_user"),
{
"username": "existing@example.com",
"first_name": "Updated",
"last_name": "User",
"grade": "",
},
)
assert response.status_code == 302
assert response.url == reverse("accounts_list")
existing_user.refresh_from_db()
assert existing_user.first_name == "Updated"
assert existing_user.last_name == "User"
@pytest.mark.django_db
def test_cid_manager_can_send_password_reset_from_account_profile(client, create_cid_manager, django_user_model):
managed_user = django_user_model.objects.create_user(
username="managed-user",
email="managed@example.com",
password="password123",
)
client.force_login(create_cid_manager)
response = client.post(
reverse("account_send_password_reset", kwargs={"slug": managed_user.username}),
{"next": reverse("account_profile", kwargs={"slug": managed_user.username})},
)
assert response.status_code == 302
assert "password_reset_action=sent" in response.url
assert len(mail.outbox) == 1
assert mail.outbox[0].to == ["managed@example.com"]