troggle-unchained/core/TESTS/tests_logins.py

"""
Originally written for CUYC 
Philip Sargent (Feb.2021)

Modified for Expo April 2021.
"""

import unittest
import re
from django.test import TestCase, SimpleTestCase, TransactionTestCase, Client

             

class DataTests(TestCase ):
    '''These check that the NULL and NON-UNIQUE constraints are working in the database '''
    @classmethod
    def setUpTestData(cls):
        pass

    def setUp(self):
        from django.contrib.auth.models import User
        u = User()
        u.pk = 9000
        u.user_id = 8000 
        u.username, u.password ='stinker', 'secretword'      
        u.email='philip.sargent+SP@gmail.com'
        u.first_name, u.last_name ='Stinker', 'Pinker'
        u.save()
        self.user = u
        
    def tearDown(self):
        #self.member.delete() # must delete member before user
        #self.user.delete() # horrible crash, why?
        pass
        
class FixturePageTests(TestCase):
    # The fixtures have a password hash which is compatible with plain-text password 'secretword'
    fixtures = ['auth_users']

    def setUp(self):
        from django.contrib.auth.models import User
        self.user = User.objects.get(username='expotest')
 
    def tearDown(self):
        pass

    def test_fix_admin_login_fail(self):
        c = self.client
        from django.contrib.auth.models import User
        u = User.objects.get(username='expotest')
         
        self.assertTrue(u.is_active, 'User \'' + u.username + '\' is INACTIVE')
        
        logged_in = c.login(username=u.username, password='secretword') # fails to work if password=u.password !
        self.assertTrue(logged_in, 'FAILED to login as \'' + u.username + '\'')

        response = c.get('/admin/')
        content = response.content.decode()
        # with open('admin-op.html', 'w') as f: 
            # f.write(content) 
        t    = re.search(r'Troggle administration', content)
        self.assertIsNone(t, 'Logged in as \'' + u.username + '\' (not staff) but still managed to get the Admin page' )


class ComplexLoginTests(TestCase):
    '''These test the login and capabilities of logged-in users, they do not use fixtures'''
    def setUp(self):
        '''setUp runs once for each test in this class'''
        from django.contrib.auth.models import User

        u = User()
        u.pk = 9000
        u.user_id = 8000 
        u.username, u.password ='expotest', 'secretword'      
        u.email='philip.sargent+ET@gmail.com'
        u.first_name, u.last_name ='ExpoTest', 'Caver'
        u.is_staff = True
        u.is_superuser = True
        
        u.set_password(u.password) # This creates a new salt and thus a new key for EACH test
        u.save() # vital that we save all this before attempting login
        #print ('\n',u.password)
        self.user = u
                
    def tearDown(self):
        self.client.logout() # not needed as each test creates a new self.client
        #self.member.delete() 
        ##self.user.delete() # id attribute set to None !
        pass

    # def test_login_redirect_for_non_logged_on_user(self): # need to fix this in real system
        # c = self.client
        # # Need to login first. Tests that we are redirected to login page if not logged in
        # response = c.get('noinfo/cave-number-index')
        # self.assertRedirects(response, "/login/?next=/committee/appointments/")

    def test_ordinary_login(self):
        c = self.client
        u = self.user
        
        self.assertTrue(u.is_active, 'User \'' + u.username + '\' is INACTIVE')
        
        logged_in = c.login(username=u.username, password='secretword') # fails to work if password=u.password !
        self.assertTrue(logged_in, 'FAILED to login as \'' + u.username + '\'')
        
        response = c.get('/accounts/login/') # defined by auth system
        content = response.content.decode()
        t    = re.search(r'You are now logged in', content)
        self.assertIsNotNone(t, 'Logged in as \'' + u.username + '\' but failed to get \'Now you can\' greeting' )

    def test_authentication_login(self):
        c = self.client
        u = self.user
        
        self.assertTrue(u.is_active, 'User \'' + u.username + '\' is INACTIVE')
        
        # This is weird. I thought that the user had to login before she was in the authenticated state
        self.assertTrue(u.is_authenticated, 'User \'' + u.username + '\' is NOT AUTHENTICATED before login')
        
        logged_in = c.login(username=u.username, password='secretword') # fails to work if password=u.password !
        self.assertTrue(logged_in, 'FAILED to login as \'' + u.username + '\'')

        self.assertTrue(u.is_authenticated, 'User \'' + u.username + '\' is NOT AUTHENTICATED after login')
        
        # c.logout() # This next test always means user is still authenticated after logout. Surely not?
        # self.assertFalse(u.is_authenticated, 'User \'' + u.username + '\' is STILL AUTHENTICATED after logout')
  
    def test_admin_login(self):
        c = self.client
        u = self.user

        logged_in = c.login(username=u.username, password='secretword') # fails to work if password=u.password !
        self.assertTrue(logged_in, 'FAILED to login as \'' + u.username + '\'')

        response = c.get('/admin/')
        content = response.content.decode()
        # with open('admin-op.html', 'w') as f: 
            # f.write(content) 
        t    = re.search(r'Troggle administration', content)
        self.assertIsNotNone(t, 'Logged in as \'' + u.username + '\' but failed to get the Troggle Admin page' )

    def test_noinfo_login(self):
        from django.contrib.auth.models import User
        c  = self.client # inherited from TestCase
        u  = self.user

        logged_in = c.login(username=u.username, password='secretword') # fails if password=u.password !
        self.assertTrue(logged_in, 'FAILED to login as \'' + u.username + '\'')
        response = c.get('/stats') # a page with the Troggle menus
        content = response.content.decode()
        t    = re.search(r'User\:expotest', content)
        self.assertIsNotNone(t, 'Logged in as \'' + u.username + '\' but failed to get \'User:expotest\' heading' )

        response = c.get('/noinfo/cave-number-index')
        content = response.content.decode()
        t    = re.search(r'2001-07 Hoffnungschacht', content)
        self.assertIsNotNone(t, 'Logged in as \'' + u.username + '\' but failed to get /noinfo/ content')
          
    def test_user_force(self):
        from django.conf import settings 
        c = self.client
        u = self.user
        
        try:
            c.force_login(u)
        except:
            self.assertIsNotNone(None, 'Unexpected exception trying to force_login as \'' + u.username + '\' but failed (Bad Django documentation?)')

        response = c.get('/stats') # a page with the Troggle menus
        content = response.content.decode()
        t    = re.search(r'Log out', content)
        self.assertIsNotNone(t, 'Forced logged in as \'' + u.username + '\' but failed to get Log out heading' )

        response = c.get('/accounts/login/')
        content = response.content.decode()
        t    = re.search(r'You are now logged in', content)
        self.assertIsNotNone(t, 'Forced logged in as \'' + u.username + '\' but failed to get /accounts/profile/ content')