add unit tests for user-facing front-end-permission views

2026-04-28 18:44:50 +00:00 · 2014-06-12 12:58:12 +01:00 · 2014-06-12 12:58:12 +01:00 · 00942c9de7
commit 00942c9de7
parent 4c35928092
4 changed files with 94 additions and 3 deletions
--- a/wagtail/tests/fixtures/test.json
+++ b/wagtail/tests/fixtures/test.json
@ -312,7 +312,7 @@
        "show_in_menus": true,
        "live": true,
        "depth": 4,
-        "content_type": ["tests", "simplepage"],
+        "content_type": ["tests", "eventpage"],
        "path": "0001000100050001",
        "url_path": "/home/secret-plans/steal-underpants/",
        "slug": "steal-underpants"
@ -320,9 +320,13 @@
 },
 {
    "pk": 12,
-    "model": "tests.simplepage",
+    "model": "tests.eventpage",
    "fields": {
-        "content": "<p>it's really important for something</p>"
+        "date_from": "2015-07-04",
+        "audience": "private",
+        "location": "Marks and Spencer",
+        "body": "<p>meet in the menswear department at noon</p>",
+        "cost": "free"
    }
 },

--- a/wagtail/tests/models.py
+++ b/wagtail/tests/models.py
@ -179,6 +179,8 @@ class EventPage(Page):
    indexed_fields = ('get_audience_display', 'location', 'body')
    search_name = "Event"

+    password_required_template = 'tests/event_page_password_required.html'
+
 EventPage.content_panels = [
    FieldPanel('title', classname="full title"),
    FieldPanel('date_from'),
--- a/wagtail/tests/templates/tests/event_page_password_required.html
+++ b/wagtail/tests/templates/tests/event_page_password_required.html
@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<html>
+    <head>
+        <title>{{ self.title }}</title>
+    </head>
+    <body>
+        <h1>{{ self.title }}</h1>
+        <p>This event is invitation only. Please enter your password to see the details.</p>
+        <form action="{{ action_url }}" method="POST">
+            {% csrf_token %}
+            {{ form.as_p }}
+            <input type="submit" value="Continue" />
+        </form>
+    </body>
+</html>
--- a/wagtail/wagtailcore/tests/test_page_privacy.py
+++ b/wagtail/wagtailcore/tests/test_page_privacy.py
@ -0,0 +1,70 @@
+from django.test import TestCase
+from wagtail.wagtailcore.models import Page, PageViewRestriction
+
+
+class TestPagePrivacy(TestCase):
+    fixtures = ['test.json']
+
+    def setUp(self):
+        self.secret_plans_page = Page.objects.get(url_path='/home/secret-plans/')
+        self.view_restriction = PageViewRestriction.objects.get(
+            page=self.secret_plans_page)
+
+    def test_anonymous_user_must_authenticate(self):
+        response = self.client.get('/secret-plans/')
+        self.assertEqual(response.templates[0].name, 'wagtailcore/password_required.html')
+
+        submit_url = "/_util/authenticate_with_password/%d/%d/" % (self.view_restriction.id, self.secret_plans_page.id)
+        self.assertContains(response, '<form action="%s"' % submit_url)
+        self.assertContains(response, '<input id="id_return_url" name="return_url" type="hidden" value="/secret-plans/" />')
+
+        # posting the wrong password should redisplay the password page
+        response = self.client.post(submit_url, {
+            'password': 'wrongpassword',
+            'return_url': '/secret-plans/',
+        })
+        self.assertEqual(response.templates[0].name, 'wagtailcore/password_required.html')
+        self.assertContains(response, '<form action="%s"' % submit_url)
+
+        # posting the correct password should redirect back to return_url
+        response = self.client.post(submit_url, {
+            'password': 'swordfish',
+            'return_url': '/secret-plans/',
+        })
+        self.assertRedirects(response, '/secret-plans/')
+
+        # now requests to /secret-plans/ should pass authentication
+        response = self.client.get('/secret-plans/')
+        self.assertEqual(response.templates[0].name, 'tests/simple_page.html')
+
+
+    def test_view_restrictions_apply_to_subpages(self):
+        underpants_page = Page.objects.get(url_path='/home/secret-plans/steal-underpants/')
+        response = self.client.get('/secret-plans/steal-underpants/')
+
+        # check that we're overriding the default password_required template for this page type
+        self.assertEqual(response.templates[0].name, 'tests/event_page_password_required.html')
+
+        submit_url = "/_util/authenticate_with_password/%d/%d/" % (self.view_restriction.id, underpants_page.id)
+        self.assertContains(response, '<title>Steal underpants</title>')
+        self.assertContains(response, '<form action="%s"' % submit_url)
+        self.assertContains(response, '<input id="id_return_url" name="return_url" type="hidden" value="/secret-plans/steal-underpants/" />')
+
+        # posting the wrong password should redisplay the password page
+        response = self.client.post(submit_url, {
+            'password': 'wrongpassword',
+            'return_url': '/secret-plans/steal-underpants/',
+        })
+        self.assertEqual(response.templates[0].name, 'tests/event_page_password_required.html')
+        self.assertContains(response, '<form action="%s"' % submit_url)
+
+        # posting the correct password should redirect back to return_url
+        response = self.client.post(submit_url, {
+            'password': 'swordfish',
+            'return_url': '/secret-plans/steal-underpants/',
+        })
+        self.assertRedirects(response, '/secret-plans/steal-underpants/')
+
+        # now requests to /secret-plans/ should pass authentication
+        response = self.client.get('/secret-plans/steal-underpants/')
+        self.assertEqual(response.templates[0].name, 'tests/event_page.html')