PageRenderTime 57ms CodeModel.GetById 45ms app.highlight 10ms RepoModel.GetById 0ms app.codeStats 0ms

/shabti/templates/microsite/+package+/tests/functional/test_useradmin_unauth.py_tmpl

https://bitbucket.org/gawel/shabti
Unknown | 55 lines | 33 code | 22 blank | 0 comment | 0 complexity | a09eb3cd52c763b5befe4fb332bcca80 MD5 | raw file
 1# microsite/tests/functional/test_useradmin_unauth
 2from pylons import url
 3from {{package}}.model import *
 4from {{package}}.tests import *
 5
 6class TestUserUnauthAdminController(TestController):
 7    def test_unauthorised_user_state_retrieval_prohibited(self):
 8        """UserUnauthAdmin (microsite): unauthorised user GET access is prohibited."""
 9        response = self.app.get(url('edit_user', id='1'))
10        
11        assert response.status_int == 302
12        
13        assert response.location == 'http://localhost/login/index'
14        
15        response = self.app.get(url('new_user'))
16        
17        assert response.status_int == 302
18        
19        assert response.location == 'http://localhost/login/index'
20        
21        response = self.app.get(url('save_user', id='1'),
22                                params={'email': 'newemail@example.com',
23                                        '_method':u'PUT'})
24        
25        assert response.status_int == 302
26        
27        assert response.location == 'http://localhost/login/index'
28        
29        response = self.app.get(url('delete_user', id='1'),
30                                params={'_method':'DELETE'})
31        
32        assert response.status_int == 302
33        
34        assert response.location == 'http://localhost/login/index'
35    
36    
37    def test_unauthorised_user_state_change_prohibited(self):
38        """UserUnauthAdmin (microsite): unauthorised user PUTs and DELETEs are prohibited"""
39        response = self.app.put(url('edit_user', id='1'),
40                                params={'email': 'new@example.com',
41                                        '_method':'PUT'})
42        
43        assert response.status_int == 302
44        
45        assert response.location == 'http://localhost/login/index'
46        
47        response = self.app.delete(url('delete_user', id='1'))
48        
49        assert response.status_int == 302
50        
51        assert response.location == 'http://localhost/login/index'
52    
53
54# --- Added by Shabti microsite template
55