/shabti/templates/microsite/+package+/tests/functional/test_useradmin_unauth.py_tmpl
Unknown | 55 lines | 33 code | 22 blank | 0 comment | 0 complexity | a09eb3cd52c763b5befe4fb332bcca80 MD5 | raw file
1# microsite/tests/functional/test_useradmin_unauth
2from pylons import url
3from {{package}}.model import *
4from {{package}}.tests import *
5
6class TestUserUnauthAdminController(TestController):
7 def test_unauthorised_user_state_retrieval_prohibited(self):
8 """UserUnauthAdmin (microsite): unauthorised user GET access is prohibited."""
9 response = self.app.get(url('edit_user', id='1'))
10
11 assert response.status_int == 302
12
13 assert response.location == 'http://localhost/login/index'
14
15 response = self.app.get(url('new_user'))
16
17 assert response.status_int == 302
18
19 assert response.location == 'http://localhost/login/index'
20
21 response = self.app.get(url('save_user', id='1'),
22 params={'email': 'newemail@example.com',
23 '_method':u'PUT'})
24
25 assert response.status_int == 302
26
27 assert response.location == 'http://localhost/login/index'
28
29 response = self.app.get(url('delete_user', id='1'),
30 params={'_method':'DELETE'})
31
32 assert response.status_int == 302
33
34 assert response.location == 'http://localhost/login/index'
35
36
37 def test_unauthorised_user_state_change_prohibited(self):
38 """UserUnauthAdmin (microsite): unauthorised user PUTs and DELETEs are prohibited"""
39 response = self.app.put(url('edit_user', id='1'),
40 params={'email': 'new@example.com',
41 '_method':'PUT'})
42
43 assert response.status_int == 302
44
45 assert response.location == 'http://localhost/login/index'
46
47 response = self.app.delete(url('delete_user', id='1'))
48
49 assert response.status_int == 302
50
51 assert response.location == 'http://localhost/login/index'
52
53
54# --- Added by Shabti microsite template
55