/shabti/templates/microsite/+package+/tests/functional/test_useradmin_unauth.py_tmpl

https://bitbucket.org/gawel/shabti · Unknown · 55 lines · 33 code · 22 blank · 0 comment · 0 complexity · a09eb3cd52c763b5befe4fb332bcca80 MD5 · raw file

  1. # microsite/tests/functional/test_useradmin_unauth
  2. from pylons import url
  3. from {{package}}.model import *
  4. from {{package}}.tests import *
  5. class TestUserUnauthAdminController(TestController):
  6. def test_unauthorised_user_state_retrieval_prohibited(self):
  7. """UserUnauthAdmin (microsite): unauthorised user GET access is prohibited."""
  8. response = self.app.get(url('edit_user', id='1'))
  9. assert response.status_int == 302
  10. assert response.location == 'http://localhost/login/index'
  11. response = self.app.get(url('new_user'))
  12. assert response.status_int == 302
  13. assert response.location == 'http://localhost/login/index'
  14. response = self.app.get(url('save_user', id='1'),
  15. params={'email': 'newemail@example.com',
  16. '_method':u'PUT'})
  17. assert response.status_int == 302
  18. assert response.location == 'http://localhost/login/index'
  19. response = self.app.get(url('delete_user', id='1'),
  20. params={'_method':'DELETE'})
  21. assert response.status_int == 302
  22. assert response.location == 'http://localhost/login/index'
  23. def test_unauthorised_user_state_change_prohibited(self):
  24. """UserUnauthAdmin (microsite): unauthorised user PUTs and DELETEs are prohibited"""
  25. response = self.app.put(url('edit_user', id='1'),
  26. params={'email': 'new@example.com',
  27. '_method':'PUT'})
  28. assert response.status_int == 302
  29. assert response.location == 'http://localhost/login/index'
  30. response = self.app.delete(url('delete_user', id='1'))
  31. assert response.status_int == 302
  32. assert response.location == 'http://localhost/login/index'
  33. # --- Added by Shabti microsite template