/shabti/templates/microsite/+package+/tests/functional/test_useradmin_unauth.py_tmpl
https://bitbucket.org/gawel/shabti · Unknown · 55 lines · 33 code · 22 blank · 0 comment · 0 complexity · a09eb3cd52c763b5befe4fb332bcca80 MD5 · raw file
- # microsite/tests/functional/test_useradmin_unauth
- from pylons import url
- from {{package}}.model import *
- from {{package}}.tests import *
- class TestUserUnauthAdminController(TestController):
- def test_unauthorised_user_state_retrieval_prohibited(self):
- """UserUnauthAdmin (microsite): unauthorised user GET access is prohibited."""
- response = self.app.get(url('edit_user', id='1'))
-
- assert response.status_int == 302
-
- assert response.location == 'http://localhost/login/index'
-
- response = self.app.get(url('new_user'))
-
- assert response.status_int == 302
-
- assert response.location == 'http://localhost/login/index'
-
- response = self.app.get(url('save_user', id='1'),
- params={'email': 'newemail@example.com',
- '_method':u'PUT'})
-
- assert response.status_int == 302
-
- assert response.location == 'http://localhost/login/index'
-
- response = self.app.get(url('delete_user', id='1'),
- params={'_method':'DELETE'})
-
- assert response.status_int == 302
-
- assert response.location == 'http://localhost/login/index'
-
-
- def test_unauthorised_user_state_change_prohibited(self):
- """UserUnauthAdmin (microsite): unauthorised user PUTs and DELETEs are prohibited"""
- response = self.app.put(url('edit_user', id='1'),
- params={'email': 'new@example.com',
- '_method':'PUT'})
-
- assert response.status_int == 302
-
- assert response.location == 'http://localhost/login/index'
-
- response = self.app.delete(url('delete_user', id='1'))
-
- assert response.status_int == 302
-
- assert response.location == 'http://localhost/login/index'
-
- # --- Added by Shabti microsite template