Skip to content

Commit

Permalink
Add tests for changes to the indexview
Browse files Browse the repository at this point in the history
  • Loading branch information
michaeljcollinsuk committed Apr 3, 2024
1 parent cd80876 commit 0d4dca1
Show file tree
Hide file tree
Showing 4 changed files with 130 additions and 5 deletions.
3 changes: 0 additions & 3 deletions controlpanel/frontend/views/__init__.py
Original file line number Diff line number Diff line change
@@ -1,13 +1,10 @@
# Standard library
import base64
import hashlib

# Third-party
from django.http import HttpResponseRedirect
from django.urls import reverse
from django.views.generic.base import TemplateView
from mozilla_django_oidc.views import OIDCLogoutView
from oauthlib.common import generate_token

# First-party/Local
from controlpanel.frontend.views.accessibility import Accessibility
Expand Down
4 changes: 2 additions & 2 deletions controlpanel/frontend/views/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ class EntraIdAuthView(OIDCLoginRequiredMixin, View):
"""
http_method_names = ["get"]

def _authorize_token(self):
def _get_access_token(self):
"""
Attempts to valiate and return the access token
"""
Expand All @@ -34,7 +34,7 @@ def get(self, request, *args, **kwargs):
"""
Attempts to retrieve the auth token, and update the user.
"""
token = self._authorize_token()
token = self._get_access_token()
if not token:
messages.error(request, "Something went wrong, please try again")
return HttpResponseRedirect(reverse("index"))
Expand Down
43 changes: 43 additions & 0 deletions tests/frontend/views/test_auth.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# Third-party
import pytest
from authlib.integrations.base_client import OAuthError
from django.urls import reverse, reverse_lazy
from mock import patch
from pytest_django.asserts import assertContains


class TestEntraIdAuthView:
url = reverse_lazy("entraid-auth")

def test_unauthorised(self, client):
response = client.get(self.url)

assert response.status_code == 302

@patch("controlpanel.frontend.views.auth.oauth")
def test_success(self, oauth, client, users):
oauth.azure.authorize_access_token.return_value = {
"userinfo": {"email": "[email protected]"},
}
user = users["normal_user"]
assert user.justice_email is None

client.force_login(user)
response = client.get(self.url, follow=True)

user.refresh_from_db()
assert user.justice_email == "[email protected]"
assertContains(response, "Successfully authenticated with your email [email protected]")

@patch("controlpanel.frontend.views.auth.oauth")
def test_failure(self, oauth, client, users):
oauth.azure.authorize_access_token.side_effect = OAuthError()
user = users["normal_user"]
assert user.justice_email is None

client.force_login(user)
response = client.get(self.url, follow=True)

user.refresh_from_db()
assert user.justice_email is None
assertContains(response, "Something went wrong, please try again")
85 changes: 85 additions & 0 deletions tests/frontend/views/test_index.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
# Third-party
import pytest
from django.http import HttpResponse
from django.urls import reverse
from mock import MagicMock, patch


class TestAccess:

@pytest.mark.parametrize("method, status_code", [
("get", 302),
("post", 302),
])
def test_not_logged_in_redirects(self, method, status_code, client):
response = getattr(client, method)("/")
assert response.status_code == status_code


class TestGetAsSuperuser:

def test_without_justice_email(self, client, superuser):
client.force_login(superuser)
assert superuser.justice_email is None

response = client.get("/")

assert response.status_code == 200
assert response.template_name == ["justice_email.html"]

def test_with_justice_email(self, client, superuser):
superuser.justice_email = "[email protected]"
superuser.save()
client.force_login(superuser)

response = client.get("/")

assert response.status_code == 200
assert response.template_name == ["home.html"]


class TestGetAsNormalUser:

def test_without_justice_email(self, client, users):
user = users["normal_user"]
client.force_login(user)
assert user.justice_email is None

response = client.get("/")

assert response.status_code == 200
assert response.template_name == ["justice_email.html"]

def test_with_justice_email(self, client, users):
user = users["normal_user"]
user.justice_email = "[email protected]"
user.save()
client.force_login(user)

response = client.get("/")

assert response.status_code == 302
assert response.url == reverse("list-tools")


class TestPost:

@patch("controlpanel.frontend.views.get_code_challenge", new=MagicMock(return_value="codeabc"))
@pytest.mark.parametrize("user", [
"superuser",
"normal_user"
])
def test_superuser_authorize_redirect_called(self, user, client, users):
user = users[user]
client.force_login(user)
with patch("controlpanel.frontend.views.oauth") as oauth:
oauth.azure.authorize_redirect.return_value = HttpResponse()

response = client.post("/")

oauth.azure.authorize_redirect.assert_called_once_with(
response.wsgi_request,
f"http://testserver{reverse('entraid-auth')}",
code_challenge="codeabc",
)

0 comments on commit 0d4dca1

Please sign in to comment.