from django.contrib.auth.models import Group
from django.test import TestCase, override_settings
from wagtail.models import Page, PageViewRestriction
from wagtail.test.utils import WagtailTestUtils
class TestPagePrivacy(WagtailTestUtils, TestCase):
fixtures = ["test.json"]
def setUp(self):
self.secret_plans_page = Page.objects.get(url_path="/home/secret-plans/")
self.view_restriction = PageViewRestriction.objects.get(
page=self.secret_plans_page
)
self.secret_event_editor_plans_page = Page.objects.get(
url_path="/home/secret-event-editor-plans/"
)
self.event_editors_group = Group.objects.get(name="Event editors")
self.secret_login_plans_page = Page.objects.get(
url_path="/home/secret-login-plans/"
)
def test_anonymous_user_must_authenticate(self):
response = self.client.get("/secret-plans/")
self.assertEqual(
response.templates[0].name, "wagtailcore/password_required.html"
)
submit_url = "/_util/authenticate_with_password/%d/%d/" % (
self.view_restriction.id,
self.secret_plans_page.id,
)
self.assertContains(response, '',
html=True,
)
# posting the wrong password should redisplay the password page
response = self.client.post(
submit_url,
{
"password": "wrongpassword",
"return_url": "/secret-plans/",
},
)
self.assertEqual(
response.templates[0].name, "wagtailcore/password_required.html"
)
self.assertContains(response, '',
html=True,
)
# posting the wrong password should redisplay the password page
response = self.client.post(
submit_url,
{
"password": "wrongpassword",
"return_url": "/secret-plans/steal-underpants/",
},
)
self.assertEqual(
response.templates[0].name, "tests/event_page_password_required.html"
)
self.assertContains(response, '',
html=True,
)
def test_view_restrictions_apply_to_subpages_of_aliases(self):
secret_plans_page = Page.objects.get(url_path="/home/secret-plans/")
secret_plans_alias_page = secret_plans_page.create_alias(
update_slug="alias-secret-plans"
)
underpants_page = Page.objects.get(
url_path="/home/secret-plans/steal-underpants/"
)
underpants_alias_page = underpants_page.create_alias(
parent=secret_plans_alias_page
)
response = self.client.get("/alias-secret-plans/steal-underpants/")
# check that we're overriding the default password_required template for this page type
self.assertEqual(
response.templates[0].name, "tests/event_page_password_required.html"
)
submit_url = "/_util/authenticate_with_password/%d/%d/" % (
self.view_restriction.id,
underpants_alias_page.id,
)
self.assertContains(response, "Steal underpants")
self.assertContains(response, '',
html=True,
)
def test_group_restriction_with_anonymous_user(self):
response = self.client.get("/secret-event-editor-plans/")
self.assertRedirects(response, "/_util/login/?next=/secret-event-editor-plans/")
def test_group_restriction_with_unpermitted_user(self):
self.login(username="eventmoderator", password="password")
response = self.client.get("/secret-event-editor-plans/")
self.assertRedirects(response, "/_util/login/?next=/secret-event-editor-plans/")
def test_group_restriction_with_permitted_user(self):
self.login(username="eventeditor", password="password")
response = self.client.get("/secret-event-editor-plans/")
self.assertEqual(response.status_code, 200)
self.assertContains(response, "Secret event editor plans")
def test_group_restriction_with_superuser(self):
self.login(username="superuser", password="password")
response = self.client.get("/secret-event-editor-plans/")
self.assertEqual(response.status_code, 200)
self.assertContains(response, "Secret event editor plans")
def test_login_restriction_with_anonymous_user(self):
response = self.client.get("/secret-login-plans/")
self.assertRedirects(response, "/_util/login/?next=/secret-login-plans/")
def test_login_restriction_with_logged_in_user(self):
self.login(username="eventmoderator", password="password")
response = self.client.get("/secret-login-plans/")
self.assertEqual(response.status_code, 200)
self.assertContains(response, "Secret login plans")