source: main/waeup.sirp/trunk/src/waeup/sirp/applicants/tests/test_browser.py @ 6017

Last change on this file since 6017 was 5985, checked in by uli, 14 years ago

Add test for applicant trying invalid anonymous login.

File size: 7.2 KB
Line 
1##
2## test_browser.py
3## Login : <uli@pu.smp.net>
4## Started on  Tue Mar 29 11:31:11 2011 Uli Fouquet
5## $Id$
6##
7## Copyright (C) 2011 Uli Fouquet
8## This program is free software; you can redistribute it and/or modify
9## it under the terms of the GNU General Public License as published by
10## the Free Software Foundation; either version 2 of the License, or
11## (at your option) any later version.
12##
13## This program is distributed in the hope that it will be useful,
14## but WITHOUT ANY WARRANTY; without even the implied warranty of
15## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16## GNU General Public License for more details.
17##
18## You should have received a copy of the GNU General Public License
19## along with this program; if not, write to the Free Software
20## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21##
22"""
23Test the applicant-related UI components.
24"""
25import shutil
26import tempfile
27import unittest
28from datetime import datetime
29from zope.app.testing.functional import FunctionalTestCase
30from zope.app.testing.functional import HTTPCaller as http
31from zope.component import createObject
32from zope.security.interfaces import Unauthorized
33from zope.testbrowser.testing import Browser
34from waeup.sirp.testing import FunctionalLayer
35from waeup.sirp.app import University
36from waeup.sirp.applicants.container import ApplicantsContainer
37
38class LoginTest(FunctionalTestCase):
39    # Here we check login view of applicants containers.
40    #
41    # Tests in here do only cover login attempts without any PINs
42    # created before.
43   
44    layer = FunctionalLayer
45   
46    def setUp(self):
47        super(LoginTest, self).setUp()
48
49        # Setup a sample site for each test
50        app = University()
51        self.dc_root = tempfile.mkdtemp()
52        app['datacenter'].setStoragePath(self.dc_root)
53        self.login_path = 'http://localhost/app/applicants/testapplicants/login'
54
55        # Add an applicants container where we can login (or not)
56        app['applicants']['testapplicants'] = ApplicantsContainer()
57
58        # Put the prepopulated site into test ZODB and prepare test
59        # browser
60        self.getRootFolder()['app'] = app
61        self.browser = Browser()
62        self.browser.handleErrors = False
63
64    def tearDown(self):
65        super(LoginTest, self).tearDown()
66        shutil.rmtree(self.dc_root)
67
68    def test_anonymous_access(self):
69        # Anonymous users can access a login page
70        self.browser.open(self.login_path)
71        self.assertEqual(self.browser.headers['Status'], '200 Ok')
72        return
73
74    def test_anonymous_invalid_creds(self):
75        # Anonymous users giving invalid credentials stay at the page
76        self.browser.open(self.login_path)
77        # We do not give credentials but send the form as-is
78        submit = self.browser.getControl(name='SUBMIT')
79        submit.click()
80        # We are still at the same page...
81        self.assertEqual(self.browser.url, self.login_path)
82        self.assertEqual(self.browser.headers['Status'], '200 Ok')
83        return
84
85    def test_anonymous_invalid_creds_warning(self):
86        # Entering wrong credentials will yield a warning
87        self.browser.open(self.login_path)
88        # We do not give credentials but send the form as-is
89        submit = self.browser.getControl(name='SUBMIT')
90        submit.click()
91        self.assertTrue(
92            'Entered credentials are invalid' in self.browser.contents)
93        return
94
95    def test_manager_no_warnings(self):
96        # Browsing the login screen as a manager, won't raise warnings
97        # Authenticate ourself as manager
98        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
99        self.browser.open(self.login_path)
100        # Submit the form w/o any credentials
101        self.browser.getControl(name="SUBMIT").click()
102        self.assertTrue(
103            'Entered credentials are invalid' not in self.browser.contents)
104        return
105
106    def test_manager_no_redirect(self):
107        # Browsing the login screen as a manager won't trigger a redirect
108        # Authenticate ourself as manager
109        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
110        self.browser.open(self.login_path)
111        # Submit the form w/o any credentials
112        self.browser.getControl(name="SUBMIT").click()
113        self.assertEqual(self.browser.url, self.login_path)
114        return
115
116    def test_display_entered_values(self):
117        # After submit the entered values are displayed in the form
118        self.browser.open(self.login_path)
119        # Enter some value we can look for after submit
120        ac_series = self.browser.getControl(name="form.ac_series")
121        ac_series.value = '666'
122        self.browser.getControl(name="SUBMIT").click()
123        self.assertTrue('666' in self.browser.contents)
124        return
125
126class LoginTestWithPINs(LoginTest):
127    # Here we check login view of applicants containers with PINs provided.
128
129    # As setting up pins is time-consuming we only set them up when
130    # really needed (i.e. in this separate TestCase).
131   
132    layer = FunctionalLayer
133
134    def setUp(self):
135        super(LoginTestWithPINs, self).setUp()
136
137        # Create 5 access codes with prefix 'FOO' and cost 9.99 each
138        pin_container = self.getRootFolder()['app']['accesscodes']
139        pin_container.createBatch(
140            datetime.now(), 'some_userid', 'APP', 9.99, 5)
141        pins = pin_container[pin_container.keys()[0]].entries()
142        self.pins = [x.representation for x in pins]
143        self.existing_pin = self.pins[0]
144        parts = self.existing_pin.split('-')[1:]
145        self.existing_series, self.existing_number = parts
146        self.browser.handleErrors = False
147       
148    def tearDown(self):
149        super(LoginTestWithPINs, self).tearDown()
150
151    def test_anonymous_valid_login(self):
152        # If we enter valid credentials, we get to the applicants form
153        self.browser.open(self.login_path)
154        # Enter some value we can look for after submit
155        ac_series = self.browser.getControl(name="form.ac_series")
156        ac_series.value = self.existing_series
157        ac_number = self.browser.getControl(name="form.ac_number")
158        ac_number.value = self.existing_number
159        self.browser.getControl(name="SUBMIT").click()
160        # We should be redirected to applicants form.
161        self.assertTrue(self.browser.url != self.login_path)
162        return
163
164    def test_anonymous_invalid_login(self):
165        # If we enter wrong credentials we won't get far
166        self.browser.open(self.login_path)
167        # Enter some value we can look for after submit
168        ac_series = self.browser.getControl(name="form.ac_series")
169        ac_series.value = 'illegal series'
170        ac_number = self.browser.getControl(name="form.ac_number")
171        ac_number.value = 'invalid number'
172        self.browser.getControl(name="SUBMIT").click()
173        # We get a warning message
174        self.assertTrue(
175            'Entered credentials are invalid' in self.browser.contents)
176        # We stay at the login page (no redirect)
177        self.assertTrue(self.browser.url == self.login_path)
178        return
179
180   
181def suite():
182    suite = unittest.TestSuite()
183    for testcase in [
184        LoginTest,
185        LoginTestWithPINs,
186            ]:
187        suite.addTests(unittest.makeSuite(testcase))
188    return suite
189
190test_suite = suite
191
Note: See TracBrowser for help on using the repository browser.