Changeset 11736 for main/waeup.uniben/trunk/src/waeup/uniben/applicants/tests

Timestamp:

5 Jul 2014, 12:21:13 (11 years ago)

Author:

Henrik Bettermann

Message:

Add permission waeup.uploadPassportPictures and role waeup.PassportPictureManager? and allow only officers with this role to upload passport pictures of applicants.

File:

• main/waeup.uniben/trunk/src/waeup/uniben/applicants/tests/test_browser.py (modified) (2 diffs)

main/waeup.uniben/trunk/src/waeup/uniben/applicants/tests/test_browser.py

@@ -19 +19 @@
 Test the applicant-related UI components.
 """
+from StringIO import StringIO
+from zope.securitypolicy.interfaces import IPrincipalRoleManager
 from waeup.uniben.testing import FunctionalLayer
-from waeup.kofa.applicants.tests.test_browser import ApplicantsFullSetup
+from waeup.kofa.applicants.tests.test_browser import ApplicantsFullSetup, PH_LEN
 
 class CustomApplicantUITests(ApplicantsFullSetup):
@@ -47 +49 @@
         return
        
+    def image_url(self, filename):
+        return self.edit_path.replace('edit', filename)
+
+    def test_upload_passport_wo_permission(self):
+        # Create CRPU officer
+        self.app['users'].addUser('mrcrpu', 'mrcrpusecret')
+        self.app['users']['mrcrpu'].email = 'mrcrpu@foo.ng'
+        self.app['users']['mrcrpu'].title = 'Carlo Pitter'
+        prmglobal = IPrincipalRoleManager(self.app)
+        prmglobal.assignRoleToPrincipal('waeup.CCOfficer', 'mrcrpu')
+        # Login as CRPU officer
+        self.browser.open(self.login_path)
+        self.browser.getControl(name="form.login").value = 'mrcrpu'
+        self.browser.getControl(name="form.password").value = 'mrcrpusecret'
+        self.browser.getControl("Login").click()
+        self.assertMatches('...You logged in...', self.browser.contents)
+        # Let's try to change the passport image
+        self.browser.open(self.manage_path)
+        self.fill_correct_values()
+        # Create a pseudo image file and select it to be uploaded in form
+        pseudo_image = StringIO('I pretend to be a graphics file')
+        ctrl = self.browser.getControl(name='form.passport')
+        file_ctrl = ctrl.mech_control
+        file_ctrl.add_file(pseudo_image, filename='myphoto.jpg')
+        self.browser.getControl("Save").click()
+        self.assertMatches('...You are not entitled to upload passport pictures...',
+            self.browser.contents)
+        # The officer still sees the placeholder passport image
+        self.browser.open(self.image_url('passport.jpg'))
+        self.assertEqual(
+            self.browser.headers['content-type'], 'image/jpeg')
+        self.assertEqual(len(self.browser.contents), PH_LEN)
+        # After adding the additional role ...
+        prmglobal.assignRoleToPrincipal('waeup.PassportPictureManager', 'mrcrpu')
+        # ... passport pictures can be uploaded
+        self.browser.open(self.manage_path)
+        self.fill_correct_values()
+        pseudo_image = StringIO('I pretend to be a graphics file')
+        ctrl = self.browser.getControl(name='form.passport')
+        file_ctrl = ctrl.mech_control
+        file_ctrl.add_file(pseudo_image, filename='myphoto.jpg')
+        self.browser.getControl("Save").click()
+        self.assertMatches('...Form has been saved...', self.browser.contents)
+        # There is a correct <img> link included
+        self.assertTrue(
+            '<img src="passport.jpg" height="180px" />' in self.browser.contents)
+        # Browsing the link shows a real image
+        self.browser.open(self.image_url('passport.jpg'))
+        self.assertEqual(
+            self.browser.headers['content-type'], 'image/jpeg')
+        self.assertEqual(len(self.browser.contents), 31)