Context navigation

← Previous change
Next change →

tests

Timestamp:

30 Nov 2011, 23:13:26 (13 years ago)

Author:

Henrik Bettermann

Message:

Rebuild applicants package (1st part). Applicants now have an applicant_id and a password and can use the regular login page to enter the portal.

Add user_type attribute to SIRPPrincipal objects.

Add some permissions in students package.

Some tests are still missing and will be re-added soon.

Location:

main/waeup.sirp/trunk/src/waeup/sirp/applicants/tests

Files:

: 4 edited

test_applicant.py (modified) (4 diffs)
test_authentication.py (modified) (1 diff)
test_browser.py (modified) (20 diffs)
test_catalog.py (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

main/waeup.sirp/trunk/src/waeup/sirp/applicants/tests/test_applicant.py

-                      r7193
+                      r7240
 from waeup.sirp.interfaces import IFileStoreHandler, IFileStoreNameChooser
 from waeup.sirp.applicants import (
     ResultEntry, Applicant, ApplicantFactory, get_regno_or_ac,
+    Applicant, ApplicantFactory, ApplicantsContainer,
     ApplicantImageStoreHandler, ApplicantImageNameChooser,
+    )
 from waeup.sirp.applicants.interfaces import IResultEntry, IApplicant
+from waeup.sirp.applicants.interfaces import IApplicant
 from waeup.sirp.testing import FunctionalTestCase, FunctionalLayer
 …
         super(HelperTests, self).tearDown()
         shutil.rmtree(self.workdir)
-        return
-    def test_get_regno_or_ac(self):
-        # we can get reg_no or access_code of an applicants if it is set
-        appl1 = Applicant()
-        appl2 = Applicant()
-        appl2.reg_no = u'foo'
-        appl3 = Applicant()
-        appl3.access_code = u'bar'
-        appl4 = Applicant()
-        appl4.reg_no = u'foo'
-        appl4.access_code = u'bar'
-        self.assertTrue(
-            get_regno_or_ac(appl1) is None)
-        self.assertEqual(
-            get_regno_or_ac(appl2), u'foo')
-        self.assertEqual(
-            get_regno_or_ac(appl3), u'bar')
-        self.assertEqual(
-            get_regno_or_ac(appl4), u'foo')
         return
 …
         return
-class ApplicantImageNameChooserTests(FunctionalTestCase):
-    layer = FunctionalLayer
-    def test_iface(self):
-        # make sure we implement promised interfaces
-        obj = ApplicantImageNameChooser(None) # needs a context normally
-        verify.verifyClass(IFileStoreNameChooser, ApplicantImageNameChooser)
-        verify.verifyObject(IFileStoreNameChooser, obj)
-        return
-    def test_name_chooser_available(self):
-        # we can get a name chooser for applicant objects as adapter
-        appl = Applicant()
-        chooser = IFileStoreNameChooser(appl)
-        self.assertTrue(chooser is not None)
-        return
-    def test_name_chooser_applicant_wo_container(self):
-        # we can get an image filename for applicants not in a container
-        appl = Applicant()
-        appl.reg_no = u'MY_REG_NO'
-        chooser = IFileStoreNameChooser(appl)
-        result = chooser.chooseName()
-        # the file would be stored in a ``_default`` directory.
-        self.assertEqual(
-            result, '__img-applicant___default/MY_REG_NO.jpg')
-        return
-    def test_name_chooser_applicant_w_container(self):
-        appl = Applicant()
-        appl.reg_no = u'MY_REG_NO'
-        fake_container = grok.Container()
-        fake_container.__name__ = 'folder'
-        fake_container['appl'] = appl
-        appl.__parent__ = fake_container
-        chooser = IFileStoreNameChooser(appl)
-        result = chooser.chooseName()
-        self.assertEqual(
-            result, '__img-applicant__folder/MY_REG_NO.jpg')
-        return
-    def test_name_chooser_check_name(self):
-        # we can check file ids for applicants
-        appl = Applicant()
-        appl.reg_no = u'MY_REG_NO'
-        fake_container = grok.Container()
-        fake_container.__name__ = 'folder'
-        fake_container['appl'] = appl
-        appl.__parent__ = fake_container
-        chooser = IFileStoreNameChooser(appl)
-        result1 = chooser.checkName('foo')
-        result2 = chooser.checkName('__img-applicant__folder/MY_REG_NO.jpg')
-        self.assertEqual(result1, False)
-        self.assertEqual(result2, True)
-        return
-class ResultEntryTest(unittest.TestCase):
-    def setUp(self):
-        self.result_entry = ResultEntry()
-        return
-    def tearDown(self):
-        pass
-    def test_interfaces(self):
-        verify.verifyClass(IResultEntry, ResultEntry)
-        verify.verifyObject(IResultEntry, self.result_entry)
-    def test_resultentry(self):
-        entry = ResultEntry('Some subject', 3.7)
-        assert entry.subject == 'Some subject'
-        assert entry.score == 3.7
 class ApplicantTest(FunctionalTestCase):
 …
     def test_factory(self):
         obj = self.factory()
+        obj = self.factory(container=None)
         assert isinstance(obj, Applicant)

main/waeup.sirp/trunk/src/waeup/sirp/applicants/tests/test_authentication.py

-                      r7238
+                      r7240
 ## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 ##
-import shutil
-import tempfile
 import unittest
 from zope.authentication.interfaces import IAuthentication
+from zope.component import provideAdapter, getUtility, queryUtility
+from zope.component.hooks import setSite
+from zope.interface import verify
+from zope.pluggableauth.interfaces import  IAuthenticatedPrincipalFactory
+from zope.publisher.browser import TestRequest
+from zope.publisher.interfaces import IRequest
+from zope.session.interfaces import ISession
+from zope.testbrowser.testing import Browser
+from zope.testing import cleanup
+from waeup.sirp.testing import FunctionalLayer, FunctionalTestCase
+from waeup.sirp.app import University
+from waeup.sirp.interfaces import IAuthPluginUtility
+from waeup.sirp.applicants import  ApplicantsContainer, Applicant
+from zope.component import provideUtility, queryUtility, getGlobalSiteManager
+from zope.interface.verify import verifyClass, verifyObject
+from zope.password.password import SSHAPasswordManager
+from zope.password.interfaces import IPasswordManager
+from zope.pluggableauth import PluggableAuthentication
+from zope.security.interfaces import Unauthorized
+from zope.securitypolicy.role import Role
+from zope.securitypolicy.interfaces import IRole, Allow
+from waeup.sirp.authentication import get_principal_role_manager
+from waeup.sirp.interfaces import IAuthPluginUtility, IUserAccount
 from waeup.sirp.applicants.authentication import (
+    ApplicantsAuthenticatorPlugin, WAeUPApplicantCredentialsPlugin,
+    ApplicantCredentials, AuthenticatedApplicantPrincipalFactory,
+    ApplicantPrincipalInfo, ApplicantPrincipal, ApplicantsAuthenticatorSetup)
+    ApplicantsAuthenticatorSetup, ApplicantAccount)
+from waeup.sirp.applicants.tests.test_browser import ApplicantsFullSetup
+from waeup.sirp.testing import FunctionalLayer
+class ApplicantsAuthenticatorSetupTests(unittest.TestCase):
+    def test_iface(self):
+        obj = ApplicantsAuthenticatorSetup()
+        verifyClass(IAuthPluginUtility, ApplicantsAuthenticatorSetup)
+        verifyObject(IAuthPluginUtility, obj)
+        return
+    def test_register(self):
+        # Make sure registration works.
+        setup = ApplicantsAuthenticatorSetup()
+        pau = PluggableAuthentication()
+        setup.register(pau)
+        self.assertTrue('applicants' in pau.authenticatorPlugins)
+        return
+    def test_unregister(self):
+        # Make sure deregistration works.
+        setup = ApplicantsAuthenticatorSetup()
+        pau = PluggableAuthentication()
+        pau.authenticatorPlugins = ('applicants')
+        setup.unregister(pau)
+        self.assertTrue('applicants' not in pau.authenticatorPlugins)
+        return
+class FakeBatch(dict):
+    def getAccessCode(self, id):
+        return self.get(id)
+class FakeApplicant(object):
+    applicant_id = 'test_appl'
+    fullname = 'Tilman Gause'
+    password = None
+    email = None
+    phone = None
-class FakeAccessCode(object):
-    def __init__(self, repr, state = 'initialized'):
-        self.representation = repr
-        self.state = state
 class FakeApplication(object):
     def __init__(self, ac=None):
         self.access_code = ac
+class MinimalPAU(PluggableAuthentication):
+    def getPrincipal(self, id):
+        return 'faked principal'
+def FakeSite():
+    return {
+        'applicants': {
+            'APP': {
+                'APP-12345': FakeApplication(u'APP-12345'),
+                'APP-54321': FakeApplication(u'APP-54321'),
+                'APP-22222': FakeApplication(u'APP-OTHER'),
+                'APP-44444': FakeApplication(),
+                'APP-55555': FakeApplication(u'APP-OTHER'),
+                'APP-77777': FakeApplication(u'APP-77777'),
+                },
+            },
+        'accesscodes': {
+            'APP': FakeBatch({
+                    'APP-12345': FakeAccessCode('APP-12345'),
+                    'APP-54321': FakeAccessCode('APP-54321', 'used'),
+                    'APP-11111': FakeAccessCode('APP-11111'),
+                    'APP-22222': FakeAccessCode('APP-22222'),
+                    'APP-33333': FakeAccessCode('APP-33333', 'used'),
+                    'APP-44444': FakeAccessCode('APP-44444', 'used'),
+                    'APP-55555': FakeAccessCode('APP-55555', 'used'),
+                    'APP-66666': FakeAccessCode('APP-66666', 'disabled'),
+                    'APP-77777': FakeAccessCode('APP-77777', 'disabled'),
+                    })
+            }
+        }
+class AuthenticatorPluginTest(FunctionalTestCase):
+    layer = FunctionalLayer
+    def create_applicant(self, cname, aname, ac=None):
+        # Create an applicant in an applicants container
+        setSite(self.app)
+        if not cname in self.app['applicants'].keys():
+            container = ApplicantsContainer()
+            self.app['applicants'][cname] = container
+        applicant = Applicant()
+        if ac is not None:
+            applicant.access_code = ac
+        self.app['applicants'][cname][aname] = applicant
+        return
+class ApplicantAccountTests(unittest.TestCase):
     def setUp(self):
+        super(AuthenticatorPluginTest, self).setUp()
+        self.fake_stud = FakeApplicant()
+        self.account = ApplicantAccount(self.fake_stud)
+        # Setup a sample site for each test
+        app = University()
+        self.dc_root = tempfile.mkdtemp()
+        app['datacenter'].setStoragePath(self.dc_root)
+        # We provide a minimal PAU
+        pau = MinimalPAU()
+        provideUtility(pau, IAuthentication)
         # Prepopulate the ZODB...
         self.getRootFolder()['app'] = app
         self.app = self.getRootFolder()['app']
+        # We register a role
+        test_role = Role('waeup.test.Role', 'Testing Role')
+        provideUtility(test_role, IRole, name='waeup.test.Role')
+        fake_site = FakeSite()
+        for ckey, fake_container in fake_site['applicants'].items():
+            for akey, fake_appl in fake_container.items():
+                self.create_applicant(ckey, akey, fake_appl.access_code)
+        del self.app['accesscodes']
+        self.app['accesscodes'] = fake_site['accesscodes']
+        self.plugin = ApplicantsAuthenticatorPlugin()
+        # We have to setup a password manager utility manually as we
+        # have no functional test. In functional tests this would
+        # happen automatically, but it would take a lot more time to
+        # run the tests.
+        provideUtility(
+            SSHAPasswordManager(), IPasswordManager, 'SSHA')
         return
     def tearDown(self):
+        super(AuthenticatorPluginTest, self).tearDown()
+        shutil.rmtree(self.dc_root)
+        self.account.roles = [] # make sure roles are reset
+        gsm = getGlobalSiteManager()
+        to_clean = []
+        # Clear up utilities registered in setUp
+        to_clean.append(
+            (IPasswordManager, queryUtility(
+                    IPasswordManager, name='SSHA', default=None)))
+        to_clean.append(
+            (IAuthentication, queryUtility(IAuthentication, default=None)))
+        to_clean.append(
+            (IRole, queryUtility(IRole, name='test.Role', default=None)))
+        for iface, elem in to_clean:
+            if elem is not None:
+                gsm.unregisterUtility(elem, iface)
         return
+    def test_invalid_credentials(self):
+        result = self.plugin.authenticateCredentials('not-a-dict')
+        assert result is None
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode=None, foo='blah'))
+        assert result is None
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='Nonsense',))
+        assert result is None
+        # Possible cases, where formal correct authentication
+        # data is not valid:
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='APP-33333'))
+        assert result is None
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='APP-55555'))
+        assert result is None
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='APP-66666'))
+        assert result is None
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='APP-77777'))
+        assert result is None
+    def test_iface(self):
+        verifyClass(IUserAccount, ApplicantAccount)
+        verifyObject(IUserAccount, self.account)
         return
+    def test_valid_credentials(self):
+        """The six different cases where we allow login.
+        All other combinations should be forbidden.
+        """
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='APP-11111'))
+        assert result is not None
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='APP-12345'))
+        assert result is not None
+        result = self.plugin.authenticateCredentials(
+            dict(accesscode='APP-54321'))
+        assert result is not None
+        # check the `principalInfo` method of authenticator
+        # plugin. This is only here to satisfy the coverage report.
+        assert self.plugin.principalInfo('not-an-id') is None
+    def test_set_password(self):
+        # make sure we can set a password.
+        self.account.setPassword('secret')
+        self.assertTrue(self.fake_stud.password is not None)
+        # we do not store plaintext passwords
+        self.assertTrue(self.fake_stud.password != 'secret')
+        # passwords are stored as unicode
+        self.assertTrue(isinstance(self.fake_stud.password, unicode))
         return
+session_data = {
+    'zope.pluggableauth.browserplugins': {}
+    }
+class FakeSession(dict):
+    def __init__(self, request):
+        pass
+    def get(self, key, default=None):
+        return self.__getitem__(key, default)
+    def __getitem__(self, key, default=None):
+        return session_data.get(key, default)
+    def __setitem__(self, key, value):
+        session_data[key] = value
+    def test_check_password(self):
+        # make sure we can check a password.
+        self.account.setPassword('secret')
+        result1 = self.account.checkPassword(None)
+        result2 = self.account.checkPassword('nonsense')
+        result3 = self.account.checkPassword('secret')
+        self.assertEqual(result1, False)
+        self.assertEqual(result2, False)
+        self.assertEqual(result3, True)
         return
 class CredentialsPluginTest(unittest.TestCase):
     def setUp(self):
         self.request = TestRequest()
         provideAdapter(FakeSession, (IRequest,), ISession)
         self.plugin = WAeUPApplicantCredentialsPlugin()
         self.full_request = TestRequest()
         session_data['zope.pluggableauth.browserplugins'] = {}
+    def test_check_unset_password(self):
+        # empty and unset passwords do not match anything
+        self.fake_stud.password = None
+        result1 = self.account.checkPassword('')
+        self.fake_stud.password = ''
+        result2 = self.account.checkPassword('')
+        self.assertEqual(result1, False)
+        self.assertEqual(result2, False)
         return
+    def tearDown(self):
+        cleanup.tearDown()
+    def test_check_password_no_string(self):
+        # if passed in password is not a string, we gain no access
+        self.fake_stud.password = 'secret'
+        result1 = self.account.checkPassword(None)
+        result2 = self.account.checkPassword(object())
+        self.assertEqual(result1, False)
+        self.assertEqual(result2, False)
         return
+    def filled_request(self, form_dict):
+        request = TestRequest()
+        for key, value in form_dict.items():
+            request.form[key] = value
+        return request
+    def test_extractCredentials_invalid(self):
+        result = self.plugin.extractCredentials('not-a-request')
+        assert result is None
+    def test_role_set(self):
+        # make sure we can set roles for principals denoted by account
+        prm = get_principal_role_manager()
+        self.assertEqual(prm.getPrincipalsAndRoles(), [])
+        self.account.roles = ['waeup.test.Role']
+        self.assertEqual(
+            prm.getPrincipalsAndRoles(),
+            [('waeup.test.Role', 'test_appl', Allow)])
         return
+    def test_extractCredentials_empty(self):
+        result = self.plugin.extractCredentials(self.request)
+        assert result is None
+    def test_role_get(self):
+        # make sure we can get roles set for an account
+        self.assertEqual(self.account.roles, [])
+        self.account.roles = ['waeup.test.Role',] # set a role
+        self.assertEqual(self.account.roles, ['waeup.test.Role'])
         return
+    def test_extractCredentials_full_set(self):
+        request = self.filled_request({
+                'form.ac_prefix': 'APP',
+                'form.ac_series': '1',
+                'form.ac_number': '1234567890',
+                #'form.jamb_reg_no': 'JAMB_NUMBER',
+                })
+        result = self.plugin.extractCredentials(request)
+        self.assertEqual(result, {'accesscode': 'APP-1-1234567890'})
+        return
+    def test_extractCredentials_accesscode_only(self):
+        request = self.filled_request({
+                'form.ac_prefix': 'APP',
+                'form.ac_series': '1',
+                'form.ac_number': '1234567890',
+                })
+        result = self.plugin.extractCredentials(request)
+        self.assertEqual(result, {'accesscode': 'APP-1-1234567890'})
+        return
+    def test_extractCredentials_from_empty_session(self):
+        session_data['zope.pluggableauth.browserplugins']['credentials'] = None
+        result = self.plugin.extractCredentials(self.request)
+        assert result is None
+        return
+    def test_extractCredentials_from_nonempty_session(self):
+        credentials = ApplicantCredentials('APP-1-12345')
+        session_data['zope.pluggableauth.browserplugins'][
+            'credentials'] = credentials
+        result = self.plugin.extractCredentials(self.request)
+        self.assertEqual(result, {'accesscode': 'APP-1-12345'})
+        return
+class ApplicantCredentialsTest(unittest.TestCase):
+    def setUp(self):
+        self.credentials = ApplicantCredentials('SOME_ACCESSCODE')
+        return
+    def tearDown(self):
+        return
+    def test_methods(self):
+        self.assertEqual(self.credentials.getAccessCode(), 'SOME_ACCESSCODE')
+        assert self.credentials.getLogin() is None
+        assert self.credentials.getPassword() is None
+        return
+class FakePluggableAuth(object):
+    prefix = 'foo'
+class PrincipalFactoryTest(unittest.TestCase):
+    def setUp(self):
+        self.info = ApplicantPrincipalInfo('APP-1-1234567890')
+        return
+    def tearDown(self):
+        pass
+    def test_principalFactory_interface(self):
+        verify.verifyClass(IAuthenticatedPrincipalFactory,
+                           AuthenticatedApplicantPrincipalFactory
+                           )
+        return
+    def test_principalFactory_create(self):
+        factory = AuthenticatedApplicantPrincipalFactory(self.info, None)
+        assert factory.info is self.info
+        assert factory.request is None
+        return
+    def test_principalFactory_call_w_prefix(self):
+        factory = AuthenticatedApplicantPrincipalFactory(self.info, None)
+        principal = factory(FakePluggableAuth())
+        assert isinstance(principal, ApplicantPrincipal)
+        self.assertEqual(principal.__repr__(),
+                         "ApplicantPrincipal('foo.APP-1-1234567890')")
+        self.assertEqual(principal.id, 'foo.APP-1-1234567890')
+        return
+    def test_principalFactory_call_wo_prefix(self):
+        factory = AuthenticatedApplicantPrincipalFactory(self.info, None)
+        fake_auth = FakePluggableAuth()
+        fake_auth.prefix = None
+        principal = factory(fake_auth)
+        self.assertEqual(principal.id, 'APP-1-1234567890')
+        return
+class PAUSetupTest(FunctionalTestCase):
+    # Check correct setup of authentication components in the
+    # applicants subpackage.
+    # When a university is created, we want by default have our local
+    # authentication components (an authenticator plugin and a
+    # credentials plugin) to be registered with the local PAU. Admins
+    # can remove these components on the fly later-on if they wish.
+class FunctionalApplicantAuthTests(ApplicantsFullSetup):
     layer = FunctionalLayer
     def setUp(self):
+        super(PAUSetupTest, self).setUp()
+        # Setup a sample site for each test
+        app = University()
+        self.dc_root = tempfile.mkdtemp()
+        app['datacenter'].setStoragePath(self.dc_root)
+        # Prepopulate the ZODB...
+        self.getRootFolder()['app'] = app
+        self.app = self.getRootFolder()['app']
+        self.browser = Browser()
+        self.browser.handleErrors = False
+        super(FunctionalApplicantAuthTests, self).setUp()
+        return
     def tearDown(self):
+        super(PAUSetupTest, self).tearDown()
+        shutil.rmtree(self.dc_root)
+    def test_extra_auth_plugins_installed(self):
+        # Check whether the auth plugins defined in here are setup
+        # automatically when a university is created
+        # Get the PAU responsible for the local site ('app')
+        pau = getUtility(IAuthentication, context=self.app)
+        cred_plugins = pau.getCredentialsPlugins()
+        auth_plugins = pau.getAuthenticatorPlugins()
+        cred_names = [name for name, plugin in cred_plugins]
+        auth_names = [name for name, plugin in auth_plugins]
+        # Make sure our local ApplicantsAuthenticatorPlugin is registered...
+        self.assertTrue('applicants' in auth_names)
+        # Make sure our local WAeUPApplicantCredentialsPlugin is registered...
+        self.assertTrue('applicant_credentials' in cred_names)
+        super(FunctionalApplicantAuthTests, self).tearDown()
         return
-class FakePAU(object):
-    credentialsPlugins = ()
-    authenticatorPlugins = ()
-class ApplicantsAuthenticatorSetupTests(FunctionalTestCase):
-    layer = FunctionalLayer
-    def test_ifaces(self):
-        # make sure we fullfill the interface promises
-        obj = ApplicantsAuthenticatorSetup()
-        verify.verifyClass(IAuthPluginUtility, ApplicantsAuthenticatorSetup)
-        verify.verifyObject(IAuthPluginUtility, obj)
-        return
-    def test_utility_available(self):
-        # we can get an applicant auth utility by lookup
-        util = queryUtility(IAuthPluginUtility,
-                            name='applicants_auth_setup')
-        self.assertTrue(util is not None)
-        return
-    def test_register(self):
-        # make sure we can register additional components
-        pau = FakePAU()
-        result = ApplicantsAuthenticatorSetup().register(pau)
-        self.assertEqual(
-            result.credentialsPlugins, ('applicant_credentials',))
-        self.assertEqual(
-            result.authenticatorPlugins, ('applicants',))
-        return
-    def test_unregister(self):
-        # make sure we can unregister applicant auth components
-        pau = FakePAU()
-        util = ApplicantsAuthenticatorSetup()
-        pau = util.register(pau)
-        result = util.unregister(pau)
-        self.assertEqual(
-            result.credentialsPlugins, ())
-        self.assertEqual(
-            result.authenticatorPlugins, ())
-        return

main/waeup.sirp/trunk/src/waeup/sirp/applicants/tests/test_browser.py

-                      r7226
+                      r7240
 from waeup.sirp.applicants.container import ApplicantsContainer
 from waeup.sirp.applicants.applicant import Applicant
+from waeup.sirp.interfaces import IExtFileStore, IFileStoreNameChooser
+from waeup.sirp.interfaces import (
+    IExtFileStore, IFileStoreNameChooser, IUserAccount)
 from waeup.sirp.university.faculty import Faculty
 from waeup.sirp.university.department import Department
 …
         setSite(app)
+        self.login_path = 'http://localhost/app/login'
         self.root_path = 'http://localhost/app/applicants'
         self.manage_root_path = self.root_path + '/@@manage'
 …
         applicantscontainer = ApplicantsContainer()
         applicantscontainer.ac_prefix = 'APP'
+        applicantscontainer.code = u'app2009'
         applicantscontainer.prefix = 'app'
         applicantscontainer.year = 2009
 …
         applicantscontainer.enddate = date.today() + delta
         self.app['applicants']['app2009'] = applicantscontainer
+        self.applicantscontainer = self.app['applicants']['app2009']
         # Populate university
 …
         # Add an applicant
+        self.applicant = Applicant()
+        self.pin_applicant = unicode(self.pins[1])
+        self.applicant.access_code = self.pin_applicant
+        app['applicants']['app2009'][self.pin_applicant] = self.applicant
+        self.applicant = Applicant(container=applicantscontainer)
+        app['applicants']['app2009'][
+            self.applicant.application_number] = self.applicant
+        IUserAccount(
+            self.app['applicants']['app2009'][
+            self.applicant.application_number]).setPassword('apwd')
+        self.manage_path = 'http://localhost/app/applicants/%s/%s/%s' % (
+            'app2009', self.applicant.application_number, 'manage')
+        self.edit_path = 'http://localhost/app/applicants/%s/%s/%s' % (
+            'app2009', self.applicant.application_number, 'edit')
+        self.view_path = 'http://localhost/app/applicants/%s/%s' % (
+            'app2009', self.applicant.application_number)
+    def login(self):
+        # Perform an applicant login. This creates an applicant record.
+        #
+        # This helper also sets `self.applicant`, which is the
+        # applicant object created.
+        self.browser.open(self.login_path)
+        self.browser.getControl(name="form.login").value = self.applicant.applicant_id
+        self.browser.getControl(name="form.password").value = 'apwd'
+        self.browser.getControl("Login").click()
+    def fill_correct_values(self):
+        # Fill the edit form with suitable values
+        self.browser.getControl(name="form.firstname").value = 'John'
+        self.browser.getControl(name="form.lastname").value = 'Tester'
+        self.browser.getControl(name="form.course1").value = ['CERT1']
+        self.browser.getControl(name="form.date_of_birth").value = '09/09/1988'
+        self.browser.getControl(name="form.lga").value = ['foreigner']
+        self.browser.getControl(name="form.sex").value = ['m']
+        self.browser.getControl(name="form.email").value = 'xx@yy.zz'
     def tearDown(self):
 …
         self.assertEqual(self.browser.headers['Status'], '200 Ok')
         self.assertEqual(self.browser.url, self.add_applicant_path)
+        self.browser.getControl(name="form.ac_series").value = self.existing_series
+        self.browser.getControl(name="form.ac_number").value = self.existing_number
+        self.browser.getControl(name="form.firstname").value = 'Albert'
+        self.browser.getControl(name="form.lastname").value = 'Einstein'
+        self.browser.getControl(name="form.email").value = 'xx@yy.zz'
         self.browser.getControl("Create application record").click()
         self.assertTrue('Application initialized' in self.browser.contents)
-        self.browser.open(self.add_applicant_path)
-        self.browser.getControl(name="form.ac_series").value = '123'
-        self.browser.getControl(name="form.ac_number").value = '456'
-        self.browser.getControl("Create application record").click()
-        self.assertTrue('is not a valid access code' in self.browser.contents)
         self.browser.open(self.container_manage_path)
         self.assertEqual(self.browser.headers['Status'], '200 Ok')
         ctrl = self.browser.getControl(name='val_id')
+        ctrl.getControl(value=self.existing_pin).selected = True
+        value = ctrl.options[0]
+        ctrl.getControl(value=value).selected = True
         self.browser.getControl("Remove selected", index=0).click()
         self.assertTrue('Successfully removed:' in self.browser.contents)
         self.browser.open(self.add_applicant_path)
+        existing_pin = self.pins[2]
+        parts = existing_pin.split('-')[1:]
+        existing_series, existing_number = parts
+        self.browser.getControl(name="form.ac_series").value = existing_series
+        self.browser.getControl(name="form.ac_number").value = existing_number
+        self.browser.getControl(name="form.firstname").value = 'Albert'
+        self.browser.getControl(name="form.lastname").value = 'Einstein'
+        self.browser.getControl(name="form.email").value = 'xx@yy.zz'
         self.browser.getControl("Create application record").click()
         self.assertTrue('Application initialized' in self.browser.contents)
-        self.browser.open(self.container_manage_path)
-        self.assertTrue(existing_pin in self.browser.contents)
-        del self.app['applicants']['app2009'][existing_pin]
-        ctrl = self.browser.getControl(name='val_id')
-        ctrl.getControl(value=existing_pin).selected = True
-        self.browser.getControl("Remove selected", index=0).click()
-        self.assertMatches('...Could not delete...', self.browser.contents)
         return
 …
         # Managers can manage applicants
         self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
+        self.applicant_path = 'http://localhost/app/applicants/app2009/%s' % self.pin_applicant
+        self.applicant_view_path = self.applicant_path + '/index'
+        self.applicant_manage_path = self.applicant_path + '/manage'
+        self.applicant_slip_path = self.applicant_path + '/application_slip.pdf'
+        self.browser.open(self.applicant_manage_path)
+        self.assertEqual(self.browser.headers['Status'], '200 Ok')
+        self.browser.getControl(name="form.email").value = 'abc'
+        self.browser.getControl("Save").click()
+        self.assertMatches('...Invalid email address...', self.browser.contents)
+        self.browser.getControl(name="form.email").value = 'abc@def.gh'
+        self.browser.getControl(name="form.firstname").value = 'John'
+        self.browser.getControl(name="form.lastname").value = 'Tester'
+        self.browser.getControl(name="form.course1").value = ['CERT1']
+        self.browser.getControl(name="form.course_admitted").value = ['CERT1']
+        self.browser.getControl(name="form.date_of_birth").value = '09/09/1988'
+        self.browser.getControl(name="form.lga").value = ['foreigner']
+        self.browser.getControl(name="form.sex").value = ['m']
+        self.slip_path = self.view_path + '/application_slip.pdf'
+        self.browser.open(self.manage_path)
+        self.assertEqual(self.browser.headers['Status'], '200 Ok')
+        self.fill_correct_values()
         self.browser.getControl(name="transition").value = ['start']
         self.browser.getControl("Save").click()
         self.assertMatches('...Form has been saved...', self.browser.contents)
         self.assertMatches('...Application started by zope.mgr...', self.browser.contents)
         self.browser.open(self.applicant_view_path)
         self.assertEqual(self.browser.headers['Status'], '200 Ok')
         self.browser.open(self.applicant_slip_path)
+        self.browser.open(self.view_path)
+        self.assertEqual(self.browser.headers['Status'], '200 Ok')
+        self.browser.open(self.slip_path)
         self.assertEqual(self.browser.headers['Status'], '200 Ok')
         self.assertEqual(self.browser.headers['Content-Type'], 'application/pdf')
         self.browser.open(self.applicant_manage_path)
+        self.browser.open(self.manage_path)
         self.browser.getControl(name="form.course_admitted").value = []
         self.browser.getControl("Save").click()
         self.browser.open(self.applicant_slip_path)
+        self.browser.open(self.slip_path)
         self.assertEqual(self.browser.headers['Status'], '200 Ok')
         self.assertEqual(self.browser.headers['Content-Type'], 'application/pdf')
-        return
-    def test_view_applicant(self):
-        # Applicants can login and view their application
-        self.login_path = 'http://localhost/app/applicants/app2009/login'
-        self.browser.open(self.login_path)
-        pin = self.pins[2]
-        parts = pin.split('-')[1:]
-        existing_series, existing_number = parts
-        ac_series = self.browser.getControl(name="form.ac_series")
-        ac_series.value = existing_series
-        ac_number = self.browser.getControl(name="form.ac_number")
-        ac_number.value = existing_number
-        self.browser.getControl(name="SUBMIT").click()
-        self.assertTrue(self.browser.url != self.login_path)
-        self.assertEqual(self.browser.headers['Status'], '200 Ok')
         return
     def test_passport_edit_view(self):
         # We get a default image after login
+        login_path = 'http://localhost/app/applicants/app2009/login'
+        self.browser.open(login_path)
+        pin = self.pins[2]
+        parts = pin.split('-')[1:]
+        existing_series, existing_number = parts
+        ac_series = self.browser.getControl(name="form.ac_series")
+        ac_series.value = existing_series
+        ac_number = self.browser.getControl(name="form.ac_number")
+        ac_number.value = existing_number
+        self.browser.getControl(name="SUBMIT").click()
+        pin = self.pins[2]
+        #appl = self.getRootFolder()['app']['applicants']['app2009']
+        #appl = appl[pin]
+        #passp = appl.passport
+        #passp_len = len(passp.file.read())
+        #self.assertEqual(passp_len, PH_LEN)
+        #image_url = "%s/%s" % (self.browser.url, 'placeholder.jpg')
+        image_url = "%s/%s" % (self.browser.url, 'passport.jpg')
+        #self.browser.open(image_url)
+        self.browser.open('passport.jpg')
+        self.browser.open(self.login_path)
+        self.login()
+        self.browser.open(self.browser.url + '/passport.jpg')
         self.assertEqual(self.browser.headers['status'], '200 Ok')
         self.assertEqual(self.browser.headers['content-type'], 'image/jpeg')
 …
             self.browser.headers['content-length'], str(PH_LEN))
     def test_edit_applicant(self):
         # Applicants can edit their record
-        self.login_path = 'http://localhost/app/applicants/app2009/login'
         self.browser.open(self.login_path)
+        pin = self.pins[2]
+        parts = pin.split('-')[1:]
+        existing_series, existing_number = parts
+        ac_series = self.browser.getControl(name="form.ac_series")
+        ac_series.value = existing_series
+        ac_number = self.browser.getControl(name="form.ac_number")
+        ac_number.value = existing_number
+        self.browser.getControl(name="SUBMIT").click()
+        self.login()
+        self.browser.open(self.edit_path)
         self.assertTrue(self.browser.url != self.login_path)
         self.assertEqual(self.browser.headers['Status'], '200 Ok')
+        self.browser.getControl(name="form.firstname").value = 'John'
+        self.browser.getControl(name="form.lastname").value = 'Tester'
+        self.browser.getControl(name="form.course1").value = ['CERT1']
+        self.browser.getControl(name="form.date_of_birth").value = '09/09/1988'
+        self.browser.getControl(name="form.lga").value = ['foreigner']
+        self.browser.getControl(name="form.sex").value = ['m']
+        self.fill_correct_values()
         self.browser.getControl("Save").click()
         self.assertMatches('...Form has been saved...', self.browser.contents)
 …
         return
-    # We have no local roles yet
-    #def test_local_roles_add_delete(self):
-    #    # Managers can assign and delete local roles of applicants containers
-    #    myusers = self.app['users']
-    #    myusers.addUser('bob', 'bobssecret')
-    #    self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
-    #    self.browser.open(self.manage_container_path)
-    #    self.browser.getControl(name="user").value = ['bob']
-    #    self.browser.getControl(name="local_role").value = [
-    #        'waeup.local.ApplicationsOfficer']
-    #    self.browser.getControl("Add local role").click()
-    #    self.assertTrue('<td>bob</td>' in self.browser.contents)
-    #    ctrl = self.browser.getControl(name='role_id')
-    #    ctrl.getControl(value='bob|waeup.ApplicationsOfficer').selected = True
-    #    self.browser.getControl("Remove selected local roles").click()
-    #    self.assertTrue('Successfully removed:' in self.browser.contents)
-    #    self.assertFalse('<td>bob</td>' in self.browser.contents)
-    #    return
-class LoginTest(FunctionalTestCase):
-    # Here we check login view of applicants containers.
+    #
-    # Tests in here do only cover login attempts without any PINs
-    # created before.
-    layer = FunctionalLayer
-    def setUp(self):
-        super(LoginTest, self).setUp()
-        # Setup a sample site for each test
-        app = University()
-        self.dc_root = tempfile.mkdtemp()
-        app['datacenter'].setStoragePath(self.dc_root)
-        self.login_path = 'http://localhost/app/applicants/testapplicants/login'
-        # Add an applicants container where we can login (or not)
-        applicantscontainer = ApplicantsContainer()
-        applicantscontainer.ac_prefix = 'APP'
-        delta = timedelta(days=10)
-        applicantscontainer.startdate = date.today() - delta
-        applicantscontainer.enddate = date.today() + delta
-        app['applicants']['testapplicants'] = applicantscontainer
-        # Put the prepopulated site into test ZODB and prepare test
-        # browser
-        self.getRootFolder()['app'] = app
-        self.browser = Browser()
-        self.browser.handleErrors = False
-    def tearDown(self):
-        super(LoginTest, self).tearDown()
-        shutil.rmtree(self.dc_root)
-    def test_anonymous_access(self):
-        # Anonymous users can access a login page
-        self.browser.open(self.login_path)
-        self.assertEqual(self.browser.headers['Status'], '200 Ok')
-        return
-    def test_anonymous_invalid_creds(self):
-        # Anonymous users giving invalid credentials stay at the page
-        self.browser.open(self.login_path)
-        # We do not give credentials but send the form as-is
-        submit = self.browser.getControl(name='SUBMIT')
-        submit.click()
-        # We are still at the same page...
-        self.assertEqual(self.browser.url, self.login_path)
-        self.assertEqual(self.browser.headers['Status'], '200 Ok')
-        return
-    def test_anonymous_invalid_creds_warning(self):
-        # Entering wrong credentials will yield a warning
-        self.browser.open(self.login_path)
-        # We do not give credentials but send the form as-is
-        submit = self.browser.getControl(name='SUBMIT')
-        submit.click()
-        self.assertTrue(
-            'Entered credentials are invalid' in self.browser.contents)
-        return
-    def test_manager_no_warnings(self):
-        # Browsing the login screen as a manager, won't raise warnings
-        # Authenticate ourself as manager
-        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
-        self.browser.open(self.login_path)
-        # Submit the form w/o any credentials
-        self.browser.getControl(name="SUBMIT").click()
-        self.assertTrue(
-            'Entered credentials are invalid' not in self.browser.contents)
-        return
-    def test_manager_no_redirect(self):
-        # Browsing the login screen as a manager won't trigger a redirect
-        # Authenticate ourself as manager
-        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
-        self.browser.open(self.login_path)
-        # Submit the form w/o any credentials
-        self.browser.getControl(name="SUBMIT").click()
-        self.assertEqual(self.browser.url, self.login_path)
-        return
-    def test_display_entered_values(self):
-        # After submit the entered values are displayed in the form
-        self.browser.open(self.login_path)
-        # Enter some value we can look for after submit
-        ac_series = self.browser.getControl(name="form.ac_series")
-        ac_series.value = '666'
-        self.browser.getControl(name="SUBMIT").click()
-        self.assertTrue('666' in self.browser.contents)
-        return
-class LoginTestWithPINs(LoginTest):
-    # Here we check login view of applicants containers with PINs provided.
-    # As setting up pins is time-consuming we only set them up when
-    # really needed (i.e. in this separate TestCase).
-    layer = FunctionalLayer
-    def setUp(self):
-        super(LoginTestWithPINs, self).setUp()
-        # Create 5 access codes with prefix'FOO' and cost 9.99 each
-        pin_container = self.getRootFolder()['app']['accesscodes']
-        pin_container.createBatch(
-            datetime.now(), 'some_userid', 'APP', 9.99, 5)
-        pins = pin_container[pin_container.keys()[0]].values()
-        self.pins = [x.representation for x in pins]
-        self.existing_pin = self.pins[0]
-        parts = self.existing_pin.split('-')[1:]
-        self.existing_series, self.existing_number = parts
-        self.browser.handleErrors = False
-    def tearDown(self):
-        super(LoginTestWithPINs, self).tearDown()
-    def test_anonymous_valid_login(self):
-        # If we enter valid credentials, we get to the applicants form
-        self.browser.open(self.login_path)
-        # Enter some value we can look for after submit
-        ac_series = self.browser.getControl(name="form.ac_series")
-        ac_series.value = self.existing_series
-        ac_number = self.browser.getControl(name="form.ac_number")
-        ac_number.value = self.existing_number
-        self.browser.getControl(name="SUBMIT").click()
-        # We should be redirected to applicants form.
-        self.assertTrue(self.browser.url != self.login_path)
-        # Applicants see their Access Code in the contact form
-        #self.browser.getLink("Contact").click()
-        #self.assertTrue(
-        #    'Access Code:' in self.browser.contents)
-        return
-    def test_anonymous_invalid_login(self):
-        # If we enter wrong credentials we won't get far
-        self.browser.open(self.login_path)
-        # Enter some value we can look for after submit
-        ac_series = self.browser.getControl(name="form.ac_series")
-        ac_series.value = 'illegal series'
-        ac_number = self.browser.getControl(name="form.ac_number")
-        ac_number.value = 'invalid number'
-        self.browser.getControl(name="SUBMIT").click()
-        # We get a warning message
-        self.assertTrue(
-            'Entered credentials are invalid' in self.browser.contents)
-        # We stay at the login page (no redirect)
-        self.assertTrue(self.browser.url == self.login_path)
-        return
 class ApplicantsPassportTests(ApplicantsFullSetup):
     # Tests for uploading/browsing the passport image of appplicants
     layer = FunctionalLayer
-    def setUp(self):
-        super(ApplicantsPassportTests, self).setUp()
-        self.login_path = 'http://localhost/app/applicants/app2009/login'
-        self.pin = self.pins[2]
-        self.existing_series, self.existing_number = self.pin.split('-')[1:]
-        self.edit_path = 'http://localhost/app/applicants/app2009/%s/edit' % (
-            self.pin)
-        self.manage_path = 'http://localhost/app/applicants/%s/%s/%s' % (
-            'app2009', self.pin, 'manage')
-    def tearDown(self):
-        super(ApplicantsPassportTests, self).tearDown()
-    def login(self):
-        # Perform an applicant login. This creates an applicant record.
+        #
-        # This helper also sets `self.applicant`, which is the
-        # applicant object created.
-        self.browser.open(self.login_path)
-        ac_series = self.browser.getControl(name="form.ac_series")
-        ac_series.value = self.existing_series
-        ac_number = self.browser.getControl(name="form.ac_number")
-        ac_number.value = self.existing_number
-        self.browser.getControl(name="SUBMIT").click()
-        self.applicant = self.app['applicants']['app2009'][self.pin]
-    def fill_correct_values(self):
-        # Fill the edit form with suitable values
-        self.browser.getControl(name="form.firstname").value = 'John'
-        self.browser.getControl(name="form.lastname").value = 'Tester'
-        self.browser.getControl(name="form.course1").value = ['CERT1']
-        self.browser.getControl(name="form.date_of_birth").value = '09/09/1988'
-        self.browser.getControl(name="form.lga").value = ['foreigner']
-        self.browser.getControl(name="form.sex").value = ['m']
     def image_url(self, filename):
 …
         #import pdb; pdb.set_trace()
         self.login()
+        self.assertEqual(self.browser.url, self.edit_path)
+        self.assertEqual(self.browser.url, self.view_path)
+        self.browser.open(self.edit_path)
+        # There is a correct <img> link included
+        self.assertTrue(
+              '<img src="passport.jpg" />' in self.browser.contents)
+        # Browsing the link shows a real image
+        self.browser.open(self.image_url('passport.jpg'))
+        self.assertEqual(
+            self.browser.headers['content-type'], 'image/jpeg')
+        self.assertEqual(len(self.browser.contents), PH_LEN)
+    def test_after_submit_default_browsable(self):
+        # After submitting an applicant form the default image is
+        # still visible
+        self.login()
+        self.browser.open(self.edit_path)
+        self.browser.getControl("Save").click() # submit form
         # There is a correct <img> link included
         self.assertTrue(
 …
         self.assertEqual(len(self.browser.contents), PH_LEN)
-    def test_after_submit_default_browsable(self):
-        # After submitting an applicant form the default image is
-        # still visible
-        self.login()
-        self.browser.getControl("Save").click() # submit form
-        # There is a correct <img> link included
-        self.assertTrue(
-            '<img src="passport.jpg" />' in self.browser.contents)
-        # Browsing the link shows a real image
-        self.browser.open(self.image_url('passport.jpg'))
-        self.assertEqual(
-            self.browser.headers['content-type'], 'image/jpeg')
-        self.assertEqual(len(self.browser.contents), PH_LEN)
     def test_uploaded_image_respects_file_size_restriction(self):
         # When we upload an image that is too big ( > 10 KB) we will
         # get an error message
         self.login()
+        self.browser.open(self.edit_path)
         # Create a pseudo image file and select it to be uploaded in form
         photo_content = 'A' * 1024 * 21  # A string of 21 KB size
 …
         # even if there are still errors in the form
         self.login()
+        self.browser.open(self.edit_path)
         # Create a pseudo image file and select it to be uploaded in form
         photo_content = 'I pretend to be a graphics file'
 …
         # stored in an imagestorage
         self.login()
+        self.browser.open(self.edit_path)
         # Create a pseudo image file and select it to be uploaded in form
         pseudo_image = StringIO('I pretend to be a graphics file')
 …
         # if there are no errors in form
         self.login()
+        self.browser.open(self.edit_path)
         self.fill_correct_values() # fill other fields with correct values
         # Create a pseudo image file and select it to be uploaded in form
 …
         # stored in an imagestorage if form contains no errors
         self.login()
+        self.browser.open(self.edit_path)
         self.fill_correct_values() # fill other fields with correct values
         # Create a pseudo image file and select it to be uploaded in form
 …
         # Make sure uploaded images do really differ if we eject a
         # change notfication (and do not if we don't)
+        self.login() # Create applicant form
+        self.login()
+        self.browser.open(self.edit_path)
         self.fill_correct_values() # fill other fields with correct values
         self.browser.getControl("Save").click() # submit form
 …
         # Make sure that a correctly filled form with passport picture
         # can be submitted
+        self.login() # Create applicant form
+        self.login()
+        self.browser.getLink("Edit application record").click()
         self.fill_correct_values() # fill other fields with correct values
         # Create a pseudo image file and select it to be uploaded in form
 …
         # Now do the whole thing again but with correct state
         self.login()
+        self.browser.open(self.edit_path)
         self.fill_correct_values()
         pseudo_image = StringIO('I pretend to be a graphics file')
 …
     def test_locking(self):
         # Make sure that locked forms can't be submitted
+        self.login() # Create applicant form
+        self.login()
+        self.browser.open(self.edit_path)
         self.fill_correct_values() # fill other fields with correct values
         # Create a pseudo image file and select it to be uploaded in form
 …
         file_ctrl.add_file(pseudo_image, filename='myphoto.jpg')
         self.browser.getControl("Save").click()
+        self.browser.getLink("Logout").click()
+        # Login as manager and lock the form
+        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
+        self.browser.open(self.manage_path)
+        self.browser.getControl(name="form.locked").value = True
+        self.browser.getControl("Save").click()
+        self.browser.getLink("Logout").click()
+        # Login as applicant again and try to open the edit form
+        self.login()
+        # Now we lock the form
+        self.applicant.locked = True
         self.browser.open(self.edit_path)
         self.assertEqual(self.browser.headers['Status'], '200 Ok')

main/waeup.sirp/trunk/src/waeup/sirp/applicants/tests/test_catalog.py

-                      r7193
+                      r7240
         # Create an applicant in an applicants container
         self.container = ApplicantsContainer()
+        self.container.code = u"mystuff"
         setSite(self.app)
         self.app['applicants']['mystuff'] = self.container
+        self.applicant = Applicant()
+        self.ac = u'FOO-666-123456789'
+        self.applicant.access_code = self.ac
+        self.app['applicants']['mystuff'][self.ac] = self.applicant
+        self.applicant = Applicant(container=self.container)
+        self.app['applicants']['mystuff'][
+            self.applicant.application_number] = self.applicant
         return
 …
         self.create_applicant()
         q = getUtility(IQuery)
+        subquery = Eq(('applicants_catalog', 'access_code'), self.ac)
+        subquery = Eq(('applicants_catalog', 'applicant_id'),
+            self.applicant.applicant_id)
         results = list(q.searchResults(subquery))
         self.assertEqual(len(results), 1)
         result_applicant = results[0]
         self.assertTrue(isinstance(result_applicant, Applicant))
         self.assertEqual(result_applicant.access_code, self.ac)
+        self.assertEqual(result_applicant.applicant_id, self.applicant.applicant_id)

Note: See TracChangeset for help on using the changeset viewer.