forked from CGM_Public/pretix_original
* New models * CRUD UI * UI for adding/removing team members * Log display for teams * Fix invitations, move frontend * Drop old models (incomplete) * Drop more old stuff * Drop even more old stuff * Fix tests * Fix permission test * flake8 fix * Add tests fore the new code * Rebase migrations
This commit is contained in:
Raphael Michel
@@ -6,9 +6,7 @@ from i18nfield.strings import LazyI18nString
|
||||
from pytz import timezone
|
||||
from tests.base import SoupTest, extract_form_fields
|
||||
|
||||
from pretix.base.models import (
|
||||
Event, EventPermission, Organizer, OrganizerPermission, User,
|
||||
)
|
||||
from pretix.base.models import Event, Organizer, Team, User
|
||||
from pretix.testutils.mock import mocker_context
|
||||
|
||||
|
||||
@@ -31,9 +29,12 @@ class EventsTest(SoupTest):
|
||||
organizer=self.orga2, name='MRMCD14', slug='mrmcd14',
|
||||
date_from=datetime.datetime(2014, 9, 5, tzinfo=datetime.timezone.utc),
|
||||
)
|
||||
OrganizerPermission.objects.create(organizer=self.orga1, user=self.user)
|
||||
EventPermission.objects.create(event=self.event1, user=self.user, can_change_items=True,
|
||||
can_change_settings=True)
|
||||
|
||||
t = Team.objects.create(organizer=self.orga1, can_create_events=True, can_change_event_settings=True,
|
||||
can_change_items=True)
|
||||
t.members.add(self.user)
|
||||
t.limit_events.add(self.event1)
|
||||
|
||||
self.client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
def test_event_list(self):
|
||||
@@ -318,7 +319,7 @@ class EventsTest(SoupTest):
|
||||
assert ev.settings.timezone == 'Europe/Berlin'
|
||||
assert ev.organizer == self.orga1
|
||||
assert ev.location == LazyI18nString({'de': 'Hamburg', 'en': 'Hamburg'})
|
||||
assert EventPermission.objects.filter(event=ev, user=self.user).exists()
|
||||
assert Team.objects.filter(limit_events=ev, members=self.user).exists()
|
||||
|
||||
berlin_tz = timezone('Europe/Berlin')
|
||||
assert ev.date_from == berlin_tz.localize(datetime.datetime(2016, 12, 27, 10, 0, 0)).astimezone(pytz.utc)
|
||||
@@ -359,7 +360,7 @@ class EventsTest(SoupTest):
|
||||
assert ev.settings.timezone == 'UTC'
|
||||
assert ev.organizer == self.orga1
|
||||
assert ev.location == LazyI18nString({'en': 'Hamburg'})
|
||||
assert EventPermission.objects.filter(event=ev, user=self.user).exists()
|
||||
assert Team.objects.filter(limit_events=ev, members=self.user).exists()
|
||||
assert ev.date_from == datetime.datetime(2016, 12, 27, 10, 0, 0, tzinfo=pytz.utc)
|
||||
assert ev.date_to is None
|
||||
assert ev.presale_start is None
|
||||
|
||||
@@ -5,8 +5,8 @@ from django.utils.timezone import now
|
||||
from tests.base import SoupTest, extract_form_fields
|
||||
|
||||
from pretix.base.models import (
|
||||
Event, EventPermission, Item, ItemCategory, ItemVariation, Order,
|
||||
OrderPosition, Organizer, OrganizerPermission, Question, Quota, User,
|
||||
Event, Item, ItemCategory, ItemVariation, Order, OrderPosition, Organizer,
|
||||
Question, Quota, Team, User,
|
||||
)
|
||||
|
||||
|
||||
@@ -20,9 +20,9 @@ class ItemFormTest(SoupTest):
|
||||
organizer=self.orga1, name='30C3', slug='30c3',
|
||||
date_from=datetime.datetime(2013, 12, 26, tzinfo=datetime.timezone.utc),
|
||||
)
|
||||
OrganizerPermission.objects.create(organizer=self.orga1, user=self.user)
|
||||
EventPermission.objects.create(event=self.event1, user=self.user, can_change_items=True,
|
||||
can_change_settings=True)
|
||||
t = Team.objects.create(organizer=self.orga1, can_change_event_settings=True, can_change_items=True)
|
||||
t.members.add(self.user)
|
||||
t.limit_events.add(self.event1)
|
||||
self.client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
|
||||
|
||||
@@ -7,8 +7,8 @@ from django.utils.timezone import now
|
||||
from tests.base import SoupTest
|
||||
|
||||
from pretix.base.models import (
|
||||
Event, EventPermission, InvoiceAddress, Item, Order, OrderPosition,
|
||||
Organizer, Quota, User,
|
||||
Event, InvoiceAddress, Item, Order, OrderPosition, Organizer, Quota, Team,
|
||||
User,
|
||||
)
|
||||
from pretix.base.services.invoices import (
|
||||
generate_cancellation, generate_invoice,
|
||||
@@ -24,12 +24,9 @@ def env():
|
||||
)
|
||||
event.settings.set('ticketoutput_testdummy__enabled', True)
|
||||
user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
|
||||
EventPermission.objects.create(
|
||||
event=event,
|
||||
user=user,
|
||||
can_view_orders=True,
|
||||
can_change_orders=True
|
||||
)
|
||||
t = Team.objects.create(organizer=o, can_view_orders=True, can_change_orders=True)
|
||||
t.members.add(user)
|
||||
t.limit_events.add(event)
|
||||
o = Order.objects.create(
|
||||
code='FOO', event=event, email='dummy@dummy.test',
|
||||
status=Order.STATUS_PENDING,
|
||||
@@ -477,12 +474,9 @@ class OrderChangeTests(SoupTest):
|
||||
price=Decimal("23.00"), attendee_name="Dieter"
|
||||
)
|
||||
user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
|
||||
EventPermission.objects.create(
|
||||
event=self.event,
|
||||
user=user,
|
||||
can_view_orders=True,
|
||||
can_change_orders=True
|
||||
)
|
||||
t = Team.objects.create(organizer=o, can_view_orders=True, can_change_orders=True)
|
||||
t.members.add(user)
|
||||
t.limit_events.add(self.event)
|
||||
self.client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
def test_change_item_success(self):
|
||||
|
||||
@@ -3,7 +3,7 @@ from datetime import timedelta
|
||||
import pytest
|
||||
from django.utils.timezone import now
|
||||
|
||||
from pretix.base.models import Event, EventPermission, Order, Organizer, User
|
||||
from pretix.base.models import Event, Order, Organizer, Team, User
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
@@ -20,9 +20,15 @@ def env():
|
||||
datetime=now(), expires=now() + timedelta(days=10),
|
||||
total=0, payment_provider='banktransfer'
|
||||
)
|
||||
Team.objects.create(pk=1, organizer=o)
|
||||
return event, user, o
|
||||
|
||||
|
||||
superuser_urls = [
|
||||
"global/settings/",
|
||||
"global/update/",
|
||||
]
|
||||
|
||||
event_urls = [
|
||||
"",
|
||||
"settings/",
|
||||
@@ -31,6 +37,9 @@ event_urls = [
|
||||
"settings/tickets",
|
||||
"settings/permissions",
|
||||
"settings/email",
|
||||
"settings/invoice",
|
||||
"settings/invoice/preview",
|
||||
"settings/display",
|
||||
"items/",
|
||||
"items/add",
|
||||
"items/1/",
|
||||
@@ -65,6 +74,8 @@ event_urls = [
|
||||
"orders/ABC/extend",
|
||||
"orders/ABC/change",
|
||||
"orders/ABC/contact",
|
||||
"orders/ABC/comment",
|
||||
"orders/ABC/locale",
|
||||
"orders/ABC/",
|
||||
"orders/",
|
||||
"waitinglist/",
|
||||
@@ -75,6 +86,11 @@ event_urls = [
|
||||
organizer_urls = [
|
||||
'organizer/abc/edit',
|
||||
'organizer/abc/',
|
||||
'organizer/abc/teams',
|
||||
'organizer/abc/team/1/',
|
||||
'organizer/abc/team/1/edit',
|
||||
'organizer/abc/team/1/delete',
|
||||
'organizer/abc/team/add',
|
||||
]
|
||||
|
||||
|
||||
@@ -101,9 +117,29 @@ def test_logged_out(client, env, url):
|
||||
assert "/control/login" in response['Location']
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("url", superuser_urls)
|
||||
def test_superuser_required(perf_patch, client, env, url):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/' + url)
|
||||
assert response.status_code == 403
|
||||
env[1].is_superuser = True
|
||||
env[1].save()
|
||||
response = client.get('/control/' + url)
|
||||
assert response.status_code == 200
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("url", event_urls)
|
||||
def test_wrong_event(perf_patch, client, env, url):
|
||||
event2 = Event.objects.create(
|
||||
organizer=env[2], name='Dummy', slug='dummy2',
|
||||
date_from=now(), plugins='pretix.plugins.banktransfer'
|
||||
)
|
||||
t = Team.objects.create(organizer=env[2], can_change_event_settings=True)
|
||||
t.members.add(env[1])
|
||||
t.limit_events.add(event2)
|
||||
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/event/dummy/dummy/' + url)
|
||||
# These permission violations do not yield a 403 error, but
|
||||
@@ -112,12 +148,15 @@ def test_wrong_event(perf_patch, client, env, url):
|
||||
|
||||
|
||||
event_permission_urls = [
|
||||
("can_change_settings", "settings/", 200),
|
||||
("can_change_settings", "settings/plugins", 200),
|
||||
("can_change_settings", "settings/payment", 200),
|
||||
("can_change_settings", "settings/tickets", 200),
|
||||
("can_change_settings", "settings/email", 200),
|
||||
("can_change_permissions", "settings/permissions", 200),
|
||||
("can_change_event_settings", "live/", 200),
|
||||
("can_change_event_settings", "settings/", 200),
|
||||
("can_change_event_settings", "settings/plugins", 200),
|
||||
("can_change_event_settings", "settings/payment", 200),
|
||||
("can_change_event_settings", "settings/tickets", 200),
|
||||
("can_change_event_settings", "settings/email", 200),
|
||||
("can_change_event_settings", "settings/display", 200),
|
||||
("can_change_event_settings", "settings/invoice", 200),
|
||||
("can_change_event_settings", "settings/invoice/preview", 200),
|
||||
# Lists are currently not access-controlled
|
||||
# ("can_change_items", "items/", 200),
|
||||
("can_change_items", "items/add", 200),
|
||||
@@ -142,6 +181,7 @@ event_permission_urls = [
|
||||
("can_change_items", "quotas/2/delete", 404),
|
||||
("can_change_items", "quotas/add", 200),
|
||||
("can_view_orders", "orders/overview/", 200),
|
||||
("can_view_orders", "orders/export/", 200),
|
||||
("can_view_orders", "orders/", 200),
|
||||
("can_view_orders", "orders/FOO/", 200),
|
||||
("can_change_orders", "orders/FOO/extend", 200),
|
||||
@@ -150,7 +190,10 @@ event_permission_urls = [
|
||||
("can_change_orders", "orders/FOO/resend", 405),
|
||||
("can_change_orders", "orders/FOO/invoice", 405),
|
||||
("can_change_orders", "orders/FOO/change", 200),
|
||||
("can_change_orders", "orders/FOO/comment", 405),
|
||||
("can_change_orders", "orders/FOO/locale", 200),
|
||||
("can_change_vouchers", "vouchers/add", 200),
|
||||
("can_change_orders", "requiredactions/", 200),
|
||||
("can_change_vouchers", "vouchers/bulk_add", 200),
|
||||
("can_view_vouchers", "vouchers/", 200),
|
||||
("can_view_vouchers", "vouchers/tags/", 200),
|
||||
@@ -164,40 +207,71 @@ event_permission_urls = [
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("perm,url,code", event_permission_urls)
|
||||
def test_wrong_event_permission(perf_patch, client, env, perm, url, code):
|
||||
ep = EventPermission(
|
||||
event=env[0], user=env[1],
|
||||
t = Team(
|
||||
organizer=env[2], all_events=True
|
||||
)
|
||||
setattr(ep, perm, False)
|
||||
ep.save()
|
||||
setattr(t, perm, False)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/event/dummy/dummy/' + url)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_current_permission(client, env):
|
||||
ep = EventPermission(
|
||||
event=env[0], user=env[1],
|
||||
@pytest.mark.parametrize("perm,url,code", event_permission_urls)
|
||||
def test_limited_event_permission_for_other_event(perf_patch, client, env, perm, url, code):
|
||||
event2 = Event.objects.create(
|
||||
organizer=env[2], name='Dummy', slug='dummy2',
|
||||
date_from=now(), plugins='pretix.plugins.banktransfer'
|
||||
)
|
||||
setattr(ep, 'can_change_settings', True)
|
||||
ep.save()
|
||||
t = Team.objects.create(organizer=env[2], can_change_event_settings=True)
|
||||
t.members.add(env[1])
|
||||
t.limit_events.add(event2)
|
||||
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/event/dummy/dummy/' + url)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_current_permission(client, env):
|
||||
t = Team(
|
||||
organizer=env[2], all_events=True
|
||||
)
|
||||
setattr(t, 'can_change_event_settings', True)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/event/dummy/dummy/settings/')
|
||||
assert response.status_code == 200
|
||||
setattr(ep, 'can_change_settings', False)
|
||||
ep.save()
|
||||
setattr(t, 'can_change_event_settings', False)
|
||||
t.save()
|
||||
response = client.get('/control/event/dummy/dummy/settings/')
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("perm,url,code", event_permission_urls)
|
||||
def test_correct_event_permission(perf_patch, client, env, perm, url, code):
|
||||
ep = EventPermission(
|
||||
event=env[0], user=env[1],
|
||||
)
|
||||
setattr(ep, perm, True)
|
||||
ep.save()
|
||||
def test_correct_event_permission_all_events(perf_patch, client, env, perm, url, code):
|
||||
t = Team(organizer=env[2], all_events=True)
|
||||
setattr(t, perm, True)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/event/dummy/dummy/' + url)
|
||||
assert response.status_code == code
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("perm,url,code", event_permission_urls)
|
||||
def test_correct_event_permission_limited(perf_patch, client, env, perm, url, code):
|
||||
t = Team(organizer=env[2])
|
||||
setattr(t, perm, True)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
t.limit_events.add(env[0])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/event/dummy/dummy/' + url)
|
||||
assert response.status_code == code
|
||||
@@ -213,21 +287,23 @@ def test_wrong_organizer(perf_patch, client, env, url):
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
""" Disabled as tehre are currtnly no fitting URLs
|
||||
organizer_permission_urls = [
|
||||
("can_create_events", "organizer/dummy/edit", 200),
|
||||
("can_change_teams", "organizer/dummy/teams", 200),
|
||||
("can_change_teams", "organizer/dummy/team/add", 200),
|
||||
("can_change_teams", "organizer/dummy/team/1/", 200),
|
||||
("can_change_teams", "organizer/dummy/team/1/edit", 200),
|
||||
("can_change_teams", "organizer/dummy/team/1/delete", 200),
|
||||
("can_change_organizer_settings", "organizer/dummy/edit", 200),
|
||||
]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("perm,url,code", organizer_permission_urls)
|
||||
def test_wrong_organizer_permission(perf_patch, client, env, perm, url, code):
|
||||
if perm:
|
||||
op = OrganizerPermission(
|
||||
organizer=env[2], user=env[1],
|
||||
)
|
||||
setattr(op, perm, False)
|
||||
op.save()
|
||||
t = Team(organizer=env[2])
|
||||
setattr(t, perm, False)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/' + url)
|
||||
assert response.status_code == 403
|
||||
@@ -236,13 +312,10 @@ def test_wrong_organizer_permission(perf_patch, client, env, perm, url, code):
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("perm,url,code", organizer_permission_urls)
|
||||
def test_correct_organizer_permission(perf_patch, client, env, perm, url, code):
|
||||
op = OrganizerPermission(
|
||||
organizer=env[2], user=env[1],
|
||||
)
|
||||
if perm:
|
||||
setattr(op, perm, True)
|
||||
op.save()
|
||||
t = Team(organizer=env[2])
|
||||
setattr(t, perm, True)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/' + url)
|
||||
assert response.status_code == code
|
||||
"""
|
||||
|
||||
@@ -4,9 +4,7 @@ import re
|
||||
|
||||
from tests.base import SoupTest
|
||||
|
||||
from pretix.base.models import (
|
||||
Event, EventPermission, Organizer, OrganizerPermission, User,
|
||||
)
|
||||
from pretix.base.models import Event, Organizer, Team, User
|
||||
|
||||
|
||||
class MailSettingPreviewTest(SoupTest):
|
||||
@@ -25,11 +23,10 @@ class MailSettingPreviewTest(SoupTest):
|
||||
)
|
||||
self.locale_event.settings.locales = ['en', 'de-informal']
|
||||
self.locale_event.save()
|
||||
OrganizerPermission.objects.create(organizer=self.orga1, user=self.user)
|
||||
EventPermission.objects.create(event=self.event1, user=self.user, can_change_items=True,
|
||||
can_change_settings=True)
|
||||
EventPermission.objects.create(event=self.locale_event, user=self.user, can_change_items=True,
|
||||
can_change_settings=True)
|
||||
t = Team.objects.create(organizer=self.orga1, can_change_items=True, can_change_event_settings=True)
|
||||
t.members.add(self.user)
|
||||
t.limit_events.add(self.locale_event)
|
||||
t.limit_events.add(self.event1)
|
||||
self.client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
self.target = '/control/event/{}/{}/settings/email/preview'
|
||||
|
||||
245
src/tests/control/test_teams.py
Normal file
245
src/tests/control/test_teams.py
Normal file
@@ -0,0 +1,245 @@
|
||||
import pytest
|
||||
from django.core import mail as djmail
|
||||
from django.utils.timezone import now
|
||||
|
||||
from pretix.base.models import Event, Organizer, Team, User
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def organizer():
|
||||
return Organizer.objects.create(name='Dummy', slug='dummy')
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def event(organizer):
|
||||
event = Event.objects.create(
|
||||
organizer=organizer, name='Dummy', slug='dummy',
|
||||
date_from=now()
|
||||
)
|
||||
return event
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def admin_team(organizer):
|
||||
return Team.objects.create(organizer=organizer, can_change_teams=True, name='Admin team')
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def admin_user(admin_team):
|
||||
u = User.objects.create_user('dummy@dummy.dummy', 'dummy')
|
||||
admin_team.members.add(u)
|
||||
return u
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_list_of_teams(event, admin_user, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
resp = client.get('/control/organizer/dummy/teams')
|
||||
assert 'Admin team' in resp.rendered_content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_team_detail_view(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
resp = client.get('/control/organizer/dummy/team/{}/'.format(admin_team.pk))
|
||||
assert 'Admin team' in resp.rendered_content
|
||||
assert admin_user.email in resp.rendered_content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_team_add_user(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
u = User.objects.create_user('dummy2@dummy.dummy', 'dummy')
|
||||
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'user': u.email
|
||||
}, follow=True)
|
||||
assert 'Admin team' in resp.rendered_content
|
||||
assert admin_user.email in resp.rendered_content
|
||||
assert u.email in resp.rendered_content
|
||||
assert u in admin_team.members.all()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_team_create_invite(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
djmail.outbox = []
|
||||
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'user': 'foo@example.org'
|
||||
}, follow=True)
|
||||
assert 'Admin team' in resp.rendered_content
|
||||
assert admin_user.email in resp.rendered_content
|
||||
assert 'foo@example.org' in resp.rendered_content
|
||||
assert admin_team.invites.first().email == 'foo@example.org'
|
||||
assert len(djmail.outbox) == 1
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_team_revoke_invite(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
inv = admin_team.invites.create(email='foo@example.org')
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'remove-invite': str(inv.pk)
|
||||
}, follow=True)
|
||||
assert 'Admin team' in resp.rendered_content
|
||||
assert admin_user.email in resp.rendered_content
|
||||
assert not admin_team.invites.exists()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_team_remove_user(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
u = User.objects.create_user('dummy2@dummy.dummy', 'dummy')
|
||||
admin_team.members.add(u)
|
||||
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'remove-member': u.pk
|
||||
}, follow=True)
|
||||
assert 'Admin team' in resp.rendered_content
|
||||
assert admin_user.email in resp.rendered_content
|
||||
assert u not in admin_team.members.all()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_team_remove_last_admin(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'remove-member': admin_user.pk
|
||||
}, follow=True)
|
||||
assert 'alert-danger' in resp.rendered_content
|
||||
assert admin_user in admin_team.members.all()
|
||||
|
||||
t2 = Team.objects.create(organizer=event.organizer, name='Admin team 2')
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'remove-member': admin_user.pk
|
||||
}, follow=True)
|
||||
assert 'alert-danger' in resp.rendered_content
|
||||
assert admin_user in admin_team.members.all()
|
||||
|
||||
t2.members.add(admin_user)
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'remove-member': admin_user.pk
|
||||
}, follow=True)
|
||||
assert 'alert-danger' in resp.rendered_content
|
||||
assert admin_user in admin_team.members.all()
|
||||
|
||||
t2.can_change_teams = True
|
||||
t2.save()
|
||||
resp = client.post('/control/organizer/dummy/team/{}/'.format(admin_team.pk), {
|
||||
'remove-member': admin_user.pk
|
||||
}, follow=True)
|
||||
assert 'alert-danger' not in resp.rendered_content
|
||||
assert admin_user not in admin_team.members.all()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_create_team(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
client.post('/control/organizer/dummy/team/add', {
|
||||
'name': 'Foo',
|
||||
'can_create_events': 'on',
|
||||
'limit_events': str(event.pk),
|
||||
'can_change_event_settings': 'on'
|
||||
}, follow=True)
|
||||
t = Team.objects.last()
|
||||
assert t.can_change_event_settings
|
||||
assert t.can_create_events
|
||||
assert not t.can_change_organizer_settings
|
||||
assert list(t.limit_events.all()) == [event]
|
||||
assert list(t.members.all()) == [admin_user]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_update_team(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
client.post('/control/organizer/dummy/team/{}/edit'.format(admin_team.pk), {
|
||||
'name': 'Admin',
|
||||
'can_change_teams': 'on',
|
||||
'limit_events': str(event.pk),
|
||||
'can_change_event_settings': 'on'
|
||||
}, follow=True)
|
||||
admin_team.refresh_from_db()
|
||||
assert admin_team.can_change_event_settings
|
||||
assert not admin_team.can_change_organizer_settings
|
||||
assert list(admin_team.limit_events.all()) == [event]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_update_last_team_to_be_no_admin(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
resp = client.post('/control/organizer/dummy/team/{}/edit'.format(admin_team.pk), {
|
||||
'name': 'Admin',
|
||||
'can_change_event_settings': 'on'
|
||||
}, follow=True)
|
||||
assert 'alert-danger' in resp.rendered_content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_remove_team(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
t2 = Team.objects.create(organizer=event.organizer, name='Admin team 2')
|
||||
resp = client.post('/control/organizer/dummy/team/{}/delete'.format(t2.pk), {}, follow=True)
|
||||
assert Team.objects.count() == 1
|
||||
assert 'alert-success' in resp.rendered_content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_remove_last_admin_team(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
resp = client.post('/control/organizer/dummy/team/{}/delete'.format(admin_team.pk), {}, follow=True)
|
||||
assert Team.objects.count() == 1
|
||||
assert 'alert-danger' in resp.rendered_content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_invite_invalid_token(event, admin_team, client):
|
||||
i = admin_team.invites.create(email='foo@bar.com')
|
||||
resp = client.get('/control/invite/foo{}bar'.format(i.token), follow=True)
|
||||
assert b'alert-danger' in resp.content
|
||||
assert b'invalid link' in resp.content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_invite_existing_team_member(event, admin_team, client):
|
||||
u = User.objects.create_user('dummy2@dummy.dummy', 'dummy')
|
||||
admin_team.members.add(u)
|
||||
client.login(email='dummy2@dummy.dummy', password='dummy')
|
||||
i = admin_team.invites.create(email='foo@bar.com')
|
||||
resp = client.get('/control/invite/{}'.format(i.token), follow=True)
|
||||
print(resp.content)
|
||||
assert b'alert-danger' in resp.content
|
||||
assert b'already are part of' in resp.content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_invite_authenticated(event, admin_team, client):
|
||||
u = User.objects.create_user('dummy2@dummy.dummy', 'dummy')
|
||||
client.login(email='dummy2@dummy.dummy', password='dummy')
|
||||
i = admin_team.invites.create(email='foo@bar.com')
|
||||
resp = client.get('/control/invite/{}'.format(i.token), follow=True)
|
||||
assert b'alert-success' in resp.content
|
||||
assert u in admin_team.members.all()
|
||||
assert not admin_team.invites.exists()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_invite_new_user(event, admin_team, client):
|
||||
i = admin_team.invites.create(email='foo@bar.com')
|
||||
resp = client.get('/control/invite/{}'.format(i.token), follow=True)
|
||||
assert b'<form' in resp.content
|
||||
resp = client.post('/control/invite/{}'.format(i.token), {
|
||||
'email': 'dummy@example.org',
|
||||
'password': 'asdsdgfgjh',
|
||||
'password_repeat': 'asdsdgfgjh'
|
||||
}, follow=True)
|
||||
|
||||
assert b'alert-success' in resp.content
|
||||
assert admin_team.members.filter(email='dummy@example.org').exists()
|
||||
assert not admin_team.invites.exists()
|
||||
@@ -4,8 +4,8 @@ import pytest
|
||||
from django.utils.timezone import now
|
||||
|
||||
from pretix.base.models import (
|
||||
Event, EventPermission, Item, ItemCategory, Order, OrderPosition,
|
||||
Organizer, OrganizerPermission, Question, Quota, User, Voucher,
|
||||
Event, Item, ItemCategory, Order, OrderPosition, Organizer, Question,
|
||||
Quota, Team, User, Voucher,
|
||||
)
|
||||
|
||||
|
||||
@@ -57,9 +57,13 @@ def voucher(quota):
|
||||
@pytest.fixture
|
||||
def logged_in_client(client, event):
|
||||
user = User.objects.create_superuser('dummy@dummy.dummy', 'dummy')
|
||||
OrganizerPermission.objects.create(organizer=event.organizer, user=user, can_create_events=True)
|
||||
EventPermission.objects.create(event=event, user=user, can_change_items=True,
|
||||
can_change_settings=True, can_change_orders=True, can_view_orders=True)
|
||||
t = Team.objects.create(
|
||||
organizer=event.organizer,
|
||||
all_events=True, can_create_events=True, can_change_teams=True,
|
||||
can_change_organizer_settings=True, can_change_event_settings=True, can_change_items=True,
|
||||
can_view_orders=True, can_change_orders=True, can_view_vouchers=True, can_change_vouchers=True
|
||||
)
|
||||
t.members.add(user)
|
||||
client.force_login(user)
|
||||
return client
|
||||
|
||||
@@ -69,6 +73,9 @@ def logged_in_client(client, event):
|
||||
('/control/settings/2fa/', 302),
|
||||
('/control/settings/history/', 200),
|
||||
|
||||
('/control/global/settings/', 200),
|
||||
('/control/global/update/', 200),
|
||||
|
||||
('/control/organizers/', 200),
|
||||
('/control/organizers/add', 200),
|
||||
('/control/organizer/{orga}/edit', 200),
|
||||
@@ -118,6 +125,7 @@ def logged_in_client(client, event):
|
||||
('/control/event/{orga}/{event}/orders/{order_code}/contact', 200),
|
||||
('/control/event/{orga}/{event}/orders/{order_code}/comment', 405),
|
||||
('/control/event/{orga}/{event}/orders/{order_code}/change', 200),
|
||||
('/control/event/{orga}/{event}/orders/{order_code}/locale', 200),
|
||||
('/control/event/{orga}/{event}/orders/{order_code}/', 200),
|
||||
('/control/event/{orga}/{event}/orders/overview/', 200),
|
||||
('/control/event/{orga}/{event}/orders/export/', 200),
|
||||
|
||||
@@ -5,8 +5,7 @@ from django.utils.timezone import now
|
||||
from tests.base import SoupTest, extract_form_fields
|
||||
|
||||
from pretix.base.models import (
|
||||
Event, EventPermission, Item, ItemVariation, Organizer,
|
||||
OrganizerPermission, Quota, User, Voucher,
|
||||
Event, Item, ItemVariation, Organizer, Quota, Team, User, Voucher,
|
||||
)
|
||||
|
||||
|
||||
@@ -19,9 +18,9 @@ class VoucherFormTest(SoupTest):
|
||||
organizer=self.orga, name='30C3', slug='30c3',
|
||||
date_from=datetime.datetime(2013, 12, 26, tzinfo=datetime.timezone.utc),
|
||||
)
|
||||
OrganizerPermission.objects.create(organizer=self.orga, user=self.user)
|
||||
EventPermission.objects.create(event=self.event, user=self.user, can_change_vouchers=True,
|
||||
can_change_settings=True)
|
||||
t = Team.objects.create(organizer=self.orga, can_view_vouchers=True, can_change_vouchers=True)
|
||||
t.members.add(self.user)
|
||||
t.limit_events.add(self.event)
|
||||
self.client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
self.quota_shirts = Quota.objects.create(event=self.event, name='Shirts', size=2)
|
||||
|
||||
@@ -2,8 +2,7 @@ import pytest
|
||||
from django.utils.timezone import now
|
||||
|
||||
from pretix.base.models import (
|
||||
Event, EventPermission, Item, Organizer, Quota, User, Voucher,
|
||||
WaitingListEntry,
|
||||
Event, Item, Organizer, Quota, Team, User, Voucher, WaitingListEntry,
|
||||
)
|
||||
from pretix.control.views.dashboards import waitinglist_widgets
|
||||
|
||||
@@ -34,12 +33,9 @@ def env():
|
||||
event=event, item=item2, email='item2@example.org'
|
||||
)
|
||||
|
||||
EventPermission.objects.create(
|
||||
event=event,
|
||||
user=user,
|
||||
can_view_orders=True,
|
||||
can_change_orders=True
|
||||
)
|
||||
t = Team.objects.create(organizer=o, can_view_orders=True, can_change_orders=True)
|
||||
t.members.add(user)
|
||||
t.limit_events.add(event)
|
||||
return event, user, o, item1
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user