diff --git a/core/management/commands/populate.py b/core/management/commands/populate.py
index 02bd3cd3..312744c6 100644
--- a/core/management/commands/populate.py
+++ b/core/management/commands/populate.py
@@ -48,7 +48,7 @@ from accounting.models import (
from core.utils import resize_image
from club.models import Club, Membership
from subscription.models import Subscription
-from counter.models import Customer, ProductType, Product, Counter, Selling
+from counter.models import Customer, ProductType, Product, Counter, Selling, StudentCard
from com.models import Sith, Weekmail, News, NewsDate
from election.models import Election, Role, Candidature, ElectionList
from forum.models import Forum, ForumTopic
@@ -870,6 +870,7 @@ Welcome to the wiki page!
start=s.subscription_start,
)
s.save()
+ StudentCard(uid="9A89B82018B0A0", customer=sli.customer).save()
# Adding subscription for Krophil
s = Subscription(
member=User.objects.filter(pk=krophil.pk).first(),
diff --git a/counter/models.py b/counter/models.py
index bcc9388e..3306a550 100644
--- a/counter/models.py
+++ b/counter/models.py
@@ -757,7 +757,7 @@ class StudentCard(models.Model):
def can_create(customer, user):
return user.pk == customer.user.pk or user.is_board_member or user.is_root
- def can_edit(self, obj):
+ def can_be_edited_by(self, obj):
if isinstance(obj, User):
return StudentCard.can_create(self.customer, obj)
return False
diff --git a/counter/tests.py b/counter/tests.py
index 7e037826..e001b13f 100644
--- a/counter/tests.py
+++ b/counter/tests.py
@@ -142,3 +142,195 @@ class BarmanConnectionTest(TestCase):
self.assertFalse(
'
S' Kia' in str(response_get.content)
)
+
+
+class StudentCardTest(TestCase):
+ """
+ Tests for adding and deleting Stundent Cards
+ Test that an user can be found with it's student card
+ """
+
+ def setUp(self):
+ call_command("populate")
+ self.krophil = User.objects.get(username="krophil")
+ self.sli = User.objects.get(username="sli")
+
+ self.counter = Counter.objects.filter(id=2).first()
+
+ # Auto login on counter
+ self.client.post(
+ reverse("counter:login", args=[self.counter.id]),
+ {"username": "krophil", "password": "plop"},
+ )
+
+ def test_search_user_with_student_card(self):
+ response = self.client.post(
+ reverse("counter:details", args=[self.counter.id]),
+ {"code": "9A89B82018B0A0"},
+ )
+
+ self.assertEqual(
+ response.url,
+ reverse(
+ "counter:click",
+ kwargs={"counter_id": self.counter.id, "user_id": self.sli.id},
+ ),
+ )
+
+ def test_add_student_card_from_counter(self):
+ response = self.client.post(
+ reverse(
+ "counter:click",
+ kwargs={"counter_id": self.counter.id, "user_id": self.sli.id},
+ ),
+ {"student_card_uid": "8B90734A802A8F", "action": "add_student_card"},
+ )
+ self.assertContains(response, text="8B90734A802A8F")
+
+ def test_add_student_card_from_counter_fail(self):
+ response = self.client.post(
+ reverse(
+ "counter:click",
+ kwargs={"counter_id": self.counter.id, "user_id": self.sli.id},
+ ),
+ {"student_card_uid": "8B90734A802A8", "action": "add_student_card"},
+ )
+ self.assertContains(
+ response, text="Ce n'est pas un UID de carte étudiante valide"
+ )
+
+ response = self.client.post(
+ reverse(
+ "counter:click",
+ kwargs={"counter_id": self.counter.id, "user_id": self.sli.id},
+ ),
+ {"student_card_uid": "8B90734A802A8FA", "action": "add_student_card"},
+ )
+ self.assertContains(
+ response, text="Ce n'est pas un UID de carte étudiante valide"
+ )
+
+ def test_delete_student_card_with_owner(self):
+ self.client.login(username="sli", password="plop")
+ self.client.post(
+ reverse(
+ "counter:delete_student_card",
+ kwargs={
+ "customer_id": self.sli.customer.pk,
+ "card_id": self.sli.customer.student_cards.first().id,
+ },
+ )
+ )
+ self.assertFalse(self.sli.customer.student_cards.exists())
+
+ def test_delete_student_card_with_board_member(self):
+ self.client.login(username="skia", password="plop")
+ self.client.post(
+ reverse(
+ "counter:delete_student_card",
+ kwargs={
+ "customer_id": self.sli.customer.pk,
+ "card_id": self.sli.customer.student_cards.first().id,
+ },
+ )
+ )
+ self.assertFalse(self.sli.customer.student_cards.exists())
+
+ def test_delete_student_card_with_root(self):
+ self.client.login(username="root", password="plop")
+ self.client.post(
+ reverse(
+ "counter:delete_student_card",
+ kwargs={
+ "customer_id": self.sli.customer.pk,
+ "card_id": self.sli.customer.student_cards.first().id,
+ },
+ )
+ )
+ self.assertFalse(self.sli.customer.student_cards.exists())
+
+ def test_delete_student_card_fail(self):
+ self.client.login(username="krophil", password="plop")
+ response = self.client.post(
+ reverse(
+ "counter:delete_student_card",
+ kwargs={
+ "customer_id": self.sli.customer.pk,
+ "card_id": self.sli.customer.student_cards.first().id,
+ },
+ )
+ )
+ self.assertEqual(response.status_code, 403)
+ self.assertTrue(self.sli.customer.student_cards.exists())
+
+ def test_add_student_card_from_user_preferences(self):
+ # Test with owner of the card
+ self.client.login(username="sli", password="plop")
+ self.client.post(
+ reverse(
+ "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk}
+ ),
+ {"uid": "8B90734A802A8F"},
+ )
+
+ response = self.client.get(
+ reverse("core:user_prefs", kwargs={"user_id": self.sli.id})
+ )
+ self.assertContains(response, text="8B90734A802A8F")
+
+ # Test with board member
+ self.client.login(username="skia", password="plop")
+ self.client.post(
+ reverse(
+ "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk}
+ ),
+ {"uid": "8B90734A802A8A"},
+ )
+
+ response = self.client.get(
+ reverse("core:user_prefs", kwargs={"user_id": self.sli.id})
+ )
+ self.assertContains(response, text="8B90734A802A8A")
+
+ # Test with root
+ self.client.login(username="root", password="plop")
+ self.client.post(
+ reverse(
+ "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk}
+ ),
+ {"uid": "8B90734A802A8B"},
+ )
+
+ response = self.client.get(
+ reverse("core:user_prefs", kwargs={"user_id": self.sli.id})
+ )
+ self.assertContains(response, text="8B90734A802A8B")
+
+ def test_add_student_card_from_user_preferences_fail(self):
+ self.client.login(username="sli", password="plop")
+ response = self.client.post(
+ reverse(
+ "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk}
+ ),
+ {"uid": "8B90734A802A8"},
+ )
+
+ self.assertContains(response, text="Cet UID est invalide")
+
+ response = self.client.post(
+ reverse(
+ "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk}
+ ),
+ {"uid": "8B90734A802A8FA"},
+ )
+ self.assertContains(response, text="Cet UID est invalide")
+
+ # Test with unauthorized user
+ self.client.login(username="krophil", password="plop")
+ response = self.client.post(
+ reverse(
+ "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk}
+ ),
+ {"uid": "8B90734A802A8F"},
+ )
+ self.assertEqual(response.status_code, 403)
diff --git a/counter/views.py b/counter/views.py
index 2f3a653d..8296aa2b 100644
--- a/counter/views.py
+++ b/counter/views.py
@@ -113,8 +113,8 @@ class StudentCardForm(forms.ModelForm):
def clean(self):
cleaned_data = super(StudentCardForm, self).clean()
- uid = cleaned_data.get("uid")
- if not StudentCard.is_valid(uid):
+ uid = cleaned_data.get("uid", None)
+ if not uid or not StudentCard.is_valid(uid):
raise forms.ValidationError(_("This uid is invalid"), code="invalid")
return cleaned_data