diff --git a/core/management/commands/populate.py b/core/management/commands/populate.py index 02bd3cd3..312744c6 100644 --- a/core/management/commands/populate.py +++ b/core/management/commands/populate.py @@ -48,7 +48,7 @@ from accounting.models import ( from core.utils import resize_image from club.models import Club, Membership from subscription.models import Subscription -from counter.models import Customer, ProductType, Product, Counter, Selling +from counter.models import Customer, ProductType, Product, Counter, Selling, StudentCard from com.models import Sith, Weekmail, News, NewsDate from election.models import Election, Role, Candidature, ElectionList from forum.models import Forum, ForumTopic @@ -870,6 +870,7 @@ Welcome to the wiki page! start=s.subscription_start, ) s.save() + StudentCard(uid="9A89B82018B0A0", customer=sli.customer).save() # Adding subscription for Krophil s = Subscription( member=User.objects.filter(pk=krophil.pk).first(), diff --git a/counter/models.py b/counter/models.py index bcc9388e..3306a550 100644 --- a/counter/models.py +++ b/counter/models.py @@ -757,7 +757,7 @@ class StudentCard(models.Model): def can_create(customer, user): return user.pk == customer.user.pk or user.is_board_member or user.is_root - def can_edit(self, obj): + def can_be_edited_by(self, obj): if isinstance(obj, User): return StudentCard.can_create(self.customer, obj) return False diff --git a/counter/tests.py b/counter/tests.py index 7e037826..e001b13f 100644 --- a/counter/tests.py +++ b/counter/tests.py @@ -142,3 +142,195 @@ class BarmanConnectionTest(TestCase): self.assertFalse( '
  • S' Kia
    • ' in str(response_get.content) ) + + +class StudentCardTest(TestCase): + """ + Tests for adding and deleting Stundent Cards + Test that an user can be found with it's student card + """ + + def setUp(self): + call_command("populate") + self.krophil = User.objects.get(username="krophil") + self.sli = User.objects.get(username="sli") + + self.counter = Counter.objects.filter(id=2).first() + + # Auto login on counter + self.client.post( + reverse("counter:login", args=[self.counter.id]), + {"username": "krophil", "password": "plop"}, + ) + + def test_search_user_with_student_card(self): + response = self.client.post( + reverse("counter:details", args=[self.counter.id]), + {"code": "9A89B82018B0A0"}, + ) + + self.assertEqual( + response.url, + reverse( + "counter:click", + kwargs={"counter_id": self.counter.id, "user_id": self.sli.id}, + ), + ) + + def test_add_student_card_from_counter(self): + response = self.client.post( + reverse( + "counter:click", + kwargs={"counter_id": self.counter.id, "user_id": self.sli.id}, + ), + {"student_card_uid": "8B90734A802A8F", "action": "add_student_card"}, + ) + self.assertContains(response, text="8B90734A802A8F") + + def test_add_student_card_from_counter_fail(self): + response = self.client.post( + reverse( + "counter:click", + kwargs={"counter_id": self.counter.id, "user_id": self.sli.id}, + ), + {"student_card_uid": "8B90734A802A8", "action": "add_student_card"}, + ) + self.assertContains( + response, text="Ce n'est pas un UID de carte étudiante valide" + ) + + response = self.client.post( + reverse( + "counter:click", + kwargs={"counter_id": self.counter.id, "user_id": self.sli.id}, + ), + {"student_card_uid": "8B90734A802A8FA", "action": "add_student_card"}, + ) + self.assertContains( + response, text="Ce n'est pas un UID de carte étudiante valide" + ) + + def test_delete_student_card_with_owner(self): + self.client.login(username="sli", password="plop") + self.client.post( + reverse( + "counter:delete_student_card", + kwargs={ + "customer_id": self.sli.customer.pk, + "card_id": self.sli.customer.student_cards.first().id, + }, + ) + ) + self.assertFalse(self.sli.customer.student_cards.exists()) + + def test_delete_student_card_with_board_member(self): + self.client.login(username="skia", password="plop") + self.client.post( + reverse( + "counter:delete_student_card", + kwargs={ + "customer_id": self.sli.customer.pk, + "card_id": self.sli.customer.student_cards.first().id, + }, + ) + ) + self.assertFalse(self.sli.customer.student_cards.exists()) + + def test_delete_student_card_with_root(self): + self.client.login(username="root", password="plop") + self.client.post( + reverse( + "counter:delete_student_card", + kwargs={ + "customer_id": self.sli.customer.pk, + "card_id": self.sli.customer.student_cards.first().id, + }, + ) + ) + self.assertFalse(self.sli.customer.student_cards.exists()) + + def test_delete_student_card_fail(self): + self.client.login(username="krophil", password="plop") + response = self.client.post( + reverse( + "counter:delete_student_card", + kwargs={ + "customer_id": self.sli.customer.pk, + "card_id": self.sli.customer.student_cards.first().id, + }, + ) + ) + self.assertEqual(response.status_code, 403) + self.assertTrue(self.sli.customer.student_cards.exists()) + + def test_add_student_card_from_user_preferences(self): + # Test with owner of the card + self.client.login(username="sli", password="plop") + self.client.post( + reverse( + "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk} + ), + {"uid": "8B90734A802A8F"}, + ) + + response = self.client.get( + reverse("core:user_prefs", kwargs={"user_id": self.sli.id}) + ) + self.assertContains(response, text="8B90734A802A8F") + + # Test with board member + self.client.login(username="skia", password="plop") + self.client.post( + reverse( + "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk} + ), + {"uid": "8B90734A802A8A"}, + ) + + response = self.client.get( + reverse("core:user_prefs", kwargs={"user_id": self.sli.id}) + ) + self.assertContains(response, text="8B90734A802A8A") + + # Test with root + self.client.login(username="root", password="plop") + self.client.post( + reverse( + "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk} + ), + {"uid": "8B90734A802A8B"}, + ) + + response = self.client.get( + reverse("core:user_prefs", kwargs={"user_id": self.sli.id}) + ) + self.assertContains(response, text="8B90734A802A8B") + + def test_add_student_card_from_user_preferences_fail(self): + self.client.login(username="sli", password="plop") + response = self.client.post( + reverse( + "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk} + ), + {"uid": "8B90734A802A8"}, + ) + + self.assertContains(response, text="Cet UID est invalide") + + response = self.client.post( + reverse( + "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk} + ), + {"uid": "8B90734A802A8FA"}, + ) + self.assertContains(response, text="Cet UID est invalide") + + # Test with unauthorized user + self.client.login(username="krophil", password="plop") + response = self.client.post( + reverse( + "counter:add_student_card", kwargs={"customer_id": self.sli.customer.pk} + ), + {"uid": "8B90734A802A8F"}, + ) + self.assertEqual(response.status_code, 403) diff --git a/counter/views.py b/counter/views.py index 2f3a653d..8296aa2b 100644 --- a/counter/views.py +++ b/counter/views.py @@ -113,8 +113,8 @@ class StudentCardForm(forms.ModelForm): def clean(self): cleaned_data = super(StudentCardForm, self).clean() - uid = cleaned_data.get("uid") - if not StudentCard.is_valid(uid): + uid = cleaned_data.get("uid", None) + if not uid or not StudentCard.is_valid(uid): raise forms.ValidationError(_("This uid is invalid"), code="invalid") return cleaned_data