IdHub/idhub/tests/test_views.py

from django.test import TestCase, RequestFactory
from django.core.cache import cache
from django.urls import reverse
from django.conf import settings

from idhub_auth.models import User
from idhub.models import Event
from oidc4vp.models import Organization
from idhub.admin.views import PeopleListView


class AdminDashboardViewTest(TestCase):

    def setUp(self):
        cache.set("KEY_DIDS", '1234', None)
        self.user = User.objects.create_user(
            email='normaluser@example.org',
            password='testpass12',
        )
        self.user.accept_gdpr=True
        self.user.save()

        self.admin_user = User.objects.create_superuser(
                email='adminuser@example.org',
                password='adminpass12')
        self.admin_user.accept_gdpr=True
        self.admin_user.save()
        self.org = Organization.objects.create(name="testserver", main=True)

        settings.DOMAIN = self.org.name
        settings.ENABLE_EMAIL = False

    def test_view_url_exists_at_desired_location(self):
        response = self.client.get('/admin/dashboard/', follow=True)

        self.assertEqual(response.status_code, 200)

    def test_view_redirects_to_login_when_not_authenticated(self):
        response = self.client.get(reverse("idhub:admin_dashboard"),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertTemplateUsed(response, 'auth/login.html')

    def test_view_redirects_on_incorrect_login_attempt(self):
        self.client.login(email='adminuser@example.org', password='wrongpass')
        response = self.client.get(reverse('idhub:admin_dashboard'))

        self.assertEqual(response.status_code, 302)

    def test_view_redirects_to_login_on_incorrect_login_attempt(self):
        self.client.login(email='adminuser@example.org', password='wrongpass')
        response = self.client.get(reverse('idhub:admin_dashboard'),
                                   follow=True)

        self.assertTemplateUsed(response, 'auth/login.html')

    def test_login_admin_user(self):
        self.client.login(email='adminuser@example.org',
                          password='adminpass12')
        response = self.client.get(reverse('idhub:admin_dashboard'))

        self.assertEqual(response.status_code, 200)

    def test_view_uses_correct_template(self):
        self.client.login(email='adminuser@example.org',
                          password='adminpass12')
        response = self.client.get(reverse('idhub:admin_dashboard'))

        self.assertTemplateUsed(response, 'idhub/admin/dashboard.html')

    def test_admin_event_filtering(self):
        # Create a test admin user
        admin_user = User.objects.create_superuser(email='admin@example.org', password='test')
        admin_user.accept_gdpr = True
        admin_user.save()
        self.client.login(email='admin@example.org', password='test')

        # Create test events, including some that should not be visible to admins
        Event.objects.create(type=Event.Types.EV_USR_REGISTERED, message="User registered")
        Event.objects.create(type=Event.Types.EV_USR_WELCOME, message="User welcomed")  # Should not appear

        # Fetch the dashboard view
        response = self.client.get('/admin/dashboard/')
        events = response.context['event_list']

        # Check that only admin-visible events are included
        self.assertIn(Event.Types.EV_USR_REGISTERED, [event.type for event in events])
        self.assertNotIn(Event.Types.EV_USR_WELCOME, [event.type for event in events])

    def test_access_control_redirects_when_normal_user(self):
        # Attempt to access the dashboard as a non-admin user
        regular_user = User.objects.create_user(email='user', password='test')
        self.client.login(email='user@example.org', password='test')
        response = self.client.get('/admin/dashboard/')
        self.assertEqual(response.status_code, 302)  # Or 403 if not redirected

    def test_access_control_accepted_when_admin(self):
        # Access as an admin
        admin_user = User.objects.create_superuser(email='admin@example.org', password='test')
        admin_user.accept_gdpr=True
        admin_user.save()
        self.client.login(email='admin@example.org', password='test')
        response = self.client.get('/admin/dashboard/')
        self.assertEqual(response.status_code, 200)


class PeopleListViewTest(TestCase):

    def setUp(self):
        cache.set("KEY_DIDS", '1234', None)
        # Set up a RequestFactory to create mock requests
        self.factory = RequestFactory()

        # Create some user instances for testing
        self.user = User.objects.create_user(email='normaluser@example.org',
                                             password='testpass12')
        self.user.accept_gdpr=True
        self.user.save()
        self.admin_user = User.objects.create_superuser(
                email='adminuser@example.org',
                password='adminpass12')
        self.admin_user.accept_gdpr=True
        self.admin_user.save()

        # Create a request object for the view
        self.request = self.factory.get(reverse('idhub:admin_people_list'))

        self.request.user = self.admin_user
        self.client.login(email='adminuser@example.org', password='adminpass12')
        self.request.session = self.client.session

    def test_template_used(self):
        response = PeopleListView.as_view()(self.request)

        self.assertEqual(response.template_name[0], "idhub/admin/people.html")

    def test_context_data(self):
        response = PeopleListView.as_view()(self.request)

        self.assertIn('users', response.context_data)

        # Assuming 2 users were created
        self.assertEqual(len(response.context_data['users']), 2)

    def test_get_queryset(self):
        view = PeopleListView()
        view.setup(self.request)
        queryset = view.get_queryset()

        # Assuming 2 users in the database
        self.assertEqual(queryset.count(), 2)


class UserDashboardViewTests(TestCase):
    def setUp(self):
        cache.set("KEY_DIDS", '1234', None)
        # Create test users
        self.admin_user = User.objects.create_superuser('admin@example.org', 'password')
        self.admin_user.accept_gdpr=True
        self.admin_user.save()
        self.regular_user = User.objects.create_user('regular@example.org', 'password')
        self.regular_user.accept_gdpr=True
        self.regular_user.save()
        
        # Create events visible to users
        self.visible_events_types = [
            Event.Types.EV_USR_WELCOME,
            Event.Types.EV_USR_UPDATED,
            Event.Types.EV_DID_CREATED,
            Event.Types.EV_DID_DELETED,
            Event.Types.EV_CREDENTIAL_DELETED,
            Event.Types.EV_CREDENTIAL_ISSUED,
            Event.Types.EV_CREDENTIAL_PRESENTED,
            Event.Types.EV_CREDENTIAL_CAN_BE_REQUESTED,
            Event.Types.EV_CREDENTIAL_REVOKED,
        ]
        
        # Create events for both users
        for event_type in self.visible_events_types:
            Event.objects.create(type=event_type, message=f"Test event for {event_type.label}", user=self.regular_user)
        
        # Create an event that should not be visible to a regular user
        Event.objects.create(type=Event.Types.EV_USR_REGISTERED, message="Admin only event", user=self.regular_user)

    def test_events_visibility_for_regular_user(self):
        self.client.login(email='regular@example.org', password='password')
        response = self.client.get(reverse('idhub:user_dashboard'))
        # Ensure the response contains only the events that should be visible
        for event in Event.objects.filter(user=self.regular_user, type__in=self.visible_events_types):
            self.assertContains(response, event.message)
        # Ensure the response does not contain the admin only event
        self.assertNotContains(response, "Admin only event")

    def test_no_events_for_regular_user(self):
        # Delete all events for the setup user
        Event.objects.filter(user=self.regular_user).delete()
        self.client.login(email='regular@example.org', password='password')
        response = self.client.get(reverse('idhub:user_dashboard'))
        # Verify that the response indicates no events are available
        self.assertContains(response, "No events available")  # Adjust based on your actual no-events message

    def test_events_visibility_for_new_user(self):
        # Create a new user who has no events
        new_user = User.objects.create_user('new@example.org', 'password')
        new_user.accept_gdpr = True
        new_user.save()
        self.client.login(email='new@example.org', password='password')
        response = self.client.get(reverse('idhub:user_dashboard'))
        # Verify that the response correctly indicates no events for the new user
        self.assertContains(response, "No events available")  # Adjust based on your actual no-events message

    def test_unauthorized_access(self):
        # Attempt to access the dashboard without logging in
        response = self.client.get(reverse('idhub:user_dashboard'), follow=True)
        # Ensure the response redirects to the login page
        self.assertTemplateUsed(response, 'auth/login.html')
Added tests for the User model and view 2023-11-30 16:06:00 +00:00			`from django.test import TestCase, RequestFactory`
add KEY in cache in tests 2024-02-22 17:50:53 +00:00			`from django.core.cache import cache`
Started tests draft 2024-02-18 20:51:35 +00:00			`from django.urls import reverse`
fix tests 2024-03-04 18:00:44 +00:00			`from django.conf import settings`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00
			`from idhub_auth.models import User`
Started tests draft 2024-02-18 20:51:35 +00:00			`from idhub.models import Event`
fix tests 2024-03-04 18:00:44 +00:00			`from oidc4vp.models import Organization`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00			`from idhub.admin.views import PeopleListView`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00

			`class AdminDashboardViewTest(TestCase):`

			`def setUp(self):`
add KEY in cache in tests 2024-02-22 17:50:53 +00:00			`cache.set("KEY_DIDS", '1234', None)`
fix tests 2024-01-29 11:05:23 +00:00			`self.user = User.objects.create_user(`
			`email='normaluser@example.org',`
			`password='testpass12',`
			`)`
			`self.user.accept_gdpr=True`
			`self.user.save()`

Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00			`self.admin_user = User.objects.create_superuser(`
Changed testing mail domain to @example.org to avoid potential spamming 2023-11-27 10:26:23 +00:00			`email='adminuser@example.org',`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00			`password='adminpass12')`
fix tests 2024-01-29 11:05:23 +00:00			`self.admin_user.accept_gdpr=True`
			`self.admin_user.save()`
fix tests 2024-03-04 18:00:44 +00:00			`self.org = Organization.objects.create(name="testserver", main=True)`

			`settings.DOMAIN = self.org.name`
			`settings.ENABLE_EMAIL = False`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00
			`def test_view_url_exists_at_desired_location(self):`
			`response = self.client.get('/admin/dashboard/', follow=True)`

			`self.assertEqual(response.status_code, 200)`

			`def test_view_redirects_to_login_when_not_authenticated(self):`
			`response = self.client.get(reverse("idhub:admin_dashboard"),`
			`follow=True)`
			`self.assertEqual(response.status_code, 200)`
			`self.assertTemplateUsed(response, 'auth/login.html')`

			`def test_view_redirects_on_incorrect_login_attempt(self):`
Changed testing mail domain to @example.org to avoid potential spamming 2023-11-27 10:26:23 +00:00			`self.client.login(email='adminuser@example.org', password='wrongpass')`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00			`response = self.client.get(reverse('idhub:admin_dashboard'))`

			`self.assertEqual(response.status_code, 302)`

			`def test_view_redirects_to_login_on_incorrect_login_attempt(self):`
Changed testing mail domain to @example.org to avoid potential spamming 2023-11-27 10:26:23 +00:00			`self.client.login(email='adminuser@example.org', password='wrongpass')`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00			`response = self.client.get(reverse('idhub:admin_dashboard'),`
			`follow=True)`

			`self.assertTemplateUsed(response, 'auth/login.html')`

			`def test_login_admin_user(self):`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00			`self.client.login(email='adminuser@example.org',`
			`password='adminpass12')`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00			`response = self.client.get(reverse('idhub:admin_dashboard'))`

			`self.assertEqual(response.status_code, 200)`

			`def test_view_uses_correct_template(self):`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00			`self.client.login(email='adminuser@example.org',`
			`password='adminpass12')`
Added tests for Admin Dashboard model, view, template, and table 2023-11-24 14:23:59 +00:00			`response = self.client.get(reverse('idhub:admin_dashboard'))`

			`self.assertTemplateUsed(response, 'idhub/admin/dashboard.html')`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00
Started tests draft 2024-02-18 20:51:35 +00:00			`def test_admin_event_filtering(self):`
			`# Create a test admin user`
			`admin_user = User.objects.create_superuser(email='admin@example.org', password='test')`
Fixed some tests 2024-02-22 16:55:18 +00:00			`admin_user.accept_gdpr = True`
			`admin_user.save()`
Started tests draft 2024-02-18 20:51:35 +00:00			`self.client.login(email='admin@example.org', password='test')`

			`# Create test events, including some that should not be visible to admins`
			`Event.objects.create(type=Event.Types.EV_USR_REGISTERED, message="User registered")`
			`Event.objects.create(type=Event.Types.EV_USR_WELCOME, message="User welcomed") # Should not appear`

			`# Fetch the dashboard view`
			`response = self.client.get('/admin/dashboard/')`
Added tests for the dashboard events filter 2024-02-22 17:10:49 +00:00			`events = response.context['event_list']`
Started tests draft 2024-02-18 20:51:35 +00:00
			`# Check that only admin-visible events are included`
			`self.assertIn(Event.Types.EV_USR_REGISTERED, [event.type for event in events])`
			`self.assertNotIn(Event.Types.EV_USR_WELCOME, [event.type for event in events])`

Fixed some tests 2024-02-22 16:55:18 +00:00			`def test_access_control_redirects_when_normal_user(self):`
Started tests draft 2024-02-18 20:51:35 +00:00			`# Attempt to access the dashboard as a non-admin user`
			`regular_user = User.objects.create_user(email='user', password='test')`
			`self.client.login(email='user@example.org', password='test')`
			`response = self.client.get('/admin/dashboard/')`
			`self.assertEqual(response.status_code, 302) # Or 403 if not redirected`

Fixed some tests 2024-02-22 16:55:18 +00:00			`def test_access_control_accepted_when_admin(self):`
Started tests draft 2024-02-18 20:51:35 +00:00			`# Access as an admin`
			`admin_user = User.objects.create_superuser(email='admin@example.org', password='test')`
Fixed some tests 2024-02-22 16:55:18 +00:00			`admin_user.accept_gdpr=True`
			`admin_user.save()`
Started tests draft 2024-02-18 20:51:35 +00:00			`self.client.login(email='admin@example.org', password='test')`
			`response = self.client.get('/admin/dashboard/')`
			`self.assertEqual(response.status_code, 200)`

Added tests for the User model and view 2023-11-30 16:06:00 +00:00
			`class PeopleListViewTest(TestCase):`

			`def setUp(self):`
add KEY in cache in tests 2024-02-22 17:50:53 +00:00			`cache.set("KEY_DIDS", '1234', None)`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00			`# Set up a RequestFactory to create mock requests`
			`self.factory = RequestFactory()`

			`# Create some user instances for testing`
			`self.user = User.objects.create_user(email='normaluser@example.org',`
			`password='testpass12')`
fix tests 2024-01-29 11:05:23 +00:00			`self.user.accept_gdpr=True`
			`self.user.save()`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00			`self.admin_user = User.objects.create_superuser(`
			`email='adminuser@example.org',`
			`password='adminpass12')`
fix tests 2024-01-29 11:05:23 +00:00			`self.admin_user.accept_gdpr=True`
			`self.admin_user.save()`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00
			`# Create a request object for the view`
			`self.request = self.factory.get(reverse('idhub:admin_people_list'))`

			`self.request.user = self.admin_user`
fix tests 2024-01-29 11:05:23 +00:00			`self.client.login(email='adminuser@example.org', password='adminpass12')`
			`self.request.session = self.client.session`
Added tests for the User model and view 2023-11-30 16:06:00 +00:00
			`def test_template_used(self):`
			`response = PeopleListView.as_view()(self.request)`

			`self.assertEqual(response.template_name[0], "idhub/admin/people.html")`

			`def test_context_data(self):`
			`response = PeopleListView.as_view()(self.request)`

			`self.assertIn('users', response.context_data)`

			`# Assuming 2 users were created`
			`self.assertEqual(len(response.context_data['users']), 2)`

			`def test_get_queryset(self):`
			`view = PeopleListView()`
			`view.setup(self.request)`
			`queryset = view.get_queryset()`

			`# Assuming 2 users in the database`
			`self.assertEqual(queryset.count(), 2)`
Started tests draft 2024-02-18 20:51:35 +00:00

			`class UserDashboardViewTests(TestCase):`
			`def setUp(self):`
add KEY in cache in tests 2024-02-22 17:50:53 +00:00			`cache.set("KEY_DIDS", '1234', None)`
Started tests draft 2024-02-18 20:51:35 +00:00			`# Create test users`
			`self.admin_user = User.objects.create_superuser('admin@example.org', 'password')`
			`self.admin_user.accept_gdpr=True`
			`self.admin_user.save()`
			`self.regular_user = User.objects.create_user('regular@example.org', 'password')`
			`self.regular_user.accept_gdpr=True`
			`self.regular_user.save()`

			`# Create events visible to users`
			`self.visible_events_types = [`
			`Event.Types.EV_USR_WELCOME,`
			`Event.Types.EV_USR_UPDATED,`
			`Event.Types.EV_DID_CREATED,`
			`Event.Types.EV_DID_DELETED,`
			`Event.Types.EV_CREDENTIAL_DELETED,`
			`Event.Types.EV_CREDENTIAL_ISSUED,`
			`Event.Types.EV_CREDENTIAL_PRESENTED,`
			`Event.Types.EV_CREDENTIAL_CAN_BE_REQUESTED,`
			`Event.Types.EV_CREDENTIAL_REVOKED,`
			`]`

			`# Create events for both users`
			`for event_type in self.visible_events_types:`
			`Event.objects.create(type=event_type, message=f"Test event for {event_type.label}", user=self.regular_user)`

			`# Create an event that should not be visible to a regular user`
			`Event.objects.create(type=Event.Types.EV_USR_REGISTERED, message="Admin only event", user=self.regular_user)`

			`def test_events_visibility_for_regular_user(self):`
Fixed some tests 2024-02-22 16:55:18 +00:00			`self.client.login(email='regular@example.org', password='password')`
Started tests draft 2024-02-18 20:51:35 +00:00			`response = self.client.get(reverse('idhub:user_dashboard'))`
			`# Ensure the response contains only the events that should be visible`
			`for event in Event.objects.filter(user=self.regular_user, type__in=self.visible_events_types):`
			`self.assertContains(response, event.message)`
			`# Ensure the response does not contain the admin only event`
			`self.assertNotContains(response, "Admin only event")`

			`def test_no_events_for_regular_user(self):`
			`# Delete all events for the setup user`
			`Event.objects.filter(user=self.regular_user).delete()`
Fixed some tests 2024-02-22 16:55:18 +00:00			`self.client.login(email='regular@example.org', password='password')`
Started tests draft 2024-02-18 20:51:35 +00:00			`response = self.client.get(reverse('idhub:user_dashboard'))`
			`# Verify that the response indicates no events are available`
			`self.assertContains(response, "No events available") # Adjust based on your actual no-events message`

			`def test_events_visibility_for_new_user(self):`
			`# Create a new user who has no events`
			`new_user = User.objects.create_user('new@example.org', 'password')`
Fixed some tests 2024-02-22 16:55:18 +00:00			`new_user.accept_gdpr = True`
			`new_user.save()`
			`self.client.login(email='new@example.org', password='password')`
Started tests draft 2024-02-18 20:51:35 +00:00			`response = self.client.get(reverse('idhub:user_dashboard'))`
			`# Verify that the response correctly indicates no events for the new user`
			`self.assertContains(response, "No events available") # Adjust based on your actual no-events message`

			`def test_unauthorized_access(self):`
			`# Attempt to access the dashboard without logging in`
			`response = self.client.get(reverse('idhub:user_dashboard'), follow=True)`
			`# Ensure the response redirects to the login page`
			`self.assertTemplateUsed(response, 'auth/login.html')`