[tests] Added tests

Author: pandafy

openwisp_users/tests/utils.py

@@ -1,10 +1,13 @@
 from datetime import date
 
+import django
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Permission
 from django.urls import reverse
 from swapper import load_model
 
+from openwisp_users.multitenancy import SHARED_SYSTEMWIDE_LABEL
+
 Organization = load_model('openwisp_users', 'Organization')
 OrganizationOwner = load_model('openwisp_users', 'OrganizationOwner')
 OrganizationUser = load_model('openwisp_users', 'OrganizationUser')
@@ -236,9 +239,82 @@ def _test_recoverlist_operator_403(self, app_label, model_label):
         )
         self.assertEqual(response.status_code, 403)
 
-    def _get_autocomplete_view_path(self, app_label, model_name, field_name):
+    def _test_org_admin_create_shareable_object(
+        self, path, payload, model, expected_count=0, error_message=None, user=None
+    ):
+        """
+        Verifies a non-superuser cannot create a shareable object
+        """
+        if not user:
+            user = self._create_administrator(organizations=[self._get_org()])
+        self.client.force_login(user)
+        response = self.client.post(
+            path,
+            data=payload,
+            follow=True,
+        )
+        error_message = error_message or (
+            '<div class="form-row errors field-organization">\n'
+            '            <ul class="errorlist"{}>'
+            '<li>This field is required.</li></ul>'
+        ).format(' id="id_organization_error"' if django.VERSION >= (5, 2) else '')
+        self.assertContains(response, error_message)
+        self.assertEqual(model.objects.count(), expected_count)
+
+    def _test_org_admin_view_shareable_object(
+        self, path, user=None, expected_element=None
+    ):
+        """
+        Verifies a non-superuser can view a shareable object
+        """
+        if not user:
+            user = self._create_administrator(organizations=[self._get_org()])
+        self.client.force_login(user)
+        response = self.client.get(path, follow=True)
+        self.assertEqual(response.status_code, 200)
+        if not expected_element:
+            expected_element = (
+                '<div class="form-row field-organization">\n\n\n<div>\n\n'
+                '<div class="flex-container">\n\n'
+                '<label>Organization:</label>\n\n'
+                '<div class="readonly">-</div>\n\n\n'
+                '</div>\n\n</div>\n\n\n</div>'
+            )
+        self.assertContains(response, expected_element, html=True)
+
+    def _test_object_organization_fk_autocomplete_view(
+        self,
+        model,
+    ):
+        app_label = model._meta.app_label
+        model_name = model._meta.model_name
+        path = self._get_autocomplete_view_path(app_label, model_name, 'organization')
+        org = self._get_org()
+        admin = User.objects.filter(is_superuser=True).first()
+        if not admin:
+            admin = self._create_admin()
+        org_admin = self._create_administrator(organizations=[org])
+
+        with self.subTest('Org admin should only see their own org'):
+            self.client.force_login(org_admin)
+            response = self.client.get(path)
+            self.assertEqual(response.status_code, 200)
+            self.assertContains(response, org.name)
+            self.assertNotContains(response, SHARED_SYSTEMWIDE_LABEL)
+
+        with self.subTest('Superuser should see all orgs and shared label'):
+            self.client.force_login(admin)
+            response = self.client.get(path)
+            self.assertEqual(response.status_code, 200)
+            self.assertContains(response, org.name)
+            self.assertContains(response, SHARED_SYSTEMWIDE_LABEL)
+
+    def _get_autocomplete_view_path(
+        self, app_label, model_name, field_name, is_filter=False
+    ):
         path = reverse('admin:ow-auto-filter')
         return (
             f'{path}?app_label={app_label}'
             f'&model_name={model_name}&field_name={field_name}'
+            '{}'.format('&is_filter=true' if is_filter else '')
         )

tests/testapp/tests/test_admin.py

@@ -1,12 +1,11 @@
 import os
 
-import django
 from django.contrib.auth import get_user_model
 from django.test import TestCase
 from django.urls import reverse
 from swapper import load_model
 
-from openwisp_users.tests.utils import TestOrganizationMixin
+from openwisp_users.tests.utils import TestMultitenantAdminMixin, TestOrganizationMixin
 
 from ..models import Template
 
@@ -45,30 +44,42 @@ def test_accounts_login(self):
         )
 
 
-class TestTemplateAdmin(TestOrganizationMixin, TestCase):
+class TestTemplateAdmin(TestMultitenantAdminMixin, TestCase):
+    def _create_template(self, **kwargs):
+        if 'organization' not in kwargs:
+            kwargs['organization'] = self._get_org()
+        options = {
+            'name': 'test-template',
+        }
+        options.update(kwargs)
+        template = Template(**options)
+        template.full_clean()
+        template.save()
+        return template
+
     def test_org_admin_create_shareable_template(self):
-        administrator = self._create_administrator()
-        self.client.force_login(administrator)
-        response = self.client.post(
+        self._test_org_admin_create_shareable_object(
             reverse('admin:testapp_template_add'),
-            data={
+            payload={
                 'name': 'test-template',
                 'organization': '',
             },
-            follow=True,
+            model=Template,
         )
-        self.assertContains(
-            response,
-            (
-                '<div class="form-row errors field-organization">\n'
-                '            <ul class="errorlist"{}>'
-                '<li>This field is required.</li></ul>'
-            ).format(' id="id_organization_error"' if django.VERSION >= (5, 2) else ''),
+
+    def test_template_organization_autocomplete_view(self):
+        self._test_object_organization_fk_autocomplete_view(
+            Template,
+        )
+
+    def test_org_admin_view_shared_template(self):
+        template = self._create_template(organization=None)
+        self._test_org_admin_view_shareable_object(
+            reverse('admin:testapp_template_change', args=(template.id,)),
         )
-        self.assertEqual(Template.objects.count(), 0)
 
     def test_superuser_create_shareable_template(self):
-        admin = self._create_admin()
+        admin = self._get_admin()
         self.client.force_login(admin)
         response = self.client.post(
             reverse('admin:testapp_template_add'),

tests/testapp/tests/test_selenium.py

@@ -24,13 +24,17 @@ def setUp(self):
         )
 
     def _test_multitenant_autocomplete_org_field(
-        self, username, password, path, visible, hidden
+        self,
+        username,
+        password,
+        path,
+        visible,
+        hidden,
+        select2_selector='#select2-id_organization-container',
     ):
         self.login(username=username, password=password)
         self.open(path)
-        self.web_driver.find_element(
-            By.CSS_SELECTOR, '#select2-id_organization-container'
-        ).click()
+        self.web_driver.find_element(By.CSS_SELECTOR, select2_selector).click()
         WebDriverWait(self.web_driver, 2).until(
             EC.invisibility_of_element_located(
                 (By.CSS_SELECTOR, '.select2-results__option.loading-results')
@@ -143,3 +147,30 @@ def test_shelf_add_form_organization_field(self):
             self.assertEqual(len(org_select.all_selected_options), 1)
             self.assertEqual(org_select.first_selected_option.text, org1.name)
         self.logout()
+
+    def test_organization_autocomplete_filter(self):
+        """
+        The autocomplete_filter should show option to filter
+        shared objects to non-superuser.
+        """
+        path = reverse('admin:testapp_shelf_changelist')
+        org1 = self._create_org(name='org1')
+        administrator = self._create_administrator(
+            organizations=[org1], username='tester', password='tester'
+        )
+        administrator.user_permissions.add(
+            *Permission.objects.filter(
+                Q(codename__contains='shelf') | Q(codename='view_organization')
+            ).values_list('id', flat=True),
+        )
+        self._test_multitenant_autocomplete_org_field(
+            path=path,
+            username='tester',
+            password='tester',
+            visible=[org1.name, 'Shared systemwide (no organization)'],
+            hidden=list(
+                Organization.objects.exclude(id=org1.id).values_list('name', flat=True)
+            ),
+            select2_selector='#select2-id-organization-dal-filter-container',
+        )
+        self.logout()