darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 02:42:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add login_required for all endpoints where it makes sense.

Browse Source 
https://www.pivotaltracker.com/story/show/111240834
This commit is contained in:
Rebecca Law
2016-01-11 16:03:41 +00:00
parent 7190513dc2
commit 3eefce56d4
7 changed files with 175 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
app/main/views/index.py
View File

@@ -1,5 +1,6 @@
from flask import render_template
from app.main import main
from flask_login import login_required
@main.route('/')
@@ -7,51 +8,43 @@ def index():
return render_template('views/signedout.html')
@main.route("/govuk")
def govuk():
return render_template('views/govuk_template.html')
@main.route("/register-from-invite")
@login_required
def registerfrominvite():
return render_template('views/register-from-invite.html')
@main.route("/verify-mobile")
@login_required
def verifymobile():
return render_template('views/verify-mobile.html')
@main.route("/send-email")
@login_required
def sendemail():
return render_template('views/send-email.html')
@main.route("/check-email")
@login_required
def checkemail():
return render_template('views/check-email.html')
@main.route("/user-profile")
@login_required
def userprofile():
return render_template('views/user-profile.html')
@main.route("/manage-users")
@login_required
def manageusers():
return render_template('views/manage-users.html')
@main.route("/api-keys")
@login_required
def apikeys():
return render_template('views/api-keys.html')
@main.route("/manage-templates")
def managetemplates():
return render_template('views/manage-templates.html')
@main.route("/edit-template")
def edittemplate():
return render_template('views/edit-template.html')

5
app/main/views/jobs.py
View File

@@ -2,6 +2,8 @@
import time
from flask import render_template
from flask_login import login_required
from app.main import main
from ._jobs import jobs
@@ -41,6 +43,7 @@ messages = [
@main.route("/jobs")
@login_required
def showjobs():
return render_template(
'views/jobs.html',
@@ -49,6 +52,7 @@ def showjobs():
@main.route("/jobs/job")
@login_required
def showjob():
return render_template(
'views/job.html',
@@ -71,6 +75,7 @@ def showjob():
@main.route("/jobs/job/notification/<string:notification_id>")
@login_required
def shownotification(notification_id):
return render_template(
'views/notification.html',

8
app/main/views/service_settings.py
View File

@@ -12,6 +12,7 @@ service = {
@main.route("/service-settings")
@login_required
def service_settings():
return render_template(
'views/service-settings.html',
@@ -20,6 +21,7 @@ def service_settings():
@main.route("/service-settings/name", methods=['GET', 'POST'])
@login_required
def name():
form = ServiceNameForm()
@@ -36,6 +38,7 @@ def name():
@main.route("/service-settings/name/confirm", methods=['GET', 'POST'])
@login_required
def confirm_name_change():
form = ConfirmPasswordForm()
@@ -51,6 +54,7 @@ def confirm_name_change():
@main.route("/service-settings/request-to-go-live", methods=['GET', 'POST'])
@login_required
def request_to_go_live():
if request.method == 'GET':
return render_template(
@@ -62,6 +66,7 @@ def request_to_go_live():
@main.route("/service-settings/status", methods=['GET', 'POST'])
@login_required
def status():
if request.method == 'GET':
return render_template(
@@ -73,6 +78,7 @@ def status():
@main.route("/service-settings/status/confirm", methods=['GET', 'POST'])
@login_required
def confirm_status_change():
form = ConfirmPasswordForm()
@@ -89,6 +95,7 @@ def confirm_status_change():
@main.route("/service-settings/delete", methods=['GET', 'POST'])
@login_required
def delete():
if request.method == 'GET':
return render_template(
@@ -100,6 +107,7 @@ def delete():
@main.route("/service-settings/delete/confirm", methods=['GET', 'POST'])
@login_required
def confirm_delete():
form = ConfirmPasswordForm()

4
app/main/views/templates.py
View File

@@ -1,15 +1,18 @@
from flask import request, render_template, redirect, url_for
from flask_login import login_required
from app.main import main
from app.main.forms import TemplateForm
@main.route("/templates")
@login_required
def manage_templates():
return render_template('views/manage-templates.html')
@main.route("/templates/template", methods=['GET', 'POST'])
@login_required
def add_template():
form = TemplateForm()
@@ -28,6 +31,7 @@ def add_template():
@main.route("/templates/template/add", methods=['GET', 'POST'])
@login_required
def edit_template():
form = TemplateForm()

47
tests/app/main/views/test_jobs.py
View File

@@ -1,22 +1,37 @@
def test_should_return_list_of_all_jobs(notifications_admin):
response = notifications_admin.test_client().get('/jobs')
assert response.status_code == 200
assert 'Test message 1' in response.get_data(as_text=True)
assert 'Final reminder' in response.get_data(as_text=True)
from tests.app.main import create_test_user
def test_should_show_page_for_one_job(notifications_admin):
response = notifications_admin.test_client().get('/jobs/job')
def test_should_return_list_of_all_jobs(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/jobs')
assert response.status_code == 200
assert 'dispatch_20151114.csv' in response.get_data(as_text=True)
assert 'Test message 1' in response.get_data(as_text=True)
assert response.status_code == 200
assert 'Test message 1' in response.get_data(as_text=True)
assert 'Final reminder' in response.get_data(as_text=True)
def test_should_show_page_for_one_notification(notifications_admin):
response = notifications_admin.test_client().get('/jobs/job/notification/3')
def test_should_show_page_for_one_job(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/jobs/job')
assert response.status_code == 200
assert 'Text message' in response.get_data(as_text=True)
assert '+44 7700 900 522' in response.get_data(as_text=True)
assert response.status_code == 200
assert 'dispatch_20151114.csv' in response.get_data(as_text=True)
assert 'Test message 1' in response.get_data(as_text=True)
def test_should_show_page_for_one_notification(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/jobs/job/notification/3')
assert response.status_code == 200
assert 'Text message' in response.get_data(as_text=True)
assert '+44 7700 900 522' in response.get_data(as_text=True)

134
tests/app/main/views/test_service_settings.py
View File

@@ -1,103 +1,165 @@
def test_should_show_overview(notifications_admin):
response = notifications_admin.test_client().get('/service-settings')
assert response.status_code == 200
assert 'Service settings' in response.get_data(as_text=True)
from tests.app.main import create_test_user
def test_should_show_service_name(notifications_admin):
response = notifications_admin.test_client().get('/service-settings/name')
assert response.status_code == 200
assert 'Change your service name' in response.get_data(as_text=True)
def test_should_show_overview(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings')
assert response.status_code == 200
assert 'Service settings' in response.get_data(as_text=True)
def test_should_redirect_after_change_service_name(notifications_admin):
response = notifications_admin.test_client().post('/service-settings/request-to-go-live')
def test_should_show_service_name(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings/name')
assert response.status_code == 200
assert 'Change your service name' in response.get_data(as_text=True)
def test_should_redirect_after_change_service_name(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/service-settings/request-to-go-live')
assert response.status_code == 302
assert 'http://localhost/service-settings' == response.location
def test_should_show_service_name_confirmation(notifications_admin):
response = notifications_admin.test_client().get('/service-settings/name/confirm')
def test_should_show_service_name_confirmation(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings/name/confirm')
assert response.status_code == 200
assert 'Change your service name' in response.get_data(as_text=True)
def test_should_redirect_after_service_name_confirmation(notifications_admin):
response = notifications_admin.test_client().post('/service-settings/name/confirm')
def test_should_redirect_after_service_name_confirmation(notifications_admin, notifications_admin_db,
notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/service-settings/name/confirm')
assert response.status_code == 302
assert 'http://localhost/service-settings' == response.location
def test_should_show_request_to_go_live(notifications_admin):
response = notifications_admin.test_client().get('/service-settings/request-to-go-live')
def test_should_show_request_to_go_live(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings/request-to-go-live')
assert response.status_code == 200
assert 'Request to go live' in response.get_data(as_text=True)
def test_should_redirect_after_request_to_go_live(notifications_admin):
response = notifications_admin.test_client().post('/service-settings/request-to-go-live')
def test_should_redirect_after_request_to_go_live(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/service-settings/request-to-go-live')
assert response.status_code == 302
assert 'http://localhost/service-settings' == response.location
def test_should_show_status_page(notifications_admin):
response = notifications_admin.test_client().get('/service-settings/status')
def test_should_show_status_page(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings/status')
assert response.status_code == 200
assert 'Turn off all outgoing notifications' in response.get_data(as_text=True)
def test_should_show_redirect_after_status_change(notifications_admin):
response = notifications_admin.test_client().post('/service-settings/status')
def test_should_show_redirect_after_status_change(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/service-settings/status')
assert response.status_code == 302
assert 'http://localhost/service-settings/status/confirm' == response.location
def test_should_show_status_confirmation(notifications_admin):
response = notifications_admin.test_client().get('/service-settings/status/confirm')
def test_should_show_status_confirmation(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings/status/confirm')
assert response.status_code == 200
assert 'Turn off all outgoing notifications' in response.get_data(as_text=True)
def test_should_redirect_after_status_confirmation(notifications_admin):
response = notifications_admin.test_client().post('/service-settings/status/confirm')
def test_should_redirect_after_status_confirmation(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/service-settings/status/confirm')
assert response.status_code == 302
assert 'http://localhost/service-settings' == response.location
def test_should_show_delete_page(notifications_admin):
response = notifications_admin.test_client().get('/service-settings/delete')
def test_should_show_delete_page(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings/delete')
assert response.status_code == 200
assert 'Delete this service from Notify' in response.get_data(as_text=True)
def test_should_show_redirect_after_deleting_service(notifications_admin):
response = notifications_admin.test_client().post('/service-settings/delete')
def test_should_show_redirect_after_deleting_service(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/service-settings/delete')
assert response.status_code == 302
assert 'http://localhost/service-settings/delete/confirm' == response.location
def test_should_show_delete_confirmation(notifications_admin):
response = notifications_admin.test_client().get('/service-settings/delete/confirm')
def test_should_show_delete_confirmation(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/service-settings/delete/confirm')
assert response.status_code == 200
assert 'Delete this service from Notify' in response.get_data(as_text=True)
def test_should_redirect_delete_confirmation(notifications_admin):
response = notifications_admin.test_client().post('/service-settings/delete/confirm')
def test_should_redirect_delete_confirmation(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/service-settings/delete/confirm')
assert response.status_code == 302
assert 'http://localhost/dashboard' == response.location

27
tests/app/main/views/test_templates.py
View File

@@ -1,17 +1,32 @@
def test_should_return_list_of_all_templates(notifications_admin):
response = notifications_admin.test_client().get('/templates')
from tests.app.main import create_test_user
def test_should_return_list_of_all_templates(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/templates')
assert response.status_code == 200
def test_should_show_page_for_one_templates(notifications_admin):
response = notifications_admin.test_client().get('/templates/template')
def test_should_show_page_for_one_templates(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.get('/templates/template')
assert response.status_code == 200
def test_should_redirect_when_saving_a_template(notifications_admin):
response = notifications_admin.test_client().post('/templates/template')
def test_should_redirect_when_saving_a_template(notifications_admin, notifications_admin_db, notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
user = create_test_user('active')
client.login(user)
response = client.post('/templates/template')
assert response.status_code == 302
assert response.location == 'http://localhost/templates'