diff --git a/app/main/views/index.py b/app/main/views/index.py index 777dfa789..fb14d2b5d 100644 --- a/app/main/views/index.py +++ b/app/main/views/index.py @@ -1,5 +1,6 @@ from flask import render_template from app.main import main +from flask_login import login_required @main.route('/') @@ -7,51 +8,43 @@ def index(): return render_template('views/signedout.html') -@main.route("/govuk") -def govuk(): - return render_template('views/govuk_template.html') - - @main.route("/register-from-invite") +@login_required def registerfrominvite(): return render_template('views/register-from-invite.html') @main.route("/verify-mobile") +@login_required def verifymobile(): return render_template('views/verify-mobile.html') @main.route("/send-email") +@login_required def sendemail(): return render_template('views/send-email.html') @main.route("/check-email") +@login_required def checkemail(): return render_template('views/check-email.html') @main.route("/user-profile") +@login_required def userprofile(): return render_template('views/user-profile.html') @main.route("/manage-users") +@login_required def manageusers(): return render_template('views/manage-users.html') @main.route("/api-keys") +@login_required def apikeys(): return render_template('views/api-keys.html') - - -@main.route("/manage-templates") -def managetemplates(): - return render_template('views/manage-templates.html') - - -@main.route("/edit-template") -def edittemplate(): - return render_template('views/edit-template.html') diff --git a/app/main/views/jobs.py b/app/main/views/jobs.py index 112afd86a..5f49a4dcd 100644 --- a/app/main/views/jobs.py +++ b/app/main/views/jobs.py @@ -2,6 +2,8 @@ import time from flask import render_template +from flask_login import login_required + from app.main import main from ._jobs import jobs @@ -41,6 +43,7 @@ messages = [ @main.route("/jobs") +@login_required def showjobs(): return render_template( 'views/jobs.html', @@ -49,6 +52,7 @@ def showjobs(): @main.route("/jobs/job") +@login_required def showjob(): return render_template( 'views/job.html', @@ -71,6 +75,7 @@ def showjob(): @main.route("/jobs/job/notification/") +@login_required def shownotification(notification_id): return render_template( 'views/notification.html', diff --git a/app/main/views/service_settings.py b/app/main/views/service_settings.py index b031fd447..acf6d5069 100644 --- a/app/main/views/service_settings.py +++ b/app/main/views/service_settings.py @@ -12,6 +12,7 @@ service = { @main.route("/service-settings") +@login_required def service_settings(): return render_template( 'views/service-settings.html', @@ -20,6 +21,7 @@ def service_settings(): @main.route("/service-settings/name", methods=['GET', 'POST']) +@login_required def name(): form = ServiceNameForm() @@ -36,6 +38,7 @@ def name(): @main.route("/service-settings/name/confirm", methods=['GET', 'POST']) +@login_required def confirm_name_change(): form = ConfirmPasswordForm() @@ -51,6 +54,7 @@ def confirm_name_change(): @main.route("/service-settings/request-to-go-live", methods=['GET', 'POST']) +@login_required def request_to_go_live(): if request.method == 'GET': return render_template( @@ -62,6 +66,7 @@ def request_to_go_live(): @main.route("/service-settings/status", methods=['GET', 'POST']) +@login_required def status(): if request.method == 'GET': return render_template( @@ -73,6 +78,7 @@ def status(): @main.route("/service-settings/status/confirm", methods=['GET', 'POST']) +@login_required def confirm_status_change(): form = ConfirmPasswordForm() @@ -89,6 +95,7 @@ def confirm_status_change(): @main.route("/service-settings/delete", methods=['GET', 'POST']) +@login_required def delete(): if request.method == 'GET': return render_template( @@ -100,6 +107,7 @@ def delete(): @main.route("/service-settings/delete/confirm", methods=['GET', 'POST']) +@login_required def confirm_delete(): form = ConfirmPasswordForm() diff --git a/app/main/views/templates.py b/app/main/views/templates.py index 2d7d38e85..e7656f0f9 100644 --- a/app/main/views/templates.py +++ b/app/main/views/templates.py @@ -1,15 +1,18 @@ from flask import request, render_template, redirect, url_for +from flask_login import login_required from app.main import main from app.main.forms import TemplateForm @main.route("/templates") +@login_required def manage_templates(): return render_template('views/manage-templates.html') @main.route("/templates/template", methods=['GET', 'POST']) +@login_required def add_template(): form = TemplateForm() @@ -28,6 +31,7 @@ def add_template(): @main.route("/templates/template/add", methods=['GET', 'POST']) +@login_required def edit_template(): form = TemplateForm() diff --git a/tests/app/main/views/test_jobs.py b/tests/app/main/views/test_jobs.py index be7354873..20fa34e89 100644 --- a/tests/app/main/views/test_jobs.py +++ b/tests/app/main/views/test_jobs.py @@ -1,22 +1,37 @@ -def test_should_return_list_of_all_jobs(notifications_admin): - response = notifications_admin.test_client().get('/jobs') - - assert response.status_code == 200 - assert 'Test message 1' in response.get_data(as_text=True) - assert 'Final reminder' in response.get_data(as_text=True) +from tests.app.main import create_test_user -def test_should_show_page_for_one_job(notifications_admin): - response = notifications_admin.test_client().get('/jobs/job') +def test_should_return_list_of_all_jobs(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/jobs') - assert response.status_code == 200 - assert 'dispatch_20151114.csv' in response.get_data(as_text=True) - assert 'Test message 1' in response.get_data(as_text=True) + assert response.status_code == 200 + assert 'Test message 1' in response.get_data(as_text=True) + assert 'Final reminder' in response.get_data(as_text=True) -def test_should_show_page_for_one_notification(notifications_admin): - response = notifications_admin.test_client().get('/jobs/job/notification/3') +def test_should_show_page_for_one_job(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/jobs/job') - assert response.status_code == 200 - assert 'Text message' in response.get_data(as_text=True) - assert '+44 7700 900 522' in response.get_data(as_text=True) + assert response.status_code == 200 + assert 'dispatch_20151114.csv' in response.get_data(as_text=True) + assert 'Test message 1' in response.get_data(as_text=True) + + +def test_should_show_page_for_one_notification(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/jobs/job/notification/3') + + assert response.status_code == 200 + assert 'Text message' in response.get_data(as_text=True) + assert '+44 7700 900 522' in response.get_data(as_text=True) diff --git a/tests/app/main/views/test_service_settings.py b/tests/app/main/views/test_service_settings.py index 0628cb159..f468764f9 100644 --- a/tests/app/main/views/test_service_settings.py +++ b/tests/app/main/views/test_service_settings.py @@ -1,103 +1,165 @@ -def test_should_show_overview(notifications_admin): - response = notifications_admin.test_client().get('/service-settings') - - assert response.status_code == 200 - assert 'Service settings' in response.get_data(as_text=True) +from tests.app.main import create_test_user -def test_should_show_service_name(notifications_admin): - response = notifications_admin.test_client().get('/service-settings/name') - - assert response.status_code == 200 - assert 'Change your service name' in response.get_data(as_text=True) +def test_should_show_overview(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings') + assert response.status_code == 200 + assert 'Service settings' in response.get_data(as_text=True) -def test_should_redirect_after_change_service_name(notifications_admin): - response = notifications_admin.test_client().post('/service-settings/request-to-go-live') +def test_should_show_service_name(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings/name') + assert response.status_code == 200 + assert 'Change your service name' in response.get_data(as_text=True) + + +def test_should_redirect_after_change_service_name(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/service-settings/request-to-go-live') assert response.status_code == 302 assert 'http://localhost/service-settings' == response.location -def test_should_show_service_name_confirmation(notifications_admin): - response = notifications_admin.test_client().get('/service-settings/name/confirm') +def test_should_show_service_name_confirmation(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings/name/confirm') assert response.status_code == 200 assert 'Change your service name' in response.get_data(as_text=True) -def test_should_redirect_after_service_name_confirmation(notifications_admin): - response = notifications_admin.test_client().post('/service-settings/name/confirm') +def test_should_redirect_after_service_name_confirmation(notifications_admin, notifications_admin_db, + notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/service-settings/name/confirm') assert response.status_code == 302 assert 'http://localhost/service-settings' == response.location -def test_should_show_request_to_go_live(notifications_admin): - response = notifications_admin.test_client().get('/service-settings/request-to-go-live') +def test_should_show_request_to_go_live(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings/request-to-go-live') assert response.status_code == 200 assert 'Request to go live' in response.get_data(as_text=True) -def test_should_redirect_after_request_to_go_live(notifications_admin): - response = notifications_admin.test_client().post('/service-settings/request-to-go-live') +def test_should_redirect_after_request_to_go_live(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/service-settings/request-to-go-live') assert response.status_code == 302 assert 'http://localhost/service-settings' == response.location -def test_should_show_status_page(notifications_admin): - response = notifications_admin.test_client().get('/service-settings/status') +def test_should_show_status_page(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings/status') assert response.status_code == 200 assert 'Turn off all outgoing notifications' in response.get_data(as_text=True) -def test_should_show_redirect_after_status_change(notifications_admin): - response = notifications_admin.test_client().post('/service-settings/status') +def test_should_show_redirect_after_status_change(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/service-settings/status') assert response.status_code == 302 assert 'http://localhost/service-settings/status/confirm' == response.location -def test_should_show_status_confirmation(notifications_admin): - response = notifications_admin.test_client().get('/service-settings/status/confirm') +def test_should_show_status_confirmation(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings/status/confirm') assert response.status_code == 200 assert 'Turn off all outgoing notifications' in response.get_data(as_text=True) -def test_should_redirect_after_status_confirmation(notifications_admin): - response = notifications_admin.test_client().post('/service-settings/status/confirm') +def test_should_redirect_after_status_confirmation(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/service-settings/status/confirm') assert response.status_code == 302 assert 'http://localhost/service-settings' == response.location -def test_should_show_delete_page(notifications_admin): - response = notifications_admin.test_client().get('/service-settings/delete') +def test_should_show_delete_page(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings/delete') assert response.status_code == 200 assert 'Delete this service from Notify' in response.get_data(as_text=True) -def test_should_show_redirect_after_deleting_service(notifications_admin): - response = notifications_admin.test_client().post('/service-settings/delete') +def test_should_show_redirect_after_deleting_service(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/service-settings/delete') assert response.status_code == 302 assert 'http://localhost/service-settings/delete/confirm' == response.location -def test_should_show_delete_confirmation(notifications_admin): - response = notifications_admin.test_client().get('/service-settings/delete/confirm') +def test_should_show_delete_confirmation(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/service-settings/delete/confirm') assert response.status_code == 200 assert 'Delete this service from Notify' in response.get_data(as_text=True) -def test_should_redirect_delete_confirmation(notifications_admin): - response = notifications_admin.test_client().post('/service-settings/delete/confirm') +def test_should_redirect_delete_confirmation(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/service-settings/delete/confirm') assert response.status_code == 302 assert 'http://localhost/dashboard' == response.location diff --git a/tests/app/main/views/test_templates.py b/tests/app/main/views/test_templates.py index 219c3ad41..6be1ab019 100644 --- a/tests/app/main/views/test_templates.py +++ b/tests/app/main/views/test_templates.py @@ -1,17 +1,32 @@ -def test_should_return_list_of_all_templates(notifications_admin): - response = notifications_admin.test_client().get('/templates') +from tests.app.main import create_test_user + + +def test_should_return_list_of_all_templates(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/templates') assert response.status_code == 200 -def test_should_show_page_for_one_templates(notifications_admin): - response = notifications_admin.test_client().get('/templates/template') +def test_should_show_page_for_one_templates(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.get('/templates/template') assert response.status_code == 200 -def test_should_redirect_when_saving_a_template(notifications_admin): - response = notifications_admin.test_client().post('/templates/template') +def test_should_redirect_when_saving_a_template(notifications_admin, notifications_admin_db, notify_db_session): + with notifications_admin.test_request_context(): + with notifications_admin.test_client() as client: + user = create_test_user('active') + client.login(user) + response = client.post('/templates/template') assert response.status_code == 302 assert response.location == 'http://localhost/templates'