Unit test for CodeUpdateAdmin view.

dbca-wa · Oct 24, 2024 · 961a92e · 961a92e
1 parent 3c38c23
commit 961a92e
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 13 deletions.
diff --git a/ibms_project/ibms/tests.py b/ibms_project/ibms/tests.py
@@ -63,23 +63,19 @@ def test_ibms_views_render(self):
         """Test that all the IBMS views render"""
         self.client.login(username="admin", password="test")
 
-        for view in ["upload", "download", "reload", "code_update", "serviceprioritydata", "dataamendment"]:
+        for view in [
+            "upload",
+            "download",
+            "reload",
+            "code_update",
+            "code_update_admin",
+            "serviceprioritydata",
+            "dataamendment",
+        ]:
             url = reverse(view)
             response = self.client.get(url)
             self.assertEqual(response.status_code, 200)
 
-    def test_ibms_codeupdate_admin(self):
-        """Test that the Code Update admin form renders"""
-        self.client.login(username="admin", password="test")
-        url = reverse("code_update") + "?admin=true"
-        response = self.client.get(url)
-        self.assertEqual(response.status_code, 200)
-        self.assertNotContains(response, "You must select a financial year")
-        url = reverse("code_update")  # Test the normal form also.
-        response = self.client.get(url)
-        self.assertEqual(response.status_code, 200)
-        self.assertContains(response, "You must select a financial year")
-
     def test_ibms_views_req_auth(self):
         """Test that all the IBMS views will redirect a non-auth'ed user."""
         for view in [
@@ -88,6 +84,7 @@ def test_ibms_views_req_auth(self):
             "download",
             "reload",
             "code_update",
+            "code_update_admin",
             "serviceprioritydata",
             "dataamendment",
         ]:
@@ -115,6 +112,16 @@ def test_clearglpivot_view_redirect(self):
         response = self.client.get(url)
         self.assertEqual(response.status_code, 200)
 
+    def test_code_update_admin_view_redirect(self):
+        """Test code_update_admin view redirects normal users, but not superusers."""
+        self.client.login(username="testuser", password="test")
+        url = reverse("code_update_admin")
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 302)
+        self.client.login(username="admin", password="test")
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 200)
+
     def test_ibms_admin_views(self):
         """Test that the Django ibms app admin works"""
         self.client.login(username="admin", password="test")

diff --git a/ibms_project/ibms/views.py b/ibms_project/ibms/views.py
@@ -267,6 +267,12 @@ def get_context_data(self, **kwargs):
         context["title"] = "CODE UPDATE (ADMIN)"
         return context
 
+    def get(self, request, *args, **kwargs):
+        if not request.user.is_superuser:
+            messages.error(self.request, "You are not authorised to carry out this operation")
+            return redirect("site_home")
+        return super(CodeUpdateAdminView, self).get(request, *args, **kwargs)
+
     def get_success_url(self):
         return reverse("code_update")