diff --git a/gracedb/alerts/tests/test_access.py b/gracedb/alerts/tests/test_access.py
index 55cf077175c4369cb398499cc47b5d40d74d79c2..554cd92deceaa72a7d1f4db8ff3f2ae5024a20b8 100644
--- a/gracedb/alerts/tests/test_access.py
+++ b/gracedb/alerts/tests/test_access.py
@@ -9,23 +9,23 @@ from alerts.models import Contact, Notification
class TestIndexView(GraceDbTestBase):
- """Test user access to main userprofile index page"""
+ """Test user access to main alerts index page"""
def test_internal_user_get(self):
"""Internal user can get to index view"""
- url = reverse('userprofile-home')
+ url = reverse('alerts:index')
response = self.request_as_user(url, "GET", self.internal_user)
self.assertEqual(response.status_code, 200)
def test_lvem_user_get(self):
"""LV-EM user can get to index view"""
- url = reverse('userprofile-home')
+ url = reverse('alerts:index')
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 200)
def test_public_user_get(self):
"""Public user can get to index view"""
- url = reverse('userprofile-home')
+ url = reverse('alerts:index')
response = self.request_as_user(url, "GET")
# Should be redirected to login page
self.assertEqual(response.status_code, 302)
@@ -36,19 +36,19 @@ class TestManagePasswordView(GraceDbTestBase):
def test_internal_user_get(self):
"""Internal user *can't* get to manage password page"""
- url = reverse('userprofile-manage-password')
+ url = reverse('alerts:manage-password')
response = self.request_as_user(url, "GET", self.internal_user)
self.assertEqual(response.status_code, 403)
def test_lvem_user_get(self):
"""LV-EM user can get to manage password page"""
- url = reverse('userprofile-manage-password')
+ url = reverse('alerts:manage-password')
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 200)
def test_public_user_get(self):
"""Public user can't get to manage password page"""
- url = reverse('userprofile-manage-password')
+ url = reverse('alerts:manage-password')
response = self.request_as_user(url, "GET")
self.assertEqual(response.status_code, 403)
@@ -58,25 +58,25 @@ class TestContactCreationView(GraceDbTestBase):
def test_internal_user_get(self):
"""Internal user can get contact creation view"""
- url = reverse('userprofile-create-contact')
+ url = reverse('alerts:create-contact')
response = self.request_as_user(url, "GET", self.internal_user)
self.assertEqual(response.status_code, 200)
def test_lvem_user_get(self):
"""LV-EM user can't get contact creation view"""
- url = reverse('userprofile-create-contact')
+ url = reverse('alerts:create-contact')
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 403)
def test_public_user_get(self):
"""Public user can't get contact creation view"""
- url = reverse('userprofile-create-contact')
+ url = reverse('alerts:create-contact')
response = self.request_as_user(url, "GET")
self.assertEqual(response.status_code, 403)
# Prevent test emails from going out
-@mock.patch('userprofile.views.EmailMessage')
+@mock.patch('alerts.views.EmailMessage')
class TestContactTestView(GraceDbTestBase):
"""Test user access to contact testing view"""
@@ -86,26 +86,26 @@ class TestContactTestView(GraceDbTestBase):
# Create a contact
cls.contact = Contact.objects.create(user=cls.internal_user,
- desc='test contact', email='test@test.com')
+ description='test contact', email='test@test.com')
def test_internal_user_test(self, mock_email_message):
"""Internal user can test contacts"""
- url = reverse('userprofile-test-contact', args=[self.contact.id])
+ url = reverse('alerts:test-contact', args=[self.contact.id])
response = self.request_as_user(url, "GET", self.internal_user)
- # Expect 302 since we are redirected to userprofile index page
+ # Expect 302 since we are redirected to alerts index page
# after the test
self.assertEqual(response.status_code, 302)
- self.assertEqual(response.url, reverse('userprofile-home'))
+ self.assertEqual(response.url, reverse('alerts:index'))
def test_lvem_user_test(self, mock_email_message):
"""LV-EM user can't test contacts"""
- url = reverse('userprofile-create-contact')
+ url = reverse('alerts:create-contact')
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 403)
def test_public_user_test(self, mock_email_message):
"""Public user can't test contacts"""
- url = reverse('userprofile-create-contact')
+ url = reverse('alerts:create-contact')
response = self.request_as_user(url, "GET")
self.assertEqual(response.status_code, 403)
@@ -119,46 +119,44 @@ class TestContactDeleteView(GraceDbTestBase):
# Create a contact
cls.contact = Contact.objects.create(user=cls.internal_user,
- desc='test contact', email='test@test.com')
+ description='test contact', email='test@test.com')
# Create another contact
cls.other_contact = Contact.objects.create(user=cls.lvem_user,
- desc='test contact', email='test@test.com')
+ description='test contact', email='test@test.com')
def test_internal_user_delete(self):
"""Internal user can delete their contacts"""
- url = reverse('userprofile-delete-contact', args=[self.contact.id])
+ url = reverse('alerts:delete-contact', args=[self.contact.id])
response = self.request_as_user(url, "GET", self.internal_user)
- # Expect 302 since we are redirected to userprofile index page
+ # Expect 302 since we are redirected to alerts index page
# after the contact is deleted
self.assertEqual(response.status_code, 302)
- self.assertEqual(response.url, reverse('userprofile-home'))
+ self.assertEqual(response.url, reverse('alerts:index'))
# Assert that contact is deleted
with self.assertRaises(self.contact.DoesNotExist):
self.contact.refresh_from_db()
def test_internal_user_delete_other(self):
"""Internal user can't delete other users' contacts"""
- url = reverse('userprofile-delete-contact',
+ url = reverse('alerts:delete-contact',
args=[self.other_contact.id])
response = self.request_as_user(url, "GET", self.internal_user)
- self.assertEqual(response.status_code, 403)
- self.assertEqual(response.content,
- "You are not authorized to modify another user's Contacts.")
+ self.assertEqual(response.status_code, 404)
def test_lvem_user_get(self):
"""LV-EM user can't delete contacts"""
# Even if an LV-EM user somehow ended up with a contact
# (see self.other_contact), they can't delete it.
for c in Contact.objects.all():
- url = reverse('userprofile-delete-contact', args=[c.id])
+ url = reverse('alerts:delete-contact', args=[c.id])
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 403)
def test_public_user_get(self):
"""Public user can't delete contacts"""
for c in Contact.objects.all():
- url = reverse('userprofile-delete-contact', args=[c.id])
+ url = reverse('alerts:delete-contact', args=[c.id])
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 403)
@@ -168,20 +166,21 @@ class TestNotificationCreateView(GraceDbTestBase):
def test_internal_user_get(self):
"""Internal user can get notification creation view"""
- url = reverse('userprofile-create')
+ url = reverse('alerts:create-notification')
response = self.request_as_user(url, "GET", self.internal_user)
self.assertEqual(response.status_code, 200)
def test_lvem_user_get(self):
"""LV-EM user can't get notification creation view"""
- url = reverse('userprofile-create')
+ url = reverse('alerts:create-notification')
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 403)
def test_public_user_get(self):
"""Public user can't get notification creation view"""
- url = reverse('userprofile-create')
+ url = reverse('alerts:create-notification')
response = self.request_as_user(url, "GET")
+ # User should be redirected to login view
self.assertEqual(response.status_code, 403)
@@ -194,51 +193,50 @@ class TestNotificationDeleteView(GraceDbTestBase):
# Create a contact and a notification
cls.contact = Contact.objects.create(user=cls.internal_user,
- desc='test contact', email='test@test.com')
+ description='test contact', email='test@test.com')
cls.notification = Notification.objects.create(user=cls.internal_user)
cls.notification.contacts.add(cls.contact)
# Create another contact and notification
+ # We use lvem_user as the user account just so it can be used for
+ # testing deletion of another user's contacts. But in reality, an
+ # LV-EM user should never have a contact or notification
cls.other_contact = Contact.objects.create(user=cls.lvem_user,
- desc='test contact', email='test@test.com')
- cls.other_notification = Notification.objects.create(user=cls.lvem_user)
+ description='test contact', email='test@test.com')
+ cls.other_notification = Notification.objects.create(
+ user=cls.lvem_user)
cls.other_notification.contacts.add(cls.other_contact)
def test_internal_user_delete(self):
"""Internal user can delete their notifications"""
- url = reverse('userprofile-delete', args=[self.notification.id])
+ url = reverse('alerts:delete-notification',
+ args=[self.notification.id])
response = self.request_as_user(url, "GET", self.internal_user)
- # Expect 302 since we are redirected to userprofile index page
+ # Expect 302 since we are redirected to alerts index page
# after the notification is deleted
self.assertEqual(response.status_code, 302)
- self.assertEqual(response.url, reverse('userprofile-home'))
+ self.assertEqual(response.url, reverse('alerts:index'))
# Assert that contact is deleted
with self.assertRaises(self.notification.DoesNotExist):
self.notification.refresh_from_db()
def test_internal_user_delete_other(self):
"""Internal user can't delete other users' notifications"""
- url = reverse('userprofile-delete', args=[self.other_notification.id])
+ url = reverse('alerts:delete-notification',
+ args=[self.other_notification.id])
response = self.request_as_user(url, "GET", self.internal_user)
- # Expect 302 since we are redirected to userprofile index page
- # after the notification is deleted
- self.assertEqual(response.status_code, 403)
- self.assertEqual(response.content,
- "You are not allowed to modify another user's notifications.")
+ self.assertEqual(response.status_code, 404)
def test_lvem_user_delete(self):
"""LV-EM user can't delete notifications"""
for t in Notification.objects.all():
- url = reverse('userprofile-delete', args=[t.id])
+ url = reverse('alerts:delete-notification', args=[t.id])
response = self.request_as_user(url, "GET", self.lvem_user)
self.assertEqual(response.status_code, 403)
def test_public_user_delete(self):
- """Public user can't get delete notifications"""
+ """Public user can't delete notifications"""
for t in Notification.objects.all():
- url = reverse('userprofile-delete', args=[t.id])
+ url = reverse('alerts:delete-notification', args=[t.id])
response = self.request_as_user(url, "GET")
self.assertEqual(response.status_code, 403)
- url = reverse('userprofile-create')
- response = self.request_as_user(url, "GET")
- self.assertEqual(response.status_code, 403)
diff --git a/gracedb/alerts/tests/test_views.py b/gracedb/alerts/tests/test_views.py
index bb4e777101f1b98ce466f76464ca7aa826f926e5..2098ec3c359349d62432a28df8145bd4cdfd3abe 100644
--- a/gracedb/alerts/tests/test_views.py
+++ b/gracedb/alerts/tests/test_views.py
@@ -51,6 +51,7 @@ class TestUpdateContactView(GraceDbTestBase):
'key_field': 'phone',
'description': 'new description',
'phone': '23456789012',
+ 'phone_method': Contact.CONTACT_PHONE_CALL,
}
original_phone = self.phone_contact.phone
url = reverse('alerts:edit-contact', args=[self.phone_contact.pk])
@@ -60,7 +61,9 @@ class TestUpdateContactView(GraceDbTestBase):
# Refresh from database
self.phone_contact.refresh_from_db()
- # Check values - description should be updated, but phone should not be
+ # Check values - description and method should be updated, but phone
+ # number should not be
self.assertEqual(self.phone_contact.description, data['description'])
self.assertNotEqual(self.phone_contact.phone, data['phone'])
self.assertEqual(self.phone_contact.phone, original_phone)
+ self.assertEqual(self.phone_contact.phone_method, data['phone_method'])