File diff 744593ed423d → b95586a70595
Show inline comments
# Standard library imports.
from StringIO import StringIO
from zipfile import ZipFile, ZIP_DEFLATED

# Python third-party library imports.
import mock

# Django imports.
from django.core.urlresolvers import reverse
from django.http import Http404
from django.test import RequestFactory
from django.test import TestCase
from django.test.client import Client
from django.contrib.auth.models import User, Permission

# Application imports
from conntrackt.models import Project, Location, Entity, Interface
from conntrackt.views import EntityCreateView
from conntrackt.views import InterfaceCreateView, InterfaceUpdateView

from conntrackt.views import IndexView
from conntrackt.views import entity_iptables, project_iptables

from conntrackt.views import ProjectView, ProjectCreateView, ProjectUpdateView, ProjectDeleteView
from conntrackt.views import LocationCreateView, LocationUpdateView, LocationDeleteView
from conntrackt.views import EntityView, EntityCreateView, EntityUpdateView, EntityDeleteView
from conntrackt.views import InterfaceCreateView, InterfaceUpdateView, InterfaceDeleteView

from helpers import PermissionTestMixin, create_get_request, generate_get_response, FakeMessages


class ViewTest(TestCase):
    Abstract test class that initalises the fixtures, sets-up a client, and
    sets-up a test user.
class IndexViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")


class IndexViewTest(ViewTest):

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.
    sufficient_permissions = ("view",)
    view_class = IndexView

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("index"))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.
    def test_context_no_projects(self):

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("index"))

        self.assertEqual(response.status_code, 200)

    def test_no_projects(self):
        Tests the index view when no projects are defined.
        Verifies that the context is properly set-up when the view is called and
        no projects are available.


        self.client.login(username="fullperms", password="fullperms")
        response = self.client.get(reverse("index"))
        # Get the view.
        view = IndexView.as_view()

        # Get the response.
        response = generate_get_response(view)

        self.assertContains(response, "There are no projects defined.")
        # Validate the response.
        self.assertQuerysetEqual(response.context_data["projects"], [])

    def test_no_locations(self):
    def test_context_no_locations(self):
        Tests the index view when no locations are defined.
        Verifies that the context is properly set-up when the view is called and
        no locations are available.


        self.client.login(username="fullperms", password="fullperms")
        response = self.client.get(reverse("index"))
        # Get the view.
        view = IndexView.as_view()

        # Get the response.
        response = generate_get_response(view)

        self.assertContains(response, "There are no locations defined.")
        # Validate the response.
        self.assertQuerysetEqual(response.context_data["locations"], [])

    def test_projects_available(self):
    def test_context_projects(self):
        Tests if projects are shown or not.
        Verifies that the context is properly set-up when the view is called and
        there's multiple projects available.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("index"))
        # Get the view.
        view = IndexView.as_view()

        self.assertQuerysetEqual(response.context["projects"], ["<Project: Test Project 1>", "<Project: Test Project 2>"])
        self.assertContains(response, "Test Project 1")
        self.assertContains(response, "Test Project 2")
        # Get the response.
        response = generate_get_response(view)

        self.assertQuerysetEqual(response.context_data["projects"], ["<Project: Test Project 1>", "<Project: Test Project 2>"])

    def test_locations_available(self):
        Tests if locations are shown or not.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("index"))

        self.assertQuerysetEqual(response.context["locations"], ["<Location: Test Location 1>", "<Location: Test Location 2>"])
        self.assertContains(response, "Test Location 1")
        self.assertContains(response, "Test Location 2")


class ProjectViewTest(ViewTest):

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.
        Verifies that the context is properly set-up when the view is called and
        there's multiple locationsg available.

        self.client.login(username="noperms", password="noperms")
        # Get the view.
        view = IndexView.as_view()

        response = self.client.get(reverse("project", args=(1,)))
        # Get the response.
        response = generate_get_response(view)

        # Validate the response.
        self.assertQuerysetEqual(response.context_data["locations"], ["<Location: Test Location 1>", "<Location: Test Location 2>"])


        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)
class ProjectViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.
    sufficient_permissions = ("view",)
    permission_test_view_kwargs = {"pk": "1"}
    view_class = ProjectView

    def test_context(self):

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project", args=(1,)))

        self.assertEqual(response.status_code, 200)

    def test_project_show(self):
        Tests if the project information is shown properly.
        Verifies that the context is properly set-up when the view is called.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project", args=(1,)))
        # Get the view.
        view = ProjectView.as_view()

        location, entities = response.context["location_entities"][0]
        self.assertEqual(, "Test Location 1")
        self.assertQuerysetEqual(entities, ["<Entity: Test Entity 1 (Test Project 1 - Test Location 1)>",
                                            "<Entity: Test Entity 2 (Test Project 1 - Test Location 1)>"])
        # Get the response.
        response = generate_get_response(view, pk=1)

        # Fetch context data from response.
        location, entities = response.context_data["location_entities"][0]

        location, entities = response.context["location_entities"][1]
        self.assertEqual(, "Test Location 2")
        self.assertQuerysetEqual(entities, ["<Entity: Test Entity 3 (Test Project 1 - Test Location 2)>",
                                            "<Entity: Test Subnet (Test Project 1 - Test Location 2)>"])
        # Set-up expected context data values.
        expected_entities = ["<Entity: Test Entity 1 (Test Project 1 - Test Location 1)>",
                             "<Entity: Test Entity 2 (Test Project 1 - Test Location 1)>"]
        # Validate context data.
        self.assertEqual(, "Test Location 1")
        self.assertQuerysetEqual(entities, expected_entities)

        # Fetch context data from response.
        location, entities = response.context_data["location_entities"][1]

        self.assertEqual(str(response.context["project"]), "Test Project 1")
        self.assertContains(response, "Test Project 1")
        self.assertContains(response, "Test Location 1")
        self.assertContains(response, "Test Location 2")
        # Set-up expected context data values.
        expected_entities = ["<Entity: Test Entity 3 (Test Project 1 - Test Location 2)>",
                             "<Entity: Test Subnet (Test Project 1 - Test Location 2)>"]

        # Validate context data.
        self.assertEqual(, "Test Location 2")
        self.assertQuerysetEqual(entities, expected_entities)

        # Validate context data.
        self.assertEqual(str(response.context_data["project"]), "Test Project 1")


class EntityViewTest(ViewTest):
class EntityViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def test_permission_denied(self):
    view_class = EntityView
    sufficient_permissions = ("view",)
    permission_test_view_kwargs = {"pk": "1"}

    def test_context(self):
        Tests if permission will be denied for client without sufficient privileges.
        Tests if the form comes pre-populated with proper content.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("entity", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = EntityView.as_view()

        response = self.client.get(reverse("entity", args=(1,)))

        self.assertEqual(response.status_code, 200)
        # Get the response.
        response = generate_get_response(view, pk=1)

    def test_entity_show(self):
        Tests if the entity information is shown properly.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity", args=(1,)))
        # Set-up expected context data.
        expected_entity = Entity.objects.get(pk=1)

        expected_incoming_communications = ["<Communication: Test Entity 2 -> Test Entity 1 (TCP:22)>",
                                            "<Communication: Test Entity 2 -> Test Entity 1 (ICMP:8)>",
                                            "<Communication: Test Entity 3 -> Test Entity 1 (TCP:3306)>",
                                            "<Communication: Test Subnet -> Test Entity 1 (TCP:22)>"]

        expected_outgoing_communications = ["<Communication: Test Entity 1 -> Test Entity 2 (UDP:123)>",
                                            "<Communication: Test Entity 1 -> Test Entity 3 (UDP:53)>"]

        expected_interfaces = ["<Interface: Test Entity 1 (>"]

        self.assertQuerysetEqual(response.context["interfaces"], expected_interfaces)
        self.assertQuerysetEqual(response.context["incoming_communications"], expected_incoming_communications)
        self.assertQuerysetEqual(response.context["outgoing_communications"], expected_outgoing_communications)
        self.assertEqual(str(response.context["entity"]), "Test Entity 1 (Test Project 1 - Test Location 1)")
        self.assertContains(response, "Test Entity 1")
        self.assertContains(response, ":INPUT")
        self.assertContains(response, ":OUTPUT")
        self.assertContains(response, ":FORWARD")

        # Validate the response.
        self.assertQuerysetEqual(response.context_data["interfaces"], expected_interfaces)
        self.assertQuerysetEqual(response.context_data["incoming_communications"], expected_incoming_communications)
        self.assertQuerysetEqual(response.context_data["outgoing_communications"], expected_outgoing_communications)
        self.assertEqual(response.context_data["entity"], expected_entity)
        self.assertTrue("entity_iptables" in response.context_data)


class EntityIptablesTest(ViewTest):
class EntityIptablesTest(PermissionTestMixin, TestCase):

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("entity_iptables", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)
    fixtures = ['test-data.json']

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.
    view_function = staticmethod(entity_iptables)
    sufficient_permissions = ("view",)
    permission_test_view_kwargs = {"pk": "1"}

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_iptables", args=(1,)))

        self.assertEqual(response.status_code, 200)

    def test_no_entity(self):
    def test_invalid_entity(self):
        Tests if a 404 is returned if no entity was found (invalid ID).

        self.client.login(username="fullperms", password="fullperms")
        # Set-up a request.
        request = create_get_request()

        response = self.client.get(reverse("entity_iptables", args=(200,)))
        # Get the view.
        view = entity_iptables

        self.assertEqual(response.status_code, 404)
        # Validate the response.
        self.assertRaises(Http404, view, request, pk=200)

    def test_content_type(self):
        Test if correct content type is being returned by the response.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = entity_iptables

        response = self.client.get(reverse("entity_iptables", args=(1,)))
        # Get the response.
        response = generate_get_response(view, pk=1)

        self.assertEqual(response['Content-Type'], "text/plain")

    def test_content_disposition(self):
        Test if the correct content disposition has been set.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = entity_iptables

        response = self.client.get(reverse("entity_iptables", args=(1,)))
        # Get the response.
        response = generate_get_response(view, pk=1)

        self.assertEqual(response['Content-Disposition'], "attachment; filename=test_entity_1-iptables.conf")

    def test_entity_iptables_show(self):
    def test_content(self):
        Test if the entity's iptables are being show or not.
        Tests content produced by the view.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = entity_iptables

        response = self.client.get(reverse("entity_iptables", args=(1,)))
        # Get the response.
        response = generate_get_response(view, pk=1)

        self.assertContains(response, ":INPUT")
        self.assertContains(response, ":OUTPUT")
        self.assertContains(response, ":FORWARD")


class ProjectIptablesTest(ViewTest):
class ProjectIptablesTest(PermissionTestMixin, TestCase):

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("project_iptables", args=(1,)))
    fixtures = ['test-data.json']

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_iptables", args=(1,)))

        self.assertEqual(response.status_code, 200)
    view_function = staticmethod(project_iptables)
    sufficient_permissions = ("view",)
    permission_test_view_kwargs = {"project_id": 1}

    def test_invalid_project(self):
        Tests if a 404 is returned if invalid project is specified.
        Tests if a 404 is returned if no project was found (invalid ID).

        self.client.login(username="fullperms", password="fullperms")
        # Set-up a request.
        request = create_get_request()

        response = self.client.get(reverse("project_iptables", args=(200,)))
        self.assertEqual(response.status_code, 404)
        # Get the view.
        view = project_iptables

        response = self.client.get(reverse("project_location_iptables", args=(200, 1)))
        self.assertEqual(response.status_code, 404)
        # Request iptables for whole project.
        self.assertRaises(Http404, view, request, 200)
        # Request iptables for project location
        self.assertRaises(Http404, view, request, 200, 1)

    def test_invalid_location(self):
        Tests if a 404 is returned if invalid location is specified.
        Tests if a 404 is returned if no location was found (invalid ID).

        self.client.login(username="fullperms", password="fullperms")
        # Set-up a request.
        request = create_get_request()

        response = self.client.get(reverse("project_location_iptables", args=(1, 200)))
        self.assertEqual(response.status_code, 404)
        # Get the view.
        view = project_iptables

        # Request iptables for project location
        self.assertRaises(Http404, view, request, 1, 200)

    def test_content_type(self):
        Test if correct content type is being returned by the response.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = project_iptables

        response = self.client.get(reverse("project_iptables", args=(1,)))
        # Get the response.
        response = generate_get_response(view, None, 1)

        # Validate the response.
        self.assertEqual(response['Content-Type'], "application/zip")

    def test_content_disposition(self):
        Test if the correct content disposition has been set.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = project_iptables

        response = self.client.get(reverse("project_iptables", args=(1,)))
        # Get the response.
        response = generate_get_response(view, None, 1)
        self.assertEqual(response['Content-Disposition'], 'attachment; filename=""')

        response = self.client.get(reverse("project_location_iptables", args=(1, 1)))
        response = generate_get_response(view, None, 1, 1)
        self.assertEqual(response['Content-Disposition'], 'attachment; filename=""')

    def test_project_entities_show(self):
    def test_content_project(self):
        Test if the project's iptables are being shown or not.
        Verifies that the content is properly generated when the view is called
        for an entire project.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = project_iptables

        response = self.client.get(reverse("project_iptables", args=(1,)))
        # Get the response.
        response = generate_get_response(project_iptables, None, 1)

        buff = StringIO(response.content)

        zipped_iptables = ZipFile(buff, "r", ZIP_DEFLATED)
        expected_zip_files = ["test_entity_1-iptables.conf",
@@ -378,20 +341,23 @@ class ProjectIptablesTest(ViewTest):
            self.assertIn(":INPUT", iptables_file)
            self.assertIn(":OUTPUT", iptables_file)
            self.assertIn(":FORWARD", iptables_file)


    def test_project_location_entities_show(self):
    def test_content_location(self):
        Test if the project location's iptables are being shown or not.
        Verifies that the content is properly generated when the view is called
        for an entire project.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = project_iptables

        response = self.client.get(reverse("project_location_iptables", args=(1, 1)))
        # Get the response.
        response = generate_get_response(project_iptables, None, 1, 1)

        buff = StringIO(response.content)

        zipped_iptables = ZipFile(buff, "r", ZIP_DEFLATED)
        expected_zip_files = ["test_entity_1-iptables.conf",
@@ -405,408 +371,241 @@ class ProjectIptablesTest(ViewTest):
            self.assertIn(":OUTPUT", iptables_file)
            self.assertIn(":FORWARD", iptables_file)



class ProjectCreateViewTest(TestCase):

    def setUp(self):
        # Set-up web client.
        self.client = Client()

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.
class ProjectCreateViewTest(PermissionTestMixin, TestCase):

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("project_create"))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_create"))

        self.assertEqual(response.status_code, 200)
    view_class = ProjectCreateView
    sufficient_permissions = ("add_project",)

    def test_form_styling(self):
        Tests if proper form styling is being applied.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = ProjectCreateView.as_view()

        response = self.client.get(reverse("project_create"))
        # Get the response.
        response = generate_get_response(view)

        self.assertContains(response, 'class="span6 textinput')
        self.assertContains(response, 'class="span6 textarea')
        self.assertContains(response, 'placeholder="New Project"')
        self.assertContains(response, 'placeholder="Description for new project."')


class ProjectUpdateViewTest(TestCase):
class ProjectUpdateViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("project_update", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_update", args=(1,)))

        self.assertEqual(response.status_code, 200)
    view_class = ProjectUpdateView
    sufficient_permissions = ("change_project",)
    permission_test_view_kwargs = {"pk": 1}

    def test_form_styling(self):
        Tests if proper form styling is being applied.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = ProjectUpdateView.as_view()

        response = self.client.get(reverse("project_update", args=(1,)))
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.assertContains(response, 'class="span6 textinput')
        self.assertContains(response, 'class="span6 textarea')
        self.assertContains(response, 'placeholder="Project name"')
        self.assertContains(response, 'placeholder="Description for project."')

    def test_content(self):
    def test_context(self):
        Tests if the form comes pre-populated with proper content.
        Verifies that the context is properly set-up when the view is called for
        specific project.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_update", args=(1,)))
        # Get the view.
        view = ProjectUpdateView.as_view()

        self.assertContains(response, ">Edit project Test Project 1<")
        self.assertContains(response, 'value="Test Project 1"')
        self.assertContains(response, "This is a test project 1.")
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.assertEqual(response.context_data["project"].name, "Test Project 1")


class ProjectDeleteViewTest(TestCase):
class ProjectDeleteViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()
    view_class = ProjectDeleteView
    sufficient_permissions = ("delete_project",)
    permission_test_view_kwargs = {"pk": "1"}

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
    def test_context(self):
        Tests if permission will be denied for client without sufficient privileges.
        Verifies that the context is properly set-up when the view is called for
        specific project.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("project_delete", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")
        # Get the expected project.
        project = Project.objects.get(pk=1)

        response = self.client.get(reverse("project_delete", args=(1,)))

        self.assertEqual(response.status_code, 200)
        # Get the view.
        view = ProjectDeleteView.as_view()

    def test_content(self):
        Tests if the form comes pre-populated with proper content.
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_delete", args=(1,)))

        self.assertContains(response, ">Remove project Test Project 1<")
        self.assertContains(response, "Are you sure you want to remove this project?")
        self.assertEqual(response.context_data["project"], project)

    def test_message(self):
        Tests if the message gets added when the project is deleted.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_delete", args=(1,)))
        # Get the view.
        view = ProjectDeleteView.as_view()

        response ="project_delete", args=(1,)),
                                    {'csrfmiddlewaretoken': response.context['request'].META['CSRF_COOKIE']},
        # Generate the request.
        request = RequestFactory().post("/fake-path/")
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True
        request._messages = FakeMessages()

        self.assertContains(response, "Project Test Project 1 has been removed.")
        # Get the response.
        response = view(request, pk=1)

        self.assertIn("Project Test Project 1 has been removed.", request._messages.messages)


class LocationCreateViewTest(TestCase):

    def setUp(self):
        # Set-up web client.
        self.client = Client()
class LocationCreateViewTest(PermissionTestMixin, TestCase):

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
    view_class = LocationCreateView
    sufficient_permissions = ("add_location",)
    def test_form_styling(self):
        Tests if permission will be denied for client without sufficient privileges.
        Tests if proper form styling is being applied.

        self.client.login(username="noperms", password="noperms")
        # Get the view.
        view = LocationCreateView.as_view()

        response = self.client.get(reverse("location_create"))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)
        # Get the response.
        response = generate_get_response(view)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.
        self.assertContains(response, 'class="span6 textinput')
        self.assertContains(response, 'class="span6 textarea')
        self.assertContains(response, 'placeholder="New Location"')
        self.assertContains(response, 'placeholder="Description for new location."')

        self.client.login(username="fullperms", password="fullperms")
class LocationUpdateViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

        response = self.client.get(reverse("location_create"))

        self.assertEqual(response.status_code, 200)
    view_class = LocationUpdateView
    sufficient_permissions = ("change_location",)
    permission_test_view_kwargs = {"pk": 1}

    def test_form_styling(self):
        Tests if proper form styling is being applied.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("location_create"))

        self.assertContains(response, 'class="span6 textinput')
        self.assertContains(response, 'class="span6 textarea')
        self.assertContains(response, 'placeholder="New Location"')
        self.assertContains(response, 'placeholder="Description for new location."')


class LocationUpdateViewTest(TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")
        # Get the view.
        view = LocationUpdateView.as_view()

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("location_update", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("location_update", args=(1,)))

        self.assertEqual(response.status_code, 200)

    def test_form_styling(self):
        Tests if proper form styling is being applied.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("location_update", args=(1,)))
        # Get the response.
        response = generate_get_response(view, pk=1)

        self.assertContains(response, 'class="span6 textinput')
        self.assertContains(response, 'class="span6 textarea')
        self.assertContains(response, 'placeholder="Location name"')
        self.assertContains(response, 'placeholder="Description for location."')

    def test_content(self):
    def test_context(self):
        Tests if the form comes pre-populated with proper content.
        Verifies that the context is properly set-up when the view is called for
        specific location.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("location_update", args=(1,)))
        # Get the view.
        view = LocationUpdateView.as_view()

        self.assertContains(response, ">Edit location Test Location 1<")
        self.assertContains(response, 'value="Test Location 1"')
        self.assertContains(response, "This is a test location 1.")
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.assertEqual(response.context_data["location"].name, "Test Location 1")


class LocationDeleteViewTest(TestCase):
class LocationDeleteViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()
    view_class = LocationDeleteView
    sufficient_permissions = ("delete_location",)
    permission_test_view_kwargs = {"pk": "1"}

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
    def test_context(self):
        Tests if permission will be denied for client without sufficient privileges.
        Verifies that the context is properly set-up when the view is called for
        specific location.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("location_delete", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")
        # Get the expected location.
        location = Location.objects.get(pk=1)

        response = self.client.get(reverse("location_delete", args=(1,)))

        self.assertEqual(response.status_code, 200)
        # Get the view.
        view = LocationDeleteView.as_view()

    def test_content(self):
        Tests if the form comes pre-populated with proper content.
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("location_delete", args=(1,)))

        self.assertContains(response, ">Remove location Test Location 1<")
        self.assertContains(response, "Are you sure you want to remove this location?")
        self.assertEqual(response.context_data["location"], location)

    def test_message(self):
        Tests if the message gets added when the location is deleted.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("location_delete", args=(1,)))
        # Get the view.
        view = LocationDeleteView.as_view()

        response ="location_delete", args=(1,)),
                                    {'csrfmiddlewaretoken': response.context['request'].META['CSRF_COOKIE']},
        # Generate the request.
        request = RequestFactory().post("/fake-path/")
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True

        self.assertContains(response, "Location Test Location 1 has been removed.")
        request._messages = FakeMessages()

        # Get the response.
        response = view(request, pk=1)

        self.assertIn("Location Test Location 1 has been removed.", request._messages.messages)


class EntityCreateViewTest(TestCase):
class EntityCreateViewTest(PermissionTestMixin, TestCase):

    view_class = EntityCreateView
    sufficient_permissions = ("add_entity",)

    def setUp(self):
        Sets-up some data necessary for testing.

        # Set-up some data for testing.
        Project.objects.create(name="Test Project 1", description="This is test project 1.")
        Project.objects.create(name="Test Project 2", description="This is test project 2.")
        Location.objects.create(name="Test Location 1", description="This is test location 1.")
        Location.objects.create(name="Test Location 2", description="This is test location 2.")

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        User.objects.create_user("noperms", "", "noperms")

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("entity_create"))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        user = User.objects.create_user("fullperms", "", "fullperms")

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_create"))

        self.assertEqual(response.status_code, 200)

    def test_form_project_limit(self):
        Tests if the queryset is properly limitted to specific project if GET
        parameters is passed.

@@ -862,182 +661,116 @@ class EntityCreateViewTest(TestCase):

        initial = view.get_initial()

        self.assertDictContainsSubset({"location": "1"}, initial)


class EntityDeleteViewTest(TestCase):
class EntityDeleteViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()
    view_class = EntityDeleteView
    sufficient_permissions = ("delete_entity",)
    permission_test_view_kwargs = {"pk": 1}

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
    def test_context(self):
        Tests if permission will be denied for client without sufficient privileges.
        Verifies that the context is properly set-up when the view is called for
        specific entity.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("entity_delete", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")
        # Get the expected entity.
        entity = Entity.objects.get(pk=1)

        response = self.client.get(reverse("entity_delete", args=(1,)))

        self.assertEqual(response.status_code, 200)
        # Get the view.
        view = EntityDeleteView.as_view()

    def test_content(self):
        Tests if the form comes pre-populated with proper content.
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_delete", args=(1,)))

        self.assertContains(response, ">Remove entity Test Entity 1<")
        self.assertContains(response, "Are you sure you want to remove this entity?")
        self.assertEqual(response.context_data["entity"], entity)

    def test_message(self):
        Tests if the message gets added when the entity is deleted.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_delete", args=(1,)))
        # Get the view.
        view = EntityDeleteView.as_view()

        response ="entity_delete", args=(1,)),
                                    {'csrfmiddlewaretoken': response.context['request'].META['CSRF_COOKIE']},
        # Generate the request.
        request = RequestFactory().post("/fake-path/")
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True

        self.assertContains(response, "Entity Test Entity 1 has been removed.")
        request._messages = FakeMessages()

        # Get the response.
        response = view(request, pk=1)

        self.assertIn("Entity Test Entity 1 has been removed.", request._messages.messages)

    def test_success_url(self):
        Validate that the success URL is set properly after delete.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_delete", args=(1,)))
        # Get the view.
        view = EntityDeleteView.as_view()

        response ="entity_delete", args=(1,)),
                                    {'csrfmiddlewaretoken': response.context['request'].META['CSRF_COOKIE']},
        # Generate the request
        request = RequestFactory().post("/fake-path/")
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True
        request._messages = FakeMessages()

        self.assertEqual(response.context["request"].META["PATH_INFO"], reverse("project", args=(1,)))
        # Get the response.
        response = view(request, pk=1)

        self.assertEqual(response["Location"], reverse("project", args=(1,)))


class EntityUpdateViewTest(TestCase):
class EntityUpdateViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()
    view_class = EntityUpdateView
    sufficient_permissions = ("change_entity",)
    permission_test_view_kwargs = {"pk": 1}

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
    def test_context(self):
        Tests if permission will be denied for client without sufficient privileges.
        Verifies that the context is properly set-up when the view is called for
        specific entity.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("entity_update", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_update", args=(1,)))
        # Get the view.
        view = EntityUpdateView.as_view()

        self.assertEqual(response.status_code, 200)

    def test_content(self):
        Tests if the form comes pre-populated with proper content.
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_update", args=(1,)))

        self.assertContains(response, ">Edit entity Test Entity 1<")
        self.assertContains(response, 'value="Test Entity 1"')
        self.assertContains(response, "This is a test entity 1.")
        self.assertEqual(response.context_data["entity"].name, "Test Entity 1")


class InterfaceCreateViewTest(TestCase):
class InterfaceCreateViewTest(PermissionTestMixin, TestCase):

    view_class = InterfaceCreateView
    sufficient_permissions = ("add_interface",)

    def setUp(self):
        Sets-up some data necessary for testing.

        # Set-up some data for testing.
        project = Project.objects.create(name="Test Project", description="This is test project.")
        location = Location.objects.create(name="Test Location", description="This is test location.")
        Entity.objects.create(name="Test Entity 1", description="This is test entity 1.", project=project, location=location)
        Entity.objects.create(name="Test Entity 2", description="This is test entity 2.", project=project, location=location)

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        User.objects.create_user("noperms", "", "noperms")

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("interface_create"))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        user = User.objects.create_user("fullperms", "", "fullperms")

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("interface_create"))

        self.assertEqual(response.status_code, 200)

    def test_form_entity_limit(self):
        Tests if the queryset is properly limitted to specific entity if GET
        parameter is passed.

@@ -1062,61 +795,60 @@ class InterfaceCreateViewTest(TestCase):
        view.object = None

        initial = view.get_initial()

        self.assertDictContainsSubset({"entity": "1"}, initial)

    def test_success_url(self):
        Validate that the success URL is set properly after interface is

class InterfaceUpdateViewTest(TestCase):
        # Get the view.
        view = InterfaceCreateView.as_view()

        # Generate the request.
        post_data = {"name": "eth0", "description": "Main interface.",
                     "entity": "1", "address": "",
                     "netmask": ""}
        request = RequestFactory().post("/fake-path/", data=post_data)
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True

        # Get the response.
        response = view(request, pk=1)

        self.assertEqual(response["Location"], reverse("entity", args=(1,)))
        self.assertEqual(response.status_code, 302)


class InterfaceUpdateViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()
    view_class = InterfaceUpdateView
    sufficient_permissions = ("change_interface",)
    permission_test_view_kwargs = {"pk": 1}

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
    def test_context(self):
        Tests if permission will be denied for client without sufficient privileges.
        Verifies that the context is properly set-up when the view is called for
        specific entity.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("interface_update", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("interface_update", args=(1,)))
        # Get the view.
        view = InterfaceUpdateView.as_view()

        self.assertEqual(response.status_code, 200)

    def test_content(self):
        Tests if the form comes pre-populated with proper content.
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("interface_update", args=(1,)))
        # Set-up expected interface.
        interface = Interface.objects.get(pk=1)

        self.assertContains(response, ">Edit interface eth0<")
        self.assertContains(response, 'value="eth0"')
        self.assertContains(response, "Main network interface.")
        self.assertEqual(response.context_data["interface"], interface)

    def test_form_entity_limit(self):
        Tests if the queryset is properly limitted to specific project's
@@ -1138,102 +870,90 @@ class InterfaceUpdateViewTest(TestCase):

    def test_success_url(self):
        Validate that the success URL is set properly after update.

        self.client.login(username="fullperms", password="fullperms")
        # Get the view.
        view = InterfaceUpdateView.as_view()

        # Get the interface object.
        interface = Interface.objects.get(pk=1)

        response = self.client.get(reverse("interface_update", args=(1,)))
        # Generate the request.
        post_data = {"name":, "description":,
                     "entity": "1", "address": "",
                     "netmask": ""}
        request = RequestFactory().post("/fake-path/", data=post_data)
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True

        response ="interface_update", args=(1,)),
                                    {'csrfmiddlewaretoken': response.context['request'].META['CSRF_COOKIE'],
                                     "entity": "1",
                                     "address": "",
                                     "netmask": ""},
        # Get the response.
        response = view(request, pk=1)

        self.assertEqual(response.context["request"].META["PATH_INFO"], reverse("entity", args=(1,)))
        self.assertEqual(response["Location"], reverse("entity", args=(1,)))
        self.assertEqual(response.status_code, 302)


class InterfaceDeleteViewTest(TestCase):
class InterfaceDeleteViewTest(PermissionTestMixin, TestCase):

    fixtures = ['test-data.json']

    def setUp(self):
        # Set-up web client.
        self.client = Client()
    view_class = InterfaceDeleteView
    sufficient_permissions = ("delete_interface",)
    permission_test_view_kwargs = {"pk": 1}

        # Set-up users with different view permissions.
        self.user = {}
        self.user["fullperms"] = User.objects.create_user("fullperms", "", "fullperms")
        self.user["noperms"] = User.objects.create_user("noperms", "", "noperms")

    def test_permission_denied(self):
    def test_context(self):
        Tests if permission will be denied for client without sufficient privileges.
        Verifies that the context is properly set-up when the view is called for
        specific interface.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("interface_delete", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")
        # Get the expected entity.
        interface = Interface.objects.get(pk=1)

        response = self.client.get(reverse("interface_delete", args=(1,)))

        self.assertEqual(response.status_code, 200)
        # Get the view.
        view = InterfaceDeleteView.as_view()

    def test_content(self):
        Tests if the form comes pre-populated with proper content.
        # Get the response.
        response = generate_get_response(view, None, pk=1)

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("interface_delete", args=(1,)))

        self.assertContains(response, ">Remove interface eth0<")
        self.assertContains(response, "Are you sure you want to remove this interface?")
        self.assertEqual(response.context_data["interface"], interface)

    def test_message(self):
        Tests if the message gets added when the interface is deleted.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("interface_delete", args=(1,)))
        # Get the view.
        view = InterfaceDeleteView.as_view()

        response ="interface_delete", args=(1,)),
                                    {'csrfmiddlewaretoken': response.context['request'].META['CSRF_COOKIE']},
        # Generate the request.
        request = RequestFactory().post("/fake-path/")
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True

        self.assertContains(response, "Interface eth0 has been removed.")
        request._messages = FakeMessages()

        # Get the response.
        response = view(request, pk=1)

        self.assertIn("Interface eth0 has been removed.", request._messages.messages)

    def test_success_url(self):
        Validate that the success URL is set properly after delete.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("interface_delete", args=(1,)))
        # Get the view.
        view = InterfaceDeleteView.as_view()

        response ="interface_delete", args=(1,)),
                                    {'csrfmiddlewaretoken': response.context['request'].META['CSRF_COOKIE']},
        # Generate the request
        request = RequestFactory().post("/fake-path/")
        request.user = mock.Mock()
        request._dont_enforce_csrf_checks = True
        request._messages = FakeMessages()

        self.assertEqual(response.context["request"].META["PATH_INFO"], reverse("entity", args=(1,)))
        # Get the response.
        response = view(request, pk=1)

        self.assertEqual(response["Location"], reverse("entity", args=(1,)))