Merge pull request #376 from uchicago-cs/users/admin-user-tests

Admin user and regular user view tests
uchicago-cs · Dec 5, 2023 · bee7fc0 · bee7fc0
2 parents 99734eb + 90fc6e7
commit bee7fc0
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 7 deletions.
diff --git a/src/chigame/users/tests/test_views.py b/src/chigame/users/tests/test_views.py
@@ -12,7 +12,7 @@
 from chigame.users.forms import UserAdminChangeForm
 from chigame.users.models import User
 from chigame.users.tests.factories import UserFactory
-from chigame.users.views import UserRedirectView, UserUpdateView, user_detail_view
+from chigame.users.views import UserRedirectView, UserUpdateView, user_detail_view, user_list
 
 pytestmark = pytest.mark.django_db
 
@@ -94,3 +94,27 @@ def test_not_authenticated(self, user: User, rf: RequestFactory):
         assert isinstance(response, HttpResponseRedirect)
         assert response.status_code == 302
         assert response.url == f"{login_url}?next=/fake-url/"
+
+
+@pytest.mark.django_db
+def test_admin_user_list_view(client, rf: RequestFactory):
+    request = rf.get("user-list")
+
+    request.user = User.objects.create_user(is_staff=True, name="testuser", password="testpass", email="[email protected]")
+    client.login(email="[email protected]", password="testpass")
+
+    response = user_list(request)
+
+    assert response.status_code == 200
+
+
+@pytest.mark.django_db
+def test_nonadmin_user_list_view(client, rf: RequestFactory):
+    request = rf.get("user-list")
+
+    request.user = User.objects.create_user(name="testuser", password="testpass", email="[email protected]")
+    client.login(email="[email protected]", password="testpass")
+
+    response = user_list(request)
+
+    assert response.status_code == 404
diff --git a/src/chigame/users/urls.py b/src/chigame/users/urls.py
@@ -12,6 +12,7 @@
     send_friend_invitation,
     user_detail_view,
     user_inbox_view,
+    user_list,
     user_profile_detail_view,
     user_redirect_view,
     user_search_results,
@@ -29,7 +30,8 @@
     path("add_friend/<int:pk>", view=send_friend_invitation, name="add-friend"),
     path("remove_friend/<int:pk>", view=remove_friend, name="remove-friend"),
     path("cancel_friend_invitation/<int:pk>", view=cancel_friend_invitation, name="cancel-friend-invitation"),
-    path("user-list/", views.user_list, name="user-list"),
+    path("user-detail/", views.user_detail_view, name="user-detail"),
+    path("user-list/", view=user_list, name="user-list"),
     path("accept_friend_invitation/<int:pk>", view=accept_friend_invitation, name="accept-friend-invitation"),
     path("decline_friend_invitation/<int:pk>", view=decline_friend_invitation, name="decline-friend-invitation"),
     path("user_history/<int:pk>", views.user_history, name="user-history"),

diff --git a/src/chigame/users/views.py b/src/chigame/users/views.py
@@ -4,6 +4,7 @@
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.messages.views import SuccessMessageMixin
 from django.db.models import Q
+from django.http import HttpResponseNotFound
 from django.shortcuts import get_object_or_404, redirect, render
 from django.urls import reverse
 from django.utils.translation import gettext_lazy as _
@@ -59,13 +60,16 @@ def get_redirect_url(self):
 
 @login_required
 def user_list(request):
-    users = User.objects.all()
-    table = UserTable(users)
-    context = {"users": users, "table": table}
+    if request.user.is_staff:
+        users = User.objects.all()
+        table = UserTable(users)
+        context = {"users": users, "table": table}
 
-    # Add information about top ranking users, total points collected, etc.
+        # Add information about top ranking users, total points collected, etc.
 
-    return render(request, "users/user_list.html", context)
+        return render(request, "users/user_list.html", context)
+    else:
+        return HttpResponseNotFound("Access to link is restricted to admins")
 
 
 def user_history(request, pk):

diff --git a/src/templates/users/user_detail.html b/src/templates/users/user_detail.html
@@ -41,6 +41,14 @@ <h2>My Account:</h2>
             <li class="list-item">Bio: {{ object.userprofile.bio }}</li>
             <li class="list-item">Date Joined: {{ object.date_joined }}</li>
             <!-- Your Stuff: Custom user template URLs -->
+            {% if object.is_staff %}
+              <li class="list-item">
+                Users:
+                <a class="btn btn-primary"
+                   href="{% url 'users:user-list' %}"
+                   role="button">List of Users</a>
+              </li>
+            {% endif %}
           </ul>
         </div>
       </div>