Refactor Pbi 2 login admin

administration/urls.py

@@ -5,9 +5,9 @@ from . import views
 app_name = "administration"
 
 urlpatterns = [
-    path("", views.verification),
-    path("api/approve/<int:pk>", views.verification),
-    path("api/disapprove/<int:pk>", views.verification),
+    path("", views.VerificationView.as_view()),
+    path("api/approve/<int:pk>", views.approve),
+    path("api/disapprove/<int:pk>", views.disapprove),
     path("setting/verification/", views.VerificationSettingView.as_view()),
     path("setting/category/", views.CategorySettingView.as_view()),
 ]

administration/views.py

@@ -10,8 +10,12 @@ from .models import VerificationSetting
 
 
 # Create your views here.
-def verification(request):
-    return render(request, "verif.html")
+class VerificationView(TemplateView):
+    template_name = "verif.html"
+
+    def get(self, request, *args, **kwargs):
+        context = self.get_context_data(**kwargs)
+        return self.render_to_response(context)
 
 
 def approve(request, pk):

app/templates/dashboard.html

@@ -135,7 +135,6 @@
   </a>
 
   <!-- Bootstrap core JavaScript-->
-  <!-- <script src="{% static 'vendor/jquery/jquery.min.js' %}"></script> -->
   <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js"
     integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo"
     crossorigin="anonymous"></script>

app/tests.py

@@ -5,7 +5,7 @@ from django.test import Client, TestCase, RequestFactory
 from django.urls import resolve
 
 from .models import Category, Comment, Materi
-from .views import DaftarKatalog, DetailMateri
+from .views import DaftarKatalog, DetailMateri, DashboardKontributorView
 
 from app.views import UploadMateriHTML, UploadMateriView
 from authentication.models import User
@@ -43,7 +43,8 @@ class DetailMateriTest(TestCase):
         self.assertEqual(found.func.__name__, DetailMateri.as_view().__name__)
 
     def test_category_models_can_create_new_object(self):
-        test = Category.objects.create(id="1", name="medis", description="kategori medis")
+        test = Category.objects.create(
+            id="1", name="medis", description="kategori medis")
         countData = Category.objects.all().count()
         self.assertEqual(1, countData)
         self.assertNotEqual(0, countData)
@@ -51,7 +52,8 @@ class DetailMateriTest(TestCase):
         self.assertNotEqual(test.__str__(), "saul")
 
     def test_comment_models_can_create_new_object(self):
-        test = Comment.objects.create(user="saul", profile="121212", comment="232323")
+        test = Comment.objects.create(
+            user="saul", profile="121212", comment="232323")
         countData = Comment.objects.all().count()
         self.assertEqual(1, countData)
         self.assertNotEqual(0, countData)
@@ -87,38 +89,39 @@ class TemplateLoaderTest(TestCase):
 
 class UploadPageTest(TestCase):
     def setUp(self):
-        self.client=Client()
+        self.client = Client()
         self.user = User.objects._create_user(email="kontributor@gov.id",
                                               password="kontributor", is_contributor=True)
 
     def test_upload_page_using_login_func(self):
         found = resolve("/unggah/")
-        self.assertEqual(found.func.__name__, UploadMateriView.as_view().__name__)
+        self.assertEqual(found.func.__name__,
+                         UploadMateriView.as_view().__name__)
 
     def test_uplaod_page_url_is_exist(self):
-        #Positive test
+        # Positive test
         self.client.login(email="kontributor@gov.id",
                           password="kontributor")
         response = self.client.get("/unggah/")
-        self.assertEqual(response.status_code,200)
+        self.assertEqual(response.status_code, 200)
 
         # Negative tests
         self.client.login(email="kontributor@gov.id",
-                       password="kontributor")
+                          password="kontributor")
         response = Client().get("/fake/")
         self.assertEqual(response.status_code, 404)
 
     def test_upload_page_template(self):
         url = "/unggah/"
         self.client.login(email="kontributor@gov.id",
-                       password="kontributor")
+                          password="kontributor")
         response = self.client.get(url)
         expected_template_name = "unggah.html"
         self.assertTemplateUsed(response, expected_template_name)
 
     def test_upload_page_title(self):
         self.client.login(email="kontributor@gov.id",
-                       password="kontributor")
+                          password="kontributor")
         response = self.client.get("/unggah/")
 
         # Positive tests
@@ -129,7 +132,7 @@ class UploadPageTest(TestCase):
 
     def test_upload_page_form_field(self):
         self.client.login(email="kontributor@gov.id",
-                       password="kontributor")
+                          password="kontributor")
         response = self.client.get("/unggah/")
 
         # Positive tests
@@ -137,3 +140,66 @@ class UploadPageTest(TestCase):
 
         # Negative tests
         self.assertNotContains(response, "anything")
+
+
+class DashboardKontributorViewTest(TestCase):
+    def setUp(self):
+        self.client = Client()
+        self.kontributor = User.objects.create_contributor(email="kontributor@gov.id",
+                                                     password="kontributor")
+        self.admin = User.objects.create_admin(email="admin@gov.id",
+                                               password="admin")
+        self.url = "/dashboard/"
+        self.view = DashboardKontributorView
+        self.template_name = "dashboard.html"
+
+    def test_dashboard_kontributor_view(self):
+        found = resolve(self.url)
+        self.assertEqual(found.func.__name__, self.view.as_view().__name__)
+
+    def test_dashboard_kontributor_template(self):
+        # Login
+        self.client.login(email="kontributor@gov.id",
+                          password="kontributor")
+        # Test
+        response = self.client.get(self.url)
+        self.assertTemplateUsed(response, self.template_name)
+        # Logout
+        self.client.logout()
+
+    def test_dashboard_kontributor_url(self):
+        # Login
+        self.client.login(email="kontributor@gov.id",
+                          password="kontributor")
+        # Test
+        response = self.client.get(self.url)
+        self.assertEqual(response.status_code, 200)
+        # Logout
+        self.client.logout()
+
+    def test_dashboard_kontributor_access(self):
+        # Kontributor
+        # Login
+        self.client.login(email="kontributor@gov.id",
+                          password="kontributor")
+        # Test
+        response = self.client.get(self.url)
+        self.assertEqual(response.status_code, 200)
+        # Logout
+        self.client.logout()
+
+        # Admin
+        # Login
+        self.client.login(email="admin@gov.id",
+                          password="admin")
+        # Test
+        response = self.client.get(self.url)
+        self.assertEqual(response.status_code, 403)
+        # Logout
+        self.client.logout()
+        
+        # Anonim
+        # Test
+        response = self.client.get(self.url)
+        self.assertEqual(response.status_code, 403)
+        

app/urls.py

 from django.urls import path, re_path
 
 from app import views
-from app.views import UploadMateriHTML, DashboardKontributor, UploadMateriView
+from app.views import UploadMateriHTML, DashboardKontributorView, UploadMateriView
 
 urlpatterns = [
     path("", views.DaftarKatalog.as_view(), name="daftar_katalog"),
     path("materi/<int:pk>/", views.DetailMateri.as_view(), name="detail-materi"),
     path("materi/<int:pk>/unduh", views.download_materi, name="download-materi"),
     path("materi/<int:pk>/view", views.view_materi, name="view-materi"),
-    path("dashboard/", DashboardKontributor.as_view(), name="dashboard"),
+    path("dashboard/", DashboardKontributorView.as_view(), name="dashboard"),
     path("unggah/", UploadMateriView.as_view(), name="unggah"),
     # Matches any html file
     re_path(r"^.*\.html", views.pages, name="pages"),

app/views.py

@@ -81,11 +81,13 @@ def download_materi(request, pk):
         mimetype = mimetypes.guess_type(file_path)
         with open(file_path, "rb") as fh:
             response = HttpResponse(fh.read(), content_type=mimetype[0])
-            response["Content-Disposition"] = "attachment; filename=" + os.path.basename(file_path)
+            response["Content-Disposition"] = "attachment; filename=" + \
+                os.path.basename(file_path)
             return response
     else:
         raise Http404("File tidak dapat ditemukan.")
 
+
 def view_materi(request, pk):
     materi = get_object_or_404(Materi, pk=pk)
     path = materi.content.path
@@ -94,11 +96,13 @@ def view_materi(request, pk):
         mimetype = mimetypes.guess_type(file_path)
         with open(file_path, "rb") as fh:
             response = HttpResponse(fh.read(), content_type=mimetype[0])
-            response["Content-Disposition"] = "inline; filename=" + os.path.basename(file_path)
+            response["Content-Disposition"] = "inline; filename=" + \
+                os.path.basename(file_path)
             return response
     else:
         raise Http404("File tidak dapat ditemukan.")
 
+
 class UploadMateriView(TemplateView):
     template_name = "unggah.html"
     context = {}
@@ -132,21 +136,28 @@ class UploadMateriView(TemplateView):
 class UploadMateriHTML(TemplateView):
     template_name = "unggah.html"
     context = {}
+
     def get_template_names(self):
         if self.request.path == "/unggah/":
             template_name = "unggah.html"
         return template_name
 
 
-class DashboardKontributor(TemplateView):
+class DashboardKontributorView(TemplateView):
     template_name = "dashboard.html"
-    context = {}
-    def dashboard(self):
-        if self.request.path == "/dashboard/":
-            template_name = "dashboard.html"
-        else:
-            template_name = "dashboard.html"
-        return template_name
+
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user.is_authenticated or not request.user.is_contributor:
+            raise PermissionDenied(request)
+        return super(DashboardKontributorView, self).dispatch(request, *args, **kwargs)
+
+    def get_context_data(self, **kwargs):
+        context = super(DashboardKontributorView, self).get_context_data(**kwargs)
+        return context
+
+    def get(self, request, *args, **kwargs):
+        context = self.get_context_data(**kwargs)
+        return self.render_to_response(context)
 
 
 def pages(request):

authentication/tests.py

@@ -3,76 +3,7 @@ from django.urls import resolve
 
 from authentication.models import User
 from authentication.views import Login
-
-
-class LoginPageContributorTest(TestCase):
-    def setUp(self):
-        User.objects._create_user(email="alice@acme.com", password="acmecorp", is_contributor=True)
-
-    def test_login_contributor_using_login_func(self):
-        found = resolve("/login/")
-        self.assertEqual(found.func.__name__, Login.as_view().__name__)
-
-    def test_login_contributor_url_is_exist(self):
-        # Positive tests
-        response = Client().get("/login/")
-        self.assertEqual(response.status_code, 200)
-
-        # Negative tests
-        response = Client().get("/fake/")
-        self.assertEqual(response.status_code, 404)
-
-    def test_login_contributor_template(self):
-        url = "/login/"
-        response = Client().get(url)
-        expected_template_name = "login.html"
-        self.assertTemplateUsed(response, expected_template_name)
-
-    def test_register_title(self):
-        response = Client().get("/login/")
-
-        # Positive tests
-        self.assertContains(response, "Login Kontributor")
-
-        # Negative tests
-        self.assertNotContains(response, "Fake Title")
-
-    def test_register_form_field(self):
-        response = Client().get("/login/")
-
-        # Positive tests
-        self.assertContains(response, "Email")
-        self.assertContains(response, "Kata Sandi")
-
-        # Negative tests
-        self.assertNotContains(response, "Jenis Kelamin")
-
-    def test_user_login_missing_email_or_password(self):
-        response = Client().post("/login/", {"email": "alice@acme.com"})
-        self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda kosong.", response.context_data["error_message"])
-        response = Client().post("/login/", {"pass": "acmecorp"})
-        self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda kosong.", response.context_data["error_message"])
-
-    def test_user_login_wrong_email_or_password(self):
-        # Wrong password
-        response = Client().post("/login/", {"email": "alice@acme.com", "pass": "acmeindustry"})
-        self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda salah.", response.context_data["error_message"])
-        # Wrong email
-        response = Client().post("/login/", {"email": "alice@acme.co.id", "pass": "acmecorp"})
-        self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda salah.", response.context_data["error_message"])
-        # Wrong email and password
-        response = Client().post("/login/", {"email": "alice@acme.co.id", "pass": "acmeindustry"})
-        self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda salah.", response.context_data["error_message"])
-
-    def test_user_login(self):
-        # 302 meaning successful login and redirected
-        response = Client().post("/login/", {"email": "alice@acme.com", "pass": "acmecorp"})
-        self.assertEqual(302, response.status_code)
+from administration.views import VerificationView
 
 
 class UserModelTest(TestCase):
@@ -80,7 +11,8 @@ class UserModelTest(TestCase):
         self.assertRaises(
             ValueError, User.objects.create_user,
         )
-        user = User.objects.create_user(email="alice@acme.com", password="acmecorp").save()
+        user = User.objects.create_user(
+            email="alice@acme.com", password="acmecorp").save()
         self.assertEqual(User.objects.all().count(), 1)
 
     def test_create_contributor(self):
@@ -95,7 +27,8 @@ class UserModelTest(TestCase):
             is_contributor=False,
         )
 
-        User.objects.create_contributor(email="bob@acme.com", password="acmecorp").save()
+        User.objects.create_contributor(
+            email="bob@acme.com", password="acmecorp").save()
         kontributor = User.objects.get(email="bob@acme.com")
         self.assertTrue(kontributor.is_contributor)
         self.assertFalse(kontributor.is_admin)
@@ -109,7 +42,8 @@ class UserModelTest(TestCase):
             ValueError, User.objects.create_admin, email="carol@acme.com", password="acmecorp", is_admin=False
         )
 
-        User.objects.create_admin(email="carol@acme.com", password="acmecorp").save()
+        User.objects.create_admin(
+            email="carol@acme.com", password="acmecorp").save()
         admin = User.objects.get(email="carol@acme.com")
         self.assertTrue(admin.is_admin)
         self.assertFalse(admin.is_contributor)
@@ -129,7 +63,8 @@ class UserModelTest(TestCase):
             ValueError, User.objects.create_superuser, email="dan@acme.com", password="acmecorp", is_superuser=False
         )
 
-        User.objects.create_superuser(email="dan@acme.com", password="acmecorp").save()
+        User.objects.create_superuser(
+            email="dan@acme.com", password="acmecorp").save()
         superuser = User.objects.get(email="dan@acme.com")
         self.assertTrue(superuser.is_admin)
         self.assertTrue(superuser.is_contributor)
@@ -137,61 +72,161 @@ class UserModelTest(TestCase):
         self.assertTrue(superuser.is_superuser)
 
 
-class LoginPageAdminTest(TestCase):
+class LoginPageContributorTest(TestCase):
     def setUp(self):
-        User.objects._create_user(email="alice@acme.com", password="acmecorp", is_admin=True)
-
-    def test_login_admin_using_login_func(self):
-        found = resolve("/login_admin/")
-        self.assertEqual(found.func.__name__, Login.as_view().__name__)
+        self.client = Client()
+        self.admin = User.objects.create_contributor(email="kontributor@gov.id",
+                                               password="kontributor")
+        self.url = "/login/"
+        self.view = Login
+        self.template_name = "login.html"
+        self.login_credential = {"email": "kontributor@gov.id", "pass": "kontributor"}
+        self.error_message = {
+            "empty_email_or_password": "Email atau Password anda kosong.",
+            "wrong_email_or_password": "Email atau Password anda salah.",
+        }
+
+    def test_login_admin_view(self):
+        found = resolve(self.url)
+        self.assertEqual(found.func.__name__, self.view.as_view().__name__)
 
     def test_login_admin_template(self):
-        url = "/login_admin/"
-        response = Client().get(url)
-        expected_template_name = "login_admin.html"
-        self.assertTemplateUsed(response, expected_template_name)
+        # Test
+        response = self.client.get(self.url)
+        self.assertTemplateUsed(response, self.template_name)
+
+    def test_login_admin_url(self):
+        # Test
+        response = self.client.get(self.url)
+        self.assertEqual(response.status_code, 200)
+
+    def test_login_admin_title(self):
+        response = self.client.get(self.url)
+
+        # Positive tests
+        self.assertContains(response, "Halo, kontributor")
+
+    def test_login_admin_form_field(self):
+        response = self.client.get(self.url)
 
-    def test_login_admin_url_is_exist(self):
         # Positive tests
-        response = Client().get("/login_admin/")
+        self.assertContains(response, "Email")
+        self.assertContains(response, "Kata Sandi")
+
+    def test_admin_login_missing_email_or_password(self):
+        response = self.client.post(self.url, {"email": "kontributor@gov.id"})
+        self.assertIn("error_message", response.context_data)
+        self.assertIn(self.error_message["empty_email_or_password"],
+                      response.context_data["error_message"])
+        response = self.client.post(self.url, {"pass": "kontributor"})
+        self.assertIn("error_message", response.context_data)
+        self.assertIn(self.error_message["empty_email_or_password"],
+                      response.context_data["error_message"])
+
+    def test_admin_login_wrong_email_or_password(self):
+        # Wrong password
+        response = self.client.post(
+            self.url, {"email": "kontributor@gov.id", "pass": "kontributor1"})
+        self.assertIn("error_message", response.context_data)
+        self.assertIn(self.error_message["wrong_email_or_password"],
+                      response.context_data["error_message"])
+        # Wrong email
+        response = self.client.post(
+            self.url, {"email": "kontributor1@gov.id", "pass": "kontributor"})
+        self.assertIn("error_message", response.context_data)
+        self.assertIn(self.error_message["wrong_email_or_password"],
+                      response.context_data["error_message"])
+        # Wrong email and password
+        response = self.client.post(
+            self.url, {"email": "kontributor1@gov.id", "pass": "kontributor1"})
+        self.assertIn("error_message", response.context_data)
+        self.assertIn(self.error_message["wrong_email_or_password"],
+                      response.context_data["error_message"])
+
+    def test_admin_login(self):
+        # 302 meaning successful login and redirected
+        expected_redirect_url = "/dashboard/"
+        response = self.client.post(
+            self.url, self.login_credential)
+        self.assertEqual(302, response.status_code)
+        self.assertEqual(response.url, expected_redirect_url)
+
+
+class LoginPageAdminTest(TestCase):
+    def setUp(self):
+        self.client = Client()
+        self.admin = User.objects.create_admin(email="admin@gov.id",
+                                               password="admin")
+        self.url = "/login_admin/"
+        self.view = Login
+        self.template_name = "login_admin.html"
+        self.login_credential = {"email": "admin@gov.id", "pass": "admin"}
+        self.error_message = {
+            "empty_email_or_password": "Email atau Password anda kosong.",
+            "wrong_email_or_password": "Email atau Password anda salah.",
+        }
+
+    def test_login_admin_view(self):
+        found = resolve(self.url)
+        self.assertEqual(found.func.__name__, self.view.as_view().__name__)
+
+    def test_login_admin_template(self):
+        # Test
+        response = self.client.get(self.url)
+        self.assertTemplateUsed(response, self.template_name)
+
+    def test_login_admin_url(self):
+        # Test
+        response = self.client.get(self.url)
         self.assertEqual(response.status_code, 200)
 
-    def test_register_title(self):
-        response = Client().get("/login_admin/")
+    def test_login_admin_title(self):
+        response = self.client.get(self.url)
 
         # Positive tests
         self.assertContains(response, "Halo, Admin")
 
     def test_login_admin_form_field(self):
-        response = Client().get("/login_admin/")
+        response = self.client.get(self.url)
 
         # Positive tests
         self.assertContains(response, "Email")
         self.assertContains(response, "Kata Sandi")
 
-    def test_user_login_missing_email_or_password(self):
-        response = Client().post("/login_admin/", {"email": "alice@acme.com"})
+    def test_admin_login_missing_email_or_password(self):
+        response = self.client.post(self.url, {"email": "admin@gov.id"})
         self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda kosong.", response.context_data["error_message"])
-        response = Client().post("/login_admin/", {"pass": "acmecorp"})
+        self.assertIn(self.error_message["empty_email_or_password"],
+                      response.context_data["error_message"])
+        response = self.client.post(self.url, {"pass": "admin"})
         self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda kosong.", response.context_data["error_message"])
+        self.assertIn(self.error_message["empty_email_or_password"],
+                      response.context_data["error_message"])
 
-    def test_user_login_wrong_email_or_password(self):
+    def test_admin_login_wrong_email_or_password(self):
         # Wrong password
-        response = Client().post("/login_admin/", {"email": "alice@acme.com", "pass": "acmeindustry"})
+        response = self.client.post(
+            self.url, {"email": "admin@gov.id", "pass": "admin1"})
         self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda salah.", response.context_data["error_message"])
+        self.assertIn(self.error_message["wrong_email_or_password"],
+                      response.context_data["error_message"])
         # Wrong email
-        response = Client().post("/login_admin/", {"email": "alice@acme.co.id", "pass": "acmecorp"})
+        response = self.client.post(
+            self.url, {"email": "admin1@gov.id", "pass": "admin"})
         self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda salah.", response.context_data["error_message"])
+        self.assertIn(self.error_message["wrong_email_or_password"],
+                      response.context_data["error_message"])
         # Wrong email and password
-        response = Client().post("/login_admin/", {"email": "alice@acme.co.id", "pass": "acmeindustry"})
+        response = self.client.post(
+            self.url, {"email": "admin1@gov.id", "pass": "admin"})
         self.assertIn("error_message", response.context_data)
-        self.assertIn("Email atau Password anda salah.", response.context_data["error_message"])
+        self.assertIn(self.error_message["wrong_email_or_password"],
+                      response.context_data["error_message"])
 
-    def test_user_login(self):
+    def test_admin_login(self):
         # 302 meaning successful login and redirected
-        response = Client().post("/login_admin/", {"email": "alice@acme.com", "pass": "acmecorp"})
+        expected_redirect_url = "/administration/"
+        response = self.client.post(
+            self.url, self.login_credential)
         self.assertEqual(302, response.status_code)
+        self.assertEqual(response.url, expected_redirect_url)

authentication/views.py

@@ -33,7 +33,12 @@ class Login(TemplateView):
             user = authenticate(email=email, password=password)
             if user != None:
                 login(request, user)
-                return HttpResponseRedirect("/")
+                redirect_to = "/"
+                if request.user.is_admin:
+                    redirect_to = "/administration/"
+                elif request.user.is_contributor:
+                    redirect_to = "/dashboard/"
+                return HttpResponseRedirect(redirect_to)
             else:
                 context = self.get_context_data(*args, **kwargs)
                 context["error_message"] = "Email atau Password anda salah."