Compare commits
6 Commits
898e9b8163
...
da1deac44e
| Author | SHA1 | Date | |
|---|---|---|---|
| da1deac44e | |||
| faae37e6ae | |||
| 6aefb046b6 | |||
| 2350cca32c | |||
| 671d259c44 | |||
| 28a1bb4b62 |
@@ -5,7 +5,6 @@ from stichworte.models import Stichwort
|
||||
from referenzen.models import Referenz
|
||||
from rollen.models import Rolle
|
||||
import datetime
|
||||
from django.db.models import Q
|
||||
|
||||
class Dokumententyp(models.Model):
|
||||
name = models.CharField(max_length=100, primary_key=True)
|
||||
@@ -129,7 +128,7 @@ class Vorgabe(models.Model):
|
||||
'vorgabe2': vorgabe2,
|
||||
'conflict_type': 'date_range_intersection',
|
||||
'message': f"Vorgaben {vorgabe1.Vorgabennummer()} and {vorgabe2.Vorgabennummer()} "
|
||||
f"have intersecting validity periods"
|
||||
f"überschneiden sich in der Geltungsdauer"
|
||||
})
|
||||
|
||||
return conflicts
|
||||
|
||||
167
dokumente/templates/standards/incomplete_vorgaben.html
Normal file
167
dokumente/templates/standards/incomplete_vorgaben.html
Normal file
@@ -0,0 +1,167 @@
|
||||
{% extends "base.html" %}
|
||||
{% block content %}
|
||||
<h1 class="mb-4">Unvollständige Vorgaben</h1>
|
||||
|
||||
<div class="row">
|
||||
<!-- Vorgaben ohne Referenzen -->
|
||||
<div class="col-md-6 mb-4">
|
||||
<div class="card">
|
||||
<div class="card-header bg-warning text-dark">
|
||||
<h5 class="mb-0">
|
||||
<i class="fas fa-exclamation-triangle"></i>
|
||||
Vorgaben ohne Referenzen
|
||||
<span class="badge bg-secondary float-end">{{ no_references|length }}</span>
|
||||
</h5>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
{% if no_references %}
|
||||
<div class="list-group list-group-flush">
|
||||
{% for vorgabe in no_references %}
|
||||
<a href="{% url 'standard_detail' nummer=vorgabe.dokument.nummer %}#{{ vorgabe.Vorgabennummer }}"
|
||||
class="list-group-item list-group-item-action">
|
||||
<strong>{{ vorgabe.Vorgabennummer }}</strong>: {{ vorgabe.titel }}
|
||||
<br>
|
||||
<small class="text-muted">{{ vorgabe.dokument.nummer }} – {{ vorgabe.dokument.name }}</small>
|
||||
</a>
|
||||
{% endfor %}
|
||||
</div>
|
||||
{% else %}
|
||||
<p class="text-muted mb-0">Alle Vorgaben haben Referenzen.</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Vorgaben ohne Stichworte -->
|
||||
<div class="col-md-6 mb-4">
|
||||
<div class="card">
|
||||
<div class="card-header bg-warning text-dark">
|
||||
<h5 class="mb-0">
|
||||
<i class="fas fa-tags"></i>
|
||||
Vorgaben ohne Stichworte
|
||||
<span class="badge bg-secondary float-end">{{ no_stichworte|length }}</span>
|
||||
</h5>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
{% if no_stichworte %}
|
||||
<div class="list-group list-group-flush">
|
||||
{% for vorgabe in no_stichworte %}
|
||||
<a href="{% url 'standard_detail' nummer=vorgabe.dokument.nummer %}#{{ vorgabe.Vorgabennummer }}"
|
||||
class="list-group-item list-group-item-action">
|
||||
<strong>{{ vorgabe.Vorgabennummer }}</strong>: {{ vorgabe.titel }}
|
||||
<br>
|
||||
<small class="text-muted">{{ vorgabe.dokument.nummer }} – {{ vorgabe.dokument.name }}</small>
|
||||
</a>
|
||||
{% endfor %}
|
||||
</div>
|
||||
{% else %}
|
||||
<p class="text-muted mb-0">Alle Vorgaben haben Stichworte.</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Vorgaben ohne Kurz- oder Langtext -->
|
||||
<div class="col-md-6 mb-4">
|
||||
<div class="card">
|
||||
<div class="card-header bg-danger text-white">
|
||||
<h5 class="mb-0">
|
||||
<i class="fas fa-file-alt"></i>
|
||||
Vorgaben ohne Kurz- oder Langtext
|
||||
<span class="badge bg-secondary float-end">{{ no_text|length }}</span>
|
||||
</h5>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
{% if no_text %}
|
||||
<div class="list-group list-group-flush">
|
||||
{% for vorgabe in no_text %}
|
||||
<a href="{% url 'standard_detail' nummer=vorgabe.dokument.nummer %}#{{ vorgabe.Vorgabennummer }}"
|
||||
class="list-group-item list-group-item-action">
|
||||
<strong>{{ vorgabe.Vorgabennummer }}</strong>: {{ vorgabe.titel }}
|
||||
<br>
|
||||
<small class="text-muted">{{ vorgabe.dokument.nummer }} – {{ vorgabe.dokument.name }}</small>
|
||||
</a>
|
||||
{% endfor %}
|
||||
</div>
|
||||
{% else %}
|
||||
<p class="text-muted mb-0">Alle Vorgaben haben Kurz- oder Langtext.</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Vorgaben ohne Checklistenfragen -->
|
||||
<div class="col-md-6 mb-4">
|
||||
<div class="card">
|
||||
<div class="card-header bg-info text-white">
|
||||
<h5 class="mb-0">
|
||||
<i class="fas fa-question-circle"></i>
|
||||
Vorgaben ohne Checklistenfragen
|
||||
<span class="badge bg-secondary float-end">{{ no_checklistenfragen|length }}</span>
|
||||
</h5>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
{% if no_checklistenfragen %}
|
||||
<div class="list-group list-group-flush">
|
||||
{% for vorgabe in no_checklistenfragen %}
|
||||
<a href="{% url 'standard_detail' nummer=vorgabe.dokument.nummer %}#{{ vorgabe.Vorgabennummer }}"
|
||||
class="list-group-item list-group-item-action">
|
||||
<strong>{{ vorgabe.Vorgabennummer }}</strong>: {{ vorgabe.titel }}
|
||||
<br>
|
||||
<small class="text-muted">{{ vorgabe.dokument.nummer }} – {{ vorgabe.dokument.name }}</small>
|
||||
</a>
|
||||
{% endfor %}
|
||||
</div>
|
||||
{% else %}
|
||||
<p class="text-muted mb-0">Alle Vorgaben haben Checklistenfragen.</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Summary -->
|
||||
<div class="row mt-4">
|
||||
<div class="col-12">
|
||||
<div class="card">
|
||||
<div class="card-header">
|
||||
<h5 class="mb-0">Zusammenfassung</h5>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<div class="row text-center">
|
||||
<div class="col-md-3">
|
||||
<div class="p-3">
|
||||
<h4 class="text-warning">{{ no_references|length }}</h4>
|
||||
<p class="mb-0">Ohne Referenzen</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-md-3">
|
||||
<div class="p-3">
|
||||
<h4 class="text-warning">{{ no_stichworte|length }}</h4>
|
||||
<p class="mb-0">Ohne Stichworte</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-md-3">
|
||||
<div class="p-3">
|
||||
<h4 class="text-danger">{{ no_text|length }}</h4>
|
||||
<p class="mb-0">Ohne Text</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-md-3">
|
||||
<div class="p-3">
|
||||
<h4 class="text-info">{{ no_checklistenfragen|length }}</h4>
|
||||
<p class="mb-0">Ohne Checklistenfragen</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="mt-3">
|
||||
<a href="{% url 'standard_list' %}" class="btn btn-secondary">
|
||||
<i class="fas fa-arrow-left"></i> Zurück zur Übersicht
|
||||
</a>
|
||||
</div>
|
||||
{% endblock %}
|
||||
@@ -1,6 +1,7 @@
|
||||
from django.test import TestCase, Client
|
||||
from django.urls import reverse
|
||||
from django.core.management import call_command
|
||||
from django.contrib.auth.models import User
|
||||
from datetime import date, timedelta
|
||||
from io import StringIO
|
||||
from .models import (
|
||||
@@ -628,7 +629,7 @@ class VorgabeSanityCheckTest(TestCase):
|
||||
conflict = conflicts[0]
|
||||
self.assertEqual(conflict['conflict_type'], 'date_range_intersection')
|
||||
self.assertIn('R0066.O.1', conflict['message'])
|
||||
self.assertIn('intersecting validity periods', conflict['message'])
|
||||
self.assertIn('überschneiden sich in der Geltungsdauer', conflict['message'])
|
||||
self.assertEqual(conflict['vorgabe1'], self.vorgabe1)
|
||||
self.assertEqual(conflict['vorgabe2'], conflicting_vorgabe)
|
||||
|
||||
@@ -816,4 +817,313 @@ class SanityCheckManagementCommandTest(TestCase):
|
||||
self.assertIn("Starting Vorgaben sanity check...", output)
|
||||
self.assertIn("Found 1 conflicts:", output)
|
||||
self.assertIn("R0066.O.1", output)
|
||||
self.assertIn("intersecting validity periods", output)
|
||||
self.assertIn("überschneiden sich in der Geltungsdauer", output)
|
||||
|
||||
|
||||
class IncompleteVorgabenTest(TestCase):
|
||||
"""Test cases for incomplete Vorgaben functionality"""
|
||||
|
||||
def setUp(self):
|
||||
self.client = Client()
|
||||
|
||||
# Create and login a staff user
|
||||
self.staff_user = User.objects.create_user(
|
||||
username='teststaff',
|
||||
password='testpass123'
|
||||
)
|
||||
self.staff_user.is_staff = True
|
||||
self.staff_user.save()
|
||||
self.client.login(username='teststaff', password='testpass123')
|
||||
|
||||
# Create test data
|
||||
self.dokumententyp = Dokumententyp.objects.create(
|
||||
name="Test Typ",
|
||||
verantwortliche_ve="Test VE"
|
||||
)
|
||||
|
||||
self.thema = Thema.objects.create(
|
||||
name="Test Thema",
|
||||
erklaerung="Test Erklärung"
|
||||
)
|
||||
|
||||
self.dokument = Dokument.objects.create(
|
||||
nummer="TEST-001",
|
||||
dokumententyp=self.dokumententyp,
|
||||
name="Test Dokument",
|
||||
gueltigkeit_von=date.today(),
|
||||
aktiv=True
|
||||
)
|
||||
|
||||
# Create complete Vorgabe (should not appear in any list)
|
||||
self.complete_vorgabe = Vorgabe.objects.create(
|
||||
order=1,
|
||||
nummer=1,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Vollständige Vorgabe",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
|
||||
# Add all required components to make it complete
|
||||
self.stichwort = Stichwort.objects.create(
|
||||
stichwort="Test Stichwort"
|
||||
)
|
||||
self.complete_vorgabe.stichworte.add(self.stichwort)
|
||||
|
||||
self.referenz = Referenz.objects.create(
|
||||
name_nummer="Test Referenz",
|
||||
url="/test/path"
|
||||
)
|
||||
self.complete_vorgabe.referenzen.add(self.referenz)
|
||||
|
||||
VorgabeKurztext.objects.create(
|
||||
abschnitt=self.complete_vorgabe,
|
||||
inhalt="Test Kurztext"
|
||||
)
|
||||
|
||||
Checklistenfrage.objects.create(
|
||||
vorgabe=self.complete_vorgabe,
|
||||
frage="Test Frage"
|
||||
)
|
||||
|
||||
# Create incomplete Vorgaben
|
||||
# 1. Vorgabe without references
|
||||
self.no_refs_vorgabe = Vorgabe.objects.create(
|
||||
order=2,
|
||||
nummer=2,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Vorgabe ohne Referenzen",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
self.no_refs_vorgabe.stichworte.add(self.stichwort)
|
||||
VorgabeKurztext.objects.create(
|
||||
abschnitt=self.no_refs_vorgabe,
|
||||
inhalt="Test Kurztext"
|
||||
)
|
||||
Checklistenfrage.objects.create(
|
||||
vorgabe=self.no_refs_vorgabe,
|
||||
frage="Test Frage"
|
||||
)
|
||||
|
||||
# 2. Vorgabe without Stichworte
|
||||
self.no_stichworte_vorgabe = Vorgabe.objects.create(
|
||||
order=3,
|
||||
nummer=3,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Vorgabe ohne Stichworte",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
self.no_stichworte_vorgabe.referenzen.add(self.referenz)
|
||||
VorgabeKurztext.objects.create(
|
||||
abschnitt=self.no_stichworte_vorgabe,
|
||||
inhalt="Test Kurztext"
|
||||
)
|
||||
Checklistenfrage.objects.create(
|
||||
vorgabe=self.no_stichworte_vorgabe,
|
||||
frage="Test Frage"
|
||||
)
|
||||
|
||||
# 3. Vorgabe without text
|
||||
self.no_text_vorgabe = Vorgabe.objects.create(
|
||||
order=4,
|
||||
nummer=4,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Vorgabe ohne Text",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
self.no_text_vorgabe.stichworte.add(self.stichwort)
|
||||
self.no_text_vorgabe.referenzen.add(self.referenz)
|
||||
Checklistenfrage.objects.create(
|
||||
vorgabe=self.no_text_vorgabe,
|
||||
frage="Test Frage"
|
||||
)
|
||||
|
||||
# 4. Vorgabe without Checklistenfragen
|
||||
self.no_checklisten_vorgabe = Vorgabe.objects.create(
|
||||
order=5,
|
||||
nummer=5,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Vorgabe ohne Checklistenfragen",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
self.no_checklisten_vorgabe.stichworte.add(self.stichwort)
|
||||
self.no_checklisten_vorgabe.referenzen.add(self.referenz)
|
||||
VorgabeKurztext.objects.create(
|
||||
abschnitt=self.no_checklisten_vorgabe,
|
||||
inhalt="Test Kurztext"
|
||||
)
|
||||
|
||||
def test_incomplete_vorgaben_page_status(self):
|
||||
"""Test that the incomplete Vorgaben page loads successfully"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertEqual(response.status_code, 200)
|
||||
|
||||
def test_incomplete_vorgaben_page_content(self):
|
||||
"""Test that the page contains expected content"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'Unvollständige Vorgaben')
|
||||
self.assertContains(response, 'Vorgaben ohne Referenzen')
|
||||
self.assertContains(response, 'Vorgaben ohne Stichworte')
|
||||
self.assertContains(response, 'Vorgaben ohne Kurz- oder Langtext')
|
||||
self.assertContains(response, 'Vorgaben ohne Checklistenfragen')
|
||||
|
||||
def test_no_references_list(self):
|
||||
"""Test that Vorgaben without references are listed"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'Vorgabe ohne Referenzen')
|
||||
self.assertNotContains(response, 'Vollständige Vorgabe') # Should not appear
|
||||
|
||||
def test_no_stichworte_list(self):
|
||||
"""Test that Vorgaben without Stichworte are listed"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'Vorgabe ohne Stichworte')
|
||||
self.assertNotContains(response, 'Vollständige Vorgabe') # Should not appear
|
||||
|
||||
def test_no_text_list(self):
|
||||
"""Test that Vorgaben without Kurz- or Langtext are listed"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'Vorgabe ohne Text')
|
||||
self.assertNotContains(response, 'Vollständige Vorgabe') # Should not appear
|
||||
|
||||
def test_no_checklistenfragen_list(self):
|
||||
"""Test that Vorgaben without Checklistenfragen are listed"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'Vorgabe ohne Checklistenfragen')
|
||||
self.assertNotContains(response, 'Vollständige Vorgabe') # Should not appear
|
||||
|
||||
def test_vorgabe_links(self):
|
||||
"""Test that Vorgaben link to their detail pages"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
# Should contain links to Vorgabe detail pages
|
||||
self.assertContains(response, f'href="/dokumente/{self.dokument.nummer}/#TEST-001.T.2"')
|
||||
self.assertContains(response, f'href="/dokumente/{self.dokument.nummer}/#TEST-001.T.3"')
|
||||
self.assertContains(response, f'href="/dokumente/{self.dokument.nummer}/#TEST-001.T.4"')
|
||||
self.assertContains(response, f'href="/dokumente/{self.dokument.nummer}/#TEST-001.T.5"')
|
||||
|
||||
def test_badge_counts(self):
|
||||
"""Test that badge counts are correct"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
# Each category should have exactly 1 Vorgabe
|
||||
self.assertContains(response, '<span class="badge bg-secondary float-end">1</span>', count=4)
|
||||
|
||||
def test_summary_section(self):
|
||||
"""Test that summary section shows correct counts"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'Zusammenfassung')
|
||||
self.assertContains(response, '<h4 class="text-warning">1</h4>', count=2) # No refs, no stichworte
|
||||
self.assertContains(response, '<h4 class="text-danger">1</h4>') # No text
|
||||
self.assertContains(response, '<h4 class="text-info">1</h4>') # No checklistenfragen
|
||||
|
||||
def test_empty_lists_message(self):
|
||||
"""Test that appropriate messages are shown when lists are empty"""
|
||||
# Delete all incomplete Vorgaben
|
||||
Vorgabe.objects.exclude(pk=self.complete_vorgabe.pk).delete()
|
||||
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'Alle Vorgaben haben Referenzen.')
|
||||
self.assertContains(response, 'Alle Vorgaben haben Stichworte.')
|
||||
self.assertContains(response, 'Alle Vorgaben haben Kurz- oder Langtext.')
|
||||
self.assertContains(response, 'Alle Vorgaben haben Checklistenfragen.')
|
||||
|
||||
def test_back_link(self):
|
||||
"""Test that back link to standard list exists"""
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertContains(response, 'href="/dokumente/"')
|
||||
self.assertContains(response, 'Zurück zur Übersicht')
|
||||
|
||||
def test_navigation_link(self):
|
||||
"""Test that navigation includes link to incomplete Vorgaben"""
|
||||
response = self.client.get('/dokumente/')
|
||||
self.assertContains(response, 'href="/dokumente/unvollstaendig/"')
|
||||
self.assertContains(response, 'Unvollständig')
|
||||
|
||||
def test_vorgabe_with_langtext_only(self):
|
||||
"""Test that Vorgabe with only Langtext is still considered incomplete for text"""
|
||||
vorgabe_langtext_only = Vorgabe.objects.create(
|
||||
order=6,
|
||||
nummer=6,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Vorgabe nur mit Langtext",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
vorgabe_langtext_only.stichworte.add(self.stichwort)
|
||||
vorgabe_langtext_only.referenzen.add(self.referenz)
|
||||
|
||||
# Add only Langtext, no Kurztext
|
||||
VorgabeLangtext.objects.create(
|
||||
abschnitt=vorgabe_langtext_only,
|
||||
inhalt="Test Langtext"
|
||||
)
|
||||
# Add Checklistenfragen to make it complete in that aspect
|
||||
Checklistenfrage.objects.create(
|
||||
vorgabe=vorgabe_langtext_only,
|
||||
frage="Test Frage"
|
||||
)
|
||||
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
# Debug: print response content to see where it appears
|
||||
print("Response content:", response.content.decode())
|
||||
# Should NOT appear in "no text" list because it has Langtext
|
||||
self.assertNotContains(response, 'Vorgabe nur mit Langtext')
|
||||
|
||||
def test_vorgabe_with_both_text_types(self):
|
||||
"""Test that Vorgabe with both Kurztext and Langtext is complete"""
|
||||
vorgabe_both_text = Vorgabe.objects.create(
|
||||
order=7,
|
||||
nummer=7,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Vorgabe mit beiden Texten",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
vorgabe_both_text.stichworte.add(self.stichwort)
|
||||
vorgabe_both_text.referenzen.add(self.referenz)
|
||||
|
||||
# Add both Kurztext and Langtext
|
||||
VorgabeKurztext.objects.create(
|
||||
abschnitt=vorgabe_both_text,
|
||||
inhalt="Test Kurztext"
|
||||
)
|
||||
VorgabeLangtext.objects.create(
|
||||
abschnitt=vorgabe_both_text,
|
||||
inhalt="Test Langtext"
|
||||
)
|
||||
# Add Checklistenfragen to make it complete in that aspect
|
||||
Checklistenfrage.objects.create(
|
||||
vorgabe=vorgabe_both_text,
|
||||
frage="Test Frage"
|
||||
)
|
||||
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
# Should NOT appear in "no text" list because it has both text types
|
||||
self.assertNotContains(response, 'Vorgabe mit beiden Texten')
|
||||
|
||||
def test_incomplete_vorgaben_staff_only(self):
|
||||
"""Test that non-staff users are redirected to login"""
|
||||
# Logout the staff user
|
||||
self.client.logout()
|
||||
|
||||
# Try to access the page as anonymous user
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertEqual(response.status_code, 302) # Redirect to login
|
||||
|
||||
# Create a regular (non-staff) user
|
||||
regular_user = User.objects.create_user(
|
||||
username='regularuser',
|
||||
password='testpass123'
|
||||
)
|
||||
self.client.login(username='regularuser', password='testpass123')
|
||||
|
||||
# Try to access the page as regular user
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertEqual(response.status_code, 302) # Redirect to login
|
||||
|
||||
# Login as staff user again - should work
|
||||
self.client.login(username='teststaff', password='testpass123')
|
||||
response = self.client.get(reverse('incomplete_vorgaben'))
|
||||
self.assertEqual(response.status_code, 200) # Success
|
||||
|
||||
@@ -3,6 +3,7 @@ from . import views
|
||||
|
||||
urlpatterns = [
|
||||
path('', views.standard_list, name='standard_list'),
|
||||
path('unvollstaendig/', views.incomplete_vorgaben, name='incomplete_vorgaben'),
|
||||
path('<str:nummer>/', views.standard_detail, name='standard_detail'),
|
||||
path('<str:nummer>/history/<str:check_date>/', views.standard_detail),
|
||||
path('<str:nummer>/history/', views.standard_detail, {"check_date":"today"}, name='standard_history'),
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
from django.shortcuts import render, get_object_or_404
|
||||
from .models import Dokument
|
||||
from django.contrib.auth.decorators import login_required, user_passes_test
|
||||
from .models import Dokument, Vorgabe, VorgabeKurztext, VorgabeLangtext, Checklistenfrage
|
||||
from abschnitte.utils import render_textabschnitte
|
||||
|
||||
from datetime import date
|
||||
@@ -56,3 +57,43 @@ def standard_checkliste(request, nummer):
|
||||
})
|
||||
|
||||
|
||||
def is_staff_user(user):
|
||||
return user.is_staff
|
||||
|
||||
@login_required
|
||||
@user_passes_test(is_staff_user)
|
||||
def incomplete_vorgaben(request):
|
||||
"""
|
||||
Show lists of incomplete Vorgaben:
|
||||
1. Ones with no references
|
||||
2. Ones with no Stichworte
|
||||
3. Ones without Kurz- or Langtext
|
||||
4. Ones without Checklistenfragen
|
||||
"""
|
||||
# Get all active Vorgaben
|
||||
all_vorgaben = Vorgabe.objects.all().select_related('dokument', 'thema')
|
||||
|
||||
# 1. Vorgaben with no references
|
||||
no_references = [v for v in all_vorgaben if not v.referenzen.exists()]
|
||||
|
||||
# 2. Vorgaben with no Stichworte
|
||||
no_stichworte = [v for v in all_vorgaben if not v.stichworte.exists()]
|
||||
|
||||
# 3. Vorgaben without Kurz- or Langtext
|
||||
no_text = []
|
||||
for vorgabe in all_vorgaben:
|
||||
has_kurztext = VorgabeKurztext.objects.filter(abschnitt=vorgabe).exists()
|
||||
has_langtext = VorgabeLangtext.objects.filter(abschnitt=vorgabe).exists()
|
||||
|
||||
if not has_kurztext and not has_langtext:
|
||||
no_text.append(vorgabe)
|
||||
|
||||
# 4. Vorgaben without Checklistenfragen
|
||||
no_checklistenfragen = [v for v in all_vorgaben if not v.checklistenfragen.exists()]
|
||||
|
||||
return render(request, 'standards/incomplete_vorgaben.html', {
|
||||
'no_references': no_references,
|
||||
'no_stichworte': no_stichworte,
|
||||
'no_text': no_text,
|
||||
'no_checklistenfragen': no_checklistenfragen,
|
||||
})
|
||||
|
||||
@@ -17,6 +17,9 @@
|
||||
<div class="collapse navbar-collapse" id="navbarNavAltMarkup">
|
||||
<div class="navbar-nav">
|
||||
<a class="nav-item nav-link active" href="/dokumente">Standards</a>
|
||||
{% if user.is_staff %}
|
||||
<a class="nav-item nav-link" href="/dokumente/unvollstaendig/">Unvollständig</a>
|
||||
{% endif %}
|
||||
<a class="nav-item nav-link" href="/referenzen">Referenzen</a>
|
||||
<a class="nav-item nav-link" href="/stichworte">Stichworte</a>
|
||||
<a class="nav-item nav-link" href="/search">Suche</a>
|
||||
|
||||
@@ -2,6 +2,12 @@
|
||||
{% block content %}
|
||||
<h1 class="mb-4">Suche</h1>
|
||||
|
||||
{% if error_message %}
|
||||
<div class="alert alert-danger">
|
||||
<strong>Fehler:</strong> {{ error_message }}
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<!-- Search form -->
|
||||
<form action="." method="post">
|
||||
{% csrf_token %}
|
||||
@@ -13,7 +19,9 @@
|
||||
id="query"
|
||||
name="q"
|
||||
placeholder="Suchbegriff eingeben …"
|
||||
required>
|
||||
value="{{ search_term|default:'' }}"
|
||||
required
|
||||
maxlength="200">
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Suchen</button>
|
||||
</form>
|
||||
|
||||
312
pages/tests.py
Normal file
312
pages/tests.py
Normal file
@@ -0,0 +1,312 @@
|
||||
from django.test import TestCase, Client
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils import timezone
|
||||
from datetime import date, timedelta
|
||||
from dokumente.models import Dokument, Vorgabe, VorgabeKurztext, VorgabeLangtext, Geltungsbereich, Dokumententyp, Thema
|
||||
from stichworte.models import Stichwort
|
||||
from unittest.mock import patch
|
||||
import re
|
||||
|
||||
|
||||
class SearchViewTest(TestCase):
|
||||
def setUp(self):
|
||||
self.client = Client()
|
||||
|
||||
# Create test data
|
||||
self.dokumententyp = Dokumententyp.objects.create(
|
||||
name="Test Typ",
|
||||
verantwortliche_ve="Test VE"
|
||||
)
|
||||
|
||||
self.thema = Thema.objects.create(
|
||||
name="Test Thema",
|
||||
erklaerung="Test Erklärung"
|
||||
)
|
||||
|
||||
self.dokument = Dokument.objects.create(
|
||||
nummer="TEST-001",
|
||||
dokumententyp=self.dokumententyp,
|
||||
name="Test Dokument",
|
||||
gueltigkeit_von=date.today(),
|
||||
aktiv=True
|
||||
)
|
||||
|
||||
self.vorgabe = Vorgabe.objects.create(
|
||||
order=1,
|
||||
nummer=1,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Test Vorgabe Titel",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
|
||||
# Create text content
|
||||
self.kurztext = VorgabeKurztext.objects.create(
|
||||
abschnitt=self.vorgabe,
|
||||
inhalt="Dies ist ein Test Kurztext mit Suchbegriff"
|
||||
)
|
||||
|
||||
self.langtext = VorgabeLangtext.objects.create(
|
||||
abschnitt=self.vorgabe,
|
||||
inhalt="Dies ist ein Test Langtext mit anderem Suchbegriff"
|
||||
)
|
||||
|
||||
self.geltungsbereich = Geltungsbereich.objects.create(
|
||||
geltungsbereich=self.dokument,
|
||||
inhalt="Test Geltungsbereich mit Suchbegriff"
|
||||
)
|
||||
|
||||
def test_search_get_request(self):
|
||||
"""Test GET request returns search form"""
|
||||
response = self.client.get('/search/')
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Suche')
|
||||
self.assertContains(response, 'Suchbegriff')
|
||||
|
||||
def test_search_post_valid_term(self):
|
||||
"""Test POST request with valid search term"""
|
||||
response = self.client.post('/search/', {'q': 'Test'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Suchresultate für Test')
|
||||
|
||||
def test_search_case_insensitive(self):
|
||||
"""Test that search is case insensitive"""
|
||||
# Search for lowercase
|
||||
response = self.client.post('/search/', {'q': 'test'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Suchresultate für test')
|
||||
|
||||
# Search for uppercase
|
||||
response = self.client.post('/search/', {'q': 'TEST'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Suchresultate für TEST')
|
||||
|
||||
# Search for mixed case
|
||||
response = self.client.post('/search/', {'q': 'TeSt'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Suchresultate für TeSt')
|
||||
|
||||
def test_search_in_kurztext(self):
|
||||
"""Test search in Kurztext content"""
|
||||
response = self.client.post('/search/', {'q': 'Suchbegriff'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'TEST-001')
|
||||
|
||||
def test_search_in_langtext(self):
|
||||
"""Test search in Langtext content"""
|
||||
response = self.client.post('/search/', {'q': 'anderem'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'TEST-001')
|
||||
|
||||
def test_search_in_titel(self):
|
||||
"""Test search in Vorgabe title"""
|
||||
response = self.client.post('/search/', {'q': 'Titel'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'TEST-001')
|
||||
|
||||
def test_search_in_geltungsbereich(self):
|
||||
"""Test search in Geltungsbereich content"""
|
||||
response = self.client.post('/search/', {'q': 'Geltungsbereich'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Standards mit')
|
||||
|
||||
def test_search_no_results(self):
|
||||
"""Test search with no results"""
|
||||
response = self.client.post('/search/', {'q': 'NichtVorhanden'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Keine Resultate für "NichtVorhanden"')
|
||||
|
||||
def test_search_expired_vorgabe_not_included(self):
|
||||
"""Test that expired Vorgaben are not included in results"""
|
||||
# Create expired Vorgabe
|
||||
expired_vorgabe = Vorgabe.objects.create(
|
||||
order=2,
|
||||
nummer=2,
|
||||
dokument=self.dokument,
|
||||
thema=self.thema,
|
||||
titel="Abgelaufene Vorgabe",
|
||||
gueltigkeit_von=date.today() - timedelta(days=10),
|
||||
gueltigkeit_bis=date.today() - timedelta(days=1)
|
||||
)
|
||||
|
||||
VorgabeKurztext.objects.create(
|
||||
abschnitt=expired_vorgabe,
|
||||
inhalt="Abgelaufener Inhalt mit Test"
|
||||
)
|
||||
|
||||
response = self.client.post('/search/', {'q': 'Test'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
|
||||
# Should only find the active Vorgabe, not the expired one
|
||||
self.assertContains(response, 'Test Vorgabe Titel')
|
||||
# The expired vorgabe should not appear in results
|
||||
self.assertNotContains(response, 'Abgelaufene Vorgabe')
|
||||
|
||||
def test_search_empty_term_validation(self):
|
||||
"""Test validation for empty search term"""
|
||||
response = self.client.post('/search/', {'q': ''})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Fehler:')
|
||||
self.assertContains(response, 'Suchbegriff darf nicht leer sein')
|
||||
|
||||
def test_search_no_term_validation(self):
|
||||
"""Test validation when no search term is provided"""
|
||||
response = self.client.post('/search/', {})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Fehler:')
|
||||
self.assertContains(response, 'Suchbegriff darf nicht leer sein')
|
||||
|
||||
def test_search_html_tags_stripped(self):
|
||||
"""Test that HTML tags are stripped from search input"""
|
||||
response = self.client.post('/search/', {'q': '<script>alert("xss")</script>Test'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# Should search for "alert('xss')Test" after HTML tag removal
|
||||
self.assertContains(response, 'Suchresultate für alert("xss")Test')
|
||||
|
||||
def test_search_invalid_characters_validation(self):
|
||||
"""Test validation for invalid characters"""
|
||||
response = self.client.post('/search/', {'q': 'Test| DROP TABLE users'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Fehler:')
|
||||
self.assertContains(response, 'Ungültige Zeichen im Suchbegriff')
|
||||
|
||||
def test_search_too_long_validation(self):
|
||||
"""Test validation for overly long search terms"""
|
||||
long_term = 'a' * 201 # 201 characters, exceeds limit of 200
|
||||
response = self.client.post('/search/', {'q': long_term})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertContains(response, 'Fehler:')
|
||||
self.assertContains(response, 'Suchbegriff ist zu lang')
|
||||
|
||||
def test_search_max_length_allowed(self):
|
||||
"""Test that exactly 200 characters are allowed"""
|
||||
max_term = 'a' * 200 # Exactly 200 characters
|
||||
response = self.client.post('/search/', {'q': max_term})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# Should not show validation error
|
||||
self.assertNotContains(response, 'Fehler:')
|
||||
|
||||
def test_search_german_umlauts_allowed(self):
|
||||
"""Test that German umlauts are allowed in search"""
|
||||
response = self.client.post('/search/', {'q': 'Test Müller äöü ÄÖÜ ß'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# Should not show validation error
|
||||
self.assertNotContains(response, 'Fehler:')
|
||||
|
||||
def test_search_special_characters_allowed(self):
|
||||
"""Test that allowed special characters work"""
|
||||
response = self.client.post('/search/', {'q': 'Test-Test, Test: Test; Test! Test? (Test) [Test] {Test} "Test" \'Test\''})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# Should not show validation error
|
||||
self.assertNotContains(response, 'Fehler:')
|
||||
|
||||
def test_search_input_preserved_on_error(self):
|
||||
"""Test that search input is preserved on validation errors"""
|
||||
response = self.client.post('/search/', {'q': '<script>Test</script>'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# The input should be preserved (escaped) in the form
|
||||
# Since HTML tags are stripped, we expect "Test" to be searched
|
||||
self.assertContains(response, 'Suchresultate für Test')
|
||||
|
||||
def test_search_xss_prevention_in_results(self):
|
||||
"""Test that search terms are escaped in results to prevent XSS"""
|
||||
# Create content with potential XSS
|
||||
self.kurztext.inhalt = "Content with <script>alert('xss')</script> term"
|
||||
self.kurztext.save()
|
||||
|
||||
response = self.client.post('/search/', {'q': 'term'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# The script tag should be escaped in the output
|
||||
# Note: This depends on how the template renders the content
|
||||
self.assertContains(response, 'Suchresultate für term')
|
||||
|
||||
@patch('pages.views.pprint.pp')
|
||||
def test_search_result_logging(self, mock_pprint):
|
||||
"""Test that search results are logged for debugging"""
|
||||
response = self.client.post('/search/', {'q': 'Test'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# Verify that pprint.pp was called with the result
|
||||
mock_pprint.assert_called_once()
|
||||
|
||||
def test_search_multiple_documents(self):
|
||||
"""Test search across multiple documents"""
|
||||
# Create second document
|
||||
dokument2 = Dokument.objects.create(
|
||||
nummer="TEST-002",
|
||||
dokumententyp=self.dokumententyp,
|
||||
name="Zweites Test Dokument",
|
||||
gueltigkeit_von=date.today(),
|
||||
aktiv=True
|
||||
)
|
||||
|
||||
vorgabe2 = Vorgabe.objects.create(
|
||||
order=1,
|
||||
nummer=1,
|
||||
dokument=dokument2,
|
||||
thema=self.thema,
|
||||
titel="Zweite Test Vorgabe",
|
||||
gueltigkeit_von=date.today()
|
||||
)
|
||||
|
||||
VorgabeKurztext.objects.create(
|
||||
abschnitt=vorgabe2,
|
||||
inhalt="Zweiter Test Inhalt"
|
||||
)
|
||||
|
||||
response = self.client.post('/search/', {'q': 'Test'})
|
||||
self.assertEqual(response.status_code, 200)
|
||||
# Should find results from both documents
|
||||
self.assertContains(response, 'TEST-001')
|
||||
self.assertContains(response, 'TEST-002')
|
||||
|
||||
|
||||
class SearchValidationTest(TestCase):
|
||||
"""Test the validate_search_input function directly"""
|
||||
|
||||
def test_validate_search_input_valid(self):
|
||||
"""Test valid search input"""
|
||||
from pages.views import validate_search_input
|
||||
|
||||
result = validate_search_input("Test Suchbegriff")
|
||||
self.assertEqual(result, "Test Suchbegriff")
|
||||
|
||||
def test_validate_search_input_empty(self):
|
||||
"""Test empty search input"""
|
||||
from pages.views import validate_search_input
|
||||
|
||||
with self.assertRaises(ValidationError) as context:
|
||||
validate_search_input("")
|
||||
|
||||
self.assertIn("Suchbegriff darf nicht leer sein", str(context.exception))
|
||||
|
||||
def test_validate_search_input_html_stripped(self):
|
||||
"""Test that HTML tags are stripped"""
|
||||
from pages.views import validate_search_input
|
||||
|
||||
result = validate_search_input("<script>alert('xss')</script>Test")
|
||||
self.assertEqual(result, "alert('xss')Test")
|
||||
|
||||
def test_validate_search_input_invalid_chars(self):
|
||||
"""Test validation of invalid characters"""
|
||||
from pages.views import validate_search_input
|
||||
|
||||
with self.assertRaises(ValidationError) as context:
|
||||
validate_search_input("Test| DROP TABLE users")
|
||||
|
||||
self.assertIn("Ungültige Zeichen im Suchbegriff", str(context.exception))
|
||||
|
||||
def test_validate_search_input_too_long(self):
|
||||
"""Test length validation"""
|
||||
from pages.views import validate_search_input
|
||||
|
||||
with self.assertRaises(ValidationError) as context:
|
||||
validate_search_input("a" * 201)
|
||||
|
||||
self.assertIn("Suchbegriff ist zu lang", str(context.exception))
|
||||
|
||||
def test_validate_search_input_whitespace_stripped(self):
|
||||
"""Test that whitespace is stripped"""
|
||||
from pages.views import validate_search_input
|
||||
|
||||
result = validate_search_input(" Test Suchbegriff ")
|
||||
self.assertEqual(result, "Test Suchbegriff")
|
||||
@@ -1,31 +1,71 @@
|
||||
from django.shortcuts import render
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils.html import escape
|
||||
import re
|
||||
from abschnitte.utils import render_textabschnitte
|
||||
from dokumente.models import Dokument, VorgabeLangtext, VorgabeKurztext, Geltungsbereich
|
||||
from dokumente.models import Dokument, VorgabeLangtext, VorgabeKurztext, Geltungsbereich, Vorgabe
|
||||
from itertools import groupby
|
||||
import datetime
|
||||
import pprint
|
||||
|
||||
|
||||
def startseite(request):
|
||||
standards=list(Dokument.objects.filter(aktiv=True))
|
||||
return render(request, 'startseite.html', {"dokumente":standards,})
|
||||
|
||||
def validate_search_input(search_term):
|
||||
"""
|
||||
Validate search input to prevent SQL injection and XSS
|
||||
"""
|
||||
if not search_term:
|
||||
raise ValidationError("Suchbegriff darf nicht leer sein")
|
||||
|
||||
# Remove any HTML tags to prevent XSS
|
||||
search_term = re.sub(r'<[^>]*>', '', search_term)
|
||||
|
||||
# Allow only alphanumeric characters, spaces, and basic punctuation
|
||||
# This prevents SQL injection and other malicious input while allowing useful characters
|
||||
if not re.match(r'^[a-zA-Z0-9äöüÄÖÜß\s\-\.\,\:\;\!\?\(\)\[\]\{\}\"\']+$', search_term):
|
||||
raise ValidationError("Ungültige Zeichen im Suchbegriff")
|
||||
|
||||
# Limit length to prevent DoS attacks
|
||||
if len(search_term) > 200:
|
||||
raise ValidationError("Suchbegriff ist zu lang")
|
||||
|
||||
return search_term.strip()
|
||||
|
||||
def search(request):
|
||||
if request.method == "GET":
|
||||
return render(request, 'search.html')
|
||||
elif request.method == "POST":
|
||||
suchbegriff=request.POST.get("q")
|
||||
raw_search_term = request.POST.get("q", "")
|
||||
|
||||
try:
|
||||
suchbegriff = validate_search_input(raw_search_term)
|
||||
except ValidationError as e:
|
||||
return render(request, 'search.html', {
|
||||
'error_message': str(e),
|
||||
'search_term': escape(raw_search_term)
|
||||
})
|
||||
|
||||
# Escape the search term for display in templates
|
||||
safe_search_term = escape(suchbegriff)
|
||||
result= {"all": {}}
|
||||
qs = VorgabeKurztext.objects.filter(inhalt__contains=suchbegriff).exclude(abschnitt__gueltigkeit_bis__lt=datetime.date.today())
|
||||
qs = VorgabeKurztext.objects.filter(inhalt__icontains=suchbegriff).exclude(abschnitt__gueltigkeit_bis__lt=datetime.date.today())
|
||||
result["kurztext"] = {k: [o.abschnitt for o in g] for k, g in groupby(qs, key=lambda o: o.abschnitt.dokument)}
|
||||
qs = VorgabeLangtext.objects.filter(inhalt__contains=suchbegriff).exclude(abschnitt__gueltigkeit_bis__lt=datetime.date.today())
|
||||
qs = VorgabeLangtext.objects.filter(inhalt__icontains=suchbegriff).exclude(abschnitt__gueltigkeit_bis__lt=datetime.date.today())
|
||||
result['langtext']= {k: [o.abschnitt for o in g] for k, g in groupby(qs, key=lambda o: o.abschnitt.dokument)}
|
||||
qs = Vorgabe.objects.filter(titel__icontains=suchbegriff).exclude(gueltigkeit_bis__lt=datetime.date.today())
|
||||
result['titel']= {k: list(g) for k, g in groupby(qs, key=lambda o: o.dokument)}
|
||||
for r in result.keys():
|
||||
for s in result[r].keys():
|
||||
result["all"][s] = set(result[r][s])
|
||||
if r == 'titel':
|
||||
result["all"][s] = set(result["all"].get(s, set()) | set(result[r][s]))
|
||||
else:
|
||||
result["all"][s] = set(result["all"].get(s, set()) | set(result[r][s]))
|
||||
result["geltungsbereich"]={}
|
||||
geltungsbereich=set(list([x.geltungsbereich for x in Geltungsbereich.objects.filter(inhalt__contains=suchbegriff)]))
|
||||
geltungsbereich=set(list([x.geltungsbereich for x in Geltungsbereich.objects.filter(inhalt__icontains=suchbegriff)]))
|
||||
for s in geltungsbereich:
|
||||
result["geltungsbereich"][s]=render_textabschnitte(s.geltungsbereich_set.order_by("order"))
|
||||
pprint.pp (result)
|
||||
return render(request,"results.html",{"suchbegriff":suchbegriff,"resultat":result})
|
||||
|
||||
return render(request,"results.html",{"suchbegriff":safe_search_term,"resultat":result})
|
||||
|
||||
|
||||
Reference in New Issue
Block a user