Refactor tests

src/registrar/tests/common.py

@@ -753,12 +753,14 @@ def mock_user():
 
 
 def create_superuser():
+    """Creates a user with admin-level permissions"""
     User = get_user_model()
     p = "adminpass"
     user = User.objects.create_user(
         username="superuser",
         email="admin@example.com",
         is_staff=True,
+        is_superuser=True,
         password=p,
     )
     # Retrieve the group or create it if it doesn't exist
@@ -768,7 +770,8 @@ def create_superuser():
     return user
 
 
-def create_user():
+def create_staffuser():
+    """Creates a user with staff level permissions"""
     User = get_user_model()
     p = "userpass"
     user = User.objects.create_user(
@@ -783,6 +786,18 @@ def create_user():
     user.groups.set([group])
     return user
 
+def create_user():
+    """Creates a user with no special permissions"""
+    User = get_user_model()
+    p = "userpass"
+    user = User.objects.create_user(
+        username="regularuser",
+        email="regularuser@example.com",
+        is_staff=False,
+        is_superuser=False,
+        password=p,
+    )
+    return user
 
 def create_ready_domain():
     domain, _ = Domain.objects.get_or_create(name="city.gov", state=Domain.State.READY)

src/registrar/tests/test_admin.py

@@ -44,7 +44,7 @@ from .common import (
     less_console_noise,
     mock_user,
     create_superuser,
-    create_user,
+    create_staffuser,
     create_ready_domain,
     multiple_unalphabetical_domain_objects,
     MockEppLib,
@@ -72,7 +72,7 @@ class TestDomainAdmin(MockEppLib, WebTest):
         self.admin = DomainAdmin(model=Domain, admin_site=self.site)
         self.client = Client(HTTP_HOST="localhost:8080")
         self.superuser = create_superuser()
-        self.staffuser = create_user()
+        self.staffuser = create_staffuser()
         self.factory = RequestFactory()
         self.app.set_user(self.superuser.username)
         self.client.force_login(self.superuser)
@@ -841,7 +841,7 @@ class TestDomainRequestAdmin(MockEppLib):
         self.factory = RequestFactory()
         self.admin = DomainRequestAdmin(model=DomainRequest, admin_site=self.site)
         self.superuser = create_superuser()
-        self.staffuser = create_user()
+        self.staffuser = create_staffuser()
         self.client = Client(HTTP_HOST="localhost:8080")
         self.test_helper = GenericTestHelper(
             factory=self.factory,
@@ -2502,7 +2502,7 @@ class TestDomainInformationAdmin(TestCase):
         self.admin = DomainInformationAdmin(model=DomainInformation, admin_site=self.site)
         self.client = Client(HTTP_HOST="localhost:8080")
         self.superuser = create_superuser()
-        self.staffuser = create_user()
+        self.staffuser = create_staffuser()
         self.mock_data_generator = AuditedAdminMockData()
 
         self.test_helper = GenericTestHelper(
@@ -3012,7 +3012,7 @@ class TestMyUserAdmin(TestCase):
         """
         Tests for the correct helper text on this page
         """
-        user = create_user()
+        user = create_staffuser()
 
         p = "adminpass"
         self.client.login(username="superuser", password=p)
@@ -3036,7 +3036,7 @@ class TestMyUserAdmin(TestCase):
     def test_list_display_without_username(self):
         with less_console_noise():
             request = self.client.request().wsgi_request
-            request.user = create_user()
+            request.user = create_staffuser()
 
             list_display = self.admin.get_list_display(request)
             expected_list_display = [
@@ -3062,7 +3062,7 @@ class TestMyUserAdmin(TestCase):
     def test_get_fieldsets_cisa_analyst(self):
         with less_console_noise():
             request = self.client.request().wsgi_request
-            request.user = create_user()
+            request.user = create_staffuser()
             fieldsets = self.admin.get_fieldsets(request)
             expected_fieldsets = (
                 (
@@ -3448,7 +3448,7 @@ class ContactAdminTest(TestCase):
         self.client = Client(HTTP_HOST="localhost:8080")
         self.admin = ContactAdmin(model=get_user_model(), admin_site=None)
         self.superuser = create_superuser()
-        self.staffuser = create_user()
+        self.staffuser = create_staffuser()
 
     def test_readonly_when_restricted_staffuser(self):
         with less_console_noise():

src/registrar/tests/test_feature_flags.py

@@ -0,0 +1,89 @@
+from unittest import skip
+from waffle.decorators import flag_is_active
+from django.test import TestCase, Client, RequestFactory
+from registrar.models import (
+    WaffleFlag,
+    User,
+    Contact
+)
+from registrar.tests.common import create_superuser, create_staffuser, create_user
+
+class TestFeatureFlags(TestCase):
+    def setUp(self):
+        super().setUp()
+        self.client = Client(HTTP_HOST="localhost:8080")
+        self.factory = RequestFactory()
+        self.superuser = create_superuser()
+        self.staffuser = create_staffuser()
+        self.user = create_user()
+
+    def tearDown(self):
+        super().tearDown()
+        WaffleFlag.objects.all().delete()
+        User.objects.all().delete()
+        Contact.objects.all().delete()
+
+    def test_flag_active_for_superuser(self):
+        """
+        Tests flag_is_active for a flag with `superuser = True`
+        """
+        flag, _ = WaffleFlag.objects.get_or_create(
+            name="test_superuser_flag",
+            superusers=True,
+            staff=False,
+        )
+        # Test if superusers can access this flag
+        request = self.factory.get("/")
+        request.user = self.superuser
+        self.assertTrue(flag_is_active(request, flag.name))
+
+        # Ensure that regular staff cannot access this flag
+        request_staff = self.factory.get("/")
+        request_staff.user = self.staffuser
+        self.assertFalse(flag_is_active(request_staff, flag.name))
+
+        # Ensure that a normal user also can't access this flag
+        request_normal = self.factory.get("/")
+        request_normal.user = self.user
+        self.assertFalse(flag_is_active(request_normal, flag.name))
+    
+    @skip("not implemented yet")
+    def test_flag_active_for_is_staff(self):
+        """
+        Tests flag_is_active for a flag with `is_staff = True`
+        """
+        # Test if staff can access this flag
+        # Ensure that superusers cannot
+        raise
+    
+    @skip("not implemented yet")
+    def test_flag_active_for_everyone(self):
+        """
+        Tests flag_is_active for a flag with `everyone = True`
+        """
+        # Test if superuser, analyst, and a normal user can access
+        raise
+    
+    @skip("not implemented yet")
+    def test_flag_active_for_everyone_is_false(self):
+        """
+        Tests flag_is_active for a flag with `everyone = False`
+        """
+        # Test if no user type can access
+        raise
+
+    @skip("not implemented yet")
+    def test_admin_group(self):
+        """
+        Tests flag_is_active for the admin user group
+        """
+        # Test if no user type can access
+        raise
+
+    @skip("not implemented yet")
+    def test_staff_group(self):
+        """
+        Tests flag_is_active for the staff user group
+        """
+        # Test if no user type can access
+        raise

src/registrar/tests/test_views_domain.py

@@ -5,7 +5,7 @@ from django.conf import settings
 from django.urls import reverse
 from django.contrib.auth import get_user_model
 
-from .common import MockEppLib, MockSESClient, create_user  # type: ignore
+from .common import MockEppLib, MockSESClient, create_staffuser  # type: ignore
 from django_webtest import WebTest  # type: ignore
 import boto3_mocking  # type: ignore
 
@@ -322,7 +322,7 @@ class TestDomainDetail(TestDomainOverview):
         when no domain information or domain request exist"""
         with less_console_noise():
             # have to use staff user for this test
-            staff_user = create_user()
+            staff_user = create_staffuser()
             # staff_user.save()
             self.client.force_login(staff_user)
 

src/registrar/views/index.py

@@ -3,6 +3,7 @@ from django.shortcuts import render
 from registrar.models import DomainRequest, Domain, UserDomainRole
 from waffle.decorators import flag_is_active
 
+
 def index(request):
     """This page is available to anyone without logging in."""
     context = {}