def test_list_organization_superuser(self):
self.request.user = factories.CoreUser(is_superuser=True,
is_staff=True)
view = OrganizationViewSet.as_view({'get': 'list'})
response = view(self.request)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 2)
def test_validate_core_user_access(self):
request = self.get_mock_request('/a-jedis-path/', APIGatewayView,
self.core_user)
request.resolver_match = Mock(url_name='obi-wan-kenobi')
core_user = factories.CoreUser()
ret = validate_object_access(request, core_user)
self.assertIsNone(ret)
def test_delete_logic_module_models_no_access(self, request_factory, document_logic_module_model):
pk = str(document_logic_module_model.pk)
request = request_factory.delete(reverse('logicmodulemodel-detail', args=(pk,)))
user = factories.CoreUser()
request.user = user
response = views.LogicModuleModelViewSet.as_view({"delete": "destroy"})(request, pk=pk)
assert response.status_code == 403
def setUp(self):
self.client = APIClient()
self.core_user = factories.CoreUser()
self.lm = factories.LogicModule(name='documents')
# bypass authentication
self.client.force_authenticate(user=self.core_user)
def test_invalid_delete_partner(self):
request = self.factory.delete(
reverse('partner-detail', args=(self.partner.pk, )))
request.user = factories.CoreUser(is_superuser=True, is_staff=True)
response = PartnerViewSet.as_view({'delete': 'destroy'})(request,
pk=12)
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_delete_relationship_no_access(self, request_factory, relationship):
pk = str(relationship.pk)
request = request_factory.delete(reverse('relationship-detail', args=(pk,)))
user = factories.CoreUser()
request.user = user
response = views.RelationshiplViewSet.as_view({"delete": "destroy"})(request, pk=pk)
assert response.status_code == 403
def test_detail_relationship(self, request_factory, relationship):
pk = str(relationship.pk)
request = request_factory.get(reverse('relationship-detail', args=(pk,)))
user = factories.CoreUser()
request.user = user
response = views.RelationshiplViewSet.as_view({"get": "retrieve"})(request, pk=pk)
assert response.status_code == 200
assert self.expected_keys == set(response.data.keys())
def test_detail_logic_module_models(self, request_factory, document_logic_module_model):
pk = str(document_logic_module_model.pk)
request = request_factory.get(reverse('logicmodulemodel-detail', args=(pk,)))
user = factories.CoreUser()
request.user = user
response = views.LogicModuleModelViewSet.as_view({"get": "retrieve"})(request, pk=pk)
assert response.status_code == 200
assert self.expected_keys == set(response.data.keys())
def test_json_dump_w_core_user():
core_user = factories.CoreUser(pk=5)
obj = {
"model_instance": core_user,
}
result = json.dumps(obj, cls=GatewayJSONEncoder)
expected_result = '{"model_instance": 5}'
assert result == expected_result
def setUp(self):
self.not_default_org = factories.Organization.create(name='Some Org')
wfl1_not_default_org = factories.WorkflowLevel1.create(
organization=self.not_default_org)
factories.WorkflowLevel2.create_batch(
2, workflowlevel1=wfl1_not_default_org)
self.factory = APIRequestFactory()
self.core_user = factories.CoreUser()
def test_list_relationships(self, request_factory, relationship, relationship2):
request = request_factory.get(reverse('relationship-list'))
user = factories.CoreUser()
request.user = user
response = views.RelationshiplViewSet.as_view({"get": "list"})(request)
assert response.status_code == 200
assert len(response.data) == 2
assert set(response.data[0].keys()) == self.expected_keys
assert set(response.data[0]['origin_model'].keys()) == TestLogicModuleModelView.expected_keys
assert set(response.data[0]['related_model'].keys()) == TestLogicModuleModelView.expected_keys
def test_admin_user_auth_page_with_superuser(self):
"""Super user should see superuser status field on django admin"""
admin = CoreUser.objects.create_superuser('admin', '*****@*****.**', 'Password123')
another_user = factories.CoreUser(username='******')
self.client.login(username='******', password='******')
url = '/admin/core/coreuser/{}/change/'.format(another_user.pk)
response = self.client.get(url)
self.assertContains(response, 'Superuser status')
def test_list_logic_module_models(self, request_factory,
document_logic_module_model,
appointment_logic_module_model):
request = request_factory.get(reverse('logicmodulemodel-list'))
user = factories.CoreUser()
request.user = user
response = views.LogicModuleModelViewSet.as_view({"get":
"list"})(request)
assert response.status_code == 200
assert len(response.data) == 2
assert self.expected_keys == set(response.data[0].keys())
def test_create_valid_partner(self):
data = {
'name': 'partner name',
}
request = self.factory.post(reverse('partner-list'),
data,
format='json')
request.user = factories.CoreUser(is_superuser=True, is_staff=True)
response = PartnerViewSet.as_view({'post': 'create'})(request)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
def test_patch_logic_module_model(self, request_factory, document_logic_module_model):
pk = str(document_logic_module_model.pk)
data = {
"lookup_field_name": "another_lookup_field"
}
request = request_factory.patch(reverse('logicmodulemodel-detail', args=(pk,)), data)
user = factories.CoreUser(is_superuser=True)
request.user = user
response = views.LogicModuleModelViewSet.as_view({"patch": "partial_update"})(request, pk=pk)
assert response.status_code == 200
assert self.expected_keys == set(response.data.keys())
assert response.data['lookup_field_name'] == 'another_lookup_field'
def test_valid_update_partner(self):
self.partner = Partner.objects.create(name='partner name')
data = {
'name': 'partner name',
}
request = self.factory.put(
reverse('partner-detail', args=(self.partner.pk, )), data)
request.user = factories.CoreUser(is_superuser=True, is_staff=True)
response = PartnerViewSet.as_view({'put':
'update'})(request,
pk=self.partner.pk)
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_update_relationship_no_access(self, request_factory, relationship):
pk = str(relationship.pk)
data = {
"origin_model_id": relationship.origin_model.pk,
"related_model_id": relationship.related_model.pk,
"key": "another_key_for_this_rel"
}
request = request_factory.put(reverse('relationship-detail', args=(pk,)), data)
user = factories.CoreUser()
request.user = user
response = views.RelationshiplViewSet.as_view({"put": "update"})(request, pk=pk)
assert response.status_code == 403
def setUp(self):
self.client = APIClient()
self.core_user = factories.CoreUser()
# bypass authentication
self.client.force_authenticate(user=self.core_user)
self.response_data = {
'id': 1,
'workflowlevel2_uuid': 1,
'name': 'test',
'contact_uuid': 1
}
def test_admin_user_permissions_section_with_superuser(self):
"""Super user should see user permissions section on django admin"""
User = get_user_model()
User.objects.create_superuser('admin', '*****@*****.**',
'Password123')
another_user = factories.CoreUser(username='******')
self.client.login(username='******', password='******')
url = '/admin/workflow/coreuser/{}/change/'.format(another_user.pk)
response = self.client.get(url)
self.assertContains(response, 'User permissions')
def test_patch_relationship(self, request_factory, relationship):
pk = str(relationship.pk)
data = {"key": "another_key_for_this_rel"}
request = request_factory.patch(
reverse('relationship-detail', args=(pk, )), data)
user = factories.CoreUser(is_superuser=True)
request.user = user
response = views.RelationshiplViewSet.as_view(
{"patch": "partial_update"})(request, pk=pk)
assert response.status_code == 200
assert self.expected_keys == set(response.data.keys())
assert response.data['key'] == 'another_key_for_this_rel'
def test_create_organization_new_username_org(self):
coreuser = factories.CoreUser(first_name='John', last_name='Lennon')
response = auth_pipeline.create_organization(core_user=coreuser, is_new_core_user=True)
self.assertIn('is_new_org', response)
self.assertTrue(response['is_new_org'])
self.assertIn('organization', response)
self.assertTrue(isinstance(response['organization'], Organization))
self.assertEqual(response['organization'].name, coreuser.username)
coreuser.refresh_from_db()
self.assertEqual(coreuser.organization, response['organization'])
def test_create_logic_module_model(self, request_factory):
data = {
"logic_module_endpoint_name": "location",
"model": "siteprofile",
"endpoint": "/siteprofiles/",
"lookup_field_name": "uuid"
}
request = request_factory.post(reverse('logicmodulemodel-list'), data)
user = factories.CoreUser(is_superuser=True)
request.user = user
response = views.LogicModuleModelViewSet.as_view({"post": "create"})(request)
assert response.status_code == 201
assert self.expected_keys == set(response.data.keys())
def test_create_logic_module_model_no_access(self, request_factory):
data = {
"logic_module_endpoint_name": "location",
"model": "siteprofile",
"endpoint": "/siteprofiles/",
"lookup_field_name": "uuid"
}
request = request_factory.post(reverse('logicmodulemodel-list'), data)
user = factories.CoreUser()
request.user = user
response = views.LogicModuleModelViewSet.as_view({"post": "create"})(request)
assert response.status_code == 403
def test_update_logic_module_model_no_access(self, request_factory, document_logic_module_model):
pk = str(document_logic_module_model.pk)
data = {
"logic_module_endpoint_name": "document",
"model": "document",
"endpoint": "/documents/",
"lookup_field_name": "another_lookup_field"
}
request = request_factory.put(reverse('logicmodulemodel-detail', args=(pk,)), data)
user = factories.CoreUser()
request.user = user
response = views.LogicModuleModelViewSet.as_view({"put": "update"})(request, pk=pk)
assert response.status_code == 403
def test_create_organization_new_default_org(self):
Organization.objects.get(name=settings.DEFAULT_ORG).delete()
coreuser = factories.CoreUser(first_name='John', last_name='Lennon', organization=None)
response = auth_pipeline.create_organization(core_user=coreuser, is_new_core_user=True)
self.assertIn('is_new_org', response)
self.assertTrue(response['is_new_org'])
self.assertIn('organization', response)
self.assertTrue(isinstance(response['organization'], Organization))
self.assertEqual(response['organization'].name, settings.DEFAULT_ORG)
coreuser.refresh_from_db()
self.assertEqual(coreuser.organization, response['organization'])
def test_create_relationship_no_access(self, request_factory,
document_logic_module_model,
appointment_logic_module_model):
data = {
"origin_model_id": document_logic_module_model.pk,
"related_model_id": appointment_logic_module_model.pk,
"key": "document_appointment_rel"
}
request = request_factory.post(reverse('relationship-list'), data)
user = factories.CoreUser()
request.user = user
response = views.RelationshiplViewSet.as_view({"post":
"create"})(request)
assert response.status_code == 403
def setUp(self):
self.client = APIClient()
self.core_user = factories.CoreUser()
self.lm = factories.LogicModule(name='Products Service',
endpoint_name='products')
# bypass authentication
self.client.force_authenticate(user=self.core_user)
self.response_data = {
'id': 1,
'workflowlevel2_uuid': str(uuid.uuid4()),
'name': 'test',
'contact_uuid': 1
}
def test_admin_user_permissions_section_with_staff_user(self):
"""Staff user shouldn't see user permissions section field on django admin"""
staff_user = CoreUser.objects.create_user('staff_user', '*****@*****.**', 'Password123')
permission = Permission.objects.get(name='Can change core user')
staff_user.user_permissions.add(permission)
staff_user.is_staff = True
staff_user.save()
another_user = factories.CoreUser(username='******')
self.client.login(username='******', password='******')
url = '/admin/core/coreuser/{}/change/'.format(another_user.pk)
response = self.client.get(url)
self.assertNotContains(response, 'User permissions')
def test_create_relationship(self, request_factory,
document_logic_module_model,
appointment_logic_module_model):
data = {
"origin_model_id": document_logic_module_model.pk,
"related_model_id": appointment_logic_module_model.pk,
"key": "document_appointment_rel"
}
request = request_factory.post(reverse('relationship-list'), data)
user = factories.CoreUser(is_superuser=True)
request.user = user
response = views.RelationshiplViewSet.as_view({"post":
"create"})(request)
assert response.status_code == 201
assert self.expected_keys == set(response.data.keys())
def setUp(self) -> None:
self.rf = RequestFactory()
self.core_user = factories.CoreUser()
# for testing refresh token
application = Application(
name="Test JWT Application",
user=self.core_user,
client_type=Application.CLIENT_PUBLIC,
authorization_grant_type=Application.GRANT_PASSWORD,
)
application.save()
access_token = AccessToken.objects.create(user=self.core_user,
token="1234567890",
application=application,
expires=timezone.now() +
datetime.timedelta(days=1),
scope="read write")
RefreshToken.objects.create(access_token=access_token,
user=self.core_user,
application=application,
token="007")
