Beispiel #1
0
 def test_same_oauth_domain_fails_for_two_organization(self):
     domain = 'example.com'
     domain2 = 'test.com'
     factories.Organization(oauth_domains=[domain, domain2])
     org2 = factories.Organization()
     org2.oauth_domains = [domain]
     self.assertRaises(ValidationError, org2.save)
Beispiel #2
0
    def test_post_success_with_default_org(self, mock_requests):
        mock_requests.post.return_value = Mock(status_code=201)
        factories.Organization(name=settings.DEFAULT_ORG)
        os.environ['APP_BRANCH'] = DEMO_BRANCH

        data = {
            'first_name': 'John',
            'last_name': 'Lennon',
            'email': '*****@*****.**',
            'username': '******',
            'password1': '123456',
            'password2': '123456',
            'title': TITLE_CHOICES[0][0],
            'privacy_disclaimer_accepted': 'on',
        }
        request = self.factory.post(reverse('register'), data)
        self._hotfix_django_bug(request)
        view = views.RegisterView.as_view()
        response = view(request)
        os.environ['APP_BRANCH'] = ''
        self.assertEqual(response.status_code, 302)
        self.assertIn(reverse('index'), response.url)

        tolauser = TolaUser.objects.select_related('user').get(
            name='John Lennon')
        user = tolauser.user
        self.assertEqual(user.first_name, data['first_name'])
        self.assertEqual(user.last_name, data['last_name'])
        self.assertEqual(user.email, data['email'])
        self.assertEqual(tolauser.organization.name, settings.DEFAULT_ORG)
        self.assertEqual(tolauser.title, data['title'])
        self.assertTrue(User.objects.filter(username='******').exists())

        os.environ['APP_BRANCH'] = ''
Beispiel #3
0
    def test_join_record_list_view_organization_only(
        self,
        request_factory,
        org_admin,
        document_logic_module,
        crm_logic_module,
        document_logic_module_model,
        appointment_logic_module_model,
    ):
        join_records = factories.JoinRecord.create_batch(
            size=5,
            **{
                "organization__organization_uuid":
                TEST_USER_DATA["organization_uuid"]
            })

        factories.JoinRecord.create(organization=factories.Organization(
            name='Another Organization'))

        request = request_factory.get("")
        request.user = org_admin
        request.session = self.session
        response = views.JoinRecordViewSet.as_view({"get": "list"})(request)
        assert response.status_code == 200
        assert len(response.data) == 5
        assert set([str(jr.join_record_uuid) for jr in join_records
                    ]) == set([jr["join_record_uuid"] for jr in response.data])
    def test_update_workflowlevel2_diff_org_admin(self):
        group_org_admin = factories.CoreGroup(
            name='Org Admin',
            is_org_level=True,
            permissions=PERMISSIONS_ORG_ADMIN,
            organization=self.core_user.organization)
        self.core_user.core_groups.add(group_org_admin)

        request = self.factory.post(reverse('workflowlevel2-list'))
        another_org = factories.Organization(name='Another Org')
        wflvl1 = factories.WorkflowLevel1(organization=another_org)
        workflowlevel2 = factories.WorkflowLevel2(workflowlevel1=wflvl1)

        data = {
            'name': 'Community awareness program conducted to plant trees',
            'workflowlevel1': wflvl1.pk
        }

        request = self.factory.put(
            reverse('workflowlevel2-detail', args=(str(workflowlevel2.pk), )),
            data)
        request.user = self.core_user
        view = WorkflowLevel2ViewSet.as_view({'put': 'update'})
        response = view(request, pk=str(workflowlevel2.pk))
        self.assertEqual(response.status_code, 403)
Beispiel #5
0
    def test_reset_password_using_default_org_template(self, request_factory,
                                                       org_member):
        email = org_member.email

        default_organization = factories.Organization(
            name=settings.DEFAULT_ORG)

        EmailTemplate.objects.create(organization=default_organization,
                                     type=TEMPLATE_RESET_PASSWORD,
                                     subject='Custom subject',
                                     template="""
                Custom template
                {{ password_reset_link }}
                """)

        request = request_factory.post(reverse('coreuser-reset-password'),
                                       {'email': email})
        response = CoreUserViewSet.as_view({'post': 'reset_password'})(request)
        assert response.status_code == 200
        assert response.data['count'] == 1
        assert mail.outbox

        message = mail.outbox[0]
        assert message.to == [email]

        resetpass_url = urljoin(settings.FRONTEND_URL,
                                settings.RESETPASS_CONFIRM_URL_PATH)
        uid = urlsafe_base64_encode(force_bytes(org_member.pk))
        token = default_token_generator.make_token(org_member)
        assert message.subject == 'Custom subject'
        assert 'Custom template' in message.body
        assert f'{resetpass_url}{uid}/{token}/' in message.body
Beispiel #6
0
    def test_user_to_tola(self):
        # TolaUser will be create with default Org
        response = {
            'displayName': 'Foo Bar',
            'emails': [{
                'type': 'account',
                'value': '*****@*****.**'
            }]
        }
        user = factories.User.build(is_superuser=True, is_staff=True)
        user.save()

        util.user_to_tola(None, user, response)
        tola_user = TolaUser.objects.get(user=user)

        self.assertEqual(tola_user.name, response.get('displayName'))
        self.assertEqual(tola_user.organization.name, self.org.name)
        self.assertEqual(tola_user.country.country, self.country.country)

        # TolaUser will be retrieved and Org won't be the default anymore
        new_org = factories.Organization(name='New Organization')
        tola_user.organization = new_org
        tola_user.save()
        util.user_to_tola(None, user, response)
        tola_user = TolaUser.objects.get(user=user)

        self.assertEqual(tola_user.organization.name, new_org.name)
Beispiel #7
0
 def setUp(self):
     os.environ['APP_BRANCH'] = ''
     logging.disable(logging.ERROR)
     self.group_org_admin = factories.Group(name=ROLE_ORGANIZATION_ADMIN)
     self.group_program_admin = factories.Group(name=ROLE_PROGRAM_ADMIN)
     self.org = factories.Organization(chargebee_subscription_id='12345')
     self.tola_user = factories.TolaUser(organization=self.org)
Beispiel #8
0
    def test_filter_collecteddata_org_superuser(self):
        self.tola_user.user.is_staff = True
        self.tola_user.user.is_superuser = True
        self.tola_user.user.save()

        another_org = factories.Organization(name='Another Org')
        wkflvl1_1 = factories.WorkflowLevel1(
            organization=self.tola_user.organization)
        wkflvl1_2 = factories.WorkflowLevel1(organization=another_org)
        indicator1 = factories.Indicator(workflowlevel1=[wkflvl1_1])
        indicator2 = factories.Indicator(workflowlevel1=[wkflvl1_2])
        collecteddata1 = factories.CollectedData(data_uuid=111,
                                                 indicator=indicator1)
        factories.CollectedData(data_uuid=222, indicator=indicator2)

        request = self.factory.get(
            '/api/collecteddata/?indicator__workflowlevel1__organization__id=%s'
            % self.tola_user.organization.pk)
        request.user = self.tola_user.user
        view = CollectedDataViewSet.as_view({'get': 'list'})
        response = view(request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.data), 1)
        self.assertEqual(response.data[0]['data_uuid'],
                         str(collecteddata1.data_uuid))
Beispiel #9
0
 def setUp(self):
     logging.disable(logging.ERROR)
     settings.ELASTICSEARCH_ENABLED = True
     self.org = factories.Organization()
     self.indexer = ElasticsearchIndexer()
     self.factory = APIRequestFactory()
     self.tola_user = factories.TolaUser(organization=self.org)
    def test_filter_workflowteam_superuser(self):
        self.tola_user.user.is_staff = True
        self.tola_user.user.is_superuser = True
        self.tola_user.user.save()

        another_org = factories.Organization(name='Another Org')
        wkflvl1_1 = factories.WorkflowLevel1(
            organization=self.tola_user.organization)
        wkflvl1_2 = factories.WorkflowLevel1(organization=another_org)
        workflowteam1 = factories.WorkflowTeam(workflow_user=self.tola_user,
                                               salary=1111,
                                               workflowlevel1=wkflvl1_1)
        factories.WorkflowTeam(workflow_user=self.tola_user,
                               salary=2222,
                               workflowlevel1=wkflvl1_2)

        request = self.factory.get(
            '/api/workflowteam/?workflowlevel1__organization__id=%s' %
            self.tola_user.organization.pk)
        request.user = self.tola_user.user
        view = WorkflowTeamViewSet.as_view({'get': 'list'})
        response = view(request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.data), 1)
        self.assertEqual(response.data[0]['salary'], str(workflowteam1.salary))
    def test_create_contact_program_admin_another_org(self):
        request = self.factory.post('/api/contact/')
        wflvl1 = factories.WorkflowLevel1(
            organization=self.tola_user.organization)
        another_org = factories.Organization(name='Another Org')
        wflvl1_url = reverse('workflowlevel1-detail',
                             kwargs={'pk': wflvl1.id},
                             request=request)
        organization_url = reverse('organization-detail',
                                   kwargs={'pk': another_org.id},
                                   request=request)
        country_url = reverse('country-detail',
                              kwargs={'pk': self.tola_user.country.id},
                              request=request)
        WorkflowTeam.objects.create(
            workflow_user=self.tola_user,
            workflowlevel1=wflvl1,
            role=factories.Group(name=ROLE_PROGRAM_ADMIN))

        data = {
            'name': 'John Lennon',
            'city': 'Liverpool',
            'country': country_url,
            'workflowlevel1': wflvl1_url,
            'organization': organization_url
        }

        request = self.factory.post('/api/contact/', data)
        request.user = self.tola_user.user
        view = ContactViewSet.as_view({'post': 'create'})
        response = view(request)

        self.assertEqual(response.status_code, 403)
    def test_authorization_success(self):
        # set user's password
        self.core_user.set_password('1234')
        self.core_user.save()

        # change user's organization
        users_org = factories.Organization(name='Test Org')
        self.core_user.organization = users_org
        self.core_user.save()

        c = Client(HTTP_USER_AGENT='Test/1.0')

        # Get Authorization token
        authorize_url = '/oauth/token/?client_id={}'.format(self.app.client_id)

        data = {
            'grant_type': 'password',
            'username': self.core_user.username,
            'password': '******',
        }

        response = c.post(authorize_url, data=data)
        self.assertEqual(response.status_code, 200)
        self.assertIn('access_token', response.json())
        self.assertIn('access_token_jwt', response.json())
        self.assertIn('expires_in', response.json())
    def test_create_workflowteam_org_admin(self):
        WorkflowTeam.objects.create(
            workflow_user=self.tola_user,
            workflowlevel1=self.wflvl1,
            role=factories.Group(name=ROLE_ORGANIZATION_ADMIN))

        wflvl1_url = reverse('workflowlevel1-detail',
                             kwargs={'pk': self.wflvl1.id})
        user_george = factories.User(first_name='George', last_name='Harrison')
        tola_user_george = factories.TolaUser(
            user=user_george, organization=factories.Organization())
        tolauser_url = reverse('tolauser-detail',
                               kwargs={'pk': tola_user_george.id})
        role = factories.Group(name=ROLE_ORGANIZATION_ADMIN)
        role_url = reverse('group-detail', kwargs={'pk': role.id})
        data = {
            'role': role_url,
            'workflow_user': tolauser_url,
            'workflowlevel1': wflvl1_url,
        }

        request = self.factory.post(None, data)
        request.user = self.tola_user.user
        view = WorkflowTeamViewSet.as_view({'post': 'create'})
        response = view(request)
        self.assertEqual(response.status_code, 201)

        WorkflowTeam.objects.get(
            workflowlevel1=self.wflvl1,
            workflow_user=tola_user_george,
            role=role,
        )
    def test_authorization_success(self):
        # set user's password
        self.core_user.set_password('1234')
        self.core_user.save()

        # change user's organization
        users_org = factories.Organization(name='Test Org')
        self.core_user.organization = users_org
        self.core_user.save()

        # Get Authorization token
        basic_token = base64.b64encode(
            f'{self.app.client_id}:{self.app.client_secret}'.encode(
                'utf-8')).decode('utf-8')
        headers = {
            'HTTP_USER_AGENT': 'Test/1.0',
            'HTTP_AUTHORIZATION': f'Basic {basic_token}'
        }

        c = APIClient()
        c.credentials(**headers)

        authorize_url = '/oauth/token/'

        data = f'username={self.core_user.username}&password=1234&grant_type=password'

        response = c.post(authorize_url,
                          data=data,
                          content_type='application/x-www-form-urlencoded',
                          headers=headers)
        self.assertEqual(response.status_code, 200)
        self.assertIn('access_token', response.json())
        self.assertIn('access_token_jwt', response.json())
        self.assertIn('expires_in', response.json())
Beispiel #15
0
    def test_user_to_hikaya_without_hikaya_user_data(self):
        # HikayaUser will be created with the default Org
        response = {
            'displayName': 'John Lennon',
            'emails': [{
                'type': 'account',
                'value': '*****@*****.**'
            }]
        }

        user = factories.User(first_name='John', last_name='Lennon')
        auth_pipeline.user_to_hikaya(None, user, response)
        hikaya_user = HikayaUser.objects.get(user=user)

        self.assertEqual(hikaya_user.name, response.get('displayName'))
        self.assertEqual(hikaya_user.organization.name, self.org.name)
        self.assertEqual(hikaya_user.country.country, self.country.country)

        # HikayaUser will be retrieved and Org won't be the default anymore
        new_org = factories.Organization(name='New Organization')
        hikaya_user.organization = new_org
        hikaya_user.save()
        auth_pipeline.user_to_hikaya(None, user, response)
        hikaya_user = HikayaUser.objects.get(user=user)

        self.assertEqual(hikaya_user.organization.name, new_org.name)
    def test_filter_documentation_country_superuser(self):
        self.tola_user.user.is_staff = True
        self.tola_user.user.is_superuser = True
        self.tola_user.user.save()

        wflvl1_1 = factories.WorkflowLevel1(
            name='WorkflowLevel1_1', organization=self.tola_user.organization)
        WorkflowTeam.objects.create(workflow_user=self.tola_user,
                                    workflowlevel1=wflvl1_1)
        documentation1 = factories.Documentation(name='Document 1',
                                                 workflowlevel1=wflvl1_1)

        another_org = factories.Organization(name='Another Org')
        wflvl1_2 = factories.WorkflowLevel1(name='WorkflowLevel1_2',
                                            organization=another_org)
        WorkflowTeam.objects.create(workflow_user=self.tola_user,
                                    workflowlevel1=wflvl1_2)
        factories.Documentation(name='Document 2', workflowlevel1=wflvl1_2)

        request = self.factory.get('/api/documentation'
                                   '/?workflowlevel1__organization__id=%s' %
                                   self.tola_user.organization.pk)
        request.user = self.tola_user.user
        view = DocumentationViewSet.as_view({'get': 'list'})
        response = view(request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.data), 1)
        self.assertEqual(response.data[0]['name'], documentation1.name)
    def test_create_codedfield(self):
        factories.Organization(id=1)
        self.request.user = self.user
        view = CodedFieldViewSet.as_view({'post': 'create'})
        response = view(self.request)

        self.assertEqual(response.status_code, 201)
    def test_create_indicator_program_admin_wflvl1_another_org(self):
        request = self.factory.post('/api/indicator/')
        wflvl1 = factories.WorkflowLevel1(
            organization=self.tola_user.organization)
        wflvl1_url = reverse('workflowlevel1-detail',
                             kwargs={'pk': wflvl1.id},
                             request=request)

        another_org = factories.Organization(name='Another Org')
        wflvl2 = factories.WorkflowLevel1(organization=another_org)
        wflvl2_url = reverse('workflowlevel1-detail',
                             kwargs={'pk': wflvl2.id},
                             request=request)
        WorkflowTeam.objects.create(
            workflow_user=self.tola_user,
            workflowlevel1=wflvl1,
            role=factories.Group(name=ROLE_PROGRAM_ADMIN))

        data = {
            'name': 'Building resilience in Mali',
            'workflowlevel1': [wflvl1_url, wflvl2_url]
        }

        request = self.factory.post('/api/indicator/', data)
        request.user = self.tola_user.user
        view = IndicatorViewSet.as_view({'post': 'create'})
        response = view(request)

        self.assertEqual(response.status_code, 403)
Beispiel #19
0
    def test_sync_save_create_disabled(self, mock_tsync):
        mock_tsync.create_instance.return_value = Mock()

        factories.Organization()
        self.assertFalse(mock_tsync.create_instance.called)

        factories.WorkflowLevel1()
        self.assertFalse(mock_tsync.create_instance.called)
Beispiel #20
0
    def test_sync_save_create(self, mock_tsync):
        mock_tsync.create_instance.return_value = Mock()

        org = factories.Organization()
        mock_tsync.create_instance.assert_called_with(org)

        wfl1 = factories.WorkflowLevel1()
        mock_tsync.create_instance.assert_called_with(wfl1)
Beispiel #21
0
 def test_notification(self, request_factory):
     dif_org = factories.Organization(name='Another Org')
     data = {
         "organization_uuid": dif_org.organization_uuid,
         "notification_messages": "message"
     }
     request = request_factory.post(reverse('coreuser-notification'), data)
     response = CoreUserViewSet.as_view({'post': 'notification'})(request)
     assert response.status_code == 200
    def test_auth_allowed_in_whitelisted_domains_conf(self):
        factories.Organization(name=settings.DEFAULT_ORG)

        backend = self.BackendTest()
        backend.WHITELISTED_DOMAINS = ['testenv.com']
        details = {'email': '*****@*****.**'}
        result = auth_pipeline.auth_allowed(backend, details, None)
        self.assertIsNone(result)
        self.assertIn('organization_uuid', details)
Beispiel #23
0
 def setUp(self):
     factories.Organization(id=1)
     self.user = factories.User(first_name='Homer', last_name='Simpson')
     self.hikaya_user = factories.TolaUser(user=self.user)
     self.read = factories.Read(read_name="test_data",
                                owner=self.hikaya_user.user)
     self.silo = factories.Silo(owner=self.hikaya_user.user,
                                reads=[self.read])
     self.factory = APIRequestFactory()
    def setUp(self):
        factories.Organization(id=1)
        wflvl1 = factories.WorkflowLevel1()
        wflvl2 = factories.WorkflowLevel2(name='WorkflowLevel2',
                                          workflowlevel1=wflvl1)
        factories.CodedField.create_batch(2, workflowlevel2=[wflvl2])

        factory = APIRequestFactory()
        self.request = factory.get('/api/codedfield/')
    def setUp(self):
        self.factory = APIRequestFactory()
        self.tola_user = factories.TolaUser()

        self.tola_user_ringo = factories.TolaUser(
            user=factories.User(first_name='Ringo', last_name='Starr'),
            organization=self.tola_user.organization)
        self.tola_user_george = factories.TolaUser(
            user=factories.User(first_name='George', last_name='Harrison'),
            organization=factories.Organization(name='Other Org'))
Beispiel #26
0
    def test_response_forbidden(self, mock_requests, mock_logger):
        mock_requests.delete.return_value = Mock(status_code=403)

        org = factories.Organization()

        response = delete_instance(org)
        self.assertEqual(response.status_code, 403)
        mock_logger.warning.assert_called_once_with(
            '{} (id={}, model={}) could not be created/fetched successfully '
            'on/from Track.'.format(org.name, org.id, 'Organization'))
Beispiel #27
0
 def test_auth_allowed_no_email(self):
     factories.Organization(name=settings.DEFAULT_ORG)
     backend = self.BackendTest()
     details = {}
     response = auth_pipeline.auth_allowed(backend, details, None)
     template_content = response.content
     self.assertIn(b"You don't appear to have permissions to access "
                   b"the system.", template_content)
     self.assertIn(b"Please check with your organization to have access.",
                   template_content)
Beispiel #28
0
    def setUp(self):
        factories.Organization(id=0)
        DisaggregationType.objects.bulk_create([
            DisaggregationType(disaggregation_type='DisaggregationType1'),
            DisaggregationType(disaggregation_type='DisaggregationType2'),
        ])

        factory = APIRequestFactory()
        self.request_get = factory.get('/api/disaggregationtype/')
        self.request_post = factory.post('/api/disaggregationtype/')
Beispiel #29
0
    def test_response_200_delete(self, mock_requests, mock_logger):
        mock_requests.delete.return_value = Mock(status_code=200)

        org = factories.Organization()

        response = delete_instance(org)
        self.assertEqual(response.status_code, 200)
        mock_logger.info.assert_called_once_with(
            'The request for {} (id={}, model={}) was successfully executed '
            'on Track.'.format(org.name, org.id, 'Organization'))
Beispiel #30
0
    def setUp(self):
        self.org = factories.Organization()
        self.tola_user = factories.TolaUser(organization=self.org)

        self.read = factories.Read(read_name="test_data",
                                   owner=self.tola_user.user)
        self.silo = factories.Silo(owner=self.tola_user.user,
                                   reads=[self.read])
        self._import_json(self.silo, self.read)

        self.factory = APIRequestFactory()