def test_second_org_setup(self):
# first org, admin, first user are already created
org1 = setup_org()
setup_admin(org=org1)
setup_user(org=org1)
# Admin user login to admin portal and create a new org
self.visit(LoginPage.admin_url)
self.log_admin()
self.get_elem(self.create_org_link).click()
org2_slug = self.create_org(tv.ORG_NAME_2, tv.ORG_SLUG_2)
# Admin close its browser
self.browser.quit()
# Second user display the app for the first time to create its account
self.setUp()
self.visit_signup_page(org2_slug)
# Second user fulfill the user creation form
email = self.create_user(user_num=2, activate_user=True)
# Second user login to the second organization
self.log_user(user_num=2)
# Second user is properly logged
self.assertIn("home", self.head_title)
self.assertIn(email, self.get_elem(self.profile_name).text)
def setUp(self):
self.org_1 = setup_org()
self.org_2 = setup_org(name=tv.ORG_NAME_2, slug=tv.ORG_SLUG_2)
self.user_1 = setup_user(org=self.org_1)
self.user_2 = setup_user(org=self.org_1,
email=tv.USER2_EMAIL,
password=tv.USER2_PASS)
self.user_3 = setup_user(org=self.org_2,
email=tv.USER3_EMAIL,
password=tv.USER3_PASS)
self.user_1_codes_1 = ["AA1222", "AA1223"]
self.user_1_codes_2 = ["BB1222", "BB1223"]
self.user_2_codes = ["CC1222", "CC1223"]
self.user_1_static_device_1 = setup_2fa_static_device(
self.user_1,
"user1 valid token set 1",
codes_list=self.user_1_codes_1)
self.user_1_static_device_2 = setup_2fa_static_device(
self.user_1,
"user1 valid token set 2",
codes_list=self.user_1_codes_2)
# invalid set with no codes left
self.user_1_static_device_3 = setup_2fa_static_device(
self.user_1, "user1 invalid token set 3")
self.user_2_static_device_1 = setup_2fa_static_device(
self.user_2, "user2 valid token set", codes_list=self.user_2_codes)
def test_user_update_region_language(self):
setup_user(self.user_org)
self.visit(LoginPage.url)
# language on non logged page is Fr (due to browser setting)
self.assertIn("connecter", self.head_title)
self.log_user()
# language on logged page is En (due to user setting)
self.assertIn("home", self.head_title) # Django string
self.assertIn(
"Search",
self.get_elem_text(self.search_button),
"Vue string should be translated according to user settings",
) # Vue string
# User go to update region page
self.visit(AccountPages.update_region_settings_url)
# He update its language to Fr
self.update_region_settings(language="Français")
# Language on logged page is now Fr (due to user setting)
self.visit(HomePage.url)
self.assertIn("accueil", self.head_title) # Django string
self.assertIn("Rechercher",
self.get_elem_text(self.search_button)) # Vue string
def test_form_refuse_non_unique_email(self):
"""Form refuse non unique email"""
setup_user(self.org, email=tv.USER1_EMAIL)
form = FTLUserCreationForm(
data={
"email": tv.USER1_EMAIL,
"password1": tv.USER2_PASS,
"password2": tv.USER2_PASS,
})
self.assertFalse(form.is_valid())
self.assertIn("email", form.errors)
def test_list_documents_added_by_another_user_of_same_org(self, messages_mocked):
# First user logout and a second user of the same org login
self.client.logout()
setup_user(self.org, tv.USER2_EMAIL, tv.USER2_PASS)
self.client.login(
request=HttpRequest(), email=tv.USER2_EMAIL, password=tv.USER2_PASS
)
client_get = self.client.get("/app/api/v1/documents", format="json")
self.assertEqual(client_get.status_code, status.HTTP_200_OK)
self.assertEqual(client_get["Content-Type"], "application/json")
self.assertEqual(client_get.data["count"], 2)
self.assertEqual(len(client_get.data["results"]), 2)
def test_cant_list_documents_from_another_org(self, messages_mocked):
# First user logout and a second user of the another org login
self.client.logout()
org2 = setup_org(tv.ORG_NAME_2, tv.ORG_SLUG_2)
setup_user(org2, tv.USER2_EMAIL, tv.USER2_PASS)
self.client.login(
request=HttpRequest(), email=tv.USER2_EMAIL, password=tv.USER2_PASS
)
client_get = self.client.get("/app/api/v1/documents", format="json")
self.assertEqual(client_get.status_code, status.HTTP_200_OK)
self.assertEqual(client_get["Content-Type"], "application/json")
self.assertEqual(client_get.data["count"], 0)
self.assertEqual(len(client_get.data["results"]), 0)
def test_form_refuse_non_unique_email(self):
"""Form refuse non unique email"""
org = setup_org()
setup_user(org, email=tv.USER1_EMAIL)
form = FirstOrgAndAdminCreationForm(
data={
"org_name": tv.ORG_NAME_2,
"email": tv.USER1_EMAIL,
"password1": tv.USER2_PASS,
"password2": tv.USER2_PASS,
})
self.assertFalse(form.is_valid())
self.assertIn("email", form.errors)
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.doc = setup_document(
self.org,
self.user,
title=tv.DOCUMENT_DOCX_TITLE,
note=tv.DOCUMENT_DOCX_NOTE,
text_content=tv.DOCUMENT_DOCX_CONTENT,
binary=tv.DOCUMENT_DOCX_BINARY_PATH,
file_type=
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
)
self.first_level_folder = setup_folder(self.org,
name="First level folder")
self.doc_in_folder = setup_document(
self.org,
self.user,
title="Document in folder",
ftl_folder=self.first_level_folder,
)
self.client.login(request=HttpRequest(),
email=tv.USER1_EMAIL,
password=tv.USER1_PASS)
def test_delete_document(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
# Create a custom document and thumbnail specific to this test because we don't want to delete test files
binary_f = setup_temporary_file().name
thumbnail_f = setup_temporary_file().name
document_to_be_deleted = FTLDocument.objects.create(
org=self.org,
ftl_user=self.user,
title="Test document to be deleted",
binary=binary_f,
thumbnail_binary=thumbnail_f,
)
document_to_be_deleted.delete()
with self.assertRaises(core.models.FTLDocument.DoesNotExist):
FTLDocument.objects.get(pid=document_to_be_deleted.pid)
# File has been deleted.
self.assertTrue(not os.path.exists(binary_f))
self.assertTrue(not os.path.exists(thumbnail_f))
def test_mark_delete_document(self, mocked_send_task):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
binary_f = setup_temporary_file().name
thumbnail_f = setup_temporary_file().name
document_to_be_deleted = FTLDocument.objects.create(
org=self.org,
ftl_user=self.user,
title="Test document to be deleted",
binary=binary_f,
thumbnail_binary=thumbnail_f,
)
document_to_be_deleted.mark_delete()
self.assertTrue(document_to_be_deleted.deleted)
self.assertIsNone(document_to_be_deleted.ftl_folder)
mocked_send_task.assert_called_with(
"core.tasks.delete_document",
args=[
document_to_be_deleted.pid,
document_to_be_deleted.org.pk,
document_to_be_deleted.ftl_user.pk,
],
)
def test_delete_folders(self, mock_send_task_delete_document):
org = setup_org()
setup_admin(org)
user = setup_user(org)
folder = setup_folder(org)
folder_sub = setup_folder(org, parent=folder)
document_1 = setup_document(org,
user,
binary=setup_temporary_file().name)
document_2 = setup_document(org,
user,
folder,
binary=setup_temporary_file().name)
document_3 = setup_document(org,
user,
folder_sub,
binary=setup_temporary_file().name)
self.assertEqual(FTLDocument.objects.filter(deleted=False).count(), 3)
self.assertEqual(FTLFolder.objects.count(), 2)
folder.delete()
self.assertEqual(FTLDocument.objects.filter(deleted=False).count(), 1)
self.assertEqual(FTLFolder.objects.count(), 0)
self.assertIsNotNone(FTLDocument.objects.get(pid=document_1.pid))
doc_marked_as_deleted_2 = FTLDocument.objects.get(pid=document_2.pid)
self.assertTrue(doc_marked_as_deleted_2.deleted)
doc_marked_as_deleted_3 = FTLDocument.objects.get(pid=document_3.pid)
self.assertTrue(doc_marked_as_deleted_3.deleted)
def setUp(self):
self.org_1 = setup_org()
self.user_1 = setup_user(org=self.org_1)
self.user_1_static_device_1 = setup_2fa_static_device(
self.user_1,
tv.STATIC_DEVICE_NAME,
codes_list=tv.STATIC_DEVICE_CODES_LIST)
def setUp(self, **kwargs):
# first org, admin, user are already created
super().setUp()
org = setup_org()
setup_admin(org=org)
# User have already created its account
self.user = setup_user(org=org)
def setUp(self):
self.org_with_docs = setup_org()
setup_admin(self.org_with_docs)
self.user = setup_user(self.org_with_docs)
self.doc = setup_document(self.org_with_docs, self.user)
self.doc_bis = setup_document(self.org_with_docs,
self.user,
title=tv.DOCUMENT2_TITLE)
self.first_level_folder = setup_folder(self.org_with_docs,
name="First level folder")
self.doc_in_folder = setup_document(
self.org_with_docs,
self.user,
title="Document in folder",
ftl_folder=self.first_level_folder,
)
self.org_with_folders = setup_org(name=tv.ORG_NAME_2,
slug=tv.ORG_SLUG_2)
setup_folder(self.org_with_folders)
self.org_without_docs_1 = setup_org(name=tv.ORG_NAME_3,
slug=tv.ORG_SLUG_3)
self.org_without_docs_2 = setup_org(name=tv.ORG_NAME_4,
slug=tv.ORG_SLUG_4)
def setUp(self):
# Setup org, admin, user and user is logged
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
setup_authenticated_session(self.client, self.org, self.user)
# reset mock
self.addCleanup(totp_time_setter.reset_mock, side_effect=True)
def setUp(self, **kwargs):
# first org, admin, user are already created, user is already logged on home page
super().setUp()
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.visit(LoginPage.url)
self.log_user()
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.client.login(
request=HttpRequest(), email=tv.USER1_EMAIL, password=tv.USER1_PASS
)
def test_user_is_missing_region_settings(self):
# Given user is missing lang and tz
setup_user(self.user_org, lang="", tz="")
self.visit(LoginPage.url)
self.log_user()
# When he go to update region page
self.visit(AccountPages.update_region_settings_url)
# Selects have no value set (--)
self.assertEqual(self.get_elem_text(self.language_select), "--")
self.assertEqual(self.get_elem_text(self.timezone_select), "--")
# Default locale come from browser (french for this test)
self.assertIn("compte", self.head_title)
# Default timezone come from TIME_ZONE settings (UTC currently)
self.assertEqual("UTC",
self.get_elem_attribute("#current-time", "title"))
def setUp(self, **kwargs):
# first org, admin, user are already created, user is already logged on home page
super().setUp()
self.admin_org = setup_org(name="admin org 1", slug="admin-org-1")
setup_admin(self.admin_org)
self.user_org = setup_org()
self.user = setup_user(self.user_org)
self.visit(LoginPage.url)
def test_logout_call_proper_signal(self, mocked_signal):
# Setup org, admin, user and log the user
org = setup_org()
setup_admin(org)
user = setup_user(org)
setup_authenticated_session(self.client, org, user)
self.client.get("/logout/")
mocked_signal.assert_called_once()
def setUp(self):
self.org_1 = setup_org()
self.org_2 = setup_org(name=tv.ORG_NAME_2, slug=tv.ORG_SLUG_2)
self.user_1 = setup_user(org=self.org_1)
self.user_2 = setup_user(org=self.org_1,
email=tv.USER2_EMAIL,
password=tv.USER2_PASS)
self.user_1_codes_1 = ["AA1222", "AA1223"]
self.user_1_static_device_1 = setup_2fa_static_device(
self.user_1,
"user1 valid token set 1",
codes_list=self.user_1_codes_1)
self.user_1_fido2_device_1 = setup_2fa_fido2_device(
self.user_1, "user1 fido2 device 1")
self.user_1_totp_device_1 = setup_2fa_totp_device(
self.user_1, "user1 totp 1")
self.user_1_totp_device_2 = setup_2fa_totp_device(
self.user_1, "user1 totp 2")
self.user_2_totp_device_2 = setup_2fa_totp_device(
self.user_2, "user2 totp 1")
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.doc = setup_document(self.org, self.user)
self.doc_bis = setup_document(self.org, self.user, title=tv.DOCUMENT2_TITLE)
self.client.login(
request=HttpRequest(), email=tv.USER1_EMAIL, password=tv.USER1_PASS
)
def test_document_download_only_work_for_users_in_the_doc_org(self):
# Add a document in first org with first user
doc = setup_document(self.org, self.user)
# Create a second org and user, log the second user
org_2 = setup_org(tv.ORG_NAME_2, tv.ORG_SLUG_2)
user_2 = setup_user(org_2, tv.USER2_EMAIL, tv.USER2_PASS)
setup_authenticated_session(self.client, org_2, user_2)
# Trying to download the document of first org with a user of second org returns a 404
response = self.client.get(f"/app/api/v1/documents/{doc.pid}/download")
self.assertEqual(response.status_code, 404)
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user1 = setup_user(self.org)
self.user2 = setup_user(self.org, email=tv.USER2_EMAIL)
self.doc = setup_document(self.org, self.user1)
self.doc_bis = setup_document(self.org, self.user1, title=tv.DOCUMENT2_TITLE)
self.doc_user1_reminder = setup_document_reminder(
self.doc, self.user1, tv.DOCUMENT_REMINDER_TOMORROW_DATE
)
self.doc_user1_reminder2 = setup_document_reminder(
self.doc, self.user1, tv.DOCUMENT_REMINDER_NEXT_WEEK_DATE
)
self.doc_user2_reminder = setup_document_reminder(
self.doc, self.user2, tv.DOCUMENT_REMINDER_TOMORROW_DATE
)
self.client.login(
request=HttpRequest(), email=tv.USER1_EMAIL, password=tv.USER1_PASS
)
def test_user_have_region_settings(self):
# Given user get custom region settings
user_timezone_setting = "Europe/Amsterdam"
setup_user(self.user_org, lang="en", tz=user_timezone_setting)
self.visit(LoginPage.url)
self.log_user()
# When he go to update region page
self.visit(AccountPages.update_region_settings_url)
# Selects have proper values sets
self.assertEqual(self.get_elem_text(self.language_select), "English")
self.assertEqual(self.get_elem_text(self.timezone_select),
user_timezone_setting)
# Locale come from user setting
self.assertIn("account", self.head_title)
# Timezone come from user setting
tz = pytz.timezone(user_timezone_setting)
tz_str = tz.localize(datetime.utcnow()).strftime("%Z")
self.assertEqual(tz_str,
self.get_elem_attribute("#current-time", "title"))
def setUp(self):
# Setup org, user
self.org = setup_org()
self.user = setup_user(self.org)
setup_authenticated_session(self.client, self.org, self.user)
# mock OTPMiddleware._verify_user() to skip check page
self.middleware_patcher = patch.object(OTPMiddleware, "_verify_user",
mocked_verify_user)
self.middleware_patcher.start()
self.addCleanup(
patch.stopall
) # ensure mock is remove after each test, even if the test crash
self.addCleanup(totp_time_setter.reset_mock, side_effect=True)
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.folder_root = setup_folder(self.org, name="First level folder")
self.folder_root_subfolder = setup_folder(
self.org, name="Second level folder", parent=self.folder_root
)
self.client.login(
request=HttpRequest(), email=tv.USER1_EMAIL, password=tv.USER1_PASS
)
def test_js_i18n_are_working_with_user_lang(self):
# i18n lang is chosen by user setting in db
# first org, admin, user are already created, user is already logged on home page
self.org = setup_org()
setup_admin(self.org, lang="en")
self.user = setup_user(self.org, lang="en")
self.visit(LoginPage.url)
self.log_user()
self.visit(self.root_url)
self.assertIn(
"Add documents",
self.get_elem_text(self.add_documents_button),
'"Add documents" should not be translated',
)
def test_js_i18n_are_working_no_user_lang(self):
# i18n lang is chosen by the browser accept-language header
# first org, admin, user are already created, user is already logged on home page
self.org = setup_org()
setup_admin(self.org, lang="")
self.user = setup_user(self.org, lang="")
self.visit(LoginPage.url)
self.log_user()
self.visit(self.root_url)
self.assertIn(
"Ajouter des documents",
self.get_elem_text(self.add_documents_button),
'"Add documents" should be translated as "Ajouter des documents"',
)
def setUp(self):
# Setup org, user, a static device and the user is logged
self.org = setup_org()
self.user = setup_user(self.org)
self.static_device = setup_2fa_static_device(
self.user, codes_list=tv.STATIC_DEVICE_CODES_LIST)
setup_authenticated_session(self.client, self.org, self.user)
# mock OTPMiddleware._verify_user() to skip check page
self.middleware_patcher = patch.object(OTPMiddleware, "_verify_user",
mocked_verify_user)
self.middleware_patcher.start()
self.addCleanup(
patch.stopall
) # ensure mock is remove after each test, even if the test crash
self.addCleanup(totp_time_setter.reset_mock, side_effect=True)
