def clean(self):
"""Deserialize JSON object to internal representation."""
if not self.raw_data:
raise ValueError("No input data was provided.")
try:
first_object_id = self.raw_data["first_object_id"]
first_object_type = self.raw_data["first_object_type"]
second_object_id = self.raw_data["second_object_id"]
second_object_type = self.raw_data["second_object_type"]
except KeyError as exc:
raise ValueError("Missing mandatory attribute: %s." % exc.message)
if not isinstance(first_object_id, int):
raise ValueError("Invalid object id for first object.")
if not isinstance(second_object_id, int):
raise ValueError("Invalid object id for second object.")
if not isinstance(first_object_type, basestring) or \
not models.get_model(first_object_type):
raise ValueError("Invalid object type for first object.")
if not isinstance(first_object_type, basestring) or \
not models.get_model(second_object_type):
raise ValueError("Invalid object type for second object.")
self.cleaned_data = {
"first_type": first_object_type,
"first_id": first_object_id,
"second_type": second_object_type,
"second_id": second_object_id,
}
def test_system_unmap_on_update(self, readonly, rel_obj_type):
"""Test unmapping on update System with readonly={0}"""
rel_factory = factories.get_model_factory(rel_obj_type)
with factories.single_commit():
obj = factories.SystemFactory(title='a', readonly=readonly)
obj_id = obj.id
rel_obj = rel_factory()
rel_obj_id = rel_obj.id
factories.RelationshipFactory(source=obj, destination=rel_obj)
data = OrderedDict([
("object_type", "System"),
("Code*", obj.slug),
("unmap:{}".format(rel_obj_type), rel_obj.slug),
])
response = self.import_data(data)
self._check_csv_response(response, {})
obj = get_model("System").query.get(obj_id)
rel_obj = get_model(rel_obj_type).query.get(rel_obj_id)
rel = all_models.Relationship.find_related(obj, rel_obj)
self.assertIsNone(rel)
def test_403_if_delete_readonly_without_perms(self, obj_type):
"""Test {0} with readonly=True DELETE returns 401
This test ensures that user without permission for the object
cannot obtain value for flag readonly
"""
role_obj = all_models.Role.query.filter(
all_models.Role.name == "Creator").one()
factory = factories.get_model_factory(obj_type)
with factories.single_commit():
# create Global Creator
person = factories.PersonFactory()
person_id = person.id
rbac_factories.UserRoleFactory(role=role_obj, person=person)
# Create object
obj = factory(title='a', readonly=True)
obj_id = obj.id
self.object_generator.api.set_user(all_models.Person.query.get(person_id))
obj = get_model(obj_type).query.get(obj_id)
resp = self.object_generator.api.delete(obj)
self.assert403(resp)
obj = get_model(obj_type).query.get(obj_id)
self.assertIsNotNone(obj)
def test_system_unmap_on_update(self, readonly, rel_obj_type):
"""Test unmapping on update System with readonly={0}"""
rel_factory = factories.get_model_factory(rel_obj_type)
with factories.single_commit():
obj = factories.SystemFactory(title='a', readonly=readonly)
obj_id = obj.id
rel_obj = rel_factory()
rel_obj_id = rel_obj.id
factories.RelationshipFactory(source=obj, destination=rel_obj)
data = OrderedDict([
("object_type", "System"),
("Code*", obj.slug),
("unmap:{}".format(rel_obj_type), rel_obj.slug),
])
response = self.import_data(data)
self._check_csv_response(response, {})
obj = get_model("System").query.get(obj_id)
rel_obj = get_model(rel_obj_type).query.get(rel_obj_id)
rel = all_models.Relationship.find_related(obj, rel_obj)
self.assertIsNone(rel)
def test_403_if_delete_readonly_without_perms(self, obj_type):
"""Test {0} with readonly=True DELETE returns 401
This test ensures that user without permission for the object
cannot obtain value for flag readonly
"""
role_obj = all_models.Role.query.filter(
all_models.Role.name == "Creator").one()
factory = factories.get_model_factory(obj_type)
with factories.single_commit():
# create Global Creator
person = factories.PersonFactory()
person_id = person.id
rbac_factories.UserRoleFactory(role=role_obj, person=person)
# Create object
obj = factory(title='a', readonly=True)
obj_id = obj.id
self.object_generator.api.set_user(
all_models.Person.query.get(person_id))
obj = get_model(obj_type).query.get(obj_id)
resp = self.object_generator.api.delete(obj)
self.assert403(resp)
obj = get_model(obj_type).query.get(obj_id)
self.assertIsNotNone(obj)
def clean(self):
"""Deserialize JSON object to internal representation."""
if not self.raw_data:
raise ValueError("No input data was provided.")
try:
first_object_id = self.raw_data["first_object_id"]
first_object_type = self.raw_data["first_object_type"]
second_object_id = self.raw_data["second_object_id"]
second_object_type = self.raw_data["second_object_type"]
except KeyError as exc:
raise ValueError("Missing mandatory attribute: %s." % exc.message)
if not isinstance(first_object_id, int):
raise ValueError("Invalid object id for first object.")
if not isinstance(second_object_id, int):
raise ValueError("Invalid object id for second object.")
if not isinstance(first_object_type, basestring) or \
not models.get_model(first_object_type):
raise ValueError("Invalid object type for first object.")
if not isinstance(first_object_type, basestring) or \
not models.get_model(second_object_type):
raise ValueError("Invalid object type for second object.")
self.cleaned_data = {
"first_type": first_object_type,
"first_id": first_object_id,
"second_type": second_object_type,
"second_id": second_object_id,
}
def push_ft_records(self):
"""Function that clear and push new full text records in DB."""
with benchmark("push ft records into DB"):
self.warmup()
for obj in db.session:
if not isinstance(obj, mixin.Indexed):
continue
if obj.id in self.model_ids_to_reindex.get(obj.type, set()):
db.session.expire(obj)
for model_name in self.model_ids_to_reindex.keys():
ids = self.model_ids_to_reindex.pop(model_name)
get_model(model_name).bulk_record_update_for(ids)
def update_ft_records(model_ids_to_reindex, chunk_size):
"""Update fulltext records in DB"""
with benchmark("indexing. expire objects in session"):
for obj in db.session:
if (isinstance(obj, mixin.Indexed)
and obj.id in model_ids_to_reindex.get(obj.type, set())):
db.session.expire(obj)
with benchmark("indexing. update ft records in db"):
for model_name in model_ids_to_reindex.keys():
ids = model_ids_to_reindex.pop(model_name)
chunk_list = utils.list_chunks(list(ids), chunk_size=chunk_size)
for ids_chunk in chunk_list:
get_model(model_name).bulk_record_update_for(ids_chunk)
def send_notification(self,
parent_type,
parent_id,
errors=None,
failed=False):
"""Send mail notification with information about errors."""
parent_model = models.get_model(parent_type)
parent = parent_model.query.get(parent_id)
data = {"title": parent.title}
if failed:
body = settings.EMAIL_BULK_CHILD_SYNC_EXCEPTION.render()
elif errors:
data["assessments"] = [
{
"url": get_object_url(obj),
"code": obj.slug,
"title": obj.title,
} for (obj, _) in errors
]
body = settings.EMAIL_BULK_CHILD_SYNC_FAILED.render(sync_data=data)
else:
body = settings.EMAIL_BULK_CHILD_SYNC_SUCCEEDED.render(sync_data=data)
receiver = login.get_current_user()
common.send_email(receiver.email, self.ISSUETRACKER_SYNC_TITLE, body)
def _my_work_count(self, **kwargs): # pylint: disable=unused-argument
"""Get object counts for my work page."""
with benchmark("Make response"):
aliased = my_objects.get_myobjects_query(
types=self.MY_WORK_OBJECTS.keys(),
contact_id=login.get_current_user_id()
)
all_ = db.session.query(
aliased.c.type,
aliased.c.id,
)
all_ids = collections.defaultdict(set)
for type_, id_ in all_:
all_ids[type_].add(id_)
response_object = self.MY_WORK_OBJECTS.copy()
for type_, ids in all_ids.items():
model = models.get_model(type_)
# pylint: disable=protected-access
# We must move the type permissions query to a proper utility function
# but we will not do that for a patch release
permission_filter = builder.QueryHelper._get_type_query(model, "read")
if permission_filter is not None:
count = model.query.filter(
model.id.in_(ids),
permission_filter,
).count()
else:
count = model.query.filter(model.id.in_(ids)).count()
response_object[type_] = count
return self.json_success_response(response_object, )
def update_cad_related_objects(task):
"""Update CAD related objects"""
event_id = task.parameters.get("event_id")
model_name = task.parameters.get("model_name")
need_revisions = task.parameters.get("need_revisions")
modified_by_id = task.parameters.get("modified_by_id")
event = models.all_models.Event.query.filter_by(id=event_id).first()
cad = models.all_models.CustomAttributeDefinition.query.filter_by(
id=event.resource_id
).first()
model = models.get_model(model_name)
query = db.session.query(model if need_revisions else model.id)
objects_count = query.count()
handled_objects = 0
for chunk in ggrc_utils.generate_query_chunks(query):
handled_objects += chunk.count()
logger.info(
"Updating CAD related objects: %s/%s", handled_objects, objects_count
)
if need_revisions:
for obj in chunk:
obj.updated_at = datetime.datetime.utcnow()
obj.modified_by_id = modified_by_id
else:
model.bulk_record_update_for([obj_id for obj_id, in chunk])
log_event.log_event(db.session, cad, event=event)
db.session.commit()
return app.make_response(("success", 200, [("Content-Type", "text/html")]))
def get_display_class_filter(obj):
"""Return the display class for an instance, model, or name.
Returns one of 'business', 'governance', 'risk', 'programs'.
"""
from ggrc.models.mixins import Base
from ggrc.models import get_model
if isinstance(obj, type):
obj = obj.__name__
elif isinstance(obj, Base):
obj = obj.__class__.__name__
if isinstance(obj, (str, unicode)):
model = get_model(obj)
obj = model._inflector.model_singular
if obj in ('Program'):
return 'program'
elif obj in ('Control', 'Directive', 'Contract', 'Policy', 'Regulation', 'Objective'):
return 'governance'
elif obj in (
'OrgGroup', 'Project', 'Facility', 'Product', 'DataAsset', 'Market',
'System', 'Process'):
return 'business'
elif obj in ('Risk', 'RiskyAttribute'):
return 'risk'
else:
return ''
def test_system_not_updated(self, new, exp_ignored_columns):
"""Test readonly System not updated if new={0}"""
with factories.single_commit():
obj = factories.SystemFactory(title='a', readonly=True)
data = OrderedDict([
("object_type", "System"),
("Code*", obj.slug),
("Title", "b"),
])
if new is not None:
data["Read-only"] = new
response = self.import_data(data)
self._check_csv_response(response, {
"System": {
"row_warnings": {
errors.READONLY_ACCESS_WARNING.format(
line=3, columns=exp_ignored_columns),
},
}
})
obj = get_model("System").query.one()
self.assertEqual(obj.readonly, True)
self.assertEqual(obj.title, 'a')
def test_query_total(self, model_name):
"""Test corresponding value of 'total' field."""
number_of_objects = 2
object_factory = factories.get_model_factory(model_name)
object_class = models.get_model(model_name)
total_before_creation = object_class.query.count()
with factories.single_commit():
object_ids = [object_factory().id for _ in range(number_of_objects)]
# Check that objects has been created correctly.
created_objects_count = object_class.query.filter(
object_class.id.in_(object_ids)
).count()
self.assertEqual(created_objects_count, number_of_objects)
data = [{
"object_name": model_name,
"filters": {"expression": {}},
"limit": [0, 10],
"order_by": [{"name": "updated_at", "desc": True}]
}]
# Check corresponding value of 'total' field.
result = self._get_first_result_set(data, model_name, "total")
self.assertEqual(number_of_objects, result - total_before_creation)
def update_cad_related_objects(task):
"""Update CAD related objects"""
event = models.all_models.Event.query.filter_by(
id=task.parameters.get("event_id")
).first()
model = models.get_model(task.parameters.get("model_name"))
if issubclass(model, models.mixins.ExternalCustomAttributable):
cad_model = models.all_models.ExternalCustomAttributeDefinition
else:
cad_model = models.all_models.CustomAttributeDefinition
cad = cad_model.query.filter_by(id=event.resource_id).first()
query = db.session.query(model
if task.parameters.get("need_revisions")
else model.id)
if event.action == "PUT":
refresh_program_cads_title(cad)
objects_count = len(query.all())
handled_objects = 0
for chunk in ggrc_utils.generate_query_chunks(query):
chunk_objects = chunk.all()
handled_objects += len(chunk_objects)
logger.info(
"Updating CAD related objects: %s/%s", handled_objects, objects_count
)
if task.parameters.get("need_revisions"):
for obj in chunk_objects:
obj.updated_at = datetime.datetime.utcnow()
obj.modified_by_id = task.parameters.get("modified_by_id")
else:
model.bulk_record_update_for([obj_id for obj_id, in chunk_objects])
log_event.log_event(db.session, cad, event=event)
db.session.commit()
return app.make_response(("success", 200, [("Content-Type", "text/html")]))
def test_post_ext_and_orig_cavs_external(self, obj_type):
"""Test POST external and orig cav for {0!r} are specified for ext user"""
cad_map = self._create_cads(obj_type)
self.object_generator.api.login_as_external()
orig_vals = dict((name, '{}-1'.format(name)) for name in cad_map)
ext_vals = dict((name, name) for name in cad_map)
resp, obj = self.object_generator.generate_object(
get_model(obj_type),
data={
'custom_attribute_values': self._get_orig_cav_list(
cad_map, orig_vals),
'external_custom_attributes': self._get_external_cav_list(
ext_vals),
}
)
self.assertStatus(resp, 201)
exp = dict((cad_map[name], name) for name in cad_map)
cav = dict((i.custom_attribute_id, i.attribute_value)
for i in obj.custom_attribute_values)
self.assertDictEqual(cav, exp)
def test_system_map_on_post(self, readonly, rel_obj_type):
"""Test mapping on post System with readonly={0}"""
rel_factory = factories.get_model_factory(rel_obj_type)
with factories.single_commit():
rel_obj = rel_factory()
rel_obj_id = rel_obj.id
data = OrderedDict([
("object_type", "System"),
("Code*", ""),
("Admin", "*****@*****.**"),
("Assignee", "*****@*****.**"),
("Verifier", "*****@*****.**"),
("Title", "b"),
("Read-only", readonly),
("map:{}".format(rel_obj_type), rel_obj.slug),
])
response = self.import_data(data)
self._check_csv_response(response, {})
obj = get_model("System").query.filter_by(title="b").one()
rel_ids = list(o.id for o in obj.related_objects([rel_obj_type]))
self.assertIn(rel_obj_id, rel_ids)
def test_system_add_document_on_post(self, readonly, exp_set):
"""Test Reference URL set on post System with readonly={0}"""
data = OrderedDict([
("object_type", "System"),
("Code*", ""),
("Admin", "*****@*****.**"),
("Assignee", "*****@*****.**"),
("Verifier", "*****@*****.**"),
("Title", "b"),
("Read-only", readonly),
("Reference URL", "aa"),
])
response = self.import_data(data)
self._check_csv_response(response, {})
obj = get_model("System").query.one()
docs = obj.documents_reference_url
if exp_set:
self.assertEqual(len(docs), 1)
doc = docs[0]
self.assertEqual(doc.link, "aa")
else:
self.assertEqual(len(docs), 0)
def test_query_total(self, model_name):
"""Test corresponding value of 'total' field."""
number_of_objects = 2
object_factory = factories.get_model_factory(model_name)
object_class = models.get_model(model_name)
total_before_creation = object_class.query.count()
with factories.single_commit():
object_ids = [object_factory().id for _ in range(number_of_objects)]
# Check that objects has been created correctly.
created_objects_count = object_class.query.filter(
object_class.id.in_(object_ids)
).count()
self.assertEqual(created_objects_count, number_of_objects)
data = [{
"object_name": model_name,
"filters": {"expression": {}},
"limit": [0, 10],
"order_by": [{"name": "updated_at", "desc": True}]
}]
# Check corresponding value of 'total' field.
result = self._get_first_result_set(data, model_name, "total")
self.assertEqual(number_of_objects, result - total_before_creation)
def test_readonly_system_not_deleted(self):
"""Test System with readonly=True can be deleted"""
with factories.single_commit():
obj = factories.SystemFactory(title='a', readonly=True)
obj_id = obj.id
data = OrderedDict([
("object_type", "System"),
("Code*", obj.slug),
("Delete", "yes"),
])
response = self.import_data(data)
self._check_csv_response(
response, {
"System": {
"row_warnings": {
errors.READONLY_ACCESS_WARNING.format(
line=3, columns="'Delete'"),
},
}
})
obj = get_model("System").query.get(obj_id)
self.assertIsNotNone(obj)
def test_post_not_all_mandatory_cavs_external(self, obj_type):
"""Test POST not all cavs for {0!r} are specified for external user"""
cad_map = self._create_cads(obj_type)
factories.CustomAttributeDefinitionFactory(
title="M-ATTR1",
definition_type=obj_type.lower(),
attribute_type="Text",
mandatory=True
)
self.object_generator.api.login_as_external()
vals = dict((name, name) for name in cad_map)
resp, obj = self.object_generator.generate_object(
get_model(obj_type),
data={
'external_custom_attributes': self._get_external_cav_list(vals),
}
)
self.assertStatus(resp, 201)
exp = dict((cad_map[name], name) for name in cad_map)
cav = dict((i.custom_attribute_id, i.attribute_value)
for i in obj.custom_attribute_values)
self.assertDictEqual(cav, exp)
def test_system_map_on_post(self, readonly, rel_obj_type):
"""Test mapping on post System with readonly={0}"""
rel_factory = factories.get_model_factory(rel_obj_type)
with factories.single_commit():
rel_obj = rel_factory()
rel_obj_id = rel_obj.id
data = OrderedDict([
("object_type", "System"),
("Code*", "CODE"),
("Admin", "*****@*****.**"),
("Assignee", "*****@*****.**"),
("Verifier", "*****@*****.**"),
("Title", "b"),
("Read-only", readonly),
("map:{}".format(rel_obj_type), rel_obj.slug),
])
response = self.import_data(data)
self._check_csv_response(response, {})
obj = get_model("System").query.filter_by(slug="CODE").one()
rel_ids = list(o.id for o in obj.related_objects([rel_obj_type]))
self.assertIn(rel_obj_id, rel_ids)
def test_system_not_updated_as_admin(self):
"""Test readonly System not updated by admin"""
with factories.single_commit():
obj = factories.SystemFactory(title='a', readonly=True)
data = OrderedDict([
("object_type", "System"),
("Code*", obj.slug),
("Title", "b"),
])
response = self.import_data(data)
self._check_csv_response(
response, {
"System": {
"row_warnings": {
errors.READONLY_ACCESS_WARNING.format(
line=3, columns="'Title'"),
},
}
})
obj = get_model("System").query.one()
self.assertEqual(obj.readonly, True)
self.assertEqual(obj.title, 'a')
def update_cad_related_objects(task):
"""Update CAD related objects"""
event_id = task.parameters.get("event_id")
model_name = task.parameters.get("model_name")
need_revisions = task.parameters.get("need_revisions")
modified_by_id = task.parameters.get("modified_by_id")
event = models.all_models.Event.query.filter_by(id=event_id).first()
cad = models.all_models.CustomAttributeDefinition.query.filter_by(
id=event.resource_id).first()
model = models.get_model(model_name)
query = db.session.query(model if need_revisions else model.id)
objects_count = query.count()
handled_objects = 0
for chunk in ggrc_utils.generate_query_chunks(query):
handled_objects += chunk.count()
logger.info("Updating CAD related objects: %s/%s", handled_objects,
objects_count)
if need_revisions:
for obj in chunk:
obj.updated_at = datetime.datetime.utcnow()
obj.modified_by_id = modified_by_id
else:
model.bulk_record_update_for([obj_id for obj_id, in chunk])
log_event.log_event(db.session, cad, event=event)
db.session.commit()
return app.make_response(("success", 200, [("Content-Type", "text/html")]))
def create_program(self, program_role, userid):
"""Create default program for audit snapshot RBAC tests"""
if program_role and program_role != "Auditors":
program_role = all_models.AccessControlRole.query.filter(
all_models.AccessControlRole.name == program_role).one()
else:
program_role = None
_, program = self.objgen.generate_object(
all_models.Program, {
"title":
"test program",
"access_control_list":
[acl_helper.get_acl_json(program_role.id, userid)]
if program_role else None
})
for model_type in Types.all - Types.external:
model = get_model(model_type)
_, model_object = self.objgen.generate_object(
model, {
"title": "Test Snapshot - {}".format(model_type),
})
self.objgen.generate_relationship(program, model_object)
return program
def _my_work_count(self, **kwargs): # pylint: disable=unused-argument
"""Get object counts for my work page."""
with benchmark("Make response"):
aliased = my_objects.get_myobjects_query(
types=self.MY_WORK_OBJECTS.keys(),
contact_id=login.get_current_user_id()
)
all_ = db.session.query(
aliased.c.type,
aliased.c.id,
)
all_ids = collections.defaultdict(set)
for type_, id_ in all_:
all_ids[type_].add(id_)
response_object = self.MY_WORK_OBJECTS.copy()
for type_, ids in all_ids.items():
model = models.get_model(type_)
# pylint: disable=protected-access
# We must move the type permissions query to a proper utility function
# but we will not do that for a patch release
permission_filter = builder.QueryHelper._get_type_query(model, "read")
if permission_filter is not None:
count = model.query.filter(
model.id.in_(ids),
permission_filter,
).count()
else:
count = model.query.filter(model.id.in_(ids)).count()
response_object[type_] = count
return self.json_success_response(response_object, )
def send_notification(self,
parent_type,
parent_id,
errors=None,
failed=False):
"""Send mail notification with information about errors."""
parent_model = models.get_model(parent_type)
parent = parent_model.query.get(parent_id)
data = {"title": parent.title}
if failed:
body = settings.EMAIL_BULK_CHILD_SYNC_EXCEPTION.render()
elif errors:
data["assessments"] = [
{
"url": get_object_url(obj),
"code": obj.slug,
"title": obj.title,
} for (obj, _) in errors
]
body = settings.EMAIL_BULK_CHILD_SYNC_FAILED.render(sync_data=data)
else:
body = settings.EMAIL_BULK_CHILD_SYNC_SUCCEEDED.render(sync_data=data)
receiver = login.get_current_user()
common.send_email(receiver.email, self.ISSUETRACKER_SYNC_TITLE, body)
def test_put_ext_cavs(self, obj_type):
"""Test PUT external cav for {0!r} for normal user"""
cad_map = self._create_cads(obj_type)
orig_cavs = dict(
(name, '{}-orig'.format(name)) for name in cad_map
)
obj_id = self._create_model(obj_type, cad_map, orig_cavs)
vals = dict((name, name) for name in cad_map)
obj = get_model(obj_type).query.get(obj_id)
resp, obj = self.object_generator.modify(
obj,
obj_type.lower(),
data={
'external_custom_attributes': self._get_external_cav_list(vals),
}
)
self.assert200(resp)
exp = dict((cad_map[name], orig_cavs[name]) for name in cad_map)
cav = dict((i.custom_attribute_id, i.attribute_value)
for i in obj.custom_attribute_values)
self.assertDictEqual(cav, exp)
def test_put_not_all_cavs_external(self, obj_type):
"""Test PUT not all cavs for {0!r} are specified for external user"""
cad_map = self._create_cads(obj_type)
orig_cavs = dict(
(name, '{}-orig'.format(name)) for name in cad_map
)
obj_id = self._create_model(obj_type, cad_map, orig_cavs)
self.object_generator.api.login_as_external()
vals = dict((name, name) for name in cad_map if name != 'ATTR1')
obj = get_model(obj_type).query.get(obj_id)
resp, obj = self.object_generator.modify(
obj,
obj_type.lower(),
data={
'external_custom_attributes': self._get_external_cav_list(vals),
}
)
self.assert200(resp)
exp = dict((cad_map[name], name if name != 'ATTR1' else orig_cavs['ATTR1'])
for name in cad_map)
cav = dict((i.custom_attribute_id, i.attribute_value)
for i in obj.custom_attribute_values)
self.assertDictEqual(cav, exp)
def assert_read_collection(self, response, expected_res, model):
"""Check collection read operation.
Args:
response(TestResponse): Received operation response.
expected_res: Boolean flag showing if objects should be read or not.
model: Model name.
"""
self.assertStatus(response, self.SUCCESS)
table_plural = get_model(model)._inflector.table_plural
response_data = response.json.get("{}_collection".format(table_plural), {})
assert_raises = False
if isinstance(expected_res, tuple):
expected_res, assert_raises = expected_res
if expected_res:
err = self.CAN_NOT_READ_ERROR.format(model)
else:
err = self.CAN_READ_ERROR.format(model)
if assert_raises == "unimplemented":
with self.assertRaises(AssertionError):
self.assertEqual(
bool(response_data.get(table_plural)),
expected_res,
err,
)
else:
self.assertEqual(
bool(response_data.get(table_plural)),
expected_res,
err,
)
def get_display_class_filter(obj):
"""Return the display class for an instance, model, or name.
Returns one of 'business', 'governance', 'risk', 'programs',
'objective', 'control', 'people'
"""
from ggrc.models.mixins import Base
from ggrc.models import get_model
if isinstance(obj, type):
obj = obj.__name__
elif isinstance(obj, Base):
obj = obj.__class__.__name__
if isinstance(obj, (str, unicode)):
model = get_model(obj)
obj = model._inflector.model_singular
if obj in ('Program', ):
return 'program'
elif obj in ('Control', ):
return 'controls'
elif obj in ('Objective', ):
return 'objectives'
elif obj in ('Directive', 'Contract', 'Policy', 'Regulation',
'Standard'):
return 'governance'
elif obj in ('Project', 'Facility', 'Product', 'DataAsset', 'Market',
'System', 'Process'):
return 'business'
elif obj in ('OrgGroup', 'Person', 'AccessGroup'):
return 'entities'
elif obj in ('Risk', 'RiskyAttribute'):
return 'risk'
else:
return ''
def test_system_add_document_on_post(self, readonly, exp_set):
"""Test Reference URL set on post System with readonly={0}"""
data = OrderedDict([
("object_type", "System"),
("Code*", "CODE"),
("Admin", "*****@*****.**"),
("Assignee", "*****@*****.**"),
("Verifier", "*****@*****.**"),
("Title", "b"),
("Read-only", readonly),
("Reference URL", "aa"),
])
response = self.import_data(data)
self._check_csv_response(response, {})
obj = get_model("System").query.one()
docs = obj.documents_reference_url
if exp_set:
self.assertEqual(len(docs), 1)
doc = docs[0]
self.assertEqual(doc.link, "aa")
else:
self.assertEqual(len(docs), 0)
def assert_read_collection(self, response, expected_res, model):
"""Check collection read operation.
Args:
response(TestResponse): Received operation response.
expected_res: Boolean flag showing if objects should be read or not.
model: Model name.
"""
self.assertStatus(response, self.SUCCESS)
table_plural = get_model(model)._inflector.table_plural
response_data = response.json.get("{}_collection".format(table_plural), {})
assert_raises = False
if isinstance(expected_res, tuple):
expected_res, assert_raises = expected_res
if expected_res:
err = self.CAN_NOT_READ_ERROR.format(model)
else:
err = self.CAN_READ_ERROR.format(model)
if assert_raises == "unimplemented":
with self.assertRaises(AssertionError):
self.assertEqual(
bool(response_data.get(table_plural)),
expected_res,
err,
)
else:
self.assertEqual(
bool(response_data.get(table_plural)),
expected_res,
err,
)
def test_reader_can_crud(self):
""" Test Basic create/read,update/delete operations """
self.api.set_user(self.users["reader"])
all_errors = []
base_models = set([
"Control", "DataAsset", "Contract", "Policy", "Regulation",
"Standard", "Document", "Facility", "Market", "Objective",
"OrgGroup", "Vendor", "Product", "System", "Process", "Project",
"AccessGroup", "Metric", "TechnologyEnvironment", "ProductGroup",
"KeyReport"
])
for model_singular in base_models:
try:
model = get_model(model_singular)
table_singular = model._inflector.table_singular
table_plural = model._inflector.table_plural
# Test POST creation
response, _ = self.object_generator.generate_object(
model,
data={
table_singular: {
"title": model_singular,
"context": None,
"documents_reference_url": "ref",
"link": "https://example.com", # only for Document
"contact": {
"type": "Person",
"id": self.users["reader"].id,
}
},
})
if response.status_code != 201:
all_errors.append("{} post creation failed {} {}".format(
model_singular, response.status, response.data))
continue
obj_id = response.json.get(table_singular).get("id")
# Test GET when owner
response = self.api.get(model, obj_id)
if response.status_code != 200:
all_errors.append("{} can't GET object {}".format(
model_singular, response.status))
continue
# Test GET collection when owner
response = self.api.get_collection(model, obj_id)
collection = response.json.get(
"{}_collection".format(table_plural)).get(table_plural)
if not collection:
all_errors.append(
"{} cannot retrieve object even if owner (collection)".
format(model_singular))
continue
except:
all_errors.append("{} exception thrown".format(model_singular))
raise
self.assertEqual(all_errors, [])
def test_readonly_set_on_post_as_external(self, obj_type, readonly, result):
"""Test flag readonly on {0} POST for body readonly={1} as external user"""
dct = dict()
if readonly is not _NOT_SPECIFIED:
dct['readonly'] = readonly
with self.object_generator.api.as_external():
resp, obj = self.object_generator.generate_object(
get_model(obj_type),
dct,
)
obj_id = obj.id
self.assertStatus(resp, 201)
obj = get_model(obj_type).query.get(obj_id)
self.assertEqual(obj.readonly, result)
def test_readonly_set_on_post_as_external(self, obj_type, readonly, result):
"""Test flag readonly on {0} POST for body readonly={1} as external user"""
dct = dict()
if readonly is not _NOT_SPECIFIED:
dct['readonly'] = readonly
with self.object_generator.api.as_external():
resp, obj = self.object_generator.generate_object(
get_model(obj_type),
dct,
)
obj_id = obj.id
self.assertStatus(resp, 201)
obj = get_model(obj_type).query.get(obj_id)
self.assertEqual(obj.readonly, result)
def validate_child_bulk_gen_data(json_data):
"""Check correctness of input data for bulk child sync."""
if not json_data or not isinstance(json_data, dict):
raise exceptions.BadRequest("No data provided.")
parent_type = json_data.get("parent", {}).get("type")
parent_id = json_data.get("parent", {}).get("id")
child_type = json_data.get("child_type")
if not all((parent_id, parent_type, child_type)):
raise exceptions.BadRequest("Required parameters is not provided.")
parent = models.get_model(parent_type)
child = models.get_model(child_type)
from ggrc.models.mixins import issue_tracker
if not issubclass(parent, issue_tracker.IssueTracked) or \
not issubclass(child, issue_tracker.IssueTracked):
raise exceptions.BadRequest("Provided model is not IssueTracked.")
def validate_child_bulk_gen_data(json_data):
"""Check correctness of input data for bulk child sync."""
if not json_data or not isinstance(json_data, dict):
raise exceptions.BadRequest("No data provided.")
parent_type = json_data.get("parent", {}).get("type")
parent_id = json_data.get("parent", {}).get("id")
child_type = json_data.get("child_type")
if not all((parent_id, parent_type, child_type)):
raise exceptions.BadRequest("Required parameters is not provided.")
parent = models.get_model(parent_type)
child = models.get_model(child_type)
from ggrc.models.mixins import issue_tracker
if not issubclass(parent, issue_tracker.IssueTracked) or \
not issubclass(child, issue_tracker.IssueTracked):
raise exceptions.BadRequest("Provided model is not IssueTracked.")
def test_reader_can_crud(self):
""" Test Basic create/read,update/delete operations """
self.api.set_user(self.users["reader"])
all_errors = []
base_models = set([
"Control", "DataAsset", "Contract",
"Policy", "Regulation", "Standard", "Document", "Facility",
"Market", "Objective", "OrgGroup", "Vendor", "Product",
"Clause", "System", "Process", "Project", "AccessGroup",
"Metric"
])
for model_singular in base_models:
try:
model = get_model(model_singular)
table_singular = model._inflector.table_singular
table_plural = model._inflector.table_plural
# Test POST creation
response = self.api.post(model, {
table_singular: {
"title": model_singular,
"context": None,
"documents_reference_url": "ref",
"link": "https://example.com", # ignored except for Document
"contact": {
"type": "Person",
"id": self.users["reader"].id,
},
},
})
if response.status_code != 201:
all_errors.append("{} post creation failed {} {}".format(
model_singular, response.status, response.data))
continue
obj_id = response.json.get(table_singular).get("id")
# Test GET when owner
response = self.api.get(model, obj_id)
if response.status_code != 200:
all_errors.append("{} can't GET object {}".format(
model_singular, response.status))
continue
# Test GET collection when owner
response = self.api.get_collection(model, obj_id)
collection = response.json.get(
"{}_collection".format(table_plural)).get(table_plural)
if not collection:
all_errors.append(
"{} cannot retrieve object even if owner (collection)".format(
model_singular))
continue
except:
all_errors.append("{} exception thrown".format(model_singular))
raise
self.assertEqual(all_errors, [])
def _update_orig_obj(self):
"""Update title of original object of Snapshot."""
snapshot = all_models.Snapshot.query.get(self.snapshot_id)
original = get_model(snapshot.child_type).query.get(snapshot.child_id)
# Assume that Admin is first in people table
admin = all_models.Person.query.get(1)
self.api.set_user(admin)
self.api.put(original, {"title": factories.random_str()})
user = all_models.Person.query.get(self.user_id)
self.api.set_user(user)
def _update_orig_obj(self):
"""Update title of original object of Snapshot."""
snapshot = all_models.Snapshot.query.get(self.snapshot_id)
original = get_model(snapshot.child_type).query.get(snapshot.child_id)
# Assume that Admin is first in people table
admin = all_models.Person.query.get(1)
self.api.set_user(admin)
self.api.put(original, {"title": factories.random_str()})
user = all_models.Person.query.get(self.user_id)
self.api.set_user(user)
def test_put_as_external(self, obj_type, current, new, exp_code,
exp_readonly):
"""Test {0} PUT readonly={2} for current readonly={1} for external user"""
factory = factories.get_model_factory(obj_type)
with factories.single_commit():
obj = factory(title='a', readonly=current)
obj_id = obj.id
data = {'title': 'b'}
if new is not _NOT_SPECIFIED:
data['readonly'] = new
with self.object_generator.api.as_external():
obj = get_model(obj_type).query.get(obj_id)
resp = self.object_generator.api.put(obj, data)
self.assertStatus(resp, exp_code)
obj = get_model(obj_type).query.get(obj_id)
self.assertEqual(obj.readonly, exp_readonly)
def read_revisions(self):
"""Read revisions for Audit object."""
model_class = get_model("Audit")
responses = []
for query in ["source_type={}&source_id={}",
"destination_type={}&destination_id={}",
"resource_type={}&resource_id={}"]:
responses.append(
self.api.get_query(model_class, query.format("audit", self.audit_id))
)
return responses
def test_put_as_external(self, obj_type, current, new, exp_code,
exp_readonly):
"""Test {0} PUT readonly={2} for current readonly={1} for external user"""
factory = factories.get_model_factory(obj_type)
with factories.single_commit():
obj = factory(title='a', readonly=current)
obj_id = obj.id
data = {'title': 'b'}
if new is not _NOT_SPECIFIED:
data['readonly'] = new
with self.object_generator.api.as_external():
obj = get_model(obj_type).query.get(obj_id)
resp = self.object_generator.api.put(obj, data)
self.assertStatus(resp, exp_code)
obj = get_model(obj_type).query.get(obj_id)
self.assertEqual(obj.readonly, exp_readonly)
def get_contributing_resource_types(resource_type):
resource_types = _contributing_resource_types.get(resource_type, None)
if resource_types is None:
resource_types = [resource_type]
resource_model = get_model(resource_type)
if resource_model:
resource_manager = resource_model._sa_class_manager
resource_types.extend(
manager.class_.__name__ for manager in
resource_manager.subclass_managers(True))
_contributing_resource_types[resource_type] = resource_types
return resource_types
def __get__(self, obj, cls):
"""Get the value of the backref attr."""
from ggrc.models import get_model
if obj is None:
return self
attr_name = self._make_backref_attr(obj)
if not hasattr(obj, attr_name):
instance_type = getattr(obj, self._type_attr)
instance_id = getattr(obj, self._id_attr)
if instance_type:
instance = get_model(instance_type).query.get(instance_id)
setattr(obj, attr_name, instance)
return getattr(obj, attr_name, None)
def update_audit(self):
"""Update default audit"""
for model_type in Types.all - Types.external:
model = get_model(model_type)
obj = model.query.filter_by(
title="Test Snapshot - {}".format(model_type)).first()
self.api.modify_object(
obj, {"title": "Test Snapshot - {} EDIT".format(model_type)})
audit = all_models.Audit.query.filter(
all_models.Audit.title == "Snapshotable audit").one()
self.api.modify_object(audit, {"snapshots": {"operation": "upsert"}})
def test_readonly_ignored_on_post(self, obj_type, readonly):
"""Test flag readonly ignored on object {0} POST for body readonly={1}"""
dct = dict()
if readonly is not _NOT_SPECIFIED:
dct['readonly'] = readonly
resp, obj = self.object_generator.generate_object(
get_model(obj_type),
dct,
)
self.assertStatus(resp, 201)
self.assertFalse(obj.readonly)
def __get__(self, obj, cls):
"""Get the value of the backref attr."""
from ggrc.models import get_model
if obj is None:
return self
attr_name = self._make_backref_attr(obj)
if not hasattr(obj, attr_name):
instance_type = getattr(obj, self._type_attr)
instance_id = getattr(obj, self._id_attr)
if instance_type:
instance = get_model(instance_type).query.get(instance_id)
setattr(obj, attr_name, instance)
return getattr(obj, attr_name, None)
def test_update_status(self, model_name):
"""Test status updating."""
obj = factories.get_model_factory(model_name)()
object_name = obj._inflector.table_singular
for status in obj.VALID_STATES:
# Try to update status.
response = self.api.put(obj, {u"status": status})
self.assert200(response)
# Check that status has been updated.
response = self.api.get(get_model(model_name), obj.id)
self.assert200(response)
new_status = response.json.get(object_name, {}).get("status")
self.assertEqual(new_status, status)
def get_custom_attributes_for(model_name, instance_id=None):
"""Returns custom attributes jsons for sent model_name and instance_id."""
from ggrc import models
model = models.get_model(model_name)
if not model or not issubclass(model, models.mixins.CustomAttributable):
return []
definition_type = get_model_name_inflector_dict()[model_name]
if not definition_type:
return []
cads = get_global_cads(definition_type)
if instance_id is not None:
cads.extend(get_local_cads(definition_type, instance_id))
return cads
def test_delete(self, obj_type, is_external, readonly, exp_code,
exp_deleted):
"""Test {0} DELETE if readonly={1}"""
factory = factories.get_model_factory(obj_type)
with factories.single_commit():
obj = factory(title='a', readonly=readonly)
obj_id = obj.id
if is_external:
self.object_generator.api.login_as_external()
else:
self.object_generator.api.login_as_normal()
obj = get_model(obj_type).query.get(obj_id)
resp = self.object_generator.api.delete(obj)
self.assertStatus(resp, exp_code)
obj = get_model(obj_type).query.get(obj_id)
if exp_deleted:
self.assertIsNone(obj)
else:
self.assertIsNotNone(obj)
def test_user_cannot_get_readonly_value_without_perms(self, new):
"""Test readonly System not updated if new={0!r} and user has no perms
This test ensures that user without permission for the object
cannot obtain value for flag readonly
"""
role_obj = all_models.Role.query.filter(
all_models.Role.name == "Creator").one()
with factories.single_commit():
person = factories.PersonFactory()
person_id = person.id
rbac_factories.UserRoleFactory(role=role_obj, person=person)
obj = factories.SystemFactory(title='a', readonly=True)
data = OrderedDict([
("object_type", "System"),
("Code*", obj.slug),
("Title", "b"),
])
if new is not _NOT_SPECIFIED:
data["Read-only"] = new
response = self.import_data(
data,
person=all_models.Person.query.get(person_id)
)
exp_csv_responsse = {
"System": {
"row_errors": {
errors.PERMISSION_ERROR.format(line=3),
},
}
}
if new is not _NOT_SPECIFIED:
exp_csv_responsse['System']['row_warnings'] = {
errors.NON_ADMIN_ACCESS_ERROR.format(
line=3,
object_type="System",
column_name="Read-only",
),
}
self._check_csv_response(response, exp_csv_responsse)
obj = get_model("System").query.one()
self.assertEqual(obj.readonly, True)
self.assertEqual(obj.title, 'a')
def get_cycle_task_related_objects(cycle_task):
"""Fetches names and titles of related objects to cycle task."""
object_titles = []
relationships = db.session.query(
Relationship.source_id,
Relationship.source_type,
Relationship.destination_id,
Relationship.destination_type,
).filter(
sa.or_(
sa.and_(
Relationship.source_type == 'CycleTaskGroupObjectTask',
Relationship.source_id == cycle_task.id,
),
sa.and_(
Relationship.destination_id == cycle_task.id,
Relationship.destination_type == 'CycleTaskGroupObjectTask',
)
)
).all()
type_relations = defaultdict(list)
ignored_mappings = frozenset(['CycleTaskGroupObjectTask', 'CycleTaskGroup',
'CalendarEvent'])
for rel in relationships:
src_id, src_type, dst_id, dst_type = rel
if src_type not in ignored_mappings:
type_relations[src_type].append(src_id)
if dst_type not in ignored_mappings:
type_relations[dst_type].append(dst_id)
for rel_type, rel_ids in type_relations.iteritems():
related_model = models.get_model(rel_type)
if issubclass(type(related_model), models.mixins.Titled):
titles = db.session.query(related_model.title).filter(
related_model.id.in_(rel_ids)
).all()
object_titles.extend(titles)
else:
try:
names = db.session.query(related_model.name).filter(
related_model.id.in_(rel_ids)
).all()
object_titles.extend(names)
except AttributeError:
# we don't have name column
object_titles.extend([u"Untitled object"] * len(rel_ids))
return object_titles
def read_revisions(self):
"""Read revisions for Assessment Template object."""
model_class = get_model("AssessmentTemplate")
responses = []
for query in ["source_type={}&source_id={}",
"destination_type={}&destination_id={}",
"resource_type={}&resource_id={}"]:
responses.append(
self.api.get_query(
model_class,
query.format("assessment_template", self.template_id)
)
)
return responses
