def test_permissions(self, users_with_all_roles, login_role, can_view,
can_edit, selenium): # pylint: disable=too-many-arguments
"""Test that users have permissions to objects created by other users
according to their global role.
"""
objs = []
other_roles = [role for role in self.ALL_ROLES if role != login_role]
for role in other_roles:
users.set_current_user(users_with_all_roles[role])
program = rest_facade.create_program()
control = rest_facade.create_control_mapped_to_program(program)
objs.extend([program, control])
users.set_current_user(users_with_all_roles[login_role])
for obj in objs:
if can_view:
webui_facade.assert_can_view(selenium, obj)
if obj.type == "Control":
webui_facade.assert_can_edit_control(
selenium, obj, can_edit)
webui_facade.assert_cannot_delete_control(selenium, obj)
else:
webui_facade.assert_can_edit(selenium,
obj,
can_edit=can_edit)
webui_facade.assert_can_delete(selenium,
obj,
can_delete=can_edit)
else:
webui_facade.assert_cannot_view(obj)
def test_related_asmts_in_different_audits_mapped_to_mapped_controls(
self, program, selenium):
"""Objects structure:
Program
-> Control-1
-> Control-2
Control-1 and Control-2 are mapped.
-> Audit-1 -> Asmt-1 mapped to Control-1
-> Audit-2 -> Asmt-2 mapped to Control-2
As a result, assessments are related."""
controls = [
rest_facade.create_control_mapped_to_program(program)
for _ in xrange(2)
]
rest_facade.map_objs(controls[0], controls[1])
audits = [rest_facade.create_audit(program) for _ in xrange(2)]
assessments = [
_create_mapped_asmt(audit=audit,
assessment_type="Control",
objs_to_map=[control])
for control, audit in zip(controls, audits)
]
related_asmts_titles = [(assessments[1].title, controls[1].title,
audits[1].title)]
self._assert_asmt_with_related_asmts(
checked_asmt=assessments[0],
related_asmts_titles=related_asmts_titles,
selenium=selenium)
def test_permissions(
self, users_with_all_roles, login_role, can_view, can_edit, selenium
): # pylint: disable=too-many-arguments
"""Test that users have permissions to objects created by other users
according to their global role.
"""
objs = []
other_roles = [role for role in self.ALL_ROLES if role != login_role]
for role in other_roles:
users.set_current_user(users_with_all_roles[role])
program = rest_facade.create_program()
control = rest_facade.create_control_mapped_to_program(program)
objs.extend([program, control])
users.set_current_user(users_with_all_roles[login_role])
for obj in objs:
if can_view:
webui_facade.assert_can_view(selenium, obj)
if obj.type == "Control":
webui_facade.assert_can_edit_control(selenium, obj, can_edit)
webui_facade.assert_cannot_delete_control(selenium, obj)
else:
webui_facade.assert_can_edit(selenium, obj, can_edit=can_edit)
webui_facade.assert_can_delete(selenium, obj, can_delete=can_edit)
else:
webui_facade.assert_cannot_view(obj)
def create_audit_and_update_first_of_two_original_controls(
self, program, control_mapped_to_program, audit):
"""Create Audit with snapshotable Control and update original Control under
Program via REST API. After that create second Control and map it to
Program via REST API.
Preconditions:
- Execution and return of fixture
'create_audit_with_control_and_update_control'.
- Second Control created via REST API.
- Second Control mapped to Program via REST API.
"""
return {
"audit": audit,
"program": program,
"control": copy.deepcopy(control_mapped_to_program),
"updated_control":
rest_facade.update_object(control_mapped_to_program),
"second_control":
rest_facade.create_control_mapped_to_program(program)
}
def test_data(self):
"""Objects structure:
Program
-> Control
-> Audit (Auditor is a user with global creator role)
"""
if not TestAuditorRole._data:
editor = rest_facade.create_user_with_role(roles.EDITOR)
creator = rest_facade.create_user_with_role(roles.CREATOR)
users.set_current_user(editor)
program = rest_facade.create_program()
control = rest_facade.create_control_mapped_to_program(program=program)
audit = rest_facade.create_audit(program, auditors=[creator])
TestAuditorRole._data = {
"editor": editor,
"creator": creator,
"program": program,
"audit": audit,
"control": control
}
return TestAuditorRole._data
def test_data(self):
"""Objects structure:
Program
-> Control
-> Audit (Auditor is a user with global creator role)
"""
if not TestAuditorRole._data:
editor = rest_facade.create_user_with_role(roles.EDITOR)
creator = rest_facade.create_user_with_role(roles.CREATOR)
users.set_current_user(editor)
program = rest_facade.create_program()
control = rest_facade.create_control_mapped_to_program(
program=program)
audit = rest_facade.create_audit(program, auditors=[creator])
TestAuditorRole._data = {
"editor": editor,
"creator": creator,
"program": program,
"audit": audit,
"control": control
}
return TestAuditorRole._data