def test_post_preview_setting(self): for x in range(1, 4): Team.create( id='00{}'.format(x), captain_id='User_cap', program_id=self.program.uid, ).put() def body(x): return { 'filename': 'file_00{}.html'.format(x), 'team_id': 'Team_00{}'.format(x), 'dataset_id': 'Dataset_00{}'.format(x), 'template': 'template.html', } headers = {'Authorization': 'Bearer ' + self.valid_jwt} preview_rsp = self.testapp.post_json('/api/reports', dict(body(1), preview=True), headers=headers) non_pre_rsp = self.testapp.post_json('/api/reports', dict(body(2), preview=False), headers=headers) default_rsp = self.testapp.post_json('/api/reports', body(3), headers=headers) preview_fetched = Report.get_by_id(json.loads(preview_rsp.body)['uid']) non_pre_fetched = Report.get_by_id(json.loads(non_pre_rsp.body)['uid']) default_fetched = Report.get_by_id(json.loads(default_rsp.body)['uid']) self.assertEqual(preview_fetched.preview, True) self.assertEqual(non_pre_fetched.preview, False) self.assertEqual(default_fetched.preview, True)
def test_disallow_classroom_move(self): """Update the team_id of all class reports when class moves.""" user = User.create(name='foo', email='*****@*****.**') team1 = Team.create(name='Team Foo', captain_id=user.uid, program_id=self.program.uid) team1.put() team2 = Team.create(name='Team Bar', captain_id=user.uid, program_id=self.program.uid) team2.put() user.owned_teams = [team1.uid, team2.uid] user.put() classroom = Classroom.create( name='Classroom Foo', code='trout viper', team_id=team1.uid, contact_id=user.uid, num_students=22, grade_level='9-12', ) classroom.put() # move class to new team self.testapp.put_json( '/api/classrooms/{}'.format(classroom.uid), {'team_id': team2.uid}, headers=self.login_headers(user), status=403, )
def test_delete_disassociates_teams(self): """When you delete an org, associated teams lose their org id.""" user, org_dict = self.test_create() teams = [ Team.create( name="Team Foo", organization_ids=[org_dict['uid']], captain_id='User_captain', program_id=self.program.uid, ), Team.create( name="Team Bar", organization_ids=[org_dict['uid']], captain_id='User_captain', program_id=self.program.uid, ), ] Team.put_multi(teams) response = self.testapp.delete('/api/organizations/{}'.format( org_dict['uid']), headers=self.login_headers(user), status=204) # Make sure the teams have lost their association to the org. for t in teams: fetched = Team.get_by_id(t.uid) self.assertNotIn(org_dict['uid'], fetched.organization_ids)
def test_rserve_skips_existing(self): program = Program.create( name="The Engagement Project", label="ep19", preview_url='foo.com', ) week = util.datelike_to_iso_string(datetime.date.today()) org = Organization.create(name="Organization", captain_id="User_cap", program_id=program.uid) org_to_skip = Organization.create(name="Organization", captain_id="User_cap", program_id=program.uid) Organization.put_multi([org, org_to_skip]) team = Team.create(name="Team", captain_id="User_cap", program_id=program.uid) team_to_skip = Team.create(name="Team", captain_id="User_cap", program_id=program.uid) Team.put_multi([team, team_to_skip]) cl = Classroom.create(name="Classroom", team_id=team.uid, code="foo", contact_id="User_contact") cl_to_skip = Classroom.create(name="Classroom", team_id=team.uid, code="foo", contact_id="User_contact") Classroom.put_multi([cl, cl_to_skip]) Report.put_multi([ Report.create(parent_id=org_to_skip.uid, filename="foo", issue_date=week), Report.create(parent_id=team_to_skip.uid, filename="foo", issue_date=week), Report.create(parent_id=cl_to_skip.uid, filename="foo", issue_date=week), ]) # Skips all the parents who have reports already this week. orgs, teams, classes = cron_rserve.get_report_parents( program, week, False) self.assertEqual(len(orgs), 1) self.assertEqual(len(teams), 1) self.assertEqual(len(classes), 1) # ...unless you force it, then they're all there. orgs, teams, classes = cron_rserve.get_report_parents( program, week, True) self.assertEqual(len(orgs), 2) self.assertEqual(len(teams), 2) self.assertEqual(len(classes), 2)
def create(self): """Team owners can create classrooms with themselves as contact.""" captain = User.create(email='*****@*****.**') contact = User.create(email='*****@*****.**') # other = User.create(email='*****@*****.**') team = Team.create(name='Foo Team', captain_id=captain.uid, program_id=self.program.uid) team.put() classroom = Classroom.create(name='Foo Classroom', team_id=team.uid, code='trout viper', contact_id=contact.uid) classroom.put() captain.owned_teams = [team.uid] captain.put() contact.owned_teams = [team.uid] contact.put() # other.put() # return team, classroom, captain, contact, other return team, classroom, captain, contact
def test_delete_removes_all_ownership(self): captain = User.create(name='cap', email='*****@*****.**') member = User.create(name='member', email='*****@*****.**') team = Team.create(name='Team Foo', captain_id=captain.uid, program_id=self.demo_program.uid) team.put() captain.owned_teams = [team.uid] member.owned_teams = [team.uid] captain.put() member.put() survey = Survey.create(team_id=team.uid) survey.put() url = '/api/teams/{}'.format(team.uid) headers = self.login_headers(captain) # Delete the team. self.testapp.delete(url, headers=headers, status=204) # All users should now not be associated to the deleted team. self.assertNotIn(team.uid, User.get_by_id(captain.uid).owned_teams) self.assertNotIn(team.uid, User.get_by_id(member.uid).owned_teams)
def test_delete_removes_team(self): user = User.create(name='foo', email='*****@*****.**') team = Team.create(name='Team Foo', captain_id=user.uid, program_id=self.demo_program.uid) team.put() user.owned_teams = [team.uid] user.put() survey = Survey.create(team_id=team.uid) survey.put() url = '/api/teams/{}'.format(team.uid) headers = self.login_headers(user) # Delete the team. self.testapp.delete(url, headers=headers, status=204) # Expect the team is gone from the db. self.assertIsNone(Team.get_by_id(team.uid)) # Api should show a 404. self.testapp.get(url, headers=headers, status=404) self.testapp.delete(url, headers=headers, status=404)
def create(self): other = User.create(name='other', email='*****@*****.**') teammate = User.create(name='teammate', email='*****@*****.**') contact = User.create(name='contact', email='*****@*****.**') captain = User.create(name='captain', email='*****@*****.**') super_admin = User.create(name='super', email='*****@*****.**', user_type='super_admin') team = Team.create(name='Team foo', captain_id=captain.uid, program_id=self.program.uid) team.put() classroom = Classroom.create(name='Class foo', team_id=team.uid, code='trout viper', contact_id=contact.uid) classroom.put() teammate.owned_teams.append(team.uid) contact.owned_teams.append(team.uid) captain.owned_teams.append(team.uid) User.put_multi((other, teammate, contact, captain, super_admin)) return (other, teammate, contact, captain, super_admin, team, classroom)
def test_add_org_not_found(self): captain = User.create(name='captain', email='*****@*****.**') team = Team.create(name='Team Foo', captain_id=captain.uid, program_id=self.demo_program.uid) org = Organization.create(name='Org Bar', program_id='Program_other') captain.owned_teams = [team.uid] team.put() org.put() captain.put() # Forbidden b/c org doesn't exist response = self.testapp.post_json( '/api/teams/{}/organizations'.format(team.uid), {'organization_code': 'dne'}, headers=self.login_headers(captain), status=400, ) # Forbidden b/c org isn't on the same program. response = self.testapp.post_json( '/api/teams/{}/organizations'.format(team.uid), {'organization_code': org.code}, headers=self.login_headers(captain), status=400, )
def test_delete_forbidden(self): """Only team captains can delete classrooms.""" teammate = User.create(name='teammate', email='*****@*****.**') other = User.create(name='other', email='*****@*****.**') team = Team.create(name='Team Foo', captain_id='User_captain', program_id=self.program.uid) team.put() teammate.owned_teams = [team.uid] User.put_multi([teammate, other]) classroom = Classroom.create( name='Classroom Foo', code='trout viper', team_id=team.uid, contact_id='User_contact', num_students=22, grade_level='9-12', ) classroom.put() for user in (teammate, other): self.testapp.delete( '/api/classrooms/{}'.format(classroom.uid), headers=self.login_headers(user), status=403, )
def test_create(self): """Team owners can create classrooms with themselves as contact.""" team = Team.create(name='Team Foo', captain_id='User_cap', program_id=self.program.uid) team.put() user = User.create(name='User Foo', email='*****@*****.**', owned_teams=[team.uid]) user.put() response = self.testapp.post_json( '/api/classrooms', { 'name': 'Classroom Foo', 'team_id': team.uid, 'code': 'a a', 'contact_id': user.uid }, headers=self.login_headers(user), ) # Make sure the response is right. response_dict = json.loads(response.body) classroom = Classroom.get_by_id(response_dict['uid']) self.assertEqual( response.body, json.dumps(classroom.to_client_dict(), default=util.json_dumps_default), ) # Make sure the contact is set. self.assertEqual(classroom.contact_id, user.uid) # Clear the user's cookie so we can use the app as other people. self.testapp.reset() return user, classroom
def create_for_dashboard(self, org, x=0): x_label = str(x).rjust(2, '0') team = Team.create( name='Team {}'.format(x_label), captain_id='User_captain_{}'.format(x_label), organization_ids=[org.uid], program_id=self.program.uid, ) user = User.create(name='User {}'.format(x_label), email='foo.{}@bar.com'.format(x_label), owned_teams=[team.uid]) cycle = Cycle.create( team_id=team.uid, ordinal=1, start_date=datetime.date.today() - datetime.timedelta(days=1), end_date=datetime.date.today() + datetime.timedelta(days=1), ) response = Response.create( type=Response.USER_LEVEL_SYMBOL, user_id=user.uid, team_id=team.uid, parent_id=cycle.uid, module_label='DemoModule', progress=50, page=1, body={ 'question1': { 'modified': '2019-01-01T00:00:00Z', 'value': 'foo', }, }, ) return (team, user, cycle, response)
def test_create_for_team(self): """Should populate only with metrics active by default.""" metric1 = Metric.create(name="Community of Helpers", label='community_of_helpers') metric1.put() metric2 = Metric.create(name="Feedback for Growth", label='feedback_for_growth') metric2.put() program = Program.create( name='Test Program', label='test-program', metrics=[ { 'uid': metric1.uid, 'default_active': True }, { 'uid': metric2.uid, 'default_active': False }, ], preview_url='foo.com', ) program.put() team = Team.create( captain_id='User_captain', program_id=program.uid, ) survey = Survey.create_for_team(team) self.assertEqual(survey.metrics, [metric1.uid]) self.assertEqual(survey.open_responses, [metric1.uid]) self.assertEqual(survey.meta, {})
def test_remove_from_team_forbidden(self): """Normally you can't modify someone else's membership.""" team = Team.create(name='foo', captain_id='User_cap', program_id=self.program.uid) team.put() user = User.create(name='foo', email='*****@*****.**', user_type='user', owned_teams=['Team_foo']) req = User.create(name='requestor', email='*****@*****.**', user_type='user') user.put() req.put() response = self.testapp.put_json( '/api/users/{}'.format(user.uid), {'owned_teams': []}, headers=self.login_headers(req), status=403, ) # Not changed in the db. fetched_user = User.get_by_id(user.uid) self.assertEqual(user.user_type, fetched_user.user_type) self.assertEqual(user.owned_teams, fetched_user.owned_teams)
def test_status_code_not_found_returned_when_student_id(self): """404 Not Found is returned when class exists but student_id doesn't.""" code = 'forest temple' student_id = 'zelda' bad_student_id = 'NOTzelda' team = Team.create( name="Foo Team", captain_id="User_cap", program_id=self.program.uid, ) team.put() classroom = Classroom.create( code=code, name='Adventuring 101', contact_id='User_LINK', team_id=team.uid, ) classroom.put() participant = Participant.create( student_id=student_id, team_id=team.uid, classroom_ids=[classroom.uid], ) participant.put() self.testapp.get( '/api/codes/{}/participants/{}'.format(code, bad_student_id), status=404, )
def test_rserve_ru_override(self): """Can specify reporting unit ids to limit RServe request.""" team = Team.create(name='Team Foo', captain_id='User_captain', program_id=self.ep_program.uid) classroom1 = Classroom.create(name='Classroom One', team_id=team.uid, contact_id='User_contact', code='foo 1') classroom2 = Classroom.create(name='Classroom Two', team_id=team.uid, contact_id='User_contact', code='foo 2') classroom3 = Classroom.create(name='Classroom Three', team_id=team.uid, contact_id='User_contact', code='foo 3') team.put() Classroom.put_multi((classroom1, classroom2, classroom3)) response = self.testapp.get( '/cron/rserve/reports/ep?ru={}&ru={}&really_send=false'.format( classroom1.uid, classroom2.uid)) payload = json.loads(response.body)['payload'] # Only specified ids are present (class 1 and 2). self.assertEqual( set(ru['id'] for ru in payload['reporting_units']), {classroom1.uid, classroom2.uid}, )
def create_for_permission(self): org = Organization.create( name="Foo Org", program_id=self.ep_program.uid) org.put() team = Team.create(name="Foo Team", program_id=self.ep_program.uid, captain_id="User_cap", organization_ids=[org.uid]) team.put() network = Network.create( name="Foo Network", program_id=self.ep_program.uid, association_ids=[org.uid] ) meta_network = Network.create( name="Foo Network", program_id=self.ep_program.uid, association_ids=[network.uid] ) Network.put_multi([network, meta_network]) net_admin = User.create(email="*****@*****.**", owned_networks=[network.uid]) meta_admin = User.create(email="*****@*****.**", owned_networks=[meta_network.uid]) User.put_multi([net_admin, meta_admin]) return (meta_admin, net_admin, meta_network, network, org, team)
def test_post_empty_report(self): """RServe posts "empty" reports to note why it hasn't produced a visible report. Test that the API accepts these for each kind of parent. """ rserve_user = User.create( id='rserve', email='*****@*****.**', user_type='super_admin', ) rserve_user.put() org = Organization.create(name='Organization', captain_id='User_cap', program_id=self.program.uid) org.put() team = Team.create( name='Team Foo', captain_id='User_cap', organization_ids=[org.uid], program_id=self.program.uid, ) team.put() classroom = Classroom.create(name='Class foo', team_id=team.uid, code='trout viper', contact_id='User_contact') classroom.put() url = '/api/reports' report_date = datetime.date.today().strftime('%Y-%m-%d') self.testapp.post_json( url, dict(self.empty_report_params(report_date, org.uid), organization_id=org.uid), headers=self.login_headers(rserve_user), ) self.testapp.post_json( url, dict(self.empty_report_params(report_date, team.uid), team_id=team.uid), headers=self.login_headers(rserve_user), ) self.testapp.post_json( url, dict(self.empty_report_params(report_date, classroom.uid), team_id=team.uid, classroom_id=classroom.uid), headers=self.login_headers(rserve_user), ) reports = Report.get() self.assertEqual(len(reports), 3) self.assertEqual(all(r.template == 'empty' for r in reports), True)
def createTeam(cityid, schoolid): # Получение полей формы из шаблона teamname = request.form['teamName'] ageid = request.form['filterAge'] # Сохранение новой записи в БД if session['demo']: pass else: Team.create( school_ID = schoolid, age_ID = ageid, teamName = teamname) # Редирект на вид list return redirect( url_for('listTeam', cityid = cityid, schoolid = schoolid))
def create_for_search(self): # Test that users can be matched on either name or email. admin_foo = User.create(name="Admin Foo", email="*****@*****.**") user_foo1 = User.create(name="User Foo", email="*****@*****.**") user_foo2 = User.create(name="Generic Name", email="*****@*****.**") user_bar = User.create(name="User Bar", email="*****@*****.**") org_foo = Organization.create(name="Org Foo", program_id=self.ep.uid) org_bar = Organization.create(name="Org Bar", program_id=self.ep.uid) team_foo = Team.create(name="Team Foo", program_id=self.ep.uid, captain_id=user_foo1.uid) team_bar = Team.create(name="Team Bar", program_id=self.ep.uid, captain_id=user_bar.uid) cl_foo = Classroom.create( name="Class Foo", code="foo", team_id=team_foo.uid, contact_id=user_foo2.uid, ) cl_bar = Classroom.create( name="Class Bar", code="bar", team_id=team_bar.uid, contact_id="User_contact", ) # Test that users can be matched on either name or email. admin_foo.owned_organizations = [org_foo.uid] user_foo1.owned_teams = [team_foo.uid] user_foo2.owned_teams = [team_foo.uid] user_bar.owned_teams = [team_bar.uid] Organization.put_multi([org_foo, org_bar]) Team.put_multi([team_foo, team_bar]) Classroom.put_multi([cl_foo, cl_bar]) User.put_multi([admin_foo, user_foo1, user_foo2, user_bar]) return (org_foo, org_bar, team_foo, team_bar, cl_foo, cl_bar, admin_foo, user_foo1, user_foo2, user_bar)
def test_get_all_for_other_team_forbidden(self): """You can't list users from someone else's teams.""" team = Team.create(name='foo', captain_id='User_cap', program_id=self.program.uid) team.put() user = User.create(name='foo', email='*****@*****.**') user.put() response = self.testapp.get('/api/teams/{}/users'.format(team.uid), headers=self.login_headers(user), status=403)
def test_put_other(self): user = User.create(name='foo', email='*****@*****.**') team = Team.create(name='Team Foo', captain_id='User_captain', program_id=self.demo_program.uid) team.put() response = self.testapp.put_json( '/api/teams/{}'.format(team.uid), {'name': 'Team Other'}, headers=self.login_headers(user), status=403, )
def test_put_artifact_url_sends_email(self): """PUT response has special jwt giving permission on Neptune.""" user = User.create(name='foo', email='*****@*****.**') team = Team.create(name="Foo Team", captain_id=user.uid, program_id="Program_foo") survey = Survey.create(team_id=team.uid) user.owned_teams = [team.uid] team.put() survey.put() user.put() artifact_url = 'https://www.example.com/artifact' # Not changing the artifact does NOT trigger an email. self.testapp.put_json( '/api/surveys/{}'.format(survey.uid), {'meta': { 'artifact_url': '' }}, headers=self.login_headers(user), ) self.assertEqual(Email.count(), 0) # Changing it triggers an email. self.testapp.put_json( '/api/surveys/{}'.format(survey.uid), {'meta': { 'artifact_use': 'true', 'artifact_url': artifact_url }}, headers=self.login_headers(user), ) emails = Email.get() self.assertEqual(len(emails), 1) email = emails[0] self.assertIn(artifact_url, email.html) self.assertIn(team.name, email.html) # Sending a PUT **without** changing it does NOT trigger an email. self.testapp.put_json( '/api/surveys/{}'.format(survey.uid), {'meta': { 'artifact_use': 'true', 'artifact_url': artifact_url }}, headers=self.login_headers(user), ) self.assertEqual(Email.count(), 1) # same as before
def test_rserve_payload(self): org = Organization.create(name='Org', program_id=self.ep_program.uid) team = Team.create(name='Team Foo', captain_id='User_captain', program_id=self.ep_program.uid) classroom = Classroom.create(name='Classroom Bar', team_id=team.uid, contact_id='User_contact') # Orphaned classrooms shouldn't appear in the payload. other_classroom = Classroom.create(name='Classroom Other', team_id='Team_other', contact_id='User_other') payload = cron_rserve.build_payload( [org], [team], [classroom, other_classroom], { 'neptune_sql_credentials': 'fake secret 1', 'triton_sql_credentials': 'fake secret 2', 'saturn_sql_credentials': 'fake secret 3', 'qualtrics_credentials': 'fake secret 4', 'mandrill_api_key': 'fake secret 5', 'rserve_service_account_credentials': 'fake secret 6', }, ) self.assertIn('neptune_sql_credentials', payload) self.assertIn('triton_sql_credentials', payload) self.assertIn('saturn_sql_credentials', payload) self.assertIn('qualtrics_credentials', payload) self.assertIn('mandrill_api_key', payload) self.assertIn('rserve_service_account_credentials', payload) team_found = False classroom_found = False other_classroom_found = False for ru in payload['reporting_units']: if ru['id'] == org.uid and ru['organization_id'] == org.uid: org_found = True if ru['id'] == team.uid and ru['team_id'] == team.uid: team_found = True if (ru['id'] == classroom.uid and ru['classroom_id'] == classroom.uid and ru['team_id'] == team.uid): classroom_found = True if ru['id'] == other_classroom.uid: other_classroom_found = True self.assertEqual(org_found, True) self.assertEqual(team_found, True) self.assertEqual(classroom_found, True) self.assertEqual(other_classroom_found, False)
def create_for_paging(self, n): # Pad numeric names so they sort alphabetically. teams = [ Team.create(name=str(x).rjust(2, '0'), captain_id='User_captain', program_id=self.demo_program.uid) for x in range(n) ] Team.put_multi(teams) super_admin = User.create(name='super', email='*****@*****.**', user_type='super_admin') super_admin.put() return teams, super_admin
def test_delete_own_forbidden(self): team = Team.create(name='foo', captain_id='User_cap', program_id=self.demo_program.uid) team.put() user = User.create(name='foo', email='*****@*****.**', owned_teams=[team.uid]) user.put() response = self.testapp.delete( '/api/teams/{}'.format(team.uid), headers=self.login_headers(user), status=403 ) self.assertIsNotNone(Team.get_by_id(team.uid))
def test_rserve_email_override(self): """Can request that emails are not sent.""" team = Team.create(name='Team Foo', captain_id='User_captain', program_id=self.ep_program.uid) team.put() response = self.testapp.get( '/cron/rserve/reports/ep?really_send=false&send_email=false') payload = json.loads(response.body)['payload'] # Only specified ids are present (class 1 and 2). self.assertNotIn('mandrill_api_key', payload)
def create(self, program_label): program = Program.create( name="Foo", label=program_label, active=True, preview_url='foo.com', ) program.put() captain = User.create(email='*****@*****.**', name="Captain PERTS") team = Team.create(name='Team Foo', program_id=program.uid, captain_id=captain.uid) team.put() classrooms = [ Classroom.create(name='Class A', team_id=team.uid, num_students=5, contact_id='User_contact', code='foo'), Classroom.create(name='Class B', team_id=team.uid, num_students=5, contact_id='User_contact', code='bar'), Classroom.create(name='Class C', team_id=team.uid, num_students=5, contact_id='User_contact', code='baz'), ] Classroom.put_multi(classrooms) survey = Survey.create(team_id=team.uid) survey.put() captain.owned_teams = [team.uid] captain.put() start_date = datetime.date.today() - datetime.timedelta(days=7) end_date = datetime.date.today() + datetime.timedelta(days=7) cycle = Cycle.create(team_id=team.uid, ordinal=1, start_date=start_date, end_date=end_date) cycle.put() return (program, captain, team, classrooms, cycle)
def test_get_all_super(self): """Supers can query all teams.""" team = Team.create(name='foo', captain_id='User_cap', program_id=self.demo_program.uid) team.put() user = User.create(name='super', email='*****@*****.**', user_type='super_admin') user.put() response = self.testapp.get( '/api/teams', headers=self.login_headers(user), ) response_list = json.loads(response.body) self.assertEqual(len(response_list), 1)
def test_get_all_for_self(self): """You can list your own teams.""" team = Team.create(name='foo', captain_id='User_cap', program_id=self.demo_program.uid) team.put() user = User.create(name='foo', email='*****@*****.**', owned_teams=[team.uid]) user.put() response = self.testapp.get( '/api/users/{}/teams'.format(user.uid), headers=self.login_headers(user), ) response_list = json.loads(response.body) self.assertEqual(len(response_list), 1)
def test_cycle_email_task_does_not_queue(self): # Create a team that should NOT get a cycle email. beleset_team = Team.create( name="Elevate Team", program_id=self.beleset_program.uid, captain_id='User_captain', ) beleset_team.put() # Initiate cycle emails. self.testapp.get('/cron/cycle_emails') # Zero emailing tasks queued. tasks = self.taskqueue_stub.get_filtered_tasks() self.assertEqual(len(tasks), 0)