def test_view_user_sessions(gazette_app):
admin = Client(gazette_app)
with freeze_time("2016-06-06 06:06"):
login_admin(admin)
client_1 = Client(gazette_app)
with freeze_time("2017-07-07 07:07"):
login_editor_1(client_1)
client_2 = Client(gazette_app)
with freeze_time("2018-08-08 08:08"):
login_editor_1(client_2)
client_1.get('/dashboard')
client_2.get('/dashboard')
manage = admin.get('/users/sessions')
assert '([email protected])' in manage
assert '([email protected])' in manage
assert '2016-06-06T06:06:00' in manage
assert '2017-07-07T07:07:00' in manage
assert '2018-08-08T08:08:00' in manage
manage.click('Sitzungen beenden', href='editor1', index=0).form.submit()
manage = admin.get('/users/sessions')
assert '([email protected])' in manage
assert '([email protected])' not in manage
assert '2016-06-06T06:06:00' in manage
assert '2017-07-07T07:07:00' not in manage
assert '2018-08-08T08:08:00' not in manage
client_1.get('/dashboard', status=403)
client_2.get('/dashboard', status=403)
def test_view_groups(gazette_app):
client = Client(gazette_app)
login_admin(client)
# no groups yet
manage = client.get('/groups')
assert "TestGroup" in manage
# add a group
manage = manage.click("Neu")
manage.form['name'] = "Gruppe XY"
manage = manage.form.submit().maybe_follow()
assert "Gruppe hinzugefügt." in manage
assert "Gruppe XY" in manage
assert "Bearbeiten" in manage
assert "Löschen" in manage
assert "0" in [t.text for t in manage.pyquery('table.groups tbody tr td')]
# edit group
manage = manage.click("Bearbeiten", index=0)
manage.form['name'] = "Gruppe YZ"
manage = manage.form.submit().maybe_follow()
assert "Gruppe geändert." in manage
assert "Gruppe XY" not in manage
assert "Gruppe YZ" in manage
# add users
manage = client.get('/users').click("Neu")
assert 'Gruppe YZ' in manage
manage.form['role'] = 'editor'
manage.form['group'] = {
option[2]: option[0] for option in manage.form['group'].options
}['Gruppe YZ']
manage.form['name'] = 'User A'
manage.form['username'] = '******'
manage = manage.form.submit().maybe_follow()
assert "Benutzer hinzugefügt." in manage
# delete group
manage = client.get('/groups')
assert "1" in [t.text for t in manage.pyquery('table.groups tbody tr td')]
assert "Bearbeiten" in manage
assert "Löschen" not in manage
link = manage.pyquery('.action-edit')[0].attrib['href']
link = link.replace('/edit', '/delete')
manage = client.get(link)
assert "Es können nur Gruppen ohne Benutzer gelöscht werden." in manage
# delete user and group
manage = client.get('/user/user_a%40example.com/edit')
manage.form['group'] = ''
manage = manage.form.submit().maybe_follow()
manage = client.get('/groups')
assert "Löschen" in manage
manage = manage.click("Löschen").form.submit().maybe_follow()
assert "Gruppe gelöscht." in manage
assert "TestGroup" in manage
assert "Gruppe YZ" not in manage
def test_view_users(gazette_app):
client = Client(gazette_app)
login_admin(client)
manage = client.get('/users')
assert '*****@*****.**' in manage
assert '*****@*****.**' in manage
assert '*****@*****.**' in manage
assert '*****@*****.**' in manage
# try to add a user with a already taken address
manage = manage.click("Neu")
manage.form['role'] = 'editor'
manage.form['name'] = "New editor"
manage.form['username'] = "******"
manage = manage.form.submit()
assert "Dieser Wert ist bereits vorhanden." in manage
# add a publisher
manage = client.get('/users')
manage = manage.click("Neu")
manage.form['role'] = 'editor'
manage.form['name'] = "New user"
manage.form['username'] = "******"
manage = manage.form.submit().maybe_follow()
assert "Benutzer hinzugefügt." in manage
assert "*****@*****.**" in manage
assert len(gazette_app.smtp.outbox) == 1
message = gazette_app.smtp.outbox[0]
message = message.get_payload(1).get_payload(decode=True)
message = message.decode('utf-8')
assert "Benutzerkonto Amtsblattredaktion erstellt" in message
# make it an editor
manage = manage.click("Bearbeiten", href="new_user")
manage.form['role'] = 'member'
manage = manage.form.submit().maybe_follow()
assert "Benutzer geändert." in manage
# try to change the email adress to an already taken one
manage = manage.click("Bearbeiten", href="new_user")
manage.form['username'] = '******'
manage = manage.form.submit()
assert "Dieser Wert ist bereits vorhanden." in manage
# delete user
manage = client.get('/users').click("Löschen", href="new_user")
manage = manage.form.submit().maybe_follow()
assert "Benutzer gelöscht." in manage
assert "*****@*****.**" not in manage
def test_view_principal(gazette_app):
client = Client(gazette_app)
assert 'Startseite' in client.get('/').maybe_follow()
assert '<h2>Anmelden</h2>' in client.get('/').maybe_follow()
login_admin(client)
assert '/notices' in client.get('/').maybe_follow().request.url
login_publisher(client)
assert '/notices' in client.get('/').maybe_follow().request.url
login_editor_1(client)
assert '/dashboard' in client.get('/').maybe_follow().request.url
def test_view_user_delete(gazette_app):
admin = Client(gazette_app)
login_admin(admin)
client_1 = Client(gazette_app)
login_editor_1(client_1)
client_1.get('/dashboard')
client_2 = Client(gazette_app)
login_editor_1(client_2)
client_2.get('/dashboard')
manage = admin.get('/users').click("Löschen", href='editor1')
manage = manage.form.submit().maybe_follow()
assert "Benutzer gelöscht." in manage
client_1.get('/dashboard', status=403)
client_2.get('/dashboard', status=403)
def test_view_users_permissions(gazette_app):
client = Client(gazette_app)
login_admin(client)
manage = client.get('/users')
assert "<h3>Redaktoren</h3>" in manage
assert "<h3>Herausgeber</h3>" in manage
edit_editor = manage.click("Bearbeiten", href='editor1').request.url
delete_editor = manage.click("Löschen", href='editor1').request.url
edit_publisher = manage.click("Bearbeiten", href='publisher').request.url
delete_publisher = manage.click("Löschen", href='publisher').request.url
login_publisher(client)
manage = client.get('/users')
assert "<h3>Redaktoren</h3>" in manage
assert "<h3>Herausgeber</h3>" not in manage
assert manage.click("Bearbeiten", href='editor1').request.url == \
edit_editor
assert manage.click("Löschen", href='editor1').request.url == delete_editor
client.get(edit_publisher, status=403)
client.get(delete_publisher, status=403)
login_editor_1(client)
client.get('/users', status=403)
client.get(edit_editor, status=403)
client.get(edit_publisher, status=403)
client.get(delete_editor, status=403)
client.get(delete_publisher, status=403)
login_editor_2(client)
client.get('/users', status=403)
client.get(edit_editor, status=403)
client.get(edit_publisher, status=403)
client.get(delete_editor, status=403)
client.get(delete_publisher, status=403)
login_editor_3(client)
client.get('/users', status=403)
client.get(edit_editor, status=403)
client.get(edit_publisher, status=403)
client.get(delete_editor, status=403)
client.get(delete_publisher, status=403)
def test_view_user_modify(gazette_app):
admin = Client(gazette_app)
login_admin(admin)
client_1 = Client(gazette_app)
login_editor_1(client_1)
client_1.get('/dashboard')
client_2 = Client(gazette_app)
login_editor_1(client_2)
client_2.get('/dashboard')
manage = admin.get('/users').click("Bearbeiten", href='editor1')
manage.form['role'] = 'member'
manage.form['name'] = "Hans"
manage = manage.form.submit().maybe_follow()
assert "Benutzer geändert." in manage
client_1.get('/dashboard', status=403)
client_2.get('/dashboard', status=403)
def test_view_groups_permissions(gazette_app):
client = Client(gazette_app)
login_admin(client)
manage = client.get('/groups').click("Neu")
manage.form['name'] = 'XY'
manage = manage.form.submit().maybe_follow()
edit_link = manage.click('Bearbeiten', index=0).request.url
delete_link = manage.click('Löschen', index=0).request.url
login_publisher(client)
manage = client.get('/groups').click("Neu")
manage.form['name'] = 'YZ'
manage = manage.form.submit().maybe_follow()
assert manage.click('Bearbeiten', index=0).request.url == edit_link
assert manage.click('Löschen', index=0).request.url == delete_link
login_editor_1(client)
client.get('/groups', status=403)
client.get(edit_link, status=403)
client.get(delete_link, status=403)
def test_view_users_export(gazette_app):
admin = Client(gazette_app)
login_admin(admin)
result = admin.get('/users').click("Als XLSX herunterladen")
book = open_workbook(file_contents=result.body)
assert book.nsheets == 2
sheet = book.sheet_by_name('Redaktoren')
assert sheet.ncols == 3
assert sheet.nrows == 4
assert sheet.cell(0, 0).value == 'Gruppe'
assert sheet.cell(0, 1).value == 'Name'
assert sheet.cell(0, 2).value == 'E-Mail'
assert sheet.cell(1, 0).value == 'TestGroup'
assert sheet.cell(1, 1).value == 'First Editor'
assert sheet.cell(1, 2).value == '*****@*****.**'
assert sheet.cell(2, 0).value == 'TestGroup'
assert sheet.cell(2, 1).value == 'Second Editor'
assert sheet.cell(2, 2).value == '*****@*****.**'
assert sheet.cell(3, 0).value == ''
assert sheet.cell(3, 1).value == 'Third Editor'
assert sheet.cell(3, 2).value == '*****@*****.**'
sheet = book.sheet_by_name('Herausgeber')
assert sheet.ncols == 3
assert sheet.nrows == 2
assert sheet.cell(0, 0).value == 'Gruppe'
assert sheet.cell(0, 1).value == 'Name'
assert sheet.cell(0, 2).value == 'E-Mail'
assert sheet.cell(1, 0).value == ''
assert sheet.cell(1, 1).value == 'Publisher'
assert sheet.cell(1, 2).value == '*****@*****.**'
def test_view_notices_statistics(gazette_app):
editor = Client(gazette_app)
login_editor_3(editor) # this has no group
publisher = Client(gazette_app)
login_publisher(publisher)
def statistic(state, sheet_name, qs=None):
result = publisher.get('/notices/{}/statistics-xlsx?{}'.format(
state, qs or ''))
book = open_workbook(file_contents=result.body)
for sheet in book.sheets():
if sheet.name == sheet_name:
return [[
sheet.cell(row, col).value for col in range(sheet.ncols)
] for row in range(sheet.nrows)]
# No notices yet
states = ('drafted', 'submitted', 'accepted', 'rejected')
for s in states:
editor.get('/notices/{}/statistics'.format(s), status=403)
editor.get('/notices/{}/statistics-xlsx'.format(s), status=403)
publisher.get('/notices/{}/statistics'.format(s))
assert statistic(s, 'Organisationen') == [['Organisation', 'Anzahl']]
assert statistic(s, 'Rubriken') == [['Rubrik', 'Anzahl']]
assert statistic(s, 'Gruppen') == [['Gruppe', 'Anzahl']]
# Add users and groups
admin = Client(gazette_app)
login_admin(admin)
manage = admin.get('/groups').click("Neu")
for group in ('A', 'B', 'C'):
manage.form['name'] = group
manage.form.submit()
manage = admin.get('/users').click("Neu")
for user, group in (
('*****@*****.**', 'B'),
('*****@*****.**', 'B'),
('*****@*****.**', 'C'),
):
manage.form['role'] = 'member'
manage.form['name'] = user
manage.form['username'] = user
manage.form['group'] = dict(
(x[2], x[0]) for x in manage.form['group'].options)[group]
with patch('onegov.gazette.views.users.random_password') as password:
password.return_value = 'hunter2'
manage.form.submit().maybe_follow()
user_1 = Client(gazette_app)
user_2 = Client(gazette_app)
user_3 = Client(gazette_app)
for user, client in (
('*****@*****.**', user_1),
('*****@*****.**', user_2),
('*****@*****.**', user_3),
):
login = client.get('/auth/login')
login.form['username'] = user
login.form['password'] = '******'
login.form.submit()
# Add notices
with freeze_time("2017-11-01 11:00"):
for (organization, category, submit, user, issues) in (
('100', '13', False, editor, ['2017-44']),
('100', '13', False, user_1, ['2017-45']),
('100', '11', False, user_1, ['2017-46']),
('200', '11', False, user_1, ['2017-47']),
('100', '12', True, user_1, ['2017-47', '2017-45']),
('100', '14', True, user_1, ['2017-45', '2017-46']),
('300', '14', True, user_1, ['2017-46']),
('100', '11', False, user_2, ['2017-47']),
('100', '12', True, user_2, ['2017-47']),
('200', '14', False, user_2, ['2017-45', '2017-47']),
('100', '14', True, user_3, ['2017-46']),
('100', '12', True, user_3, ['2017-47']),
('100', '14', False, user_3, ['2017-47']),
('100', '14', True, user_3, ['2017-45', '2017-46', '2017-47']),
):
manage = user.get('/notices/drafted/new-notice')
manage.form['title'] = "Titel"
manage.form['organization'] = organization
manage.form['category'] = category
manage.form['text'] = "Text"
manage.form['author_place'] = 'Govikon'
manage.form['author_name'] = 'State Chancellerist'
manage.form['author_date'] = '2019-01-01'
manage.form['issues'] = issues
manage = manage.form.submit().maybe_follow()
if submit:
manage.click("Einreichen").form.submit()
for s in ('rejected', 'accepted'):
assert statistic(s, 'Organisationen') == [['Organisation', 'Anzahl']]
assert statistic(s, 'Rubriken') == [['Rubrik', 'Anzahl']]
assert statistic(s, 'Gruppen') == [['Gruppe', 'Anzahl']]
assert publisher.get('/notices/drafted/statistics')
assert publisher.get('/notices/submitted/statistics')
assert publisher.get('/notices/published/statistics')
# organizations/drafted: 5 x 100, 3 x 200
assert statistic('drafted',
'Organisationen') == [['Organisation', 'Anzahl'],
['Civic Community', 3],
['State Chancellery', 5]]
# organizations/submitted: 10 x 100, 1 x 300
assert statistic('submitted', 'Organisationen') == [
['Organisation', 'Anzahl'],
['Municipality', 1],
['State Chancellery', 10],
]
# organizations/submitted/2017-45/46: 6 x 100, 1 x 300
assert statistic('submitted', 'Organisationen',
'from_date=2017-11-10&to_date=2017-11-17') == [
['Organisation', 'Anzahl'],
['Municipality', 1],
['State Chancellery', 6],
]
# categories/drafted: 3 x 11, 2 x 13, 3 x 14
assert statistic('drafted', 'Rubriken') == [
['Rubrik', 'Anzahl'],
['Commercial Register', 2],
['Education', 3],
['Elections', 3],
]
# categories/submitted: 4 x 12, 7 x 14
assert statistic('submitted', 'Rubriken') == [
['Rubrik', 'Anzahl'],
['Elections', 7],
['Submissions', 4],
]
# categories/submitted/2017-45/46: 1 x 12, 6 x 14
assert statistic('submitted', 'Rubriken',
'from_date=2017-11-10&to_date=2017-11-17') == [
['Rubrik', 'Anzahl'],
['Elections', 6],
['Submissions', 1],
]
# groups/drafted: 1 x w/o, 6 x B, 1 x C
assert '>5</td>' in publisher.get('/notices/drafted/statistics')
assert statistic('drafted', 'Gruppen') == [
['Gruppe', 'Anzahl'],
['B', 6],
['C', 1],
]
# groups/submitted: 6 x B, 5 x C
assert '>4</td>' in publisher.get('/notices/submitted/statistics')
assert statistic('submitted', 'Gruppen') == [
['Gruppe', 'Anzahl'],
['B', 6],
['C', 5],
]
# groups/submitted/2017-45/46: 4 x B, 3 x C
assert statistic('submitted', 'Gruppen',
'from_date=2017-11-10&to_date=2017-11-17') == [
['Gruppe', 'Anzahl'],
['B', 4],
['C', 3],
]