def test_list_agencies_limits(domain_app, database): """ List agencies should limit to only the user's agencies and should not duplicate the same agency even if there are multiple instances of the same agency in the user permissions. """ user = UserFactory() cgac = CGACFactory() frec_cgac = CGACFactory() frec = FRECFactory(cgac=frec_cgac) sub_tiers = [SubTierAgencyFactory(sub_tier_agency_code='0', cgac=cgac, frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency 0"), SubTierAgencyFactory(sub_tier_agency_code='1', cgac=frec_cgac, frec=frec, is_frec=True, sub_tier_agency_name="Test Subtier Agency 1")] user.affiliations = [UserAffiliation(cgac=cgac, frec=None, permission_type_id=PERMISSION_SHORT_DICT['w']), UserAffiliation(cgac=cgac, frec=None, permission_type_id=PERMISSION_SHORT_DICT['f']), UserAffiliation(cgac=None, frec=frec, permission_type_id=PERMISSION_SHORT_DICT['w']), UserAffiliation(cgac=None, frec=frec, permission_type_id=PERMISSION_SHORT_DICT['f'])] database.session.add_all([cgac] + [frec_cgac] + [frec] + sub_tiers + [user]) database.session.commit() g.user = user result = domain_app.get('/v1/list_agencies/').data.decode('UTF-8') res = json.loads(result) assert len(res['cgac_agency_list']) == 1 assert len(res['frec_agency_list']) == 1 assert res['cgac_agency_list'][0]['agency_name'] == cgac.agency_name assert res['cgac_agency_list'][0]['cgac_code'] == cgac.cgac_code assert res['frec_agency_list'][0]['agency_name'] == frec.agency_name assert res['frec_agency_list'][0]['frec_code'] == frec.frec_code
def test_list_submission_users_cgac_affil(database): """ Test listing users based on cgac affiliations """ cgacs = [CGACFactory(cgac_code='000'), CGACFactory(cgac_code='111')] first_user = UserFactory.with_cgacs(cgacs[0], name='Test User 1', email='*****@*****.**') other_user = UserFactory.with_cgacs(cgacs[1], name='Test User', email='*****@*****.**') database.session.add_all(cgacs + [first_user, other_user]) database.session.commit() sub_1 = SubmissionFactory(cgac_code=cgacs[0].cgac_code, user_id=first_user.user_id, is_fabs=False) sub_2 = SubmissionFactory(cgac_code=cgacs[0].cgac_code, user_id=other_user.user_id, is_fabs=False) database.session.add_all([sub_1, sub_2]) database.session.commit() g.user = first_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # List both users because each has a submission with the cgac assert len(user_response) == 2 assert {user_response[0]['user_id'], user_response[1]['user_id']} == {first_user.user_id, other_user.user_id} assert {user_response[0]['name'], user_response[1]['name']} == {first_user.name, other_user.name} assert {user_response[0]['email'], user_response[1]['email']} == {first_user.email, other_user.email} g.user = other_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # List only the submissions this user is part of because they have no cgac/frec affiliations with either submission assert len(user_response) == 1 assert user_response[0]['user_id'] == other_user.user_id assert user_response[0]['name'] == other_user.name assert user_response[0]['email'] == other_user.email
def test_list_submission_users_admin(database): """ Test listing all users with a submission (admin called the function) """ cgacs = [CGACFactory(cgac_code='000'), CGACFactory(cgac_code='111')] admin_user = UserFactory(website_admin=True, name='Admin User', email='*****@*****.**') other_user = UserFactory.with_cgacs(cgacs[0], name='Test User', email='*****@*****.**') database.session.add_all(cgacs + [admin_user, other_user]) database.session.commit() sub_1 = SubmissionFactory(cgac_code=cgacs[0].cgac_code, user_id=other_user.user_id, d2_submission=False) database.session.add(sub_1) database.session.commit() g.user = admin_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # Only lists users with submissions and doesn't care about affiliations because admin assert len(user_response) == 1 assert user_response[0]['user_id'] == other_user.user_id assert user_response[0]['name'] == other_user.name assert user_response[0]['email'] == other_user.email
def test_list_submission_users_frec_affil(database): """ Test listing users based on frec affiliations """ cgacs = [CGACFactory(cgac_code='000'), CGACFactory(cgac_code='111')] frecs = [FRECFactory(frec_code='0000', cgac=cgacs[0]), FRECFactory(frec_code='1111', cgac=cgacs[1])] first_user = UserFactory.with_cgacs(cgacs[0], name='Test User 1', email='*****@*****.**') other_user = UserFactory.with_cgacs(cgacs[1], name='Test User', email='*****@*****.**') third_user = UserFactory(name='Frec User', email='*****@*****.**') third_user.affiliations = [UserAffiliation(frec=frecs[0], user_id=third_user.user_id, permission_type_id=PERMISSION_TYPE_DICT['reader'])] database.session.add_all(cgacs + frecs + [first_user, other_user]) database.session.commit() sub_1 = SubmissionFactory(frec_code=frecs[0].frec_code, user_id=first_user.user_id, is_fabs=False) sub_2 = SubmissionFactory(cgac_code=cgacs[1].cgac_code, user_id=other_user.user_id, is_fabs=False) sub_3 = SubmissionFactory(frec_code=frecs[1].frec_code, user_id=other_user.user_id, is_fabs=False) database.session.add_all([sub_1, sub_2, sub_3]) database.session.commit() g.user = third_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # List the first user because they have a submission with that frec assert len(user_response) == 1 assert user_response[0]['user_id'] == first_user.user_id assert user_response[0]['name'] == first_user.name assert user_response[0]['email'] == first_user.email
def test_organize_sub_tier_agencies(database): """ Test organization of passed sub tier agencies """ cgac = CGACFactory() frec_cgac = CGACFactory() frec = FRECFactory(cgac=frec_cgac) sub_tiers = [SubTierAgencyFactory(sub_tier_agency_code='0', cgac=cgac, frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency 0"), SubTierAgencyFactory(sub_tier_agency_code='1', cgac=frec_cgac, frec=frec, is_frec=True, sub_tier_agency_name="Test Subtier Agency 1")] database.session.add_all([cgac] + [frec_cgac] + [frec] + sub_tiers) database.session.commit() # Test with no sub tiers results = organize_sub_tier_agencies([]) assert len(results["sub_tier_agency_list"]) == 0 # Test with just one sub tier passed in results = organize_sub_tier_agencies([sub_tiers[0]]) assert len(results["sub_tier_agency_list"]) == 1 assert results["sub_tier_agency_list"][0] == { "agency_name": '{}: {}'.format(cgac.agency_name, sub_tiers[0].sub_tier_agency_name), "agency_code": sub_tiers[0].sub_tier_agency_code, "priority": sub_tiers[0].priority} # Test with both sub tiers passed results = organize_sub_tier_agencies([sub_tiers[0], sub_tiers[1]]) assert len(results["sub_tier_agency_list"]) == 2
def test_list_submission_users_cgac_frec_affil(database): """ Test listing users based on both cgac and frec affiliations """ cgacs = [CGACFactory(cgac_code='000'), CGACFactory(cgac_code='111')] frecs = [FRECFactory(frec_code='0000', cgac=cgacs[0]), FRECFactory(frec_code='1111', cgac=cgacs[1])] first_user = UserFactory.with_cgacs(cgacs[0], name='Test User 1', email='*****@*****.**') other_user = UserFactory.with_cgacs(cgacs[1], name='Test User', email='*****@*****.**') third_user = UserFactory.with_cgacs(cgacs[1], name='Frec User', email='*****@*****.**') third_user.affiliations =\ third_user.affiliations + [UserAffiliation(frec=frecs[0], user_id=third_user.user_id, permission_type_id=PERMISSION_TYPE_DICT['reader'])] database.session.add_all(cgacs + frecs + [first_user, other_user]) database.session.commit() # Third user now has cgac 111 and frec 0000 sub_1 = SubmissionFactory(frec_code=frecs[0].frec_code, user_id=first_user.user_id, is_fabs=False) sub_2 = SubmissionFactory(cgac_code=cgacs[1].cgac_code, user_id=other_user.user_id, is_fabs=False) sub_3 = SubmissionFactory(frec_code=frecs[1].frec_code, user_id=other_user.user_id, is_fabs=False) database.session.add_all([sub_1, sub_2, sub_3]) database.session.commit() g.user = third_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # List both other users because one has a frec agency and one has a cgac assert len(user_response) == 2 assert {user_response[0]['user_id'], user_response[1]['user_id']} == {first_user.user_id, other_user.user_id} assert {user_response[0]['name'], user_response[1]['name']} == {first_user.name, other_user.name} assert {user_response[0]['email'], user_response[1]['email']} == {first_user.email, other_user.email}
def test_list_agencies_limits(monkeypatch, user_constants, domain_app): """List agencies should limit to only the user's agencies""" sess = GlobalDB.db().session user = UserFactory() cgac = CGACFactory() frec_cgac = CGACFactory() frec = FRECFactory(cgac=frec_cgac) sub_tiers = [ SubTierAgencyFactory(sub_tier_agency_code='0', cgac=cgac, frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency 0"), SubTierAgencyFactory(sub_tier_agency_code='1', cgac=frec_cgac, frec=frec, is_frec=True, sub_tier_agency_name="Test Subtier Agency 1") ] user.affiliations = [ UserAffiliation(cgac=cgac, frec=None, permission_type_id=2), UserAffiliation(cgac=None, frec=frec, permission_type_id=2) ] sess.add_all([cgac] + [frec_cgac] + [frec] + sub_tiers + [user]) sess.commit() monkeypatch.setattr(domainRoutes, 'g', Mock(user=user)) result = domain_app.get('/v1/list_agencies/').data.decode('UTF-8') res = json.loads(result) assert len(res['cgac_agency_list']) == 1 assert len(res['frec_agency_list']) == 1 assert res['cgac_agency_list'][0]['agency_name'] == cgac.agency_name assert res['cgac_agency_list'][0]['cgac_code'] == cgac.cgac_code assert res['frec_agency_list'][0]['agency_name'] == frec.agency_name assert res['frec_agency_list'][0]['frec_code'] == frec.frec_code
def test_list_submission_users_fabs_dabs(database): """ Test listing DABS vs FABS users """ cgacs = [CGACFactory(cgac_code='000'), CGACFactory(cgac_code='111')] first_user = UserFactory.with_cgacs(cgacs[0], name='Test User 1') other_user = UserFactory.with_cgacs(cgacs[1], name='Test User') database.session.add_all(cgacs + [first_user, other_user]) database.session.commit() sub_1 = SubmissionFactory(cgac_code=cgacs[0].cgac_code, user_id=first_user.user_id, d2_submission=False) sub_2 = SubmissionFactory(cgac_code=cgacs[0].cgac_code, user_id=other_user.user_id, d2_submission=True) database.session.add_all([sub_1, sub_2]) database.session.commit() g.user = first_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # List only the first user because they're the only ones with a DABS submission assert len(user_response) == 1 assert user_response[0]['user_id'] == first_user.user_id assert user_response[0]['name'] == first_user.name response = list_submission_users(True) user_response = json.loads(response.data.decode('UTF-8'))['users'] # List only the other user because they're the only ones with a FABS submission assert len(user_response) == 1 assert user_response[0]['user_id'] == other_user.user_id assert user_response[0]['name'] == other_user.name
def test_list_agencies_superuser(domain_app, database): """ All agencies should be visible to website admins """ user = UserFactory(website_admin=True) cgacs = [CGACFactory(cgac_code=str(i)) for i in range(3)] frec_cgac = CGACFactory() frecs = [FRECFactory(frec_code=str(i), cgac=frec_cgac) for i in range(3)] cgac_sub_tiers = [ SubTierAgencyFactory(sub_tier_agency_code=str(i), cgac=cgacs[i], frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency " + str(i)) for i in range(3) ] frec_sub_tiers = [ SubTierAgencyFactory(sub_tier_agency_code=str(3 + i), cgac=frec_cgac, frec=frecs[i], is_frec=True, sub_tier_agency_name="Test Subtier Agency " + str(3 + i)) for i in range(3) ] database.session.add_all(cgacs + [frec_cgac] + frecs + cgac_sub_tiers + frec_sub_tiers + [user]) database.session.commit() g.user = user result = domain_app.get('/v1/list_agencies/').data.decode('UTF-8') response = json.loads(result) result = {el['cgac_code'] for el in response['cgac_agency_list']} assert result == {'0', '1', '2'} # i.e. all of them result = {el['frec_code'] for el in response['frec_agency_list']} assert result == {'0', '1', '2'} # i.e. all of them
def test_list_submissions_permissions(database, monkeypatch): """Verify that the user must be in the same CGAC group, the submission's owner, or website admin to see the submission""" cgac1, cgac2 = CGACFactory(), CGACFactory() user1, user2 = UserFactory.with_cgacs(cgac1), UserFactory() database.session.add_all([cgac1, cgac2, user1, user2]) database.session.commit() sub = SubmissionFactory(user_id=user2.user_id, cgac_code=cgac2.cgac_code, publish_status_id=1) database.session.add(sub) database.session.commit() monkeypatch.setattr(fileHandler, 'g', Mock(user=user1)) assert list_submissions_result()['total'] == 0 user1.affiliations[0].cgac = cgac2 database.session.commit() assert list_submissions_result()['total'] == 1 user1.affiliations = [] database.session.commit() assert list_submissions_result()['total'] == 0 sub.user_id = user1.user_id database.session.commit() assert list_submissions_result()['total'] == 1 sub.user_id = user2.user_id database.session.commit() assert list_submissions_result()['total'] == 0 user1.website_admin = True database.session.commit() assert list_submissions_result()['total'] == 1
def test_list_submission_users_owned(database): """ Test listing users based on owned submissions """ cgacs = [CGACFactory(cgac_code='000'), CGACFactory(cgac_code='111')] first_user = UserFactory.with_cgacs(cgacs[0], name='Test User 1', email='*****@*****.**') other_user = UserFactory.with_cgacs(cgacs[0], name='Test User', email='*****@*****.**') database.session.add_all(cgacs + [first_user, other_user]) database.session.commit() sub_1 = SubmissionFactory(cgac_code=cgacs[1].cgac_code, user_id=other_user.user_id, d2_submission=False) database.session.add(sub_1) database.session.commit() g.user = first_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # Don't list any submissions because they don't own any and have no cgac/frec affiliations assert len(user_response) == 0 g.user = other_user response = list_submission_users(False) user_response = json.loads(response.data.decode('UTF-8'))['users'] # List the user because they have a submission they own (even though it doesn't match the cgac) assert len(user_response) == 1 assert user_response[0]['user_id'] == other_user.user_id assert user_response[0]['name'] == other_user.name assert user_response[0]['email'] == other_user.email
def test_get_sub_tiers_from_perms(database): """ Test getting sub tiers of agencies from the permissions provided """ cgacs = [CGACFactory(cgac_code=str(i)) for i in range(3)] frec_cgac = CGACFactory() frecs = [FRECFactory(frec_code=str(i), cgac=frec_cgac) for i in range(3)] cgac_sub_tiers = [SubTierAgencyFactory(sub_tier_agency_code=str(i), cgac=cgacs[i], frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency "+str(i)) for i in range(3)] frec_sub_tiers = [SubTierAgencyFactory(sub_tier_agency_code=str(3 + i), cgac=frec_cgac, frec=frecs[i], is_frec=True, sub_tier_agency_name="Test Subtier Agency " + str(3 + i)) for i in range(3)] database.session.add_all(cgacs + [frec_cgac] + frecs + cgac_sub_tiers + frec_sub_tiers) database.session.commit() # Test non-admin, should have 1 and 2 results for cgac and frec respectively cgac_result, frec_result = get_sub_tiers_from_perms(False, [cgacs[0].cgac_id], [frecs[0].frec_id, frecs[1].frec_id]) assert cgac_result.count() == 1 assert frec_result.count() == 2 # Test non-admin with no permissions, should have 0 results for either cgac_result, frec_result = get_sub_tiers_from_perms(False, [], []) assert cgac_result.count() == 0 assert frec_result.count() == 0 # Test non-admin with permissions, should have 3 results for both (ignore permissions) cgac_result, frec_result = get_sub_tiers_from_perms(True, [cgacs[0].cgac_id], [frecs[0].frec_id, frecs[1].frec_id]) assert cgac_result.count() == 3 assert frec_result.count() == 3 # Test non-admin with no permissions, should have 3 results for both cgac_result, frec_result = get_sub_tiers_from_perms(True, [], []) assert cgac_result.count() == 3 assert frec_result.count() == 3
def test_get_submission_metadata_quarterly_dabs_cgac(database): """ Tests the get_submission_metadata function for quarterly dabs submissions """ sess = database.session now = datetime.datetime.utcnow() now_plus_10 = now + datetime.timedelta(minutes=10) cgac = CGACFactory(cgac_code='001', agency_name='CGAC Agency') frec_cgac = CGACFactory(cgac_code='999', agency_name='FREC CGAC') frec = FRECFactory(frec_code='0001', agency_name='FREC Agency', cgac=frec_cgac) sub = SubmissionFactory(submission_id=1, created_at=now, updated_at=now_plus_10, cgac_code=cgac.cgac_code, reporting_fiscal_period=3, reporting_fiscal_year=2017, is_quarter_format=True, publish_status_id=PUBLISH_STATUS_DICT['updated'], d2_submission=False, number_of_errors=40, number_of_warnings=200) # Job for submission job = JobFactory(submission_id=sub.submission_id, last_validated=now_plus_10, job_type=sess.query(JobType).filter_by(name='csv_record_validation').one(), job_status=sess.query(JobStatus).filter_by(name='finished').one(), file_type=sess.query(FileType).filter_by(name='appropriations').one(), number_of_rows=3, file_size=7655) job_2 = JobFactory(submission_id=sub.submission_id, last_validated=now_plus_10, job_type=sess.query(JobType).filter_by(name='csv_record_validation').one(), job_status=sess.query(JobStatus).filter_by(name='finished').one(), file_type=sess.query(FileType).filter_by(name='program_activity').one(), number_of_rows=7, file_size=12345) sess.add_all([cgac, frec_cgac, frec, sub, job, job_2]) sess.commit() # Test for Quarterly, updated DABS cgac submission expected_results = { 'cgac_code': cgac.cgac_code, 'frec_code': None, 'agency_name': cgac.agency_name, 'number_of_errors': 40, 'number_of_warnings': 200, 'number_of_rows': 10, 'total_size': 20000, 'created_on': now.strftime('%m/%d/%Y'), 'last_updated': now_plus_10.strftime("%Y-%m-%dT%H:%M:%S"), 'last_validated': now_plus_10.strftime('%m/%d/%Y'), 'reporting_period': 'Q1/2017', 'publish_status': 'updated', 'quarterly_submission': True, 'fabs_submission': False, 'fabs_meta': None } results = get_submission_metadata(sub) assert results == expected_results
def test_get_submission_metadata_published_fabs(database): """ Tests the get_submission_metadata function for published fabs submissions """ sess = database.session now = datetime.datetime.utcnow() now_plus_10 = now + datetime.timedelta(minutes=10) start_date = datetime.date(2000, 1, 1) cgac = CGACFactory(cgac_code='001', agency_name='CGAC Agency') frec_cgac = CGACFactory(cgac_code='999', agency_name='FREC CGAC') frec = FRECFactory(frec_code='0001', agency_name='FREC Agency', cgac=frec_cgac) sub = SubmissionFactory(submission_id=5, created_at=now, updated_at=now, cgac_code=cgac.cgac_code, reporting_fiscal_period=5, reporting_fiscal_year=2010, is_quarter_format=False, publish_status_id=PUBLISH_STATUS_DICT['published'], d2_submission=True, reporting_start_date=start_date, number_of_errors=0, number_of_warnings=2) # Data for FABS dafa_1 = DetachedAwardFinancialAssistanceFactory(submission_id=sub.submission_id, is_valid=True) dafa_2 = DetachedAwardFinancialAssistanceFactory(submission_id=sub.submission_id, is_valid=False) cert_hist = CertifyHistoryFactory(submission=sub, created_at=now_plus_10) sess.add_all([cgac, frec_cgac, frec, sub, dafa_1, dafa_2, cert_hist]) sess.commit() expected_results = { 'cgac_code': cgac.cgac_code, 'frec_code': None, 'agency_name': cgac.agency_name, 'number_of_errors': 0, 'number_of_warnings': 2, 'number_of_rows': 0, 'total_size': 0, 'created_on': now.strftime('%m/%d/%Y'), 'last_updated': now.strftime("%Y-%m-%dT%H:%M:%S"), 'last_validated': '', 'reporting_period': start_date.strftime('%m/%Y'), 'publish_status': 'published', 'quarterly_submission': False, 'certified_submission': None, 'fabs_submission': True, 'fabs_meta': { 'publish_date': now_plus_10.strftime('%-I:%M%p %m/%d/%Y'), 'published_file': None, 'total_rows': 2, 'valid_rows': 1 } } results = get_submission_metadata(sub) assert results == expected_results
def test_get_accessible_agencies(database): """ Test listing all the agencies (CGAC and FREC) that are accessible based on permissions given """ cgacs = [ CGACFactory(cgac_code=str(i), agency_name="Test Agency " + str(i)) for i in range(3) ] frec_cgac = CGACFactory() frecs = [FRECFactory(frec_code=str(i), cgac=frec_cgac) for i in range(3)] cgac_sub_tiers = [ SubTierAgencyFactory(sub_tier_agency_code=str(i), cgac=cgacs[i], frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency " + str(i)) for i in range(3) ] frec_sub_tiers = [ SubTierAgencyFactory(sub_tier_agency_code=str(3 + i), cgac=frec_cgac, frec=frecs[i], is_frec=True, sub_tier_agency_name="Test Subtier Agency " + str(3 + i)) for i in range(3) ] database.session.add_all(cgacs + [frec_cgac] + frecs + cgac_sub_tiers + frec_sub_tiers) database.session.commit() # Test one CGAC and 2 FRECs, have to decode it because we send it back as a response already results = get_accessible_agencies([cgac_sub_tiers[0]], [frec_sub_tiers[0], frec_sub_tiers[2]]) frec_code_result = {el["frec_code"] for el in results["frec_agency_list"]} frec_name_result = { el["agency_name"] for el in results["frec_agency_list"] } assert len(results["cgac_agency_list"]) == 1 assert len(results["frec_agency_list"]) == 2 assert results["cgac_agency_list"][0]["agency_name"] == cgacs[ 0].agency_name assert results["cgac_agency_list"][0]["cgac_code"] == cgacs[0].cgac_code assert frec_name_result == {frecs[0].agency_name, frecs[2].agency_name} assert frec_code_result == {frecs[0].frec_code, frecs[2].frec_code} # Test when there are no FRECs results = get_accessible_agencies([cgac_sub_tiers[0]], []) assert len(results["cgac_agency_list"]) == 1 assert len(results["frec_agency_list"]) == 0
def test_permissions_filter_agency_user(database, monkeypatch): sess = database.session # Setup agencies db_objects = [] cgac1 = CGACFactory(cgac_code='089', agency_name='CGAC') cgac2 = CGACFactory(cgac_code='011', agency_name='CGAC Associated with FREC') cgac3 = CGACFactory(cgac_code='091', agency_name='Other CGAC Associated with FREC') frec1 = FRECFactory(cgac=cgac2, frec_code='1125', agency_name='FREC 1') frec2 = FRECFactory(cgac=cgac3, frec_code='0923', agency_name='FREC 2') db_objects.extend([cgac1, cgac2, cgac3, frec1, frec2]) # Setup submissions sub1 = SubmissionFactory(cgac_code=cgac1.cgac_code, frec_code=None) sub2 = SubmissionFactory(cgac_code=cgac2.cgac_code, frec_code=frec1.frec_code) sub3 = SubmissionFactory(cgac_code=cgac3.cgac_code, frec_code=None) sub4 = SubmissionFactory(cgac_code=cgac3.cgac_code, frec_code=frec2.frec_code) db_objects.extend([sub1, sub2, sub3, sub4]) # Setup agency user agency_user = UserFactory( name='Agency User', affiliations=[ UserAffiliation(user_affiliation_id=1, cgac=cgac1, permission_type_id=PERMISSION_TYPE_DICT['reader']), UserAffiliation(user_affiliation_id=2, cgac=cgac2, frec=frec1, permission_type_id=PERMISSION_TYPE_DICT['writer']), ]) db_objects.append(agency_user) monkeypatch.setattr(filters_helper, 'g', Mock(user=agency_user)) sess.add_all(db_objects) sess.commit() base_query = sess.query(Submission) # submissions should be filtered based on user access query = filters_helper.permissions_filter(base_query) expected_results = [sub1, sub2] results = set(query.all()) assert results == set(expected_results)
def test_active_user_can_dabs_cgac_writer(database, monkeypatch, user_constants): user_cgac, other_cgac = [CGACFactory() for _ in range(2)] user_writer = UserFactory(affiliations=[ UserAffiliation(cgac=user_cgac, permission_type_id=PERMISSION_TYPE_DICT['writer']) ]) database.session.add_all([user_cgac, other_cgac, user_writer]) database.session.commit() monkeypatch.setattr(permissions, 'g', Mock(user=user_writer)) # has permission level, but wrong agency assert not permissions.active_user_can('reader', cgac_code=other_cgac.cgac_code) assert not permissions.active_user_can('writer', cgac_code=other_cgac.cgac_code) # has agency, but not permission level assert not permissions.active_user_can('submitter', cgac_code=user_cgac.cgac_code) assert not permissions.active_user_can('editfabs', cgac_code=user_cgac.cgac_code) assert not permissions.active_user_can('fabs', cgac_code=user_cgac.cgac_code) # right agency, right permission assert permissions.active_user_can('reader', cgac_code=user_cgac.cgac_code) assert permissions.active_user_can('writer', cgac_code=user_cgac.cgac_code) # wrong permission level, wrong agency, but superuser user_writer.website_admin = True assert permissions.active_user_can('submitter', cgac_code=other_cgac.cgac_code)
def test_update_cgacs(database): sess = database.session cgacs = [ CGACFactory(cgac_code=str(i), agency_name=str(i) * 5) for i in range(2) ] sess.add_all(cgacs) sess.commit() models = {cgac.cgac_code: cgac for cgac in cgacs} new_data = pd.DataFrame([{ 'cgac_code': '0', 'agency_name': 'other', 'agency_abbreviation': 'other' }, { 'cgac_code': '1', 'agency_name': '11111', 'agency_abbreviation': '11111' }, { 'cgac_code': 'something-else', 'agency_name': 'new_agency', 'agency_abbreviation': "new_agency" }]) assert models['0'].agency_name == '00000' assert models['1'].agency_name == '11111' assert 'something-else' not in models loadAgencies.update_cgacs(models, new_data) assert models['0'].agency_name == 'other (other)' assert models['1'].agency_name == '11111 (11111)' assert models['something-else'].agency_name == 'new_agency (new_agency)'
def test_failure_populated_011_fr_entity_cgac(database): """ Tests that TAS for SF-133 are present in File A for CGAC submissions """ submission_id = randint(1000, 10000) tas, account_num, period, year, cgac_code, frec_code = 'some-tas', 1, 2, 2002, 'some-cgac-code', 'some-frec-code' cgac = CGACFactory(cgac_code=cgac_code, cgac_id=1) frec = FRECFactory(cgac_id=cgac.cgac_id, frec_code=frec_code, frec_id=1) sf1 = SF133Factory(tas=tas, period=period, fiscal_year=year, allocation_transfer_agency=None, agency_identifier='011', account_num=account_num) ts1 = TASFactory(account_num=account_num, fr_entity_type=frec_code) submission = SubmissionFactory(submission_id=submission_id, reporting_fiscal_period=period, reporting_fiscal_year=year, cgac_code=cgac_code, frec_code=None) ap = AppropriationFactory(tas='a-different-tas', submission_id=submission_id) errors = number_of_errors(_FILE, database, models=[cgac, frec, sf1, ts1, ap], submission=submission) assert errors == 1
def test_certify_dabs_submission(database, monkeypatch): """ Tests the certify_dabs_submission function """ with Flask('test-app').app_context(): now = datetime.datetime.utcnow() sess = database.session user = UserFactory() cgac = CGACFactory(cgac_code='001', agency_name='CGAC Agency') submission = SubmissionFactory(created_at=now, updated_at=now, cgac_code=cgac.cgac_code, reporting_fiscal_period=3, reporting_fiscal_year=2017, is_quarter_format=True, publishable=True, publish_status_id=PUBLISH_STATUS_DICT['unpublished'], d2_submission=False, number_of_errors=0, number_of_warnings=200, certifying_user_id=None) sess.add_all([user, cgac, submission]) sess.commit() g.user = user file_handler = fileHandler.FileHandler({}, is_local=True) monkeypatch.setattr(file_handler, 'move_certified_files', Mock(return_value=True)) monkeypatch.setattr(fileHandler.GlobalDB, 'db', Mock(return_value=database)) certify_dabs_submission(submission, file_handler) sess.refresh(submission) certify_history = sess.query(CertifyHistory).filter_by(submission_id=submission.submission_id).one_or_none() assert certify_history is not None assert submission.certifying_user_id == user.user_id assert submission.publish_status_id == PUBLISH_STATUS_DICT['published']
def test_certify_dabs_submission_revalidation_needed(database): """ Tests the certify_dabs_submission function preventing certification when revalidation threshold isn't met """ with Flask('test-app').app_context(): now = datetime.datetime.utcnow() earlier = now - datetime.timedelta(days=1) sess = database.session user = UserFactory() cgac = CGACFactory(cgac_code='001', agency_name='CGAC Agency') submission = SubmissionFactory(created_at=earlier, updated_at=earlier, cgac_code=cgac.cgac_code, reporting_fiscal_period=3, reporting_fiscal_year=2017, is_quarter_format=True, publishable=True, publish_status_id=PUBLISH_STATUS_DICT['unpublished'], d2_submission=False, number_of_errors=0, number_of_warnings=200, certifying_user_id=None) reval = RevalidationThresholdFactory(revalidation_date=now) sess.add_all([user, cgac, submission, reval]) sess.commit() job = JobFactory(submission_id=submission.submission_id, last_validated=earlier, job_type_id=JOB_TYPE_DICT['csv_record_validation']) sess.add(job) sess.commit() g.user = user file_handler = fileHandler.FileHandler({}, is_local=True) response = certify_dabs_submission(submission, file_handler) response_json = json.loads(response.data.decode('UTF-8')) assert response.status_code == 400 assert response_json['message'] == "This submission has not been validated since before the revalidation " \ "threshold ({}), it must be revalidated before certifying.". \ format(now.strftime('%Y-%m-%d %H:%M:%S'))
def test_create_session_and_response(database, monkeypatch): cgacs = [ CGACFactory(cgac_code=str(i) * 3, agency_name=str(i)) for i in range(3) ] user = UserFactory( name="my name", title="my title", affiliations=[ UserAffiliation(cgac=cgacs[1], permission_type_id=PERMISSION_TYPE_DICT['reader']), UserAffiliation(cgac=cgacs[2], permission_type_id=PERMISSION_TYPE_DICT['writer']), ]) database.session.add_all(cgacs + [user]) database.session.commit() monkeypatch.setattr(account_handler, 'LoginSession', Mock()) mock_session = {'sid': 'test sid'} result = account_handler.AccountHandler.create_session_and_response( mock_session, user) result = json.loads(result.data.decode('utf-8')) assert result['message'] == 'Login successful' assert result['user_id'] == user.user_id assert result['name'] == 'my name' assert result['title'] == 'my title' assert result['session_id'] == 'test sid' assert dict(agency_name='1', permission='reader') in result['affiliations'] assert dict(agency_name='2', permission='writer') in result['affiliations']
def test_certify_dabs_submission_quarterly_revalidation_not_in_db(database): """ Tests that a DABS submission that doesnt have its year/quarter in the system won't be able to certify. """ with Flask('test-app').app_context(): now = datetime.datetime.utcnow() sess = database.session user = UserFactory() cgac = CGACFactory(cgac_code='001', agency_name='CGAC Agency') submission = SubmissionFactory(created_at=now, updated_at=now, cgac_code=cgac.cgac_code, reporting_fiscal_period=3, reporting_fiscal_year=2017, is_quarter_format=True, publishable=True, publish_status_id=PUBLISH_STATUS_DICT['unpublished'], d2_submission=False, number_of_errors=0, number_of_warnings=200, certifying_user_id=None) sess.add_all([user, cgac, submission]) sess.commit() job = JobFactory(submission_id=submission.submission_id, last_validated=now, job_type_id=JOB_TYPE_DICT['csv_record_validation']) sess.add(job) sess.commit() g.user = user file_handler = fileHandler.FileHandler({}, is_local=True) response = certify_dabs_submission(submission, file_handler) response_json = json.loads(response.data.decode('UTF-8')) assert response.status_code == 400 assert response_json['message'] == "No submission window for this year and quarter was found. If this is an " \ "error, please contact the Service Desk."
def test_certify_dabs_submission_quarterly_revalidation_too_early(database): """ Tests that a DABS submission that was last validated before the window start cannot be certified. """ with Flask('test-app').app_context(): now = datetime.datetime.utcnow() earlier = now - datetime.timedelta(days=1) sess = database.session user = UserFactory() cgac = CGACFactory(cgac_code='001', agency_name='CGAC Agency') submission = SubmissionFactory(created_at=earlier, updated_at=earlier, cgac_code=cgac.cgac_code, reporting_fiscal_period=3, reporting_fiscal_year=2017, is_quarter_format=True, publishable=True, publish_status_id=PUBLISH_STATUS_DICT['unpublished'], d2_submission=False, number_of_errors=0, number_of_warnings=200, certifying_user_id=None) quarter_reval = QuarterlyRevalidationThresholdFactory(year=2017, quarter=1, window_start=now) sess.add_all([user, cgac, submission, quarter_reval]) sess.commit() job = JobFactory(submission_id=submission.submission_id, last_validated=earlier, job_type_id=JOB_TYPE_DICT['csv_record_validation']) sess.add(job) sess.commit() g.user = user file_handler = fileHandler.FileHandler({}, is_local=True) response = certify_dabs_submission(submission, file_handler) response_json = json.loads(response.data.decode('UTF-8')) assert response.status_code == 400 assert response_json['message'] == "This submission was last validated or its D files generated before the " \ "start of the submission window ({}). Please revalidate before " \ "certifying.".\ format(quarter_reval.window_start.strftime('%m/%d/%Y'))
def test_certify_dabs_submission_quarterly_revalidation_multiple_thresholds(database): """ Tests that a DABS submission is not affected by a different quarterly revalidation threshold than the one that matches its reporting_start_date. """ with Flask('test-app').app_context(): now = datetime.datetime.utcnow() earlier = now - datetime.timedelta(days=1) sess = database.session user = UserFactory() cgac = CGACFactory(cgac_code='001', agency_name='CGAC Agency') submission = SubmissionFactory(created_at=earlier, updated_at=earlier, cgac_code=cgac.cgac_code, reporting_fiscal_period=3, reporting_fiscal_year=2017, reporting_start_date='2016-10-01', is_quarter_format=True, publishable=True, publish_status_id=PUBLISH_STATUS_DICT['unpublished'], d2_submission=False, number_of_errors=0, number_of_warnings=200, certifying_user_id=None) quarter_reval = QuarterlyRevalidationThresholdFactory(year=2017, quarter=1, window_start=earlier) quarter_reval_2 = QuarterlyRevalidationThresholdFactory(year=2017, quarter=2, window_start=now + datetime.timedelta(days=10)) sess.add_all([user, cgac, submission, quarter_reval, quarter_reval_2]) sess.commit() job = JobFactory(submission_id=submission.submission_id, last_validated=now, job_type_id=JOB_TYPE_DICT['csv_record_validation']) sess.add(job) sess.commit() g.user = user file_handler = fileHandler.FileHandler({}, is_local=True) response = certify_dabs_submission(submission, file_handler) assert response.status_code == 200
def test_success(database): """ Test that agency codes are matched against cgac correctly """ approp = AppropriationFactory() approp_null = AppropriationFactory(agency_identifier = None) cgac = CGACFactory(cgac_code = approp.agency_identifier) errors = number_of_errors(_FILE, database, models=[approp, approp_null, cgac]) assert errors == 0
def test_success(database): """ Test that agency codes are matched against cgac correctly """ ocpa = ObjectClassProgramActivityFactory() ocpa_null = ObjectClassProgramActivityFactory(allocation_transfer_agency = None) cgac = CGACFactory(cgac_code = ocpa.allocation_transfer_agency) errors = number_of_errors(_FILE, database, models=[ocpa, ocpa_null, cgac]) assert errors == 0
def test_get_cgacs_without_sub_tier_agencies(database): """ Test getting all cgacs without any sub tier agencies """ sub_tier_cgac = CGACFactory() no_sub_cgac = CGACFactory() sub_tier = SubTierAgencyFactory(sub_tier_agency_code="0", cgac=sub_tier_cgac, frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency") database.session.add_all([sub_tier_cgac] + [no_sub_cgac] + [sub_tier]) database.session.commit() # Test while passing the session results = get_cgacs_without_sub_tier_agencies(database.session) assert len(results) == 1 assert results[0].cgac_id == no_sub_cgac.cgac_id # Test without passing the session results = get_cgacs_without_sub_tier_agencies() assert len(results) == 1 assert results[0].cgac_id == no_sub_cgac.cgac_id
def test_get_accessible_agencies(database): """ Test listing all the agencies (CGAC and FREC) that are accessible based on permissions given """ # The first cgac/frec don't have sub tiers associated, they should still show up when affiliations are present cgacs = [CGACFactory(cgac_code=str(i), agency_name="Test Agency " + str(i)) for i in range(3)] frec_cgac = CGACFactory() frecs = [FRECFactory(frec_code=str(i), cgac=frec_cgac) for i in range(3)] cgac_sub_tiers = [SubTierAgencyFactory(sub_tier_agency_code=str(i), cgac=cgacs[i], frec=None, is_frec=False, sub_tier_agency_name="Test Subtier Agency C" + str(i)) for i in range(1, 3)] frec_sub_tiers = [SubTierAgencyFactory(sub_tier_agency_code=str(3 + i), cgac=frec_cgac, frec=frecs[i], is_frec=True, sub_tier_agency_name="Test Subtier Agency F" + str(i)) for i in range(1, 3)] database.session.add_all(cgacs + [frec_cgac] + frecs + cgac_sub_tiers + frec_sub_tiers) database.session.commit() user = UserFactory(affiliations=[ UserAffiliation(user_affiliation_id=1, cgac=cgacs[0], frec=None, permission_type_id=PERMISSION_TYPE_DICT['writer']), UserAffiliation(user_affiliation_id=2, cgac=None, frec=frecs[1], permission_type_id=PERMISSION_TYPE_DICT['reader']), UserAffiliation(user_affiliation_id=3, cgac=None, frec=frecs[2], permission_type_id=PERMISSION_TYPE_DICT['reader']) ]) database.session.add(user) database.session.commit() g.user = user # Test one CGAC and 2 FRECs, have to decode it because we send it back as a response already results = get_accessible_agencies() frec_code_result = {el["frec_code"] for el in results["frec_agency_list"]} frec_name_result = {el["agency_name"] for el in results["frec_agency_list"]} assert len(results["cgac_agency_list"]) == 1 assert len(results["frec_agency_list"]) == 2 assert results["cgac_agency_list"][0]["agency_name"] == cgacs[0].agency_name assert results["cgac_agency_list"][0]["cgac_code"] == cgacs[0].cgac_code assert frec_name_result == {frecs[1].agency_name, frecs[2].agency_name} assert frec_code_result == {frecs[1].frec_code, frecs[2].frec_code} # Test when user is website admin, should return everything, but only 2 frecs because only 2 of the 3 have the # frec flag user.affiliations = [] user.website_admin = True results = get_accessible_agencies() assert len(results["cgac_agency_list"]) == 3 assert len(results["frec_agency_list"]) == 2
def test_failure(database): """ Test a cgac not present in cgac table """ # These cgacs are different lengths to avoid being equal cgac_one = "cgac_one" cgac_two = "cgac_two" approp = AppropriationFactory(agency_identifier = cgac_one) cgac = CGACFactory(cgac_code = cgac_two) errors = number_of_errors(_FILE, database, models=[approp, cgac]) assert errors == 1