Ejemplos de authenticate_jwt en Python

Ejemplo n.º 1

Archivo: test_projects.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_update_project_with_non_admin_non_org_contact_fails(self):
        '''Tests that a project cannot be updated by non-admin and non-org-contact'''
        org = create_organization('Org 1', self.johndoe_user)
        project = create_project('Org 1 Project 1',
                                 'A new project for exercising awesomeness',
                                 self.johndoe_user, org)

        janedoe_client = APIClient()
        authenticate_jwt(janedoe_creds, janedoe_client)

        payload = {
            'name': 'Org 1 Project 1 Update',
            'description': 'An updated description'
        }

        url = reverse(self.project_detail_view_name,
                      kwargs={
                          'org_slug': org.slug,
                          'project_slug': project.slug
                      })
        response = janedoe_client.put(url, payload, format='json')

        self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
        data = response.data
        self.assertNotIn('name', data)
        self.assertNotIn('slug', data)
        self.assertNotIn('description', data)
        self.assertNotIn('created_at', data)
        self.assertNotIn('updated_at', data)
        self.assertNotIn('creator', data)
        self.assertNotIn('organization', data)

Ejemplo n.º 2

    def test_view_organization_with_admin_user_succeeds(self):
        '''Tests that admin user (is_staff = True) can view orgnaization details'''
        client = APIClient()
        authenticate_jwt(admin_creds, client)

        payload = {'name': 'Org1', 'contact': self.johndoe_user.id}
        create_response = client.post(reverse(self.create_list_view_name),
                                      payload,
                                      format='json')
        slug = create_response.data['slug']
        url = reverse(self.detail_view_name, kwargs={'org_slug': slug})

        response = client.get(url, format='json')

        self.assertEqual(status.HTTP_200_OK, response.status_code)

        data = response.data
        self.assertIn('name', data)
        self.assertIn('slug', data)
        self.assertIn('created_at', data)
        self.assertIn('updated_at', data)
        self.assertIn('contact', data)

        self.assertEqual(payload['name'], data['name'])
        self.assertEqual(payload['contact'], data['contact'])

Ejemplo n.º 3

    def test_create_existing_user_but_non_org_member_by_non_admin_fails(self):
        '''Tests that a existing user cannot be added to as a Project Contributor
        by a regular non-admin user'''
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1)

        janedoe_client = APIClient()
        authenticate_jwt(janedoe_creds, janedoe_client)

        url = reverse(self.list_create_view_name, kwargs={
          'org_slug': org1.slug,
          'project_slug': project1.slug
        })
        payload = {
            'email': self.janedoe_user.email,
            'project': project1.id,
            'project_admin': False,
            'activity_viewer': False,
            'activity_editor': True
        }
        response = janedoe_client.post(url, payload, format='json')
        self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)
        
        data = response.data
        self.assertNotIn('user', data)
        self.assertNotIn('project', data)
        self.assertNotIn('project_admin', data)
        self.assertNotIn('activity_viewer', data)
        self.assertNotIn('activity_editor', data)

Ejemplo n.º 4

Archivo: test_projects.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_list_projects_admin_succeed(self):
        '''Tests listing projects by admin returns all projects'''
        org1 = create_organization('Org 1', self.johndoe_user)
        org2 = create_organization('Org 2', self.janedoe_user)

        p1 = create_project('Org 1 Project 1',
                            description='p1',
                            creator=self.johndoe_user,
                            organization=org1)
        p2 = create_project('Org 1 Project 2',
                            description='p2',
                            creator=self.johndoe_user,
                            organization=org1)
        p3 = create_project('Org 2 Project 1',
                            description='p3',
                            creator=self.janedoe_user,
                            organization=org2)

        url = reverse(self.project_list_view_name)
        admin_client = APIClient()
        authenticate_jwt(admin_creds, admin_client)

        response = admin_client.get(url, format='json')
        self.assertEqual(status.HTTP_200_OK, response.status_code)
        self.assertEqual(3, len(response.data))

Ejemplo n.º 5

Archivo: test_projects.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_listing_projects_by_non_project_contributor_returns_empty_list_succeeds(
            self):
        '''Tests that listing projects by non contributor returns empty list'''
        org1 = create_organization('Org 1', self.johndoe_user)
        org2 = create_organization('Org 2', self.janedoe_user)

        p1 = create_project('Org 1 Project 1',
                            description='p1',
                            creator=self.johndoe_user,
                            organization=org1)
        p2 = create_project('Org 1 Project 2',
                            description='p2',
                            creator=self.johndoe_user,
                            organization=org1)
        p3 = create_project('Org 2 Project 1',
                            description='p3',
                            creator=self.janedoe_user,
                            organization=org2)

        batman_client = APIClient()
        authenticate_jwt(batman_creds, batman_client)

        url = url = reverse(self.project_list_view_name)
        response = batman_client.get(url, format='json')

        self.assertEqual(status.HTTP_200_OK, response.status_code)
        self.assertEqual(0, len(response.data))

Ejemplo n.º 6

    def test_view_organization_with_non_admin_user_fails(self):
        '''Tests that non admin user (is_staff = False) cannot view organization details'''
        admin_client = APIClient()
        authenticate_jwt(admin_creds, admin_client)

        payload = {'name': 'Org1', 'contact': self.johndoe_user.id}
        create_response = admin_client.post(reverse(
            self.create_list_view_name),
                                            payload,
                                            format='json')
        slug = create_response.data['slug']
        url = reverse(self.detail_view_name, kwargs={'org_slug': slug})

        janedoe_client = APIClient()

        authenticate_jwt(janedoe_creds, janedoe_client)
        response = janedoe_client.get(url, format='json')

        self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)

        data = response.data
        self.assertNotIn('name', data)
        self.assertNotIn('slug', data)
        self.assertNotIn('created_at', data)
        self.assertNotIn('updated_at', data)
        self.assertNotIn('contact', data)

Ejemplo n.º 7

    def test_update_organization_with_non_admin_non_contact_fails(self):
        '''Tests that a user who is not an admin (is_staff = False) and also
        not organization contact cannot update an organization'''
        admin_client = APIClient()
        authenticate_jwt(admin_creds, admin_client)

        payload = {'name': 'Org1', 'contact': self.janedoe_user.id}
        create_response = admin_client.post(reverse(
            self.create_list_view_name),
                                            payload,
                                            format='json')
        slug = create_response.data['slug']
        url = reverse(self.detail_view_name, kwargs={'org_slug': slug})

        johndoe_client = APIClient()
        authenticate_jwt(johndoe_creds, johndoe_client)
        updated_payload = deepcopy(payload)
        updated_payload['name'] = 'Updated Org'
        updated_payload['contact'] = self.janedoe_user.id
        response = johndoe_client.put(url, updated_payload, format='json')

        self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)

        data = response.data
        self.assertNotIn('name', data)
        self.assertNotIn('slug', data)
        self.assertNotIn('created_at', data)
        self.assertNotIn('updated_at', data)
        self.assertNotIn('contact', data)

Ejemplo n.º 8

Archivo: test_projects.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_view_project_with_org_contact_succeeds(self):
        '''Tests that the organization contact can view project'''
        org = create_organization('Org 1', self.johndoe_user)
        project = create_project('Org 1 Project 1',
                                 'A new project for exercising awesomeness',
                                 self.admin_user, org)

        johndoe_client = APIClient()
        authenticate_jwt(johndoe_creds, johndoe_client)

        url = reverse(self.project_detail_view_name,
                      kwargs={
                          'org_slug': org.slug,
                          'project_slug': project.slug
                      })
        response = johndoe_client.get(url, format='json')

        self.assertEqual(status.HTTP_200_OK, response.status_code)
        data = response.data
        self.assertIn('name', data)
        self.assertIn('slug', data)
        self.assertIn('description', data)
        self.assertIn('created_at', data)
        self.assertIn('updated_at', data)
        self.assertIn('creator', data)
        self.assertIn('organization', data)

        self.assertEqual(project.name, data['name'])
        self.assertEqual(project.description, data['description'])
        self.assertEqual(project.slug, data['slug'])
        self.assertEqual(project.creator.id, data['creator'])
        self.assertEqual(project.organization.id, data['organization'])

Ejemplo n.º 9

    def test_view_contributor_by_same_contributor_succeeds(self):
        '''Tests that a project contributor can view their own project
        contributor details'''
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1)

        pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True)

        janedoe_client = APIClient()
        authenticate_jwt(janedoe_creds, janedoe_client)

        url = reverse(self.detail_view_name, kwargs={
          'org_slug': org1.slug,
          'project_slug': project1.slug,
          'pk': pc.pk
        })
        response = janedoe_client.get(url, format='json')
        self.assertEqual(status.HTTP_200_OK, response.status_code)

        data = response.data
        self.assertIn('project', data)
        self.assertIn('user', data)
        self.assertIn('project_admin', data)
        self.assertIn('activity_viewer', data)
        self.assertIn('activity_editor', data)

        self.assertEqual(pc.user.id, data['user'])
        self.assertEqual(pc.project.id, data['project'])
        self.assertEqual(pc.project_admin, data['project_admin'])
        self.assertEqual(pc.activity_viewer, data['activity_viewer'])
        self.assertEqual(pc.activity_editor, data['activity_editor'])

Ejemplo n.º 10

    def test_update_organization_with_organization_contact_succeeds(self):
        '''Tests that an org contact can update their organization'''
        admin_client = APIClient()
        authenticate_jwt(admin_creds, admin_client)

        payload = {'name': 'Org1', 'contact': self.johndoe_user.id}
        create_response = admin_client.post(reverse(
            self.create_list_view_name),
                                            payload,
                                            format='json')
        slug = create_response.data['slug']
        url = reverse(self.detail_view_name, kwargs={'org_slug': slug})

        johndoe_client = APIClient()
        authenticate_jwt(johndoe_creds, johndoe_client)
        updated_payload = deepcopy(payload)
        updated_payload['name'] = 'Updated Org'
        response = johndoe_client.put(url, updated_payload, format='json')

        self.assertEqual(status.HTTP_200_OK, response.status_code)

        data = response.data
        self.assertIn('name', data)
        self.assertIn('slug', data)
        self.assertIn('created_at', data)
        self.assertIn('updated_at', data)
        self.assertIn('contact', data)

        self.assertEqual(updated_payload['name'], data['name'])
        self.assertEqual(updated_payload['contact'], data['contact'])

Ejemplo n.º 11

Archivo: test_projects.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_listing_projects_by_project_contributor_limits_to_theirs_succeed(
            self):
        '''Tests listing projects by non-admin, project contributor is limited to only those that
        they are a contributor to'''
        org1 = create_organization('Org 1', self.johndoe_user)
        org2 = create_organization('Org 2', self.janedoe_user)

        p1 = create_project('Org 1 Project 1',
                            description='p1',
                            creator=self.johndoe_user,
                            organization=org1)
        p2 = create_project('Org 1 Project 2',
                            description='p2',
                            creator=self.johndoe_user,
                            organization=org1)
        p3 = create_project('Org 2 Project 1',
                            description='p3',
                            creator=self.janedoe_user,
                            organization=org2)

        url = reverse(self.project_list_view_name)
        johndoe_client = APIClient()
        authenticate_jwt(johndoe_creds, johndoe_client)

        response = johndoe_client.get(url, format='json')
        self.assertEqual(status.HTTP_200_OK, response.status_code)
        self.assertEqual(2, len(response.data))

        # make sure project p3 is not in list returned
        self.assertEquals(0,
                          len([p for p in response.data if p['id'] == p3.id]))

Ejemplo n.º 12

Archivo: test_activities.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_update_activity_entry_by_activity_editor_succeeds(self):
        '''Tests that a activity entry can be updated by a user who is 
        a activity_editor for that activity entry'''
        robin_user = robin_creds.create_user(is_active=True)
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user,
                                  org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user,
                                  org1)

        janedoe_contrib = ProjectContributor.objects.create(
            user=self.janedoe_user, project=project1, activity_editor=True)
        batman_proj1_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project1, activity_editor=True)
        batman_proj2_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project2, activity_editor=True)

        ae = ActivityEntry.objects.create(
            name='An Activity',
            description='An activity description',
            project=project1,
            contributor=janedoe_contrib,
            minutes=60)

        janedoe_client = APIClient()
        authenticate_jwt(janedoe_creds, janedoe_client)

        url = reverse(self.detail_view_name,
                      kwargs={
                          'org_slug': org1.slug,
                          'project_slug': project1.slug,
                          'activity_slug': ae.slug
                      })
        payload = {
            'name': 'An Activity Update',
            'description': 'Activity description updated',
            'project': project1.id,
            'contributor': janedoe_contrib.id,
            'minutes': 120
        }
        response = janedoe_client.put(url, payload, format='json')
        self.assertEqual(status.HTTP_200_OK, response.status_code)

        data = response.data
        self.assertIn('name', data)
        self.assertIn('description', data)
        self.assertIn('contributor', data)
        self.assertIn('project', data)
        self.assertIn('start', data)
        self.assertIn('end', data)
        self.assertIn('minutes', data)

        self.assertEqual(payload['name'], data['name'])
        self.assertEqual(payload['description'], data['description'])
        self.assertEqual(payload['contributor'], data['contributor'])
        self.assertEqual(payload['project'], data['project'])
        self.assertEqual(payload['minutes'], data['minutes'])
        self.assertIsNone(data['start'])
        self.assertIsNone(data['end'])

Ejemplo n.º 13

Archivo: test_activities.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_list_activity_entries_by_project_contributor_activity_editor_succeeds(
            self):
        '''Tests that a project contributor with activity_editor but, activity_viewer = False
        and project_admin = False can only view their activity entries for that project'''
        robin_user = robin_creds.create_user(is_active=True)
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user,
                                  org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user,
                                  org1)

        robin_contrib = ProjectContributor.objects.create(user=robin_user,
                                                          project=project1,
                                                          activity_viewer=True)
        janedoe_contrib = ProjectContributor.objects.create(
            user=self.janedoe_user, project=project1, activity_editor=True)
        batman_proj1_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project1, activity_editor=True)
        batman_proj2_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project2, activity_editor=True)

        ActivityEntry.objects.create(
            name='Test Contributors API',
            description='Write tests to test project contributors API',
            contributor=janedoe_contrib,
            project=project1,
            minutes=180)
        ActivityEntry.objects.create(
            name='Test Activities API',
            description='Write tests to test activities API',
            contributor=janedoe_contrib,
            project=project1,
            minutes=300)
        ActivityEntry.objects.create(
            name='Test Projects API',
            description='Write tests to test projects API',
            contributor=batman_proj1_contrib,
            project=project1,
            minutes=300)
        ActivityEntry.objects.create(
            name='Test Projects API',
            description='Write tests to test projects API',
            contributor=batman_proj2_contrib,
            project=project2,
            minutes=300)

        batman_client = APIClient()
        authenticate_jwt(batman_creds, batman_client)

        url = reverse(self.create_list_view_name,
                      kwargs={
                          'org_slug': org1.slug,
                          'project_slug': project1.slug
                      })
        response = batman_client.get(url, format='json')
        self.assertEqual(status.HTTP_200_OK, response.status_code)

        self.assertEqual(1, len(response.data))

Ejemplo n.º 14

Archivo: test_activities.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_list_activity_entries_by_non_project_contributor_fails(self):
        '''Tests that a project's activity entries cannot be viewed by a user
        who is not a project contributor'''
        robin_user = robin_creds.create_user(is_active=True)
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user,
                                  org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user,
                                  org1)

        janedoe_contrib = ProjectContributor.objects.create(
            user=self.janedoe_user, project=project1, activity_editor=True)
        batman_proj1_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project1, activity_editor=True)
        batman_proj2_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project2, activity_editor=True)

        ActivityEntry.objects.create(
            name='Test Contributors API',
            description='Write tests to test project contributors API',
            contributor=janedoe_contrib,
            project=project1,
            minutes=180)
        ActivityEntry.objects.create(
            name='Test Activities API',
            description='Write tests to test activities API',
            contributor=janedoe_contrib,
            project=project1,
            minutes=300)
        ActivityEntry.objects.create(
            name='Test Projects API',
            description='Write tests to test projects API',
            contributor=batman_proj1_contrib,
            project=project1,
            minutes=300)
        ActivityEntry.objects.create(
            name='Test Projects API',
            description='Write tests to test projects API',
            contributor=batman_proj2_contrib,
            project=project2,
            minutes=300)

        robin_client = APIClient()
        authenticate_jwt(robin_creds, robin_client)

        url = reverse(self.create_list_view_name,
                      kwargs={
                          'org_slug': org1.slug,
                          'project_slug': project1.slug
                      })
        response = robin_client.get(url, format='json')
        self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)

Ejemplo n.º 15

Archivo: test_activities.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_create_activity_entry_by_activity_editor_succeeds(self):
        '''Tests that a project contributor with activity_editor = True
        can create a activity entry for the project'''
        robin_user = robin_creds.create_user(is_active=True)
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user,
                                  org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user,
                                  org1)

        johndoe_contrib = ProjectContributor.objects.create(
            user=self.janedoe_user, project=project1, activity_viewer=True)
        batman_proj1_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project1, activity_editor=True)
        batman_proj2_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project2, activity_editor=True)

        batman_client = APIClient()
        authenticate_jwt(batman_creds, batman_client)

        url = reverse(self.create_list_view_name,
                      kwargs={
                          'org_slug': org1.slug,
                          'project_slug': project1.slug
                      })
        payload = {
            'name': 'An Activity',
            'description': 'Activity description',
            'contributor': batman_proj1_contrib.id,
            'project': project1.id,
            'minutes': 60
        }
        response = batman_client.post(url, payload, format='json')
        self.assertEqual(status.HTTP_201_CREATED, response.status_code)

        data = response.data
        self.assertIn('name', data)
        self.assertIn('description', data)
        self.assertIn('contributor', data)
        self.assertIn('project', data)
        self.assertIn('start', data)
        self.assertIn('end', data)
        self.assertIn('minutes', data)

        self.assertEquals(payload['name'], data['name'])
        self.assertEquals(payload['description'], data['description'])
        self.assertEquals(payload['contributor'], data['contributor'])
        self.assertEquals(payload['project'], data['project'])
        self.assertIsNone(data['start'])
        self.assertIsNone(data['end'])
        self.assertEquals(payload['minutes'], data['minutes'])

Ejemplo n.º 16

    def test_create_organization_with_non_admin_user_fails(self):
        '''Tests that non admin user (is_staff = False) cannot create organization'''
        client = APIClient()
        authenticate_jwt(johndoe_creds, client)

        url = reverse(self.create_list_view_name)
        payload = {'name': 'Org1', 'contact': self.johndoe_user.id}
        response = client.post(url, payload, format='json')

        self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)

        data = response.data
        self.assertNotIn('name', data)
        self.assertNotIn('slug', data)
        self.assertNotIn('created_at', data)
        self.assertNotIn('updated_at', data)
        self.assertNotIn('contact', data)

Ejemplo n.º 17

    def test_create_with_non_admin_non_org_contact_fails(self):
        '''Tests that a non-admin / non-org-contact cannot add member to organization'''
        johndoe_org = create_organization('Org 1', self.johndoe_user)

        janedoe_client = APIClient()
        authenticate_jwt(janedoe_creds, janedoe_client)

        url = reverse(self.create_list_view_name,
                      kwargs={'org_slug': johndoe_org.slug})

        payload = {'user_id': self.batman_user.id}
        response = janedoe_client.post(url, payload, format='json')

        self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)

        data = response.data
        self.assertNotIn('members', data)

Ejemplo n.º 18

Archivo: test_activities.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_create_activity_entry_by_non_contributor_fails(self):
        '''Tests that a activity entry cannot be created by a non
        project contributor'''
        robin_user = robin_creds.create_user(is_active=True)
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user,
                                  org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user,
                                  org1)

        ProjectContributor.objects.create(user=self.janedoe_user,
                                          project=project1,
                                          activity_viewer=True)
        ProjectContributor.objects.create(user=self.batman_user,
                                          project=project1,
                                          activity_editor=True)
        ProjectContributor.objects.create(user=self.batman_user,
                                          project=project2,
                                          activity_editor=True)

        robin_client = APIClient()
        authenticate_jwt(robin_creds, robin_client)

        url = reverse(self.create_list_view_name,
                      kwargs={
                          'org_slug': org1.slug,
                          'project_slug': project1.slug
                      })
        payload = {
            'name': 'An Activity',
            'description': 'Activity description',
            'project': project1.id,
            'minutes': 60
        }
        response = robin_client.post(url, payload, format='json')
        self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)

        data = response.data
        self.assertNotIn('name', data)
        self.assertNotIn('description', data)
        self.assertNotIn('contributor', data)
        self.assertNotIn('project', data)
        self.assertNotIn('start', data)
        self.assertNotIn('end', data)
        self.assertNotIn('minutes', data)

Ejemplo n.º 19

    def test_delete_organization_with_admin_succeeds(self):
        '''Tests that a admin (is_staff = True) can delete an organization'''
        admin_client = APIClient()
        authenticate_jwt(admin_creds, admin_client)

        payload = {'name': 'Org1', 'contact': self.janedoe_user.id}
        create_response = admin_client.post(reverse(
            self.create_list_view_name),
                                            payload,
                                            format='json')
        slug = create_response.data['slug']
        url = reverse(self.detail_view_name, kwargs={'org_slug': slug})

        response = admin_client.delete(url, format='json')
        self.assertEqual(status.HTTP_204_NO_CONTENT, response.status_code)

        with self.assertRaises(ObjectDoesNotExist):
            Organization.objects.get(slug=slug)

Ejemplo n.º 20

    def test_list_contributors_by_non_project_admin_non_fails(self):
        '''Tests that a non-admin / non-project-admin cannot list project contributors'''
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1)

        ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True)

        batman_user = batman_creds.create_user(is_active=True)
        batman_client = APIClient()
        authenticate_jwt(batman_creds, batman_client)

        url = reverse(self.list_create_view_name, kwargs={
          'org_slug': org1.slug,
          'project_slug': project1.slug
        })
        response = batman_client.get(url, format='json')
        self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)

Ejemplo n.º 21

    def test_login_user_not_exists_fail(self):
        creds = admin_creds.to_dict()
        creds['email'] = '*****@*****.**'
        response = authenticate_jwt(creds, self.client)
        self.assertEqual(status.HTTP_400_BAD_REQUEST, response.status_code)

        data = response.data

        self.assertNotIn('access_token', data)
        self.assertNotIn('refresh_token', data)

Ejemplo n.º 22

Archivo: test_activities.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_view_activity_entry_by_project_admin_succeeds(self):
        '''Tests that a project admin (ProjectContributor.project_admin = True)
        can view an activity entry'''
        robin_user = robin_creds.create_user(is_active=True)
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user,
                                  org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user,
                                  org1)

        janedoe_contrib = ProjectContributor.objects.create(
            user=self.janedoe_user, project=project1, activity_editor=True)
        batman_proj1_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project1, project_admin=True)
        batman_proj2_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project2, activity_editor=True)

        ae = ActivityEntry.objects.create(name='An Activity',
                                          description='A new activity entry',
                                          contributor=janedoe_contrib,
                                          project=project1,
                                          minutes=60)

        batman_client = APIClient()
        authenticate_jwt(batman_creds, batman_client)

        url = reverse(self.detail_view_name,
                      kwargs={
                          'org_slug': org1.slug,
                          'project_slug': project1.slug,
                          'activity_slug': ae.slug
                      })
        response = batman_client.get(url, format='json')
        self.assertEqual(status.HTTP_200_OK, response.status_code)

        data = response.data
        self.assertIn('name', data)
        self.assertIn('description', data)
        self.assertIn('contributor', data)
        self.assertIn('project', data)
        self.assertIn('start', data)
        self.assertIn('end', data)
        self.assertIn('minutes', data)

Ejemplo n.º 23

Archivo: test_activities.py Proyecto: vvandriichuk/project-time-tracker-api-django

    def test_view_activity_entry_by_non_contributor_fails(self):
        '''Tests that a activity entry cannot be viewed by a user
        who is not a project contributor for that entry's project'''
        robin_user = robin_creds.create_user(is_active=True)
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user,
                                  org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user,
                                  org1)

        janedoe_contrib = ProjectContributor.objects.create(
            user=self.janedoe_user, project=project1, activity_editor=True)
        batman_proj1_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project1, activity_viewer=True)
        batman_proj2_contrib = ProjectContributor.objects.create(
            user=self.batman_user, project=project2, activity_editor=True)

        ae = ActivityEntry.objects.create(name='An Activity',
                                          description='A new activity entry',
                                          contributor=janedoe_contrib,
                                          project=project1,
                                          minutes=60)

        robin_client = APIClient()
        authenticate_jwt(robin_creds, robin_client)

        url = reverse(self.detail_view_name,
                      kwargs={
                          'org_slug': org1.slug,
                          'project_slug': project1.slug,
                          'activity_slug': ae.slug
                      })
        response = robin_client.get(url, format='json')
        self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)

        data = response.data
        self.assertNotIn('name', data)
        self.assertNotIn('description', data)
        self.assertNotIn('contributor', data)
        self.assertNotIn('project', data)
        self.assertNotIn('start', data)
        self.assertNotIn('end', data)
        self.assertNotIn('minutes', data)

Ejemplo n.º 24

    def test_login_incorrect_password_fail(self):
        creds = admin_creds.to_dict()
        creds['password'] = '******'
        response = authenticate_jwt(creds, self.client)
        self.assertEqual(status.HTTP_400_BAD_REQUEST, response.status_code)

        data = response.data

        self.assertNotIn('access_token', data)
        self.assertNotIn('refresh_token', data)

Ejemplo n.º 25

    def test_list_organization_with_admin_user_succeeds(self):
        '''Tests that admin user (is_staff = True) can view organization listing'''
        client = APIClient()
        authenticate_jwt(admin_creds, client)

        url = reverse(self.create_list_view_name)
        payload = {'name': 'Org1', 'contact': self.johndoe_user.id}
        client.post(url, payload, format='json')

        payload2 = {'name': 'Org2', 'contact': self.janedoe_user.id}
        client.post(url, payload2, format='json')

        response = client.get(url, format='json')

        self.assertEqual(status.HTTP_200_OK, response.status_code)

        data = response.data
        self.assertIsInstance(data, list)
        self.assertEqual(2, len(data))

Ejemplo n.º 26

    def test_login_success(self):
        response = authenticate_jwt(admin_creds, self.client)
        self.assertEqual(status.HTTP_200_OK, response.status_code)

        data = response.data

        self.assertIn('access_token', data)
        self.assertIn('refresh_token', data)
        self.assertIn('user', data)
        self.assertEqual(admin_creds.email, data['user']['email'])

Ejemplo n.º 27

    def test_delete_by_admin_succeeds(self):
        '''Tests that an admin can delete / remove a member from a organization'''
        johndoe_org = create_organization('Org 1', self.johndoe_user)
        johndoe_org.members.add(self.batman_user)

        project1 = Project.objects.create(name='Org 1 Project 1',
                                          description='ABC ...',
                                          creator=self.johndoe_user,
                                          organization=johndoe_org)
        project2 = Project.objects.create(name='Org 1 Project 2',
                                          description='ABC ...',
                                          creator=self.johndoe_user,
                                          organization=johndoe_org)
        ProjectContributor.objects.create(user=self.batman_user,
                                          project=project1)
        ProjectContributor.objects.create(user=self.batman_user,
                                          project=project2)

        admin_client = APIClient()
        authenticate_jwt(admin_creds, admin_client)

        url = reverse(self.delete_view_name,
                      kwargs={
                          'org_slug': johndoe_org.slug,
                          'pk': self.batman_user.id
                      })

        response = admin_client.delete(url, format='json')

        self.assertEqual(status.HTTP_204_NO_CONTENT, response.status_code)

        johndoe_org.refresh_from_db()
        with self.assertRaises(ObjectDoesNotExist):
            johndoe_org.members.get(id=self.batman_user.id)

        with self.assertRaises(ObjectDoesNotExist):
            ProjectContributor.objects.get(user=self.batman_user,
                                           project=project1)

        with self.assertRaises(ObjectDoesNotExist):
            ProjectContributor.objects.get(user=self.batman_user,
                                           project=project2)

Ejemplo n.º 28

    def test_create_non_existant_user_contributor_by_project_admin_succeeds(self):
        '''Tests that a project admin (ProjectContributor.project_admin = True)
        can add a project contributor which does not match to an existing,
        user, to a project.
        - a new user should be created,
        - user added as a member to the project's organization,
        - user added as a project contributor and,
        - an email sent to them notfiying them they are now 
          a project contributor along with their permissions'''
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1)

        johndoe_client = APIClient()
        authenticate_jwt(johndoe_creds, johndoe_client)

        url = reverse(self.list_create_view_name, kwargs={
          'org_slug': org1.slug,
          'project_slug': project1.slug
        })
        payload = {
            'email': batman_creds.email,
            'project': project1.id,
            'project_admin': False,
            'activity_viewer': False,
            'activity_editor': True
        }
        response = johndoe_client.post(url, payload, format='json')
        self.assertEqual(status.HTTP_201_CREATED, response.status_code)

        data = response.data
        self.assertIn('user', data)
        self.assertIn('project', data)
        self.assertIn('project_admin', data)
        self.assertIn('activity_viewer', data)
        self.assertIn('activity_editor', data)

        batman_user = UserModel.objects.get(email=batman_creds.email)
        self.assertEqual(batman_user.id, data['user'])
        self.assertEqual(payload['project'], data['project'])
        self.assertEqual(payload['project_admin'], data['project_admin'])
        self.assertEqual(payload['activity_viewer'], data['activity_viewer'])
        self.assertEqual(payload['activity_editor'], data['activity_editor'])

Ejemplo n.º 29

    def test_update_contributor_by_same_contributor_fails(self):
        '''Tests that a project contributor can not delete their own project
        contributor instance'''
        org1 = create_organization('Org 1', self.johndoe_user)
        project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1)
        project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1)

        pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, activity_editor=True)

        janedoe_client = APIClient()
        authenticate_jwt(janedoe_creds, janedoe_client)

        url = reverse(self.detail_view_name, kwargs={
          'org_slug': org1.slug,
          'project_slug': project1.slug,
          'pk': pc.pk
        })
        response = janedoe_client.delete(url, format='json')
        self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
        self.assertIsNotNone(ProjectContributor.objects.get(pk=pc.pk))

Ejemplo n.º 30

    def test_list_organization_with_non_admin_user_fails(self):
        '''Tests that non admin user (is_staff = False) cannot view organization listing'''
        admin_client = APIClient()
        authenticate_jwt(admin_creds, admin_client)

        url = reverse(self.create_list_view_name)
        payload = {'name': 'Org1', 'contact': self.johndoe_user.id}
        admin_client.post(url, payload, format='json')

        payload2 = {'name': 'Org2', 'contact': self.johndoe_user.id}
        admin_client.post(url, payload2, format='json')

        janedoe_client = APIClient()
        authenticate_jwt(janedoe_creds, janedoe_client)

        response = janedoe_client.get(url, format='json')
        self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)

        data = response.data
        self.assertFalse(isinstance(data, list))