def test_label_in_new_tab(self):
"""Test labels created by global creator in new tab"""
with factories.single_commit():
role = "Creator"
role_name = "Creators"
person = factories.PersonFactory()
creator_role = all_models.Role.query.filter(
all_models.Role.name == role
).one()
rbac_factories.UserRoleFactory(role=creator_role, person=person)
self.api.set_user(person)
with factories.single_commit():
assessment = factories.AssessmentFactory()
factories.AccessControlPersonFactory(
ac_list=assessment.acr_name_acl_map[role_name],
person=person,
)
label_name = "Test Label"
response = self.api.put(assessment, {
'labels': [{
'name': label_name,
'id': None,
'type': 'Label'
}]
})
self.assert200(response)
response = self.api.get(assessment, assessment.id)
self.assert200(response)
labels = response.json['assessment']['labels']
self.assertEqual(len(labels), 1)
self.assertEqual(labels[0]['name'], label_name)
def test_search_no_acl_in_content(self, field, role_name):
"""Test search older revisions without access_control_list."""
with factories.single_commit():
person = factories.PersonFactory(email="{}@example.com".format(field),
name=field)
control = factories.ControlFactory()
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.type,
).one()
with factories.single_commit():
snapshot = factories.SnapshotFactory(
child_id=control.id,
child_type=control.type,
revision=revision)
old_content = revision.content.copy()
old_content.pop("access_control_list")
old_content[field] = {"id": person.id}
revision.content = old_content
db.session.add(revision)
person_id = person.id
snapshot_id = snapshot.id
self.client.post("/admin/reindex")
person = all_models.Person.query.get(person_id)
snapshot = all_models.Snapshot.query.get(snapshot_id)
self.assert_indexed_fields(snapshot, role_name, {
"{}-email".format(person.id): person.email,
"{}-name".format(person.id): person.name,
"__sort__": person.email,
})
def test_filter_by_checkbox_cad_no_cav(self):
"""Test index by Checkdoxed cad no cav."""
checkbox_type = all_models.CustomAttributeDefinition.ValidTypes.CHECKBOX
cad_title = "Checkbox"
search_value = "No"
with factories.single_commit():
factories.CustomAttributeDefinitionFactory(
attribute_type=checkbox_type,
definition_type="control",
title=cad_title,
)
control = factories.ControlFactory()
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.type,
).first()
revision.content = control.log_json()
db.session.add(revision)
with factories.single_commit():
snapshot = factories.SnapshotFactory(
child_id=control.id,
child_type=control.type,
revision=revision)
db.session.expire_all()
snapshot_id = snapshot.id
self.client.post("/admin/reindex")
snapshot = all_models.Snapshot.query.get(snapshot_id)
self.assert_indexed_fields(snapshot, cad_title, {"": search_value})
def test_index_by_acr(self):
"""Test index by ACR."""
role_name = "Test name"
with factories.single_commit():
acr = factories.AccessControlRoleFactory(
name=role_name,
object_type="Control"
)
person = factories.PersonFactory(email="*****@*****.**", name='test')
control = factories.ControlFactory()
factories.AccessControlList(ac_role=acr, person=person, object=control)
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.type,
).one()
revision.content = control.log_json()
db.session.add(revision)
with factories.single_commit():
snapshot = factories.SnapshotFactory(
child_id=control.id,
child_type=control.type,
revision=revision)
db.session.expire_all()
person_id = person.id
snapshot_id = snapshot.id
self.client.post("/admin/reindex")
person = all_models.Person.query.get(person_id)
snapshot = all_models.Snapshot.query.get(snapshot_id)
self.assert_indexed_fields(snapshot, role_name, {
"{}-email".format(person.id): person.email,
"{}-name".format(person.id): person.name,
"__sort__": person.email,
})
def test_index_deleted_acr(self):
"""Test index by removed ACR."""
role_name = "Test name"
with factories.single_commit():
acr = factories.AccessControlRoleFactory(
name=role_name,
object_type="Control"
)
person = factories.PersonFactory(email="*****@*****.**", name='test')
control = factories.ControlFactory()
factories.AccessControlList(ac_role=acr, person=person, object=control)
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.type,
).one()
revision.content = control.log_json()
db.session.add(revision)
with factories.single_commit():
snapshot = factories.SnapshotFactory(
child_id=control.id,
child_type=control.type,
revision=revision)
db.session.expire_all()
db.session.delete(acr)
db.session.commit()
snapshot_id = snapshot.id
self.client.post("/admin/reindex")
snapshot = all_models.Snapshot.query.get(snapshot_id)
all_found_records = dict(Record.query.filter(
Record.key == snapshot.id,
Record.type == snapshot.type,
Record.property == role_name.lower()
).values("subproperty", "content"))
self.assertFalse(all_found_records)
def test_export_assesments_map_control(self, with_map):
"""Test export assesment with and without related control instance"""
with factories.single_commit():
audit = factories.AuditFactory()
assessment = factories.AssessmentFactory(audit=audit)
factories.RelationshipFactory(source=audit, destination=assessment)
control = factories.ControlFactory()
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.__class__.__name__
).order_by(
all_models.Revision.id.desc()
).first()
with factories.single_commit():
snapshot = factories.SnapshotFactory(
parent=audit,
child_id=control.id,
child_type=control.__class__.__name__,
revision_id=revision.id
)
if with_map:
factories.RelationshipFactory(source=snapshot, destination=assessment)
if with_map:
val = control.slug
else:
val = ""
self.assertColumnExportedValue(val, assessment,
"map:control versions")
def test_search_no_acl_in_content(self, field, role_name):
"""Test search older revisions without access_control_list."""
with factories.single_commit():
factories.AccessControlRoleFactory(name=role_name,
object_type="Control")
person = factories.PersonFactory(email="{}@example.com".format(field),
name=field)
control = factories.ControlFactory()
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.type,
).one()
with factories.single_commit():
snapshot = factories.SnapshotFactory(
child_id=control.id,
child_type=control.type,
revision=revision)
revision.content = revision.content.copy()
revision.content.pop("access_control_list")
revision.content[field] = {"id": person.id}
db.session.add(revision)
do_reindex()
self.assert_indexed_fields(snapshot, role_name, {
"{}-email".format(person.id): person.email,
"{}-name".format(person.id): person.name,
"{}-user_name".format(person.id): person.user_name,
"__sort__": person.user_name,
})
def test_proposal_delete_acl(self, roles, deleted):
"""Test delete acl proposal for ACRs with internal flags as {roles}."""
role_person_list = []
with factories.single_commit():
risk = factories.RiskFactory(title="1")
for idx, role_internal_flag in enumerate(roles):
role = factories.AccessControlRoleFactory(name="role_{}".format(idx),
object_type="Risk",
internal=role_internal_flag)
person = factories.PersonFactory()
role_person_list.append((role, person))
acl = factories.AccessControlListFactory(
ac_role=role,
object=risk,
)
factories.AccessControlPersonFactory(
ac_list=acl,
person=person,
)
with factories.single_commit():
latest_revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == risk.id,
all_models.Revision.resource_type == risk.type
).order_by(
all_models.Revision.created_at.desc()
).first()
latest_revision.content = risk.log_json()
risk_id = risk.id
risk_content = risk.log_json()
risk_content["access_control_list"] = []
expected_result = {}
for idx, (role, person) in enumerate(role_person_list):
if deleted[idx]:
expected_result[str(role.id)] = {
"added": [],
"deleted": [{"id": person.id, "email": person.email}],
}
resp = self.api.post(
all_models.Proposal,
{"proposal": {
"instance": {
"id": risk.id,
"type": risk.type,
},
# "content": {"123": 123},
"full_instance_content": risk_content,
"agenda": "delete access control roles",
"context": None,
}})
self.assertEqual(201, resp.status_code)
risk = all_models.Risk.query.get(risk_id)
self.assertEqual(1, len(risk.proposals))
self.assertIn("access_control_list", risk.proposals[0].content)
acl = risk.proposals[0].content["access_control_list"]
self.assertEqual(expected_result, acl)
self.assertEqual(1, len(risk.comments))
def test_snapshot_counts_query(self):
"""Test snapshot_counts endpoint"""
with factories.single_commit():
audit = factories.AuditFactory()
issue_1 = factories.IssueFactory(audit=audit)
control = factories.ControlFactory()
regulation = factories.RegulationFactory()
factories.RelationshipFactory(
source=issue_1,
destination=control
)
issue_2 = factories.IssueFactory(audit=audit)
with factories.single_commit():
revision = all_models.Revision.query.filter(
all_models.Revision.resource_type == "Issue",
all_models.Revision.resource_id == issue_1.id
).first()
revision_2 = all_models.Revision.query.filter(
all_models.Revision.resource_type == "Issue",
all_models.Revision.resource_id == issue_2.id
).first()
snapshot_1 = factories.SnapshotFactory(
parent=issue_1.audit,
child_type=control.type,
child_id=control.id,
revision=revision
)
factories.RelationshipFactory(
source=issue_1,
destination=snapshot_1,
)
snapshot_2 = factories.SnapshotFactory(
parent=issue_2.audit,
child_type=regulation.type,
child_id=regulation.id,
revision=revision_2
)
factories.RelationshipFactory(
source=issue_2,
destination=snapshot_2,
)
issues = [issue_1, issue_2]
expected_snapshot_counts = {
issue_1.id: {"Control": 1},
issue_2.id: {"Regulation": 1},
}
for issue in issues:
response = self.api.client.get(
"/api/issues/{}/snapshot_counts".format(issue.id),
)
snapshot_counts = json.loads(response.data)
self.assertEqual(snapshot_counts,
expected_snapshot_counts[issue.id])
def setUp(self):
super(TestRevisionHistory, self).setUp()
self.api = Api()
roles = {r.name: r for r in all_models.Role.query.all()}
with factories.single_commit():
factories.AccessControlRoleFactory(
name="ACL_Reader",
object_type="Control",
update=0,
)
factories.AccessControlRoleFactory(
name="ACL_Editor",
object_type="Control"
),
with factories.single_commit():
self.control = factories.ControlFactory()
self.program = factories.ProgramFactory()
self.program.context.related_object = self.program
self.relationship = factories.RelationshipFactory(
source=self.program,
destination=self.control,
context=self.program.context,
)
self.people = {
"Creator": factories.PersonFactory(),
"Reader": factories.PersonFactory(),
"Editor": factories.PersonFactory(),
"Administrator": factories.PersonFactory(),
"ACL_Reader": factories.PersonFactory(),
"ACL_Editor": factories.PersonFactory(),
"Program Editors": factories.PersonFactory(),
"Program Managers": factories.PersonFactory(),
"Program Readers": factories.PersonFactory(),
}
for role_name in ["Creator", "Reader", "Editor", "Administrator"]:
rbac_factories.UserRoleFactory(role=roles[role_name],
person=self.people[role_name])
for role_name in ["Program Editors",
"Program Managers",
"Program Readers"]:
person = self.people[role_name]
rbac_factories.UserRoleFactory(role=roles["Creator"], person=person)
factories.AccessControlPersonFactory(
ac_list=self.program.acr_name_acl_map[role_name],
person=self.people[role_name],
)
with factories.single_commit():
for role_name in ["ACL_Reader", "ACL_Editor"]:
rbac_factories.UserRoleFactory(role=roles["Creator"],
person=self.people[role_name])
factories.AccessControlPersonFactory(
ac_list=self.control.acr_name_acl_map[role_name],
person=self.people[role_name],
)
def test_snapshot_counts_query(self):
"""Test snapshot_counts endpoint"""
with factories.single_commit():
assessment_1 = factories.AssessmentFactory()
control = factories.ControlFactory()
regulation = factories.RegulationFactory()
factories.RelationshipFactory(
source=assessment_1,
destination=control
)
assessment_2 = factories.AssessmentFactory()
with factories.single_commit():
revision = all_models.Revision.query.filter(
all_models.Revision.resource_type == "Assessment",
all_models.Revision.resource_id == assessment_1.id
).first()
revision_2 = all_models.Revision.query.filter(
all_models.Revision.resource_type == "Assessment",
all_models.Revision.resource_id == assessment_2.id
).first()
snapshot_1 = factories.SnapshotFactory(
parent=assessment_1.audit,
child_type=control.type,
child_id=control.id,
revision=revision
)
factories.RelationshipFactory(
source=assessment_1,
destination=snapshot_1,
)
snapshot_2 = factories.SnapshotFactory(
parent=assessment_2.audit,
child_type=regulation.type,
child_id=regulation.id,
revision=revision_2
)
factories.RelationshipFactory(
source=assessment_2,
destination=snapshot_2,
)
assessments = [assessment_1, assessment_2]
expected_snapshot_counts = {
assessment_1.id: {"Control": 1},
assessment_2.id: {"Regulation": 1},
}
for assessment in assessments:
response = self.api.client.get(
"/api/assessments/{}/snapshot_counts".format(assessment.id),
)
snapshot_counts = json.loads(response.data)
self.assertEqual(snapshot_counts,
expected_snapshot_counts[assessment.id])
def test_import_propagation(self):
"""Test propagation program roles via import"""
# pylint: disable=too-many-locals
with factories.single_commit():
program = factories.ProgramFactory()
control = factories.ControlFactory()
control_1 = factories.ControlFactory()
factories.RelationshipFactory(destination=program, source=control)
factories.RelationshipFactory(destination=program, source=control_1)
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.type,
).first()
with factories.single_commit():
audit = factories.AuditFactory(program=program)
rel = factories.RelationshipFactory(destination=audit.program,
source=audit)
snapshot = factories.SnapshotFactory(parent=audit,
revision_id=revision.id,
child_type=control.type,
child_id=control.id)
factories.RelationshipFactory(destination=audit, source=snapshot)
flask.g.new_relationship_ids = [rel.id]
flask.g.new_acl_ids = [a.id for a in program._access_control_list]
flask.g.deleted_objects = []
propagation.propagate()
acl_q = all_models.AccessControlList.query.filter(
all_models.AccessControlList.object_type == "Assessment",
)
self.assertEqual(acl_q.count(), 0)
response = self.import_data(
OrderedDict([
("object_type", "Assessment"),
("Code*", ""),
("Audit*", audit.slug),
("title", "Assessment title 1"),
("Creators", "*****@*****.**"),
("Assignees", "*****@*****.**"),
("map:Control versions", control.slug),
]),
OrderedDict([
("object_type", "Assessment"),
("Code*", ""),
("Audit*", audit.slug),
("title", "Assessment title 2"),
("Creators", "*****@*****.**"),
("Assignees", "*****@*****.**"),
("map:Control versions", control.slug),
]),
)
self.check_import_errors(response)
self.assertEqual(acl_q.count(), 20)
def test_issue_bulk_generate(self):
"""Test bulk update of issues for Issues."""
issue_ids = []
with factories.single_commit():
for _ in range(3):
issue = factories.IssueFactory()
factories.IssueTrackerIssueFactory(
enabled=True,
issue_tracked_obj=issue,
issue_id=self.issue_id,
title="",
component_id=12345,
hotlist_id=54321,
issue_priority="P2",
issue_severity="S2",
)
issue_ids.append(issue.id)
with factories.single_commit():
person = factories.PersonFactory()
for issue in all_models.Issue.query.all():
issue.modified_by = person
for role_name in ["Admin", "Primary Contacts"]:
issue.add_person_with_role_name(person, role_name)
# Verify that IssueTracker issues hasn't updated data
issues = all_models.IssuetrackerIssue.query.filter(
all_models.IssuetrackerIssue.object_type == "Issue",
all_models.IssuetrackerIssue.object_id.in_(issue_ids)
).all()
for issue in issues:
parent_obj = issue.Issue_issue_tracked
self.assertNotEqual(issue.title, parent_obj.title)
self.assertEqual(issue.assignee, None)
issue_issuetracker_info = [
("Issue", id_, None, None) for id_ in issue_ids
]
response = self.update_issues_for(issue_issuetracker_info)
self.assert200(response)
self.assertEqual(response.json.get("errors"), [])
# IssueTracker issues should be updated with proper values
issues = all_models.IssuetrackerIssue.query.filter(
all_models.IssuetrackerIssue.object_type == "Issue",
all_models.IssuetrackerIssue.object_id.in_(issue_ids)
).all()
for issue in issues:
parent_obj = issue.Issue_issue_tracked
self.assertEqual(issue.title, parent_obj.title)
self.assertEqual(issue.cc_list, "")
def test_import_with_mandatory(self):
"""Test import of data with mandatory role"""
# Import of data should be allowed if mandatory role provided
# and can process situation when nonmandatory roles are absent
# without any errors and warnings
with factories.single_commit():
mandatory_role = factories.AccessControlRoleFactory(
object_type="Market",
mandatory=True
).name
factories.AccessControlRoleFactory(
object_type="Market",
mandatory=False
)
email = factories.PersonFactory().email
response_json = self.import_data(OrderedDict([
("object_type", "Market"),
("code", "market-1"),
("title", "Title"),
("Admin", "*****@*****.**"),
(mandatory_role, email),
]))
self._check_csv_response(response_json, {})
self.assertEqual(1, response_json[0]["created"])
self.assertEqual(1, len(models.Market.query.all()))
def test_single_acl_to_multiple(self, count):
"""Test propagation of single ACL entry to multiple children."""
with factories.single_commit():
person = factories.PersonFactory()
program = factories.ProgramFactory()
for i in range(count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_entry = factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=program,
person=person,
)
self.assertEqual(all_models.AccessControlList.query.count(), 1)
child_ids = propagation._handle_acl_step([acl_entry.id])
self.assertEqual(
all_models.AccessControlList.query.count(),
# 1 original ACL entry, 2*count for objects+relationships
1 + count * 2
)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
count,
)
def test_import_without_mandatory(self):
"""Test import of data without mandatory role"""
# Data can't be imported if mandatory role is not provided
with factories.single_commit():
mandatory_role = factories.AccessControlRoleFactory(
object_type="Market",
mandatory=True
).name
not_mandatory_role = factories.AccessControlRoleFactory(
object_type="Market",
mandatory=False
).name
email = factories.PersonFactory().email
response_json = self.import_data(OrderedDict([
("object_type", "Market"),
("code", "market-1"),
("title", "Title"),
("Admin", "*****@*****.**"),
(not_mandatory_role, email),
]))
expected_errors = {
"Market": {
"row_errors": {
errors.MISSING_COLUMN.format(
line=3, column_names=mandatory_role, s=""
),
}
}
}
self._check_csv_response(response_json, expected_errors)
markets_count = models.Market.query.count()
self.assertEqual(markets_count, 0)
def test_audit_change(self):
"""Test audit changing"""
with factories.single_commit():
audit = factories.AuditFactory()
issue = factories.IssueFactory()
response = self.import_data(OrderedDict([
("object_type", "Issue"),
("Code*", issue.slug),
("map:Audit", audit.slug),
]))
self._check_csv_response(response, {})
another_audit = factories.AuditFactory()
response = self.import_data(OrderedDict([
("object_type", "Issue"),
("Code*", issue.slug),
("map:Audit", another_audit.slug),
]))
self._check_csv_response(response, {
"Issue": {
"row_warnings": {
errors.SINGLE_AUDIT_RESTRICTION.format(
line=3, mapped_type="Audit", object_type="Issue",
)
}
}
})
def test_import_snapshot(self):
"""Test if snapshots can be created from imported objects."""
data = "Object type,,,\n" \
"Control,Code*,Title*,Admin*\n" \
",,Control1,[email protected]\n" \
",,Control2,[email protected]\n" \
",,Control3,[email protected]"
user = all_models.Person.query.first()
with factories.single_commit():
imp_exp = factories.ImportExportFactory(
job_type="Import",
status="Blocked",
created_at=datetime.now(),
created_by=user,
content=data,
)
audit_id = factories.AuditFactory().id
self.run_full_import(user, imp_exp)
# We need to reopen session to grab newly created data
db.session.close()
controls = all_models.Control.query
self.assertEqual(3, controls.count())
audit = all_models.Audit.query.get(audit_id)
snapshots = self._create_snapshots(audit, controls.all())
self.assertEqual(3, len(snapshots))
def test_change_verification_flag_negative(self, title, unit, repeat_every):
"""Test change verification_flag negative title={}."""
with freezegun.freeze_time("2017-08-10"):
with glob_factories.single_commit():
workflow = factories.WorkflowFactory(title=title, unit=unit,
repeat_every=repeat_every)
factories.TaskGroupTaskFactory(
task_group=factories.TaskGroupFactory(
workflow=workflow,
context=glob_factories.ContextFactory()
),
start_date=datetime.date(2017, 8, 3),
end_date=datetime.date(2017, 8, 7))
wf_id = workflow.id
self.generator.activate_workflow(workflow)
workflow = all_models.Workflow.query.get(wf_id)
verif_default = all_models.Workflow.IS_VERIFICATION_NEEDED_DEFAULT
self.assertIs(workflow.is_verification_needed, verif_default)
resp = self.api.put(
workflow,
{
'is_verification_needed': not verif_default
})
self.assert400(resp)
workflow = all_models.Workflow.query.get(wf_id)
self.assertIs(workflow.is_verification_needed, verif_default)
def test_recalculate_start_date_on_delete(self, idxs, expected_date):
"""Test recalculate start_date on delete expected={1}."""
start_date_1 = datetime.date(2017, 8, 10)
start_date_2 = datetime.date(2017, 8, 11)
with freezegun.freeze_time("2017-08-10"):
with glob_factories.single_commit():
workflow = factories.WorkflowFactory(
title="This is a test WF",
unit=all_models.Workflow.WEEK_UNIT,
repeat_every=1)
tasks = (
factories.TaskGroupTaskFactory(
task_group=factories.TaskGroupFactory(workflow=workflow),
start_date=start_date_1,
end_date=start_date_1 + datetime.timedelta(1),
),
factories.TaskGroupTaskFactory(
task_group=factories.TaskGroupFactory(workflow=workflow),
start_date=start_date_2,
end_date=start_date_2 + datetime.timedelta(1),
),
)
wf_id = workflow.id
task_ids = [t.id for t in tasks]
self.generator.activate_workflow(workflow)
workflow = all_models.Workflow.query.get(wf_id)
self.assertEqual(datetime.date(2017, 8, 17),
workflow.next_cycle_start_date)
for idx in idxs:
task = all_models.TaskGroupTask.query.get(task_ids[idx])
self.api.delete(task)
workflow = all_models.Workflow.query.get(wf_id)
self.assertEqual(expected_date, workflow.next_cycle_start_date)
def test_archive_workflow(self, tgt_start_date, tgt_end_date, wf_status):
"""Test archive workflow with status={2}"""
with freezegun.freeze_time("2017-08-10"):
with glob_factories.single_commit():
workflow = factories.WorkflowFactory(
title="This is a test WF",
unit=all_models.Workflow.WEEK_UNIT,
repeat_every=1)
factories.TaskGroupTaskFactory(
task_group=factories.TaskGroupFactory(
workflow=workflow,
context=glob_factories.ContextFactory(),
),
start_date=tgt_start_date,
end_date=tgt_end_date,
)
wf_id = workflow.id
self.generator.activate_workflow(workflow)
workflow = all_models.Workflow.query.get(wf_id)
self.assertEqual(all_models.Workflow.ACTIVE, workflow.status)
self.assertIs(workflow.recurrences, True)
# Archive workflow
self.generator.modify_workflow(workflow, {'recurrences': False})
workflow = all_models.Workflow.query.get(wf_id)
self.assertIs(workflow.recurrences, False)
self.assertEqual(wf_status, workflow.status)
def test_ending_archived_workflow_cycles(self): # noqa pylint: disable=invalid-name
"""Archived workflow should be INACTIVE if current cycles are ended."""
with freezegun.freeze_time("2017-08-10"):
with glob_factories.single_commit():
workflow = factories.WorkflowFactory(
title="This is a test WF",
unit=all_models.Workflow.WEEK_UNIT,
repeat_every=1)
factories.TaskGroupTaskFactory(
task_group=factories.TaskGroupFactory(
workflow=workflow,
context=glob_factories.ContextFactory(),
),
# Two cycles should be created
start_date=datetime.date(2017, 8, 3),
end_date=datetime.date(2017, 8, 7),
)
wf_id = workflow.id
self.generator.activate_workflow(workflow)
workflow = all_models.Workflow.query.get(wf_id)
self.assertEqual(all_models.Workflow.ACTIVE, workflow.status)
self.assertIs(workflow.recurrences, True)
self.assertEqual(2, len(workflow.cycles))
# Archive workflow
self.generator.modify_workflow(workflow, {'recurrences': False})
workflow = all_models.Workflow.query.get(wf_id)
self.assertIs(workflow.recurrences, False)
self.assertEqual(all_models.Workflow.ACTIVE, workflow.status)
# End all current cycles
for cycle in workflow.cycles:
self.generator.modify_object(cycle, {'is_current': False})
# Archived workflow should be inactive
workflow = all_models.Workflow.query.get(wf_id)
self.assertEqual(all_models.Workflow.INACTIVE, workflow.status)
def test_export_assesments_with_map_control_mirror_relation(self):
"""Test export assesment with related control instance
relation assessment -> snapshot
"""
with factories.single_commit():
audit = factories.AuditFactory()
assessment = factories.AssessmentFactory(audit=audit)
factories.RelationshipFactory(source=audit, destination=assessment)
control = factories.ControlFactory()
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == control.id,
all_models.Revision.resource_type == control.__class__.__name__
).order_by(
all_models.Revision.id.desc()
).first()
snapshot = factories.SnapshotFactory(
parent=audit,
child_id=control.id,
child_type=control.__class__.__name__,
revision_id=revision.id
)
db.session.commit()
factories.RelationshipFactory(destination=snapshot, source=assessment)
self.assertColumnExportedValue(control.slug, assessment,
"map:control versions")
def test_recalculate_start_date_on_create(self,
new_start_date,
expected_date):
"""Test recalculate start_date on create update={} expected={}."""
with freezegun.freeze_time("2017-08-10"):
with glob_factories.single_commit():
workflow = factories.WorkflowFactory(
title="This is a test WF",
unit=all_models.Workflow.WEEK_UNIT,
repeat_every=1)
task = factories.TaskGroupTaskFactory(
task_group=factories.TaskGroupFactory(
workflow=workflow,
context=glob_factories.ContextFactory(),
),
start_date=datetime.date(2017, 8, 10),
end_date=datetime.date(2017, 8, 11),
)
wf_id = workflow.id
task_id = task.id
self.generator.activate_workflow(workflow)
workflow = all_models.Workflow.query.get(wf_id)
task = all_models.TaskGroupTask.query.get(task_id)
self.assertEqual(datetime.date(2017, 8, 17),
workflow.next_cycle_start_date)
self.generator.generate_task_group_task(
task.task_group,
{
'start_date': new_start_date,
'end_date': new_start_date + datetime.timedelta(1),
})
workflow = all_models.Workflow.query.get(wf_id)
self.assertEqual(expected_date, workflow.next_cycle_start_date)
def test_exportable_only_updated_by(self, field, value):
"""Test exportable only "Last Updated By" field"""
slug = "TestAssessment"
with factories.single_commit():
factories.AssessmentFactory(
slug=slug,
modified_by=factories.PersonFactory(email="*****@*****.**"),
)
data = [{
"object_name": "Assessment",
"fields": "all",
"filters": {
"expression": {
"left": "code",
"op": {"name": "="},
"right": slug
},
}
}]
before_update = self.export_parsed_csv(data)["Assessment"][0][field]
self.assertEqual(before_update, "*****@*****.**")
self.import_data(OrderedDict([("object_type", "Assessment"),
("Code*", slug),
(field, value)]))
after_update = self.export_parsed_csv(data)["Assessment"][0][field]
self.assertEqual(after_update, "*****@*****.**")
def test_propagate_all(self):
"""Test clean propagation of all ACL entries."""
with factories.single_commit():
person = factories.PersonFactory()
task = wf_factories.TaskGroupTaskFactory()
audit = factories.AuditFactory()
factories.RelationshipFactory(
source=audit,
destination=audit.program,
)
acl_ids = [
factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=audit.program,
person=person,
).id
]
factories.AccessControlListFactory(
ac_role=self.roles["Workflow"]["Workflow Member"],
object=task.workflow,
person=person,
)
# propagate all non WF entries
propagation._propagate(acl_ids)
self.assertEqual(all_models.AccessControlList.query.count(), 4)
all_models.AccessControlList.query.filter(
all_models.AccessControlList.parent_id.isnot(None)
).delete()
self.assertEqual(all_models.AccessControlList.query.count(), 2)
# propagate all including WF entries
propagation.propagate_all()
self.assertEqual(all_models.AccessControlList.query.count(), 6)
def test_propagation_conflict(self):
"""Test propagation conflicts
When we create a new acl entry and a new relationship in the same commit
some roles would be propagated twice and would cause unique constraint
errors. This test checks for the most basic such scenario.
"""
with factories.single_commit():
person = factories.PersonFactory()
audit = factories.AuditFactory()
relationship = factories.RelationshipFactory(
source=audit,
destination=audit.program,
)
acl_entry = factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=audit.program,
person=person,
)
with app.app.app_context():
flask.g.new_acl_ids = {acl_entry.id}
flask.g.new_relationship_ids = {relationship.id}
flask.g.deleted_objects = set()
propagation.propagate()
db.session.commit()
self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_autogen_verification_flag(self, flag):
"""Check is_verification_needed flag for activate WF action."""
with factories.single_commit():
workflow = wf_factories.WorkflowFactory(is_verification_needed=flag)
group = wf_factories.TaskGroupFactory(workflow=workflow)
wf_factories.TaskGroupTaskFactory(task_group=group)
data = [{
"cycle": {
"autogenerate": True,
"isOverdue": False,
"workflow": {
"id": workflow.id,
"type": "Workflow",
},
"context": {
"id": workflow.context_id,
"type": "Context",
},
}
}]
resp = self.api.send_request(
self.api.client.post,
api_link="/api/cycles",
data=data)
cycle_id = resp.json[0][1]["cycle"]["id"]
self.assertEqual(
flag,
all_models.Cycle.query.get(cycle_id).is_verification_needed)
def test_update_non_changeable_field(self, field, value_creator):
"""Test importing Assessment's "Created Date" field"""
slug = "TestAssessment"
with factories.single_commit():
value = value_creator()
factories.AssessmentFactory(
slug=slug,
modified_by=factories.PersonFactory(email="*****@*****.**"),
)
data = [{
"object_name": "Assessment",
"fields": "all",
"filters": {
"expression": {
"left": "code",
"op": {"name": "="},
"right": slug
},
}
}]
before_update = self.export_parsed_csv(data)["Assessment"][0][field]
with freezegun.freeze_time("2017-9-10"):
self.import_data(OrderedDict([("object_type", "Assessment"),
("Code*", slug),
(field, value)]))
self.assertEqual(before_update,
self.export_parsed_csv(data)["Assessment"][0][field])
def test_import_archived_assessment(self, is_archived, value, ignored,
updated, row_errors):
"""Test archived assessment import procedure"""
with factories.single_commit():
audit = factories.AuditFactory(archived=is_archived)
assessment = factories.AssessmentFactory(audit=audit)
factories.RelationshipFactory(source=audit, destination=assessment)
resp = self.import_data(OrderedDict([
("object_type", "Assessment"),
("Code*", assessment.slug),
("archived", value),
("description", "archived assessment description")
]))
self.assertEqual([{
u'ignored': ignored,
u'updated': updated,
u'block_errors': [],
u'name': u'Assessment',
u'created': 0,
u'deleted': 0,
u'deprecated': 0,
u'row_warnings': [],
u'rows': 1,
u'block_warnings': [],
u'row_errors': row_errors
}], resp)
def test_mapped_roles_template(self):
"""Test mapped assignee roles for assessment generated from template """
auditors = ["*****@*****.**", "*****@*****.**"]
captains = ["*****@*****.**", "*****@*****.**"]
with factories.single_commit():
template = factories.AssessmentTemplateFactory()
self.generate_acls(auditors, self.auditor_role)
self.generate_acls(captains, self.captains_role)
self.assessment_post(template)
# Add objects back to session to have access to their id and type
db.session.add(self.audit, self.snapshot)
for obj in [self.audit, self.snapshot]:
self.assert_mapped_role("Verifiers Mapped", "*****@*****.**",
obj)
self.assert_mapped_role("Verifiers Mapped", "*****@*****.**",
obj)
self.assert_mapped_role("Assignees Mapped", "*****@*****.**",
obj)
self.assert_mapped_role("Assignees Mapped", "*****@*****.**",
obj)
self.assert_mapped_role("Creators Mapped", "*****@*****.**", obj)
def test_propagate_all(self):
"""Test clean propagation of all ACL entries."""
with factories.single_commit():
person = factories.PersonFactory()
audit = factories.AuditFactory()
factories.RelationshipFactory(
source=audit,
destination=audit.program,
)
acl_ids = [
factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=audit.program,
person=person,
).id
]
propagation._propagate(acl_ids)
self.assertEqual(all_models.AccessControlList.query.count(), 3)
propagation._delete_all_propagated_acls()
self.assertEqual(all_models.AccessControlList.query.count(), 1)
propagation.propagate_all()
self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_single_acl_to_multiple(self, count):
"""Test propagation of single ACL entry to multiple children."""
with factories.single_commit():
program = factories.ProgramFactory()
for i in range(count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_id = program.acr_name_acl_map["Program Editors"].id
child_ids = propagation._handle_acl_step([acl_id], self.user_id)
self.assertEqual(
all_models.AccessControlList.query.filter(
all_models.AccessControlList.parent_id.isnot(None)).count(),
count * 2)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
count,
)
def test_gca_update_empty_value_and_status_not_change_status(
self, from_status, value):
"""Assessment in '{0}' NOT changed when add GCA with '{1}' value + status
Same as above + update status in the same PUT
"""
with factories.single_commit():
ca_factory = factories.CustomAttributeDefinitionFactory
gca = ca_factory(definition_type='assessment',
title='rich_test_gca',
attribute_type='Rich Text')
assessment = factories.AssessmentFactory()
self.api.modify_object(
assessment, {
'custom_attribute_values': [{
'custom_attribute_id': gca.id,
'attribute_value': value,
}],
'status':
from_status
})
assessment = self.refresh_object(assessment)
self.assertEqual(from_status, assessment.status)
def test_create_commentable(self):
"""Test if commentable fields are set on creation"""
with factories.single_commit():
assertion = factories.ControlAssertionFactory()
recipients = "Admin,Control Operators,Control Owners"
send_by_default = 0
response = self.api.post(
all_models.Control, {
"control": {
"title": "Control title",
"context": None,
"recipients": recipients,
"send_by_default": send_by_default,
"assertions": [{
"id": assertion.id
}]
},
})
self.assertEqual(response.status_code, 201)
control_id = response.json.get("control").get("id")
control = db.session.query(all_models.Control).get(control_id)
self.assertEqual(control.recipients, recipients)
self.assertEqual(control.send_by_default, send_by_default)
def test_autogenerated_assignees_verifiers_with_model(self):
"""Test autogenerated assessment assignees based on template settings."""
assessor = "*****@*****.**"
verifier = "*****@*****.**"
with factories.single_commit():
self.audit.context = factories.ContextFactory()
auditors = {
u: factories.PersonFactory(email=u).id
for u in [assessor, verifier]
}
template = factories.AssessmentTemplateFactory(
test_plan_procedure=False,
procedure_description="Assessment Template Test Plan",
default_people={
"assessors": [auditors[assessor]],
"verifiers": [auditors[verifier]],
},
)
response = self.assessment_post(template)
self.assert_assignees("Verifier", response, verifier)
self.assert_assignees("Assessor", response, assessor)
self.assert_assignees("Creator", response, "*****@*****.**")
def test_api_documents_exist(self):
"""Test /api/document/documents_exist"""
with factories.single_commit():
doc1 = factories.DocumentFileFactory(gdrive_id="123")
doc1_id = doc1.id
factories.DocumentFileFactory(gdrive_id="456")
endpoint_uri = "/api/document/documents_exist"
request_data1 = json.dumps(dict(gdrive_ids=["123", "456"]))
response1 = self.api.client.post(endpoint_uri, data=request_data1,
content_type="application/json")
self.assertEquals(len(response1.json), 2)
self.assertTrue(all([r["exists"] for r in response1.json]))
request_data2 = json.dumps(dict(gdrive_ids=["123", "999"]))
response2 = self.api.client.post(endpoint_uri, data=request_data2,
content_type="application/json")
self.assertEquals(len(response2.json), 2)
existing = [obj for obj in response2.json if obj["exists"]]
not_existing = [obj for obj in response2.json if not obj["exists"]]
self.assertEquals(len(existing), 1)
self.assertEquals(len(not_existing), 1)
self.assertEquals(existing[0]["object"]["id"], doc1_id)
def test_checkbox_fulltext(self, value, search_value):
"""Test filter by checkbox value."""
title = "checkbox"
checkbox_type = all_models.CustomAttributeDefinition.ValidTypes.CHECKBOX
with factories.single_commit():
market = factories.MarketFactory()
cad = factories.CustomAttributeDefinitionFactory(
title=title,
definition_type="market",
attribute_type=checkbox_type)
factories.CustomAttributeValueFactory(custom_attribute=cad,
attributable=market,
attribute_value=value)
contents = [
i.content for i in mysql.MysqlRecordProperty.query.filter(
mysql.MysqlRecordProperty.property == title,
mysql.MysqlRecordProperty.type == market.type,
mysql.MysqlRecordProperty.key == market.id,
)
]
self.assertEqual([search_value], contents)
def test_clone_task_group(self, get_copy_title_patch):
"""Check clone tg and if proper copy title set."""
expected_title = 'Copy Title'
get_copy_title_patch.return_value = expected_title
with factories.single_commit():
workflow = self.setup_helper.setup_workflow(
(rbac_helper.GC_RNAME, ))
task_group = wf_factories.TaskGroupFactory(workflow=workflow)
cloned_task_group = wf_factories.TaskGroupFactory(
parent_id=task_group.id, workflow=workflow)
cloned_title = cloned_task_group.title
_, clone_tg = self.object_generator.generate_object(
all_models.TaskGroup, {
"title": "TG - copy 1",
"clone": task_group.id
})
get_copy_title_patch.assert_called_once_with(task_group.title,
[cloned_title])
self.assertEqual(clone_tg.title, expected_title)
self.assertEqual(clone_tg.parent_id, task_group.id)
def test_updating_ca_dict(self):
"""Test updating custom attribute values with a dict."""
with factories.single_commit():
prog = factories.ProgramFactory()
cad1 = factories.CustomAttributeDefinitionFactory(
definition_type="program",
title="CA 1",
)
prog.custom_attribute_values = [{
"attribute_value": "55",
"custom_attribute_id": cad1.id,
}]
db.session.commit()
prog = prog.__class__.query.get(prog.id)
prog.custom_attribute_values = [{
"attribute_value": "57",
"custom_attribute_id": cad1.id,
}]
self.assertEqual(len(prog.custom_attribute_values), 1)
self.assertEqual(prog.custom_attribute_values[0].attribute_value, "57")
def test_recalculate_date(self, setup_start_date, update_start_date,
expected_date):
"""Recalculate next cycle start date"""
with freeze_time(dtm.date(2017, 8, 15)):
with factories.single_commit():
workflow = wf_factories.WorkflowFactory(
repeat_every=1,
status=Workflow.DRAFT,
unit=Workflow.MONTH_UNIT)
group = wf_factories.TaskGroupFactory(workflow=workflow)
task_id = wf_factories.TaskGroupTaskFactory(
task_group=group,
start_date=setup_start_date,
end_date=setup_start_date + dtm.timedelta(days=4)).id
self.generator.activate_workflow(workflow)
self.api.put(
TaskGroupTask.query.get(task_id), {
"start_date": update_start_date,
"end_date": update_start_date + dtm.timedelta(4)
})
active_wf = db.session.query(Workflow).filter(
Workflow.status == 'Active').one()
self.assertEqual(expected_date, active_wf.next_cycle_start_date)
def test_export_by_modified_by(self, field, email):
"""Test for creation assessment with mapped creator"""
slug = "TestAssessment"
with factories.single_commit():
factories.AssessmentFactory(
slug=slug,
modified_by=factories.PersonFactory(email=email),
)
data = [{
"object_name": "Assessment",
"fields": "all",
"filters": {
"expression": {
"left": field,
"op": {"name": "="},
"right": email
},
}
}]
resp = self.export_parsed_csv(data)["Assessment"]
self.assertEqual(1, len(resp))
self.assertEqual(slug, resp[0]["Code*"])
def test_import_with_mandatory(self):
"""Test import of data with mandatory role"""
# Import of data should be allowed if mandatory role provided
# and can process situation when nonmandatory roles are absent
# without any errors and warnings
with factories.single_commit():
mandatory_role = factories.AccessControlRoleFactory(
object_type="Market", mandatory=True).name
factories.AccessControlRoleFactory(object_type="Market",
mandatory=False)
email = factories.PersonFactory().email
response_json = self.import_data(
OrderedDict([
("object_type", "Market"),
("code", "market-1"),
("title", "Title"),
("Admin", "*****@*****.**"),
(mandatory_role, email),
]))
self._check_csv_response(response_json, {})
self.assertEqual(1, response_json[0]["created"])
self.assertEqual(1, len(models.Market.query.all()))
def test_mapping_snapshot_not_assessment_type(self, from_status,
expected_status):
"""Move Assessment form '{0}' to '{1}' when map snapshot.
Snapshot type != assessment type
"""
with factories.single_commit():
audit = factories.AuditFactory()
assessment = factories.AssessmentFactory(
audit=audit, status=from_status, assessment_type='Contract')
factories.RelationshipFactory(source=audit, destination=assessment)
control = factories.ControlFactory(title='test control')
snapshot = self._create_snapshots(audit, [control])[0]
response, _ = self.objgen.generate_relationship(
source=assessment,
destination=snapshot,
context=None,
)
assessment = self.refresh_object(assessment)
self.assertStatus(response, 201)
self.assertEqual(expected_status, assessment.status)
def test_audit_role_propagation_not_delete(self, role="Auditors"):
"""Audit user with role Auditors can NOT delete related evidence"""
_, reader = self.generator.generate_person(user_role="Reader")
assignees_role = all_models.AccessControlRole.query.filter_by(
object_type=all_models.Audit.__name__, name=role).first()
with factories.single_commit():
audit = factories.AuditFactory()
factories.AccessControlListFactory(ac_role=assignees_role,
object=audit,
person=reader)
evidence = factories.EvidenceFactory()
evidence_id = evidence.id
factories.RelationshipFactory(source=audit, destination=evidence)
self.api.set_user(reader)
evidence = all_models.Evidence.query.get(evidence_id)
resp = self.api.delete(evidence)
self.assertStatus(resp, 403)
evidence = all_models.Evidence.query.get(evidence_id)
self.assertTrue(evidence)
def test_import_assessment_with_evidence_file_blank_multiple(self):
"""No warnings in Evidence Files"""
evidence_file = "test_gdrive_url \n \n another_gdrive_url"
with factories.single_commit():
audit = factories.AuditFactory()
assessment = factories.AssessmentFactory()
assessment_slug = assessment.slug
factories.RelationshipFactory(source=audit, destination=assessment)
evidence1 = factories.EvidenceFileFactory(link="test_gdrive_url")
factories.RelationshipFactory(source=assessment,
destination=evidence1)
evidence2 = factories.EvidenceFileFactory(link="another_gdrive_url")
factories.RelationshipFactory(source=assessment,
destination=evidence2)
response = self.import_data(OrderedDict([
("object_type", "Assessment"),
("Code*", assessment_slug),
("Evidence File", evidence_file),
]))
self.assertEquals([], response[0]['row_warnings'])
def test_assmt_generation_disallowed_wo_audit(self):
"""Test we can't turn integration On for Assessment w/o audit"""
with factories.single_commit():
audit = factories.AuditFactory()
factories.IssueTrackerIssueFactory(
issue_tracked_obj=audit,
enabled=False,
issue_id=None,
)
response = self.import_data(
OrderedDict([
("object_type", "Assessment"),
("Code*", ""),
("Audit", audit.slug),
("Assignees*", "*****@*****.**"),
("Creators", "*****@*****.**"),
("Title", "Object Title"),
("Ticket Tracker Integration", "On"),
("Due Date*", "2016-10-24T15:35:37"),
]))
self._check_csv_response(response, {})
assmt = all_models.Assessment.query.one()
self.assertFalse(assmt.issue_tracker["enabled"])
def test_update_reference_url(self):
"""Reference Url updated properly via import"""
doc_url = "test_gdrive_url"
with factories.single_commit():
control1 = factories.ControlFactory()
control1_slug = control1.slug
control2 = factories.ControlFactory()
doc = factories.DocumentReferenceUrlFactory(link=doc_url)
factories.RelationshipFactory(source=control1, destination=doc)
factories.RelationshipFactory(source=control2, destination=doc)
self.import_data(
collections.OrderedDict([
("object_type", "Control"),
("Code*", control1_slug),
("Reference Url", "new_gdrive_url"),
]))
control1 = all_models.Control.query.filter_by(slug=control1_slug).one()
self.assertEquals(1, len(control1.documents_reference_url))
self.assertEquals("new_gdrive_url",
control1.documents_reference_url[0].link)
def test_create_ext_user_ext_relationship(self):
"""Validation external app user creates external relationship."""
self.api.set_user(self.person_ext)
with factories.single_commit():
product = factories.ProductFactory()
system = factories.SystemFactory()
response = self.api.client.post(self.REL_URL,
data=self.build_relationship_json(
product, system, True),
headers=self.HEADERS)
self.assert200(response)
relationship = all_models.Relationship.query.get(
response.json[0][-1]["relationship"]["id"])
self.assertEqual(relationship.source_type, "Product")
self.assertEqual(relationship.source_id, product.id)
self.assertEqual(relationship.destination_type, "System")
self.assertEqual(relationship.destination_id, system.id)
self.assertTrue(relationship.is_external)
self.assertEqual(relationship.modified_by_id, self.person_ext.id)
self.assertIsNone(relationship.parent_id)
self.assertIsNone(relationship.automapping_id)
self.assertIsNone(relationship.context_id)
def test_autogenerated_assignees_verifiers(self):
"""Test autogenerated assessment assignees"""
auditors = ["*****@*****.**", "*****@*****.**"]
captains = [
"*****@*****.**", "*****@*****.**", "*****@*****.**"
]
with factories.single_commit():
self.generate_acls(auditors, self.auditor_role)
self.generate_acls(captains, self.captains_role)
self.assertEqual(
all_models.AccessControlPerson.query.join(
all_models.AccessControlList).filter(
all_models.AccessControlList.ac_role_id ==
self.auditor_role.id,
all_models.AccessControlList.object_id == self.audit.id,
all_models.AccessControlList.object_type ==
"Audit").count(), 2, "Auditors not present")
response = self.assessment_post()
self.assert_assignees("Verifiers", response, *auditors)
self.assert_assignees("Assignees", response, *captains)
self.assert_assignees("Creators", response, "*****@*****.**")
def test_add_person_revision(self):
"""Test Control revision created if new person is assigned in import."""
user = all_models.Person.query.filter_by(
email="*****@*****.**").first()
with factories.single_commit():
control = factories.ControlFactory(modified_by=user)
objective = factories.ObjectiveFactory()
revisions = db.session.query(all_models.Revision.action).filter_by(
resource_type=control.type, resource_id=control.id)
self.assertEqual(revisions.all(), [("created", )])
response = self.import_data(
collections.OrderedDict([
("object_type", "Control"),
("Code*", control.slug),
("Admin", "*****@*****.**"),
("Control Operators", "*****@*****.**"),
("Control Owners", "*****@*****.**"),
("Map:Objective", objective.slug),
]))
self._check_csv_response(response, {})
self.assertEqual(revisions.all(), [('created', ), ('modified', )])
def test_create_required_flag_error(self, data, msg):
"""Test create wf with empty or invalid Needed Verification flag"""
slug = "SomeCode"
with factories.single_commit():
person = factories.PersonFactory(email="*****@*****.**")
resp = self.import_data(
collections.OrderedDict([
("object_type", "Workflow"),
("code", slug),
("title", "SomeTitle"),
("force real-time email updates", "no"),
("Admin", person.email),
("Need Verification", data),
]))
data = {
"Workflow": {
"row_errors":
{msg.format(line=3, column_name="Need Verification")}
}
}
self.assertEqual(1, resp[0]['ignored'])
self._check_csv_response(resp, data)
self.assertIsNone(Workflow.query.filter(Workflow.slug == slug).first())
def test_import_assessment_with_evidence_url_existing(self):
"""If url already mapped to assessment ignore it"""
evidence_url = "test_gdrive_url"
with factories.single_commit():
audit = factories.AuditFactory()
assessment = factories.AssessmentFactory()
assessment_slug = assessment.slug
factories.RelationshipFactory(source=audit, destination=assessment)
evidence = factories.EvidenceUrlFactory(link=evidence_url)
factories.RelationshipFactory(source=assessment,
destination=evidence)
response = self.import_data(
OrderedDict([
("object_type", "Assessment"),
("Code*", assessment_slug),
("Evidence Url", evidence_url),
]))
evidences = all_models.Evidence.query.filter_by(
link=evidence_url).all()
self.assertEquals(1, len(evidences))
self.assertEquals([], response[0]['row_warnings'])
def test_document_remove_related(self, document_type, from_status,
expected_status):
"""Move Assessment from '{1}' to '{2}' remove document of type {0}"""
with factories.single_commit():
assessment = factories.AssessmentFactory(status=from_status)
document = factories.DocumentFactory(document_type=document_type,
title='google.com',
link='google.com')
factories.RelationshipFactory(destination=assessment,
source=document)
response = self.api.put(
assessment, {
'actions': {
'remove_related': [{
'id': document.id,
'type': 'Document',
}]
}
})
assessment = self.refresh_object(assessment)
self.assert200(response)
self.assertEqual(expected_status, assessment.status)
def test_evidence_remove_related(self, kind, from_status, expected_status):
"""Move Assessment from '{1}' to '{2}' remove evidence of type {0}"""
with factories.single_commit():
assessment = factories.AssessmentFactory(status=from_status)
evidence = factories.EvidenceFactory(kind=kind,
title='google.com',
link='google.com',
source_gdrive_id='some_id')
factories.RelationshipFactory(destination=assessment,
source=evidence)
response = self.api.put(
assessment, {
'actions': {
'remove_related': [{
'id': evidence.id,
'type': 'Evidence',
}]
}
})
assessment = self.refresh_object(assessment)
self.assert200(response)
self.assertEqual(expected_status, assessment.status)
def test_validate_invalid_type_ca(self):
"""Test adding invalid attribute type to custom "Map:Person" attribute."""
with factories.single_commit():
program = factories.ProgramFactory()
attribute_definition = factories.CustomAttributeDefinitionFactory(
definition_type="program",
definition_id=program.id,
attribute_type="Map:Person",
mandatory=True
)
program.custom_attribute_values = [
{
"attribute_value": "Assessment:1",
"custom_attribute_id": attribute_definition.id,
}
]
with self.assertRaises(ValueError) as exception:
program.validate_custom_attributes()
self.assertEqual(exception.exception.message,
'Invalid attribute type: Assessment expected Person')
def test_create_mapping_cache(self, count):
"""Test creation of mapping cache for export."""
with factories.single_commit():
regulations = [factories.RegulationFactory() for _ in range(count)]
markets = [factories.MarketFactory() for _ in range(count)]
controls = [factories.ControlFactory() for _ in range(count)]
expected_cache = defaultdict(lambda: defaultdict(list))
for i in range(count):
for j in range(i):
factories.RelationshipFactory(
source=regulations[j] if i % 2 == 0 else markets[i],
destination=regulations[j] if i %
2 == 1 else markets[i],
)
factories.RelationshipFactory(
source=regulations[j] if i % 2 == 0 else controls[i],
destination=regulations[j] if i %
2 == 1 else controls[i],
)
expected_cache[regulations[j].id]["Control"].append(
controls[i].slug)
expected_cache[regulations[j].id]["Market"].append(
markets[i].slug)
block = base_block.BlockConverter(mock.MagicMock())
block.object_class = models.Regulation
block.object_ids = [r.id for r in regulations]
with QueryCounter() as counter:
cache = block._create_mapping_cache()
self.assertEqual(
self.dd_to_dict(cache),
self.dd_to_dict(expected_cache),
)
self.assertLess(counter.get, self.QUERY_LIMIT)
def test_asmt_default_values_from_tmpl(self, field, alias, value,
tmpl_value):
"""Test set tmpl.{0}={3!r} if csv.{1!r}={2!r} and audit/app integr on"""
with factories.single_commit():
audit = factories.AuditFactory()
factories.IssueTrackerIssueFactory(
issue_tracked_obj=audit, enabled=True)
tmpl = factories.AssessmentTemplateFactory(audit=audit)
factories.IssueTrackerIssueFactory(
issue_tracked_obj=tmpl, **{field: tmpl_value})
fields = OrderedDict([
("object_type", "Assessment"),
("Code*", "OBJ-1"),
("Audit*", audit.slug),
("Assignees*", "*****@*****.**"),
("Creators", "*****@*****.**"),
("Template", tmpl.slug),
("Title", "Object Title"),
])
if value is not None:
fields[alias] = value
response = self.import_data(fields)
if value is not None:
# ensure that warning is returned
expected_warning = (
errors.WRONG_VALUE_DEFAULT.format(line=3, column_name=alias)
)
expected_messages = {"Assessment": {"row_warnings": {expected_warning}}}
self._check_csv_response(response, expected_messages)
obj = all_models.Assessment.query.one()
self.assertEqual(str(obj.issue_tracker[field]),
str(tmpl_value))
self.mock_create_issue.assert_not_called()
def test_create_new_assessment_with_mapped_control(self):
"Test for creation assessment with mapped controls"
with factories.single_commit():
audit = factories.AuditFactory()
control = factories.ControlFactory()
revision = models.Revision.query.filter(
models.Revision.resource_id == control.id,
models.Revision.resource_type ==
control.__class__.__name__).order_by(
models.Revision.id.desc()).first()
factories.SnapshotFactory(parent=audit,
child_id=control.id,
child_type=control.__class__.__name__,
revision_id=revision.id)
db.session.commit()
self.assertFalse(
db.session.query(
models.Relationship.get_related_query(
models.Assessment(),
models.Snapshot()).exists()).first()[0])
slug = "TestAssessment"
self.import_data(
OrderedDict([
("object_type", "Assessment"),
("Code*", slug),
("Audit*", audit.slug),
("Assignees*", models.Person.query.all()[0].email),
("Creators", models.Person.query.all()[0].email),
("Title", "Strange title"),
("map:Control versions", control.slug),
]))
assessment = models.Assessment.query.filter(
models.Assessment.slug == slug).first()
self.assertTrue(
db.session.query(
models.Relationship.get_related_query(
assessment, models.Snapshot()).exists()).first()[0])
def test_acl_no_reindex_snapshots(self):
"""Test that snapshot reindex is not happened for
acl where person has the same role for
different kind of objects."""
with factories.single_commit():
person = factories.PersonFactory(name="Test Name")
system = factories.SystemFactory()
audit = factories.AuditFactory()
factories.AccessControlPersonFactory(
ac_list=system.acr_name_acl_map["Admin"],
person=person,
)
audit_id = audit.id
system_id = system.id
person_id = person.id
person_name = person.name
person_email = person.email
revision = all_models.Revision.query.filter(
all_models.Revision.resource_id == system.id,
all_models.Revision.resource_type == system.type
).one()
revision.content = system.log_json()
db.session.add(revision)
db.session.commit()
self._create_snapshots(audit, [system])
self.client.post("/admin/reindex_snapshots")
snapshot = all_models.Snapshot.query.filter(
all_models.Snapshot.parent_id == audit_id,
all_models.Snapshot.parent_type == 'Audit',
all_models.Snapshot.child_id == system_id,
all_models.Snapshot.child_type == 'System',
).one()
self.assert_indexed_fields(snapshot, "Admin", {
"{}-email".format(person_id): person_email,
"{}-name".format(person_id): person_name,
"__sort__": person_email,
})
