def test_access_key_not_allowed(self):
"""Visitors and normies should not be allowed to generate an access key."""
self.reset_access_key()
data = {'action': 'generate_key'}
request = self.factory.post(self.foia.get_absolute_url(), data)
request = mock_middleware(request)
# viewers should not be able to generate the key
request.user = self.viewer
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_false(self.foia.access_key)
# normies should not be able to generate the key
self.reset_access_key()
request.user = self.normie
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_false(self.foia.access_key)
def test_access_key_allowed(self):
"""
A POST request for a private share link should generate and return an access key.
Editors and staff should be allowed to do this.
"""
self.reset_access_key()
data = {'action': 'generate_key'}
request = self.factory.post(self.foia.get_absolute_url(), data)
request = mock_middleware(request)
# editors should be able to generate the key
request.user = self.editor
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_true(self.foia.access_key)
# staff should be able to generate the key
self.reset_access_key()
request.user = self.staff
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_true(self.foia.access_key)
def setUp(self):
agency = AgencyFactory(appeal_agency=AppealAgencyFactory())
self.foia = FOIARequestFactory(agency=agency)
self.view = Detail.as_view()
self.url = self.foia.get_absolute_url()
self.kwargs = {
'jurisdiction': self.foia.jurisdiction.slug,
'jidx': self.foia.jurisdiction.id,
'slug': self.foia.slug,
'idx': self.foia.id
}
def setUp(self):
agency = AgencyFactory(appeal_agency=AppealAgencyFactory())
self.foia = FOIARequestFactory(agency=agency)
self.view = Detail.as_view()
self.url = self.foia.get_absolute_url()
self.kwargs = {
"jurisdiction": self.foia.jurisdiction.slug,
"jidx": self.foia.jurisdiction.id,
"slug": self.foia.slug,
"idx": self.foia.id,
}
UserFactory(username="******")
def test_revoke_view_access(self):
"""Editors should be able to revoke access from a viewer."""
a_viewer = UserFactory()
self.foia.add_viewer(a_viewer)
data = {'action': 'revoke_access', 'user': a_viewer.pk}
request = self.factory.post(self.foia.get_absolute_url(), data)
request = mock_middleware(request)
request.user = self.editor
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
eq_(response.status_code, 302)
assert_false(self.foia.has_viewer(a_viewer))
def test_promote_viewer(self):
"""Editors should be able to promote viewers to editors."""
user = UserFactory()
self.foia.add_viewer(user)
assert_true(self.foia.has_viewer(user))
data = {'action': 'promote', 'user': user.pk}
request = self.factory.post(self.foia.get_absolute_url(), data)
request = mock_middleware(request)
request.user = self.editor
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
eq_(response.status_code, 302)
assert_false(self.foia.has_viewer(user))
assert_true(self.foia.has_editor(user))
def test_revoke_edit_access(self):
"""Editors should be able to revoke access from an editor."""
an_editor = UserFactory()
self.foia.add_editor(an_editor)
data = {"action": "revoke_access", "user": an_editor.pk}
request = self.factory.post(self.foia.get_absolute_url(), data)
request = mock_middleware(request)
request.user = self.editor
response = Detail.as_view()(
request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id,
)
eq_(response.status_code, 302)
assert_false(self.foia.has_editor(an_editor))
def setUp(self):
self.foia = FOIARequestFactory()
self.editor = UserFactory()
self.viewer = UserFactory()
self.foia.add_editor(self.editor)
self.foia.add_viewer(self.viewer)
self.data = {
'action': 'add_note',
'note': u'Lorem ipsum dolor su ament.'
}
self.url = self.foia.get_absolute_url()
self.view = Detail.as_view()
self.kwargs = {
'jurisdiction': self.foia.jurisdiction.slug,
'jidx': self.foia.jurisdiction.id,
'slug': self.foia.slug,
'idx': self.foia.id
}
def setUp(self):
self.foia = FOIARequestFactory()
self.editor = UserFactory()
self.viewer = UserFactory()
self.foia.add_editor(self.editor)
self.foia.add_viewer(self.viewer)
self.data = {
"action": "add_note",
"note": "Lorem ipsum dolor su ament."
}
self.url = self.foia.get_absolute_url()
self.view = Detail.as_view()
self.kwargs = {
"jurisdiction": self.foia.jurisdiction.slug,
"jidx": self.foia.jurisdiction.id,
"slug": self.foia.slug,
"idx": self.foia.id,
}
UserFactory(username="******")
def test_grant_view_access(self):
"""Editors should be able to add viewers."""
user1 = UserFactory()
user2 = UserFactory()
view_data = {
'action': 'grant_access',
'users': [user1.pk, user2.pk],
'access': 'view'
}
view_request = self.factory.post(self.foia.get_absolute_url(), view_data)
view_request = mock_middleware(view_request)
view_request.user = self.editor
view_response = Detail.as_view()(
view_request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id
)
eq_(view_response.status_code, 302)
assert_true(self.foia.has_viewer(user1) and self.foia.has_viewer(user2))
def test_get_foia(self):
"""Try getting the detail page for a FOIA Request with an unread notification."""
agency = AgencyFactory()
foia = FOIARequestFactory(agency=agency)
view = FOIARequestDetail.as_view()
# Create a notification for the request
action = new_action(agency, 'completed', target=foia)
notification = notify(self.user, action)[0]
ok_(not notification.read, 'The notification should be unread.')
# Try getting the view as the user
response = http_get_response(foia.get_absolute_url(),
view,
self.user,
idx=foia.pk,
slug=foia.slug,
jidx=foia.jurisdiction.pk,
jurisdiction=foia.jurisdiction.slug)
eq_(response.status_code, 200, 'The view should response 200 OK.')
# Check that the notification has been read.
notification.refresh_from_db()
ok_(notification.read, 'The notification should be marked as read.')
def test_grant_edit_access(self):
"""Editors should be able to add editors."""
user1 = UserFactory()
user2 = UserFactory()
edit_data = {
"action": "grant_access",
"users": [user1.pk, user2.pk],
"access": "edit",
}
edit_request = self.factory.post(self.foia.get_absolute_url(),
edit_data)
edit_request = mock_middleware(edit_request)
edit_request.user = self.editor
edit_response = Detail.as_view()(
edit_request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id,
)
eq_(edit_response.status_code, 302)
assert_true(
self.foia.has_editor(user1) and self.foia.has_editor(user2))
