def test_multi_org_redirect_on_login_with_orglist_next_query(self):
user = UserFactory()
org_user1 = OrganizationUserFactory(user=user)
org_user2 = OrganizationUserFactory(user=user)
user.set_password('test')
user.save()
response = self.client.post(reverse('auth_login')+'?next=/',
{'username': user.username, 'password': '******'},
follow = True)
expected_url = reverse('organization_list')
self.assertRedirects(response, expected_url)
def test_redirect_for_many_organizations(self):
'''
If the user is a member of many organizations then on login
they should be redirected to the organization list page
which shows all the organizations to which they belong.
'''
OrganizationUserFactory(user=self.user)
OrganizationUserFactory(user=self.user)
org_redirect_view = OrganizationRedirectView()
org_redirect_view.request = self.login_request
url = org_redirect_view.get_redirect_url()
self.assertEquals(url, reverse('organization_list'))
def test_check_access_perms_detects_organization_admins(self):
org_user = OrganizationUserFactory(is_admin=True)
org = org_user.organization
user = org_user.user
org_user_delete_view = CustomOrganizationUserDelete()
org_user_delete_view.kwargs = {'organization_pk': org.pk}
self.assertIsNone(org_user_delete_view._check_access_perms(user))
def test_get_initial_returns_is_editor_status_and_nothing_else(self):
custom_org_user_update_view = CustomOrganizationUserUpdate()
# This will provide an organization and user, but no permissions will
# be assigned so is_editor will be False
custom_org_user_update_view.object = OrganizationUserFactory.build()
expected_initial = {'is_editor': False}
self.assertDictEqual(custom_org_user_update_view.get_initial(),
expected_initial)
def test_get_initial_returns_is_editor_status_and_nothing_else(self):
custom_org_user_update_view = CustomOrganizationUserUpdate()
# This will provide an organization and user, but no permissions will
# be assigned so is_editor will be False
custom_org_user_update_view.object = OrganizationUserFactory.build()
expected_initial = {'is_editor': False}
self.assertDictEqual(custom_org_user_update_view.get_initial(),
expected_initial)
def test_active_users_of_org_added_to_watchers_of_new_decision(self):
"""
See no reason to have this in a view test, this behavior is almost
entirely tested already in the model tests in tests/decisions_test.py
Suggest, moving this test to there.
"""
org = OrganizationFactory()
active_org_user1 = OrganizationUserFactory(organization=org)
active_org_user2 = OrganizationUserFactory(organization=org)
inactive_org_user = OrganizationUserFactory(
user=UserFactory(is_active=False), organization=org)
active_other_org_user = OrganizationUserFactory()
decision = DecisionFactory(organization=org)
watching_user_ids = decision.watchers.values_list('user_id', flat=True)
self.assertIn(active_org_user1.user.id, watching_user_ids)
self.assertIn(active_org_user2.user.id, watching_user_ids)
self.assertEqual(len(watching_user_ids), 2)
def test_check_access_perms_doesnt_detect_normal_users(self):
org_user = OrganizationUserFactory()
org = org_user.organization
user = org_user.user
org_user_delete_view = CustomOrganizationUserDelete()
org_user_delete_view.kwargs = {'organization_pk': org.pk}
self.assertIsInstance(
org_user_delete_view._check_access_perms(user),
HttpResponseForbidden)
def setUp(self):
user = UserFactory()
self.decision = DecisionFactory(author=user, description="Eat Cheese")
watcher = UserFactory(email="*****@*****.**")
organization = self.decision.organization
self.settings = NotificationSettingsFactory(
user=watcher,
organization=organization,
notification_level=FEEDBACK_ADDED_NOTIFICATIONS)
OrganizationUserFactory(user=watcher, organization=organization)
def test_organisation_user_leave_view_redirects_to_organization_list(self):
org_user = OrganizationUserFactory()
user = org_user.user
request = RequestFactory()
request.user = user
org_user_leave_view = CustomOrganizationUserLeave()
org_user_leave_view.get_object = lambda: org_user
response = org_user_leave_view.delete(request)
self.assertEqual(302, response.status_code)
self.assertEqual(reverse('organization_list'), response['Location'])
def test_single_org_redirect_on_login_with_orgadd_next_query(self):
org_user = OrganizationUserFactory()
self.client.logout()
org_user.user.set_password('test')
org_user.user.save()
response = self.client.post(reverse('auth_login')+'?next=/organizations/add/',
{'username': org_user.user.username, 'password': '******'},
follow = True)
expected_url = reverse('organization_add')
self.assertRedirects(response, expected_url)
def test_single_org_redirect_on_login_with_root_next_query(self):
org_user = OrganizationUserFactory()
self.client.logout()
org_user.user.set_password('test')
org_user.user.save()
response = self.client.post(reverse('auth_login')+'?next=/',
{'username': org_user.user.username, 'password': '******'},
follow = True)
expected_url = reverse('publicweb_item_list',
args=[org_user.organization.slug, Decision.DISCUSSION_STATUS])
self.assertRedirects(response, expected_url)
def test_delete_stops_users_watching_decisions_for_the_organization(self):
org_user_delete_view = CustomOrganizationUserDelete()
observed_item = ObservedItemFactory()
org = observed_item.observed_object.organization
user = observed_item.user
org_user = OrganizationUserFactory(organization=org, user=user)
decision = observed_item.observed_object
org_user_delete_view.get_object = lambda: org_user
request = RequestFactory()
request.user = user
org_user_delete_view.delete(request)
self.assertSequenceEqual([], decision.watchers.all())
def test_delete_deletes_the_unused_permissions(self):
org_user_delete_view = CustomOrganizationUserDelete()
org_user = OrganizationUserFactory()
org = org_user.organization
user = org_user.user
assign_perm(GUARDIAN_PERMISSION, user, org)
self.assertTrue(user.has_perm(GUARDIAN_PERMISSION, org))
org_user_delete_view.get_object = lambda: org_user
request = RequestFactory()
request.user = user
org_user_delete_view.delete(request)
self.assertFalse(user.has_perm(GUARDIAN_PERMISSION, org))
def test_redirect_for_one_organization(self):
'''
If the user is a member of only one organization then on login
they should be redirected to the default Decision status list for
that one organization and not the organization list page.
'''
org_user = OrganizationUserFactory(user=self.user)
org_redirect_view = OrganizationRedirectView()
org_redirect_view.request = self.login_request
url = org_redirect_view.get_redirect_url()
expected_url = reverse('publicweb_item_list',
args=[org_user.organization.slug, 'discussion'])
self.assertEqual(url, expected_url)
def test_active_users_of_org_added_to_watchers_of_new_decision(self):
"""
See no reason to have this in a view test, this behavior is almost
entirely tested already in the model tests in tests/decisions_test.py
Suggest, moving this test to there.
"""
org_user_factory = OrganizationUserFactory()
org = org_user_factory.organization
user_in_org = org_user_factory.user
UserFactory() # Create one user not linked to the org for completeness
user_inactive = UserFactory(is_active=False)
# Link the inactive user with the existing org and confirm it worked
OrganizationUserFactory(user=user_inactive, organization=org)
user_status_list = [user.user.is_active
for user in org.organization_users.all()]
assert user_status_list.count(True) == 1
assert user_status_list.count(False) == 1
# The Test
decision = DecisionFactory(organization=org)
self.assertEqual(decision.watchers.count(), 1,
"There should be one watcher.")
self.assertEqual(decision.watchers.get().user, user_in_org,
"The watcher user should be the active user.")
def test_delete_stops_users_watching_feedback_for_the_organization(self):
org_user_delete_view = CustomOrganizationUserDelete()
feedback = FeedbackFactory()
observed_item = ObservedItemFactory(observed_object=feedback)
org = observed_item.observed_object.decision.organization
user = feedback.author
org_user = OrganizationUserFactory(organization=org, user=user)
org_user_delete_view.get_object = lambda: org_user
request = RequestFactory()
request.user = user
org_user_delete_view.delete(request)
# Two observed items were created for different users
# Only the second one should remain after the delete request
self.assertSequenceEqual([observed_item], feedback.watchers.all())
def test_redirect_for_one_organization(self):
'''
If the user is a member of only one organization then on login
they should be redirected to the proposal page for that one
organization and not the organization list page.
'''
org_user_factory = OrganizationUserFactory(user=self.user)
org_redirect_view = OrganizationRedirectView()
org_redirect_view.request = self.login_request
response = org_redirect_view.get_redirect_url()
expected_url = reverse('publicweb_item_list',
args=[org_user_factory.organization.slug,
'proposal'])
self.assertEqual(response, expected_url)
def test_organisation_user_delete_view_doesnt_let_user_delete_others(self):
org_user_delete_view = CustomOrganizationUserDelete()
org_user = OrganizationUserFactory()
org = org_user.organization
user_1 = org_user.user
user_2 = UserFactory()
assign_perm(GUARDIAN_PERMISSION, user_1, org)
request = RequestFactory().post("/", {'submit': "Delete"})
request.user = user_1
org_user_delete_view.get_object = lambda: org_user
response = org_user_delete_view.dispatch(
request, organization_pk=unicode(org.pk), user_pk=unicode(user_2.pk))
self.assertIsInstance(response, HttpResponseForbidden)
def setUp(self):
mail.outbox = []
self.user = UserFactory(email="*****@*****.**")
decision = DecisionFactory(author=self.user)
feedbackAuthor = UserFactory(email="*****@*****.**")
self.feedback = FeedbackFactory(decision=decision,
description="Not so fast",
author=feedbackAuthor,
editor=feedbackAuthor)
organization = decision.organization
self.settings = NotificationSettingsFactory(
user=self.user,
organization=organization,
notification_level=FEEDBACK_MAJOR_CHANGES)
OrganizationUserFactory(user=self.user, organization=organization)
def test_organisation_user_leave_view_lets_user_delete_themself(self):
org_user = OrganizationUserFactory()
org = org_user.organization
user = org_user.user
assign_perm(GUARDIAN_PERMISSION, user, org)
request = RequestFactory().post("/", {'submit': "Leave"})
request.user = user
org_user_leave_view = CustomOrganizationUserLeave()
org_user_leave_view.get_object = lambda: org_user
response = org_user_leave_view.dispatch(request, organization_pk=org.pk)
self.assertEqual(
0, OrganizationUser.objects.filter(user=user, organization=org).count())
self.assertEqual(reverse('organization_list'), response['Location'])
def test_organisation_user_delete_view_is_accessible_to_admin(self):
org_user_delete_view = CustomOrganizationUserDelete()
org_user = OrganizationUserFactory(is_admin=True)
org = org_user.organization
user_1 = org_user.user
user_2 = UserFactory()
assign_perm(GUARDIAN_PERMISSION, user_1, org)
request = RequestFactory().post("/", {'submit': "Delete"})
request.user = user_1
org_user_delete_view.get_object = lambda: org_user
response = org_user_delete_view.dispatch(
request, organization_pk=org.pk, user_pk=user_2.pk)
self.assertEqual(
reverse('organization_user_list', args=[org.pk]), response['Location'])
def test_user_can_unwatch_a_decision(self):
org_user = OrganizationUserFactory()
org = org_user.organization
user = org_user.user
decision = DecisionFactory(organization=org)
# Confirm decision has a single watcher
self.assertEqual(decision.watchers.count(), 1)
# Get the view ready
request = RequestFactory()
request.user = user
decision_update_view = DecisionUpdate()
decision_update_view.request = request
decision_update_view.object = decision
decision_update_view.get_object = lambda: decision
decision_update_view.last_status = 'dummy'
form = DecisionForm(instance=decision)
form.cleaned_data = {'watch': False}
# Run the form_valid method to stop observing
decision_update_view.form_valid(form)
self.assertEqual(decision.watchers.count(), 0)
def test_get_role_returns_viewer_when_is_viewer(self):
org_user = OrganizationUserFactory()
self.assertEqual('viewer', org_user.get_role())
def test_is_editor_returns_true_when_is_editor(self):
org_user = OrganizationUserFactory()
assign_perm(GUARDIAN_PERMISSION, org_user.user, org_user.organization)
self.assertTrue(org_user.is_editor())
def test_is_editor_returns_false_when_not_editor(self):
org_user = OrganizationUserFactory()
self.assertFalse(org_user.is_editor())
def test_get_role_returns_editor_when_is_editor(self):
org_user = OrganizationUserFactory()
assign_perm(GUARDIAN_PERMISSION, org_user.user, org_user.organization)
self.assertEqual('editor', org_user.get_role())
def test_get_role_returns_admin_when_is_admin(self):
org_user = OrganizationUserFactory(is_admin=True)
self.assertEqual('admin', org_user.get_role())
def test_is_editor_returns_false_when_not_editor(self):
org_user = OrganizationUserFactory()
self.assertFalse(org_user.is_editor())
def test_is_editor_returns_true_when_is_editor(self):
org_user = OrganizationUserFactory()
assign_perm(GUARDIAN_PERMISSION, org_user.user, org_user.organization)
self.assertTrue(org_user.is_editor())
def test_get_role_returns_admin_when_is_admin(self):
org_user = OrganizationUserFactory(is_admin=True)
self.assertEqual('admin', org_user.get_role())
def test_get_role_returns_editor_when_is_editor(self):
org_user = OrganizationUserFactory()
assign_perm(GUARDIAN_PERMISSION, org_user.user, org_user.organization)
self.assertEqual('editor', org_user.get_role())
def test_get_role_returns_viewer_when_is_viewer(self):
org_user = OrganizationUserFactory()
self.assertEqual('viewer', org_user.get_role())
