def test_set_user_folder_permissions_does_not_affect_permissions_for_other_services(
client,
sample_user,
sample_service,
):
tf1 = create_template_folder(sample_service)
tf2 = create_template_folder(sample_service)
service_2 = create_service(sample_user, service_name='other service')
tf3 = create_template_folder(service_2)
sample_service_user = dao_get_service_user(sample_user.id,
sample_service.id)
sample_service_user.folders = [tf1]
dao_update_service_user(sample_service_user)
service_2_user = dao_get_service_user(sample_user.id, service_2.id)
service_2_user.folders = [tf3]
dao_update_service_user(service_2_user)
data = json.dumps({'permissions': [], 'folder_permissions': [str(tf2.id)]})
response = client.post(url_for('user.set_permissions',
user_id=str(sample_user.id),
service_id=str(sample_service.id)),
headers=[('Content-Type', 'application/json'),
create_authorization_header()],
data=data)
assert response.status_code == 204
assert sample_service_user.folders == [tf2]
assert service_2_user.folders == [tf3]
def test_move_to_folder_skips_archived_templates(admin_request,
sample_service):
target_folder = create_template_folder(sample_service)
other_folder = create_template_folder(sample_service)
archived_template = create_template(sample_service,
archived=True,
folder=None)
unarchived_template = create_template(sample_service,
archived=False,
folder=other_folder)
archived_timestamp = archived_template.updated_at
admin_request.post(
'template_folder.move_to_template_folder',
service_id=sample_service.id,
target_template_folder_id=target_folder.id,
_data={
'templates':
[str(archived_template.id),
str(unarchived_template.id)],
'folders': []
},
_expected_status=204)
assert archived_template.updated_at == archived_timestamp
assert archived_template.folder is None
assert unarchived_template.folder == target_folder
def test_update_user_folder_permissions(client, sample_user, sample_service):
tf1 = create_template_folder(sample_service)
tf2 = create_template_folder(sample_service)
tf3 = create_template_folder(sample_service)
service_user = dao_get_service_user(sample_user.id, sample_service.id)
service_user.folders = [tf1, tf2]
dao_update_service_user(service_user)
data = json.dumps({
'permissions': [],
'folder_permissions': [str(tf2.id), str(tf3.id)]
})
response = client.post(url_for('user.set_permissions',
user_id=str(sample_user.id),
service_id=str(sample_service.id)),
headers=[('Content-Type', 'application/json'),
create_authorization_header()],
data=data)
assert response.status_code == 204
assert len(service_user.folders) == 2
assert tf2 in service_user.folders
assert tf3 in service_user.folders
def test_move_to_folder_moves_folders_and_templates_to_top_level_if_no_target(
admin_request, sample_service):
f1 = create_template_folder(sample_service, name="f1")
f2 = create_template_folder(sample_service, name="f2", parent=f1)
t1 = create_template(sample_service, template_name="t1", folder=f1)
t2 = create_template(sample_service, template_name="t2", folder=f1)
t3 = create_template(sample_service, template_name="t3", folder=f2)
admin_request.post(
"template_folder.move_to_template_folder",
service_id=sample_service.id,
target_template_folder_id=None,
_data={
"templates": [str(t1.id)],
"folders": [str(f2.id)]
},
_expected_status=204,
)
assert f1.parent is None # unchanged
assert f2.parent is None
assert t1.folder is None # moved out of f1
assert t2.folder == f1 # unchanged
assert t3.folder == f2 # stayed in f2 even though the parent changed
def test_get_folders_for_service(admin_request, notify_db_session):
s1 = create_service(service_name="a")
s2 = create_service(service_name="b")
tf1 = create_template_folder(s1)
tf2 = create_template_folder(s1)
create_template_folder(s2)
resp = admin_request.get(
"template_folder.get_template_folders_for_service", service_id=s1.id)
assert set(resp.keys()) == {"template_folders"}
assert sorted(resp["template_folders"], key=lambda x: x["id"]) == sorted(
[
{
"id": str(tf1.id),
"name": "foo",
"service_id": str(s1.id),
"parent_id": None,
"users_with_permission": [],
},
{
"id": str(tf2.id),
"name": "foo",
"service_id": str(s1.id),
"parent_id": None,
"users_with_permission": [],
},
],
key=lambda x: x["id"],
)
def test_get_folders_for_service(admin_request, notify_db_session):
s1 = create_service(service_name='a')
s2 = create_service(service_name='b')
tf1 = create_template_folder(s1)
tf2 = create_template_folder(s1)
create_template_folder(s2)
resp = admin_request.get(
'template_folder.get_template_folders_for_service', service_id=s1.id)
assert set(resp.keys()) == {'template_folders'}
assert sorted(resp['template_folders'],
key=lambda x: x['id']) == sorted([
{
'id': str(tf1.id),
'name': 'foo',
'service_id': str(s1.id),
'parent_id': None,
'users_with_permission': []
},
{
'id': str(tf2.id),
'name': 'foo',
'service_id': str(s1.id),
'parent_id': None,
'users_with_permission': []
},
],
key=lambda x: x['id'])
def test_delete_template_folder_fails_if_folder_has_subfolders(
admin_request, sample_service):
existing_folder = create_template_folder(sample_service)
existing_subfolder = create_template_folder(sample_service,
parent=existing_folder) # noqa
resp = admin_request.delete('template_folder.delete_template_folder',
service_id=sample_service.id,
template_folder_id=existing_folder.id,
_expected_status=400)
assert resp == {'result': 'error', 'message': 'Folder is not empty'}
assert TemplateFolder.query.count() == 2
def test_delete_template_folder_fails_if_folder_has_subfolders(
admin_request, sample_service):
existing_folder = create_template_folder(sample_service)
create_template_folder(sample_service, parent=existing_folder)
resp = admin_request.delete(
"template_folder.delete_template_folder",
service_id=sample_service.id,
template_folder_id=existing_folder.id,
_expected_status=400,
)
assert resp == {"result": "error", "message": "Folder is not empty"}
assert TemplateFolder.query.count() == 2
def test_dao_add_user_to_service_sets_folder_permissions(sample_user, sample_service):
folder_1 = create_template_folder(sample_service)
folder_2 = create_template_folder(sample_service)
assert not folder_1.users
assert not folder_2.users
folder_permissions = [str(folder_1.id), str(folder_2.id)]
dao_add_user_to_service(sample_service, sample_user, folder_permissions=folder_permissions)
service_user = dao_get_service_user(user_id=sample_user.id, service_id=sample_service.id)
assert len(service_user.folders) == 2
assert folder_1 in service_user.folders
assert folder_2 in service_user.folders
def test_create_template_folder_sets_user_permissions(admin_request,
sample_service,
has_parent):
user_1 = create_user(email='*****@*****.**')
user_2 = create_user(email='*****@*****.**')
user_3 = create_user(email='*****@*****.**', state='pending')
existing_folder = create_template_folder(sample_service)
sample_service.users = [user_1, user_2, user_3]
service_user_1 = dao_get_service_user(user_1.id, sample_service.id)
service_user_1.folders = [existing_folder]
parent_id = str(existing_folder.id) if has_parent else None
resp = admin_request.post('template_folder.create_template_folder',
service_id=sample_service.id,
_data={
'name': 'foo',
'parent_id': parent_id
},
_expected_status=201)
assert resp['data']['name'] == 'foo'
assert resp['data']['service_id'] == str(sample_service.id)
assert resp['data']['parent_id'] == parent_id
if has_parent:
assert resp['data']['users_with_permission'] == [str(user_1.id)]
else:
assert sorted(resp['data']['users_with_permission']) == sorted(
[str(user_1.id), str(user_2.id)])
def test_set_user_folder_permissions_when_user_does_not_belong_to_service(client, sample_user):
service = create_service()
tf1 = create_template_folder(service)
tf2 = create_template_folder(service)
data = json.dumps({'permissions': [], 'folder_permissions': [str(tf1.id), str(tf2.id)]})
response = client.post(
url_for(
'user.set_permissions',
user_id=str(sample_user.id),
service_id=str(service.id)),
headers=[('Content-Type', 'application/json'), create_authorization_header()],
data=data)
assert response.status_code == 404
def test_create_template_folder_sets_user_permissions(admin_request,
sample_service,
has_parent):
user_1 = create_user(email="*****@*****.**")
user_2 = create_user(email="*****@*****.**")
user_3 = create_user(email="*****@*****.**", state="pending")
existing_folder = create_template_folder(sample_service)
sample_service.users = [user_1, user_2, user_3]
service_user_1 = dao_get_service_user(user_1.id, sample_service.id)
service_user_1.folders = [existing_folder]
parent_id = str(existing_folder.id) if has_parent else None
resp = admin_request.post(
"template_folder.create_template_folder",
service_id=sample_service.id,
_data={
"name": "foo",
"parent_id": parent_id
},
_expected_status=201,
)
assert resp["data"]["name"] == "foo"
assert resp["data"]["service_id"] == str(sample_service.id)
assert resp["data"]["parent_id"] == parent_id
if has_parent:
assert resp["data"]["users_with_permission"] == [str(user_1.id)]
else:
assert sorted(resp["data"]["users_with_permission"]) == sorted(
[str(user_1.id), str(user_2.id)])
def test_update_template_folder_users(admin_request, sample_service):
existing_folder = create_template_folder(sample_service)
user_1 = create_user(email="*****@*****.**")
user_2 = create_user(email="*****@*****.**")
user_3 = create_user(email="*****@*****.**")
sample_service.users += [user_1, user_2, user_3]
assert len(existing_folder.users) == 0
response_1 = admin_request.post('template_folder.update_template_folder',
service_id=sample_service.id,
template_folder_id=existing_folder.id,
_data={
'name': 'foo',
'users_with_permission':
[str(user_1.id)]
})
assert response_1['data']['users_with_permission'] == [str(user_1.id)]
assert len(existing_folder.users) == 1
response_2 = admin_request.post('template_folder.update_template_folder',
service_id=sample_service.id,
template_folder_id=existing_folder.id,
_data={
'name':
'foo',
'users_with_permission':
[str(user_2.id),
str(user_3.id)]
})
assert response_2['data']['users_with_permission'] == [
str(user_2.id), str(user_3.id)
]
assert len(existing_folder.users) == 2
def test_move_to_folder_rejects_if_it_would_cause_folder_loop(
admin_request, sample_service):
f1 = create_template_folder(sample_service, name='f1')
target_folder = create_template_folder(sample_service,
name='target',
parent=f1)
response = admin_request.post('template_folder.move_to_template_folder',
service_id=sample_service.id,
target_template_folder_id=target_folder.id,
_data={
'templates': [],
'folders': [str(f1.id)]
},
_expected_status=400)
assert response[
'message'] == 'You cannot move a folder to one of its subfolders'
def test_dao_delete_template_folder_deletes_user_folder_permissions(sample_user, sample_service):
folder = create_template_folder(sample_service)
service_user = dao_get_service_user(sample_user.id, sample_service.id)
folder.users = [service_user]
dao_update_template_folder(folder)
dao_delete_template_folder(folder)
assert db.session.query(user_folder_permissions).all() == []
def test_update_template_folder_name(admin_request, sample_service):
existing_folder = create_template_folder(sample_service)
resp = admin_request.post('template_folder.update_template_folder',
service_id=sample_service.id,
template_folder_id=existing_folder.id,
_data={'name': 'bar'})
assert resp['data']['name'] == 'bar'
assert existing_folder.name == 'bar'
def test_delete_template_folder(admin_request, sample_service):
existing_folder = create_template_folder(sample_service)
admin_request.delete(
'template_folder.delete_template_folder',
service_id=sample_service.id,
template_folder_id=existing_folder.id,
)
assert TemplateFolder.query.all() == []
def test_move_to_folder_rejects_if_it_would_cause_folder_loop(
admin_request, sample_service):
f1 = create_template_folder(sample_service, name="f1")
target_folder = create_template_folder(sample_service,
name="target",
parent=f1)
response = admin_request.post(
"template_folder.move_to_template_folder",
service_id=sample_service.id,
target_template_folder_id=target_folder.id,
_data={
"templates": [],
"folders": [str(f1.id)]
},
_expected_status=400,
)
assert response[
"message"] == "You cannot move a folder to one of its subfolders"
def test_dao_add_user_to_service_ignores_folders_which_do_not_exist_when_setting_permissions(
sample_user, sample_service, fake_uuid):
valid_folder = create_template_folder(sample_service)
folder_permissions = [fake_uuid, str(valid_folder.id)]
dao_add_user_to_service(sample_service,
sample_user,
folder_permissions=folder_permissions)
service_user = dao_get_service_user(sample_user.id, sample_service.id)
assert service_user.folders == [valid_folder]
def test_move_to_folder_itself_is_rejected(admin_request, sample_service):
target_folder = create_template_folder(sample_service, name='target')
response = admin_request.post('template_folder.move_to_template_folder',
service_id=sample_service.id,
target_template_folder_id=target_folder.id,
_data={
'templates': [],
'folders': [str(target_folder.id)]
},
_expected_status=400)
assert response['message'] == 'You cannot move a folder to itself'
def test_template_folder_is_parent(sample_service):
x = None
folders = []
for i in range(5):
x = create_template_folder(sample_service, name=str(i), parent=x)
folders.append(x)
assert folders[0].is_parent_of(folders[1])
assert folders[0].is_parent_of(folders[2])
assert folders[0].is_parent_of(folders[4])
assert folders[1].is_parent_of(folders[2])
assert not folders[1].is_parent_of(folders[0])
def test_update_template_folder_name(admin_request, sample_service):
existing_folder = create_template_folder(sample_service)
resp = admin_request.post(
"template_folder.update_template_folder",
service_id=sample_service.id,
template_folder_id=existing_folder.id,
_data={"name": "bar"},
)
assert resp["data"]["name"] == "bar"
assert existing_folder.name == "bar"
def test_removing_a_user_from_a_service_deletes_their_folder_permissions_for_that_service(sample_user, sample_service):
tf1 = create_template_folder(sample_service)
tf2 = create_template_folder(sample_service)
service_2 = create_service(sample_user, service_name='other service')
tf3 = create_template_folder(service_2)
service_user = dao_get_service_user(sample_user.id, sample_service.id)
service_user.folders = [tf1, tf2]
dao_update_service_user(service_user)
service_2_user = dao_get_service_user(sample_user.id, service_2.id)
service_2_user.folders = [tf3]
dao_update_service_user(service_2_user)
dao_remove_user_from_service(sample_service, sample_user)
user_folder_permission = db.session.query(user_folder_permissions).one()
assert user_folder_permission.user_id == service_2_user.user_id
assert user_folder_permission.service_id == service_2_user.service_id
assert user_folder_permission.template_folder_id == tf3.id
def test_move_to_folder_moves_folders_and_templates(admin_request,
sample_service):
target_folder = create_template_folder(sample_service, name="target")
f1 = create_template_folder(sample_service, name="f1")
f2 = create_template_folder(sample_service, name="f2")
t1 = create_template(sample_service, template_name="t1", folder=f1)
t2 = create_template(sample_service, template_name="t2", folder=f1)
t3 = create_template(sample_service, template_name="t3", folder=f2)
t4 = create_template(sample_service,
template_name="t4",
folder=target_folder)
admin_request.post(
"template_folder.move_to_template_folder",
service_id=sample_service.id,
target_template_folder_id=target_folder.id,
_data={
"templates": [str(t1.id)],
"folders": [str(f1.id)]
},
_expected_status=204,
)
assert target_folder.parent is None
assert f1.parent == target_folder
assert f2.parent is None # unchanged
assert t1.folder == target_folder # moved out of f1, even though f1 is also being moved
assert t2.folder == f1 # stays in f1, though f1 has moved
assert t3.folder == f2 # unchanged
assert t4.folder == target_folder # unchanged
# versions are all unchanged
assert t1.version == 1
assert t2.version == 1
assert t3.version == 1
assert t4.version == 1
def test_move_to_folder_itself_is_rejected(admin_request, sample_service):
target_folder = create_template_folder(sample_service, name="target")
response = admin_request.post(
"template_folder.move_to_template_folder",
service_id=sample_service.id,
target_template_folder_id=target_folder.id,
_data={
"templates": [],
"folders": [str(target_folder.id)]
},
_expected_status=400,
)
assert response["message"] == "You cannot move a folder to itself"
def test_create_template_folder_fails_if_parent_id_from_different_service(
admin_request, sample_service):
s1 = create_service(service_name='a')
parent_folder_id = create_template_folder(s1).id
resp = admin_request.post('template_folder.create_template_folder',
service_id=sample_service.id,
_data={
'name': 'bar',
'parent_id': str(parent_folder_id)
},
_expected_status=400)
assert resp['result'] == 'error'
assert resp['message'] == 'parent_id not found'
def test_move_to_folder_moves_folders_and_templates_to_top_level_if_no_target(
admin_request, sample_service):
f1 = create_template_folder(sample_service, name='f1')
f2 = create_template_folder(sample_service, name='f2', parent=f1)
t1 = create_template(sample_service, template_name='t1', folder=f1)
t2 = create_template(sample_service, template_name='t2', folder=f1)
t3 = create_template(sample_service, template_name='t3', folder=f2)
admin_request.post('template_folder.move_to_template_folder',
service_id=sample_service.id,
target_template_folder_id=None,
_data={
'templates': [str(t1.id)],
'folders': [str(f2.id)]
},
_expected_status=204)
assert f1.parent is None # unchanged
assert f2.parent is None
assert t1.folder is None # moved out of f1
assert t2.folder == f1 # unchanged
assert t3.folder == f2 # stayed in f2 even though the parent changed
def test_move_to_folder_moves_folders_and_templates(admin_request,
sample_service):
target_folder = create_template_folder(sample_service, name='target')
f1 = create_template_folder(sample_service, name='f1')
f2 = create_template_folder(sample_service, name='f2')
t1 = create_template(sample_service, template_name='t1', folder=f1)
t2 = create_template(sample_service, template_name='t2', folder=f1)
t3 = create_template(sample_service, template_name='t3', folder=f2)
t4 = create_template(sample_service,
template_name='t4',
folder=target_folder)
admin_request.post('template_folder.move_to_template_folder',
service_id=sample_service.id,
target_template_folder_id=target_folder.id,
_data={
'templates': [str(t1.id)],
'folders': [str(f1.id)]
},
_expected_status=204)
assert target_folder.parent is None
assert f1.parent == target_folder
assert f2.parent is None # unchanged
assert t1.folder == target_folder # moved out of f1, even though f1 is also being moved
assert t2.folder == f1 # stays in f1, though f1 has moved
assert t3.folder == f2 # unchanged
assert t4.folder == target_folder # unchanged
# versions are all unchanged
assert t1.version == 1
assert t2.version == 1
assert t3.version == 1
assert t4.version == 1
def test_dao_add_user_to_service_raises_error_if_adding_folder_permissions_for_a_different_service(
sample_service,
):
user = create_user()
other_service = create_service(service_name='other service')
other_service_folder = create_template_folder(other_service)
folder_permissions = [str(other_service_folder.id)]
assert ServiceUser.query.count() == 2
with pytest.raises(IntegrityError) as e:
dao_add_user_to_service(sample_service, user, folder_permissions=folder_permissions)
db.session.rollback()
assert 'insert or update on table "user_folder_permissions" violates foreign key constraint' in str(e.value)
assert ServiceUser.query.count() == 2
def test_create_template_folder(admin_request, sample_service, has_parent):
existing_folder = create_template_folder(sample_service)
parent_id = str(existing_folder.id) if has_parent else None
resp = admin_request.post('template_folder.create_template_folder',
service_id=sample_service.id,
_data={
'name': 'foo',
'parent_id': parent_id
},
_expected_status=201)
assert resp['data']['name'] == 'foo'
assert resp['data']['service_id'] == str(sample_service.id)
assert resp['data']['parent_id'] == parent_id
