def test_owner_can_view_other_users_in_organization(self):
self.client.force_authenticate(self.users['owner'])
customer_permission = factories.CustomerPermissionFactory(
user=self.users['owner'])
customer = customer_permission.customer
factories.CustomerPermissionFactory(customer=customer,
user=self.users['other'],
role=CustomerRole.SUPPORT)
response = self.client.get(factories.UserFactory.get_list_url())
self.assertEqual(len(response.data), 2)
def test_task_revokes_expired_permissions(self):
expired_permission = factories.CustomerPermissionFactory(
expiration_time=timezone.now() - datetime.timedelta(days=100))
not_expired_permission = factories.CustomerPermissionFactory(
expiration_time=timezone.now() + datetime.timedelta(days=100))
tasks.check_expired_permissions()
self.assertFalse(expired_permission.customer.has_user(
expired_permission.user, expired_permission.role))
self.assertTrue(not_expired_permission.customer.has_user(
not_expired_permission.user, not_expired_permission.role))
def test_customer_permission_deleting_is_not_available_for_blocked_organization(
self, ):
permission = factories.CustomerPermissionFactory(
customer=self.customer)
url = factories.CustomerPermissionFactory.get_url(permission)
self.client.force_authenticate(user=self.user)
response = self.client.delete(url)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_dont_sent_notification_if_change_owner_other_field(
self, mock_event_logger):
factories.CustomerPermissionFactory(user=self.user,
role=CustomerRole.OWNER)
token_lifetime = 100 + self.user.token_lifetime
self.user.token_lifetime = token_lifetime
self.user.save()
self.assertEqual(mock_event_logger.user.info.call_count, 0)
def test_sent_notification_if_change_owner_email(self, mock_event_logger):
factories.CustomerPermissionFactory(user=self.user,
role=CustomerRole.OWNER)
old_email = self.user.email
new_email = 'new_email_' + old_email
self.user.email = new_email
self.user.save()
self.assertEqual(mock_event_logger.user.info.call_count, 1)
def setUp(self):
self.users = {
'staff':
factories.UserFactory(is_staff=True,
agreement_date=timezone.now()),
'owner':
factories.UserFactory(agreement_date=timezone.now()),
'not_owner':
factories.UserFactory(agreement_date=timezone.now()),
'other':
factories.UserFactory(agreement_date=timezone.now()),
}
self.customer_permission = factories.CustomerPermissionFactory(
user=self.users['owner'])
self.customer = self.customer_permission.customer
factories.CustomerPermissionFactory(customer=self.customer,
user=self.users['not_owner'],
role=CustomerRole.SUPPORT)
def test_customer_permission_updating_is_not_available_for_blocked_organization(
self):
permission = factories.CustomerPermissionFactory(
customer=self.customer)
url = factories.CustomerPermissionFactory.get_url(permission)
data = {
'is_active': False,
}
self.client.force_authenticate(user=self.user)
response = self.client.put(url, data)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_user_cannot_grant_permissions_with_greater_expiration_time(self):
expiration_time = timezone.now() + datetime.timedelta(days=100)
permission = factories.CustomerPermissionFactory(expiration_time=expiration_time)
self.client.force_authenticate(user=permission.user)
response = self.client.post(factories.CustomerPermissionFactory.get_list_url(), {
'customer': factories.CustomerFactory.get_url(customer=permission.customer),
'user': factories.UserFactory.get_url(),
'role': CustomerRole.OWNER,
'expiration_time': expiration_time + datetime.timedelta(days=1),
})
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_notification_message(self, mock_event_logger):
customer = factories.CustomerFactory(name='Customer',
abbreviation='ABC')
factories.CustomerPermissionFactory(user=self.user,
role=CustomerRole.OWNER,
customer=customer)
old_email = self.user.email
new_email = 'new_email_' + old_email
self.user.email = new_email
self.user.save()
msg = mock_event_logger.user.info.call_args[0][0]
test_msg = u'Owner of Customer (ABC) John (id={id}) ' \
u'has changed email from [email protected] to [email protected].'\
.format(id=self.user.id)
self.assertEqual(test_msg, msg)
def setUp(self):
permission = factories.CustomerPermissionFactory()
self.user = permission.user
self.customer = permission.customer
self.url = factories.CustomerPermissionFactory.get_url(permission)
