def setUp(self):
   super(TestImportExports, self).setUp()
   self.headers = {
       "Content-Type": "application/json",
       "X-Requested-By": ["GGRC"],
   }
   self.api = api_helper.Api()
  def setUp(self):
    super(TestCTGOT, self).setUp()

    self.api = api_helper.Api()

    with factories.single_commit():
      assignee_1 = factories.PersonFactory(email=self.TASK_ASSIGNEE_1)
      assignee_2 = factories.PersonFactory(email=self.TASK_ASSIGNEE_2)
      workflow_owner = factories.PersonFactory(email=self.WORKFLOW_OWNER)
      nobody = factories.PersonFactory(email=self.NOBODY)

      workflow_owner_role = (all_models.Role.query
                             .filter_by(name="WorkflowOwner").one())
      reader_role = all_models.Role.query.filter_by(name="Reader").one()
      for person in [assignee_1, assignee_2, workflow_owner, nobody]:
        bp_factories.UserRoleFactory(person=person,
                                     role=reader_role,
                                     context=None)

      workflow = wf_factories.WorkflowFactory()
      taskgroup = wf_factories.TaskGroupFactory(workflow=workflow)
      wf_factories.TaskGroupTaskFactory(task_group=taskgroup,
                                        contact=assignee_1)
      wf_factories.TaskGroupTaskFactory(task_group=taskgroup,
                                        contact=assignee_2)
      bp_factories.UserRoleFactory(person=workflow_owner,
                                   role=workflow_owner_role,
                                   context=workflow.context)

    generator = wf_generator.WorkflowsGenerator()
    self.cycle_id = generator.generate_cycle(workflow)[1].id
    generator.activate_workflow(workflow)
Example #3
0
 def setUp(self):
     """Create a Person, an Assessment, prepare a Relationship json."""
     super(TestRelationship, self).setUp()
     self.api = api_helper.Api()
     self.client.get("/login")
     self.person = factories.PersonFactory()
     self.assessment = factories.AssessmentFactory()
Example #4
0
    def setUp(self):
        super(TestProgramVersionHistory, self).setUp()
        self.api = api_helper.Api()

        with factories.single_commit():
            self.program = factories.ProgramFactory(
                title="Test Program",
                description="Program Description",
                slug="PROGRAM-2346",
                start_date=datetime.date(2019, 6, 1),
                end_date=datetime.date(2019, 6, 2),
                updated_at=datetime.date(2019, 6, 2),
                folder="Program Folder",
                notes="Program Notes",
                status="Draft",
            )
            self.cad = factories.CustomAttributeDefinitionFactory(
                title="test cad",
                definition_type="program",
                definition_id=self.program.id,
                attribute_type="Text",
                mandatory=True,
            )
            self.cav = factories.CustomAttributeValueFactory(
                custom_attribute=self.cad,
                attributable=self.program,
                attribute_value="Text",
            )
Example #5
0
    def test_full_access_control_list(self):
        """Test if access_control_list property filters out propagated roles

       Before sending the access_control_list to the frontend, propagated roles
       need to be filtered out to help prevent performance issues"""
        with factories.single_commit():
            # Create an object with one external and one propagated role
            obj = factories.ControlFactory()
            acl = factories.AccessControlList(object=obj,
                                              ac_role=self.role,
                                              person=self.person)
            factories.AccessControlList(object=obj,
                                        ac_role=self.role,
                                        person=self.person,
                                        parent=acl)
        # full_access_control_list should have all rows:
        self.assertEqual(len(obj.full_access_control_list), 2,
                         "full_access_control_list doesn't include all roles")
        # access_control_list should only have non propagated ones
        self.assertEqual(len(obj.access_control_list), 1,
                         "access_control_list doesn't include all the roles")
        obj_id, acl_id = obj.id, acl.id
        api = api_helper.Api()
        response = api.get(all_models.Control, obj_id)
        acl = response.json["control"]["access_control_list"]
        # Check if the response filtered out the propagated access_control_role
        self.assertEqual(len(acl), 1,
                         "acl didn't filter out propagated roles correctly")
        self.assertEqual(acl[0]["id"], acl_id,
                         "acl didn't filter out propagated roles correctly")
Example #6
0
    def setUp(self):
        super(BaseWorkflowTestCase, self).setUp()
        self.api = api_helper.Api()
        self.generator = workflow_generator.WorkflowsGenerator()
        self.object_generator = generator.ObjectGenerator()

        self.random_objects = self.object_generator.generate_random_objects()
Example #7
0
    def test_acl_filters_internal_roles(self):
        """Test if access_control_list property filters out internal roles

       Before sending the access_control_list to the frontend, internal roles
       need to be filtered out to help prevent performance issues"""
        with factories.single_commit():
            internal_role = factories.AccessControlRoleFactory(internal=1)
            # Create an object with one external and one internal role
            obj = all_models.Control(title="Test Control",
                                     access_control_list=[{
                                         "person": self.person,
                                         "ac_role": self.role,
                                     }, {
                                         "person":
                                         self.person,
                                         "ac_role":
                                         internal_role,
                                     }])
            # Make sure that access_control_list list contains internal roles:
            self.assertEqual(len(obj.access_control_list), 2,
                             "acl doesn't include all the roles")
        obj_id, role_id = obj.id, self.role.id
        api = api_helper.Api()
        response = api.get(all_models.Control, obj_id)
        acl = response.json["control"]["access_control_list"]
        # Check if the response filtered out the internal access_control_role
        self.assertEqual(len(acl), 1,
                         "acl didn't filter out internal roles correctly")
        self.assertEqual(acl[0]["ac_role_id"], role_id,
                         "acl didn't filter out internal roles correctly")
Example #8
0
    def setUp(self):
        self.api = api_helper.Api()
        with factories.single_commit():
            source_id = factories.ControlFactory().id
            destination_id = factories.ControlFactory().id
            del_source_id = factories.ControlFactory().id
            del_destination_id = factories.ControlFactory().id

        self.objects = {
            "source": {
                "type": "Control",
                "id": source_id
            },
            "destination": {
                "type": "Control",
                "id": destination_id
            },
            "deleted_source": {
                "type": "Control",
                "id": del_source_id
            },
            "deleted_destination": {
                "type": "Control",
                "id": del_destination_id
            },
        }

        self.api.delete(all_models.Control, id_=del_source_id)
        self.api.delete(all_models.Control, id_=del_destination_id)
 def setUp(self):
   # pylint: disable=super-on-old-class
   # pylint seems to get confused, mro chain successfully resolves and returns
   # <type 'object'> as last entry.
   super(TestIssueTrackerIntegration, self).setUp()
   self.api = api_helper.Api()
   self.client.get('/login')
Example #10
0
  def setUp(self):
    super(TestFullFilledModelExport, self).setUp()
    self.api = api_helper.Api()
    self.client.get('/login')

    self.user = all_models.Person.query.filter(
        all_models.Person.email == "*****@*****.**"
    ).one()
 def setUp(self):
   super(TestAssessmentDataHandlers, self).setUp()
   self.client.get("/login")
   self.api_helper = api_helper.Api()
   self.import_file("assessment_notifications.csv")
   self.asmt1 = Assessment.query.filter_by(slug="A 1").one()
   self.asmt3 = Assessment.query.filter_by(slug="A 3").one()
   self.generator = generator.ObjectGenerator()
   self.handlers = contributions.contributed_notifications()
Example #12
0
 def setUp(self):
     super(TestImportExports, self).setUp()
     self.client.get("/login")
     self.headers = {
         "Content-Type": "application/json",
         "X-Requested-By": ["GGRC"],
     }
     self.api = api_helper.Api()
     self.init_taskqueue()
Example #13
0
 def setUp(self):
     super(TestAutomappings, self).setUp()
     self.api = api_helper.Api()
     # Using import for the setup for forward-compatibility with Assessment ACL
     self.import_file("issue_automapping_setup.csv")
     self.issue_admin_role = all_models.AccessControlRole.query.filter_by(
         name="Admin",
         object_type="Issue",
     ).one()
Example #14
0
 def setUp(self):
   converters.TestCase.setUp(self)
   self.client.get("/login")
   self.api_helper = api_helper.Api()
   self.import_file("request_full_no_warnings.csv")
   self.request1 = Request.query.filter_by(slug="Request 1").one()
   self.request3 = Request.query.filter_by(slug="Request 3").one()
   self.generator = generator.ObjectGenerator()
   self.handlers = contributions.contributed_notifications()
Example #15
0
    def setUp(self):
        """Set up for test cases."""
        from ggrc.fulltext import listeners
        from ggrc.models.background_task import reindex_on_commit

        super(TestTaskqueueIndexing, self).setUp()
        listeners.reindex_on_commit = reindex_on_commit
        self.api = api_helper.Api()
        self.init_taskqueue()
        self._bg_tasks = {}
Example #16
0
    def setUp(self):
        super(TestAssessmentNotification, self).setUp()
        self.client.get("/login")
        self.api = api_helper.Api()
        self.auditor = Person.query.filter_by(email="*****@*****.**").one()
        self.api.set_user(self.auditor)
        audit = factories.AuditFactory()
        assignee_acr = all_models.AccessControlRole.query.filter_by(
            object_type="Assessment",
            name="Assignees",
        ).first()

        self.api.post(
            Assessment, {
                "assessment": {
                    "title":
                    "Assessment1",
                    "context":
                    None,
                    "audit": {
                        "id": audit.id,
                        "type": "Audit",
                    },
                    "access_control_list": [
                        acl_helper.get_acl_json(self.primary_role_id,
                                                self.auditor.id),
                        acl_helper.get_acl_json(assignee_acr.id,
                                                self.auditor.id),
                    ],
                    "status":
                    "In Progress",
                }
            })

        self.assessment = Assessment.query.filter_by(title="Assessment1").one()

        self.cad1 = factories.CustomAttributeDefinitionFactory(
            definition_type="assessment",
            title="ca1",
        )
        factories.CustomAttributeValueFactory(custom_attribute=self.cad1,
                                              attributable=self.assessment)

        self.cad3 = factories.CustomAttributeDefinitionFactory(
            definition_type="assessment",
            attribute_type="Checkbox",
            title="ca3",
        )
        factories.CustomAttributeValueFactory(custom_attribute=self.cad3,
                                              attributable=self.assessment)

        db.engine.execute("""
            UPDATE notifications
               SET sent_at = NOW()
        """)
Example #17
0
 def setUp(self):
     super(TestBackgroundTaskRolePropagation, self).setUp()
     self.api = api_helper.Api()
     self.people = {}
     self.objects = {}
     self.audit_roles = {
         role.name: role
         for role in all_models.AccessControlRole.query.filter().all()
     }
     with factories.single_commit():
         self.setup_people()
         self.setup_objects()
    def setUp(self):
        super(TestCTGOT, self).setUp()

        self.api = api_helper.Api()

        with factories.single_commit():
            assignee_1 = factories.PersonFactory(email=self.TASK_ASSIGNEE_1)
            assignee_2 = factories.PersonFactory(email=self.TASK_ASSIGNEE_2)
            workflow_admin = factories.PersonFactory(email=self.WORKFLOW_ADMIN)
            nobody = factories.PersonFactory(email=self.NOBODY)

            reader_role = all_models.Role.query.filter_by(name="Reader").one()
            for person in [assignee_1, assignee_2, workflow_admin, nobody]:
                bp_factories.UserRoleFactory(person=person,
                                             role=reader_role,
                                             context=None)

            workflow = wf_factories.WorkflowFactory()
            taskgroup = wf_factories.TaskGroupFactory(workflow=workflow)
            task_1 = wf_factories.TaskGroupTaskFactory(task_group=taskgroup)
            task_2 = wf_factories.TaskGroupTaskFactory(task_group=taskgroup)
            task_role = all_models.AccessControlRole.query.filter(
                all_models.AccessControlRole.name == "Task Assignees",
                all_models.AccessControlRole.object_type == task_1.type,
            ).one()
            factories.AccessControlListFactory(ac_role=task_role,
                                               object=task_1,
                                               person=assignee_1)
            factories.AccessControlListFactory(ac_role=task_role,
                                               object=task_2,
                                               person=assignee_2)
            sec_assignee = factories.PersonFactory(
                email=self.TASK_SEC_ASSIGNEE)
            task_role = all_models.AccessControlRole.query.filter(
                all_models.AccessControlRole.name ==
                "Task Secondary Assignees",
                all_models.AccessControlRole.object_type == task_1.type,
            ).one()
            factories.AccessControlListFactory(ac_role=task_role,
                                               object=task_1,
                                               person=sec_assignee)
            wf_admin_role = all_models.AccessControlRole.query.filter(
                all_models.AccessControlRole.name == "Admin",
                all_models.AccessControlRole.object_type == workflow.type,
            ).one()
            factories.AccessControlListFactory(ac_role=wf_admin_role,
                                               object=workflow,
                                               person=workflow_admin)

        generator = wf_generator.WorkflowsGenerator()
        self.cycle_id = generator.generate_cycle(workflow)[1].id
        generator.activate_workflow(workflow)
Example #19
0
 def setUp(self):
     """Init API helper"""
     super(TestExternalRelationship, self).setUp()
     self.api = api_helper.Api()
     with factories.single_commit():
         editor_role = all_models.Role.query.filter(
             all_models.Role.name == "Editor").first()
         self.person_ext = factories.PersonFactory(
             email="*****@*****.**")
         self.person = factories.PersonFactory(
             email="*****@*****.**")
         rbac_factories.UserRoleFactory(role=editor_role,
                                        person=self.person)
    def test_relation_comment_posted(self, send_email_mock):
        """Test sending mention email after posting a relationship to comment."""
        with factories.single_commit():
            author_person = factories.PersonFactory(email="*****@*****.**")
            factories.PersonFactory(email="*****@*****.**")
            obj = factories.ProductFactory(title="Product3")
            obj_id = obj.id
            comment = factories.CommentFactory(
                description=
                u"One <a href=\"mailto:[email protected]\"></a>", )
            comment_id = comment.id
            comment.created_at = datetime.datetime(2018, 07, 10, 8, 31, 42)
            comment.modified_by_id = author_person.id
            url = urljoin(get_url_root(), utils.view_url_for(obj))

        author_person = all_models.Person.query.filter_by(
            email="*****@*****.**").one()
        api = api_helper.Api()
        api.set_user(author_person)

        response = api.post(
            all_models.Relationship, {
                "relationship": {
                    "source": {
                        "id": obj_id,
                        "type": obj.type,
                    },
                    "destination": {
                        "id": comment_id,
                        "type": comment.type
                    },
                    "context": None
                },
            })
        self.assertEqual(response.status_code, 201)

        expected_title = (u"[email protected] mentioned you on "
                          u"a comment within Product3")
        expected_body = (
            u"[email protected] mentioned you on a comment within Product3 "
            u"at 07/10/2018 01:31:42 PDT:\n"
            u"One <a href=\"mailto:[email protected]\"></a>\n")
        body = settings.EMAIL_MENTIONED_PERSON.render(
            person_mention={
                "comments": [expected_body],
                "url": url,
            })
        send_email_mock.assert_called_once_with(u"*****@*****.**",
                                                expected_title, body)
Example #21
0
  def test_update_protected_attribute(self, factory_name):
    """Test update of protected attribute."""
    api = api_helper.Api()
    api.login_as_external()

    with factories.single_commit():
      factory = factories.get_model_factory(factory_name)
      instance = factory(folder="correct_folder")
      instance_class = instance.__class__

    response = api.put(instance, {"folder": "new_folder"})
    self.assert200(response)

    instance = instance_class.query.get(instance.id)
    self.assertEqual("correct_folder", instance.folder)
 def setUp(self):
   """Set up audit and cad for test cases."""
   super(TestLCACommentsImport, self).setUp()
   self.api = api_helper.Api()
   with factories.single_commit():
     self.audit = factories.AuditFactory()
     self.asmt = factories.AssessmentFactory(
         audit=self.audit,
         context=self.audit.context,
         status="In Progress",
     )
     factories.RelationshipFactory(
         source=self.audit,
         destination=self.asmt,
     )
Example #23
0
  def setUp(self):
    super(TestImportExports, self).setUp()
    self.client.get("/login")
    self.headers = {
        "Content-Type": "application/json",
        "X-Requested-By": ["GGRC"],
    }
    self.api = api_helper.Api()
    self.testbed = testbed.Testbed()
    self.testbed.activate()

    # root_path must be set the the location of queue.yaml.

    # Otherwise, only the 'default' queue will be available.
    self.testbed.init_taskqueue_stub()
    self.taskqueue_stub = self.testbed.get_stub(
        testbed.TASKQUEUE_SERVICE_NAME)
Example #24
0
    def setUp(self):
        """Test setup method."""
        super(TestSoxSystem, self).setUp()
        self.api = api_helper.Api()

        self.app_user_email = "*****@*****.**"
        self.ext_user_email = "*****@*****.**"

        self.custom_headers = {
            "X-GGRC-user": '******' % self.app_user_email,
            "X-external-user": '******' % self.ext_user_email,
            "X-Requested-By": "SYNC_SERVICE",
            "Content-Type": "application/json",
            "X-URLFetch-Service-Id": "test",
        }

        self.api.headers.update(self.custom_headers)
        self.api.client.get("/login", headers=self.api.headers)
    def test_proposal_put(self, send_email_mock):
        """Test sending mention email after a change of proposal."""
        with factories.single_commit():
            author_person = factories.PersonFactory(email="*****@*****.**")
            factories.PersonFactory(email="*****@*****.**")
            risk = factories.RiskFactory(title="Risk2")
            proposal = factories.ProposalFactory(
                instance=risk,
                content={"fields": {
                    "title": "Risk3"
                }},
                agenda=u'some agenda',
                proposed_by=author_person,
            )
            url = urljoin(get_url_root(), utils.view_url_for(risk))
            proposal_id = proposal.id

        proposal = all_models.Proposal.query.get(proposal_id)
        api = api_helper.Api()
        with freeze_time("2018-01-10 07:31:42"):
            data = {
                "status": proposal.STATES.APPLIED,
                "apply_reason":
                u'<a href=\"mailto:[email protected]\"></a>',
            }
            response = api.put(proposal, {"proposal": data})
        self.assertEqual(200, response.status_code)

        expected_title = (u"[email protected] mentioned you on "
                          u"a comment within Risk3")
        expected_body = (
            u"[email protected] mentioned you on a comment within Risk3 "
            u"at 01/09/2018 23:31:42 PST:\n"
            u"<p>Proposal created by [email protected] has been applied"
            u" with a comment: "
            u'<a href="mailto:[email protected]"></a></p>\n')
        body = settings.EMAIL_MENTIONED_PERSON.render(
            person_mention={
                "comments": [expected_body],
                "url": url,
            })
        send_email_mock.assert_called_once_with(u"*****@*****.**",
                                                expected_title, body)
    def test_proposal_posted(self, send_email_mock):
        """Test sending mention email after posting a proposal."""
        with factories.single_commit():
            factories.PersonFactory(email="*****@*****.**")
            obj = factories.RiskFactory(title="Risk1")
            obj_id = obj.id
            url = urljoin(get_url_root(), utils.view_url_for(obj))

        obj = all_models.Risk.query.get(obj_id)
        obj_content = obj.log_json()
        obj_content["title"] = "Risk2"
        with freeze_time("2018-01-10 07:31:42"):
            api = api_helper.Api()
            response = api.post(
                all_models.Proposal, {
                    "proposal": {
                        "instance": {
                            "id": obj_id,
                            "type": obj.type,
                        },
                        "full_instance_content": obj_content,
                        "agenda":
                        u'<a href=\"mailto:[email protected]\"></a',
                        "context": None,
                    }
                })
        self.assertEqual(201, response.status_code)

        expected_title = (u"[email protected] mentioned you on "
                          u"a comment within Risk1")
        expected_body = (
            u"[email protected] mentioned you on a comment within Risk1 "
            u"at 01/09/2018 23:31:42 PST:\n"
            u"<p>Proposal has been created with comment: "
            u"<a href=\"mailto:[email protected]\"></a></p>\n")
        body = settings.EMAIL_MENTIONED_PERSON.render(
            person_mention={
                "comments": [expected_body],
                "url": url,
            })
        send_email_mock.assert_called_once_with(u"*****@*****.**",
                                                expected_title, body)
Example #27
0
    def setUp(self):
        """setUp, nothing else to add."""
        super(TestSyncServiceControl, self).setUp()
        self.api = api_helper.Api()
        self.generator = generator.ObjectGenerator()

        self.app_user_email = "*****@*****.**"
        self.ext_user_email = "*****@*****.**"
        self.ext_owner_email = "*****@*****.**"
        self.ext_compliance_email = "*****@*****.**"

        settings.EXTERNAL_APP_USER = self.app_user_email

        custom_headers = {
            'X-GGRC-user': '******' % self.app_user_email,
            'X-external-user': '******' % self.ext_user_email
        }

        self.api.headers.update(custom_headers)
        self.api.client.get("/login", headers=self.api.headers)
Example #28
0
 def setUp(self):
     integration.ggrc.TestCase.setUp(self)
     self.objgen = integration.ggrc.generator.ObjectGenerator()
     self.api = api_helper.Api()
Example #29
0
 def setUp(self):
     super(TestImportPermissions, self).setUp()
     self.api = api_helper.Api()
Example #30
0
 def setUp(self):
     super(TestBasicCsvImport, self).setUp()
     self.generator = generator.ObjectGenerator()
     self.api = api_helper.Api()
     self.client.get("/login")