def test_label_in_new_tab(self): """Test labels created by global creator in new tab""" with factories.single_commit(): role = "Creator" role_name = "Creators" person = factories.PersonFactory() creator_role = all_models.Role.query.filter( all_models.Role.name == role ).one() rbac_factories.UserRoleFactory(role=creator_role, person=person) self.api.set_user(person) with factories.single_commit(): assessment = factories.AssessmentFactory() factories.AccessControlPersonFactory( ac_list=assessment.acr_name_acl_map[role_name], person=person, ) label_name = "Test Label" response = self.api.put(assessment, { 'labels': [{ 'name': label_name, 'id': None, 'type': 'Label' }] }) self.assert200(response) response = self.api.get(assessment, assessment.id) self.assert200(response) labels = response.json['assessment']['labels'] self.assertEqual(len(labels), 1) self.assertEqual(labels[0]['name'], label_name)
def test_search_no_acl_in_content(self, field, role_name): """Test search older revisions without access_control_list.""" with factories.single_commit(): person = factories.PersonFactory(email="{}@example.com".format(field), name=field) control = factories.ControlFactory() revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.type, ).one() with factories.single_commit(): snapshot = factories.SnapshotFactory( child_id=control.id, child_type=control.type, revision=revision) old_content = revision.content.copy() old_content.pop("access_control_list") old_content[field] = {"id": person.id} revision.content = old_content db.session.add(revision) person_id = person.id snapshot_id = snapshot.id self.client.post("/admin/reindex") person = all_models.Person.query.get(person_id) snapshot = all_models.Snapshot.query.get(snapshot_id) self.assert_indexed_fields(snapshot, role_name, { "{}-email".format(person.id): person.email, "{}-name".format(person.id): person.name, "__sort__": person.email, })
def test_filter_by_checkbox_cad_no_cav(self): """Test index by Checkdoxed cad no cav.""" checkbox_type = all_models.CustomAttributeDefinition.ValidTypes.CHECKBOX cad_title = "Checkbox" search_value = "No" with factories.single_commit(): factories.CustomAttributeDefinitionFactory( attribute_type=checkbox_type, definition_type="control", title=cad_title, ) control = factories.ControlFactory() revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.type, ).first() revision.content = control.log_json() db.session.add(revision) with factories.single_commit(): snapshot = factories.SnapshotFactory( child_id=control.id, child_type=control.type, revision=revision) db.session.expire_all() snapshot_id = snapshot.id self.client.post("/admin/reindex") snapshot = all_models.Snapshot.query.get(snapshot_id) self.assert_indexed_fields(snapshot, cad_title, {"": search_value})
def test_index_by_acr(self): """Test index by ACR.""" role_name = "Test name" with factories.single_commit(): acr = factories.AccessControlRoleFactory( name=role_name, object_type="Control" ) person = factories.PersonFactory(email="*****@*****.**", name='test') control = factories.ControlFactory() factories.AccessControlList(ac_role=acr, person=person, object=control) revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.type, ).one() revision.content = control.log_json() db.session.add(revision) with factories.single_commit(): snapshot = factories.SnapshotFactory( child_id=control.id, child_type=control.type, revision=revision) db.session.expire_all() person_id = person.id snapshot_id = snapshot.id self.client.post("/admin/reindex") person = all_models.Person.query.get(person_id) snapshot = all_models.Snapshot.query.get(snapshot_id) self.assert_indexed_fields(snapshot, role_name, { "{}-email".format(person.id): person.email, "{}-name".format(person.id): person.name, "__sort__": person.email, })
def test_index_deleted_acr(self): """Test index by removed ACR.""" role_name = "Test name" with factories.single_commit(): acr = factories.AccessControlRoleFactory( name=role_name, object_type="Control" ) person = factories.PersonFactory(email="*****@*****.**", name='test') control = factories.ControlFactory() factories.AccessControlList(ac_role=acr, person=person, object=control) revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.type, ).one() revision.content = control.log_json() db.session.add(revision) with factories.single_commit(): snapshot = factories.SnapshotFactory( child_id=control.id, child_type=control.type, revision=revision) db.session.expire_all() db.session.delete(acr) db.session.commit() snapshot_id = snapshot.id self.client.post("/admin/reindex") snapshot = all_models.Snapshot.query.get(snapshot_id) all_found_records = dict(Record.query.filter( Record.key == snapshot.id, Record.type == snapshot.type, Record.property == role_name.lower() ).values("subproperty", "content")) self.assertFalse(all_found_records)
def test_export_assesments_map_control(self, with_map): """Test export assesment with and without related control instance""" with factories.single_commit(): audit = factories.AuditFactory() assessment = factories.AssessmentFactory(audit=audit) factories.RelationshipFactory(source=audit, destination=assessment) control = factories.ControlFactory() revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.__class__.__name__ ).order_by( all_models.Revision.id.desc() ).first() with factories.single_commit(): snapshot = factories.SnapshotFactory( parent=audit, child_id=control.id, child_type=control.__class__.__name__, revision_id=revision.id ) if with_map: factories.RelationshipFactory(source=snapshot, destination=assessment) if with_map: val = control.slug else: val = "" self.assertColumnExportedValue(val, assessment, "map:control versions")
def test_search_no_acl_in_content(self, field, role_name): """Test search older revisions without access_control_list.""" with factories.single_commit(): factories.AccessControlRoleFactory(name=role_name, object_type="Control") person = factories.PersonFactory(email="{}@example.com".format(field), name=field) control = factories.ControlFactory() revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.type, ).one() with factories.single_commit(): snapshot = factories.SnapshotFactory( child_id=control.id, child_type=control.type, revision=revision) revision.content = revision.content.copy() revision.content.pop("access_control_list") revision.content[field] = {"id": person.id} db.session.add(revision) do_reindex() self.assert_indexed_fields(snapshot, role_name, { "{}-email".format(person.id): person.email, "{}-name".format(person.id): person.name, "{}-user_name".format(person.id): person.user_name, "__sort__": person.user_name, })
def test_proposal_delete_acl(self, roles, deleted): """Test delete acl proposal for ACRs with internal flags as {roles}.""" role_person_list = [] with factories.single_commit(): risk = factories.RiskFactory(title="1") for idx, role_internal_flag in enumerate(roles): role = factories.AccessControlRoleFactory(name="role_{}".format(idx), object_type="Risk", internal=role_internal_flag) person = factories.PersonFactory() role_person_list.append((role, person)) acl = factories.AccessControlListFactory( ac_role=role, object=risk, ) factories.AccessControlPersonFactory( ac_list=acl, person=person, ) with factories.single_commit(): latest_revision = all_models.Revision.query.filter( all_models.Revision.resource_id == risk.id, all_models.Revision.resource_type == risk.type ).order_by( all_models.Revision.created_at.desc() ).first() latest_revision.content = risk.log_json() risk_id = risk.id risk_content = risk.log_json() risk_content["access_control_list"] = [] expected_result = {} for idx, (role, person) in enumerate(role_person_list): if deleted[idx]: expected_result[str(role.id)] = { "added": [], "deleted": [{"id": person.id, "email": person.email}], } resp = self.api.post( all_models.Proposal, {"proposal": { "instance": { "id": risk.id, "type": risk.type, }, # "content": {"123": 123}, "full_instance_content": risk_content, "agenda": "delete access control roles", "context": None, }}) self.assertEqual(201, resp.status_code) risk = all_models.Risk.query.get(risk_id) self.assertEqual(1, len(risk.proposals)) self.assertIn("access_control_list", risk.proposals[0].content) acl = risk.proposals[0].content["access_control_list"] self.assertEqual(expected_result, acl) self.assertEqual(1, len(risk.comments))
def test_snapshot_counts_query(self): """Test snapshot_counts endpoint""" with factories.single_commit(): audit = factories.AuditFactory() issue_1 = factories.IssueFactory(audit=audit) control = factories.ControlFactory() regulation = factories.RegulationFactory() factories.RelationshipFactory( source=issue_1, destination=control ) issue_2 = factories.IssueFactory(audit=audit) with factories.single_commit(): revision = all_models.Revision.query.filter( all_models.Revision.resource_type == "Issue", all_models.Revision.resource_id == issue_1.id ).first() revision_2 = all_models.Revision.query.filter( all_models.Revision.resource_type == "Issue", all_models.Revision.resource_id == issue_2.id ).first() snapshot_1 = factories.SnapshotFactory( parent=issue_1.audit, child_type=control.type, child_id=control.id, revision=revision ) factories.RelationshipFactory( source=issue_1, destination=snapshot_1, ) snapshot_2 = factories.SnapshotFactory( parent=issue_2.audit, child_type=regulation.type, child_id=regulation.id, revision=revision_2 ) factories.RelationshipFactory( source=issue_2, destination=snapshot_2, ) issues = [issue_1, issue_2] expected_snapshot_counts = { issue_1.id: {"Control": 1}, issue_2.id: {"Regulation": 1}, } for issue in issues: response = self.api.client.get( "/api/issues/{}/snapshot_counts".format(issue.id), ) snapshot_counts = json.loads(response.data) self.assertEqual(snapshot_counts, expected_snapshot_counts[issue.id])
def setUp(self): super(TestRevisionHistory, self).setUp() self.api = Api() roles = {r.name: r for r in all_models.Role.query.all()} with factories.single_commit(): factories.AccessControlRoleFactory( name="ACL_Reader", object_type="Control", update=0, ) factories.AccessControlRoleFactory( name="ACL_Editor", object_type="Control" ), with factories.single_commit(): self.control = factories.ControlFactory() self.program = factories.ProgramFactory() self.program.context.related_object = self.program self.relationship = factories.RelationshipFactory( source=self.program, destination=self.control, context=self.program.context, ) self.people = { "Creator": factories.PersonFactory(), "Reader": factories.PersonFactory(), "Editor": factories.PersonFactory(), "Administrator": factories.PersonFactory(), "ACL_Reader": factories.PersonFactory(), "ACL_Editor": factories.PersonFactory(), "Program Editors": factories.PersonFactory(), "Program Managers": factories.PersonFactory(), "Program Readers": factories.PersonFactory(), } for role_name in ["Creator", "Reader", "Editor", "Administrator"]: rbac_factories.UserRoleFactory(role=roles[role_name], person=self.people[role_name]) for role_name in ["Program Editors", "Program Managers", "Program Readers"]: person = self.people[role_name] rbac_factories.UserRoleFactory(role=roles["Creator"], person=person) factories.AccessControlPersonFactory( ac_list=self.program.acr_name_acl_map[role_name], person=self.people[role_name], ) with factories.single_commit(): for role_name in ["ACL_Reader", "ACL_Editor"]: rbac_factories.UserRoleFactory(role=roles["Creator"], person=self.people[role_name]) factories.AccessControlPersonFactory( ac_list=self.control.acr_name_acl_map[role_name], person=self.people[role_name], )
def test_snapshot_counts_query(self): """Test snapshot_counts endpoint""" with factories.single_commit(): assessment_1 = factories.AssessmentFactory() control = factories.ControlFactory() regulation = factories.RegulationFactory() factories.RelationshipFactory( source=assessment_1, destination=control ) assessment_2 = factories.AssessmentFactory() with factories.single_commit(): revision = all_models.Revision.query.filter( all_models.Revision.resource_type == "Assessment", all_models.Revision.resource_id == assessment_1.id ).first() revision_2 = all_models.Revision.query.filter( all_models.Revision.resource_type == "Assessment", all_models.Revision.resource_id == assessment_2.id ).first() snapshot_1 = factories.SnapshotFactory( parent=assessment_1.audit, child_type=control.type, child_id=control.id, revision=revision ) factories.RelationshipFactory( source=assessment_1, destination=snapshot_1, ) snapshot_2 = factories.SnapshotFactory( parent=assessment_2.audit, child_type=regulation.type, child_id=regulation.id, revision=revision_2 ) factories.RelationshipFactory( source=assessment_2, destination=snapshot_2, ) assessments = [assessment_1, assessment_2] expected_snapshot_counts = { assessment_1.id: {"Control": 1}, assessment_2.id: {"Regulation": 1}, } for assessment in assessments: response = self.api.client.get( "/api/assessments/{}/snapshot_counts".format(assessment.id), ) snapshot_counts = json.loads(response.data) self.assertEqual(snapshot_counts, expected_snapshot_counts[assessment.id])
def test_import_propagation(self): """Test propagation program roles via import""" # pylint: disable=too-many-locals with factories.single_commit(): program = factories.ProgramFactory() control = factories.ControlFactory() control_1 = factories.ControlFactory() factories.RelationshipFactory(destination=program, source=control) factories.RelationshipFactory(destination=program, source=control_1) revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.type, ).first() with factories.single_commit(): audit = factories.AuditFactory(program=program) rel = factories.RelationshipFactory(destination=audit.program, source=audit) snapshot = factories.SnapshotFactory(parent=audit, revision_id=revision.id, child_type=control.type, child_id=control.id) factories.RelationshipFactory(destination=audit, source=snapshot) flask.g.new_relationship_ids = [rel.id] flask.g.new_acl_ids = [a.id for a in program._access_control_list] flask.g.deleted_objects = [] propagation.propagate() acl_q = all_models.AccessControlList.query.filter( all_models.AccessControlList.object_type == "Assessment", ) self.assertEqual(acl_q.count(), 0) response = self.import_data( OrderedDict([ ("object_type", "Assessment"), ("Code*", ""), ("Audit*", audit.slug), ("title", "Assessment title 1"), ("Creators", "*****@*****.**"), ("Assignees", "*****@*****.**"), ("map:Control versions", control.slug), ]), OrderedDict([ ("object_type", "Assessment"), ("Code*", ""), ("Audit*", audit.slug), ("title", "Assessment title 2"), ("Creators", "*****@*****.**"), ("Assignees", "*****@*****.**"), ("map:Control versions", control.slug), ]), ) self.check_import_errors(response) self.assertEqual(acl_q.count(), 20)
def test_issue_bulk_generate(self): """Test bulk update of issues for Issues.""" issue_ids = [] with factories.single_commit(): for _ in range(3): issue = factories.IssueFactory() factories.IssueTrackerIssueFactory( enabled=True, issue_tracked_obj=issue, issue_id=self.issue_id, title="", component_id=12345, hotlist_id=54321, issue_priority="P2", issue_severity="S2", ) issue_ids.append(issue.id) with factories.single_commit(): person = factories.PersonFactory() for issue in all_models.Issue.query.all(): issue.modified_by = person for role_name in ["Admin", "Primary Contacts"]: issue.add_person_with_role_name(person, role_name) # Verify that IssueTracker issues hasn't updated data issues = all_models.IssuetrackerIssue.query.filter( all_models.IssuetrackerIssue.object_type == "Issue", all_models.IssuetrackerIssue.object_id.in_(issue_ids) ).all() for issue in issues: parent_obj = issue.Issue_issue_tracked self.assertNotEqual(issue.title, parent_obj.title) self.assertEqual(issue.assignee, None) issue_issuetracker_info = [ ("Issue", id_, None, None) for id_ in issue_ids ] response = self.update_issues_for(issue_issuetracker_info) self.assert200(response) self.assertEqual(response.json.get("errors"), []) # IssueTracker issues should be updated with proper values issues = all_models.IssuetrackerIssue.query.filter( all_models.IssuetrackerIssue.object_type == "Issue", all_models.IssuetrackerIssue.object_id.in_(issue_ids) ).all() for issue in issues: parent_obj = issue.Issue_issue_tracked self.assertEqual(issue.title, parent_obj.title) self.assertEqual(issue.cc_list, "")
def test_import_with_mandatory(self): """Test import of data with mandatory role""" # Import of data should be allowed if mandatory role provided # and can process situation when nonmandatory roles are absent # without any errors and warnings with factories.single_commit(): mandatory_role = factories.AccessControlRoleFactory( object_type="Market", mandatory=True ).name factories.AccessControlRoleFactory( object_type="Market", mandatory=False ) email = factories.PersonFactory().email response_json = self.import_data(OrderedDict([ ("object_type", "Market"), ("code", "market-1"), ("title", "Title"), ("Admin", "*****@*****.**"), (mandatory_role, email), ])) self._check_csv_response(response_json, {}) self.assertEqual(1, response_json[0]["created"]) self.assertEqual(1, len(models.Market.query.all()))
def test_single_acl_to_multiple(self, count): """Test propagation of single ACL entry to multiple children.""" with factories.single_commit(): person = factories.PersonFactory() program = factories.ProgramFactory() for i in range(count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_entry = factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=program, person=person, ) self.assertEqual(all_models.AccessControlList.query.count(), 1) child_ids = propagation._handle_acl_step([acl_entry.id]) self.assertEqual( all_models.AccessControlList.query.count(), # 1 original ACL entry, 2*count for objects+relationships 1 + count * 2 ) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), count, )
def test_import_without_mandatory(self): """Test import of data without mandatory role""" # Data can't be imported if mandatory role is not provided with factories.single_commit(): mandatory_role = factories.AccessControlRoleFactory( object_type="Market", mandatory=True ).name not_mandatory_role = factories.AccessControlRoleFactory( object_type="Market", mandatory=False ).name email = factories.PersonFactory().email response_json = self.import_data(OrderedDict([ ("object_type", "Market"), ("code", "market-1"), ("title", "Title"), ("Admin", "*****@*****.**"), (not_mandatory_role, email), ])) expected_errors = { "Market": { "row_errors": { errors.MISSING_COLUMN.format( line=3, column_names=mandatory_role, s="" ), } } } self._check_csv_response(response_json, expected_errors) markets_count = models.Market.query.count() self.assertEqual(markets_count, 0)
def test_audit_change(self): """Test audit changing""" with factories.single_commit(): audit = factories.AuditFactory() issue = factories.IssueFactory() response = self.import_data(OrderedDict([ ("object_type", "Issue"), ("Code*", issue.slug), ("map:Audit", audit.slug), ])) self._check_csv_response(response, {}) another_audit = factories.AuditFactory() response = self.import_data(OrderedDict([ ("object_type", "Issue"), ("Code*", issue.slug), ("map:Audit", another_audit.slug), ])) self._check_csv_response(response, { "Issue": { "row_warnings": { errors.SINGLE_AUDIT_RESTRICTION.format( line=3, mapped_type="Audit", object_type="Issue", ) } } })
def test_import_snapshot(self): """Test if snapshots can be created from imported objects.""" data = "Object type,,,\n" \ "Control,Code*,Title*,Admin*\n" \ ",,Control1,[email protected]\n" \ ",,Control2,[email protected]\n" \ ",,Control3,[email protected]" user = all_models.Person.query.first() with factories.single_commit(): imp_exp = factories.ImportExportFactory( job_type="Import", status="Blocked", created_at=datetime.now(), created_by=user, content=data, ) audit_id = factories.AuditFactory().id self.run_full_import(user, imp_exp) # We need to reopen session to grab newly created data db.session.close() controls = all_models.Control.query self.assertEqual(3, controls.count()) audit = all_models.Audit.query.get(audit_id) snapshots = self._create_snapshots(audit, controls.all()) self.assertEqual(3, len(snapshots))
def test_change_verification_flag_negative(self, title, unit, repeat_every): """Test change verification_flag negative title={}.""" with freezegun.freeze_time("2017-08-10"): with glob_factories.single_commit(): workflow = factories.WorkflowFactory(title=title, unit=unit, repeat_every=repeat_every) factories.TaskGroupTaskFactory( task_group=factories.TaskGroupFactory( workflow=workflow, context=glob_factories.ContextFactory() ), start_date=datetime.date(2017, 8, 3), end_date=datetime.date(2017, 8, 7)) wf_id = workflow.id self.generator.activate_workflow(workflow) workflow = all_models.Workflow.query.get(wf_id) verif_default = all_models.Workflow.IS_VERIFICATION_NEEDED_DEFAULT self.assertIs(workflow.is_verification_needed, verif_default) resp = self.api.put( workflow, { 'is_verification_needed': not verif_default }) self.assert400(resp) workflow = all_models.Workflow.query.get(wf_id) self.assertIs(workflow.is_verification_needed, verif_default)
def test_recalculate_start_date_on_delete(self, idxs, expected_date): """Test recalculate start_date on delete expected={1}.""" start_date_1 = datetime.date(2017, 8, 10) start_date_2 = datetime.date(2017, 8, 11) with freezegun.freeze_time("2017-08-10"): with glob_factories.single_commit(): workflow = factories.WorkflowFactory( title="This is a test WF", unit=all_models.Workflow.WEEK_UNIT, repeat_every=1) tasks = ( factories.TaskGroupTaskFactory( task_group=factories.TaskGroupFactory(workflow=workflow), start_date=start_date_1, end_date=start_date_1 + datetime.timedelta(1), ), factories.TaskGroupTaskFactory( task_group=factories.TaskGroupFactory(workflow=workflow), start_date=start_date_2, end_date=start_date_2 + datetime.timedelta(1), ), ) wf_id = workflow.id task_ids = [t.id for t in tasks] self.generator.activate_workflow(workflow) workflow = all_models.Workflow.query.get(wf_id) self.assertEqual(datetime.date(2017, 8, 17), workflow.next_cycle_start_date) for idx in idxs: task = all_models.TaskGroupTask.query.get(task_ids[idx]) self.api.delete(task) workflow = all_models.Workflow.query.get(wf_id) self.assertEqual(expected_date, workflow.next_cycle_start_date)
def test_archive_workflow(self, tgt_start_date, tgt_end_date, wf_status): """Test archive workflow with status={2}""" with freezegun.freeze_time("2017-08-10"): with glob_factories.single_commit(): workflow = factories.WorkflowFactory( title="This is a test WF", unit=all_models.Workflow.WEEK_UNIT, repeat_every=1) factories.TaskGroupTaskFactory( task_group=factories.TaskGroupFactory( workflow=workflow, context=glob_factories.ContextFactory(), ), start_date=tgt_start_date, end_date=tgt_end_date, ) wf_id = workflow.id self.generator.activate_workflow(workflow) workflow = all_models.Workflow.query.get(wf_id) self.assertEqual(all_models.Workflow.ACTIVE, workflow.status) self.assertIs(workflow.recurrences, True) # Archive workflow self.generator.modify_workflow(workflow, {'recurrences': False}) workflow = all_models.Workflow.query.get(wf_id) self.assertIs(workflow.recurrences, False) self.assertEqual(wf_status, workflow.status)
def test_ending_archived_workflow_cycles(self): # noqa pylint: disable=invalid-name """Archived workflow should be INACTIVE if current cycles are ended.""" with freezegun.freeze_time("2017-08-10"): with glob_factories.single_commit(): workflow = factories.WorkflowFactory( title="This is a test WF", unit=all_models.Workflow.WEEK_UNIT, repeat_every=1) factories.TaskGroupTaskFactory( task_group=factories.TaskGroupFactory( workflow=workflow, context=glob_factories.ContextFactory(), ), # Two cycles should be created start_date=datetime.date(2017, 8, 3), end_date=datetime.date(2017, 8, 7), ) wf_id = workflow.id self.generator.activate_workflow(workflow) workflow = all_models.Workflow.query.get(wf_id) self.assertEqual(all_models.Workflow.ACTIVE, workflow.status) self.assertIs(workflow.recurrences, True) self.assertEqual(2, len(workflow.cycles)) # Archive workflow self.generator.modify_workflow(workflow, {'recurrences': False}) workflow = all_models.Workflow.query.get(wf_id) self.assertIs(workflow.recurrences, False) self.assertEqual(all_models.Workflow.ACTIVE, workflow.status) # End all current cycles for cycle in workflow.cycles: self.generator.modify_object(cycle, {'is_current': False}) # Archived workflow should be inactive workflow = all_models.Workflow.query.get(wf_id) self.assertEqual(all_models.Workflow.INACTIVE, workflow.status)
def test_export_assesments_with_map_control_mirror_relation(self): """Test export assesment with related control instance relation assessment -> snapshot """ with factories.single_commit(): audit = factories.AuditFactory() assessment = factories.AssessmentFactory(audit=audit) factories.RelationshipFactory(source=audit, destination=assessment) control = factories.ControlFactory() revision = all_models.Revision.query.filter( all_models.Revision.resource_id == control.id, all_models.Revision.resource_type == control.__class__.__name__ ).order_by( all_models.Revision.id.desc() ).first() snapshot = factories.SnapshotFactory( parent=audit, child_id=control.id, child_type=control.__class__.__name__, revision_id=revision.id ) db.session.commit() factories.RelationshipFactory(destination=snapshot, source=assessment) self.assertColumnExportedValue(control.slug, assessment, "map:control versions")
def test_recalculate_start_date_on_create(self, new_start_date, expected_date): """Test recalculate start_date on create update={} expected={}.""" with freezegun.freeze_time("2017-08-10"): with glob_factories.single_commit(): workflow = factories.WorkflowFactory( title="This is a test WF", unit=all_models.Workflow.WEEK_UNIT, repeat_every=1) task = factories.TaskGroupTaskFactory( task_group=factories.TaskGroupFactory( workflow=workflow, context=glob_factories.ContextFactory(), ), start_date=datetime.date(2017, 8, 10), end_date=datetime.date(2017, 8, 11), ) wf_id = workflow.id task_id = task.id self.generator.activate_workflow(workflow) workflow = all_models.Workflow.query.get(wf_id) task = all_models.TaskGroupTask.query.get(task_id) self.assertEqual(datetime.date(2017, 8, 17), workflow.next_cycle_start_date) self.generator.generate_task_group_task( task.task_group, { 'start_date': new_start_date, 'end_date': new_start_date + datetime.timedelta(1), }) workflow = all_models.Workflow.query.get(wf_id) self.assertEqual(expected_date, workflow.next_cycle_start_date)
def test_exportable_only_updated_by(self, field, value): """Test exportable only "Last Updated By" field""" slug = "TestAssessment" with factories.single_commit(): factories.AssessmentFactory( slug=slug, modified_by=factories.PersonFactory(email="*****@*****.**"), ) data = [{ "object_name": "Assessment", "fields": "all", "filters": { "expression": { "left": "code", "op": {"name": "="}, "right": slug }, } }] before_update = self.export_parsed_csv(data)["Assessment"][0][field] self.assertEqual(before_update, "*****@*****.**") self.import_data(OrderedDict([("object_type", "Assessment"), ("Code*", slug), (field, value)])) after_update = self.export_parsed_csv(data)["Assessment"][0][field] self.assertEqual(after_update, "*****@*****.**")
def test_propagate_all(self): """Test clean propagation of all ACL entries.""" with factories.single_commit(): person = factories.PersonFactory() task = wf_factories.TaskGroupTaskFactory() audit = factories.AuditFactory() factories.RelationshipFactory( source=audit, destination=audit.program, ) acl_ids = [ factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=audit.program, person=person, ).id ] factories.AccessControlListFactory( ac_role=self.roles["Workflow"]["Workflow Member"], object=task.workflow, person=person, ) # propagate all non WF entries propagation._propagate(acl_ids) self.assertEqual(all_models.AccessControlList.query.count(), 4) all_models.AccessControlList.query.filter( all_models.AccessControlList.parent_id.isnot(None) ).delete() self.assertEqual(all_models.AccessControlList.query.count(), 2) # propagate all including WF entries propagation.propagate_all() self.assertEqual(all_models.AccessControlList.query.count(), 6)
def test_propagation_conflict(self): """Test propagation conflicts When we create a new acl entry and a new relationship in the same commit some roles would be propagated twice and would cause unique constraint errors. This test checks for the most basic such scenario. """ with factories.single_commit(): person = factories.PersonFactory() audit = factories.AuditFactory() relationship = factories.RelationshipFactory( source=audit, destination=audit.program, ) acl_entry = factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=audit.program, person=person, ) with app.app.app_context(): flask.g.new_acl_ids = {acl_entry.id} flask.g.new_relationship_ids = {relationship.id} flask.g.deleted_objects = set() propagation.propagate() db.session.commit() self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_autogen_verification_flag(self, flag): """Check is_verification_needed flag for activate WF action.""" with factories.single_commit(): workflow = wf_factories.WorkflowFactory(is_verification_needed=flag) group = wf_factories.TaskGroupFactory(workflow=workflow) wf_factories.TaskGroupTaskFactory(task_group=group) data = [{ "cycle": { "autogenerate": True, "isOverdue": False, "workflow": { "id": workflow.id, "type": "Workflow", }, "context": { "id": workflow.context_id, "type": "Context", }, } }] resp = self.api.send_request( self.api.client.post, api_link="/api/cycles", data=data) cycle_id = resp.json[0][1]["cycle"]["id"] self.assertEqual( flag, all_models.Cycle.query.get(cycle_id).is_verification_needed)
def test_update_non_changeable_field(self, field, value_creator): """Test importing Assessment's "Created Date" field""" slug = "TestAssessment" with factories.single_commit(): value = value_creator() factories.AssessmentFactory( slug=slug, modified_by=factories.PersonFactory(email="*****@*****.**"), ) data = [{ "object_name": "Assessment", "fields": "all", "filters": { "expression": { "left": "code", "op": {"name": "="}, "right": slug }, } }] before_update = self.export_parsed_csv(data)["Assessment"][0][field] with freezegun.freeze_time("2017-9-10"): self.import_data(OrderedDict([("object_type", "Assessment"), ("Code*", slug), (field, value)])) self.assertEqual(before_update, self.export_parsed_csv(data)["Assessment"][0][field])
def test_import_archived_assessment(self, is_archived, value, ignored, updated, row_errors): """Test archived assessment import procedure""" with factories.single_commit(): audit = factories.AuditFactory(archived=is_archived) assessment = factories.AssessmentFactory(audit=audit) factories.RelationshipFactory(source=audit, destination=assessment) resp = self.import_data(OrderedDict([ ("object_type", "Assessment"), ("Code*", assessment.slug), ("archived", value), ("description", "archived assessment description") ])) self.assertEqual([{ u'ignored': ignored, u'updated': updated, u'block_errors': [], u'name': u'Assessment', u'created': 0, u'deleted': 0, u'deprecated': 0, u'row_warnings': [], u'rows': 1, u'block_warnings': [], u'row_errors': row_errors }], resp)
def test_mapped_roles_template(self): """Test mapped assignee roles for assessment generated from template """ auditors = ["*****@*****.**", "*****@*****.**"] captains = ["*****@*****.**", "*****@*****.**"] with factories.single_commit(): template = factories.AssessmentTemplateFactory() self.generate_acls(auditors, self.auditor_role) self.generate_acls(captains, self.captains_role) self.assessment_post(template) # Add objects back to session to have access to their id and type db.session.add(self.audit, self.snapshot) for obj in [self.audit, self.snapshot]: self.assert_mapped_role("Verifiers Mapped", "*****@*****.**", obj) self.assert_mapped_role("Verifiers Mapped", "*****@*****.**", obj) self.assert_mapped_role("Assignees Mapped", "*****@*****.**", obj) self.assert_mapped_role("Assignees Mapped", "*****@*****.**", obj) self.assert_mapped_role("Creators Mapped", "*****@*****.**", obj)
def test_propagate_all(self): """Test clean propagation of all ACL entries.""" with factories.single_commit(): person = factories.PersonFactory() audit = factories.AuditFactory() factories.RelationshipFactory( source=audit, destination=audit.program, ) acl_ids = [ factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=audit.program, person=person, ).id ] propagation._propagate(acl_ids) self.assertEqual(all_models.AccessControlList.query.count(), 3) propagation._delete_all_propagated_acls() self.assertEqual(all_models.AccessControlList.query.count(), 1) propagation.propagate_all() self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_single_acl_to_multiple(self, count): """Test propagation of single ACL entry to multiple children.""" with factories.single_commit(): program = factories.ProgramFactory() for i in range(count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_id = program.acr_name_acl_map["Program Editors"].id child_ids = propagation._handle_acl_step([acl_id], self.user_id) self.assertEqual( all_models.AccessControlList.query.filter( all_models.AccessControlList.parent_id.isnot(None)).count(), count * 2) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), count, )
def test_gca_update_empty_value_and_status_not_change_status( self, from_status, value): """Assessment in '{0}' NOT changed when add GCA with '{1}' value + status Same as above + update status in the same PUT """ with factories.single_commit(): ca_factory = factories.CustomAttributeDefinitionFactory gca = ca_factory(definition_type='assessment', title='rich_test_gca', attribute_type='Rich Text') assessment = factories.AssessmentFactory() self.api.modify_object( assessment, { 'custom_attribute_values': [{ 'custom_attribute_id': gca.id, 'attribute_value': value, }], 'status': from_status }) assessment = self.refresh_object(assessment) self.assertEqual(from_status, assessment.status)
def test_create_commentable(self): """Test if commentable fields are set on creation""" with factories.single_commit(): assertion = factories.ControlAssertionFactory() recipients = "Admin,Control Operators,Control Owners" send_by_default = 0 response = self.api.post( all_models.Control, { "control": { "title": "Control title", "context": None, "recipients": recipients, "send_by_default": send_by_default, "assertions": [{ "id": assertion.id }] }, }) self.assertEqual(response.status_code, 201) control_id = response.json.get("control").get("id") control = db.session.query(all_models.Control).get(control_id) self.assertEqual(control.recipients, recipients) self.assertEqual(control.send_by_default, send_by_default)
def test_autogenerated_assignees_verifiers_with_model(self): """Test autogenerated assessment assignees based on template settings.""" assessor = "*****@*****.**" verifier = "*****@*****.**" with factories.single_commit(): self.audit.context = factories.ContextFactory() auditors = { u: factories.PersonFactory(email=u).id for u in [assessor, verifier] } template = factories.AssessmentTemplateFactory( test_plan_procedure=False, procedure_description="Assessment Template Test Plan", default_people={ "assessors": [auditors[assessor]], "verifiers": [auditors[verifier]], }, ) response = self.assessment_post(template) self.assert_assignees("Verifier", response, verifier) self.assert_assignees("Assessor", response, assessor) self.assert_assignees("Creator", response, "*****@*****.**")
def test_api_documents_exist(self): """Test /api/document/documents_exist""" with factories.single_commit(): doc1 = factories.DocumentFileFactory(gdrive_id="123") doc1_id = doc1.id factories.DocumentFileFactory(gdrive_id="456") endpoint_uri = "/api/document/documents_exist" request_data1 = json.dumps(dict(gdrive_ids=["123", "456"])) response1 = self.api.client.post(endpoint_uri, data=request_data1, content_type="application/json") self.assertEquals(len(response1.json), 2) self.assertTrue(all([r["exists"] for r in response1.json])) request_data2 = json.dumps(dict(gdrive_ids=["123", "999"])) response2 = self.api.client.post(endpoint_uri, data=request_data2, content_type="application/json") self.assertEquals(len(response2.json), 2) existing = [obj for obj in response2.json if obj["exists"]] not_existing = [obj for obj in response2.json if not obj["exists"]] self.assertEquals(len(existing), 1) self.assertEquals(len(not_existing), 1) self.assertEquals(existing[0]["object"]["id"], doc1_id)
def test_checkbox_fulltext(self, value, search_value): """Test filter by checkbox value.""" title = "checkbox" checkbox_type = all_models.CustomAttributeDefinition.ValidTypes.CHECKBOX with factories.single_commit(): market = factories.MarketFactory() cad = factories.CustomAttributeDefinitionFactory( title=title, definition_type="market", attribute_type=checkbox_type) factories.CustomAttributeValueFactory(custom_attribute=cad, attributable=market, attribute_value=value) contents = [ i.content for i in mysql.MysqlRecordProperty.query.filter( mysql.MysqlRecordProperty.property == title, mysql.MysqlRecordProperty.type == market.type, mysql.MysqlRecordProperty.key == market.id, ) ] self.assertEqual([search_value], contents)
def test_clone_task_group(self, get_copy_title_patch): """Check clone tg and if proper copy title set.""" expected_title = 'Copy Title' get_copy_title_patch.return_value = expected_title with factories.single_commit(): workflow = self.setup_helper.setup_workflow( (rbac_helper.GC_RNAME, )) task_group = wf_factories.TaskGroupFactory(workflow=workflow) cloned_task_group = wf_factories.TaskGroupFactory( parent_id=task_group.id, workflow=workflow) cloned_title = cloned_task_group.title _, clone_tg = self.object_generator.generate_object( all_models.TaskGroup, { "title": "TG - copy 1", "clone": task_group.id }) get_copy_title_patch.assert_called_once_with(task_group.title, [cloned_title]) self.assertEqual(clone_tg.title, expected_title) self.assertEqual(clone_tg.parent_id, task_group.id)
def test_updating_ca_dict(self): """Test updating custom attribute values with a dict.""" with factories.single_commit(): prog = factories.ProgramFactory() cad1 = factories.CustomAttributeDefinitionFactory( definition_type="program", title="CA 1", ) prog.custom_attribute_values = [{ "attribute_value": "55", "custom_attribute_id": cad1.id, }] db.session.commit() prog = prog.__class__.query.get(prog.id) prog.custom_attribute_values = [{ "attribute_value": "57", "custom_attribute_id": cad1.id, }] self.assertEqual(len(prog.custom_attribute_values), 1) self.assertEqual(prog.custom_attribute_values[0].attribute_value, "57")
def test_recalculate_date(self, setup_start_date, update_start_date, expected_date): """Recalculate next cycle start date""" with freeze_time(dtm.date(2017, 8, 15)): with factories.single_commit(): workflow = wf_factories.WorkflowFactory( repeat_every=1, status=Workflow.DRAFT, unit=Workflow.MONTH_UNIT) group = wf_factories.TaskGroupFactory(workflow=workflow) task_id = wf_factories.TaskGroupTaskFactory( task_group=group, start_date=setup_start_date, end_date=setup_start_date + dtm.timedelta(days=4)).id self.generator.activate_workflow(workflow) self.api.put( TaskGroupTask.query.get(task_id), { "start_date": update_start_date, "end_date": update_start_date + dtm.timedelta(4) }) active_wf = db.session.query(Workflow).filter( Workflow.status == 'Active').one() self.assertEqual(expected_date, active_wf.next_cycle_start_date)
def test_export_by_modified_by(self, field, email): """Test for creation assessment with mapped creator""" slug = "TestAssessment" with factories.single_commit(): factories.AssessmentFactory( slug=slug, modified_by=factories.PersonFactory(email=email), ) data = [{ "object_name": "Assessment", "fields": "all", "filters": { "expression": { "left": field, "op": {"name": "="}, "right": email }, } }] resp = self.export_parsed_csv(data)["Assessment"] self.assertEqual(1, len(resp)) self.assertEqual(slug, resp[0]["Code*"])
def test_import_with_mandatory(self): """Test import of data with mandatory role""" # Import of data should be allowed if mandatory role provided # and can process situation when nonmandatory roles are absent # without any errors and warnings with factories.single_commit(): mandatory_role = factories.AccessControlRoleFactory( object_type="Market", mandatory=True).name factories.AccessControlRoleFactory(object_type="Market", mandatory=False) email = factories.PersonFactory().email response_json = self.import_data( OrderedDict([ ("object_type", "Market"), ("code", "market-1"), ("title", "Title"), ("Admin", "*****@*****.**"), (mandatory_role, email), ])) self._check_csv_response(response_json, {}) self.assertEqual(1, response_json[0]["created"]) self.assertEqual(1, len(models.Market.query.all()))
def test_mapping_snapshot_not_assessment_type(self, from_status, expected_status): """Move Assessment form '{0}' to '{1}' when map snapshot. Snapshot type != assessment type """ with factories.single_commit(): audit = factories.AuditFactory() assessment = factories.AssessmentFactory( audit=audit, status=from_status, assessment_type='Contract') factories.RelationshipFactory(source=audit, destination=assessment) control = factories.ControlFactory(title='test control') snapshot = self._create_snapshots(audit, [control])[0] response, _ = self.objgen.generate_relationship( source=assessment, destination=snapshot, context=None, ) assessment = self.refresh_object(assessment) self.assertStatus(response, 201) self.assertEqual(expected_status, assessment.status)
def test_audit_role_propagation_not_delete(self, role="Auditors"): """Audit user with role Auditors can NOT delete related evidence""" _, reader = self.generator.generate_person(user_role="Reader") assignees_role = all_models.AccessControlRole.query.filter_by( object_type=all_models.Audit.__name__, name=role).first() with factories.single_commit(): audit = factories.AuditFactory() factories.AccessControlListFactory(ac_role=assignees_role, object=audit, person=reader) evidence = factories.EvidenceFactory() evidence_id = evidence.id factories.RelationshipFactory(source=audit, destination=evidence) self.api.set_user(reader) evidence = all_models.Evidence.query.get(evidence_id) resp = self.api.delete(evidence) self.assertStatus(resp, 403) evidence = all_models.Evidence.query.get(evidence_id) self.assertTrue(evidence)
def test_import_assessment_with_evidence_file_blank_multiple(self): """No warnings in Evidence Files""" evidence_file = "test_gdrive_url \n \n another_gdrive_url" with factories.single_commit(): audit = factories.AuditFactory() assessment = factories.AssessmentFactory() assessment_slug = assessment.slug factories.RelationshipFactory(source=audit, destination=assessment) evidence1 = factories.EvidenceFileFactory(link="test_gdrive_url") factories.RelationshipFactory(source=assessment, destination=evidence1) evidence2 = factories.EvidenceFileFactory(link="another_gdrive_url") factories.RelationshipFactory(source=assessment, destination=evidence2) response = self.import_data(OrderedDict([ ("object_type", "Assessment"), ("Code*", assessment_slug), ("Evidence File", evidence_file), ])) self.assertEquals([], response[0]['row_warnings'])
def test_assmt_generation_disallowed_wo_audit(self): """Test we can't turn integration On for Assessment w/o audit""" with factories.single_commit(): audit = factories.AuditFactory() factories.IssueTrackerIssueFactory( issue_tracked_obj=audit, enabled=False, issue_id=None, ) response = self.import_data( OrderedDict([ ("object_type", "Assessment"), ("Code*", ""), ("Audit", audit.slug), ("Assignees*", "*****@*****.**"), ("Creators", "*****@*****.**"), ("Title", "Object Title"), ("Ticket Tracker Integration", "On"), ("Due Date*", "2016-10-24T15:35:37"), ])) self._check_csv_response(response, {}) assmt = all_models.Assessment.query.one() self.assertFalse(assmt.issue_tracker["enabled"])
def test_update_reference_url(self): """Reference Url updated properly via import""" doc_url = "test_gdrive_url" with factories.single_commit(): control1 = factories.ControlFactory() control1_slug = control1.slug control2 = factories.ControlFactory() doc = factories.DocumentReferenceUrlFactory(link=doc_url) factories.RelationshipFactory(source=control1, destination=doc) factories.RelationshipFactory(source=control2, destination=doc) self.import_data( collections.OrderedDict([ ("object_type", "Control"), ("Code*", control1_slug), ("Reference Url", "new_gdrive_url"), ])) control1 = all_models.Control.query.filter_by(slug=control1_slug).one() self.assertEquals(1, len(control1.documents_reference_url)) self.assertEquals("new_gdrive_url", control1.documents_reference_url[0].link)
def test_create_ext_user_ext_relationship(self): """Validation external app user creates external relationship.""" self.api.set_user(self.person_ext) with factories.single_commit(): product = factories.ProductFactory() system = factories.SystemFactory() response = self.api.client.post(self.REL_URL, data=self.build_relationship_json( product, system, True), headers=self.HEADERS) self.assert200(response) relationship = all_models.Relationship.query.get( response.json[0][-1]["relationship"]["id"]) self.assertEqual(relationship.source_type, "Product") self.assertEqual(relationship.source_id, product.id) self.assertEqual(relationship.destination_type, "System") self.assertEqual(relationship.destination_id, system.id) self.assertTrue(relationship.is_external) self.assertEqual(relationship.modified_by_id, self.person_ext.id) self.assertIsNone(relationship.parent_id) self.assertIsNone(relationship.automapping_id) self.assertIsNone(relationship.context_id)
def test_autogenerated_assignees_verifiers(self): """Test autogenerated assessment assignees""" auditors = ["*****@*****.**", "*****@*****.**"] captains = [ "*****@*****.**", "*****@*****.**", "*****@*****.**" ] with factories.single_commit(): self.generate_acls(auditors, self.auditor_role) self.generate_acls(captains, self.captains_role) self.assertEqual( all_models.AccessControlPerson.query.join( all_models.AccessControlList).filter( all_models.AccessControlList.ac_role_id == self.auditor_role.id, all_models.AccessControlList.object_id == self.audit.id, all_models.AccessControlList.object_type == "Audit").count(), 2, "Auditors not present") response = self.assessment_post() self.assert_assignees("Verifiers", response, *auditors) self.assert_assignees("Assignees", response, *captains) self.assert_assignees("Creators", response, "*****@*****.**")
def test_add_person_revision(self): """Test Control revision created if new person is assigned in import.""" user = all_models.Person.query.filter_by( email="*****@*****.**").first() with factories.single_commit(): control = factories.ControlFactory(modified_by=user) objective = factories.ObjectiveFactory() revisions = db.session.query(all_models.Revision.action).filter_by( resource_type=control.type, resource_id=control.id) self.assertEqual(revisions.all(), [("created", )]) response = self.import_data( collections.OrderedDict([ ("object_type", "Control"), ("Code*", control.slug), ("Admin", "*****@*****.**"), ("Control Operators", "*****@*****.**"), ("Control Owners", "*****@*****.**"), ("Map:Objective", objective.slug), ])) self._check_csv_response(response, {}) self.assertEqual(revisions.all(), [('created', ), ('modified', )])
def test_create_required_flag_error(self, data, msg): """Test create wf with empty or invalid Needed Verification flag""" slug = "SomeCode" with factories.single_commit(): person = factories.PersonFactory(email="*****@*****.**") resp = self.import_data( collections.OrderedDict([ ("object_type", "Workflow"), ("code", slug), ("title", "SomeTitle"), ("force real-time email updates", "no"), ("Admin", person.email), ("Need Verification", data), ])) data = { "Workflow": { "row_errors": {msg.format(line=3, column_name="Need Verification")} } } self.assertEqual(1, resp[0]['ignored']) self._check_csv_response(resp, data) self.assertIsNone(Workflow.query.filter(Workflow.slug == slug).first())
def test_import_assessment_with_evidence_url_existing(self): """If url already mapped to assessment ignore it""" evidence_url = "test_gdrive_url" with factories.single_commit(): audit = factories.AuditFactory() assessment = factories.AssessmentFactory() assessment_slug = assessment.slug factories.RelationshipFactory(source=audit, destination=assessment) evidence = factories.EvidenceUrlFactory(link=evidence_url) factories.RelationshipFactory(source=assessment, destination=evidence) response = self.import_data( OrderedDict([ ("object_type", "Assessment"), ("Code*", assessment_slug), ("Evidence Url", evidence_url), ])) evidences = all_models.Evidence.query.filter_by( link=evidence_url).all() self.assertEquals(1, len(evidences)) self.assertEquals([], response[0]['row_warnings'])
def test_document_remove_related(self, document_type, from_status, expected_status): """Move Assessment from '{1}' to '{2}' remove document of type {0}""" with factories.single_commit(): assessment = factories.AssessmentFactory(status=from_status) document = factories.DocumentFactory(document_type=document_type, title='google.com', link='google.com') factories.RelationshipFactory(destination=assessment, source=document) response = self.api.put( assessment, { 'actions': { 'remove_related': [{ 'id': document.id, 'type': 'Document', }] } }) assessment = self.refresh_object(assessment) self.assert200(response) self.assertEqual(expected_status, assessment.status)
def test_evidence_remove_related(self, kind, from_status, expected_status): """Move Assessment from '{1}' to '{2}' remove evidence of type {0}""" with factories.single_commit(): assessment = factories.AssessmentFactory(status=from_status) evidence = factories.EvidenceFactory(kind=kind, title='google.com', link='google.com', source_gdrive_id='some_id') factories.RelationshipFactory(destination=assessment, source=evidence) response = self.api.put( assessment, { 'actions': { 'remove_related': [{ 'id': evidence.id, 'type': 'Evidence', }] } }) assessment = self.refresh_object(assessment) self.assert200(response) self.assertEqual(expected_status, assessment.status)
def test_validate_invalid_type_ca(self): """Test adding invalid attribute type to custom "Map:Person" attribute.""" with factories.single_commit(): program = factories.ProgramFactory() attribute_definition = factories.CustomAttributeDefinitionFactory( definition_type="program", definition_id=program.id, attribute_type="Map:Person", mandatory=True ) program.custom_attribute_values = [ { "attribute_value": "Assessment:1", "custom_attribute_id": attribute_definition.id, } ] with self.assertRaises(ValueError) as exception: program.validate_custom_attributes() self.assertEqual(exception.exception.message, 'Invalid attribute type: Assessment expected Person')
def test_create_mapping_cache(self, count): """Test creation of mapping cache for export.""" with factories.single_commit(): regulations = [factories.RegulationFactory() for _ in range(count)] markets = [factories.MarketFactory() for _ in range(count)] controls = [factories.ControlFactory() for _ in range(count)] expected_cache = defaultdict(lambda: defaultdict(list)) for i in range(count): for j in range(i): factories.RelationshipFactory( source=regulations[j] if i % 2 == 0 else markets[i], destination=regulations[j] if i % 2 == 1 else markets[i], ) factories.RelationshipFactory( source=regulations[j] if i % 2 == 0 else controls[i], destination=regulations[j] if i % 2 == 1 else controls[i], ) expected_cache[regulations[j].id]["Control"].append( controls[i].slug) expected_cache[regulations[j].id]["Market"].append( markets[i].slug) block = base_block.BlockConverter(mock.MagicMock()) block.object_class = models.Regulation block.object_ids = [r.id for r in regulations] with QueryCounter() as counter: cache = block._create_mapping_cache() self.assertEqual( self.dd_to_dict(cache), self.dd_to_dict(expected_cache), ) self.assertLess(counter.get, self.QUERY_LIMIT)
def test_asmt_default_values_from_tmpl(self, field, alias, value, tmpl_value): """Test set tmpl.{0}={3!r} if csv.{1!r}={2!r} and audit/app integr on""" with factories.single_commit(): audit = factories.AuditFactory() factories.IssueTrackerIssueFactory( issue_tracked_obj=audit, enabled=True) tmpl = factories.AssessmentTemplateFactory(audit=audit) factories.IssueTrackerIssueFactory( issue_tracked_obj=tmpl, **{field: tmpl_value}) fields = OrderedDict([ ("object_type", "Assessment"), ("Code*", "OBJ-1"), ("Audit*", audit.slug), ("Assignees*", "*****@*****.**"), ("Creators", "*****@*****.**"), ("Template", tmpl.slug), ("Title", "Object Title"), ]) if value is not None: fields[alias] = value response = self.import_data(fields) if value is not None: # ensure that warning is returned expected_warning = ( errors.WRONG_VALUE_DEFAULT.format(line=3, column_name=alias) ) expected_messages = {"Assessment": {"row_warnings": {expected_warning}}} self._check_csv_response(response, expected_messages) obj = all_models.Assessment.query.one() self.assertEqual(str(obj.issue_tracker[field]), str(tmpl_value)) self.mock_create_issue.assert_not_called()
def test_create_new_assessment_with_mapped_control(self): "Test for creation assessment with mapped controls" with factories.single_commit(): audit = factories.AuditFactory() control = factories.ControlFactory() revision = models.Revision.query.filter( models.Revision.resource_id == control.id, models.Revision.resource_type == control.__class__.__name__).order_by( models.Revision.id.desc()).first() factories.SnapshotFactory(parent=audit, child_id=control.id, child_type=control.__class__.__name__, revision_id=revision.id) db.session.commit() self.assertFalse( db.session.query( models.Relationship.get_related_query( models.Assessment(), models.Snapshot()).exists()).first()[0]) slug = "TestAssessment" self.import_data( OrderedDict([ ("object_type", "Assessment"), ("Code*", slug), ("Audit*", audit.slug), ("Assignees*", models.Person.query.all()[0].email), ("Creators", models.Person.query.all()[0].email), ("Title", "Strange title"), ("map:Control versions", control.slug), ])) assessment = models.Assessment.query.filter( models.Assessment.slug == slug).first() self.assertTrue( db.session.query( models.Relationship.get_related_query( assessment, models.Snapshot()).exists()).first()[0])
def test_acl_no_reindex_snapshots(self): """Test that snapshot reindex is not happened for acl where person has the same role for different kind of objects.""" with factories.single_commit(): person = factories.PersonFactory(name="Test Name") system = factories.SystemFactory() audit = factories.AuditFactory() factories.AccessControlPersonFactory( ac_list=system.acr_name_acl_map["Admin"], person=person, ) audit_id = audit.id system_id = system.id person_id = person.id person_name = person.name person_email = person.email revision = all_models.Revision.query.filter( all_models.Revision.resource_id == system.id, all_models.Revision.resource_type == system.type ).one() revision.content = system.log_json() db.session.add(revision) db.session.commit() self._create_snapshots(audit, [system]) self.client.post("/admin/reindex_snapshots") snapshot = all_models.Snapshot.query.filter( all_models.Snapshot.parent_id == audit_id, all_models.Snapshot.parent_type == 'Audit', all_models.Snapshot.child_id == system_id, all_models.Snapshot.child_type == 'System', ).one() self.assert_indexed_fields(snapshot, "Admin", { "{}-email".format(person_id): person_email, "{}-name".format(person_id): person_name, "__sort__": person_email, })