Example #1
0
def test_remove_last_owner_via_audit(tmpdir: LocalPath, setup: SetupTest,
                                     browser: Chrome) -> None:
    future = datetime.utcnow() + timedelta(1)

    with setup.transaction():
        setup.add_user_to_group("*****@*****.**", "audited-team", role="owner")
        setup.create_permission("audited", audited=True)
        setup.grant_permission_to_group("audited", "", "audited-team")
        setup.add_user_to_group("*****@*****.**", "auditors")
        setup.add_user_to_group("*****@*****.**", "auditors", role="owner")
        setup.grant_permission_to_group(AUDIT_VIEWER, "", "auditors")
        setup.grant_permission_to_group(AUDIT_MANAGER, "", "auditors")
        setup.grant_permission_to_group(PERMISSION_AUDITOR, "", "auditors")
        setup.add_user_to_group("*****@*****.**",
                                "audited-team",
                                role="owner",
                                expiration=future)

    with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
        browser.get(url(frontend_url, "/audits/create"))

        create_page = AuditsCreatePage(browser)
        create_page.set_end_date(future.strftime("%m/%d/%Y"))
        create_page.submit()

        browser.get(url(frontend_url, "/groups/audited-team"))
        group_page = GroupViewPage(browser)
        audit_modal = group_page.get_audit_modal()
        audit_modal.find_member_row("*****@*****.**").set_audit_status("remove")
        audit_modal.confirm()

        assert group_page.current_url.endswith("/groups/audited-team")
        assert group_page.has_alert(group_ownership_policy.EXCEPTION_MESSAGE)
Example #2
0
def test_disabling_group_clears_audit(tmpdir: LocalPath, setup: SetupTest,
                                      browser: Chrome) -> None:
    future = datetime.utcnow() + timedelta(days=60)

    with setup.transaction():
        setup.add_user_to_group("*****@*****.**", "some-group", role="owner")
        setup.add_user_to_group("*****@*****.**", "some-group")
        setup.create_permission("some-permission", audited=True)
        setup.grant_permission_to_group("some-permission", "argument",
                                        "some-group")
        setup.add_user_to_group("*****@*****.**", "auditors")
        setup.grant_permission_to_group(AUDIT_VIEWER, "", "auditors")
        setup.grant_permission_to_group(AUDIT_MANAGER, "", "auditors")
        setup.grant_permission_to_group(PERMISSION_AUDITOR, "", "auditors")

    with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
        browser.get(url(frontend_url, "/audits/create"))

        create_page = AuditsCreatePage(browser)
        create_page.set_end_date(future.strftime("%m/%d/%Y"))
        create_page.submit()

        browser.get(url(frontend_url, "/groups/some-group"))

        group_page = GroupViewPage(browser)
        assert group_page.subheading == "some-group AUDIT IN PROGRESS"

    # Check that this created email reminder messages to the group owner.  We have to refresh the
    # session since otherwise SQLite may not see changes.
    setup.reopen_database()
    group = Group.get(setup.session, name="some-group")
    assert group
    expected_key = f"audit-{group.id}"
    emails = setup.session.query(AsyncNotification).filter_by(
        sent=False, email="*****@*****.**").all()
    assert len(emails) > 0
    assert all((e.key is None or e.key == expected_key for e in emails))
    assert all(("Group Audit" in e.subject for e in emails))

    # Now, disable the group, which should complete the audit.
    with frontend_server(tmpdir, "*****@*****.**") as frontend_url:
        browser.get(url(frontend_url, "/groups/some-group"))
        page = GroupViewPage(browser)

        audit_modal = page.get_audit_modal()
        audit_modal.click_close_button()
        page.wait_until_audit_modal_clears()
        page.click_disable_button()
        modal = page.get_disable_modal()
        modal.confirm()

        assert page.subheading == "some-group (disabled)"

    # And now all of the email messages should be marked sent except the immediate one (the one
    # that wasn't created with async_send_email).
    setup.reopen_database()
    emails = setup.session.query(AsyncNotification).filter_by(
        sent=False, email="*****@*****.**").all()
    assert len(emails) == 1
    assert emails[0].key is None