def test_permissions(self, users_with_all_roles, login_role, can_view, can_edit, selenium): # pylint: disable=too-many-arguments """Test that users have permissions to objects created by other users according to their global role. """ objs = [] other_roles = [role for role in self.ALL_ROLES if role != login_role] for role in other_roles: users.set_current_user(users_with_all_roles[role]) program = rest_facade.create_program() control = rest_facade.create_control_mapped_to_program(program) objs.extend([program, control]) users.set_current_user(users_with_all_roles[login_role]) for obj in objs: if can_view: webui_facade.assert_can_view(selenium, obj) if obj.type == "Control": webui_facade.assert_can_edit_control( selenium, obj, can_edit) webui_facade.assert_cannot_delete_control(selenium, obj) else: webui_facade.assert_can_edit(selenium, obj, can_edit=can_edit) webui_facade.assert_can_delete(selenium, obj, can_delete=can_edit) else: webui_facade.assert_cannot_view(obj)
def test_auditor_cannot_view_control(self, selenium, test_data): """Test that Auditor cannot view control""" # pylint: disable=invalid-name creator = test_data["creator"] users.set_current_user(creator) control = test_data["control"] webui_facade.assert_cannot_view(control)
def test_permissions( self, users_with_all_roles, login_role, can_view, can_edit, selenium ): # pylint: disable=too-many-arguments """Test that users have permissions to objects created by other users according to their global role. """ objs = [] other_roles = [role for role in self.ALL_ROLES if role != login_role] for role in other_roles: users.set_current_user(users_with_all_roles[role]) program = rest_facade.create_program() control = rest_facade.create_control_mapped_to_program(program) objs.extend([program, control]) users.set_current_user(users_with_all_roles[login_role]) for obj in objs: if can_view: webui_facade.assert_can_view(selenium, obj) if obj.type == "Control": webui_facade.assert_can_edit_control(selenium, obj, can_edit) webui_facade.assert_cannot_delete_control(selenium, obj) else: webui_facade.assert_can_edit(selenium, obj, can_edit=can_edit) webui_facade.assert_can_delete(selenium, obj, can_delete=can_edit) else: webui_facade.assert_cannot_view(obj)
def test_auditor_cannot_view_control( self, selenium, test_data ): """Test that Auditor cannot view control""" # pylint: disable=invalid-name creator = test_data["creator"] users.set_current_user(creator) control = test_data["control"] webui_facade.assert_cannot_view(selenium, control)
def test_auditor_cannot_view_control(self, selenium, test_data): """Test that Auditor cannot view control""" creator = test_data["creator"] users.set_current_user(creator) control = test_data["control"] webui_facade.assert_cannot_view(selenium, control)