Example #1
0
 def test_permissions(self, users_with_all_roles, login_role, can_view,
                      can_edit, selenium):  # pylint: disable=too-many-arguments
     """Test that users have permissions to objects created by other users
 according to their global role.
 """
     objs = []
     other_roles = [role for role in self.ALL_ROLES if role != login_role]
     for role in other_roles:
         users.set_current_user(users_with_all_roles[role])
         program = rest_facade.create_program()
         control = rest_facade.create_control_mapped_to_program(program)
         objs.extend([program, control])
     users.set_current_user(users_with_all_roles[login_role])
     for obj in objs:
         if can_view:
             webui_facade.assert_can_view(selenium, obj)
             if obj.type == "Control":
                 webui_facade.assert_can_edit_control(
                     selenium, obj, can_edit)
                 webui_facade.assert_cannot_delete_control(selenium, obj)
             else:
                 webui_facade.assert_can_edit(selenium,
                                              obj,
                                              can_edit=can_edit)
                 webui_facade.assert_can_delete(selenium,
                                                obj,
                                                can_delete=can_edit)
         else:
             webui_facade.assert_cannot_view(obj)
Example #2
0
 def test_auditor_cannot_view_control(self, selenium, test_data):
     """Test that Auditor cannot view control"""
     # pylint: disable=invalid-name
     creator = test_data["creator"]
     users.set_current_user(creator)
     control = test_data["control"]
     webui_facade.assert_cannot_view(control)
Example #3
0
 def test_permissions(
     self, users_with_all_roles, login_role, can_view, can_edit, selenium
 ):  # pylint: disable=too-many-arguments
   """Test that users have permissions to objects created by other users
   according to their global role.
   """
   objs = []
   other_roles = [role for role in self.ALL_ROLES if role != login_role]
   for role in other_roles:
     users.set_current_user(users_with_all_roles[role])
     program = rest_facade.create_program()
     control = rest_facade.create_control_mapped_to_program(program)
     objs.extend([program, control])
   users.set_current_user(users_with_all_roles[login_role])
   for obj in objs:
     if can_view:
       webui_facade.assert_can_view(selenium, obj)
       if obj.type == "Control":
         webui_facade.assert_can_edit_control(selenium, obj, can_edit)
         webui_facade.assert_cannot_delete_control(selenium, obj)
       else:
         webui_facade.assert_can_edit(selenium, obj, can_edit=can_edit)
         webui_facade.assert_can_delete(selenium, obj, can_delete=can_edit)
     else:
       webui_facade.assert_cannot_view(obj)
Example #4
0
 def test_auditor_cannot_view_control(
     self, selenium, test_data
 ):
   """Test that Auditor cannot view control"""
   # pylint: disable=invalid-name
   creator = test_data["creator"]
   users.set_current_user(creator)
   control = test_data["control"]
   webui_facade.assert_cannot_view(selenium, control)
Example #5
0
 def test_auditor_cannot_view_control(self, selenium, test_data):
     """Test that Auditor cannot view control"""
     creator = test_data["creator"]
     users.set_current_user(creator)
     control = test_data["control"]
     webui_facade.assert_cannot_view(selenium, control)