def test_role_for_org_non_owner(self):
        # creating org with member
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'get': 'retrieve',
            'post': 'members'
        })

        self.profile_data['username'] = "******"
        self._create_user_profile()
        data = {'username': '******'}
        user_role = 'member'
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, user='******')

        # getting profile
        request = self.factory.get('/', **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertIn('users', response.data.keys())

        for user in response.data['users']:
            username = user['user']
            role = user['role']
            expected_role = 'owner' if username == 'denoinc' else user_role
            self.assertEqual(role, expected_role)
    def test_add_members_to_org_with_role(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'get': 'retrieve'
        })

        self.profile_data['username'] = "******"
        self._create_user_profile()
        data = {'username': '******',
                'role': 'editor'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))

        # getting profile
        request = self.factory.get('/', **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data['users'][1]['user'], 'aboy')
        self.assertEqual(response.data['users'][1]['role'], 'editor')
    def test_orgs_non_creator_delete(self):
        self._org_create()

        view = OrganizationProfileViewSet.as_view({
            'delete': 'members',
            'post': 'members'
        })

        self.profile_data['username'] = "******"
        self.profile_data['email'] = '*****@*****.**'
        self._create_user_profile()

        alice_data = {'username': '******', 'email': '*****@*****.**'}
        request = self.factory.post(
            '/', data=json.dumps(alice_data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        expected_results = [u'denoinc', u'alice']
        self.assertEqual(status.HTTP_201_CREATED, response.status_code)
        self.assertEqual(expected_results, response.data)

        self._login_user_and_profile(extra_post_data=alice_data)

        request = self.factory.delete('/', data=json.dumps(alice_data),
                                      content_type="application/json",
                                      **self.extra)
        response = view(request, user='******')
        expected_results = [u'denoinc']
        self.assertEqual(expected_results, response.data)
    def test_put_bad_role(self):
        self._org_create()
        newname = 'aboy'
        view = OrganizationProfileViewSet.as_view({
            'get': 'retrieve',
            'post': 'members',
            'put': 'members'
        })

        User.objects.create(username=newname)
        data = {'username': newname}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data), set([u'denoinc', newname]))

        data = {'username': newname, 'role': 42}
        request = self.factory.put(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 400)
    def test_member_sees_orgs_added_to(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'get': 'list',
            'post': 'members'
        })

        member = 'aboy'
        expected_data = self.company_data
        expected_data['users'].append({'role': 'member', 'user': member})
        cur_username = self.profile_data['username']
        self.profile_data['username'] = member
        self._login_user_and_profile()
        self.profile_data['username'] = cur_username
        self._login_user_and_profile()

        data = {'username': member}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data, [u'denoinc', u'aboy'])

        self.profile_data['username'] = member
        self._login_user_and_profile()

        request = self.factory.get('/', **self.extra)
        response = view(request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data, [expected_data])
    def test_remove_members_from_org(self):
        self._org_create()
        newname = 'aboy'
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'delete': 'members'
        })

        User.objects.create(username=newname)
        data = {'username': newname}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data), set([u'denoinc', newname]))

        request = self.factory.delete(
            '/', json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data, [u'denoinc'])
Example #7
0
 def _org_create(self):
     view = OrganizationProfileViewSet.as_view({
         'get': 'list',
         'post': 'create'
     })
     request = self.factory.get('/', **self.extra)
     response = view(request)
     self.assertEqual(response.status_code, 200)
     data = {
         'org': u'denoinc',
         'name': u'Dennis',
         'city': u'Denoville',
         'country': u'US',
         'home_page': u'deno.com',
         'twitter': u'denoinc',
         'description': u'',
         'address': u'',
         'phonenumber': u'',
         'require_auth': False,
     }
     request = self.factory.post(
         '/', data=json.dumps(data),
         content_type="application/json", **self.extra)
     response = view(request)
     self.assertEqual(response.status_code, 201)
     data['url'] = 'http://testserver/api/v1/orgs/denoinc'
     data['user'] = '******'
     data['creator'] = 'http://testserver/api/v1/users/bob'
     self.assertDictContainsSubset(data, response.data)
     self.company_data = response.data
     self.organization = OrganizationProfile.objects.get(
         user__username=data['org'])
 def setUp(self):
     super(self.__class__, self).setUp()
     self.view = OrganizationProfileViewSet.as_view({
         'get': 'list',
         'post': 'create',
         'patch': 'partial_update',
     })
    def test_org_members_added_to_projects(self):
        # create org
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'get': 'retrieve',
            'put': 'members'
        })

        # create aboy
        self.profile_data['username'] = "******"
        aboy = self._create_user_profile().user

        data = {'username': '******',
                'role': 'owner'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        # create a proj
        project_data = {
            'owner': self.company_data['user']
        }
        self._project_create(project_data)
        self._publish_xls_form_to_project()

        # create alice
        self.profile_data['username'] = "******"
        alice = self._create_user_profile().user
        alice_data = {'username': '******',
                      'role': 'owner'}
        request = self.factory.post(
            '/', data=json.dumps(alice_data),
            content_type="application/json", **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        # Assert that user added in org is added to teams in proj
        self.assertTrue(OwnerRole.user_has_role(aboy, self.project))
        self.assertTrue(OwnerRole.user_has_role(alice, self.project))
        self.assertTrue(OwnerRole.user_has_role(aboy, self.xform))
        self.assertTrue(OwnerRole.user_has_role(alice, self.xform))

        # Org admins are added to owners in project
        projectView = ProjectViewSet.as_view({
            'get': 'retrieve'
        })
        request = self.factory.get('/', **self.extra)
        response = projectView(request, pk=self.project.pk)
        project_users = response.data.get('users')
        users_in_users = [user['user'] for user in project_users]

        self.assertIn('bob', users_in_users)
        self.assertIn('denoinc', users_in_users)
        self.assertIn('aboy', users_in_users)
        self.assertIn('alice', users_in_users)
    def test_orgs_members_list(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'get': 'members'
        })

        request = self.factory.get('/', **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data, [u'denoinc'])
 def test_add_members_to_org_username_required(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'post': 'members'
     })
     request = self.factory.post('/', data={}, **self.extra)
     response = view(request, user='******')
     self.assertEqual(response.status_code, 400)
     self.assertEqual(response.data,
                      {u'username': [u"This field is required."]})
 def test_orgs_get(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'get': 'retrieve'
     })
     request = self.factory.get('/', **self.extra)
     response = view(request)
     self.assertEqual(response.status_code, 400)
     self.assertEqual(
         response.data, {'detail': 'Expected URL keyword argument `user`.'})
     request = self.factory.get('/', **self.extra)
     response = view(request, user='******')
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.company_data)
    def test_add_members_to_org_user_does_not_exist(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })
        data = {'username': '******'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.data,
                         {u'username': [u"User `aboy` does not exist."]})
 def test_orgs_get_anon(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'get': 'retrieve'
     })
     request = self.factory.get('/')
     response = view(request, user='******')
     self.assertNotEqual(response.get('Last-Modified'), None)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', response.data.keys())
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertEqual(type(user['user']), unicode)
 def test_orgs_get_anon(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'get': 'retrieve'
     })
     request = self.factory.get('/')
     response = view(request, user='******')
     self.assertNotEqual(response.get('Cache-Control'), None)
     self.assertEqual(response.status_code, 200)
     del self.company_data['metadata']
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', list(response.data))
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertTrue(isinstance(user['user'], text))
    def test_orgs_list_restricted(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'get': 'list'
        })

        alice_data = {'username': '******', 'email': '*****@*****.**'}
        self._login_user_and_profile(extra_post_data=alice_data)
        self.assertEqual(self.user.username, 'alice')

        request = self.factory.get('/', **self.extra)
        response = view(request)

        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data, [])
    def test_add_members_to_org_with_anonymous_user(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })

        User.objects.create(username='******')
        data = {'username': '******'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json")

        response = view(request, user='******')
        self.assertEqual(response.status_code, 401)
        self.assertNotEquals(set(response.data), set([u'denoinc', u'aboy']))
    def test_put_role_user_none_existent(self):
        self._org_create()
        newname = 'i-do-no-exist'
        view = OrganizationProfileViewSet.as_view({
            'get': 'retrieve',
            'post': 'members',
            'put': 'members'
        })

        data = {'username': newname, 'role': 'editor'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 400)
    def test_orgs_delete(self):
        self._org_create()
        self.assertTrue(self.organization.user.is_active)

        view = OrganizationProfileViewSet.as_view({
            'delete': 'destroy'
        })

        request = self.factory.delete('/', **self.extra)
        response = view(request, user='******')

        self.assertEquals(204, response.status_code)

        self.assertEquals(0, OrganizationProfile.objects.filter(
            user__username='******').count())
        self.assertEquals(0, User.objects.filter(username='******').count())
 def test_orgs_get_not_creator(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({'get': 'retrieve'})
     alice_data = {'username': '******', 'email': '*****@*****.**'}
     previous_user = self.user
     self._login_user_and_profile(extra_post_data=alice_data)
     self.assertEqual(self.user.username, 'alice')
     self.assertNotEqual(previous_user, self.user)
     request = self.factory.get('/', **self.extra)
     response = view(request, user='******')
     self.assertNotEqual(response.get('Cache-Control'), None)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', response.data.keys())
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertEqual(type(user['user']), unicode)
    def test_add_members_to_owner_role(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'get': 'retrieve',
            'put': 'members'
        })

        self.profile_data['username'] = "******"
        aboy = self._create_user_profile().user

        data = {'username': '******', 'role': 'owner'}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))

        # getting profile
        request = self.factory.get('/', **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data['users'][1]['user'], 'aboy')
        self.assertEqual(response.data['users'][1]['role'], 'owner')

        owner_team = get_organization_owners_team(self.organization)

        self.assertIn(aboy, owner_team.user_set.all())

        # test user removed from owner team when role changed
        data = {'username': '******', 'role': 'editor'}
        request = self.factory.put('/',
                                   data=json.dumps(data),
                                   content_type="application/json",
                                   **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)

        owner_team = get_organization_owners_team(self.organization)

        self.assertNotIn(aboy, owner_team.user_set.all())
    def test_add_members_to_org(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })

        self.profile_data['username'] = '******'
        self.profile_data['email'] = '*****@*****.**'
        self._create_user_profile()
        data = {'username': '******'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))
    def test_org_always_has_admin_or_owner(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'put': 'members',
        })
        data = {'username': self.user.username, 'role': 'editor'}
        request = self.factory.put(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 400)
        self.assertEquals(response.data,
                          {
                              u'non_field_errors':
                                  [u'Organization cannot be without an owner']
                          })
 def test_orgs_get(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({'get': 'retrieve'})
     request = self.factory.get('/', **self.extra)
     response = view(request)
     self.assertEqual(response.status_code, 400)
     self.assertEqual(response.data,
                      {'detail': 'Expected URL keyword argument `user`.'})
     request = self.factory.get('/', **self.extra)
     response = view(request, user='******')
     self.assertNotEqual(response.get('Cache-Control'), None)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', response.data.keys())
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertEqual(type(user['user']), unicode)
    def test_add_members_to_owner_role(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'get': 'retrieve',
            'put': 'members'
        })

        self.profile_data['username'] = "******"
        aboy = self._create_user_profile().user

        data = {'username': '******',
                'role': 'owner'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))

        # getting profile
        request = self.factory.get('/', **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data['users'][1]['user'], 'aboy')
        self.assertEqual(response.data['users'][1]['role'], 'owner')

        owner_team = get_organization_owners_team(self.organization)

        self.assertIn(aboy, owner_team.user_set.all())

        # test user removed from owner team when role changed
        data = {'username': '******', 'role': 'editor'}
        request = self.factory.put(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)

        owner_team = get_organization_owners_team(self.organization)

        self.assertNotIn(aboy, owner_team.user_set.all())
 def test_orgs_get(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'get': 'retrieve'
     })
     request = self.factory.get('/', **self.extra)
     response = view(request)
     self.assertEqual(response.status_code, 400)
     self.assertEqual(
         response.data, {'detail': 'Expected URL keyword argument `user`.'})
     request = self.factory.get('/', **self.extra)
     response = view(request, user='******')
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', response.data.keys())
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertEqual(type(user['user']), unicode)
Example #27
0
    def test_widget_create_by_org_admin(self):
        self.project.organization = self.organization.user
        self.project.save()
        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)

        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })

        data = {'username': chuck_profile.user.username,
                'role': OwnerRole.name}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user=self.organization.user.username)

        self.assertEqual(response.status_code, 201)

        owners_team = get_organization_owners_team(self.organization)
        self.assertIn(chuck_profile.user, owners_team.user_set.all())

        extra = {
            'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token}

        view = WidgetViewSet.as_view({
            'post': 'create'
        })

        data = {
            'content_object': 'http://testserver/api/v1/dataviews/%s' %
                              self.data_view.pk,
            'widget_type': "charts",
            'view_type': "horizontal-bar",
            'column': "_submission_time",
        }

        request = self.factory.post('/', data=json.dumps(data),
                                    content_type="application/json",
                                    **extra)
        response = view(request)

        self.assertEquals(response.status_code, 201)
Example #28
0
    def test_put_change_role(self):
        self._org_create()
        newname = 'aboy'
        view = OrganizationProfileViewSet.as_view({
            'get': 'retrieve',
            'post': 'members',
            'put': 'members'
        })

        self.profile_data['username'] = newname
        self._create_user_profile()
        data = {'username': newname}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(sorted(response.data), sorted([u'denoinc', newname]))

        user_role = 'editor'
        data = {'username': newname, 'role': user_role}
        request = self.factory.put('/',
                                   data=json.dumps(data),
                                   content_type="application/json",
                                   **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(sorted(response.data), sorted([u'denoinc', newname]))

        # getting profile
        request = self.factory.get('/', **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertIn('users', list(response.data))

        for user in response.data['users']:
            username = user['user']
            role = user['role']
            expected_role = 'owner' if username == 'denoinc' or \
                username == self.user.username else user_role
            self.assertEqual(role, expected_role)
 def test_orgs_get(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'get': 'retrieve'
     })
     request = self.factory.get('/', **self.extra)
     response = view(request)
     self.assertEqual(response.status_code, 400)
     self.assertEqual(
         response.data, {'detail': 'Expected URL keyword argument `user`.'})
     request = self.factory.get('/', **self.extra)
     response = view(request, user='******')
     self.assertNotEqual(response.get('Cache-Control'), None)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', list(response.data))
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertTrue(isinstance(user['user'], text))
Example #30
0
    def test_add_members_to_org_with_non_member_user(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({'post': 'members'})

        self._create_user_profile(extra_post_data={'username': '******'})
        data = {'username': '******'}
        previous_user = self.user
        alice_data = {'username': '******', 'email': '*****@*****.**'}
        self._login_user_and_profile(extra_post_data=alice_data)
        self.assertEqual(self.user.username, 'alice')
        self.assertNotEqual(previous_user, self.user)
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 404)
        self.assertNotEqual(set(response.data), set([u'denoinc', u'aboy']))
 def test_orgs_get_not_creator(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'get': 'retrieve'
     })
     alice_data = {'username': '******', 'email': '*****@*****.**'}
     previous_user = self.user
     self._login_user_and_profile(extra_post_data=alice_data)
     self.assertEqual(self.user.username, 'alice')
     self.assertNotEqual(previous_user,  self.user)
     request = self.factory.get('/', **self.extra)
     response = view(request, user='******')
     self.assertNotEqual(response.get('Last-Modified'), None)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', response.data.keys())
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertEqual(type(user['user']), unicode)
    def test_add_members_to_org_with_non_member_user(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })

        User.objects.create(username='******', )
        data = {'username': '******'}
        previous_user = self.user
        alice_data = {'username': '******', 'email': '*****@*****.**'}
        self._login_user_and_profile(extra_post_data=alice_data)
        self.assertEqual(self.user.username, 'alice')
        self.assertNotEqual(previous_user,  self.user)
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 404)
        self.assertNotEqual(set(response.data), set([u'denoinc', u'aboy']))
 def test_orgs_get_not_creator(self):
     self._org_create()
     view = OrganizationProfileViewSet.as_view({
         'get': 'retrieve'
     })
     alice_data = {'username': '******', 'email': '*****@*****.**'}
     previous_user = self.user
     self._login_user_and_profile(extra_post_data=alice_data)
     self.assertEqual(self.user.username, 'alice')
     self.assertNotEqual(previous_user, self.user)
     request = self.factory.get('/', **self.extra)
     response = view(request, user='******')
     self.assertNotEqual(response.get('Cache-Control'), None)
     self.assertEqual(response.status_code, 200)
     del self.company_data['metadata']
     self.assertEqual(response.data, self.company_data)
     self.assertIn('users', list(response.data))
     for user in response.data['users']:
         self.assertEqual(user['role'], 'owner')
         self.assertTrue(isinstance(user['user'], text))
    def test_put_change_role(self):
        self._org_create()
        newname = 'aboy'
        view = OrganizationProfileViewSet.as_view({
            'get': 'retrieve',
            'post': 'members',
            'put': 'members'
        })

        self.profile_data['username'] = newname
        self._create_user_profile()
        data = {'username': newname}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(sorted(response.data), sorted([u'denoinc', newname]))

        user_role = 'editor'
        data = {'username': newname, 'role': user_role}
        request = self.factory.put(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(sorted(response.data), sorted([u'denoinc', newname]))

        # getting profile
        request = self.factory.get('/', **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertIn('users', response.data.keys())

        for user in response.data['users']:
            username = user['user']
            role = user['role']
            expected_role = 'owner' if username == 'denoinc' else user_role
            self.assertEqual(role, expected_role)
Example #35
0
    def test_org_members_added_to_projects(self):
        # create org
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'get': 'retrieve',
            'put': 'members'
        })

        # create aboy
        self.profile_data['username'] = "******"
        aboy = self._create_user_profile().user

        data = {'username': '******', 'role': 'owner'}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        # create a proj
        project_data = {'owner': self.company_data['user']}
        self._project_create(project_data)
        self._publish_xls_form_to_project()

        # create alice
        self.profile_data['username'] = "******"
        alice = self._create_user_profile().user
        alice_data = {'username': '******', 'role': 'owner'}
        request = self.factory.post('/',
                                    data=json.dumps(alice_data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        # Assert that user added in org is added to proj
        self.assertTrue(OwnerRole.user_has_role(aboy, self.xform))
        self.assertTrue(OwnerRole.user_has_role(alice, self.xform))
Example #36
0
    def test_member_sees_orgs_added_to(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'get': 'list',
            'post': 'members'
        })

        member = 'aboy'
        cur_username = self.profile_data['username']
        self.profile_data['username'] = member
        self._login_user_and_profile()
        self.profile_data['username'] = cur_username
        self._login_user_and_profile()

        data = {'username': member}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))

        self.profile_data['username'] = member
        self._login_user_and_profile()

        expected_data = self.company_data
        expected_data['users'].append({
            'first_name': u'Bob',
            'last_name': u'erama',
            'role': 'member',
            'user': member,
            'gravatar': self.user.profile.gravatar,
        })
        del expected_data['metadata']

        request = self.factory.get('/', **self.extra)
        response = view(request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data, [expected_data])
    def test_add_members_to_org_user_org_account(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })

        username = '******'

        # Create second org
        org_data = {'org': username}
        self._org_create(org_data=org_data)

        data = {'username': username}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.data,
                         {'username': [u'Cannot add org account `second_inc` '
                                       u'as member.']})
    def test_add_members_to_org_email_custom_subj(self, mock_email):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })

        User.objects.create(username='******', email='*****@*****.**')
        data = {'username': '******',
                'email_msg': 'You have been add to denoinc',
                'email_subject': 'Your are made'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertTrue(mock_email.called)
        mock_email.assert_called_with('Your are made',
                                      u'You have been add to denoinc',
                                      '*****@*****.**',
                                      (u'*****@*****.**',))
        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))
Example #39
0
    def test_add_members_to_org_email_custom_subj(self, mock_email):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({'post': 'members'})

        User.objects.create(username='******', email='*****@*****.**')
        data = {
            'username': '******',
            'email_msg': 'You have been add to denoinc',
            'email_subject': 'Your are made'
        }
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertTrue(mock_email.called)
        mock_email.assert_called_with('Your are made',
                                      u'You have been add to denoinc',
                                      '*****@*****.**', (u'*****@*****.**', ))
        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))
Example #40
0
    def _org_create(self, org_data={}):
        view = OrganizationProfileViewSet.as_view({
            'get': 'list',
            'post': 'create'
        })
        request = self.factory.get('/', **self.extra)
        response = view(request)
        self.assertEqual(response.status_code, 200)
        data = {
            'org': u'denoinc',
            'name': u'Dennis',
            'city': u'Denoville',
            'country': u'US',
            'home_page': u'deno.com',
            'twitter': u'denoinc',
            'description': u'',
            'address': u'',
            'phonenumber': u'',
            'require_auth': False,
        }

        if org_data:
            data.update(org_data)

        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request)
        self.assertEqual(response.status_code, 201)
        data['url'] = 'http://testserver/api/v1/orgs/%s' % data['org']
        data['user'] = '******' % data['org']
        data['creator'] = 'http://testserver/api/v1/users/bob'
        self.assertDictContainsSubset(data, response.data)
        self.company_data = response.data
        self.organization = OrganizationProfile.objects.get(
            user__username=data['org'])
Example #41
0
    def test_add_members_to_org_email(self, mock_email):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({'post': 'members'})

        self.profile_data['username'] = '******'
        self.profile_data['email'] = '*****@*****.**'
        self._create_user_profile()
        data = {
            'username': '******',
            'email_msg': 'You have been add to denoinc'
        }
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertTrue(mock_email.called)
        mock_email.assert_called_with(
            'aboy, You have been added to Dennis'
            ' organisation.', u'You have been add to denoinc',
            '*****@*****.**', (u'*****@*****.**', ))
        self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))
 def setUp(self):
     super(self.__class__, self).setUp()
     self.view = OrganizationProfileViewSet.as_view({
         'get': 'list',
         'post': 'create'
     })
Example #43
0
    def test_remove_members_from_org(self):
        self._org_create()
        newname = 'aboy'
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'delete': 'members'
        })

        self._create_user_profile(extra_post_data={'username': newname})

        data = {'username': newname}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data), set([u'denoinc', newname]))

        request = self.factory.delete('/',
                                      json.dumps(data),
                                      content_type="application/json",
                                      **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data, [u'denoinc'])

        newname = 'aboy2'
        self._create_user_profile(extra_post_data={'username': newname})

        data = {'username': newname}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data), set([u'denoinc', newname]))

        request = self.factory.delete('/?username={}'.format(newname),
                                      **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.data, [u'denoinc'])

        # Removes users from org projects.
        # Create a project
        project_data = {'owner': self.company_data['user']}
        self._project_create(project_data)

        # Create alice
        alice = 'alice'
        self._create_user_profile(extra_post_data={'username': alice})
        alice_data = {'username': alice, 'role': 'owner'}
        request = self.factory.post('/',
                                    data=json.dumps(alice_data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)

        # alice is in project
        projectView = ProjectViewSet.as_view({'get': 'retrieve'})
        request = self.factory.get('/', **self.extra)
        response = projectView(request, pk=self.project.pk)
        project_users = response.data.get('users')
        users_in_users = [user['user'] for user in project_users]

        self.assertIn(alice, users_in_users)

        # remove alice from org
        request = self.factory.delete('/?username={}'.format(alice),
                                      **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        self.assertNotIn(response.data, [u'alice'])

        # alice is also removed from project
        projectView = ProjectViewSet.as_view({'get': 'retrieve'})
        request = self.factory.get('/', **self.extra)
        response = projectView(request, pk=self.project.pk)
        project_users = response.data.get('users')
        users_in_users = [user['user'] for user in project_users]

        self.assertNotIn(alice, users_in_users)
Example #44
0
    def test_owner_not_allowed_to_be_removed(self):
        self._org_create()
        view = OrganizationProfileViewSet.as_view({
            'post': 'members',
            'delete': 'members',
            'get': 'retrieve',
        })

        self.profile_data['username'] = "******"
        aboy = self._create_user_profile().user

        data = {'username': aboy.username, 'role': 'owner'}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data), set([u'denoinc', aboy.username]))

        self.profile_data['username'] = "******"
        aboy2 = self._create_user_profile().user

        data = {'username': aboy2.username, 'role': 'owner'}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 201)
        self.assertEqual(set(response.data),
                         set([u'denoinc', aboy.username, aboy2.username]))

        data = {'username': aboy2.username}
        request = self.factory.delete('/',
                                      json.dumps(data),
                                      content_type="application/json",
                                      **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)
        for user in [u'denoinc', aboy.username]:
            self.assertIn(user, response.data)

        # at this point we have bob and aboy as owners
        data = {'username': aboy.username}
        request = self.factory.delete('/',
                                      json.dumps(data),
                                      content_type="application/json",
                                      **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 200)

        # at this point we only have bob as the owner
        data = {'username': self.user.username}
        request = self.factory.delete('/',
                                      json.dumps(data),
                                      content_type="application/json",
                                      **self.extra)

        response = view(request, user='******')
        self.assertEqual(response.status_code, 400)
        self.assertEquals(response.data, {
            u'non_field_errors': [u'Organization cannot be without an owner']
        })
Example #45
0
    def test_non_owners_should_be_able_to_change_member_permissions(self):
        self._org_create()
        self._publish_xls_form_to_project()

        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)

        view = OrganizationProfileViewSet.as_view({'post': 'members'})

        data = {
            'username': chuck_profile.user.username,
            'role': OwnerRole.name
        }
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user=self.organization.user.username)

        self.assertEqual(response.status_code, 201)

        owners_team = get_organization_owners_team(self.organization)
        self.assertIn(chuck_profile.user, owners_team.user_set.all())

        alice_data = {'username': '******', 'email': '*****@*****.**'}
        alice_profile = self._create_user_profile(alice_data)

        data = {'username': alice_profile.user.username}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user=self.organization.user.username)

        self.assertEqual(response.status_code, 201)

        member_team = get_organization_members_team(self.organization)
        self.assertIn(alice_profile.user, member_team.user_set.all())

        view = TeamViewSet.as_view({'post': 'share'})

        post_data = {
            'role': EditorRole.name,
            'project': self.project.pk,
            'org': self.organization.user.username
        }
        request = self.factory.post('/', data=post_data, **self.extra)
        response = view(request, pk=member_team.pk)

        self.assertEqual(response.status_code, 204)

        post_data = {
            'role': ReadOnlyRole.name,
            'project': self.project.pk,
            'org': self.organization.user.username
        }

        extra = {
            'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token
        }
        request = self.factory.post('/', data=post_data, **extra)
        response = view(request, pk=member_team.pk)
        self.assertEqual(response.status_code, 204)