class RetrieveMotion(TestCase):
"""
Tests retrieving a motion (with poll results).
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(title='test_title_uj5eeSiedohSh3ohyaaj',
text='test_text_ithohchaeThohmae5aug')
self.motion.save()
self.motion.create_poll()
def test_number_of_queries(self):
with self.assertNumQueries(17):
self.client.get(reverse('motion-detail', args=[self.motion.pk]))
class CreateMotionPoll(TestCase):
"""
Tests creating polls of motions.
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(title='test_title_Aiqueigh2dae9phabiqu',
text='test_text_Neekoh3zou6li5rue8iL')
self.motion.save()
def test_create_first_poll_with_values_then_second_poll_without(self):
self.poll = self.motion.create_poll()
self.poll.set_vote_objects_with_values(self.poll.get_options().get(), {
'Yes': 42,
'No': 43,
'Abstain': 44
})
response = self.client.post(
reverse('motion-create-poll', args=[self.motion.pk]))
self.assertEqual(self.motion.polls.count(), 2)
response = self.client.get(
reverse('motion-detail', args=[self.motion.pk]))
for key in ('yes', 'no', 'abstain'):
self.assertTrue(response.data['polls'][1][key] is None,
'Vote value "{}" should be None.'.format(key))
class RetrieveMotion(TestCase):
"""
Tests retrieving a motion (with poll results).
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(
title='test_title_uj5eeSiedohSh3ohyaaj',
text='test_text_ithohchaeThohmae5aug')
self.motion.save()
self.motion.create_poll()
def test_number_of_queries(self):
with self.assertNumQueries(16):
self.client.get(reverse('motion-detail', args=[self.motion.pk]))
class RetrieveMotion(TestCase):
"""
Tests retrieving a motion (with poll results).
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(
title='test_title_uj5eeSiedohSh3ohyaaj',
text='test_text_ithohchaeThohmae5aug')
self.motion.save()
self.motion.create_poll()
def test_number_of_queries(self):
with self.assertNumQueries(16):
self.client.get(reverse('motion-detail', args=[self.motion.pk]))
def test__guest_state_with_required_permission_to_see(self):
config['general_system_enable_anonymous'] = True
guest_client = APIClient()
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_leeceiz9hi7iuta4ahY2'
state.save()
response = guest_client.get(reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_admin_state_with_required_permission_to_see(self):
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_coo1Iewu8Eing2xahfoo'
state.save()
response = self.client.get(reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_submitter_state_with_required_permission_to_see(self):
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_eiW8af9caizoh1thaece'
state.save()
user = get_user_model().objects.create_user(
username='******',
password='******')
self.motion.submitters.add(user)
submitter_client = APIClient()
submitter_client.login(
username='******',
password='******')
response = submitter_client.get(reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_200_OK)
class UpdateMotionPoll(TestCase):
"""
Tests updating polls of motions.
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(title='test_title_Aiqueigh2dae9phabiqu',
text='test_text_Neekoh3zou6li5rue8iL')
self.motion.save()
self.poll = self.motion.create_poll()
def test_invalid_votesvalid_value(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]), {
'motion_id': self.motion.pk,
'votesvalid': '-3'
})
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_invalid_votesinvalid_value(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]), {
'motion_id': self.motion.pk,
'votesinvalid': '-3'
})
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_invalid_votescast_value(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]), {
'motion_id': self.motion.pk,
'votescast': '-3'
})
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_empty_value_for_votesvalid(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]), {
'motion_id': self.motion.pk,
'votesvalid': ''
})
self.assertEqual(response.status_code, status.HTTP_200_OK)
class CreateMotionPoll(TestCase):
"""
Tests creating polls of motions.
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(
title='test_title_Aiqueigh2dae9phabiqu',
text='test_text_Neekoh3zou6li5rue8iL')
self.motion.save()
def test_create_first_poll_with_values_then_second_poll_without(self):
self.poll = self.motion.create_poll()
self.poll.set_vote_objects_with_values(self.poll.get_options().get(), {'Yes': 42, 'No': 43, 'Abstain': 44})
response = self.client.post(
reverse('motion-create-poll', args=[self.motion.pk]))
self.assertEqual(self.motion.polls.count(), 2)
response = self.client.get(reverse('motion-detail', args=[self.motion.pk]))
for key in ('yes', 'no', 'abstain'):
self.assertTrue(response.data['polls'][1][key] is None, 'Vote value "{}" should be None.'.format(key))
class UpdateMotionPoll(TestCase):
"""
Tests updating polls of motions.
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(
title='test_title_Aiqueigh2dae9phabiqu',
text='test_text_Neekoh3zou6li5rue8iL')
self.motion.save()
self.poll = self.motion.create_poll()
def test_invalid_votesvalid_value(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]),
{'motion_id': self.motion.pk,
'votesvalid': '-3'})
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_invalid_votesinvalid_value(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]),
{'motion_id': self.motion.pk,
'votesinvalid': '-3'})
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_invalid_votescast_value(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]),
{'motion_id': self.motion.pk,
'votescast': '-3'})
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_empty_value_for_votesvalid(self):
response = self.client.put(
reverse('motionpoll-detail', args=[self.poll.pk]),
{'motion_id': self.motion.pk,
'votesvalid': ''})
self.assertEqual(response.status_code, status.HTTP_200_OK)
class RetrieveMotion(TestCase):
"""
Tests retrieving a motion (with poll results).
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(title='test_title_uj5eeSiedohSh3ohyaaj',
text='test_text_ithohchaeThohmae5aug')
self.motion.save()
self.motion.create_poll()
for index in range(10):
get_user_model().objects.create_user(
username='******'.format(index), password='******')
def test_number_of_queries(self):
"""
Tests that only the following db queries are done:
* 7 requests to get the session and the request user with its permissions (3 of them are possibly a bug)
* 1 request to get the motion,
* 1 request to get the version,
* 1 request to get the agenda item,
* 1 request to get the log,
* 3 request to get the polls (1 of them is possibly a bug),
* 1 request to get the attachments,
* 1 request to get the tags,
* 2 requests to get the submitters and supporters.
TODO: Fix all bugs.
"""
get_redis_connection('default').flushall()
with self.assertNumQueries(18):
self.client.get(reverse('motion-detail', args=[self.motion.pk]))
def test_guest_state_with_required_permission_to_see(self):
config['general_system_enable_anonymous'] = True
guest_client = APIClient()
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_leeceiz9hi7iuta4ahY2'
state.save()
# The cache has to be cleared, see:
# https://github.com/OpenSlides/OpenSlides/issues/3396
get_redis_connection('default').flushall()
response = guest_client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_admin_state_with_required_permission_to_see(self):
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_coo1Iewu8Eing2xahfoo'
state.save()
response = self.client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_submitter_state_with_required_permission_to_see(self):
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_eiW8af9caizoh1thaece'
state.save()
user = get_user_model().objects.create_user(
username='******',
password='******')
self.motion.submitters.add(user)
submitter_client = APIClient()
submitter_client.force_login(user)
response = submitter_client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_user_without_can_see_user_permission_to_see_motion_and_submitter_data(
self):
self.motion.submitters.add(
get_user_model().objects.get(username='******'))
group = Group.objects.get(
pk=1) # Group with pk 1 is for anonymous and default users.
permission_string = 'users.can_see_name'
app_label, codename = permission_string.split('.')
permission = group.permissions.get(content_type__app_label=app_label,
codename=codename)
group.permissions.remove(permission)
config['general_system_enable_anonymous'] = True
guest_client = APIClient()
get_redis_connection('default').flushall()
response_1 = guest_client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response_1.status_code, status.HTTP_200_OK)
response_2 = guest_client.get(
reverse('user-detail', args=[response_1.data['submitters_id'][0]]))
self.assertEqual(response_2.status_code, status.HTTP_200_OK)
extra_user = get_user_model().objects.create_user(
username='******',
password='******')
get_redis_connection('default').flushall()
response_3 = guest_client.get(
reverse('user-detail', args=[extra_user.pk]))
self.assertEqual(response_3.status_code, status.HTTP_403_FORBIDDEN)
class RetrieveMotion(TestCase):
"""
Tests retrieving a motion (with poll results).
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='******', password='******')
self.motion = Motion(title='test_title_uj5eeSiedohSh3ohyaaj',
text='test_text_ithohchaeThohmae5aug')
self.motion.save()
self.motion.create_poll()
@use_cache()
def test_number_of_queries(self):
with self.assertNumQueries(18):
self.client.get(reverse('motion-detail', args=[self.motion.pk]))
def test_guest_state_with_required_permission_to_see(self):
config['general_system_enable_anonymous'] = True
guest_client = APIClient()
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_leeceiz9hi7iuta4ahY2'
state.save()
response = guest_client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_admin_state_with_required_permission_to_see(self):
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_coo1Iewu8Eing2xahfoo'
state.save()
response = self.client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_submitter_state_with_required_permission_to_see(self):
state = self.motion.state
state.required_permission_to_see = 'permission_that_the_user_does_not_have_eiW8af9caizoh1thaece'
state.save()
user = get_user_model().objects.create_user(
username='******',
password='******')
self.motion.submitters.add(user)
submitter_client = APIClient()
submitter_client.force_login(user)
response = submitter_client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_user_without_can_see_user_permission_to_see_motion_and_submitter_data(
self):
self.motion.submitters.add(
get_user_model().objects.get(username='******'))
group = get_user_model().groups.field.related_model.objects.get(
pk=1) # Group with pk 1 is for anonymous and default users.
permission_string = 'users.can_see_name'
app_label, codename = permission_string.split('.')
permission = group.permissions.get(content_type__app_label=app_label,
codename=codename)
group.permissions.remove(permission)
config['general_system_enable_anonymous'] = True
guest_client = APIClient()
response_1 = guest_client.get(
reverse('motion-detail', args=[self.motion.pk]))
self.assertEqual(response_1.status_code, status.HTTP_200_OK)
response_2 = guest_client.get(
reverse('user-detail', args=[response_1.data['submitters_id'][0]]))
self.assertEqual(response_2.status_code, status.HTTP_200_OK)
extra_user = get_user_model().objects.create_user(
username='******',
password='******')
response_3 = guest_client.get(
reverse('user-detail', args=[extra_user.pk]))
self.assertEqual(response_3.status_code, status.HTTP_403_FORBIDDEN)
