def setUp(self):
self.dep1 = DepartmentFactory.create()
self.dep2 = DepartmentFactory.create()
self.user1 = UserFactory.create()
self.user2 = UserFactory.create()
self.user3 = UserFactory.create()
self.user1.profile.departments.add(self.dep1, self.dep2)
self.user2.profile.departments.add(self.dep2)
def test_routing_expression_with_invalid_user_and_active(self):
department = DepartmentFactory.create()
expression = ExpressionFactory.create()
user = UserFactory.create()
routing_expression = RoutingExpression(
_expression=expression,
_department=department,
_user=user,
order=1,
is_active=True,
)
# User must be a member of the Department
with self.assertRaises(
ValidationError,
msg=
f'{user.username} is not part of department {department.name}'
):
routing_expression.save()
# Inactivate User is not allowed
user.profile.departments.add(department)
user.is_active = False
user.save()
with self.assertRaises(ValidationError,
msg=f'{user.username} is not active'):
routing_expression.save()
def test_show_contact_details(self):
"""
Users without "signals.sia_can_view_contact_details" permission cannot
see contact details of the reporter. PDFs generated for use with
CityControl always contain the contact details.
This test checks the intermediate HTML does or does not contain the
contact details as appropriate.
"""
# No "signals.sia_can_view_contact_details" and no CityControl/Sigmax
# override mean no contact details in intermediate HTML.
user = UserFactory.create()
html = PDFSummaryService._get_html(self.signal, user, False)
self.assertFalse(user.has_perm('signals.sia_can_view_contact_details'))
self.assertNotIn('*****@*****.**', html)
self.assertNotIn('0612345678', html)
# Check CityControl/Sigmax override
html = PDFSummaryService._get_html(self.signal, None, True)
self.assertIn('*****@*****.**', html)
self.assertIn('0612345678', html)
# Check user has "signals.sia_can_view_contact_details"
sia_can_view_contact_details = Permission.objects.get(
codename='sia_can_view_contact_details')
user.user_permissions.add(sia_can_view_contact_details)
user = User.objects.get(pk=user.id)
self.assertTrue(user.has_perm('signals.sia_can_view_contact_details'))
html = PDFSummaryService._get_html(self.signal, user, False)
self.assertIn('*****@*****.**', html)
self.assertIn('0612345678', html)
def test_get_user_no_view_user_permission(self):
user = UserFactory.create()
user.user_permissions.add(self.sia_read)
self.client.force_authenticate(user=user)
response = self.client.get(f'/signals/v1/private/users/{self.sia_read_write_user.pk}')
self.assertEqual(response.status_code, 403)
def sia_write_user(self):
user = UserFactory.create(
first_name='SIA-WRITE',
last_name='USer',
)
user.user_permissions.add(self.sia_write)
return user
def test_get_contact_details(self):
"""
Users without "signals.sia_can_view_contact_details" permission cannot
see contact details of the reporter. PDFs generated for use with
CityControl always contain the contact details.
This test checks the PDFSummaryService._get_contact_details method.
"""
# No "signals.sia_can_view_contact_details" and no CityControl/Sigmax
# override mean no contact details.
user = UserFactory.create()
email, phone = PDFSummaryService._get_contact_details(
self.signal, user, False)
self.assertFalse(user.has_perm('signals.sia_can_view_contact_details'))
self.assertEqual(email, '*****')
self.assertEqual(phone, '*****')
# Check CityControl/Sigmax override
email, phone = PDFSummaryService._get_contact_details(
self.signal, None, True)
self.assertEqual(email, '*****@*****.**')
self.assertEqual(phone, '0612345678')
# Check user has "signals.sia_can_view_contact_details"
sia_can_view_contact_details = Permission.objects.get(
codename='sia_can_view_contact_details')
user.user_permissions.add(sia_can_view_contact_details)
user = User.objects.get(pk=user.id)
self.assertTrue(user.has_perm('signals.sia_can_view_contact_details'))
email, phone = PDFSummaryService._get_contact_details(
self.signal, user, False)
self.assertEqual(email, '*****@*****.**')
self.assertEqual(phone, '0612345678')
def sia_read_user(self):
user = UserFactory.create(
first_name='SIA-READ',
last_name='User',
)
user.user_permissions.add(self.sia_read)
return user
def setUp(self):
self.super_user = SuperUserFactory.create(
email='*****@*****.**')
self.normal_user = UserFactory.create(
username='******',
email='*****@*****.**',
)
def sia_read_write_user(self):
user = UserFactory.create(
first_name='SIA-READ-WRITE',
last_name='User',
)
user.user_permissions.add(self.sia_read)
user.user_permissions.add(self.sia_write)
user.groups.add(self.sia_test_group)
return user
def test_get_users_no_view_user_permission(self):
"""
Check if a user that has no "view_user" rights is not able to retrieve the list of users
"""
user = UserFactory.create()
user.user_permissions.add(self.sia_read)
self.client.force_authenticate(user=user)
response = self.client.get('/signals/v1/private/users/')
self.assertEqual(response.status_code, 403)
def test_get_contact_details_no_contact_details_and_no_permissions(self):
"""
Check that missing contact details are not turned into '*****' when not
allowed to view reporter contact details.
"""
self.signal.reporter.email = None
self.signal.reporter.phone = None
self.signal.reporter.save()
self.signal.refresh_from_db()
user = UserFactory.create()
self.assertFalse(user.has_perm('signals.sia_can_view_contact_details'))
email, phone = PDFSummaryService._get_contact_details(
self.signal, user, False)
self.assertEqual(email, None)
self.assertEqual(phone, None)
def test_get_currently_logged_in_user_no_view_user_permission(self):
user = UserFactory.create()
user.user_permissions.add(self.sia_read)
self.client.force_authenticate(user=user)
response = self.client.get('/signals/v1/private/me/')
self.assertEqual(response.status_code, 200)
response_data = response.json()
self.assertEqual(response_data['id'], user.pk)
self.assertEqual(response_data['username'], user.username)
self.assertEqual(response_data['email'], user.email)
self.assertTrue(response_data['is_active'])
self.assertFalse(response_data['is_staff'])
self.assertFalse(response_data['is_superuser'])
self.assertEqual(len(response_data['roles']), 0)
self.assertEqual(len(response_data['permissions']), 1)
def test_routing_expression_with_valid_user_and_not_active(self):
department = DepartmentFactory.create()
expression = ExpressionFactory.create()
user = UserFactory.create()
user.profile.departments.add(department)
routing_expression = RoutingExpression(
_expression=expression,
_department=department,
_user=user,
order=1,
is_active=False,
)
routing_expression.save()
self.assertEqual(routing_expression._department_id, department.id)
self.assertEqual(routing_expression._user_id, user.id)
def test_routing_with_user_no_longer_active(self):
department = DepartmentFactory.create()
user = UserFactory.create()
user.profile.departments.add(department)
geometry = geos.MultiPolygon([
geos.Polygon.from_bbox([4.877157, 52.357204, 4.929686, 52.385239])
],
srid=4326)
area = AreaFactory.create(geometry=geometry,
name='centrum',
code='centrum',
_type__name='gebied',
_type__code='stadsdeel')
expression_routing_type = ExpressionTypeFactory.create(name="routing")
expression = ExpressionFactory.create(
_type=expression_routing_type,
name="test outside",
code=f'location in areas."{area._type.name}"."{area.code}"')
routing_expression = RoutingExpressionFactory.create(
_expression=expression, _department=department, _user=user)
self.assertTrue(routing_expression.is_active)
# In the mean time the user has been deactived
user.is_active = False
user.save()
signal = SignalFactory.create(
location__geometrie=geos.Point(4.88, 52.36))
self.assertIsNone(signal.user_assignment)
# simulate applying routing rules
dsl_service = SignalDslService()
dsl_service.process_routing_rules(signal)
signal.refresh_from_db()
self.assertIsNone(signal.user_assignment)
routing_expression.refresh_from_db()
self.assertFalse(routing_expression.is_active)
def test_routing_expression_with_invalid_user_and_update_active(self):
"""
Validation of the User will only be triggered if a RoutingExpression is set to active.
If a RoutingExpression is made with active is False and in the time between activation the User is no longer
member of the associated Department this will trigger and the RoutingExpression must be fixed before saving.
"""
department = DepartmentFactory.create()
expression = ExpressionFactory.create()
user = UserFactory.create()
routing_expression = RoutingExpression(
_expression=expression,
_department=department,
_user=user,
order=1,
is_active=False,
)
routing_expression.save()
self.assertEqual(routing_expression._department_id, department.id)
self.assertEqual(routing_expression._user_id, user.id)
# User must be a member of the Department
routing_expression.is_active = True
with self.assertRaises(ValidationError):
routing_expression.save()
# Inactivate User and not a member of the Department is not allowed
user.is_active = False
user.save()
with self.assertRaises(ValidationError):
routing_expression.save()
# Inactivate User is not allowed
user.profile.departments.add(department)
with self.assertRaises(ValidationError):
routing_expression.save()
def user(self):
return UserFactory.create(
first_name='User',
last_name='Simple',
)
def setUp(self):
UserFactory.create(username='******')
UserFactory.create(username='******')
UserFactory.create(username='******')
UserFactory.create(username='******')