Example #1
0
    def setUp(self):
        self.dep1 = DepartmentFactory.create()
        self.dep2 = DepartmentFactory.create()
        self.user1 = UserFactory.create()
        self.user2 = UserFactory.create()
        self.user3 = UserFactory.create()

        self.user1.profile.departments.add(self.dep1, self.dep2)
        self.user2.profile.departments.add(self.dep2)
    def test_routing_expression_with_invalid_user_and_active(self):
        department = DepartmentFactory.create()
        expression = ExpressionFactory.create()
        user = UserFactory.create()

        routing_expression = RoutingExpression(
            _expression=expression,
            _department=department,
            _user=user,
            order=1,
            is_active=True,
        )

        # User must be a member of the Department
        with self.assertRaises(
                ValidationError,
                msg=
                f'{user.username} is not part of department {department.name}'
        ):
            routing_expression.save()

        # Inactivate User is not allowed
        user.profile.departments.add(department)
        user.is_active = False
        user.save()
        with self.assertRaises(ValidationError,
                               msg=f'{user.username} is not active'):
            routing_expression.save()
Example #3
0
    def test_show_contact_details(self):
        """
        Users without "signals.sia_can_view_contact_details" permission cannot
        see contact details of the reporter. PDFs generated for use with
        CityControl always contain the contact details.

        This test checks the intermediate HTML does or does not contain the
        contact details as appropriate.
        """
        # No "signals.sia_can_view_contact_details" and no CityControl/Sigmax
        # override mean no contact details in intermediate HTML.
        user = UserFactory.create()
        html = PDFSummaryService._get_html(self.signal, user, False)
        self.assertFalse(user.has_perm('signals.sia_can_view_contact_details'))
        self.assertNotIn('*****@*****.**', html)
        self.assertNotIn('0612345678', html)

        # Check CityControl/Sigmax override
        html = PDFSummaryService._get_html(self.signal, None, True)
        self.assertIn('*****@*****.**', html)
        self.assertIn('0612345678', html)

        # Check user has "signals.sia_can_view_contact_details"
        sia_can_view_contact_details = Permission.objects.get(
            codename='sia_can_view_contact_details')
        user.user_permissions.add(sia_can_view_contact_details)
        user = User.objects.get(pk=user.id)

        self.assertTrue(user.has_perm('signals.sia_can_view_contact_details'))
        html = PDFSummaryService._get_html(self.signal, user, False)
        self.assertIn('*****@*****.**', html)
        self.assertIn('0612345678', html)
Example #4
0
    def test_get_user_no_view_user_permission(self):
        user = UserFactory.create()
        user.user_permissions.add(self.sia_read)
        self.client.force_authenticate(user=user)

        response = self.client.get(f'/signals/v1/private/users/{self.sia_read_write_user.pk}')
        self.assertEqual(response.status_code, 403)
Example #5
0
 def sia_write_user(self):
     user = UserFactory.create(
         first_name='SIA-WRITE',
         last_name='USer',
     )
     user.user_permissions.add(self.sia_write)
     return user
Example #6
0
    def test_get_contact_details(self):
        """
        Users without "signals.sia_can_view_contact_details" permission cannot
        see contact details of the reporter. PDFs generated for use with
        CityControl always contain the contact details.

        This test checks the PDFSummaryService._get_contact_details method.
        """
        # No "signals.sia_can_view_contact_details" and no CityControl/Sigmax
        # override mean no contact details.
        user = UserFactory.create()
        email, phone = PDFSummaryService._get_contact_details(
            self.signal, user, False)
        self.assertFalse(user.has_perm('signals.sia_can_view_contact_details'))
        self.assertEqual(email, '*****')
        self.assertEqual(phone, '*****')

        # Check CityControl/Sigmax override
        email, phone = PDFSummaryService._get_contact_details(
            self.signal, None, True)
        self.assertEqual(email, '*****@*****.**')
        self.assertEqual(phone, '0612345678')

        # Check user has "signals.sia_can_view_contact_details"
        sia_can_view_contact_details = Permission.objects.get(
            codename='sia_can_view_contact_details')
        user.user_permissions.add(sia_can_view_contact_details)
        user = User.objects.get(pk=user.id)

        self.assertTrue(user.has_perm('signals.sia_can_view_contact_details'))
        email, phone = PDFSummaryService._get_contact_details(
            self.signal, user, False)
        self.assertEqual(email, '*****@*****.**')
        self.assertEqual(phone, '0612345678')
Example #7
0
 def sia_read_user(self):
     user = UserFactory.create(
         first_name='SIA-READ',
         last_name='User',
     )
     user.user_permissions.add(self.sia_read)
     return user
Example #8
0
 def setUp(self):
     self.super_user = SuperUserFactory.create(
         email='*****@*****.**')
     self.normal_user = UserFactory.create(
         username='******',
         email='*****@*****.**',
     )
Example #9
0
 def sia_read_write_user(self):
     user = UserFactory.create(
         first_name='SIA-READ-WRITE',
         last_name='User',
     )
     user.user_permissions.add(self.sia_read)
     user.user_permissions.add(self.sia_write)
     user.groups.add(self.sia_test_group)
     return user
Example #10
0
    def test_get_users_no_view_user_permission(self):
        """
        Check if a user that has no "view_user" rights is not able to retrieve the list of users
        """
        user = UserFactory.create()
        user.user_permissions.add(self.sia_read)
        self.client.force_authenticate(user=user)

        response = self.client.get('/signals/v1/private/users/')
        self.assertEqual(response.status_code, 403)
Example #11
0
    def test_get_contact_details_no_contact_details_and_no_permissions(self):
        """
        Check that missing contact details are not turned into '*****' when not
        allowed to view reporter contact details.
        """
        self.signal.reporter.email = None
        self.signal.reporter.phone = None
        self.signal.reporter.save()
        self.signal.refresh_from_db()

        user = UserFactory.create()
        self.assertFalse(user.has_perm('signals.sia_can_view_contact_details'))
        email, phone = PDFSummaryService._get_contact_details(
            self.signal, user, False)
        self.assertEqual(email, None)
        self.assertEqual(phone, None)
Example #12
0
    def test_get_currently_logged_in_user_no_view_user_permission(self):
        user = UserFactory.create()
        user.user_permissions.add(self.sia_read)
        self.client.force_authenticate(user=user)

        response = self.client.get('/signals/v1/private/me/')
        self.assertEqual(response.status_code, 200)

        response_data = response.json()
        self.assertEqual(response_data['id'], user.pk)
        self.assertEqual(response_data['username'], user.username)
        self.assertEqual(response_data['email'], user.email)
        self.assertTrue(response_data['is_active'])
        self.assertFalse(response_data['is_staff'])
        self.assertFalse(response_data['is_superuser'])
        self.assertEqual(len(response_data['roles']), 0)
        self.assertEqual(len(response_data['permissions']), 1)
    def test_routing_expression_with_valid_user_and_not_active(self):
        department = DepartmentFactory.create()
        expression = ExpressionFactory.create()
        user = UserFactory.create()
        user.profile.departments.add(department)

        routing_expression = RoutingExpression(
            _expression=expression,
            _department=department,
            _user=user,
            order=1,
            is_active=False,
        )
        routing_expression.save()

        self.assertEqual(routing_expression._department_id, department.id)
        self.assertEqual(routing_expression._user_id, user.id)
Example #14
0
    def test_routing_with_user_no_longer_active(self):
        department = DepartmentFactory.create()
        user = UserFactory.create()
        user.profile.departments.add(department)

        geometry = geos.MultiPolygon([
            geos.Polygon.from_bbox([4.877157, 52.357204, 4.929686, 52.385239])
        ],
                                     srid=4326)
        area = AreaFactory.create(geometry=geometry,
                                  name='centrum',
                                  code='centrum',
                                  _type__name='gebied',
                                  _type__code='stadsdeel')

        expression_routing_type = ExpressionTypeFactory.create(name="routing")
        expression = ExpressionFactory.create(
            _type=expression_routing_type,
            name="test outside",
            code=f'location in areas."{area._type.name}"."{area.code}"')

        routing_expression = RoutingExpressionFactory.create(
            _expression=expression, _department=department, _user=user)
        self.assertTrue(routing_expression.is_active)

        # In the mean time the user has been deactived
        user.is_active = False
        user.save()

        signal = SignalFactory.create(
            location__geometrie=geos.Point(4.88, 52.36))
        self.assertIsNone(signal.user_assignment)

        # simulate applying routing rules
        dsl_service = SignalDslService()

        dsl_service.process_routing_rules(signal)

        signal.refresh_from_db()
        self.assertIsNone(signal.user_assignment)

        routing_expression.refresh_from_db()
        self.assertFalse(routing_expression.is_active)
    def test_routing_expression_with_invalid_user_and_update_active(self):
        """
        Validation of the User will only be triggered if a RoutingExpression is set to active.
        If a RoutingExpression is made with active is False and in the time between activation the User is no longer
        member of the associated Department this will trigger and the RoutingExpression must be fixed before saving.
        """
        department = DepartmentFactory.create()
        expression = ExpressionFactory.create()
        user = UserFactory.create()

        routing_expression = RoutingExpression(
            _expression=expression,
            _department=department,
            _user=user,
            order=1,
            is_active=False,
        )
        routing_expression.save()

        self.assertEqual(routing_expression._department_id, department.id)
        self.assertEqual(routing_expression._user_id, user.id)

        # User must be a member of the Department
        routing_expression.is_active = True
        with self.assertRaises(ValidationError):
            routing_expression.save()

        # Inactivate User and not a member of the Department is not allowed
        user.is_active = False
        user.save()
        with self.assertRaises(ValidationError):
            routing_expression.save()

        # Inactivate User is not allowed
        user.profile.departments.add(department)
        with self.assertRaises(ValidationError):
            routing_expression.save()
Example #16
0
 def user(self):
     return UserFactory.create(
         first_name='User',
         last_name='Simple',
     )
Example #17
0
 def setUp(self):
     UserFactory.create(username='******')
     UserFactory.create(username='******')
     UserFactory.create(username='******')
     UserFactory.create(username='******')