def test_milestone_update(client, data):
public_url = reverse('milestones-detail', kwargs={"pk": data.public_milestone.pk})
private_url1 = reverse('milestones-detail', kwargs={"pk": data.private_milestone1.pk})
private_url2 = reverse('milestones-detail', kwargs={"pk": data.private_milestone2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
milestone_data = MilestoneSerializer(data.public_milestone).data
milestone_data["name"] = "test"
milestone_data = json.dumps(milestone_data)
results = helper_test_http_method(client, 'put', public_url, milestone_data, users)
assert results == [401, 403, 403, 200, 200]
milestone_data = MilestoneSerializer(data.private_milestone1).data
milestone_data["name"] = "test"
milestone_data = json.dumps(milestone_data)
results = helper_test_http_method(client, 'put', private_url1, milestone_data, users)
assert results == [401, 403, 403, 200, 200]
milestone_data = MilestoneSerializer(data.private_milestone2).data
milestone_data["name"] = "test"
milestone_data = json.dumps(milestone_data)
results = helper_test_http_method(client, 'put', private_url2, milestone_data, users)
assert results == [401, 403, 403, 200, 200]
def test_wiki_link_patch(client, data):
public_url = reverse('wiki-links-detail', kwargs={"pk": data.public_wiki_link.pk})
private_url1 = reverse('wiki-links-detail', kwargs={"pk": data.private_wiki_link1.pk})
private_url2 = reverse('wiki-links-detail', kwargs={"pk": data.private_wiki_link2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version") as _validate_and_update_version_mock:
patch_data = json.dumps({"title": "test"})
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
assert results == [401, 200, 200, 200, 200]
patch_data = json.dumps({"title": "test"})
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
assert results == [401, 200, 200, 200, 200]
patch_data = json.dumps({"title": "test"})
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
assert results == [401, 403, 403, 200, 200]
def test_not_send_notifications_on_unassigned_if_executer_and_unassigned_match(client, mail):
project = f.ProjectFactory.create()
role = f.RoleFactory.create(project=project, permissions=['modify_issue', 'view_issues', 'view_us', 'view_tasks', 'view_wiki_pages'])
member1 = f.MembershipFactory.create(project=project, role=role)
member2 = f.MembershipFactory.create(project=project, role=role)
issue = f.IssueFactory.create(project=project,
owner=member1.user,
milestone=None,
status=project.default_issue_status,
severity=project.default_severity,
priority=project.default_priority,
type=project.default_issue_type)
take_snapshot(issue, user=issue.owner)
client.login(member1.user)
url = reverse("issues-detail", args=[issue.pk])
data = {
"assigned_to": member1.user.id,
"version": issue.version
}
response = client.json.patch(url, json.dumps(data))
assert len(mail.outbox) == 0
mail.outbox = []
data = {
"assigned_to": None,
"version": issue.version + 1
}
response = client.json.patch(url, json.dumps(data))
assert len(mail.outbox) == 0
def test_wiki_link_update(client, data):
public_url = reverse('wiki-links-detail', kwargs={"pk": data.public_wiki_link.pk})
private_url1 = reverse('wiki-links-detail', kwargs={"pk": data.private_wiki_link1.pk})
private_url2 = reverse('wiki-links-detail', kwargs={"pk": data.private_wiki_link2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version") as _validate_and_update_version_mock:
wiki_link_data = WikiLinkSerializer(data.public_wiki_link).data
wiki_link_data["title"] = "test"
wiki_link_data = json.dumps(wiki_link_data)
results = helper_test_http_method(client, 'put', public_url, wiki_link_data, users)
assert results == [401, 200, 200, 200, 200]
wiki_link_data = WikiLinkSerializer(data.private_wiki_link1).data
wiki_link_data["title"] = "test"
wiki_link_data = json.dumps(wiki_link_data)
results = helper_test_http_method(client, 'put', private_url1, wiki_link_data, users)
assert results == [401, 200, 200, 200, 200]
wiki_link_data = WikiLinkSerializer(data.private_wiki_link2).data
wiki_link_data["title"] = "test"
wiki_link_data = json.dumps(wiki_link_data)
results = helper_test_http_method(client, 'put', private_url2, wiki_link_data, users)
assert results == [401, 403, 403, 200, 200]
def test_api_update_orders_in_bulk(client):
project = f.create_project()
f.MembershipFactory.create(project=project, user=project.owner, is_admin=True)
us1 = f.create_userstory(project=project)
us2 = f.create_userstory(project=project)
url1 = reverse("userstories-bulk-update-backlog-order")
url2 = reverse("userstories-bulk-update-kanban-order")
url3 = reverse("userstories-bulk-update-sprint-order")
data = {
"project_id": project.id,
"bulk_stories": [{"us_id": us1.id, "order": 1},
{"us_id": us2.id, "order": 2}]
}
client.login(project.owner)
response1 = client.json.post(url1, json.dumps(data))
response2 = client.json.post(url2, json.dumps(data))
response3 = client.json.post(url3, json.dumps(data))
assert response1.status_code == 204, response1.data
assert response2.status_code == 204, response2.data
assert response3.status_code == 204, response3.data
def test_api_update_order_in_bulk_invalid_user_story(client):
project = f.create_project()
f.MembershipFactory.create(project=project, user=project.owner, is_admin=True)
us1 = f.create_userstory(project=project)
task1 = f.create_task(project=project, user_story=us1)
task2 = f.create_task(project=project, user_story=us1)
task3 = f.create_task(project=project)
url1 = reverse("tasks-bulk-update-taskboard-order")
url2 = reverse("tasks-bulk-update-us-order")
data = {
"project_id": project.id,
"us_id": us1.id,
"bulk_tasks": [{"task_id": task1.id, "order": 1},
{"task_id": task2.id, "order": 2},
{"task_id": task3.id, "order": 3}]
}
client.login(project.owner)
response1 = client.json.post(url1, json.dumps(data))
response2 = client.json.post(url2, json.dumps(data))
assert response1.status_code == 400, response1.data
assert response2.status_code == 400, response2.data
def test_api_task_add_new_tags_with_error(client):
project = f.ProjectFactory.create()
task = f.create_task(project=project, status__project=project, milestone=None, user_story=None)
f.MembershipFactory.create(project=project, user=task.owner, is_admin=True)
url = reverse("tasks-detail", kwargs={"pk": task.pk})
data = {"tags": [], "version": task.version}
client.login(task.owner)
data["tags"] = [1]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [["back"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [["back", "#cccc"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [[1, "#ccc"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
def test_webhook_update(client, data):
url1 = reverse('webhooks-detail', kwargs={"pk": data.webhook1.pk})
url2 = reverse('webhooks-detail', kwargs={"pk": data.webhook2.pk})
blocked_url = reverse('webhooks-detail', kwargs={"pk": data.blocked_webhook.pk})
users = [
None,
data.registered_user,
data.project_owner
]
webhook_data = WebhookSerializer(data.webhook1).data
webhook_data["key"] = "test"
webhook_data = json.dumps(webhook_data)
results = helper_test_http_method(client, 'put', url1, webhook_data, users)
assert results == [401, 403, 200]
webhook_data = WebhookSerializer(data.webhook2).data
webhook_data["key"] = "test"
webhook_data = json.dumps(webhook_data)
results = helper_test_http_method(client, 'put', url2, webhook_data, users)
assert results == [401, 403, 403]
webhook_data = WebhookSerializer(data.blocked_webhook).data
webhook_data["key"] = "test"
webhook_data = json.dumps(webhook_data)
results = helper_test_http_method(client, 'put', blocked_url, webhook_data, users)
assert results == [401, 403, 451]
def test_webhook_create(client, data):
url = reverse('webhooks-list')
users = [
None,
data.registered_user,
data.project_owner
]
create_data = json.dumps({
"name": "Test",
"url": "http://test.com",
"key": "test",
"project": data.project1.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users, lambda: Webhook.objects.all().delete())
assert results == [401, 403, 201]
create_data = json.dumps({
"name": "Test",
"url": "http://test.com",
"key": "test",
"project": data.project2.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users, lambda: Webhook.objects.all().delete())
assert results == [401, 403, 403]
create_data = json.dumps({
"name": "Test",
"url": "http://test.com",
"key": "test",
"project": data.blocked_project.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users, lambda: Webhook.objects.all().delete())
assert results == [401, 403, 451]
def test_user_story_patch_comment(client, data):
public_url = reverse('userstories-detail', kwargs={"pk": data.public_user_story.pk})
private_url1 = reverse('userstories-detail', kwargs={"pk": data.private_user_story1.pk})
private_url2 = reverse('userstories-detail', kwargs={"pk": data.private_user_story2.pk})
blocked_url = reverse('userstories-detail', kwargs={"pk": data.blocked_user_story.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
patch_data = json.dumps({"comment": "test comment", "version": data.public_user_story.version})
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"comment": "test comment", "version": data.private_user_story1.version})
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"comment": "test comment", "version": data.private_user_story2.version})
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"comment": "test comment", "version": data.blocked_user_story.version})
results = helper_test_http_method(client, 'patch', blocked_url, patch_data, users)
assert results == [401, 403, 403, 451, 451]
def test_user_story_action_bulk_create(client, data):
url = reverse('userstories-bulk-create')
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.public_user_story.project.pk})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.private_user_story1.project.pk})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.private_user_story2.project.pk})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.blocked_user_story.project.pk})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 451, 451]
def test_api_issue_add_new_tags_with_error(client):
project = f.ProjectFactory.create()
issue = f.create_issue(project=project, status__project=project)
f.MembershipFactory.create(project=project, user=issue.owner, is_admin=True)
url = reverse("issues-detail", kwargs={"pk": issue.pk})
data = {
"tags": [],
"version": issue.version
}
client.login(issue.owner)
data["tags"] = [1]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [["back"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [["back", "#cccc"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [[1, "#ccc"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
def test_user_story_update(client, data):
public_url = reverse('userstories-detail', kwargs={"pk": data.public_user_story.pk})
private_url1 = reverse('userstories-detail', kwargs={"pk": data.private_user_story1.pk})
private_url2 = reverse('userstories-detail', kwargs={"pk": data.private_user_story2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
user_story_data = UserStorySerializer(data.public_user_story).data
user_story_data["subject"] = "test"
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', public_url, user_story_data, users)
assert results == [401, 403, 403, 200, 200]
user_story_data = UserStorySerializer(data.private_user_story1).data
user_story_data["subject"] = "test"
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', private_url1, user_story_data, users)
assert results == [401, 403, 403, 200, 200]
user_story_data = UserStorySerializer(data.private_user_story2).data
user_story_data["subject"] = "test"
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', private_url2, user_story_data, users)
assert results == [401, 403, 403, 200, 200]
def test_user_story_action_bulk_update_order(client, data):
url = reverse('userstories-bulk-update-backlog-order')
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
post_data = json.dumps({
"bulk_stories": [{"us_id": data.public_user_story.id, "order": 2}],
"project_id": data.public_project.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 204, 204]
post_data = json.dumps({
"bulk_stories": [{"us_id": data.private_user_story1.id, "order": 2}],
"project_id": data.private_project1.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 204, 204]
post_data = json.dumps({
"bulk_stories": [{"us_id": data.private_user_story2.id, "order": 2}],
"project_id": data.private_project2.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 204, 204]
def test_wiki_link_create(client, data):
url = reverse('wiki-links-list')
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
create_data = json.dumps({
"title": "test",
"href": "test",
"project": data.public_project.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users, lambda: WikiLink.objects.all().delete())
assert results == [401, 201, 201, 201, 201]
create_data = json.dumps({
"title": "test",
"href": "test",
"project": data.private_project1.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users, lambda: WikiLink.objects.all().delete())
assert results == [401, 201, 201, 201, 201]
create_data = json.dumps({
"title": "test",
"href": "test",
"project": data.private_project2.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users, lambda: WikiLink.objects.all().delete())
assert results == [401, 403, 403, 201, 201]
def test_user_story_create(client, data):
url = reverse('userstories-list')
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
create_data = json.dumps({"subject": "test", "ref": 1, "project": data.public_project.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({"subject": "test", "ref": 2, "project": data.private_project1.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({"subject": "test", "ref": 3, "project": data.private_project2.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({"subject": "test", "ref": 4, "project": data.blocked_project.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 451, 451]
def test_update_entries(client):
user1 = factories.UserFactory()
storage11 = factories.StorageEntryFactory(owner=user1)
# Update by anonymous user
form = {"value": "bar", "key": storage11.key}
response = client.json.put(reverse("user-storage-detail", args=[storage11.key]),
json.dumps(form))
assert response.status_code == 401
# Update by logged user
client.login(username=user1.username, password=user1.username)
form = {"value": {"bar": "bar"}, "key": storage11.key}
response = client.json.put(reverse("user-storage-detail", args=[storage11.key]),
json.dumps(form))
assert response.status_code == 200
response = client.json.get(reverse("user-storage-detail", args=[storage11.key]))
assert response.status_code == 200
assert response.data["value"] == form["value"]
# Update not existing entry
form = {"value": {"bar": "bar"}, "key": "foo"}
response = client.json.get(reverse("user-storage-detail", args=[form["key"]]))
assert response.status_code == 404
response = client.json.put(reverse("user-storage-detail", args=[form["key"]]),
json.dumps(form))
assert response.status_code == 201
response = client.json.get(reverse("user-storage-detail", args=[form["key"]]))
assert response.status_code == 200
assert response.data["value"] == form["value"]
def test_create_entries(client):
user1 = factories.UserFactory()
storage11 = factories.StorageEntryFactory(owner=user1)
form = {"key": "foo",
"value": {"bar": "bar"}}
form_without_key = {"value": {"bar": "bar"}}
form_without_value = {"key": "foo"}
error_form = {"key": storage11.key,
"value": {"bar": "bar"}}
# Create entry by anonymous user
response = client.json.post(reverse("user-storage-list"), json.dumps(form))
assert response.status_code == 401
# Create by logged user
client.login(username=user1.username, password=user1.username)
response = client.json.post(reverse("user-storage-list"), json.dumps(form))
assert response.status_code == 201
response = client.json.get(reverse("user-storage-detail", args=[form["key"]]))
assert response.status_code == 200
# Wrong data
client.login(username=user1.username, password=user1.username)
response = client.json.post(reverse("user-storage-list"), json.dumps(form_without_key))
assert response.status_code == 400
response = client.json.post(reverse("user-storage-list"), json.dumps(form_without_value))
assert response.status_code == 400
response = client.json.post(reverse("user-storage-list"), json.dumps(error_form))
assert response.status_code == 400
def test_userstory_custom_attribute_action_bulk_update_order(client, data):
url = reverse('userstory-custom-attributes-bulk-update-order')
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
post_data = json.dumps({
"bulk_userstory_custom_attributes": [(1,2)],
"project": data.public_project.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 403, 204]
post_data = json.dumps({
"bulk_userstory_custom_attributes": [(1,2)],
"project": data.private_project1.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 403, 204]
post_data = json.dumps({
"bulk_userstory_custom_attributes": [(1,2)],
"project": data.private_project2.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 403, 204]
def test_task_update(client, data):
public_url = reverse('tasks-detail', kwargs={"pk": data.public_task.pk})
private_url1 = reverse('tasks-detail', kwargs={"pk": data.private_task1.pk})
private_url2 = reverse('tasks-detail', kwargs={"pk": data.private_task2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
task_data = TaskSerializer(data.public_task).data
task_data["subject"] = "test"
task_data = json.dumps(task_data)
results = helper_test_http_method(client, 'put', public_url, task_data, users)
assert results == [401, 403, 403, 200, 200]
task_data = TaskSerializer(data.private_task1).data
task_data["subject"] = "test"
task_data = json.dumps(task_data)
results = helper_test_http_method(client, 'put', private_url1, task_data, users)
assert results == [401, 403, 403, 200, 200]
task_data = TaskSerializer(data.private_task2).data
task_data["subject"] = "test"
task_data = json.dumps(task_data)
results = helper_test_http_method(client, 'put', private_url2, task_data, users)
assert results == [401, 403, 403, 200, 200]
def test_userstory_custom_attributes_values_patch(client, data):
public_url = reverse('userstory-custom-attributes-values-detail', kwargs={
"user_story_id": data.public_user_story.pk})
private_url1 = reverse('userstory-custom-attributes-values-detail', kwargs={
"user_story_id": data.private_user_story1.pk})
private_url2 = reverse('userstory-custom-attributes-values-detail', kwargs={
"user_story_id": data.private_user_story2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
patch_data = json.dumps({"attributes_values": {str(data.public_userstory_ca.pk): "test"},
"version": data.public_user_story.version})
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"attributes_values": {str(data.private_userstory_ca1.pk): "test"},
"version": data.private_user_story1.version})
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"attributes_values": {str(data.private_userstory_ca2.pk): "test"},
"version": data.private_user_story2.version})
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
assert results == [401, 403, 403, 200, 200]
def test_valid_concurrent_save_for_issue_different_versions(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
f.MembershipFactory.create(project=project, user=user, is_owner=True)
client.login(user)
mock_path = "taiga.projects.issues.api.IssueViewSet.pre_conditions_on_save"
with patch(mock_path):
url = reverse("issues-list")
data = {"subject": "test",
"project": project.id,
"status": f.IssueStatusFactory.create(project=project).id,
"severity": f.SeverityFactory.create(project=project).id,
"type": f.IssueTypeFactory.create(project=project).id,
"priority": f.PriorityFactory.create(project=project).id}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201, response.content
issue_id = response.data["id"]
url = reverse("issues-detail", args=(issue_id,))
data = {"version": 1, "subject": "test 1"}
response = client.patch(url, json.dumps(data), content_type="application/json")
assert response.status_code == 200
data = {"version": 2, "subject": "test 2"}
response = client.patch(url, json.dumps(data), content_type="application/json")
assert response.status_code == 200
def test_userstory_custom_attribute_create(client, data):
public_url = reverse('userstory-custom-attributes-list')
private1_url = reverse('userstory-custom-attributes-list')
private2_url = reverse('userstory-custom-attributes-list')
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
userstory_ca_data = {"name": "test-new", "project": data.public_project.id}
userstory_ca_data = json.dumps(userstory_ca_data)
results = helper_test_http_method(client, 'post', public_url, userstory_ca_data, users)
assert results == [401, 403, 403, 403, 201]
userstory_ca_data = {"name": "test-new", "project": data.private_project1.id}
userstory_ca_data = json.dumps(userstory_ca_data)
results = helper_test_http_method(client, 'post', private1_url, userstory_ca_data, users)
assert results == [401, 403, 403, 403, 201]
userstory_ca_data = {"name": "test-new", "project": data.private_project2.id}
userstory_ca_data = json.dumps(userstory_ca_data)
results = helper_test_http_method(client, 'post', private2_url, userstory_ca_data, users)
assert results == [401, 403, 403, 403, 201]
def test_task_custom_attributes_values_update(client, data):
public_url = reverse('task-custom-attributes-values-detail', kwargs={"task_id": data.public_task.pk})
private_url1 = reverse('task-custom-attributes-values-detail', kwargs={"task_id": data.private_task1.pk})
private_url2 = reverse('task-custom-attributes-values-detail', kwargs={"task_id": data.private_task2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
task_data = serializers.TaskCustomAttributesValuesSerializer(data.public_task_cav).data
task_data["attributes_values"] = {str(data.public_task_ca.pk): "test"}
task_data = json.dumps(task_data)
results = helper_test_http_method(client, 'put', public_url, task_data, users)
assert results == [401, 403, 403, 200, 200]
task_data = serializers.TaskCustomAttributesValuesSerializer(data.private_task_cav1).data
task_data["attributes_values"] = {str(data.private_task_ca1.pk): "test"}
task_data = json.dumps(task_data)
results = helper_test_http_method(client, 'put', private_url1, task_data, users)
assert results == [401, 403, 403, 200, 200]
task_data = serializers.TaskCustomAttributesValuesSerializer(data.private_task_cav2).data
task_data["attributes_values"] = {str(data.private_task_ca2.pk): "test"}
task_data = json.dumps(task_data)
results = helper_test_http_method(client, 'put', private_url2, task_data, users)
assert results == [401, 403, 403, 200, 200]
def test_invalid_concurrent_save_for_us(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
f.MembershipFactory.create(project=project, user=user, is_owner=True)
f.UserStoryFactory.create(version=10, project=project)
client.login(user)
mock_path = "taiga.projects.userstories.api.UserStoryViewSet.pre_conditions_on_save"
with patch(mock_path):
url = reverse("userstories-list")
data = {"subject": "test",
"project": project.id,
"status": f.UserStoryStatusFactory.create(project=project).id}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201
userstory_id = response.data["id"]
url = reverse("userstories-detail", args=(userstory_id,))
data = {"version": 1, "subject": "test 1"}
response = client.patch(url, json.dumps(data), content_type="application/json")
assert response.status_code == 200
data = {"version": 1, "subject": "test 2"}
response = client.patch(url, json.dumps(data), content_type="application/json")
assert response.status_code == 400
def test_issue_update(client, data):
public_url = reverse('issues-detail', kwargs={"pk": data.public_issue.pk})
private_url1 = reverse('issues-detail', kwargs={"pk": data.private_issue1.pk})
private_url2 = reverse('issues-detail', kwargs={"pk": data.private_issue2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
issue_data = IssueSerializer(data.public_issue).data
issue_data["subject"] = "test"
issue_data = json.dumps(issue_data)
results = helper_test_http_method(client, 'put', public_url, issue_data, users)
assert results == [401, 403, 403, 200, 200]
issue_data = IssueSerializer(data.private_issue1).data
issue_data["subject"] = "test"
issue_data = json.dumps(issue_data)
results = helper_test_http_method(client, 'put', private_url1, issue_data, users)
assert results == [401, 403, 403, 200, 200]
issue_data = IssueSerializer(data.private_issue2).data
issue_data["subject"] = "test"
issue_data = json.dumps(issue_data)
results = helper_test_http_method(client, 'put', private_url2, issue_data, users)
assert results == [401, 403, 403, 200, 200]
def test_modules_patch(client, data):
public_url = reverse('projects-modules', kwargs={"pk": data.public_project.pk})
private_url1 = reverse('projects-modules', kwargs={"pk": data.private_project1.pk})
private_url2 = reverse('projects-modules', kwargs={"pk": data.private_project2.pk})
blocked_url = reverse('projects-modules', kwargs={"pk": data.blocked_project.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
assert results == [401, 403, 403, 403, 204]
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
assert results == [401, 403, 403, 403, 204]
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
assert results == [404, 404, 404, 403, 204]
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', blocked_url, patch_data, users)
assert results == [404, 404, 404, 403, 451]
def test_milestone_patch(client, data):
public_url = reverse('milestones-detail', kwargs={"pk": data.public_milestone.pk})
private_url1 = reverse('milestones-detail', kwargs={"pk": data.private_milestone1.pk})
private_url2 = reverse('milestones-detail', kwargs={"pk": data.private_milestone2.pk})
blocked_url = reverse('milestones-detail', kwargs={"pk": data.blocked_milestone.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', blocked_url, patch_data, users)
assert results == [401, 403, 403, 451, 451]
def test_userstory_custom_attribute_update(client, data):
public_url = reverse('userstory-custom-attributes-detail', kwargs={"pk": data.public_userstory_ca.pk})
private1_url = reverse('userstory-custom-attributes-detail', kwargs={"pk": data.private_userstory_ca1.pk})
private2_url = reverse('userstory-custom-attributes-detail', kwargs={"pk": data.private_userstory_ca2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
userstory_ca_data = serializers.UserStoryCustomAttributeSerializer(data.public_userstory_ca).data
userstory_ca_data["name"] = "test"
userstory_ca_data = json.dumps(userstory_ca_data)
results = helper_test_http_method(client, 'put', public_url, userstory_ca_data, users)
assert results == [401, 403, 403, 403, 200]
userstory_ca_data = serializers.UserStoryCustomAttributeSerializer(data.private_userstory_ca1).data
userstory_ca_data["name"] = "test"
userstory_ca_data = json.dumps(userstory_ca_data)
results = helper_test_http_method(client, 'put', private1_url, userstory_ca_data, users)
assert results == [401, 403, 403, 403, 200]
userstory_ca_data = serializers.UserStoryCustomAttributeSerializer(data.private_userstory_ca2).data
userstory_ca_data["name"] = "test"
userstory_ca_data = json.dumps(userstory_ca_data)
results = helper_test_http_method(client, 'put', private2_url, userstory_ca_data, users)
assert results == [401, 403, 403, 403, 200]
def test_userstory_custom_attributes_values_update(client, data):
public_url = reverse('userstory-custom-attributes-values-detail', kwargs={
"user_story_id": data.public_user_story.pk})
private_url1 = reverse('userstory-custom-attributes-values-detail', kwargs={
"user_story_id": data.private_user_story1.pk})
private_url2 = reverse('userstory-custom-attributes-values-detail', kwargs={
"user_story_id": data.private_user_story2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
user_story_data = serializers.UserStoryCustomAttributesValuesSerializer(data.public_user_story_cav).data
user_story_data["attributes_values"] = {str(data.public_userstory_ca.pk): "test"}
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', public_url, user_story_data, users)
assert results == [401, 403, 403, 200, 200]
user_story_data = serializers.UserStoryCustomAttributesValuesSerializer(data.private_user_story_cav1).data
user_story_data["attributes_values"] = {str(data.private_userstory_ca1.pk): "test"}
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', private_url1, user_story_data, users)
assert results == [401, 403, 403, 200, 200]
user_story_data = serializers.UserStoryCustomAttributesValuesSerializer(data.private_user_story_cav2).data
user_story_data["attributes_values"] = {str(data.private_userstory_ca2.pk): "test"}
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', private_url2, user_story_data, users)
assert results == [401, 403, 403, 200, 200]
def load_project_dump(user, dump):
try:
project = services.store_project_from_dict(dump, user)
except err.TaigaImportError as e:
# On Error
## remove project
if e.project:
e.project.delete_related_content()
e.project.delete()
## send email to the user
error_subject = _("Error loading project dump")
error_message = e.message or _("Error loading your project dump file")
ctx = {
"user": user,
"error_subject": error_message,
"error_message": error_subject,
}
email = mail_builder.import_error(user, ctx)
email.send()
## logged the error to sysadmins
text = ADMIN_ERROR_LOAD_PROJECT_DUMP_MESSAGE.format(
user_full_name=user,
user_email=user.email,
reason=e.message or _(" -- no detail info --"),
details=json.dumps(e.errors, indent=4)
)
logger.error(text, exc_info=sys.exc_info())
else:
# On Success
ctx = {"user": user, "project": project}
email = mail_builder.load_dump(user, ctx)
email.send()
def test_issue_custom_attributes_values_update_with_error_invalid_key(client):
issue = f.IssueFactory()
member = f.MembershipFactory(user=issue.project.owner,
project=issue.project,
is_admin=True)
custom_attr_1 = f.IssueCustomAttributeFactory(project=issue.project)
ct1_id = "{}".format(custom_attr_1.id)
custom_attr_2 = f.IssueCustomAttributeFactory(project=issue.project)
custom_attrs_val = issue.custom_attributes_values
url = reverse("issue-custom-attributes-values-detail", args=[issue.id])
data = {
"attributes_values": {
ct1_id: "test_1_updated",
"123456": "test_2_updated"
},
"version": custom_attrs_val.version
}
client.login(member.user)
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400
def post_save(self, obj, created=False):
if not created:
# Let's reorder the related stuff after edit the element
orders_updated = {}
updated = self._reorder_if_needed(obj,
self._old_us_order_key,
self._us_order_key(obj),
"us_order",
obj.project,
user_story=obj.user_story)
orders_updated.update(updated)
updated = self._reorder_if_needed(obj,
self._old_taskboard_order_key,
self._taskboard_order_key(obj),
"taskboard_order",
obj.project,
user_story=obj.user_story,
status=obj.status,
milestone=obj.milestone)
orders_updated.update(updated)
self.headers["Taiga-Info-Order-Updated"] = json.dumps(
orders_updated)
super().post_save(obj, created)
def test_update_epic_order(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
epic_1 = f.EpicFactory.create(project=project,
epics_order=1,
status=project.default_us_status)
epic_2 = f.EpicFactory.create(project=project,
epics_order=2,
status=project.default_us_status)
epic_3 = f.EpicFactory.create(project=project,
epics_order=3,
status=project.default_us_status)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
url = reverse('epics-detail', kwargs={"pk": epic_1.pk})
data = {"epics_order": 2, "version": epic_1.version}
client.login(user)
response = client.json.patch(url, json.dumps(data))
assert json.loads(response.get("taiga-info-order-updated")) == {
str(epic_1.id): 2,
str(epic_2.id): 3,
str(epic_3.id): 4
}
def test_push_event_detected(client):
project = f.ProjectFactory()
url = reverse("gitlab-hook-list")
url = "%s?project=%s" % (url, project.id)
data = {
"commits": [
{
"message": "test message"
},
]
}
GitLabViewSet._validate_signature = mock.Mock(return_value=True)
with mock.patch.object(event_hooks.PushEventHook,
"process_event") as process_event_mock:
response = client.post(url,
json.dumps(data),
HTTP_X_GITHUB_EVENT="push",
content_type="application/json")
assert process_event_mock.call_count == 1
assert response.status_code == 204
def test_api_create_membership_without_enough_memberships_public_project_slots_multiple_projects(
client):
user = f.UserFactory.create(max_memberships_public_projects=3)
project = f.ProjectFactory(owner=user, is_private=False)
role = f.RoleFactory(project=project, name="Test")
f.MembershipFactory(project=project, user=user, is_admin=True)
other_project = f.ProjectFactory(owner=user, is_private=False)
f.MembershipFactory(project=other_project, user=user, is_admin=True)
f.MembershipFactory(project=other_project)
f.MembershipFactory(project=other_project)
client.login(user)
url = reverse("memberships-list")
data = {
"role": role.pk,
"project": project.pk,
"username": "******"
}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400
assert "reached your current limit of memberships for public" in response.data[
"_error_message"]
def test_create_wiki_link_of_existent_wiki_page_with_permissions(client):
project = f.ProjectFactory.create()
role = f.RoleFactory.create(project=project,
permissions=[
'view_wiki_pages', 'view_wiki_link',
'add_wiki_page', 'add_wiki_link'
])
f.MembershipFactory.create(project=project, user=project.owner, role=role)
project.owner.notify_policies.filter(project=project).update(
notify_level=NotifyLevel.all)
user = f.UserFactory.create()
f.MembershipFactory.create(project=project, user=user, role=role)
wiki_page = f.WikiPageFactory.create(project=project,
owner=user,
slug="test",
content="test content")
mail.outbox = []
url = reverse("wiki-links-list")
data = {
"title": "test",
"href": "test",
"project": project.pk,
}
assert project.wiki_pages.all().count() == 1
client.login(user)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201
assert len(mail.outbox) == 0
assert project.wiki_pages.all().count() == 1
def test_api_move_issues_to_another_sprint_close_previous(client):
project = f.create_project()
f.MembershipFactory.create(project=project,
user=project.owner,
is_admin=True)
milestone1 = f.MilestoneFactory.create(project=project)
milestone2 = f.MilestoneFactory.create(project=project)
closed_status = f.IssueStatusFactory.create(project=project,
is_closed=True)
issue1 = f.create_issue(project=project,
milestone=milestone1,
status=closed_status)
issue2 = f.create_issue(project=project, milestone=milestone1)
assert project.milestones.get(id=milestone1.id).closed is False
assert project.milestones.get(id=milestone1.id).issues.count() == 2
url = reverse("milestones-move-issues-to-sprint",
kwargs={"pk": milestone1.pk})
data = {
"project_id": project.id,
"milestone_id": milestone2.id,
"bulk_issues": [{
"issue_id": issue2.id,
"order": 2
}]
}
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 204, response.data
assert project.milestones.get(id=milestone1.id).issues.count() == 1
assert project.milestones.get(id=milestone2.id).issues.count() == 1
assert project.milestones.get(id=milestone1.id).closed
def test_api_create_bulk_members_with_extra_text(client, outbox):
project = f.ProjectFactory()
tester = f.RoleFactory(project=project, name="Tester")
f.MembershipFactory(project=project, user=project.owner, is_admin=True)
url = reverse("memberships-bulk-create")
invitation_extra_text = "this is a not so random invitation text"
data = {
"project_id": project.id,
"bulk_memberships": [
{"role_id": tester.pk, "username": "******"},
],
"invitation_extra_text": invitation_extra_text
}
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 200
assert response.data[0]["email"] == "*****@*****.**"
message = outbox[0]
assert len(outbox) == 1
assert message.to == ["*****@*****.**"]
assert "this is a not so random invitation text" in message.body
def test_api_create_in_bulk_with_invalid_userstory_2(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user, default_task_status=None)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
project.default_task_status = f.TaskStatusFactory.create(project=project)
project.save()
milestone = f.MilestoneFactory(project=project)
us = f.create_userstory(project=project)
url = reverse("tasks-bulk-create")
data = {
"bulk_tasks": "Story #1\nStory #2",
"us_id": us.id,
"project_id": us.project.id,
"milestone_id": milestone.id,
"status_id": us.project.default_task_status.id
}
client.login(user)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400
assert "us_id" in response.data
def test_resource_notification_test(client, settings, mail):
settings.CHANGE_NOTIFICATIONS_MIN_INTERVAL = 1
user1 = f.UserFactory.create()
user2 = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user1)
role = f.RoleFactory.create(project=project, permissions=["view_issues"])
f.MembershipFactory.create(project=project, user=user1, role=role, is_owner=True)
f.MembershipFactory.create(project=project, user=user2, role=role)
issue = f.IssueFactory.create(owner=user2, project=project)
mock_path = "taiga.projects.issues.api.IssueViewSet.pre_conditions_on_save"
url = reverse("issues-detail", args=[issue.pk])
client.login(user1)
with patch(mock_path):
data = {"subject": "Fooooo", "version": issue.version}
response = client.patch(url, json.dumps(data), content_type="application/json")
assert response.status_code == 200
assert len(mail.outbox) == 0
assert models.HistoryChangeNotification.objects.count() == 1
time.sleep(1)
services.process_sync_notifications()
assert len(mail.outbox) == 1
assert models.HistoryChangeNotification.objects.count() == 0
with patch(mock_path):
response = client.delete(url)
assert response.status_code == 204
assert len(mail.outbox) == 1
assert models.HistoryChangeNotification.objects.count() == 1
time.sleep(1)
services.process_sync_notifications()
assert len(mail.outbox) == 2
assert models.HistoryChangeNotification.objects.count() == 0
def test_api_create_new_user_story_with_tags(client):
project = f.ProjectFactory.create(
tags_colors=[["front", "#aaaaaa"], ["ux", "#fabada"]])
status = f.UserStoryStatusFactory.create(project=project)
project.default_userstory_status = status
project.save()
f.MembershipFactory.create(project=project,
user=project.owner,
is_admin=True)
url = reverse("userstories-list")
data = {
"subject": "Test user story",
"project": project.id,
"tags": [["back", "#fff8e7"], ["front", "#bbbbbb"], ["ux", None]]
}
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201, response.data
us_tags_colors = OrderedDict(response.data["tags"])
assert us_tags_colors["back"] == "#fff8e7"
assert us_tags_colors["front"] == "#aaaaaa"
assert us_tags_colors["ux"] == "#fabada"
tags_colors = OrderedDict(project.tags_colors)
project.refresh_from_db()
tags_colors = OrderedDict(project.tags_colors)
assert tags_colors["back"] == "#fff8e7"
assert tags_colors["ux"] == "#fabada"
assert tags_colors["front"] == "#aaaaaa"
def test_api_patch_project_modules(client):
project = f.create_project()
membership = f.MembershipFactory(project=project,
user=project.owner,
is_owner=True)
url = reverse("projects-modules", args=(project.id, ))
client.login(project.owner)
data = {
"gitlab": {
"secret": "test_secret",
"url": "test_url",
}
}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 204
config = services.get_modules_config(project).config
assert "gitlab" in config
assert config["gitlab"]["secret"] == "test_secret"
assert config["gitlab"]["webhooks_url"] != "test_url"
def test_valid_project_import_with_not_existing_memberships(client):
user = f.UserFactory.create()
client.login(user)
url = reverse("importer-list")
data = {
"name": "Imported project",
"description": "Imported project",
"memberships": [{
"email": "*****@*****.**",
"role": "Role",
}],
"roles": [{
"name": "Role"
}]
}
response = client.post(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 201
response_data = response.data
# The new membership and the owner membership
assert len(response_data["memberships"]) == 2
def test_issue_attachment_patch(client, data, data_issue):
public_url = reverse('issue-attachments-detail',
kwargs={"pk": data_issue.public_issue_attachment.pk})
private_url1 = reverse(
'issue-attachments-detail',
kwargs={"pk": data_issue.private_issue1_attachment.pk})
private_url2 = reverse(
'issue-attachments-detail',
kwargs={"pk": data_issue.private_issue2_attachment.pk})
blocked_url = reverse(
'issue-attachments-detail',
kwargs={"pk": data_issue.blocked_issue_attachment.pk})
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
attachment_data = {"description": "test"}
attachment_data = json.dumps(attachment_data)
results = helper_test_http_method(client, 'patch', public_url,
attachment_data, users)
assert results == [401, 403, 403, 200, 200]
results = helper_test_http_method(client, 'patch', private_url1,
attachment_data, users)
assert results == [401, 403, 403, 200, 200]
results = helper_test_http_method(client, 'patch', private_url2,
attachment_data, users)
assert results == [401, 403, 403, 200, 200]
results = helper_test_http_method(client, 'patch', blocked_url,
attachment_data, users)
assert results == [401, 403, 403, 451, 451]
def test_api_update_orders_in_bulk_invalid_status(client):
project = f.create_project()
f.MembershipFactory.create(project=project,
user=project.owner,
is_admin=True)
status = f.UserStoryStatusFactory.create()
us1 = f.create_userstory(project=project)
us2 = f.create_userstory(project=project)
us3 = f.create_userstory(project=project)
url = reverse("userstories-bulk-update-kanban-order")
data = {
"project_id": project.id,
"status_id": status.id,
"bulk_userstories": [us1.id, us2.id, us3.id]
}
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400, response.data
assert len(response.data) == 1
assert "status_id" in response.data
def test_api_update_orders_in_bulk_invalid_after_us_because_project(client):
project = f.create_project()
f.MembershipFactory.create(project=project,
user=project.owner,
is_admin=True)
us1 = f.create_userstory(project=project)
us2 = f.create_userstory(project=project)
us3 = f.create_userstory(project=project)
us4 = f.create_userstory()
url = reverse("userstories-bulk-update-backlog-order")
data = {
"project_id": project.id,
"before_userstory_id": us4.id,
"bulk_userstories": [us1.id, us2.id, us3.id]
}
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400, response.data
assert len(response.data) == 1
assert "before_userstory_id" in response.data
def test_valid_project_import_without_extra_data(client):
user = f.UserFactory.create()
user_watching = f.UserFactory.create(email="*****@*****.**")
client.login(user)
url = reverse("importer-list")
data = {
"name": "Imported project",
"description": "Imported project",
"roles": [{"name": "Role"}],
"watchers": ["*****@*****.**"]
}
response = client.post(url, json.dumps(data), content_type="application/json")
assert response.status_code == 201
response_data = response.data
must_empty_children = [
"issues", "user_stories", "us_statuses", "wiki_pages", "priorities",
"severities", "milestones", "points", "issue_types", "task_statuses",
"issue_statuses", "wiki_links",
]
assert all(map(lambda x: len(response_data[x]) == 0, must_empty_children))
assert response_data["owner"] == user.email
assert response_data["watchers"] == [user.email, user_watching.email]
def test_api_create_bulk_members_invalid_user_id(client):
project = f.ProjectFactory()
john = f.UserFactory.create()
joseph = f.UserFactory.create()
other = f.UserFactory.create()
tester = f.RoleFactory(project=project, name="Tester", permissions=["view_project"])
gamer = f.RoleFactory(project=project, name="Gamer", permissions=["view_project"])
f.MembershipFactory(project=project, user=john, role=tester, is_admin=True)
url = reverse("memberships-bulk-create")
data = {
"project_id": project.id,
"bulk_memberships": [
{"role_id": gamer.pk, "username": joseph.email},
{"role_id": gamer.pk, "username": other.username},
]
}
client.login(john)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400
assert "bulk_memberships" in response.data
assert "username" in response.data["bulk_memberships"][1]
def test_user_story_attachment_update(client, data, data_us):
public_url = reverse("userstory-attachments-detail",
args=[data_us.public_user_story_attachment.pk])
private_url1 = reverse("userstory-attachments-detail",
args=[data_us.private_user_story1_attachment.pk])
private_url2 = reverse("userstory-attachments-detail",
args=[data_us.private_user_story2_attachment.pk])
blocked_url = reverse("userstory-attachments-detail",
args=[data_us.blocked_user_story_attachment.pk])
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
attachment_data = AttachmentSerializer(data_us.public_user_story_attachment).data
attachment_data["description"] = "test"
attachment_data = json.dumps(attachment_data)
results = helper_test_http_method(client, "put", public_url, attachment_data, users)
assert results == [405, 405, 405, 405, 405]
# assert results == [401, 403, 403, 400, 400]
results = helper_test_http_method(client, "put", private_url1, attachment_data, users)
assert results == [405, 405, 405, 405, 405]
# assert results == [401, 403, 403, 400, 400]
results = helper_test_http_method(client, "put", private_url2, attachment_data, users)
assert results == [405, 405, 405, 405, 405]
# assert results == [401, 403, 403, 400, 400]
results = helper_test_http_method(client, "put", blocked_url, attachment_data, users)
assert results == [405, 405, 405, 405, 405]
def test_project_transfer_accept_from_admin_member_with_expired_token(client):
user_from = f.UserFactory.create()
user_to = f.UserFactory.create()
signer = ExpiredSigner()
token = signer.sign(user_to.id)
project = f.create_project(owner=user_from, transfer_token=token)
f.MembershipFactory(user=user_from, project=project, is_owner=True)
f.MembershipFactory(user=user_to, project=project, is_owner=True)
client.login(user_to)
url = reverse("projects-transfer-accept", kwargs={"pk": project.pk})
data = {
"token": token,
}
mail.outbox = []
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400
assert "Token has expired" == response.data["_error_message"]
assert len(mail.outbox) == 0
def handle(self, *args, **options):
dump_file_path = options["dump_file"]
owner_email = options["owner_email"]
overwrite = options["overwrite"]
data = json.loads(open(dump_file_path, 'r').read())
try:
if overwrite:
receivers_back = signals.post_delete.receivers
signals.post_delete.receivers = []
try:
proj = Project.objects.get(slug=data.get("slug", "not a slug"))
proj.tasks.all().delete()
proj.user_stories.all().delete()
proj.issues.all().delete()
proj.memberships.all().delete()
proj.roles.all().delete()
proj.delete()
except Project.DoesNotExist:
pass
signals.post_delete.receivers = receivers_back
else:
slug = data.get('slug', None)
if slug is not None and Project.objects.filter(slug=slug).exists():
del data['slug']
user = User.objects.get(email=owner_email)
services.store_project_from_dict(data, user)
except err.TaigaImportError as e:
if e.project:
e.project.delete_related_content()
e.project.delete()
print("ERROR:", end=" ")
print(e.message)
print(json.dumps(e.errors, indent=4))
def test_project_transfer_reject_from_admin_member_with_valid_token(client):
user_from = f.UserFactory.create()
user_to = f.UserFactory.create()
signer = signing.TimestampSigner()
token = signer.sign(user_to.id)
project = f.create_project(owner=user_from, transfer_token=token)
f.MembershipFactory(user=user_from, project=project, is_owner=True)
f.MembershipFactory(user=user_to, project=project, is_owner=True)
client.login(user_to)
url = reverse("projects-transfer-reject", kwargs={"pk": project.pk})
data = {
"token": token,
}
mail.outbox = []
response = client.json.post(url, json.dumps(data))
assert response.status_code == 200
assert len(mail.outbox) == 1
assert mail.outbox[0].to == [user_from.email]
def test_bulk_create_related_userstories_with_default_swimlane_and_kanban_disable(
client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
swimlane = f.SwimlaneFactory.create(project=project)
swimlane2 = f.SwimlaneFactory.create(project=project)
epic = f.EpicFactory.create(project=project)
project.default_swimlane = swimlane
project.is_kanban_activated = False
project.save()
url = reverse('epics-related-userstories-bulk-create', args=[epic.pk])
data = {"bulk_userstories": "test1\ntest2", "project_id": project.id}
client.login(user)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 200
assert len(response.data) == 2
userstories = epic.user_stories.all()
assert userstories[0].swimlane == None
assert userstories[1].swimlane == None
def test_api_update_milestone_in_bulk_invalid_milestone(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user, default_task_status=None)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
milestone1 = f.MilestoneFactory(project=project)
milestone2 = f.MilestoneFactory()
task1 = f.create_task(project=project, milestone=milestone1)
task2 = f.create_task(project=project, milestone=milestone1)
task3 = f.create_task(project=project, milestone=milestone1)
url = reverse("tasks-bulk-update-milestone")
data = {
"project_id":
project.id,
"milestone_id":
milestone2.id,
"bulk_tasks": [{
"task_id": task1.id,
"order": 1
}, {
"task_id": task2.id,
"order": 2
}, {
"task_id": task3.id,
"order": 3
}]
}
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400
assert "milestone_id" in response.data
def test_valid_wiki_page_import_with_extra_data(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
membership = f.MembershipFactory(project=project, user=user, is_owner=True)
client.login(user)
url = reverse("importer-wiki-page", args=[project.pk])
data = {
"slug": "imported-wiki-page",
"content": "Imported wiki_page",
"attachments": [{
"owner": user.email,
"attached_file": {
"name": "imported attachment",
"data": base64.b64encode(b"TEST").decode("utf-8")
}
}]
}
response = client.post(url, json.dumps(data), content_type="application/json")
assert response.status_code == 201
response_data = json.loads(response.content.decode("utf-8"))
assert len(response_data["attachments"]) == 1
assert response_data["owner"] == user.email
def test_api_update_orders_in_bulk_to_test_extra_headers(client):
project = f.create_project()
f.MembershipFactory.create(project=project, user=project.owner, is_owner=True)
us1 = f.create_userstory(project=project)
us2 = f.create_userstory(project=project)
url1 = reverse("userstories-bulk-update-backlog-order")
url2 = reverse("userstories-bulk-update-kanban-order")
url3 = reverse("userstories-bulk-update-sprint-order")
data = {
"project_id": project.id,
"bulk_stories": [{"us_id": us1.id, "order": 1},
{"us_id": us2.id, "order": 2}]
}
client.login(project.owner)
response1 = client.json.post(url1, json.dumps(data))
response2 = client.json.post(url2, json.dumps(data))
response3 = client.json.post(url3, json.dumps(data))
assert response1.status_code == 204
assert response1.has_header("Taiga-Info-Has-Closed-Milestones") == False
assert response2.status_code == 204
assert response2.has_header("Taiga-Info-Has-Closed-Milestones") == False
assert response3.status_code == 204
assert response3.has_header("Taiga-Info-Has-Closed-Milestones") == True
assert response3["taiga-info-has-closed-milestones"] == "False"
us1.milestone.closed = True
us1.milestone.save()
response1 = client.json.post(url1, json.dumps(data))
response2 = client.json.post(url2, json.dumps(data))
response3 = client.json.post(url3, json.dumps(data))
assert response1.status_code == 204
assert response1.has_header("Taiga-Info-Has-Closed-Milestones") == False
assert response2.status_code == 204
assert response2.has_header("Taiga-Info-Has-Closed-Milestones") == False
assert response3.status_code == 204
assert response3.has_header("Taiga-Info-Has-Closed-Milestones") == True
assert response3["taiga-info-has-closed-milestones"] == "True"
def test_task_put_update_with_project_change(client):
user1 = f.UserFactory.create()
user2 = f.UserFactory.create()
user3 = f.UserFactory.create()
user4 = f.UserFactory.create()
project1 = f.ProjectFactory()
project2 = f.ProjectFactory()
task_status1 = f.TaskStatusFactory.create(project=project1)
task_status2 = f.TaskStatusFactory.create(project=project2)
project1.default_task_status = task_status1
project2.default_task_status = task_status2
project1.save()
project2.save()
project1 = attach_project_extra_info(
Project.objects.all()).get(id=project1.id)
project2 = attach_project_extra_info(
Project.objects.all()).get(id=project2.id)
f.MembershipFactory(project=project1,
user=user1,
role__project=project1,
role__permissions=list(
map(lambda x: x[0], MEMBERS_PERMISSIONS)))
f.MembershipFactory(project=project2,
user=user1,
role__project=project2,
role__permissions=list(
map(lambda x: x[0], MEMBERS_PERMISSIONS)))
f.MembershipFactory(project=project1,
user=user2,
role__project=project1,
role__permissions=list(
map(lambda x: x[0], MEMBERS_PERMISSIONS)))
f.MembershipFactory(project=project2,
user=user3,
role__project=project2,
role__permissions=list(
map(lambda x: x[0], MEMBERS_PERMISSIONS)))
task = f.TaskFactory.create(project=project1)
task = attach_task_extra_info(Task.objects.all()).get(id=task.id)
url = reverse('tasks-detail', kwargs={"pk": task.pk})
# Test user with permissions in both projects
client.login(user1)
task_data = TaskSerializer(task).data
task_data["project"] = project2.id
task_data = json.dumps(task_data)
response = client.put(url, data=task_data, content_type="application/json")
assert response.status_code == 200
task.project = project1
task.save()
# Test user with permissions in only origin project
client.login(user2)
task_data = TaskSerializer(task).data
task_data["project"] = project2.id
task_data = json.dumps(task_data)
response = client.put(url, data=task_data, content_type="application/json")
assert response.status_code == 403
task.project = project1
task.save()
# Test user with permissions in only destionation project
client.login(user3)
task_data = TaskSerializer(task).data
task_data["project"] = project2.id
task_data = json.dumps(task_data)
response = client.put(url, data=task_data, content_type="application/json")
assert response.status_code == 403
task.project = project1
task.save()
# Test user without permissions in the projects
client.login(user4)
task_data = TaskSerializer(task).data
task_data["project"] = project2.id
task_data = json.dumps(task_data)
response = client.put(url, data=task_data, content_type="application/json")
assert response.status_code == 403
task.project = project1
task.save()
def test_user_story_put_update_with_project_change(client):
user1 = f.UserFactory.create()
user2 = f.UserFactory.create()
user3 = f.UserFactory.create()
user4 = f.UserFactory.create()
project1 = f.ProjectFactory()
project2 = f.ProjectFactory()
us_status1 = f.UserStoryStatusFactory.create(project=project1)
us_status2 = f.UserStoryStatusFactory.create(project=project2)
project1.default_us_status = us_status1
project2.default_us_status = us_status2
project1.save()
project2.save()
membership1 = f.MembershipFactory(project=project1,
user=user1,
role__project=project1,
role__permissions=list(
map(lambda x: x[0],
MEMBERS_PERMISSIONS)))
membership2 = f.MembershipFactory(project=project2,
user=user1,
role__project=project2,
role__permissions=list(
map(lambda x: x[0],
MEMBERS_PERMISSIONS)))
membership3 = f.MembershipFactory(project=project1,
user=user2,
role__project=project1,
role__permissions=list(
map(lambda x: x[0],
MEMBERS_PERMISSIONS)))
membership4 = f.MembershipFactory(project=project2,
user=user3,
role__project=project2,
role__permissions=list(
map(lambda x: x[0],
MEMBERS_PERMISSIONS)))
us = f.UserStoryFactory.create(project=project1)
url = reverse('userstories-detail', kwargs={"pk": us.pk})
# Test user with permissions in both projects
client.login(user1)
us_data = UserStorySerializer(us).data
us_data["project"] = project2.id
us_data = json.dumps(us_data)
response = client.put(url, data=us_data, content_type="application/json")
assert response.status_code == 200
us.project = project1
us.save()
# Test user with permissions in only origin project
client.login(user2)
us_data = UserStorySerializer(us).data
us_data["project"] = project2.id
us_data = json.dumps(us_data)
response = client.put(url, data=us_data, content_type="application/json")
assert response.status_code == 403
us.project = project1
us.save()
# Test user with permissions in only destionation project
client.login(user3)
us_data = UserStorySerializer(us).data
us_data["project"] = project2.id
us_data = json.dumps(us_data)
response = client.put(url, data=us_data, content_type="application/json")
assert response.status_code == 403
us.project = project1
us.save()
# Test user without permissions in the projects
client.login(user4)
us_data = UserStorySerializer(us).data
us_data["project"] = project2.id
us_data = json.dumps(us_data)
response = client.put(url, data=us_data, content_type="application/json")
assert response.status_code == 403
us.project = project1
us.save()
def render_project(project, outfile, chunk_size=8192):
serializer = serializers.ProjectExportSerializer(project)
outfile.write('{\n')
first_field = True
for field_name in serializer.fields.keys():
# Avoid writing "," in the last element
if not first_field:
outfile.write(",\n")
else:
first_field = False
field = serializer.fields.get(field_name)
field.initialize(parent=serializer, field_name=field_name)
# These four "special" fields hava attachments so we use them in a special way
if field_name in ["wiki_pages", "user_stories", "tasks", "issues"]:
value = get_component(project, field_name)
outfile.write('"{}": [\n'.format(field_name))
attachments_field = field.fields.pop("attachments", None)
if attachments_field:
attachments_field.initialize(parent=field,
field_name="attachments")
first_item = True
for item in value.iterator():
# Avoid writing "," in the last element
if not first_item:
outfile.write(",\n")
else:
first_item = False
dumped_value = json.dumps(field.to_native(item))
writing_value = dumped_value[:-1] + ',\n "attachments": [\n'
outfile.write(writing_value)
first_attachment = True
for attachment in item.attachments.iterator():
# Avoid writing "," in the last element
if not first_attachment:
outfile.write(",\n")
else:
first_attachment = False
# Write all the data expect the serialized file
attachment_serializer = serializers.AttachmentExportSerializer(
instance=attachment)
attached_file_serializer = attachment_serializer.fields.pop(
"attached_file")
dumped_value = json.dumps(attachment_serializer.data)
dumped_value = dumped_value[:-1] + ',\n "attached_file":{\n "data":"'
outfile.write(dumped_value)
# We write the attached_files by chunks so the memory used is not increased
attachment_file = attachment.attached_file
with default_storage.open(attachment_file.name) as f:
while True:
bin_data = f.read(chunk_size)
if not bin_data:
break
b64_data = base64.b64encode(bin_data).decode(
'utf-8')
outfile.write(b64_data)
outfile.write('", \n "name":"{}"}}\n}}'.format(
os.path.basename(attachment_file.name)))
outfile.write(']}')
outfile.flush()
gc.collect()
outfile.write(']')
else:
value = field.field_to_native(project, field_name)
outfile.write('"{}": {}'.format(field_name, json.dumps(value)))
outfile.write('}\n')
