def test_user_save_by_token(session, monkeypatch): # pylint: disable=unused-argument """Assert that a user can be created by token.""" patch_token_info(TestJwtClaims.user_test, monkeypatch) user = UserService.save_from_jwt_token() assert user is not None dictionary = user.as_dict() assert dictionary['username'] == TestJwtClaims.user_test[ 'preferred_username'] assert dictionary['keycloak_guid'] == TestJwtClaims.user_test['sub']
def test_create_user_add_membership_reenable(session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an admin can add a member.""" org = factory_org_model(org_info=TestOrgInfo.org_anonymous) user = factory_user_model() factory_membership_model(user.id, org.id) factory_product_model(org.id, product_code=ProductCode.DIR_SEARCH.value) claims = TestJwtClaims.get_test_real_user(user.keycloak_guid) patch_token_info(claims, monkeypatch) anon_member = TestAnonymousMembership.generate_random_user(USER) membership = [anon_member] users = UserService.create_user_and_add_membership(membership, org.id) user_name = IdpHint.BCROS.value + '/' + membership[0]['username'] assert len(users['users']) == 1 assert users['users'][0]['username'] == user_name assert users['users'][0]['type'] == Role.ANONYMOUS_USER.name members = MembershipModel.find_members_by_org_id(org.id) # staff didnt create members..so count is count of owner+other 1 member assert len(members) == 2 # assert cant be readded users = UserService.create_user_and_add_membership(membership, org.id) assert users['users'][0]['http_status'] == 409 assert users['users'][0]['error'] == 'The username is already taken' # deactivate everything and try again anon_user = UserModel.find_by_username(user_name) anon_user.status = Status.INACTIVE.value anon_user.save() membership_model = MembershipModel.find_membership_by_userid(anon_user.id) membership_model.status = Status.INACTIVE.value update_user_request = KeycloakUser() update_user_request.user_name = membership[0]['username'] update_user_request.enabled = False KeycloakService.update_user(update_user_request) org2 = factory_org_model(org_info=TestOrgInfo.org_anonymous_2, org_type_info={'code': 'BASIC'}) factory_membership_model(user.id, org2.id) factory_product_model(org2.id, product_code=ProductCode.DIR_SEARCH.value) users = UserService.create_user_and_add_membership(membership, org2.id) assert users['users'][0]['http_status'] == 409 assert users['users'][0]['error'] == 'The username is already taken' # add to same org.Should work users = UserService.create_user_and_add_membership(membership, org.id) assert len(users['users']) == 1 assert users['users'][0][ 'username'] == IdpHint.BCROS.value + '/' + membership[0]['username'] assert users['users'][0]['type'] == Role.ANONYMOUS_USER.name
def test_create_org_with_similar_name(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an Org with similar name can be created.""" user = factory_user_model() org = factory_org_service() patch_token_info({'sub': user.keycloak_guid}, monkeypatch) new_org = org.create_org({'name': 'My Test'}, user_id=user.id) dictionary = new_org.as_dict() assert dictionary['name'] == 'My Test'
def test_create_org_assert_payment_types(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an Org can be created.""" user = factory_user_model() patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) assert org dictionary = org.as_dict() assert dictionary['name'] == TestOrgInfo.org1['name'] assert dictionary.get('bcol_user_id', None) is None assert dictionary.get('bcol_user_name', None) is None assert dictionary.get('bcol_account_id', None) is None
def test_create_org_products(session, keycloak_mock, monkeypatch): """Assert that an Org with products can be created.""" user = factory_user_model() patch_token_info({'sub': user.keycloak_guid}, monkeypatch) with patch.object(ActivityLogPublisher, 'publish_activity', return_value=None) as mock_alp: org = OrgService.create_org(TestOrgInfo.org_with_products, user_id=user.id) mock_alp.assert_called_with(Activity(action=ActivityAction.ADD_PRODUCT_AND_SERVICE.value, org_id=ANY, value=ANY, id=ANY, name='Business Registry & Name Request')) assert org dictionary = org.as_dict() assert dictionary['name'] == TestOrgInfo.org_with_products['name']
def test_create_org_with_a_linked_bcol_details(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that org creation with an existing linked BCOL account fails.""" user = factory_user_model() patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.bcol_linked(), user_id=user.id) assert org # Create again with pytest.raises(BusinessException) as exception: OrgService.create_org(TestOrgInfo.bcol_linked(), user_id=user.id) assert exception.value.code == Error.BCOL_ACCOUNT_ALREADY_LINKED.name
def test_create_org_with_duplicate_name(session, monkeypatch): # pylint:disable=unused-argument """Assert that an Org with duplicate name cannot be created.""" user = factory_user_model() org = factory_org_service() factory_org_model(org_info=TestOrgInfo.org2, org_type_info=TestOrgTypeInfo.implicit) with pytest.raises(BusinessException) as exception: patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org.create_org(TestOrgInfo.org2, user_id=user.id) assert exception.value.code == Error.DATA_CONFLICT.name
def test_create_user_and_add_membership_admin_bulk_mode_unauthorised( session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that bulk operation cannot be performed by unauthorised users.""" org = factory_org_model(org_info=TestOrgInfo.org_anonymous) user = factory_user_model() factory_membership_model(user.id, org.id) membership = [TestAnonymousMembership.generate_random_user(USER)] with pytest.raises(HTTPException) as excinfo: patch_token_info(TestJwtClaims.public_user_role, monkeypatch) UserService.create_user_and_add_membership(membership, org.id) assert excinfo.value.code == 403
def test_create_from_jwt_token(session, monkeypatch): # pylint: disable=unused-argument """Assert User is created from the JWT fields.""" token = { 'preferred_username': '******', 'realm_access': { 'roles': ['edit', 'uma_authorization', 'basic'] }, 'sub': '1b20db59-19a0-4727-affe-c6f64309fd04' } patch_token_info(token, monkeypatch) u = User.create_from_jwt_token('fname', 'lname') assert u.id is not None
def test_add_contact_to_user_already_exists(session, monkeypatch): # pylint: disable=unused-argument """Assert that a contact cannot be added to a user that already has a contact.""" user_with_token = TestUserInfo.user_test user_with_token['keycloak_guid'] = TestJwtClaims.user_test['sub'] factory_user_model(user_info=user_with_token) patch_token_info(TestJwtClaims.user_test, monkeypatch) UserService.add_contact(TestContactInfo.contact1) with pytest.raises(BusinessException) as exception: UserService.add_contact(TestContactInfo.contact2) assert exception.value.code == Error.DATA_ALREADY_EXISTS.name
def test_reset_pass_code(app, session, monkeypatch): # pylint:disable=unused-argument """Assert that the new passcode in not the same as old passcode.""" entity_model = factory_entity_model( entity_info=TestEntityInfo.entity_passcode) entity = EntityService(entity_model) old_passcode = entity.pass_code patch_token_info(TestJwtClaims.user_test, monkeypatch) entity.reset_passcode(entity.business_identifier, '') new_passcode = entity.pass_code assert old_passcode != new_passcode
def test_check_auth_for_service_account_valid_with_business_id(session, monkeypatch): # pylint:disable=unused-argument """Assert that check_auth is working as expected.""" user = factory_user_model() org = factory_org_model() factory_membership_model(user.id, org.id) factory_product_model(org.id, product_code=ProductCode.BUSINESS.value) entity = factory_entity_model() factory_affiliation_model(entity.id, org.id) # Test for service account with CP corp type patch_token_info({'realm_access': {'roles': ['system']}, 'product_code': ProductCode.BUSINESS.value}, monkeypatch) check_auth(business_identifier=entity.business_identifier)
def test_create_affidavit(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an Affidavit can be created.""" user = factory_user_model() token_info = TestJwtClaims.get_test_real_user(user.keycloak_guid) patch_token_info(token_info, monkeypatch) affidavit_info = TestAffidavit.get_test_affidavit_with_contact() affidavit = AffidavitService.create_affidavit( affidavit_info=affidavit_info) assert affidavit assert affidavit.as_dict().get('status', None) == AffidavitStatus.PENDING.value
def test_find_affiliations_for_new_business(session, auth_mock, nr_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an Affiliation can be created.""" # Create 2 entities - 1 with type NR and another one TMP # Affiliate to an org # Get should return only 1 - TMP # Then delete one affiliation - TMP # Get should return only 1 - NR patch_token_info(TestJwtClaims.public_account_holder_user, monkeypatch) entity_service1 = factory_entity_service( entity_info=TestEntityInfo.name_request) entity_dictionary1 = entity_service1.as_dict() business_identifier1 = entity_dictionary1['business_identifier'] name1 = entity_dictionary1['name'] entity_service2 = factory_entity_service( entity_info=TestEntityInfo.tenp_business) entity_dictionary2 = entity_service2.as_dict() business_identifier2 = entity_dictionary2['business_identifier'] org_service = factory_org_service() org_dictionary = org_service.as_dict() org_id = org_dictionary['id'] # create NR affiliation AffiliationService.create_new_business_affiliation( org_id, business_identifier=business_identifier1, phone='1112223333') # create second row in affiliation table AffiliationService.create_affiliation(org_id, business_identifier2) affiliated_entities = AffiliationService.find_visible_affiliations_by_org_id( org_id) assert affiliated_entities assert len(affiliated_entities) == 1 assert affiliated_entities[0][ 'business_identifier'] == business_identifier2 assert affiliated_entities[0]['nr_number'] == business_identifier1 assert affiliated_entities[0]['name'] == name1 AffiliationService.delete_affiliation( org_id=org_id, business_identifier=business_identifier2, email_addresses=None) affiliated_entities = AffiliationService.find_visible_affiliations_by_org_id( org_id) assert affiliated_entities assert len(affiliated_entities) == 1 assert affiliated_entities[0][ 'business_identifier'] == business_identifier1
def test_reset_user_without_tester_role(session, auth_mock, monkeypatch): # pylint: disable=unused-argument """Assert that can not be reset data by the user doesn't have tester role.""" user_with_token = TestUserInfo.user_tester user_with_token['keycloak_guid'] = TestJwtClaims.tester_role['sub'] user = factory_user_model(user_info=user_with_token) org = factory_org_model(user_id=user.id) patch_token_info(TestJwtClaims.public_user_role, monkeypatch) response = ResetDataService.reset() assert response is None found_org = OrgService.find_by_org_id(org.id) assert found_org is not None
def test_create_org_with_linked_bcol_account(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an Org can be created.""" user = factory_user_model() patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.bcol_linked(), user_id=user.id) assert org dictionary = org.as_dict() assert dictionary['name'] == TestOrgInfo.bcol_linked()['name'] assert dictionary['org_type'] == OrgType.PREMIUM.value assert dictionary['bcol_user_id'] is not None assert dictionary['bcol_account_id'] is not None assert dictionary['bcol_account_name'] is not None
def test_update_invitation(session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Update the specified invitation with new data.""" with patch.object(InvitationService, 'send_invitation', return_value=None): user = factory_user_model(TestUserInfo.user_test) patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) org_dictionary = org.as_dict() invitation_info = factory_invitation(org_dictionary['id']) new_invitation = InvitationService.create_invitation( invitation_info, User(user), '') updated_invitation = new_invitation.update_invitation(User(user), '').as_dict() assert updated_invitation['status'] == 'PENDING'
def test_as_dict(session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that the Invitation is exported correctly as a dictionary.""" with patch.object(InvitationService, 'send_invitation', return_value=None): user = factory_user_model() patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) org_dictionary = org.as_dict() invitation_info = factory_invitation(org_dictionary['id']) invitation = InvitationService.create_invitation( invitation_info, User(user), '') invitation_dictionary = invitation.as_dict() assert invitation_dictionary['recipient_email'] == invitation_info[ 'recipientEmail']
def test_add_contact_to_user(session, monkeypatch): # pylint: disable=unused-argument """Assert that a contact can be added to a user.""" user_with_token = TestUserInfo.user_test user_with_token['keycloak_guid'] = TestJwtClaims.user_test['sub'] factory_user_model(user_info=user_with_token) patch_token_info(TestJwtClaims.user_test, monkeypatch) contact = UserService.add_contact(TestContactInfo.contact1).as_dict() assert contact['email'] == TestContactInfo.contact1['email'] assert contact['phone'] == TestContactInfo.contact1['phone'] assert contact['phone_extension'] == TestContactInfo.contact1[ 'phoneExtension']
def test_get_user_authorizations_for_entity(session, monkeypatch): # pylint:disable=unused-argument """Assert that user authorizations for entity is working.""" user = factory_user_model() org = factory_org_model() membership = factory_membership_model(user.id, org.id) entity = factory_entity_model() factory_affiliation_model(entity.id, org.id) patch_token_info( { 'sub': str(user.keycloak_guid), 'realm_access': { 'roles': ['basic'] } }, monkeypatch) authorization = Authorization.get_user_authorizations_for_entity( entity.business_identifier) assert authorization is not None assert authorization.get('orgMembership', None) == membership.membership_type_code # Test with invalid user patch_token_info( { 'sub': str(uuid.uuid4()), 'realm_access': { 'roles': ['basic'] } }, monkeypatch) authorization = Authorization.get_user_authorizations_for_entity( entity.business_identifier) assert authorization is not None assert authorization.get('orgMembership', None) is None # Test for passcode users with invalid username patch_token_info( { 'loginSource': 'PASSCODE', 'username': '******', 'realm_access': { 'roles': ['basic'] } }, monkeypatch) authorization = Authorization.get_user_authorizations_for_entity( entity.business_identifier) assert authorization is not None assert authorization.get('orgMembership', None) is None # Test for staff users patch_token_info({ 'loginSource': '', 'realm_access': { 'roles': ['staff'] } }, monkeypatch) authorization = Authorization.get_user_authorizations_for_entity( entity.business_identifier) assert authorization is not None assert authorization.get('orgMembership', None) is None
def test_create_org_by_bceid_user(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an Org can be created.""" user = factory_user_model_with_contact() token_info = TestJwtClaims.get_test_user(sub=user.keycloak_guid, source=LoginSource.BCEID.value) patch_token_info(token_info, monkeypatch) with patch.object(OrgService, 'send_staff_review_account_reminder', return_value=None) as mock_notify: org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) assert org dictionary = org.as_dict() assert dictionary['name'] == TestOrgInfo.org1['name'] assert dictionary['org_status'] == OrgStatus.PENDING_STAFF_REVIEW.value assert dictionary['access_type'] == AccessType.EXTRA_PROVINCIAL.value mock_notify.assert_called()
def test_delete_org_with_members_success(session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that an org can be deleted.""" user_with_token = TestUserInfo.user_test user_with_token['keycloak_guid'] = TestJwtClaims.public_user_role['sub'] user = factory_user_model(user_info=user_with_token) patch_token_info(TestJwtClaims.public_user_role, monkeypatch) org = OrgService.create_org(TestOrgInfo.org1, user.id) patch_pay_account_delete(monkeypatch) OrgService.delete_org(org.as_dict()['id']) org_inactive = OrgService.find_by_org_id(org.as_dict()['id']) assert org_inactive.as_dict()['org_status'] == 'INACTIVE'
def test_get_owner_count_two_owner_with_admins(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that count of owners is correct.""" user_with_token = TestUserInfo.user_test user_with_token['keycloak_guid'] = TestJwtClaims.public_user_role['sub'] user = factory_user_model(user_info=user_with_token) patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.org1, user.id) user2 = factory_user_model(user_info=TestUserInfo.user2) factory_membership_model(user2.id, org._model.id, member_type='COORDINATOR') user3 = factory_user_model(user_info=TestUserInfo.user3) factory_membership_model(user3.id, org._model.id, member_type='ADMIN') assert org.get_owner_count() == 2
def test_get_account_authorizations_for_product(session, monkeypatch): # pylint:disable=unused-argument """Assert that user authorizations for product is working.""" user = factory_user_model() org = factory_org_model() factory_membership_model(user.id, org.id) patch_token_info(TestJwtClaims.get_test_real_user(user.keycloak_guid), monkeypatch) authorization = Authorization.get_account_authorizations_for_product(org.id, 'PPR') assert authorization is not None assert len(authorization.get('roles')) == 0 # Now add some product subscription for the org patch_token_info(TestJwtClaims.get_test_real_user(user.keycloak_guid), monkeypatch) factory_product_model(org.id) authorization = Authorization.get_account_authorizations_for_product(org.id, 'PPR') assert authorization is not None assert len(authorization.get('roles')) > 0 # Create another org and assert that the roles are empty org = factory_org_model(org_info=TestOrgInfo.org2, org_type_info=TestOrgTypeInfo.implicit, org_status_info=None, payment_type_info=None) factory_membership_model(user.id, org.id) patch_token_info(TestJwtClaims.get_test_real_user(user.keycloak_guid), monkeypatch) authorization = Authorization.get_account_authorizations_for_product(org.id, 'PPR') assert authorization is not None assert len(authorization.get('roles')) == 0 factory_product_model(org.id) patch_token_info(TestJwtClaims.get_test_real_user(user.keycloak_guid), monkeypatch) authorization = Authorization.get_account_authorizations_for_product(org.id, 'PPR') assert authorization is not None assert len(authorization.get('roles')) > 0
def test_update_from_jwt_token_no_user(session, monkeypatch): # pylint:disable=unused-argument """Assert that a user is not updateable without a user (should return None).""" token = { 'preferred_username': '******', 'firstname': 'Bobby', 'lasname': 'Joe', 'realm_access': { 'roles': ['edit', 'uma_authorization', 'basic'] }, 'sub': '1b20db59-19a0-4727-affe-c6f64309fd04' } patch_token_info(token, monkeypatch) user = User.update_from_jwt_token(None, None, None) assert user is None
def test_create_user_and_add_membership_multiple_error_skip_auth_mode( session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that multiple user cannot be created in single_mode mode.""" org = factory_org_model(org_info=TestOrgInfo.org_anonymous) membership = [ TestAnonymousMembership.generate_random_user(USER), TestAnonymousMembership.generate_random_user(COORDINATOR) ] with pytest.raises(BusinessException) as exception: patch_token_info(TestJwtClaims.public_user_role, monkeypatch) UserService.create_user_and_add_membership(membership, org.id, single_mode=True) assert exception.value.code == Error.INVALID_USER_CREDENTIALS.name
def test_get_user_settings(client, jwt, session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that get works and adhere to schema.""" user_model = factory_user_model(user_info=TestUserInfo.user_test) contact = factory_contact_model() contact_link = ContactLinkModel() contact_link.contact = contact contact_link.user = user_model contact_link.commit() kc_id = user_model.keycloak_guid claims = copy.deepcopy(TestJwtClaims.updated_test.value) claims['sub'] = str(kc_id) patch_token_info(claims, monkeypatch) OrgService.create_org(TestOrgInfo.org_branch_name, user_id=user_model.id) # post token with updated claims headers = factory_auth_header(jwt=jwt, claims=claims) rv = client.get(f'/api/v1/users/{kc_id}/settings', headers=headers, content_type='application/json') item_list = rv.json account = next(obj for obj in item_list if obj['type'] == 'ACCOUNT') assert account['accountType'] == 'BASIC' assert account['additionalLabel'] == TestOrgInfo.org_branch_name.get( 'branchName') assert rv.status_code == http_status.HTTP_200_OK assert schema_utils.validate(item_list, 'user_settings_response')[0] assert account[ 'productSettings'] == f'/account/{account["id"]}/restricted-product' kc_id_no_user = TestUserInfo.user1.get('keycloak_guid') claims = copy.deepcopy(TestJwtClaims.updated_test.value) claims['sub'] = str(kc_id_no_user) patch_token_info(claims, monkeypatch) # post token with updated claims headers = factory_auth_header(jwt=jwt, claims=claims) rv = client.get(f'/api/v1/users/{kc_id_no_user}/settings', headers=headers, content_type='application/json') assert rv.status_code == http_status.HTTP_200_OK assert schema_utils.validate(item_list, 'user_settings_response')[0] item_list = rv.json account = next((obj for obj in item_list if obj['type'] == 'ACCOUNT'), None) assert account is None user_profile = next(obj for obj in item_list if obj['type'] == 'USER_PROFILE') assert '/userprofile' in user_profile.get('urlpath')
def test_put_basic_org_assert_pay_request_is_govm(session, keycloak_mock, staff_user_mock, monkeypatch): # pylint:disable=unused-argument """Assert that while org creation , pay-api gets called with proper data for basic accounts.""" user = factory_user_model() staff_token_info = TestJwtClaims.get_test_user( sub=user.keycloak_guid, source=LoginSource.STAFF.value, roles=['create_accounts']) user2 = factory_user_model(TestUserInfo.user2) public_token_info = TestJwtClaims.get_test_user( sub=user2.keycloak_guid, source=LoginSource.STAFF.value, roles=['gov_account_user']) patch_token_info(staff_token_info, monkeypatch) org: OrgService = OrgService.create_org(TestOrgInfo.org_govm, user_id=user.id) assert org with patch.object(RestService, 'put') as mock_post: payment_details = TestPaymentMethodInfo.get_payment_method_input_with_revenue( ) org_body = { 'mailingAddress': TestOrgInfo.get_mailing_address(), **payment_details } patch_token_info(public_token_info, monkeypatch) org = OrgService.update_org(org, org_body) assert org dictionary = org.as_dict() assert dictionary['name'] == TestOrgInfo.org_govm['name'] mock_post.assert_called() actual_data = mock_post.call_args.kwargs.get('data') expected_data = { 'accountId': dictionary.get('id'), 'accountName': dictionary.get('name') + '-' + dictionary.get('branch_name'), 'paymentInfo': { 'methodOfPayment': 'EJV', 'billable': False, 'revenueAccount': payment_details.get('paymentInfo').get('revenueAccount') }, 'contactInfo': TestOrgInfo.get_mailing_address() } assert expected_data == actual_data
def test_suspend_org(session, monkeypatch): # pylint:disable=unused-argument """Assert that an Org can be updated.""" org = factory_org_service() user = factory_user_model_with_contact() token_info = TestJwtClaims.get_test_user(sub=user.keycloak_guid, source=LoginSource.BCEID.value) patch_token_info(token_info, monkeypatch) updated_org = org.change_org_status(OrgStatus.SUSPENDED.value, SuspensionReasonCode.OWNER_CHANGE.name) assert updated_org.as_dict()['status_code'] == OrgStatus.SUSPENDED.value assert updated_org.as_dict()['suspension_reason_code'] == SuspensionReasonCode.OWNER_CHANGE.name updated_org = org.change_org_status(OrgStatus.ACTIVE.value, SuspensionReasonCode.DISPUTE.name) assert updated_org.as_dict()['status_code'] == OrgStatus.ACTIVE.value
def test_get_members(session, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Assert that members for an org can be retrieved.""" user_with_token = TestUserInfo.user_test user_with_token['keycloak_guid'] = TestJwtClaims.public_user_role['sub'] user = factory_user_model(user_info=user_with_token) patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.org1, user.id) org_dictionary = org.as_dict() patch_token_info(TestJwtClaims.public_user_role, monkeypatch) response = MembershipService.get_members_for_org(org_dictionary['id'], status='ACTIVE') assert response assert len(response) == 1 assert response[0].membership_type_code == 'ADMIN'