def test_attempt_login_with_incomplete_data(self):
empty_data = {}
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(empty_data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
data_with_no_user = {'api_url': self.MDS_URL}
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(data_with_no_user),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
data_with_no_url = {
'username': self.MDS_USERNAME,
'password': self.MDS_PASSWORD,
}
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(data_with_no_url),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_attempt_login_with_incomplete_data(self):
empty_data = {}
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(empty_data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
data_with_no_user = {'api_url': self.MDS_URL}
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(data_with_no_user),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
data_with_no_url = {
'username': self.MDS_USERNAME,
'password': self.MDS_PASSWORD,
}
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(data_with_no_url),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
def get_response(self):
return self.client.post(
path=self.conditional_url,
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
def test_update(self):
show_if = factories.ShowIfFactory()
self.data = {
'page': show_if.page.pk,
'conditions':
{
'criteria_element': self.element.pk,
'node_type': 'EQUALS',
'value': 'foo'
}
}
response = self.client.put(
path=self.conditional_url + '/{id}'.format(id=show_if.pk),
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_200_OK)
body = json.loads(response.content)
assert_equals(body['page'], self.data['page'])
assert_true('conditions' in self.data)
assert_equals(body['conditions'], self.data['conditions'])
def test_attempt_push_to_mds_success_response(
self,
mock_post,
mock_protocol_generator,
):
mock_post.return_value = MockResponse(
status.HTTP_200_OK,
{},
)
mock_protocol_generator.return_value = self.TEST_PROCEDURE_XML
mds_instance = factories.MDSInstanceFactory(user_id=self.user.id)
procedure = factories.ProcedureFactory(
version=self.TEST_PROCEDURE_VERSION)
data = {'procedure_id': procedure.id}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
mock_protocol_generator.assert_called_with(self.user, procedure.id)
mock_post.assert_called_with(
mds_instance.api_url + 'push_protocol/',
data={
'procedure_xml': self.TEST_PROCEDURE_XML,
'procedure_version': self.TEST_PROCEDURE_VERSION,
},
)
assert_equals(response.status_code, status.HTTP_200_OK)
assert_equals(response.data, {
'mds_status_code': status.HTTP_200_OK,
})
def test_page_reorder_forward(self):
data = [
{"id": self.page1.id, "display_index": 0},
{"id": self.page2.id, "display_index": 2},
{"id": self.page3.id, "display_index": 1},
]
response_patch = self.client.patch(
path=self.partial_bulk_url,
data=json.dumps(data),
content_type="application/json",
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response_patch.status_code, status.HTTP_200_OK)
json_resp = json.loads(response_patch.content)
for page in json_resp:
if page["id"] == self.page1.id:
assert_equals(page["display_index"], 0)
elif page["id"] == self.page2.id:
assert_equals(page["display_index"], 2)
elif page["id"] == self.page3.id:
assert_equals(page["display_index"], 1)
else:
assert_true(False)
def test_attempt_login_to_mds_success_response(self, mock_post):
mock_post.return_value = MockResponse(
status.HTTP_200_OK,
{'api_key': self.MDS_API_KEY},
)
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(self.MDS_LOGIN_DATA),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
mock_post.assert_called_with(
self.MDS_URL + 'login/',
data={
'username': self.MDS_USERNAME,
'password': self.MDS_PASSWORD,
},
)
assert_equals(response.status_code, status.HTTP_200_OK)
assert_equals(response.data, {
'mds_status_code': status.HTTP_200_OK,
'mds_instance': {
'api_url': self.MDS_URL,
'api_key': self.MDS_API_KEY,
},
})
# Confirm MDS instance created
mds_instance = MDSInstance.objects.get(user=self.user)
assert_equals(mds_instance.user, self.user)
assert_equals(mds_instance.api_url, self.MDS_URL)
assert_equals(mds_instance.api_key, self.MDS_API_KEY)
def test_attempt_push_to_mds_success_response(
self,
mock_post,
mock_protocol_generator,
):
mock_post.return_value = MockResponse(
status.HTTP_200_OK,
{},
)
mock_protocol_generator.return_value = self.TEST_PROCEDURE_XML
mds_instance = factories.MDSInstanceFactory(user_id=self.user.id)
procedure = factories.ProcedureFactory(
version=self.TEST_PROCEDURE_VERSION
)
data = {'procedure_id': procedure.id}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
mock_protocol_generator.assert_called_with(self.user, procedure.id)
mock_post.assert_called_with(
mds_instance.api_url + 'push_protocol/',
data={
'procedure_xml': self.TEST_PROCEDURE_XML,
'procedure_version': self.TEST_PROCEDURE_VERSION,
},
)
assert_equals(response.status_code, status.HTTP_200_OK)
assert_equals(response.data, {
'mds_status_code': status.HTTP_200_OK,
})
def test_attempt_login_to_mds_success_response(self, mock_post):
mock_post.return_value = MockResponse(
status.HTTP_200_OK,
{'api_key': self.MDS_API_KEY},
)
response = self.client.post(
path=self.LOGIN_TO_MDS_URL,
data=json.dumps(self.MDS_LOGIN_DATA),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
mock_post.assert_called_with(
self.MDS_URL + 'login/',
data={
'username': self.MDS_USERNAME,
'password': self.MDS_PASSWORD,
},
)
assert_equals(response.status_code, status.HTTP_200_OK)
assert_equals(
response.data, {
'mds_status_code': status.HTTP_200_OK,
'mds_instance': {
'api_url': self.MDS_URL,
'api_key': self.MDS_API_KEY,
},
})
# Confirm MDS instance created
mds_instance = MDSInstance.objects.get(user=self.user)
assert_equals(mds_instance.user, self.user)
assert_equals(mds_instance.api_url, self.MDS_URL)
assert_equals(mds_instance.api_key, self.MDS_API_KEY)
def test_page_reorder_forward(self):
data = [{
'id': self.page1.id,
'display_index': 0
}, {
'id': self.page2.id,
'display_index': 2
}, {
'id': self.page3.id,
'display_index': 1
}]
response_patch = self.client.patch(
path=self.PARTIAL_BULK_URL,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token))
assert_equals(response_patch.status_code, status.HTTP_200_OK)
json_resp = json.loads(response_patch.content)
for page in json_resp:
if page['id'] == self.page1.id:
assert_equals(page['display_index'], 0)
elif page['id'] == self.page2.id:
assert_equals(page['display_index'], 2)
elif page['id'] == self.page3.id:
assert_equals(page['display_index'], 1)
else:
assert_true(False)
def test_page_reorder_blank_data(self):
response_patch = self.client.patch(
path=self.PARTIAL_BULK_URL,
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token))
assert_equals(response_patch.status_code, status.HTTP_400_BAD_REQUEST)
def test_attempt_push_to_mds_with_incomplete_data(self):
empty_data = {}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(empty_data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_attempt_push_to_mds_with_incomplete_data(self):
empty_data = {}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(empty_data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_attempt_push_to_mds_with_no_mds_instance(self):
procedure = factories.ProcedureFactory()
data = {'procedure_id': procedure.id}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_attempt_push_to_mds_with_no_mds_instance(self):
procedure = factories.ProcedureFactory()
data = {'procedure_id': procedure.id}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_exact_result(self):
response = self.client.get(
path=self.concept_url.format('NOT%20A%20NAME'),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token))
assert_equals(response.status_code, status.HTTP_200_OK)
body = json.loads(response.content)
assert_equals(len(body), 1)
def test_delete(self):
show_if = factories.ShowIfFactory()
response = self.client.delete(
path=self.conditional_url + '/{id}'.format(id=show_if.pk),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token))
assert_equals(response.status_code, status.HTTP_204_NO_CONTENT)
assert_equals(ShowIf.objects.count(), 0)
def test_exact_result(self):
response = self.client.get(
path=self.concept_url.format('NOT%20A%20NAME'),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_200_OK)
body = json.loads(response.content)
assert_equals(len(body), 1)
def test_page_reorder_blank_data(self):
data = []
response_patch = self.client.patch(
path=self.partial_bulk_url,
data=json.dumps(data),
content_type="application/json",
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response_patch.status, status.HTTP_400_BAD_REQUEST)
def test_missing_csv_parameter(self):
response = self.client.post(path=self.import_csv_url,
data={},
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
body = json.loads(response.content)
assert_true('success' in body)
assert_false(body['success'])
def test_missing_csv_parameter(self):
response = self.client.post(
path=self.import_csv_url,
data={},
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
body = json.loads(response.content)
assert_true('success' in body)
assert_false(body['success'])
def test_delete(self):
show_if = factories.ShowIfFactory()
response = self.client.delete(
path=self.conditional_url + '/{id}'.format(id=show_if.pk),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_204_NO_CONTENT)
assert_equals(ShowIf.objects.count(), 0)
def test_created_procedure_has_correct_owner(self):
response = self.client.post(path=self.procedure_url,
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_201_CREATED)
body = json.loads(response.content)
assert_true('owner' in body)
assert_equals(body['owner'], self.user.id)
def test_created_procedure_has_correct_owner(self):
response = self.client.post(
path=self.procedure_url,
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_201_CREATED)
body = json.loads(response.content)
assert_true('owner' in body)
assert_equals(body['owner'], self.user.id)
def test_invalid_csv(self):
concepts_file = open(os.path.join(os.path.dirname(__file__), 'fixtures/concepts_invalid.csv'))
response = self.client.post(
path=self.import_csv_url,
data={'csv': concepts_file},
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
body = json.loads(response.content)
assert_true('success' in body)
assert_false(body['success'])
def test_update_missing_field(self):
data = {
'id': self.user.id,
'username': '******',
'auth': str(self.token),
}
response = self.client.patch(path=self.url,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
assert_equals(User.objects.get(pk=self.user.id), self.user)
def test_invalid_csv(self):
concepts_file = open(
os.path.join(os.path.dirname(__file__),
'fixtures/concepts_invalid.csv'))
response = self.client.post(path=self.import_csv_url,
data={'csv': concepts_file},
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
body = json.loads(response.content)
assert_true('success' in body)
assert_false(body['success'])
def test_created_procedure_has_correct_owner(self):
user = factories.UserFactory()
response = self.client.post(
path=self.procedure_url,
data=json.dumps(self.data),
content_type="application/json",
HTTP_AUTHORIZATION=add_token_to_header(user, self.token),
)
assert_equals(response.status_code, status.HTTP_200_OK)
body = json.loads(response.content)
assert_true("owner" in body)
assert_equals(body["owner"], user.id)
def test_procedure_comes_with_pages(self):
procedure = factories.ProcedureFactory(owner=self.user)
factories.PageFactory(procedure=procedure)
flags = {'only_return_id': 'false'}
response = self.client.get(path=self.procedure_url,
data=flags,
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_200_OK)
body = json.loads(response.content)
pages = body[0]['pages']
assert_equals(len(pages), 1)
assert_true('display_index' in pages[0])
def test_update_missing_field(self):
data = {
'id': self.user.id,
'username': '******',
'auth': str(self.token),
}
response = self.client.patch(
path=self.url,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_400_BAD_REQUEST)
assert_equals(User.objects.get(pk=self.user.id), self.user)
def test_update_password(self):
data = {
'id': self.user.id,
'password': self.new_password,
'auth': str(self.token),
'current-password': self.current_password,
}
response = self.client.patch(
path=self.url,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_200_OK)
assert_false(self.user.check_password(self.new_password))
assert_true(User.objects.get(pk=self.user.id).check_password(self.new_password))
def test_update_password(self):
data = {
'id': self.user.id,
'password': self.new_password,
'auth': str(self.token),
'current-password': self.current_password,
}
response = self.client.patch(path=self.url,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_200_OK)
assert_false(self.user.check_password(self.new_password))
assert_true(
User.objects.get(pk=self.user.id).check_password(
self.new_password))
def test_procedure_comes_with_pages(self):
procedure = factories.ProcedureFactory(owner=self.user)
factories.PageFactory(procedure=procedure)
flags = {
'only_return_id': 'false'
}
response = self.client.get(
path=self.procedure_url,
data=flags,
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_200_OK)
body = json.loads(response.content)
pages = body[0]['pages']
assert_equals(len(pages), 1)
assert_true('display_index' in pages[0])
def test_concept_fields_are_present(self):
response = self.client.post(path=self.concept_url,
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_201_CREATED)
body = json.loads(response.content)
assert_equals(len(body['uuid']), 36)
assert_equals(body['name'], self.data['name'])
assert_equals(body['display_name'], self.data['display_name'])
assert_equals(body['description'], self.data['description'])
assert_equals(body['data_type'], self.data['data_type'])
assert_equals(body['mime_type'], self.data['mime_type'])
assert_equals(body['constraint'], self.data['constraint'])
concept = Concept.objects.get(pk=body['id'])
assert_equals(concept.name, self.data['name'])
def test_attempt_push_to_mds_unowned_procedure(self):
factories.MDSInstanceFactory(user_id=self.user.id)
other_user = User.objects.create_user(
username='******',
email='*****@*****.**',
password='******',
)
unowned_procedure = Procedure.objects.create(
author='test user',
title='Procedure I do not own',
owner=other_user,
)
data = {'procedure_id': unowned_procedure.id}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_403_FORBIDDEN)
def test_concept_fields_are_present(self):
response = self.client.post(
path=self.concept_url,
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_201_CREATED)
body = json.loads(response.content)
assert_equals(len(body['uuid']), 36)
assert_equals(body['name'], self.data['name'])
assert_equals(body['display_name'], self.data['display_name'])
assert_equals(body['description'], self.data['description'])
assert_equals(body['data_type'], self.data['data_type'])
assert_equals(body['mime_type'], self.data['mime_type'])
assert_equals(body['constraint'], self.data['constraint'])
concept = Concept.objects.get(pk=body['id'])
assert_equals(concept.name, self.data['name'])
def test_attempt_push_to_mds_unowned_procedure(self):
factories.MDSInstanceFactory(user_id=self.user.id)
other_user = User.objects.create_user(
username='******',
email='*****@*****.**',
password='******',
)
unowned_procedure = Procedure.objects.create(
author='test user',
title='Procedure I do not own',
owner=other_user,
)
data = {'procedure_id': unowned_procedure.id}
response = self.client.post(
path=self.PUSH_TO_MDS_URL,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token),
)
assert_equals(response.status_code, status.HTTP_403_FORBIDDEN)
def test_update_email(self):
data = {
'id': self.user.id,
'email': self.new_email,
'auth': str(self.token),
'current-password': self.current_password,
}
response = self.client.patch(
path=self.url,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token)
)
assert_equals(response.status_code, status.HTTP_200_OK)
assert_not_equals(self.user.email, self.new_email)
assert_equals(User.objects.get(pk=self.user.id).email, self.new_email)
json_response = json.loads(response.content)['user']
for key in ['is_superuser', 'first_name', 'last_name', 'username', 'email']:
assert_true(key in json_response)
def test_update_email(self):
data = {
'id': self.user.id,
'email': self.new_email,
'auth': str(self.token),
'current-password': self.current_password,
}
response = self.client.patch(path=self.url,
data=json.dumps(data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
assert_equals(response.status_code, status.HTTP_200_OK)
assert_not_equals(self.user.email, self.new_email)
assert_equals(User.objects.get(pk=self.user.id).email, self.new_email)
json_response = json.loads(response.content)['user']
for key in [
'is_superuser', 'first_name', 'last_name', 'username', 'email'
]:
assert_true(key in json_response)
def test_update(self):
show_if = factories.ShowIfFactory()
self.data = {
'page': show_if.page.pk,
'conditions': {
'criteria_element': self.element.pk,
'node_type': 'EQUALS',
'value': 'foo'
}
}
response = self.client.put(
path=self.conditional_url + '/{id}'.format(id=show_if.pk),
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(self.user, self.token))
assert_equals(response.status_code, status.HTTP_200_OK)
body = json.loads(response.content)
assert_equals(body['page'], self.data['page'])
assert_true('conditions' in self.data)
assert_equals(body['conditions'], self.data['conditions'])
def get_response(self):
return self.client.post(path=self.conditional_url,
data=json.dumps(self.data),
content_type='application/json',
HTTP_AUTHORIZATION=add_token_to_header(
self.user, self.token))
