def test_can_delete_ona_user(self):
self._create_user("to_delete")
ona_user_to_delete = OnaUser.get(OnaUser.username == 'to_delete')
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
self.request.method = 'GET'
self.request.user = ona_user.user
self.request.context = ona_user_to_delete
response = self.view.delete()
self.assertEqual(response.status_code, 302)
self.assertRaises(
NoResultFound,
OnaUser.get, OnaUser.user_id == ona_user_to_delete.user_id)
def setUp(self):
super(TestMunicipalityViews, self).setUp()
self.request = testing.DummyRequest()
self._create_user('municipality-manager')
with transaction.manager:
reporting_period = ReportingPeriod(
title='Period 1',
start_date=datetime.datetime(2015, 5, 1),
end_date=datetime.datetime(2015, 7, 31))
reporting_period.save()
municipality = Municipality(name="Brasillia")
DBSession.add(municipality)
for i in range(5):
clinic = Clinic(name="Clinic {}".format(i),
code="{}BCDE".format(i),
municipality=municipality)
DBSession.add(clinic)
self.request.user = OnaUser.get(
OnaUser.username == 'municipality-manager').user
self.view = MunicipalityViews(self.request)
def setUp(self):
super(TestStateViews, self).setUp()
self.request = testing.DummyRequest()
self._create_user('state-official')
with transaction.manager:
reporting_period = ReportingPeriod(
title='Period 1',
start_date=datetime.datetime(2015, 5, 1),
end_date=datetime.datetime(2015, 7, 31))
reporting_period.save()
state = State(name="Sao Paolo")
municipality1 = Municipality(name="Brasillia", parent=state)
municipality2 = Municipality(name="Brasil", parent=state)
DBSession.add_all([state, municipality1, municipality2])
for i in range(5):
clinic = Clinic(name="Clinic {}".format(i),
code="{}BCDE".format(i),
municipality=municipality1)
DBSession.add(clinic)
self.request.user = OnaUser.get(
OnaUser.username == 'state-official').user
self.view = StateViews(self.request)
def test_get_clinics(self):
self.setup_test_data()
user = OnaUser.get(OnaUser.username == 'manager_a').user
clinics = user.get_clinics()
self.assertEqual(len(clinics), 1)
self.assertEqual(clinics[0].name, "Clinic A")
def test_group_finder_returns_users_groups(self):
self.setup_test_data()
user = OnaUser.get(OnaUser.username == 'super').user
request = testing.DummyRequest()
groups = group_finder(user.id, request)
self.assertListEqual(sorted(groups), sorted(['su', 'u:1']))
def test_manager_can_list_clinics(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
self.config.testing_securitypolicy(
userid=ona_user.user.id,
permissive=True,
groupids=(groups.MUNICIPALITY_MANAGER, ))
has_permission = can_list_clinics(self.request)
self.assertTrue(has_permission)
def test_assign_to_user(self):
self.setup_test_data()
user = OnaUser.get(OnaUser.username == 'manager_a').user
clinic = Clinic.get(Clinic.name == "Clinic B")
clinic.assign_to(user)
user = DBSession.merge(user)
clinic = DBSession.merge(clinic)
self.assertEqual(clinic.user, user)
def test_ona_user_logout(self):
self.setup_test_data()
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
request = testing.DummyRequest()
request.context = ona_user.user
request.user = ona_user.user
response = logout(request)
self.assertIsInstance(response, HTTPFound)
self.assertEqual(response.location,
request.route_url('auth', action='login'))
def test_manage_clinics_view(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
self.request.method = 'GET'
self.request.user = ona_user.user
user_clinics = ona_user.user.location.clinics
response = self.clinic_views.manage_clinics()
self.assertEqual(response['clinics'], user_clinics)
def test_user_clinics_view_allows_none_role_user(self):
self.setup_test_data()
headers = self._login_user('none_role')
# get the none role user user
user = OnaUser.get(OnaUser.username == "none_role").user
url = self.request.route_path(
'users', traverse=(user.id, 'clinics'))
with HTTMock(get_edit_url_mock):
response = self.testapp.get(url, headers=headers)
self.assertEqual(response.status_code, 200)
def test_oauth_authorize_accepted(self):
state = 'a123f4'
code = 'f27299'
url = self.request.route_path('auth', action='callback')
with HTTMock(oauth_token_mock, oauth_users_mock):
response = self.testapp.get(url,
params={
'state': state,
'code': code
})
# test that user is gotten or created
OnaUser.get(OnaUser.username == 'user_one')
self.assertEqual(response.status_code, 302)
self.assertEqual(response.location, self.request.route_url('default'))
# check that we set the login header
self.assertIn('Set-Cookie', response.headers)
def test_user_clinics_view(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
self.request.context = ona_user.user
self.request.user = ona_user.user
response = self.user_views.clinics()
# we should only have Clinic A in the response
self.assertIsInstance(response['period'], ReportingPeriod)
self.assertEqual(len(response['locations']), 1)
self.assertEqual(response['locations'][0].name, "Clinic A")
def test_delete_clinics(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
user_clinics = ona_user.user.get_clinics()
clinic = user_clinics[0]
self.request.method = 'GET'
self.request.user = ona_user.user
self.request.context = clinic
response = self.clinic_views.delete()
self.assertEqual(response.status_code, 302)
self.assertRaises(NoResultFound, Clinic.get, Clinic.id == clinic.id)
def select_reporting_period(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
request = testing.DummyRequest()
request.context = ona_user.user
request.user = ona_user.user
user_views = UserViews(request)
with HTTMock(get_edit_url_mock):
response = user_views.select_reporting_period()
self.assertGreater(len(response['periods']), 0)
self.assertEquals(response['user'], ona_user.user)
def test_update_user_to_state_official(self):
self.setup_test_data()
self._create_state('Acre')
state = State.get(Municipality.name == 'Acre')
values = {'group': groups.STATE_OFFICIAL,
'state': state.id}
manager = OnaUser.get(OnaUser.username == 'manager_a')
manager.update(values)
self.assertEqual(manager.user.location, state)
def test_update_ona_user_location(self):
self.setup_test_data()
self._create_municipality('Brazlandia')
municipality = Municipality.get(Municipality.name == 'Brazlandia')
values = {'group': groups.MUNICIPALITY_MANAGER,
'municipality': municipality.id}
manager = OnaUser.get(OnaUser.username == 'manager_a')
manager.update(values)
self.assertEqual(manager.user.location, municipality)
def test_only_super_user_can_change_user_roles(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
url = self.request.route_url(
'admin', traverse=(ona_user.user.id, 'edit'))
headers = self._login_user('manager_b')
response = self.testapp.get(url, headers=headers, status=403)
# Clinic Manager cannot access Admin pages
self.assertEqual(response.status_code, 403)
# Super User can access admin view
headers = self._login_user('super')
response = self.testapp.get(url, headers=headers)
self.assertEqual(response.status_code, 200)
def test_can_delete_dashboard_user(self):
self._create_dash_user('dash_user', '1234', '*****@*****.**')
dashboard_user = UserProfile.get(UserProfile.username == 'dash_user')
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
self.request.method = 'GET'
self.request.user = ona_user.user
self.request.context = dashboard_user
response = self.view.delete()
self.assertEqual(response.status_code, 302)
self.assertRaises(
NoResultFound,
UserProfile.get,
OnaUser.user_id == dashboard_user.user_id)
def test_register_clinic_doesnt_save_clinics_with_same_codes(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
municipality = Municipality.get(Municipality.name == "Brazilia")
clinic = Clinic.get(Clinic.code == '1A2B')
params = MultiDict({
'municipality': "{}".format(municipality.id),
'name': "New Clinic Name",
'code': clinic.code
})
self.request.method = 'POST'
self.request.ona_user = ona_user
self.request.POST = params
self.clinic_views.register_clinic()
flash_error = self.request.session.pop_flash('error')[0]
self.assertTrue(flash_error.find("exists") != -1)
def test_can_edit_user_groups(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
user = ona_user.user
self.request.context = user
self.request.method = 'POST'
params = MultiDict({'group': groups.CLINIC_MANAGER,
'clinics': ['1'],
'municipality': '1',
'state': '2'})
self.request.POST = params
response = self.view.edit()
self.assertEqual(response.status_code, 302)
self.assertEqual(ona_user.user.group.name,
groups.CLINIC_MANAGER)
def test_can_register_new_clinic_users(self):
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
user = ona_user.user
old_user_count = User.count()
self.request.context = user
self.request.method = 'POST'
params = MultiDict({'email': "*****@*****.**",
'username': "******",
'password': {'password': '******',
'password-confirm': 'password'},
'group': groups.CLINIC_MANAGER,
'clinics': ['1']})
self.request.POST = params
response = self.view.register()
self.assertEqual(User.count(), old_user_count + 1)
self.assertEqual(response.status_code, 302)
def test_can_register_new_municipality_users(self):
self._create_municipality()
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
user = ona_user.user
old_user_count = User.count()
municipality = Municipality.newest()
self.request.context = user
self.request.method = 'POST'
params = MultiDict({'email': "*****@*****.**",
'username': "******",
'password': {'password': '******',
'password-confirm': 'password'},
'group': groups.MUNICIPALITY_MANAGER,
'municipality': "{}".format(municipality.id)})
self.request.POST = params
response = self.view.register()
self.assertEqual(User.count(), old_user_count + 1)
self.assertEqual(response.status_code, 302)
def test_can_register_new_state_users(self):
self._create_state()
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
user = ona_user.user
old_user_count = User.count()
state = State.newest()
self.request.context = user
self.request.method = 'POST'
params = MultiDict({'email': "*****@*****.**",
'username': "******",
'password': {'password': '******',
'password-confirm': 'password'},
'group': groups.STATE_OFFICIAL,
'state': "{}".format(state.id)})
self.request.POST = params
response = self.view.register()
self.assertEqual(User.count(), old_user_count + 1)
self.assertEqual(response.status_code, 302)
def setup_clinics():
# add a couple of clinics
state_params = {'name': "Acre"}
state = State.get_or_create(
State.name == state_params['name'],
**state_params)
municipality_params = {'name': 'Brasilia',
'parent': state}
municipality = Municipality.get_or_create(
Municipality.name == municipality_params['name'],
**municipality_params)
clinic_criteria = Clinic.name == "Clinic A"
clinic_params = {
"name": "Clinic A",
"code": "1A2B",
"municipality": municipality}
clinic_a = Clinic.get_or_create(
clinic_criteria,
**clinic_params)
clinic_a.save()
clinic_params = {
"name": "Clinic b",
"code": "1B2C",
"municipality": municipality}
clinic_b = Clinic.get_or_create(
clinic_criteria,
**clinic_params)
clinic_b.save()
user = OnaUser.get(OnaUser.username == 'admin').user
clinic_a.assign_to(user)
clinic_b.assign_to(user)
def test_user_can_view_clinics(self):
ona_user = OnaUser.get(OnaUser.username == 'john')
self.config.testing_securitypolicy(permissive=True,
userid=ona_user.user.id)
has_permission = can_view_clinics(self.request)
self.assertTrue(has_permission)
def setUp(self):
super(TestLocale, self).setUp()
self.setup_test_data()
self.request = testing.DummyRequest()
self.request.user = OnaUser.get(OnaUser.username == "super").user