Example #1
0
def get_user_home_url(user):
    if accounts_helpers.is_officer(user):
        return '/dashboard/officer'
    elif accounts_helpers.is_assessor(user):
        return '/dashboard/tables/assessor'

    return '/dashboard/tables/customer'
Example #2
0
def get_user_home_url(user):
    if accounts_helpers.is_officer(user):
        return '/dashboard/officer'
    elif accounts_helpers.is_assessor(user):
        return '/dashboard/tables/assessor'

    return '/dashboard/tables/customer'
Example #3
0
 def setUp(self):
     self.customer = helpers.get_or_create_default_customer()
     self.assertTrue(is_customer(self.customer))
     self.officer = helpers.get_or_create_default_officer()
     self.assertTrue(is_officer(self.officer))
     self.assessor = helpers.get_or_create_default_assessor()
     self.assertTrue(is_assessor(self.assessor))
     self.client = helpers.SocialClient()
Example #4
0
 def test_create_default_assessor(self):
     user = get_or_create_default_assessor()
     self.assertIsNotNone(user)
     self.assertTrue(isinstance(user, EmailUser))
     self.assertEqual(TestData.DEFAULT_ASSESSOR['email'], user.email)
     self.assertTrue(accounts_helpers.is_assessor(user))
     # test that we can login
     self.client.login(user.email)
     is_client_authenticated(self.client)
Example #5
0
 def test_create_default_assessor(self):
     user = get_or_create_default_assessor()
     self.assertIsNotNone(user)
     self.assertTrue(isinstance(user, EmailUser))
     self.assertEqual(TestData.DEFAULT_ASSESSOR['email'], user.email)
     self.assertTrue(accounts_helpers.is_assessor(user))
     # test that we can login
     self.client.login(user.email)
     is_client_authenticated(self.client)
Example #6
0
    def get(self, *args, **kwargs):
        if self.request.user.is_authenticated():
            if is_officer(self.request.user):
                return redirect('wl_dashboard:tree_officer')
            elif is_assessor(self.request.user):
                return redirect('wl_dashboard:tables_assessor')

            return redirect('wl_dashboard:tables_customer')
        else:
            kwargs['form'] = LoginForm
            return super(DashBoardRoutingView, self).get(*args, **kwargs)
Example #7
0
    def get(self, *args, **kwargs):
        if self.request.user.is_authenticated():
            if is_officer(self.request.user):
                return redirect('wl_dashboard:tree_officer')
            elif is_assessor(self.request.user):
                return redirect('wl_dashboard:tables_assessor')

            return redirect('wl_dashboard:tables_customer')
        else:
            kwargs['form'] = LoginForm
            return super(DashBoardRoutingView, self).get(*args, **kwargs)
Example #8
0
 def test_func(self):
     """
     implementation of the UserPassesTestMixin test_func
     """
     user = self.request.user
     if not user.is_authenticated():
         return False
     if not is_assessor(user):
         return False
     assessment = self.get_assessment()
     return assessment is not None and assessment.assessor_group in get_user_assessor_groups(user)
Example #9
0
 def test_func(self):
     """
     implementation of the UserPassesTestMixin test_func
     """
     user = self.request.user
     if not user.is_authenticated():
         return False
     if is_officer(user) or is_assessor(user):
         return True
     application = self.get_application()
     if application is not None:
         return application.applicant == user and application.can_user_view
     else:
         return True
Example #10
0
 def test_func(self):
     """
     implementation of the UserPassesTestMixin test_func
     """
     user = self.request.user
     if not user.is_authenticated():
         self.raise_exception = False
         return False
     self.raise_exception = True
     if not is_assessor(user):
         return False
     assessment = self.get_assessment()
     return assessment is not None and assessment.assessor_group in get_user_assessor_groups(
         user)
Example #11
0
    def get(self, *args, **kwargs):
        if self.request.user.is_authenticated():
            if (not self.request.user.first_name) or (not self.request.user.last_name) or (not self.request.user.dob):
                messages.info(self.request, 'Welcome! As this is your first time using the website, please enter your full name and date of birth.')
                return redirect('wl_main:edit_account')

            if is_officer(self.request.user):
                return redirect('wl_dashboard:tree_officer')
            elif is_assessor(self.request.user):
                return redirect('wl_dashboard:tables_assessor')

            return redirect('wl_dashboard:tables_customer')
        else:
            kwargs['form'] = LoginForm
            return super(DashBoardRoutingView, self).get(*args, **kwargs)
Example #12
0
    def test_assessor_access_normal(self):
        """
        Test that an assessor can edit an assessment that belongs to their group
        """
        assessor = get_or_create_default_assessor()
        self.client.login(assessor.email)
        # This assessor doesn't belong to a group
        self.assertTrue(is_assessor(assessor))
        # add the assessor to the assessment group
        self.assertTrue(
            Assessment.objects.filter(
                application=self.application).count() > 0)
        for assessment in Assessment.objects.filter(
                application=self.application):
            add_assessor_to_assessor_group(assessor, assessment.assessor_group)

        # forbidden
        urls_get_forbidden = [
            reverse('wl_applications:enter_conditions',
                    args=[self.application.pk]),
        ]
        urls_post_forbidden = [
            {
                'url':
                reverse('wl_applications:create_condition',
                        args=[self.application.pk]),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url':
                reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url':
                reverse('wl_applications:enter_conditions',
                        args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        # Allowed
        urls_get_allowed = [
            reverse('wl_applications:search_conditions'),
            reverse('wl_applications:enter_conditions_assessor',
                    args=[self.application.pk, self.assessment.pk]),
        ]
        urls_post_allowed = [
            {
                'url':
                reverse('wl_applications:enter_conditions_assessor',
                        args=[self.application.pk, self.assessment.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        for url in urls_get_forbidden:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_assessor'),
                                     status_code=302,
                                     target_status_code=200)
        for url in urls_post_forbidden:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_assessor'),
                                     status_code=302,
                                     target_status_code=200)
        for url in urls_get_allowed:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)

        for url in urls_post_allowed:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(200, response.status_code)
Example #13
0
 def test_func(self):
     user = self.request.user
     return is_officer(user) or is_assessor(user)
Example #14
0
 def test_func(self):
     user = self.request.user
     return is_officer(user) or is_assessor(user)
Example #15
0
 def test_func(self):
     return is_assessor(self.request.user)
Example #16
0
    def test_assessor_access_normal(self):
        """
        Test that an assessor can edit an assessment that belongs to their group
        """
        assessor = get_or_create_default_assessor()
        self.client.login(assessor.email)
        # This assessor doesn't belong to a group
        self.assertTrue(is_assessor(assessor))
        # add the assessor to the assessment group
        self.assertTrue(Assessment.objects.filter(application=self.application).count() > 0)
        for assessment in Assessment.objects.filter(application=self.application):
            add_assessor_to_assessor_group(assessor, assessment.assessor_group)

        # forbidden
        urls_get_forbidden = [
            reverse('applications:enter_conditions', args=[self.application.pk]),
        ]
        urls_post_forbidden = [
            {
                'url': reverse('applications:create_condition'),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url': reverse('applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url': reverse('applications:submit_conditions', args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        # Allowed
        urls_get_allowed = [
            reverse('applications:search_conditions'),
            reverse('applications:enter_conditions_assessor', args=[self.application.pk, self.assessment.pk]),
        ]
        urls_post_allowed = [
            {
                'url': reverse('applications:submit_conditions_assessor',
                               args=[self.application.pk, self.assessment.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        for url in urls_get_forbidden:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_post_forbidden:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_get_allowed:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)

        for url in urls_post_allowed:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(200, response.status_code)
Example #17
0
    def test_assessor_access_limited(self):
        """
        Test that an assessor cannot edit an assessment that doesn't belong to their group
        All accessor can search conditions
        """
        assessor = get_or_create_default_assessor()
        self.client.login(assessor.email)
        # This assessor doesn't belong to a group
        self.assertTrue(is_assessor(assessor))
        self.assertFalse(get_user_assessor_groups(assessor))

        # forbidden
        urls_get_forbidden = [
            reverse('wl_applications:enter_conditions', args=[self.application.pk]),
            reverse('wl_applications:enter_conditions_assessor', args=[self.application.pk, self.assessment.pk]),
        ]
        urls_post_forbidden = [
            {
                'url': reverse('wl_applications:create_condition'),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url': reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:enter_conditions', args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
            {
                'url': reverse('wl_applications:enter_conditions_assessor',
                               args=[self.application.pk, self.assessment.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        # Allowed
        urls_get_allowed = [
            reverse('wl_applications:search_conditions')
        ]
        urls_post_allowed = [
        ]
        for url in urls_get_forbidden:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_post_forbidden:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_get_allowed:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)

        for url in urls_post_allowed:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(200, response.status_code)
Example #18
0
 def test_func(self):
     return is_assessor(self.request.user)