def test_motion_db_queries():
"""
Tests that only the following db queries for chat groups are done:
* 1 request to get all chat groups
* 1 request to get all read groups
* 1 request to get all write groups
Tests that only the following db queries for chat messages are done:
* 1 request to fet all chat messages
* 1 request to get all chat groups
* 1 request to get all read groups
* 1 request to get all write groups
"""
group1 = get_group_model().objects.create(name="group1")
group2 = get_group_model().objects.create(name="group2")
group3 = get_group_model().objects.create(name="group3")
group4 = get_group_model().objects.create(name="group4")
for i1 in range(5):
chatgroup = ChatGroup.objects.create(name=f"motion{i1}")
chatgroup.read_groups.add(group1, group2)
chatgroup.write_groups.add(group3, group4)
for i2 in range(10):
ChatMessage.objects.create(
text=f"text-{i1}-{i2}",
username=f"user-{i1}-{i2}",
user_id=i1 * 1000 + i2,
chatgroup=chatgroup,
)
assert count_queries(ChatGroup.get_elements)() == 3
assert count_queries(ChatMessage.get_elements)() == 4
def setUp(self):
self.client = APIClient()
self.client.login(username="******", password="******")
self.admin = get_user_model().objects.get()
self.admin.groups.add(
GROUP_STAFF_PK
) # Put the admin in a groiup with limited permissions for testing.
self.admin.groups.remove(GROUP_ADMIN_PK)
inform_changed_data(self.admin)
self.group_in = get_group_model().objects.get(pk=GROUP_STAFF_PK)
self.group_out = get_group_model().objects.get(
pk=GROUP_DELEGATE_PK) # The admin should not be in this group
def test_patch_recommendation_extension(self):
group = get_group_model().objects.get(pk=GROUP_DELEGATE_PK)
group.permissions.clear()
group.permissions.add(
Permission.objects.get(
content_type__app_label="motions",
codename="can_see",
),
Permission.objects.get(
content_type__app_label="motions",
codename="can_manage_metadata",
),
)
group.save()
password = "******"
user = get_user_model().objects.create_user(
username="******",
password=password,
)
user.groups.add(group)
user.save()
self.client.login(username=user.username, password=password)
response = self.client.patch(
reverse("motion-detail", args=[self.motion.pk]),
{"recommendation_extension": "extension"},
)
self.assertEqual(response.status_code, status.HTTP_200_OK)
motion = Motion.objects.get()
self.assertEqual(motion.recommendation_extension, "extension")
def test_user_without_can_see_user_permission_to_see_motion_and_submitter_data(
self, ):
admin = get_user_model().objects.get(username="******")
Submitter.objects.add(admin, self.motion)
group = get_group_model().objects.get(
pk=GROUP_DEFAULT_PK
) # Group with pk 1 is for anonymous and default users.
permission_string = "users.can_see_name"
app_label, codename = permission_string.split(".")
permission = group.permissions.get(content_type__app_label=app_label,
codename=codename)
group.permissions.remove(permission)
config["general_system_enable_anonymous"] = True
guest_client = APIClient()
inform_changed_data(group)
inform_changed_data(self.motion)
response_1 = guest_client.get(
reverse("motion-detail", args=[self.motion.pk]))
self.assertEqual(response_1.status_code, status.HTTP_200_OK)
submitter_id = response_1.data["submitters"][0]["user_id"]
response_2 = guest_client.get(
reverse("user-detail", args=[submitter_id]))
self.assertEqual(response_2.status_code, status.HTTP_200_OK)
extra_user = get_user_model().objects.create_user(
username="******",
password="******",
)
response_3 = guest_client.get(
reverse("user-detail", args=[extra_user.pk]))
self.assertEqual(response_3.status_code, 404)
def setUp(self):
self.client = APIClient()
self.client.login(username="******", password="******")
self.admin = get_user_model().objects.get()
self.group_out = get_group_model().objects.get(
pk=GROUP_DELEGATE_PK
) # The admin should not be in this group
# Put the admin into the staff group, becaust in the admin group, he has all permissions for
# every single comment section.
self.admin.groups.add(GROUP_STAFF_PK)
self.admin.groups.remove(GROUP_ADMIN_PK)
inform_changed_data(self.admin)
self.group_in = get_group_model().objects.get(pk=GROUP_STAFF_PK)
self.motion = Motion(
title="test_title_SlqfMw(waso0saWMPqcZ",
text="test_text_f30skclqS9wWF=xdfaSL",
)
self.motion.save()
self.section_no_groups = MotionCommentSection(
name='test_name_gj4F§(fj"(edm"§F3f3fs'
)
self.section_no_groups.save()
self.section_read = MotionCommentSection(name="test_name_2wv30(d2S&kvelkakl39")
self.section_read.save()
self.section_read.read_groups.add(
self.group_in, self.group_out
) # Group out for testing multiple groups
self.section_read.write_groups.add(self.group_out)
self.section_read_write = MotionCommentSection(
name="test_name_a3m9sd0(Mw2%slkrv30,"
)
self.section_read_write.save()
self.section_read_write.read_groups.add(self.group_in)
self.section_read_write.write_groups.add(self.group_in)
def degrade_admin(self, can_manage_config=False, can_manage_logos_and_fonts=False):
admin = get_user_model().objects.get(username="******")
admin.groups.remove(GROUP_ADMIN_PK)
admin.groups.add(GROUP_DELEGATE_PK)
if can_manage_config or can_manage_logos_and_fonts:
delegate_group = get_group_model().objects.get(pk=GROUP_DELEGATE_PK)
if can_manage_config:
delegate_group.permissions.add(
Permission.objects.get(
content_type__app_label="core", codename="can_manage_config"
)
)
if can_manage_logos_and_fonts:
delegate_group.permissions.add(
Permission.objects.get(
content_type__app_label="core",
codename="can_manage_logos_and_fonts",
)
)
inform_changed_data(delegate_group)
inform_changed_data(admin)