def test_super_admin_can_suspend_then_unsuspend_simple_admin(
self, mocked_validate_csrf_token, app):
super_admin = users_factories.AdminFactory(
email="*****@*****.**")
admin = users_factories.AdminFactory(email="*****@*****.**")
client = TestClient(app.test_client()).with_session_auth(
super_admin.email)
# Suspend
url = f"/pc/back-office/admin_users/suspend?user_id={admin.id}"
suspend_response = client.post(url,
form={
"reason": "fraud",
"csrf_token": "token"
})
assert suspend_response.status_code == 302
assert not admin.isActive
# Unsuspend
url = f"/pc/back-office/admin_users/unsuspend?user_id={admin.id}"
unsuspend_response = client.post(url,
form={
"reason": "fraud",
"csrf_token": "token"
})
assert unsuspend_response.status_code == 302
assert admin.isActive
def test_simple_admin_can_not_unsuspend_simple_admin(
self, mocked_validate_csrf_token, app):
super_admin = users_factories.AdminFactory(
email="*****@*****.**")
admin_1 = users_factories.AdminFactory(email="*****@*****.**")
admin_2 = users_factories.AdminFactory(email="*****@*****.**")
super_admin_client = TestClient(app.test_client()).with_session_auth(
super_admin.email)
admin_1_client = TestClient(app.test_client()).with_session_auth(
admin_1.email)
# super_admin suspends admin_2
url = f"/pc/back-office/admin_users/suspend?user_id={admin_2.id}"
suspend_response = super_admin_client.post(url,
form={
"reason": "fraud",
"csrf_token": "token"
})
assert suspend_response.status_code == 302
assert not admin_2.isActive
# admin_1 tries to unsuspend admin_2 (and fails to)
url = f"/pc/back-office/admin_users/unsuspend?user_id={admin_2.id}"
unsuspend_response = admin_1_client.post(url,
form={
"reason": "fraud",
"csrf_token": "token"
})
assert unsuspend_response.status_code == 403
assert not admin_2.isActive
def test_validation_prod_requires_super_admin(self, client):
user = users_factories.UserFactory()
check = fraud_factories.BeneficiaryFraudCheckFactory(
user=user, type=fraud_models.FraudCheckType.JOUVE)
admin = users_factories.AdminFactory()
client.with_session_auth(admin.email)
with override_settings(IS_PROD=True,
SUPER_ADMIN_EMAIL_ADDRESSES=[admin.email]):
response = client.post(
f"/pc/back-office/support_beneficiary/validate/beneficiary/{user.id}",
form={
"user_id": user.id,
"reason": "User is granted",
"review": "OK"
},
)
assert response.status_code == 302
review = fraud_models.BeneficiaryFraudReview.query.filter_by(
user=user, author=admin).one_or_none()
assert review is not None
assert review.author == admin
assert user.has_beneficiary_role is True
jouve_content = fraud_models.JouveContent(**check.resultContent)
assert user.firstName == jouve_content.firstName
assert user.lastName == jouve_content.lastName
def test_validation_view_validate_user_from_dms_data_staging(self, client):
user = users_factories.UserFactory(dateOfBirth=datetime.utcnow() -
relativedelta(years=18, months=2))
check = fraud_factories.BeneficiaryFraudCheckFactory(
user=user, type=fraud_models.FraudCheckType.DMS)
admin = users_factories.AdminFactory()
client.with_session_auth(admin.email)
response = client.post(
f"/pc/back-office/support_beneficiary/validate/beneficiary/{user.id}",
form={
"user_id": user.id,
"reason": "User is granted",
"review": "OK"
},
)
assert response.status_code == 302
review = fraud_models.BeneficiaryFraudReview.query.filter_by(
user=user, author=admin).one()
assert review.review == fraud_models.FraudReviewStatus.OK
assert review.reason == "User is granted"
user = users_models.User.query.get(user.id)
assert user.has_beneficiary_role is True
assert len(user.deposits) == 1
dms_content = fraud_models.DMSContent(**check.resultContent)
assert user.firstName == dms_content.first_name
assert user.lastName == dms_content.last_name
assert user.idPieceNumber == dms_content.id_piece_number
def test_approve_last_pending_offer_and_go_to_the_next_offer_redirect_to_validation_page(
self, mocked_get_offerer_legal_category, mocked_validate_csrf_token, app
):
users_factories.AdminFactory(email="*****@*****.**")
venue = VenueFactory()
offerer = venue.managingOfferer
pro_user = users_factories.ProFactory(email="*****@*****.**")
offers_factories.UserOffererFactory(user=pro_user, offerer=offerer)
offer = offers_factories.OfferFactory(
validation=OfferValidationStatus.PENDING,
isActive=True,
venue__bookingEmail="*****@*****.**",
venue=venue,
)
mocked_get_offerer_legal_category.return_value = {
"legal_category_code": 5202,
"legal_category_label": "Société en nom collectif",
}
data = dict(validation=OfferValidationStatus.APPROVED.value, action="save-and-go-next")
client = TestClient(app.test_client()).with_session_auth("*****@*****.**")
response = client.post(f"/pc/back-office/validation/edit?id={offer.id}", form=data)
assert offer.validation == OfferValidationStatus.APPROVED
assert response.status_code == 302
assert response.headers["location"] == "http://localhost/pc/back-office/validation/"
def test_reject_approved_offer_with_bookings(
self,
mocked_send_cancel_booking_notification,
mocked_send_offer_validation_notification_to_administration,
mocked_send_offer_validation_status_update_email,
mocked_validate_csrf_token,
app,
):
users_factories.AdminFactory(email="*****@*****.**")
with freeze_time("2020-11-17 15:00:00") as frozen_time:
offer = offers_factories.OfferFactory(validation=OfferValidationStatus.APPROVED, isActive=True)
stock = offers_factories.StockFactory(offer=offer, price=10)
unused_booking = booking_factories.IndividualBookingFactory(stock=stock)
used_booking = booking_factories.UsedBookingFactory(stock=stock)
frozen_time.move_to("2020-12-20 15:00:00")
data = dict(validation=OfferValidationStatus.REJECTED.value)
client = TestClient(app.test_client()).with_session_auth("*****@*****.**")
response = client.post(f"/pc/back-office/offer/edit/?id={offer.id}", form=data)
assert response.status_code == 302
assert offer.validation == OfferValidationStatus.REJECTED
assert offer.lastValidationDate == datetime.datetime(2020, 12, 20, 15)
assert unused_booking.isCancelled
assert unused_booking.status is BookingStatus.CANCELLED
assert not used_booking.isCancelled
assert used_booking.status is not BookingStatus.CANCELLED
mocked_send_cancel_booking_notification.assert_called_once_with([unused_booking.id])
def test_reject_approved_offer(
self,
mocked_send_offer_validation_notification_to_administration,
mocked_send_offer_validation_status_update_email,
mocked_validate_csrf_token,
app,
):
users_factories.AdminFactory(email="*****@*****.**")
with freeze_time("2020-11-17 15:00:00") as frozen_time:
offer = offers_factories.OfferFactory(
validation=OfferValidationStatus.APPROVED, isActive=True, venue__bookingEmail="*****@*****.**"
)
frozen_time.move_to("2020-12-20 15:00:00")
data = dict(validation=OfferValidationStatus.REJECTED.value)
client = TestClient(app.test_client()).with_session_auth("*****@*****.**")
response = client.post(f"/pc/back-office/offer/edit/?id={offer.id}", form=data)
assert response.status_code == 302
assert offer.validation == OfferValidationStatus.REJECTED
assert offer.lastValidationDate == datetime.datetime(2020, 12, 20, 15)
mocked_send_offer_validation_notification_to_administration.assert_called_once_with(
OfferValidationStatus.REJECTED, offer
)
mocked_send_offer_validation_status_update_email.assert_called_once_with(
offer, OfferValidationStatus.REJECTED, ["*****@*****.**"]
)
def test_access_to_validation_page_with_super_admin_user_on_prod_env(self, app):
users_factories.AdminFactory(email="*****@*****.**")
client = TestClient(app.test_client()).with_session_auth("*****@*****.**")
response = client.get("/pc/back-office/validation/")
assert response.status_code == 200
def test_import_validation_config_fail_when_user_is_not_super_admin(self, mocked_validate_csrf_token, app):
# Given
users_factories.AdminFactory(email="*****@*****.**")
config_yaml = """
minimum_score: 0.6
parameters:
name:
model: "Offer"
attribute: "name"
condition:
operator: "not in"
comparated: "REJECTED"
factor: 0
price_all_types:
model: "Offer"
attribute: "max_price"
condition:
operator: ">"
comparated: 100
factor: 0.7
"""
data = dict(specs=config_yaml, action="save")
client = TestClient(app.test_client()).with_session_auth("*****@*****.**")
# When
response = client.post("pc/back-office/fraud_rules_configuration/new/", form=data)
# Then
assert response.status_code == 403
def test_approve_physical_offer_and_send_mail_to_venue_booking_email(
self,
mocked_send_offer_validation_status_update_email,
mocked_get_offerer_legal_category,
mocked_validate_csrf_token,
app,
):
# Given
users_factories.AdminFactory(email="*****@*****.**")
venue = VenueFactory(bookingEmail="*****@*****.**")
offer = offers_factories.OfferFactory(validation=OfferValidationStatus.PENDING, isActive=True, venue=venue)
mocked_get_offerer_legal_category.return_value = {
"legal_category_code": 5202,
"legal_category_label": "Société en nom collectif",
}
data = dict(validation=OfferValidationStatus.APPROVED.value, action="save-and-go-next")
client = TestClient(app.test_client()).with_session_auth("*****@*****.**")
# When
client.post(f"/pc/back-office/validation/edit?id={offer.id}", form=data)
# Then
mocked_send_offer_validation_status_update_email.assert_called_once_with(
offer, OfferValidationStatus.APPROVED, ["*****@*****.**"]
)
def test_get_eligible_users_created_between(self, app):
ELIGIBLE_CONDTIONS = {
"dateCreated": datetime.now(),
"postalCode": "93000",
"isBeneficiary": False,
}
# 19 yo
factories.UserFactory(dateOfBirth=datetime(1999, 1, 1), **ELIGIBLE_CONDTIONS)
user_just_18_in_eligible_area = factories.UserFactory(dateOfBirth=datetime(2000, 1, 1), **ELIGIBLE_CONDTIONS)
# User just 18 but in an ineligible area
factories.UserFactory(
dateOfBirth=datetime(2000, 1, 1),
dateCreated=datetime.now(),
postalCode="98712",
)
# Beneficiary
factories.BeneficiaryGrant18Factory(
dateOfBirth=datetime(2000, 1, 1),
dateCreated=datetime.now(),
postalCode="93000",
)
# Admin
factories.AdminFactory(dateOfBirth=datetime(2000, 1, 1), **ELIGIBLE_CONDTIONS)
# Pro
pro_user = factories.ProFactory(dateOfBirth=datetime(2000, 1, 1), **ELIGIBLE_CONDTIONS)
offers_factories.UserOffererFactory(user=pro_user)
# User not yet 18
factories.UserFactory(dateOfBirth=datetime(2000, 1, 2), **ELIGIBLE_CONDTIONS)
result = _get_eligible_users_created_between(
datetime.now() - timedelta(days=1), datetime.now() + timedelta(minutes=1)
)
assert {u.id for u in result} == {user_just_18_in_eligible_area.id}
def test_edit_product_gcu_compatibility(self, mocked_validate_csrf_token,
mocked_async_index_offer_ids, app,
db_session):
# Given
users_factories.AdminFactory(email="*****@*****.**")
offerer = offers_factories.OffererFactory()
product_1 = offers_factories.ThingProductFactory(
description="premier produit inapproprié",
extraData={"isbn": "isbn-de-test"})
venue = offers_factories.VenueFactory(managingOfferer=offerer)
offers_factories.OfferFactory(product=product_1, venue=venue)
offers_factories.OfferFactory(product=product_1, venue=venue)
# When
client = TestClient(
app.test_client()).with_session_auth("*****@*****.**")
response = client.post(
"/pc/back-office/many_offers_operations/product_gcu_compatibility?isbn=isbn-de-test"
)
# Then
assert response.status_code == 302
assert response.headers[
"location"] == "http://localhost/pc/back-office/many_offers_operations/"
products = Product.query.all()
offers = Offer.query.all()
first_product = products[0]
first_offer = offers[0]
second_offer = offers[1]
assert not first_product.isGcuCompatible
assert not first_offer.isActive
assert not second_offer.isActive
mocked_async_index_offer_ids.assert_called_once_with(
[offer.id for offer in offers])
def test_admin_user_creation(self, mocked_validate_csrf_token, app):
users_factories.AdminFactory(email="*****@*****.**")
data = dict(
email="*****@*****.**",
firstName="Powerfull",
lastName="Admin",
departementCode="76",
postalCode="76001",
)
client = TestClient(
app.test_client()).with_session_auth("*****@*****.**")
response = client.post("/pc/back-office/admin_users/new", form=data)
assert response.status_code == 302
user_created = User.query.filter_by(
email="*****@*****.**").one()
assert user_created.firstName == "Powerfull"
assert user_created.lastName == "Admin"
assert user_created.publicName == "Powerfull Admin"
assert user_created.dateOfBirth is None
assert user_created.departementCode == "76"
assert user_created.postalCode == "76001"
assert user_created.isAdmin is True
assert not user_created.has_beneficiary_role
assert user_created.has_admin_role
assert user_created.hasSeenProTutorials is True
assert user_created.needsToFillCulturalSurvey is False
token = Token.query.filter_by(userId=user_created.id).first()
assert token.type == TokenType.RESET_PASSWORD
assert token.expirationDate > datetime.now() + timedelta(hours=20)
def test_review_ko_does_not_activate_the_beneficiary(self, client):
user = users_factories.UserFactory()
fraud_factories.BeneficiaryFraudCheckFactory(
user=user, type=fraud_models.FraudCheckType.JOUVE)
admin = users_factories.AdminFactory()
client.with_session_auth(admin.email)
with override_settings(IS_PROD=True,
SUPER_ADMIN_EMAIL_ADDRESSES=[admin.email]):
response = client.post(
f"/pc/back-office/support_beneficiary/validate/beneficiary/{user.id}",
form={
"user_id": user.id,
"reason": "User is denied",
"review": "KO"
},
)
assert response.status_code == 302
review = fraud_models.BeneficiaryFraudReview.query.filter_by(
user=user, author=admin).one_or_none()
assert review is not None
assert review.author == admin
assert review.review == fraud_models.FraudReviewStatus.KO
assert user.has_beneficiary_role is False
assert subscription_models.SubscriptionMessage.query.count() == 1
message = subscription_models.SubscriptionMessage.query.first()
assert message.popOverIcon == subscription_models.PopOverIcon.ERROR
assert message.userMessage == "Ton dossier a été rejeté. Tu n'es malheureusement pas éligible au pass culture."
def test_admin_can_access_reimbursements_data_with_venue_filter(app, client):
# Given
beginning_date = date.today() - timedelta(days=2)
ending_date = date.today() + timedelta(days=2)
admin = users_factories.AdminFactory()
user_offerer = offers_factories.UserOffererFactory()
offerer = user_offerer.offerer
status = payments_factories.PaymentStatusFactory(
payment__booking__stock__offer__venue__managingOfferer=offerer,
status=TransactionStatus.SENT,
payment__transactionLabel=
"pass Culture Pro - remboursement 1ère quinzaine 06-21",
date=date.today(),
)
venue = status.payment.booking.venue
# When
admin_client = client.with_session_auth(admin.email)
response = admin_client.get(
"/reimbursements/csv?venueId={}&reimbursementPeriodBeginningDate={}&reimbursementPeriodEndingDate={}"
.format(humanize(venue.id), beginning_date.isoformat(),
ending_date.isoformat()))
# Then
assert response.status_code == 200
assert response.headers["Content-type"] == "text/csv; charset=utf-8;"
assert response.headers[
"Content-Disposition"] == "attachment; filename=remboursements_pass_culture.csv"
rows = response.data.decode("utf-8").splitlines()
assert len(rows) == 2 # header + payments
def when_add_allocine_stocks_provider_with_price_but_no_isDuo_config(
self, app):
# Given
venue = offer_factories.VenueFactory(
managingOfferer__siren="775671464")
user = user_factories.AdminFactory()
AllocinePivotFactory(siret=venue.siret)
provider = activate_provider("AllocineStocks")
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
"price": "9.99"
}
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
# When
response = auth_request.post("/venueProviders",
json=venue_provider_data)
# Then
assert response.status_code == 201
json = response.json
assert "_sa_polymorphic_on" not in json
venue_provider = VenueProvider.query.one()
assert json["venueId"] == humanize(venue_provider.venueId)
def when_add_allocine_stocks_provider_with_default_settings_at_import(
self, app):
# Given
venue = offer_factories.VenueFactory(
managingOfferer__siren="775671464")
user = user_factories.AdminFactory()
AllocinePivotFactory(siret=venue.siret)
provider = activate_provider("AllocineStocks")
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
"price": "9.99",
"quantity": 50,
"isDuo": True,
}
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
# When
response = auth_request.post("/venueProviders",
json=venue_provider_data)
# Then
assert response.status_code == 201
assert response.json["isDuo"]
assert response.json["price"] == 9.99
assert response.json["quantity"] == 50
def when_provider_api_not_available(self, mock_siret_can_be_synchronized,
app):
# Given
user = user_factories.AdminFactory()
venue = offer_factories.VenueFactory(siret="12345678912345")
provider = offerers_factories.APIProviderFactory()
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
}
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
errors = ApiErrors()
errors.status_code = 422
errors.add_error(
"provider",
"L’importation d’offres avec LesLibraires n’est pas disponible "
"pour le SIRET 12345678912345",
)
mock_siret_can_be_synchronized.side_effect = [errors]
# When
response = auth_request.post("/venueProviders",
json=venue_provider_data)
# Then
assert response.status_code == 422
assert response.json["provider"] == [
"L’importation d’offres avec LesLibraires n’est pas disponible pour le SIRET 12345678912345"
]
assert VenueProvider.query.count() == 0
def should_connect_to_allocine(
self,
app,
):
# Given
user = user_factories.AdminFactory()
venue = offer_factories.VenueFactory(siret="12345678912345")
AllocinePivotFactory(siret=venue.siret)
provider = activate_provider("AllocineStocks")
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
"price": "33.33"
}
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
# When
auth_request.post("/venueProviders", json=venue_provider_data)
# Then
assert len(venue.venueProviders) == 1
assert venue.venueProviders[0].provider == provider
def when_add_allocine_stocks_provider_with_no_price(self, app):
# Given
venue = offer_factories.VenueFactory(
managingOfferer__siren="775671464")
user = user_factories.AdminFactory()
AllocinePivotFactory(siret=venue.siret)
provider = activate_provider("AllocineStocks")
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
}
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
# When
response = auth_request.post("/venueProviders",
json=venue_provider_data)
# Then
assert response.status_code == 400
assert response.json["price"] == [
"Il est obligatoire de saisir un prix."
]
assert VenueProvider.query.count() == 0
def when_add_allocine_pivot_is_missing(self, app):
# Given
venue = offer_factories.VenueFactory(
managingOfferer__siren="775671464")
user = user_factories.AdminFactory()
provider = activate_provider("AllocineStocks")
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
}
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
# When
response = auth_request.post("/venueProviders",
json=venue_provider_data)
# Then
assert response.status_code == 404
assert response.json == {
"allocine": [
"Ce lieu n'est pas autorisé à être synchronisé avec Allociné. Veuillez contacter le support si vous souhaitez le faire."
]
}
assert VenueProvider.query.count() == 0
def test_when_add_same_provider(self, mock_siret_can_be_synchronized,
mock_synchronize_venue_provider, app):
# Given
user = user_factories.AdminFactory()
venue = offer_factories.VenueFactory(siret="12345678912345")
provider = offerers_factories.APIProviderFactory()
venue_provider = create_venue_provider(
venue, provider, venue_id_at_offer_provider="12345678912345")
repository.save(venue_provider)
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
}
mock_siret_can_be_synchronized.return_value = True
# When
response = auth_request.post("/venueProviders",
json=venue_provider_data)
# Then
assert response.status_code == 400
assert response.json == {
"global": ["Votre lieu est déjà lié à cette source"]
}
assert venue.venueProviders[0].provider.id == provider.id
def when_venue_provider_is_successfully_created(
self, mock_siret_can_be_synchronized,
mock_synchronize_venue_provider, app):
# Given
user = user_factories.AdminFactory()
venue = offer_factories.VenueFactory(siret="12345678912345")
provider = offerers_factories.APIProviderFactory()
venue_provider_data = {
"providerId": humanize(provider.id),
"venueId": humanize(venue.id),
}
mock_siret_can_be_synchronized.return_value = True
auth_request = TestClient(
app.test_client()).with_session_auth(email=user.email)
# When
response = auth_request.post("/venueProviders",
json=venue_provider_data)
# Then
assert response.status_code == 201
venue_provider = VenueProvider.query.one()
assert venue_provider.venueId == venue.id
assert venue_provider.providerId == provider.id
assert venue_provider.venueIdAtOfferProvider == "12345678912345"
assert "id" in response.json
venue_provider_id = response.json["id"]
mock_synchronize_venue_provider.assert_called_once_with(
dehumanize(venue_provider_id))
def test_beneficiary_user_edition_does_not_send_email(
self, mocked_validate_csrf_token, mocked_flask_flash, app):
users_factories.AdminFactory(email="*****@*****.**")
user_to_edit = users_factories.BeneficiaryGrant18Factory(
email="*****@*****.**", isAdmin=False)
data = dict(
email="*****@*****.**",
firstName=user_to_edit.firstName,
lastName=user_to_edit.lastName,
dateOfBirth=user_to_edit.dateOfBirth.isoformat(sep=" ",
timespec="seconds"),
departementCode=user_to_edit.departementCode,
postalCode="76000",
)
client = TestClient(
app.test_client()).with_session_auth("*****@*****.**")
response = client.post(
f"/pc/back-office/beneficiary_users/edit/?id={user_to_edit.id}",
form=data)
assert response.status_code == 302
user_edited = User.query.filter_by(
email="*****@*****.**").one_or_none()
assert user_edited is not None
assert len(push_testing.requests) == 1
mocked_flask_flash.assert_not_called()
assert not mails_testing.outbox
assert len(push_testing.requests) == 1
assert len(sendinblue_testing.sendinblue_requests) == 1
def test_beneficiary_user_creation_is_restricted_in_prod(
self, app, db_session):
users_factories.AdminFactory(email="*****@*****.**")
data = dict(
email="*****@*****.**",
firstName="Serge",
lastName="Lama",
dateOfBirth=f"{self.AGE18_ELIGIBLE_BIRTH_DATE:%Y-%m-%d %H:%M:%S}",
departementCode="93",
postalCode="93000",
)
client = TestClient(
app.test_client()).with_session_auth("*****@*****.**")
response = client.post("/pc/back-office/beneficiary_users/new",
form=data)
assert response.status_code == 302
filtered_users = User.query.filter_by(email="*****@*****.**").all()
deposits = Deposit.query.all()
assert len(filtered_users) == 0
assert len(deposits) == 0
assert len(push_testing.requests) == 0
def test_beneficiary_user_creation_for_deposit_v2(
self, mocked_validate_csrf_token, app):
users_factories.AdminFactory(email="*****@*****.**")
data = dict(
email="*****@*****.**",
firstName="Serge",
lastName="Lama",
dateOfBirth=f"{self.AGE18_ELIGIBLE_BIRTH_DATE:%Y-%m-%d %H:%M:%S}",
departementCode="93",
postalCode="93000",
phoneNumber="0601020304",
depositVersion="2",
)
client = TestClient(
app.test_client()).with_session_auth("*****@*****.**")
response = client.post("/pc/back-office/beneficiary_users/new",
form=data)
assert response.status_code == 302
user_created = User.query.filter_by(email="*****@*****.**").one()
assert len(user_created.deposits) == 1
assert user_created.deposit.version == 2
assert user_created.deposit.source == "pass-culture-admin"
assert user_created.deposit.amount == 300
assert push_testing.requests[0]["attribute_values"][
"u.credit"] == 30000
def test_access_to_validation_page_with_none_super_admin_user_on_prod_env(self, app):
users_factories.AdminFactory(email="*****@*****.**")
client = TestClient(app.test_client()).with_session_auth("*****@*****.**")
response = client.get("/pc/back-office/validation/")
assert response.status_code == 302
assert response.headers["location"] == "http://localhost/pc/back-office/"
def test_pro_user_creation(self, mocked_validate_csrf_token, app):
# Given
users_factories.AdminFactory(email="*****@*****.**")
offerers_factories.VirtualVenueTypeFactory()
data = dict(
email="*****@*****.**",
firstName="Juste",
lastName="Leblanc",
phoneNumber="0601020304",
dateOfBirth="2020-12-09 09:45:00",
departementCode="93",
postalCode="93000",
offererSiren="123654987",
offererName="Les films du plat pays",
offererPostalCode="93000",
offererCity="Nantes",
csrf_token="token",
)
# When
client = TestClient(
app.test_client()).with_session_auth("*****@*****.**")
# Then
response = client.post("/pc/back-office/pro_users/new", form=data)
assert response.status_code == 302
users_filtered = User.query.filter_by(email="*****@*****.**").all()
assert len(users_filtered) == 1
user_created = users_filtered[0]
assert user_created.firstName == "Juste"
assert user_created.lastName == "Leblanc"
assert user_created.publicName == "Juste Leblanc"
assert user_created.dateOfBirth == datetime(2020, 12, 9, 9, 45)
assert user_created.departementCode == "93"
assert user_created.postalCode == "93000"
assert not user_created.has_beneficiary_role
assert user_created.has_pro_role
assert len(user_created.deposits) == 0
offerers_filtered = Offerer.query.filter_by(siren="123654987").all()
assert len(offerers_filtered) == 1
offerer_created = offerers_filtered[0]
assert offerer_created.name == "Les films du plat pays"
assert offerer_created.postalCode == "93000"
assert offerer_created.city == "Nantes"
user_offerers_filtered = UserOfferer.query.filter(
and_(UserOfferer.userId == user_created.id,
UserOfferer.offererId == offerer_created.id)).all()
assert len(user_offerers_filtered) == 1
token = Token.query.filter_by(userId=user_created.id).first()
assert token.type == TokenType.RESET_PASSWORD
assert token.expirationDate > datetime.now() + timedelta(days=29)
assert token.expirationDate < datetime.now() + timedelta(days=31)
def test_detail_view(self, client):
admin = users_factories.AdminFactory(email="*****@*****.**")
user = users_factories.UserFactory()
fraud_factories.BeneficiaryFraudCheckFactory(user=user)
fraud_factories.BeneficiaryFraudResultFactory(user=user)
client.with_session_auth(admin.email)
response = client.get(
"/pc/back-office/support_beneficiary/?id={user.id}")
assert response.status_code == 200
def test_authorized_user(self, app, db_session, client):
admin = users_factories.AdminFactory(email="*****@*****.**")
client.with_session_auth(admin.email)
response = client.get("/pc/back-office/categories")
assert response.status_code == 200
assert any(c.id in response.data.decode("utf-8")
for c in categories.ALL_CATEGORIES)
