def data(): m = type("Models", (object, ), {}) m.registered_user = f.UserFactory.create() m.project_member_with_perms = f.UserFactory.create() m.project_member_without_perms = f.UserFactory.create() m.project_owner = f.UserFactory.create() m.other_user = f.UserFactory.create() m.public_project = f.ProjectFactory( is_private=False, anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)), public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)) + ["comment_epic"], owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex) m.public_project = attach_project_extra_info( Project.objects.all()).get(id=m.public_project.id) m.private_project1 = f.ProjectFactory( is_private=True, anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)), public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)), owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex) m.private_project1 = attach_project_extra_info( Project.objects.all()).get(id=m.private_project1.id) m.private_project2 = f.ProjectFactory(is_private=True, anon_permissions=[], public_permissions=[], owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex) m.private_project2 = attach_project_extra_info( Project.objects.all()).get(id=m.private_project2.id) m.blocked_project = f.ProjectFactory( is_private=True, anon_permissions=[], public_permissions=[], owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex, blocked_code=project_choices.BLOCKED_BY_STAFF) m.blocked_project = attach_project_extra_info( Project.objects.all()).get(id=m.blocked_project.id) m.public_membership = f.MembershipFactory(project=m.public_project, user=m.project_member_with_perms, role__project=m.public_project, role__permissions=list( map(lambda x: x[0], MEMBERS_PERMISSIONS))) m.private_membership1 = f.MembershipFactory( project=m.private_project1, user=m.project_member_with_perms, role__project=m.private_project1, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=m.private_project1, user=m.project_member_without_perms, role__project=m.private_project1, role__permissions=[]) m.private_membership2 = f.MembershipFactory( project=m.private_project2, user=m.project_member_with_perms, role__project=m.private_project2, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=m.private_project2, user=m.project_member_without_perms, role__project=m.private_project2, role__permissions=[]) m.blocked_membership = f.MembershipFactory( project=m.blocked_project, user=m.project_member_with_perms, role__project=m.blocked_project, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=m.blocked_project, user=m.project_member_without_perms, role__project=m.blocked_project, role__permissions=[]) f.MembershipFactory(project=m.public_project, user=m.project_owner, is_admin=True) f.MembershipFactory(project=m.private_project1, user=m.project_owner, is_admin=True) f.MembershipFactory(project=m.private_project2, user=m.project_owner, is_admin=True) f.MembershipFactory(project=m.blocked_project, user=m.project_owner, is_admin=True) m.public_epic = f.EpicFactory(project=m.public_project, status__project=m.public_project) m.public_epic = attach_epic_extra_info( Epic.objects.all()).get(id=m.public_epic.id) m.private_epic1 = f.EpicFactory(project=m.private_project1, status__project=m.private_project1) m.private_epic1 = attach_epic_extra_info( Epic.objects.all()).get(id=m.private_epic1.id) m.private_epic2 = f.EpicFactory(project=m.private_project2, status__project=m.private_project2) m.private_epic2 = attach_epic_extra_info( Epic.objects.all()).get(id=m.private_epic2.id) m.blocked_epic = f.EpicFactory(project=m.blocked_project, status__project=m.blocked_project) m.blocked_epic = attach_epic_extra_info( Epic.objects.all()).get(id=m.blocked_epic.id) m.public_us = f.UserStoryFactory(project=m.public_project) m.private_us1 = f.UserStoryFactory(project=m.private_project1) m.private_us2 = f.UserStoryFactory(project=m.private_project2) m.blocked_us = f.UserStoryFactory(project=m.blocked_project) m.public_related_us = f.RelatedUserStory(epic=m.public_epic, user_story=m.public_us) m.private_related_us1 = f.RelatedUserStory(epic=m.private_epic1, user_story=m.private_us1) m.private_related_us2 = f.RelatedUserStory(epic=m.private_epic2, user_story=m.private_us2) m.blocked_related_us = f.RelatedUserStory(epic=m.blocked_epic, user_story=m.blocked_us) m.public_project.default_epic_status = m.public_epic.status m.public_project.save() m.private_project1.default_epic_status = m.private_epic1.status m.private_project1.save() m.private_project2.default_epic_status = m.private_epic2.status m.private_project2.save() m.blocked_project.default_epic_status = m.blocked_epic.status m.blocked_project.save() return m
def data(): m = type("Models", (object,), {}) m.registered_user = f.UserFactory.create() m.project_member_with_perms = f.UserFactory.create() m.project_member_without_perms = f.UserFactory.create() m.project_owner = f.UserFactory.create() m.other_user = f.UserFactory.create() m.public_project = f.ProjectFactory(is_private=False, anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)), public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)) + ["comment_epic"], owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex) m.public_project = attach_project_extra_info(Project.objects.all()).get(id=m.public_project.id) m.private_project1 = f.ProjectFactory(is_private=True, anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)), public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)), owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex) m.private_project1 = attach_project_extra_info(Project.objects.all()).get(id=m.private_project1.id) m.private_project2 = f.ProjectFactory(is_private=True, anon_permissions=[], public_permissions=[], owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex) m.private_project2 = attach_project_extra_info(Project.objects.all()).get(id=m.private_project2.id) m.blocked_project = f.ProjectFactory(is_private=True, anon_permissions=[], public_permissions=[], owner=m.project_owner, epics_csv_uuid=uuid.uuid4().hex, blocked_code=project_choices.BLOCKED_BY_STAFF) m.blocked_project = attach_project_extra_info(Project.objects.all()).get(id=m.blocked_project.id) m.public_membership = f.MembershipFactory( project=m.public_project, user=m.project_member_with_perms, role__project=m.public_project, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) m.private_membership1 = f.MembershipFactory( project=m.private_project1, user=m.project_member_with_perms, role__project=m.private_project1, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory( project=m.private_project1, user=m.project_member_without_perms, role__project=m.private_project1, role__permissions=[]) m.private_membership2 = f.MembershipFactory( project=m.private_project2, user=m.project_member_with_perms, role__project=m.private_project2, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory( project=m.private_project2, user=m.project_member_without_perms, role__project=m.private_project2, role__permissions=[]) m.blocked_membership = f.MembershipFactory( project=m.blocked_project, user=m.project_member_with_perms, role__project=m.blocked_project, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=m.blocked_project, user=m.project_member_without_perms, role__project=m.blocked_project, role__permissions=[]) f.MembershipFactory(project=m.public_project, user=m.project_owner, is_admin=True) f.MembershipFactory(project=m.private_project1, user=m.project_owner, is_admin=True) f.MembershipFactory(project=m.private_project2, user=m.project_owner, is_admin=True) f.MembershipFactory(project=m.blocked_project, user=m.project_owner, is_admin=True) m.public_epic = f.EpicFactory(project=m.public_project, status__project=m.public_project) m.public_epic = attach_epic_extra_info(Epic.objects.all()).get(id=m.public_epic.id) m.private_epic1 = f.EpicFactory(project=m.private_project1, status__project=m.private_project1) m.private_epic1 = attach_epic_extra_info(Epic.objects.all()).get(id=m.private_epic1.id) m.private_epic2 = f.EpicFactory(project=m.private_project2, status__project=m.private_project2) m.private_epic2 = attach_epic_extra_info(Epic.objects.all()).get(id=m.private_epic2.id) m.blocked_epic = f.EpicFactory(project=m.blocked_project, status__project=m.blocked_project) m.blocked_epic = attach_epic_extra_info(Epic.objects.all()).get(id=m.blocked_epic.id) m.public_us = f.UserStoryFactory(project=m.public_project) m.private_us1 = f.UserStoryFactory(project=m.private_project1) m.private_us2 = f.UserStoryFactory(project=m.private_project2) m.blocked_us = f.UserStoryFactory(project=m.blocked_project) m.public_related_us = f.RelatedUserStory(epic=m.public_epic, user_story=m.public_us) m.private_related_us1 = f.RelatedUserStory(epic=m.private_epic1, user_story=m.private_us1) m.private_related_us2 = f.RelatedUserStory(epic=m.private_epic2, user_story=m.private_us2) m.blocked_related_us = f.RelatedUserStory(epic=m.blocked_epic, user_story=m.blocked_us) m.public_project.default_epic_status = m.public_epic.status m.public_project.save() m.private_project1.default_epic_status = m.private_epic1.status m.private_project1.save() m.private_project2.default_epic_status = m.private_epic2.status m.private_project2.save() m.blocked_project.default_epic_status = m.blocked_epic.status m.blocked_project.save() return m
def test_epic_put_update_with_project_change(client): user1 = f.UserFactory.create() user2 = f.UserFactory.create() user3 = f.UserFactory.create() user4 = f.UserFactory.create() project1 = f.ProjectFactory() project2 = f.ProjectFactory() epic_status1 = f.EpicStatusFactory.create(project=project1) epic_status2 = f.EpicStatusFactory.create(project=project2) project1.default_epic_status = epic_status1 project2.default_epic_status = epic_status2 project1.save() project2.save() project1 = attach_project_extra_info( Project.objects.all()).get(id=project1.id) project2 = attach_project_extra_info( Project.objects.all()).get(id=project2.id) f.MembershipFactory(project=project1, user=user1, role__project=project1, role__permissions=list( map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=project2, user=user1, role__project=project2, role__permissions=list( map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=project1, user=user2, role__project=project1, role__permissions=list( map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=project2, user=user3, role__project=project2, role__permissions=list( map(lambda x: x[0], MEMBERS_PERMISSIONS))) epic = f.EpicFactory.create(project=project1) epic = attach_epic_extra_info(Epic.objects.all()).get(id=epic.id) url = reverse('epics-detail', kwargs={"pk": epic.pk}) # Test user with permissions in both projects client.login(user1) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 200 epic.project = project1 epic.save() # Test user with permissions in only origin project client.login(user2) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 403 epic.project = project1 epic.save() # Test user with permissions in only destionation project client.login(user3) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 403 epic.project = project1 epic.save() # Test user without permissions in the projects client.login(user4) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 403 epic.project = project1 epic.save()
def test_epic_put_update_with_project_change(client): user1 = f.UserFactory.create() user2 = f.UserFactory.create() user3 = f.UserFactory.create() user4 = f.UserFactory.create() project1 = f.ProjectFactory() project2 = f.ProjectFactory() epic_status1 = f.EpicStatusFactory.create(project=project1) epic_status2 = f.EpicStatusFactory.create(project=project2) project1.default_epic_status = epic_status1 project2.default_epic_status = epic_status2 project1.save() project2.save() project1 = attach_project_extra_info(Project.objects.all()).get(id=project1.id) project2 = attach_project_extra_info(Project.objects.all()).get(id=project2.id) f.MembershipFactory(project=project1, user=user1, role__project=project1, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=project2, user=user1, role__project=project2, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=project1, user=user2, role__project=project1, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) f.MembershipFactory(project=project2, user=user3, role__project=project2, role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS))) epic = f.EpicFactory.create(project=project1) epic = attach_epic_extra_info(Epic.objects.all()).get(id=epic.id) url = reverse('epics-detail', kwargs={"pk": epic.pk}) # Test user with permissions in both projects client.login(user1) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 200 epic.project = project1 epic.save() # Test user with permissions in only origin project client.login(user2) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 403 epic.project = project1 epic.save() # Test user with permissions in only destionation project client.login(user3) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 403 epic.project = project1 epic.save() # Test user without permissions in the projects client.login(user4) epic_data = EpicSerializer(epic).data epic_data["project"] = project2.id epic_data = json.dumps(epic_data) response = client.put(url, data=epic_data, content_type="application/json") assert response.status_code == 403 epic.project = project1 epic.save()