Exemple #1
0
def test_for_user():
    user = UserFactory.create()
    portfolio = PortfolioFactory.create()
    for _x in range(4):
        ApplicationFactory.create(portfolio=portfolio)

    ApplicationRoleFactory.create(
        application=portfolio.applications[0],
        user=user,
        status=ApplicationRoleStatus.ACTIVE,
    )
    ApplicationRoleFactory.create(
        application=portfolio.applications[1],
        user=user,
        status=ApplicationRoleStatus.ACTIVE,
    )
    ApplicationRoleFactory.create(
        application=portfolio.applications[2],
        user=user,
        status=ApplicationRoleStatus.PENDING,
    )

    assert len(portfolio.applications) == 4
    user_applications = Applications.for_user(user, portfolio)
    assert len(user_applications) == 2
Exemple #2
0
def test_update_does_not_duplicate_names_within_portfolio():
    portfolio = PortfolioFactory.create()
    name = "An Awesome Application"
    application = ApplicationFactory.create(portfolio=portfolio, name=name)
    dupe_application = ApplicationFactory.create(portfolio=portfolio)

    with pytest.raises(AlreadyExistsError):
        Applications.update(dupe_application, {"name": name})
Exemple #3
0
def test_portfolio_audit_log_only_includes_current_portfolio_events():
    owner = UserFactory.create()
    portfolio = PortfolioFactory.create(owner=owner)
    other_portfolio = PortfolioFactory.create(owner=owner)
    # Add some audit events
    application_1 = ApplicationFactory.create(portfolio=portfolio)
    application_2 = ApplicationFactory.create(portfolio=other_portfolio)

    events = AuditLog.get_portfolio_events(portfolio)
    for event in events:
        assert event.portfolio_id == portfolio.id
        assert (not event.portfolio_id == other_portfolio.id
                or event.resource_id == other_portfolio.id)
Exemple #4
0
def test_invite():
    application = ApplicationFactory.create()
    env1 = EnvironmentFactory.create(application=application)
    env2 = EnvironmentFactory.create(application=application)
    user_data = UserFactory.dictionary()
    permission_sets_names = [PermissionSets.EDIT_APPLICATION_TEAM]

    invitation = Applications.invite(
        application=application,
        inviter=application.portfolio.owner,
        user_data=user_data,
        permission_sets_names=permission_sets_names,
        environment_roles_data=[
            {
                "environment_id": env1.id,
                "role": CSPRole.BASIC_ACCESS.value
            },
            {
                "environment_id": env2.id,
                "role": None
            },
        ],
    )

    member_role = invitation.role
    assert invitation.dod_id == user_data["dod_id"]
    # view application AND edit application team
    assert len(member_role.permission_sets) == 2

    env_roles = member_role.environment_roles
    assert len(env_roles) == 1
    assert env_roles[0].environment == env1
Exemple #5
0
def test_get_portfolio_events_includes_app_and_env_events():
    owner = UserFactory.create()
    # add portfolio level events
    portfolio = PortfolioFactory.create(owner=owner)
    portfolio_events = AuditLog.get_portfolio_events(portfolio)

    # add application level events
    application = ApplicationFactory.create(portfolio=portfolio)
    Applications.update(application, {"name": "Star Cruiser"})
    app_role = ApplicationRoleFactory.create(application=application)
    app_invite = ApplicationInvitationFactory.create(role=app_role)
    portfolio_and_app_events = AuditLog.get_portfolio_events(portfolio)
    assert len(portfolio_events) < len(portfolio_and_app_events)

    # add environment level events
    env = EnvironmentFactory.create(application=application)
    env_role = EnvironmentRoleFactory.create(environment=env, application_role=app_role)
    portfolio_app_and_env_events = AuditLog.get_portfolio_events(portfolio)
    assert len(portfolio_and_app_events) < len(portfolio_app_and_env_events)

    resource_types = [event.resource_type for event in portfolio_app_and_env_events]
    assert "application" in resource_types
    assert "application_role" in resource_types
    assert "application_invitation" in resource_types
    assert "environment" in resource_types
    assert "environment_role" in resource_types
Exemple #6
0
def test_create_environments():
    application = ApplicationFactory.create()
    environments = Environments.create_many(application.portfolio.owner,
                                            application,
                                            ["Staging", "Production"])
    for env in environments:
        assert env.cloud_id is None
Exemple #7
0
def test_get_members(client, session, user_session):
    application = ApplicationFactory.create()
    user_session(application.portfolio.owner)
    response = client.get(
        url_for("applications.view_new_application_step_3",
                application_id=application.id))
    assert response.status_code == 200
Exemple #8
0
def test_create_application_succeeds(mock_azure: AzureCloudProvider):
    application = ApplicationFactory.create()

    mock_management_group_create(mock_azure, {"id": "Test Id"})

    result = mock_azure._create_application(AUTH_CREDENTIALS, application)

    assert result.id == "Test Id"
Exemple #9
0
def test_get_application():
    app = ApplicationFactory.create()
    assert Applications.get(app.id) == app
    assert Applications.get(app.id, portfolio_id=app.portfolio_id) == app
    with pytest.raises(NotFoundError):
        # make the uuid a string like you'd get from a route
        rando_id = str(uuid4())
        Applications.get(app.id, portfolio_id=rando_id)
Exemple #10
0
def test_for_user_returns_portfolios_for_applications_user_invited_to():
    bob = UserFactory.create()
    portfolio = PortfolioFactory.create()
    application = ApplicationFactory.create(portfolio=portfolio)
    ApplicationRoleFactory.create(application=application,
                                  user=bob,
                                  status=ApplicationRoleStatus.ACTIVE)

    assert portfolio in Portfolios.for_user(user=bob)
Exemple #11
0
def test_delete_failure_with_applications():
    portfolio = PortfolioFactory.create()
    application = ApplicationFactory.create(portfolio=portfolio)

    assert not portfolio.deleted

    with pytest.raises(PortfolioDeletionApplicationsExistError):
        Portfolios.delete(portfolio=portfolio)

    assert not portfolio.deleted
Exemple #12
0
def test_audit_event_for_application_deletion(session):
    app = ApplicationFactory.create()
    app.deleted = True
    session.add(app)
    session.commit()

    update_event = (session.query(AuditEvent).filter(
        AuditEvent.resource_id == app.id, AuditEvent.action == "update").one())
    assert update_event.changed_state.get("deleted")
    assert update_event.changed_state["deleted"] == [False, True]
Exemple #13
0
def test_get_environments(client, user_session):
    application = ApplicationFactory.create()
    user_session(application.portfolio.owner)
    response = client.get(
        url_for(
            "applications.view_new_application_step_2",
            portfolio_id=application.portfolio.id,
            application_id=application.id,
        ))
    assert response.status_code == 200
Exemple #14
0
def test_deleted_application_roles_are_ignored(session):
    user = UserFactory.create()
    app = ApplicationFactory.create()
    app_role = ApplicationRoleFactory.create(user=user, application=app)
    assert len(user.application_roles) == 1

    app_role.deleted = True
    session.add(app_role)
    session.commit()

    assert len(user.application_roles) == 0
Exemple #15
0
def test_get_application_events():
    # add in some portfolio level events
    portfolio = PortfolioFactory.create()
    Portfolios.update(portfolio, {"name": "New Name"})
    # add app level events
    application = ApplicationFactory.create(portfolio=portfolio)
    Applications.update(application, {"name": "Star Cruiser"})
    app_role = ApplicationRoleFactory.create(application=application)
    app_invite = ApplicationInvitationFactory.create(role=app_role)
    env = EnvironmentFactory.create(application=application)
    env_role = EnvironmentRoleFactory.create(environment=env, application_role=app_role)
    # add rando app
    rando_app = ApplicationFactory.create(portfolio=portfolio)

    events = AuditLog.get_application_events(application)
    for event in events:
        assert event.application_id == application.id
        assert not event.application_id == rando_app.id

    resource_types = [event.resource_type for event in events]
    assert "portfolio" not in resource_types
Exemple #16
0
def test_application_members_excludes_deleted(session):
    app = ApplicationFactory.create()
    member_role = ApplicationRoleFactory.create(
        application=app, status=ApplicationRoleStatus.ACTIVE)
    disabled_role = ApplicationRoleFactory.create(
        application=app, status=ApplicationRoleStatus.DISABLED)
    disabled_role.deleted = True
    session.add(disabled_role)
    session.commit()

    assert len(app.members) == 1
    assert app.members[0].id == member_role.id
Exemple #17
0
def test_paginate_ws_audit_log():
    portfolio = PortfolioFactory.create()
    application = ApplicationFactory.create(portfolio=portfolio)
    for _ in range(100):
        AuditLog.log_system_event(
            resource=application, action="create", portfolio=portfolio
        )

    events = AuditLog.get_portfolio_events(
        portfolio, pagination_opts={"per_page": 25, "page": 2}
    )
    assert len(events) == 25
Exemple #18
0
def test_delete_portfolio_failure(no_debug_client, user_session):
    portfolio = PortfolioFactory.create()
    application = ApplicationFactory.create(portfolio=portfolio)
    owner = portfolio.owner
    user_session(owner)

    assert len(Portfolios.for_user(user=owner)) == 1

    response = no_debug_client.post(
        url_for("portfolios.delete_portfolio", portfolio_id=portfolio.id))

    assert response.status_code == 500
    assert len(Portfolios.for_user(user=owner)) == 1
Exemple #19
0
def test_post_member(monkeypatch, client, user_session, session):
    job_mock = Mock()
    monkeypatch.setattr("atst.jobs.send_mail.delay", job_mock)
    user = UserFactory.create()
    application = ApplicationFactory.create(environments=[{
        "name": "Naboo"
    }, {
        "name": "Endor"
    }])
    (env, env_1) = application.environments

    user_session(application.portfolio.owner)

    response = client.post(
        url_for("applications.create_member", application_id=application.id),
        data={
            "user_data-first_name": user.first_name,
            "user_data-last_name": user.last_name,
            "user_data-dod_id": user.dod_id,
            "user_data-email": user.email,
            "environment_roles-0-environment_id": env.id,
            "environment_roles-0-role": "Basic Access",
            "environment_roles-0-environment_name": env.name,
            "environment_roles-1-environment_id": env_1.id,
            "environment_roles-1-role": NO_ACCESS,
            "environment_roles-1-environment_name": env_1.name,
            "perms_env_mgmt": True,
            "perms_team_mgmt": True,
            "perms_del_env": True,
        },
    )

    assert response.status_code == 302
    expected_url = url_for(
        "applications.settings",
        application_id=application.id,
        fragment="application-members",
        _anchor="application-members",
        _external=True,
    )
    assert response.location == expected_url
    assert len(application.roles) == 1
    environment_roles = application.roles[0].environment_roles
    assert len(environment_roles) == 1
    assert environment_roles[0].environment == env

    invitation = (session.query(ApplicationInvitation).filter_by(
        dod_id=user.dod_id).one())
    assert invitation.role.application == application

    assert job_mock.called
Exemple #20
0
def test_get_name_and_description_form_for_update(client, user_session):
    name = "My Test Application"
    description = "This is the description of the test application."
    application = ApplicationFactory.create(name=name, description=description)
    user_session(application.portfolio.owner)
    response = client.get(
        url_for(
            "applications.view_new_application_step_1",
            portfolio_id=application.portfolio.id,
            application_id=application.id,
        ))
    assert response.status_code == 200
    assert name in response.data.decode()
    assert description in response.data.decode()
Exemple #21
0
def test_for_user_does_not_include_deleted_application_roles():
    user1 = UserFactory.create()
    user2 = UserFactory.create()
    portfolio = PortfolioFactory.create()
    app = ApplicationFactory.create(portfolio=portfolio)
    ApplicationRoleFactory.create(status=ApplicationRoleStatus.ACTIVE,
                                  user=user1,
                                  application=app)
    assert len(Portfolios.for_user(user1)) == 1
    ApplicationRoleFactory.create(status=ApplicationRoleStatus.ACTIVE,
                                  user=user2,
                                  application=app,
                                  deleted=True)
    assert len(Portfolios.for_user(user2)) == 0
Exemple #22
0
def test_post_name_and_description_for_update(client, session, user_session):
    application = ApplicationFactory.create()
    user_session(application.portfolio.owner)
    response = client.post(
        url_for(
            "applications.update_new_application_step_1",
            portfolio_id=application.portfolio.id,
            application_id=application.id,
        ),
        data={"name": "Test Application", "description": "This is only a test"},
    )
    assert response.status_code == 302

    session.refresh(application)
    assert application.name == "Test Application"
    assert application.description == "This is only a test"
Exemple #23
0
def test_post_environments(client, session, user_session):
    application = ApplicationFactory.create(environments=[])
    user_session(application.portfolio.owner)
    response = client.post(
        url_for(
            "applications.update_new_application_step_2",
            portfolio_id=application.portfolio.id,
            application_id=application.id,
        ),
        data={
            "environment_names-0": "development",
            "environment_names-1": "staging",
            "environment_names-2": "production",
        },
    )
    assert response.status_code == 302
    session.refresh(application)
    assert len(application.environments) == 3
Exemple #24
0
def test_post_name_and_description_enforces_unique_name(
        client, user_session, session):
    portfolio = PortfolioFactory.create()
    name = "Test Application"
    application = ApplicationFactory.create(portfolio=portfolio, name=name)
    user_session(portfolio.owner)

    session.begin_nested()
    response = client.post(
        url_for("applications.create_new_application_step_1",
                portfolio_id=portfolio.id),
        data={
            "name": name,
            "description": "This is only a test"
        },
    )
    session.rollback()

    assert response.status_code == 400
Exemple #25
0
def test_delete_application(session):
    app = ApplicationFactory.create()
    app_role = ApplicationRoleFactory.create(user=UserFactory.create(),
                                             application=app)
    env1 = EnvironmentFactory.create(application=app)
    env2 = EnvironmentFactory.create(application=app)
    assert not app.deleted
    assert not env1.deleted
    assert not env2.deleted
    assert not app_role.deleted

    Applications.delete(app)

    assert app.deleted
    assert env1.deleted
    assert env2.deleted
    assert app_role.deleted

    # changes are flushed
    assert not session.dirty
Exemple #26
0
def test_delete_environment(session):
    env = EnvironmentFactory.create(application=ApplicationFactory.create())
    env_role = EnvironmentRoleFactory.create(
        application_role=ApplicationRoleFactory.create(
            application=env.application),
        environment=env,
    )
    assert not env.deleted
    assert not env_role.deleted
    Environments.delete(env)
    assert env.deleted
    assert env_role.deleted
    # did not flush
    assert session.dirty

    Environments.delete(env, commit=True)
    assert env.deleted
    assert env_role.deleted
    # flushed the change
    assert not session.dirty
Exemple #27
0
def test_invite_to_nonexistent_environment():
    application = ApplicationFactory.create()
    env1 = EnvironmentFactory.create(application=application)
    user_data = UserFactory.dictionary()

    with pytest.raises(NotFoundError):
        Applications.invite(
            application=application,
            inviter=application.portfolio.owner,
            user_data=user_data,
            environment_roles_data=[
                {
                    "environment_id": env1.id,
                    "role": CSPRole.BASIC_ACCESS.value
                },
                {
                    "environment_id": uuid4(),
                    "role": CSPRole.BASIC_ACCESS.value
                },
            ],
        )
Exemple #28
0
def test_post_update_member(client, user_session):
    user = UserFactory.create()
    application = ApplicationFactory.create(environments=[{
        "name": "Naboo"
    }, {
        "name": "Endor"
    }])
    (env, env_1) = application.environments
    app_role = ApplicationRoleFactory(application=application)

    user_session(application.portfolio.owner)
    response = client.post(
        url_for(
            "applications.update_new_application_step_3",
            application_id=application.id,
            application_role_id=app_role.id,
        ),
        data={
            "environment_roles-0-environment_id": env.id,
            "environment_roles-0-role": "Basic Access",
            "environment_roles-0-environment_name": env.name,
            "environment_roles-1-environment_id": env_1.id,
            "environment_roles-1-role": NO_ACCESS,
            "environment_roles-1-environment_name": env_1.name,
            "perms_env_mgmt": True,
            "perms_team_mgmt": True,
            "perms_del_env": True,
        },
    )

    assert response.status_code == 302
    expected_url = url_for(
        "applications.view_new_application_step_3",
        application_id=application.id,
        _external=True,
    )
    assert response.location == expected_url
    assert len(application.roles) == 1
    assert len(app_role.environment_roles) == 1
    assert app_role.environment_roles[0].environment == env
Exemple #29
0
def test_get_excludes_deleted():
    app = ApplicationFactory.create(deleted=True)
    with pytest.raises(NotFoundError):
        Applications.get(app.id)
Exemple #30
0
def test_get_excludes_deleted():
    env = EnvironmentFactory.create(deleted=True,
                                    application=ApplicationFactory.create())
    with pytest.raises(NotFoundError):
        Environments.get(env.id)