def test_create_entries(client):
user1 = factories.UserFactory()
storage11 = factories.StorageEntryFactory(owner=user1)
form = {"key": "foo",
"value": {"bar": "bar"}}
form_without_key = {"value": {"bar": "bar"}}
form_without_value = {"key": "foo"}
error_form = {"key": storage11.key,
"value": {"bar": "bar"}}
# Create entry by anonymous user
response = client.json.post(reverse("user-storage-list"), json.dumps(form))
assert response.status_code == 401
# Create by logged user
client.login(username=user1.username, password=user1.username)
response = client.json.post(reverse("user-storage-list"), json.dumps(form))
assert response.status_code == 201
response = client.json.get(reverse("user-storage-detail", args=[form["key"]]))
assert response.status_code == 200
# Wrong data
client.login(username=user1.username, password=user1.username)
response = client.json.post(reverse("user-storage-list"), json.dumps(form_without_key))
assert response.status_code == 400
response = client.json.post(reverse("user-storage-list"), json.dumps(form_without_value))
assert response.status_code == 400
response = client.json.post(reverse("user-storage-list"), json.dumps(error_form))
assert response.status_code == 400
def test_invalid_concurrent_save_for_us(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
f.UserStoryFactory.create(version=10, project=project)
client.login(user)
mock_path = "tina.projects.userstories.api.UserStoryViewSet.pre_conditions_on_save"
with patch(mock_path):
url = reverse("userstories-list")
data = {
"subject": "test",
"project": project.id,
"status": f.UserStoryStatusFactory.create(project=project).id
}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201
userstory_id = response.data["id"]
url = reverse("userstories-detail", args=(userstory_id, ))
data = {"version": 1, "subject": "test 1"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 200
data = {"version": 1, "subject": "test 2"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 400
def test_valid_concurrent_save_for_task_different_fields(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
client.login(user)
mock_path = "tina.projects.tasks.api.TaskViewSet.pre_conditions_on_save"
with patch(mock_path):
url = reverse("tasks-list")
data = {
"subject": "test",
"project": project.id,
"status": f.TaskStatusFactory.create(project=project).id
}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201
task_id = response.data["id"]
url = reverse("tasks-detail", args=(task_id, ))
data = {"version": 1, "subject": "test 1"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 200
data = {"version": 1, "description": "test 2"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 200
def test_api_user_story_add_new_tags_with_error(client):
project = f.ProjectFactory.create()
user_story = f.create_userstory(project=project, status__project=project)
f.MembershipFactory.create(project=project, user=user_story.owner, is_admin=True)
url = reverse("userstories-detail", kwargs={"pk": user_story.pk})
data = {
"tags": [],
"version": user_story.version
}
client.login(user_story.owner)
data["tags"] = [1]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [["back"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [["back", "#cccc"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
data["tags"] = [[1, "#ccc"]]
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
assert "tags" in response.data
def test_update_entries(client):
user1 = factories.UserFactory()
storage11 = factories.StorageEntryFactory(owner=user1)
# Update by anonymous user
form = {"value": "bar", "key": storage11.key}
response = client.json.put(reverse("user-storage-detail", args=[storage11.key]),
json.dumps(form))
assert response.status_code == 401
# Update by logged user
client.login(username=user1.username, password=user1.username)
form = {"value": {"bar": "bar"}, "key": storage11.key}
response = client.json.put(reverse("user-storage-detail", args=[storage11.key]),
json.dumps(form))
assert response.status_code == 200
response = client.json.get(reverse("user-storage-detail", args=[storage11.key]))
assert response.status_code == 200
assert response.data["value"] == form["value"]
# Update not existing entry
form = {"value": {"bar": "bar"}, "key": "foo"}
response = client.json.get(reverse("user-storage-detail", args=[form["key"]]))
assert response.status_code == 404
response = client.json.put(reverse("user-storage-detail", args=[form["key"]]),
json.dumps(form))
assert response.status_code == 404
def test_user_story_patch_comment(client, data):
public_url = reverse('userstories-detail', kwargs={"pk": data.public_user_story.pk})
private_url1 = reverse('userstories-detail', kwargs={"pk": data.private_user_story1.pk})
private_url2 = reverse('userstories-detail', kwargs={"pk": data.private_user_story2.pk})
blocked_url = reverse('userstories-detail', kwargs={"pk": data.blocked_user_story.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
patch_data = json.dumps({"comment": "test comment", "version": data.public_user_story.version})
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
assert results == [401, 200, 200, 200, 200]
patch_data = json.dumps({"comment": "test comment", "version": data.private_user_story1.version})
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"comment": "test comment", "version": data.private_user_story2.version})
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"comment": "test comment", "version": data.blocked_user_story.version})
results = helper_test_http_method(client, 'patch', blocked_url, patch_data, users)
assert results == [401, 403, 403, 451, 451]
def test_issue_custom_attributes_values_patch(client, data):
public_url = reverse('issue-custom-attributes-values-detail', kwargs={"issue_id": data.public_issue.pk})
private_url1 = reverse('issue-custom-attributes-values-detail', kwargs={"issue_id": data.private_issue1.pk})
private_url2 = reverse('issue-custom-attributes-values-detail', kwargs={"issue_id": data.private_issue2.pk})
blocked_url = reverse('issue-custom-attributes-values-detail', kwargs={"issue_id": data.blocked_issue.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
patch_data = json.dumps({"attributes_values": {str(data.public_issue_ca.pk): "test"},
"version": data.public_issue.version})
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"attributes_values": {str(data.private_issue_ca1.pk): "test"},
"version": data.private_issue1.version})
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"attributes_values": {str(data.private_issue_ca2.pk): "test"},
"version": data.private_issue2.version})
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"attributes_values": {str(data.blocked_issue_ca.pk): "test"},
"version": data.blocked_issue.version})
results = helper_test_http_method(client, 'patch', blocked_url, patch_data, users)
assert results == [401, 403, 403, 451, 451]
def test_user_story_create(client, data):
url = reverse('userstories-list')
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
create_data = json.dumps({"subject": "test", "ref": 1, "project": data.public_project.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({"subject": "test", "ref": 2, "project": data.private_project1.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({"subject": "test", "ref": 3, "project": data.private_project2.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({"subject": "test", "ref": 4, "project": data.blocked_project.pk})
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 451, 451]
def test_project_update(client, data):
url = reverse('projects-detail', kwargs={"pk": data.private_project2.pk})
blocked_url = reverse('projects-detail',
kwargs={"pk": data.blocked_project.pk})
users = [
None, data.registered_user, data.project_member_with_perms,
data.project_owner
]
project_data = ProjectSerializer(data.private_project2).data
# Because in serializer is a dict anin model is a list of lists
project_data["tags_colors"] = list(
map(list, project_data["tags_colors"].items()))
project_data["is_private"] = False
results = helper_test_http_method(client, 'put', url,
json.dumps(project_data), users)
assert results == [401, 403, 403, 200]
project_data = ProjectSerializer(data.blocked_project).data
# Because in serializer is a dict anin model is a list of lists
project_data["tags_colors"] = list(
map(list, project_data["tags_colors"].items()))
project_data["is_private"] = False
results = helper_test_http_method(client, 'put', blocked_url,
json.dumps(project_data), users)
assert results == [401, 403, 403, 451]
def test_webhook_update(client, data):
url1 = reverse('webhooks-detail', kwargs={"pk": data.webhook1.pk})
url2 = reverse('webhooks-detail', kwargs={"pk": data.webhook2.pk})
blocked_url = reverse('webhooks-detail',
kwargs={"pk": data.blocked_webhook.pk})
users = [None, data.registered_user, data.project_owner]
webhook_data = WebhookSerializer(data.webhook1).data
webhook_data["key"] = "test"
webhook_data = json.dumps(webhook_data)
results = helper_test_http_method(client, 'put', url1, webhook_data, users)
assert results == [401, 403, 200]
webhook_data = WebhookSerializer(data.webhook2).data
webhook_data["key"] = "test"
webhook_data = json.dumps(webhook_data)
results = helper_test_http_method(client, 'put', url2, webhook_data, users)
assert results == [401, 403, 403]
webhook_data = WebhookSerializer(data.blocked_webhook).data
webhook_data["key"] = "test"
webhook_data = json.dumps(webhook_data)
results = helper_test_http_method(client, 'put', blocked_url, webhook_data,
users)
assert results == [401, 403, 451]
def test_webhook_create(client, data):
url = reverse('webhooks-list')
users = [None, data.registered_user, data.project_owner]
create_data = json.dumps({
"name": "Test",
"url": "http://test.com",
"key": "test",
"project": data.project1.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users,
lambda: Webhook.objects.all().delete())
assert results == [401, 403, 201]
create_data = json.dumps({
"name": "Test",
"url": "http://test.com",
"key": "test",
"project": data.project2.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users,
lambda: Webhook.objects.all().delete())
assert results == [401, 403, 403]
create_data = json.dumps({
"name": "Test",
"url": "http://test.com",
"key": "test",
"project": data.blocked_project.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users,
lambda: Webhook.objects.all().delete())
assert results == [401, 403, 451]
def test_create_memberhips_throttling(client, settings):
settings.REST_FRAMEWORK["DEFAULT_THROTTLE_RATES"][
"create-memberships"] = "1/minute"
membership = f.MembershipFactory(is_admin=True)
role = f.RoleFactory.create(project=membership.project)
user = f.UserFactory.create()
user2 = f.UserFactory.create()
client.login(membership.user)
url = reverse("memberships-list")
data = {
"role": role.pk,
"project": role.project.pk,
"username": user.email
}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201
assert response.data["user_email"] == user.email
data = {
"role": role.pk,
"project": role.project.pk,
"username": user2.email
}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 429
settings.REST_FRAMEWORK["DEFAULT_THROTTLE_RATES"][
"create-memberships"] = None
def test_task_custom_attribute_action_bulk_update_order(client, data):
url = reverse('task-custom-attributes-bulk-update-order')
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
post_data = json.dumps({
"bulk_task_custom_attributes": [(1, 2)],
"project": data.public_project.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 403, 204]
post_data = json.dumps({
"bulk_task_custom_attributes": [(1, 2)],
"project": data.private_project1.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 403, 204]
post_data = json.dumps({
"bulk_task_custom_attributes": [(1, 2)],
"project": data.private_project2.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 403, 204]
post_data = json.dumps({
"bulk_task_custom_attributes": [(1, 2)],
"project": data.blocked_project.pk
})
results = helper_test_http_method(client, 'post', url, post_data, users)
assert results == [401, 403, 403, 403, 451]
def test_epic_action_bulk_create(client, data):
url = reverse('epics-bulk-create')
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
bulk_data = json.dumps({
"bulk_epics": "test1\ntest2",
"project_id": data.public_epic.project.pk,
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({
"bulk_epics": "test1\ntest2",
"project_id": data.private_epic1.project.pk,
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({
"bulk_epics": "test1\ntest2",
"project_id": data.private_epic2.project.pk,
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({
"bulk_epics": "test1\ntest2",
"project_id": data.blocked_epic.project.pk,
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 451, 451]
def test_valid_concurrent_save_for_wiki_page_different_versions(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
client.login(user)
mock_path = "tina.projects.wiki.api.WikiViewSet.pre_conditions_on_save"
with patch(mock_path):
url = reverse("wiki-list")
data = {"project": project.id, "slug": "test"}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201, response.content
wiki_id = response.data["id"]
url = reverse("wiki-detail", args=(wiki_id, ))
data = {"version": 1, "content": "test 1"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 200
data = {"version": 2, "content": "test 2"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 200
def test_valid_concurrent_save_for_issue_different_versions(client):
user = f.UserFactory.create()
project = f.ProjectFactory.create(owner=user)
f.MembershipFactory.create(project=project, user=user, is_admin=True)
client.login(user)
mock_path = "tina.projects.issues.api.IssueViewSet.pre_conditions_on_save"
with patch(mock_path):
url = reverse("issues-list")
data = {
"subject": "test",
"project": project.id,
"status": f.IssueStatusFactory.create(project=project).id,
"severity": f.SeverityFactory.create(project=project).id,
"type": f.IssueTypeFactory.create(project=project).id,
"priority": f.PriorityFactory.create(project=project).id
}
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201, response.content
issue_id = response.data["id"]
url = reverse("issues-detail", args=(issue_id, ))
data = {"version": 1, "subject": "test 1"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 200
data = {"version": 2, "subject": "test 2"}
response = client.patch(url,
json.dumps(data),
content_type="application/json")
assert response.status_code == 200
def test_milestone_patch(client, data):
public_url = reverse('milestones-detail',
kwargs={"pk": data.public_milestone.pk})
private_url1 = reverse('milestones-detail',
kwargs={"pk": data.private_milestone1.pk})
private_url2 = reverse('milestones-detail',
kwargs={"pk": data.private_milestone2.pk})
blocked_url = reverse('milestones-detail',
kwargs={"pk": data.blocked_milestone.pk})
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', public_url, patch_data,
users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', private_url1,
patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', private_url2,
patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"name": "test"})
results = helper_test_http_method(client, 'patch', blocked_url, patch_data,
users)
assert results == [401, 403, 403, 451, 451]
def test_modules_patch(client, data):
public_url = reverse('projects-modules',
kwargs={"pk": data.public_project.pk})
private_url1 = reverse('projects-modules',
kwargs={"pk": data.private_project1.pk})
private_url2 = reverse('projects-modules',
kwargs={"pk": data.private_project2.pk})
blocked_url = reverse('projects-modules',
kwargs={"pk": data.blocked_project.pk})
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', public_url,
patch_data, users)
assert results == [401, 403, 403, 403, 204]
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', private_url1,
patch_data, users)
assert results == [401, 403, 403, 403, 204]
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', private_url2,
patch_data, users)
assert results == [404, 404, 404, 403, 204]
patch_data = json.dumps({"att": "test"})
results = helper_test_http_method(client, 'patch', blocked_url,
patch_data, users)
assert results == [404, 404, 404, 403, 451]
def test_wiki_link_patch(client, data):
public_url = reverse('wiki-links-detail',
kwargs={"pk": data.public_wiki_link.pk})
private_url1 = reverse('wiki-links-detail',
kwargs={"pk": data.private_wiki_link1.pk})
private_url2 = reverse('wiki-links-detail',
kwargs={"pk": data.private_wiki_link2.pk})
blocked_url = reverse('wiki-links-detail',
kwargs={"pk": data.blocked_wiki_link.pk})
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
patch_data = json.dumps({"title": "test"})
results = helper_test_http_method(client, 'patch', public_url,
patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"title": "test"})
results = helper_test_http_method(client, 'patch', private_url1,
patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"title": "test"})
results = helper_test_http_method(client, 'patch', private_url2,
patch_data, users)
assert results == [401, 403, 403, 200, 200]
patch_data = json.dumps({"title": "test"})
results = helper_test_http_method(client, 'patch', blocked_url,
patch_data, users)
assert results == [401, 403, 403, 451, 451]
def test_api_update_order_in_bulk_invalid_user_story_2(client):
project = f.create_project()
f.MembershipFactory.create(project=project, user=project.owner, is_admin=True)
milestone = f.MilestoneFactory.create(project=project)
us1 = f.create_userstory(project=project)
task1 = f.create_task(project=project)
task2 = f.create_task(project=project)
task3 = f.create_task(project=project)
url1 = reverse("tasks-bulk-update-taskboard-order")
url2 = reverse("tasks-bulk-update-us-order")
data = {
"project_id": project.id,
"us_id": us1.id,
"milestone_id": milestone.id,
"bulk_tasks": [{"task_id": task1.id, "order": 1},
{"task_id": task2.id, "order": 2},
{"task_id": task3.id, "order": 3}]
}
client.login(project.owner)
response = client.json.post(url1, json.dumps(data))
assert response.status_code == 400, response.data
assert "us_id" in response.data
assert "bulk_tasks" in response.data
response = client.json.post(url2, json.dumps(data))
assert response.status_code == 400, response.data
assert "us_id" in response.data
assert "bulk_tasks" in response.data
def test_task_custom_attribute_create(client, data):
public_url = reverse('task-custom-attributes-list')
private1_url = reverse('task-custom-attributes-list')
private2_url = reverse('task-custom-attributes-list')
blocked_url = reverse('task-custom-attributes-list')
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
task_ca_data = {"name": "test-new", "project": data.public_project.id}
task_ca_data = json.dumps(task_ca_data)
results = helper_test_http_method(client, 'post', public_url, task_ca_data,
users)
assert results == [401, 403, 403, 403, 201]
task_ca_data = {"name": "test-new", "project": data.private_project1.id}
task_ca_data = json.dumps(task_ca_data)
results = helper_test_http_method(client, 'post', private1_url,
task_ca_data, users)
assert results == [401, 403, 403, 403, 201]
task_ca_data = {"name": "test-new", "project": data.private_project2.id}
task_ca_data = json.dumps(task_ca_data)
results = helper_test_http_method(client, 'post', private2_url,
task_ca_data, users)
assert results == [401, 403, 403, 403, 201]
task_ca_data = {"name": "test-new", "project": data.blocked_project.id}
task_ca_data = json.dumps(task_ca_data)
results = helper_test_http_method(client, 'post', blocked_url,
task_ca_data, users)
assert results == [401, 403, 403, 403, 451]
def test_api_validator_assigned_to_when_update_epics(client):
project = f.create_project(
anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)),
public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)))
project_member_owner = f.MembershipFactory.create(
project=project,
user=project.owner,
is_admin=True,
role__project=project,
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
project_member = f.MembershipFactory.create(
project=project,
is_admin=True,
role__project=project,
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
project_no_member = f.MembershipFactory.create(is_admin=True)
epic = f.create_epic(project=project,
owner=project.owner,
status=project.epic_statuses.all()[0])
url = reverse('epics-detail', kwargs={"pk": epic.pk})
# assign
data = {
"assigned_to": project_member.user.id,
}
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
client.login(project.owner)
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 200, response.data
assert "assigned_to" in response.data
assert response.data["assigned_to"] == project_member.user.id
# unassign
data = {
"assigned_to": None,
}
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
client.login(project.owner)
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 200, response.data
assert "assigned_to" in response.data
assert response.data["assigned_to"] == None
# assign to invalid user
data = {
"assigned_to": project_no_member.user.id,
}
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
client.login(project.owner)
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 400, response.data
def test_issue_action_bulk_create(client, data):
data.public_issue.project.default_issue_status = f.IssueStatusFactory()
data.public_issue.project.default_issue_type = f.IssueTypeFactory()
data.public_issue.project.default_priority = f.PriorityFactory()
data.public_issue.project.default_severity = f.SeverityFactory()
data.public_issue.project.save()
data.private_issue1.project.default_issue_status = f.IssueStatusFactory()
data.private_issue1.project.default_issue_type = f.IssueTypeFactory()
data.private_issue1.project.default_priority = f.PriorityFactory()
data.private_issue1.project.default_severity = f.SeverityFactory()
data.private_issue1.project.save()
data.private_issue2.project.default_issue_status = f.IssueStatusFactory()
data.private_issue2.project.default_issue_type = f.IssueTypeFactory()
data.private_issue2.project.default_priority = f.PriorityFactory()
data.private_issue2.project.default_severity = f.SeverityFactory()
data.private_issue2.project.save()
data.blocked_issue.project.default_issue_status = f.IssueStatusFactory()
data.blocked_issue.project.default_issue_type = f.IssueTypeFactory()
data.blocked_issue.project.default_priority = f.PriorityFactory()
data.blocked_issue.project.default_severity = f.SeverityFactory()
data.blocked_issue.project.save()
url = reverse('issues-bulk-create')
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
bulk_data = json.dumps({
"bulk_issues": "test1\ntest2",
"project_id": data.public_issue.project.pk
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({
"bulk_issues": "test1\ntest2",
"project_id": data.private_issue1.project.pk
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({
"bulk_issues": "test1\ntest2",
"project_id": data.private_issue2.project.pk
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 200, 200]
bulk_data = json.dumps({
"bulk_issues": "test1\ntest2",
"project_id": data.blocked_issue.project.pk
})
results = helper_test_http_method(client, 'post', url, bulk_data, users)
assert results == [401, 403, 403, 451, 451]
def test_api_validator_assigned_to_when_create_tasks(client):
project = f.create_project(anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)),
public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)))
project_member_owner = f.MembershipFactory.create(project=project,
user=project.owner,
is_admin=True,
role__project=project,
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
project_member = f.MembershipFactory.create(project=project,
is_admin=True,
role__project=project,
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
project_no_member = f.MembershipFactory.create(is_admin=True)
url = reverse('tasks-list')
# assign
data = {
"subject": "test",
"project": project.id,
"assigned_to": project_member.user.id,
}
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201, response.data
assert "assigned_to" in response.data
assert response.data["assigned_to"] == project_member.user.id
# unassign
data = {
"subject": "test",
"project": project.id,
"assigned_to": None,
}
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 201, response.data
assert "assigned_to" in response.data
assert response.data["assigned_to"] == None
# assign to invalid user
data = {
"subject": "test",
"project": project.id,
"assigned_to": project_no_member.user.id,
}
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
client.login(project.owner)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 400, response.data
def test_userstory_custom_attributes_values_update(client, data):
public_url = reverse('userstory-custom-attributes-values-detail',
kwargs={"user_story_id": data.public_user_story.pk})
private_url1 = reverse(
'userstory-custom-attributes-values-detail',
kwargs={"user_story_id": data.private_user_story1.pk})
private_url2 = reverse(
'userstory-custom-attributes-values-detail',
kwargs={"user_story_id": data.private_user_story2.pk})
blocked_url = reverse('userstory-custom-attributes-values-detail',
kwargs={"user_story_id": data.blocked_user_story.pk})
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
user_story_data = serializers.UserStoryCustomAttributesValuesSerializer(
data.public_user_story_cav).data
user_story_data["attributes_values"] = {
str(data.public_userstory_ca.pk): "test"
}
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', public_url,
user_story_data, users)
assert results == [401, 403, 403, 200, 200]
user_story_data = serializers.UserStoryCustomAttributesValuesSerializer(
data.private_user_story_cav1).data
user_story_data["attributes_values"] = {
str(data.private_userstory_ca1.pk): "test"
}
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', private_url1,
user_story_data, users)
assert results == [401, 403, 403, 200, 200]
user_story_data = serializers.UserStoryCustomAttributesValuesSerializer(
data.private_user_story_cav2).data
user_story_data["attributes_values"] = {
str(data.private_userstory_ca2.pk): "test"
}
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', private_url2,
user_story_data, users)
assert results == [401, 403, 403, 200, 200]
user_story_data = serializers.UserStoryCustomAttributesValuesSerializer(
data.blocked_user_story_cav).data
user_story_data["attributes_values"] = {
str(data.blocked_userstory_ca.pk): "test"
}
user_story_data = json.dumps(user_story_data)
results = helper_test_http_method(client, 'put', blocked_url,
user_story_data, users)
assert results == [401, 403, 403, 451, 451]
def test_api_create_bulk_members_throttling(client, settings):
settings.REST_FRAMEWORK["DEFAULT_THROTTLE_RATES"][
"create-memberships"] = "2/minute"
project = f.ProjectFactory()
john = f.UserFactory.create()
joseph = f.UserFactory.create()
other = f.UserFactory.create()
tester = f.RoleFactory(project=project,
name="Tester",
permissions=["view_project"])
gamer = f.RoleFactory(project=project,
name="Gamer",
permissions=["view_project"])
f.MembershipFactory(project=project, user=john, role=tester, is_admin=True)
# John and Other are members from another project
project2 = f.ProjectFactory()
f.MembershipFactory(project=project2, user=john, role=gamer, is_admin=True)
f.MembershipFactory(project=project2, user=other, role=gamer)
url = reverse("memberships-bulk-create")
data = {
"project_id":
project.id,
"bulk_memberships": [
{
"role_id": gamer.pk,
"username": joseph.email
},
{
"role_id": gamer.pk,
"username": other.username
},
]
}
client.login(john)
response = client.json.post(url, json.dumps(data))
assert response.status_code == 200
response_user_ids = set([u["user"] for u in response.data])
user_ids = {other.id, joseph.id}
assert (user_ids.issubset(response_user_ids))
response = client.json.post(url, json.dumps(data))
assert response.status_code == 429
settings.REST_FRAMEWORK["DEFAULT_THROTTLE_RATES"][
"create-memberships"] = None
def test_epic_related_userstories_create(client, data):
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
create_data = json.dumps({
"user_story":
f.UserStoryFactory(project=data.public_project).id,
"epic":
data.public_epic.id
})
url = reverse('epics-related-userstories-list', args=[data.public_epic.pk])
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 400]
create_data = json.dumps({
"user_story":
f.UserStoryFactory(project=data.private_project1).id,
"epic":
data.private_epic1.id
})
url = reverse('epics-related-userstories-list',
args=[data.private_epic1.pk])
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 400]
create_data = json.dumps({
"user_story":
f.UserStoryFactory(project=data.private_project2).id,
"epic":
data.private_epic2.id
})
url = reverse('epics-related-userstories-list',
args=[data.private_epic2.pk])
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 201, 400]
create_data = json.dumps({
"user_story":
f.UserStoryFactory(project=data.blocked_project).id,
"epic":
data.blocked_epic.id
})
url = reverse('epics-related-userstories-list',
args=[data.blocked_epic.pk])
results = helper_test_http_method(client, 'post', url, create_data, users)
assert results == [401, 403, 403, 451, 451]
def test_milestone_create(client, data):
url = reverse('milestones-list')
users = [
None, data.registered_user, data.project_member_without_perms,
data.project_member_with_perms, data.project_owner
]
create_data = json.dumps({
"name": "test",
"estimated_start": "2014-12-10",
"estimated_finish": "2014-12-24",
"project": data.public_project.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users,
lambda: Milestone.objects.all().delete())
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({
"name": "test",
"estimated_start": "2014-12-10",
"estimated_finish": "2014-12-24",
"project": data.private_project1.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users,
lambda: Milestone.objects.all().delete())
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({
"name": "test",
"estimated_start": "2014-12-10",
"estimated_finish": "2014-12-24",
"project": data.private_project2.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users,
lambda: Milestone.objects.all().delete())
assert results == [401, 403, 403, 201, 201]
create_data = json.dumps({
"name": "test",
"estimated_start": "2014-12-10",
"estimated_finish": "2014-12-24",
"project": data.blocked_project.pk,
})
results = helper_test_http_method(client, 'post', url, create_data, users,
lambda: Milestone.objects.all().delete())
assert results == [401, 403, 403, 451, 451]
def test_api_user_story_add_new_tags_with_colors(client):
project = f.ProjectFactory.create()
user_story = f.create_userstory(project=project, status__project=project)
f.MembershipFactory.create(project=project, user=user_story.owner, is_admin=True)
url = reverse("userstories-detail", kwargs={"pk": user_story.pk})
data = {
"tags": [
["back", "#fff8e7"],
["front", None],
["ux", "#fabada"]
],
"version": user_story.version
}
client.login(user_story.owner)
response = client.json.patch(url, json.dumps(data))
assert response.status_code == 200, response.data
tags_colors = OrderedDict(project.tags_colors)
assert not tags_colors.keys()
project.refresh_from_db()
tags_colors = OrderedDict(project.tags_colors)
assert "back" in tags_colors and "front" in tags_colors and "ux" in tags_colors
assert tags_colors["back"] == "#fff8e7"
assert tags_colors["ux"] == "#fabada"
def test_edit_comment(client):
project = f.create_project()
us = f.create_userstory(project=project)
f.MembershipFactory.create(project=project,
user=project.owner,
is_admin=True)
key = make_key_from_model_object(us)
history_entry = f.HistoryEntryFactory.create(type=HistoryType.change,
project=project,
comment="testing",
key=key,
diff={},
user={"pk": project.owner.id})
history_entry_created_at = history_entry.created_at
assert history_entry.comment_versions == None
assert history_entry.edit_comment_date == None
client.login(project.owner)
url = reverse("userstory-history-edit-comment", args=(us.id, ))
url = "%s?id=%s" % (url, history_entry.id)
data = json.dumps({"comment": "testing update comment"})
response = client.post(url, data, content_type="application/json")
assert 200 == response.status_code, response.status_code
history_entry = HistoryEntry.objects.get(id=history_entry.id)
assert len(history_entry.comment_versions) == 1
assert history_entry.comment == "testing update comment"
assert history_entry.comment_versions[0]["comment"] == "testing"
assert history_entry.edit_comment_date != None
assert history_entry.comment_versions[0]["user"]["id"] == project.owner.id
