def test_members_count(self):
self.account = AccountFactory()
self.admin = AdminFactory(accounts=[self.account])
self.login_admin()
resp = self.client.get(
reverse('board_members', kwargs={'url': self.account.url}))
self.assertContains(resp, 'class="member"', 1)
UserFactory.create_batch(5, accounts=[self.account])
resp = self.client.get(
reverse('board_members', kwargs={'url': self.account.url}))
self.assertContains(resp, 'class="member"', 6)
self.account = AccountFactory()
self.user = UserFactory(accounts=[self.account])
resp = self.client.get(
reverse('board_members', kwargs={'url': self.account.url}))
self.assertContains(resp, 'class="member"', 6)
self.client.logout()
self.login_member()
self.membership = self.user.get_membership(account=self.account)
resp = self.client.get(
reverse('board_members', kwargs={'url': self.account.url}))
self.assertContains(resp, 'class="member"', 1)
self.assertNotContains(resp, 'data-chairman="true"')
CommitteeFactory(chairman=self.membership)
resp = self.client.get(
reverse('board_members', kwargs={'url': self.account.url}))
self.assertContains(resp, 'class="member"', 1)
self.assertContains(resp, 'data-chairman="true"')
def test_plan_restrictions(self):
corp_account = CorporateAccountFactory.create()
corp_user = UserFactory.create(account=corp_account)
plan_1 = PlanFactory()
plan_2 = PlanFactory()
plan_3 = PlanFactory()
account_1 = AccountFactory(plan=plan_1)
account_2 = AccountFactory(plan=plan_2)
account_3 = AccountFactory(plan=plan_3)
user_1 = UserFactory(account=account_1)
user_2 = UserFactory(account=account_2)
user_3 = UserFactory(account=account_3)
flight = FlightFactory(departure=arrow.now().replace(days=+12).datetime)
self.assertTrue(flight.check_plan_restrictions(corp_user), 'always allow corp users')
self.assertTrue(flight.check_plan_restrictions(user_1), 'no plan restrictions')
self.assertTrue(flight.check_plan_restrictions(user_2), 'no plan restrictions')
self.assertTrue(flight.check_plan_restrictions(user_3), 'no plan restrictions')
FlightPlanRestrictionFactory(flight=flight, plan=plan_1, days=2)
FlightPlanRestrictionFactory(flight=flight, plan=plan_2, days=12)
FlightPlanRestrictionFactory(flight=flight, plan=plan_3, days=16)
self.assertTrue(flight.check_plan_restrictions(corp_user), 'always allow corp users')
self.assertFalse(flight.check_plan_restrictions(user_1), 'only 2 days out')
self.assertTrue(flight.check_plan_restrictions(user_2), 'just now')
self.assertTrue(flight.check_plan_restrictions(user_3), 'been good')
flight.departure = arrow.now().replace(days=+13).datetime
flight.save()
self.assertTrue(flight.check_plan_restrictions(corp_user), 'always allow corp users')
self.assertFalse(flight.check_plan_restrictions(user_1), 'only 2 days out')
self.assertFalse(flight.check_plan_restrictions(user_2), 'just now')
self.assertTrue(flight.check_plan_restrictions(user_3), 'been good')
flight.departure = arrow.now().replace(days=+16).datetime
flight.save()
self.assertTrue(flight.check_plan_restrictions(corp_user), 'always allow corp users')
self.assertFalse(flight.check_plan_restrictions(user_1), 'only 2 days out')
self.assertFalse(flight.check_plan_restrictions(user_2), 'just now')
self.assertTrue(flight.check_plan_restrictions(user_3), 'been good')
flight.departure = arrow.now().replace(days=+17).datetime
flight.save()
self.assertTrue(flight.check_plan_restrictions(corp_user), 'always allow corp users')
self.assertFalse(flight.check_plan_restrictions(user_1), 'only 2 days out')
self.assertFalse(flight.check_plan_restrictions(user_2), 'just now')
self.assertFalse(flight.check_plan_restrictions(user_3), 'been good')
def test_member_permission(self):
self.account = AccountFactory()
user_member = UserFactory(accounts=[self.account])
self.login_member(user_member.email)
data = {
'role':
Membership.ROLES.chair,
'email':
u'{}_{}@example.com'.format(self.account.id,
lorem_ipsum.words(1, False)),
'first_name':
lorem_ipsum.words(1, False).capitalize()[:50],
'last_name':
lorem_ipsum.words(1, False).capitalize()[:50],
'password':
'******',
'date_joined_board':
'{:%b. %d, %Y}'.format(timezone.now()),
'timezone':
us_timezones[0],
'account':
get_current_account(self),
'invitation':
True
}
url = reverse('member_create',
kwargs={'url': get_current_account(self).url})
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 403)
url = reverse('profiles:edit', kwargs={'pk': self.user.pk})
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 404)
def test_bad_balance(self):
account = AccountFactory(balance=50)
account2 = AccountFactory()
url = reverse('payment')
response = self.client.post(
url,
data={
'from_account': account.id,
'to_account': account2.id,
'amount': 100,
},
format='json',
)
self.assertEqual(response.status_code, 400)
def handle(self, *args, **options):
self.stdout.write('Starting fill db')
site = Site.objects.get(pk=1)
site.domain = site.name = settings.DOMAIN
site.save()
user = User.objects.create_superuser(email='*****@*****.**', password='')
user.set_password('admin')
user.save()
accounts = AccountFactory.create_batch(2)
for account in Account.objects.all():
admin = AdminFactory(accounts=[account])
membership = admin.get_membership(account)
BillingSettingsFactory(account=account)
board_of_directors = CommitteeFactory(name=_('Board of Directors'), account=account)
membership.committees.add(board_of_directors)
UserFactory.create_batch(5, accounts=accounts)
for account in Account.objects.all():
CommitteeFactory.create_batch(10, account=account)
for membership in Membership.objects.filter(user__in=User.objects.select_related().exclude(is_superuser=True)):
membership.committees.add(*random.sample(set(Committee.objects.filter(account_id=membership.account_id)), 2))
MeetingFactory.create_batch(10)
DocumentFactory.create_batch(5)
self.stdout.write('Completed fill db')
def test_check_user_permissions(self):
account = AccountFactory.create()
user_1 = UserFactory.create(account=account)
user_2 = UserFactory.create(account=account)
flight = FlightFactory.create()
self.assertFalse(flight.check_user_permissions(user_1), 'no fly permissions')
self.assertFalse(flight.check_user_permissions(user_2), 'no fly permissions')
user_1.user_permissions.add(Permission.objects.get(codename='can_fly'))
delattr(user_1, '_perm_cache')
self.assertTrue(flight.check_user_permissions(user_1), 'can fly permissions')
self.assertFalse(flight.check_user_permissions(user_2), 'no fly permissions')
user_2.user_permissions.add(Permission.objects.get(codename='can_fly'))
delattr(user_2, '_perm_cache')
user_1.user_permissions.add(Permission.objects.get(codename='can_book_promo_flights'))
delattr(user_1, '_perm_cache')
promo_flight = FlightFactory.create(flight_type=Flight.TYPE_PROMOTION)
self.assertTrue(flight.check_user_permissions(user_1), 'regular flight')
self.assertTrue(flight.check_user_permissions(user_2), 'regular flight')
self.assertTrue(promo_flight.check_user_permissions(user_1), 'promo flight')
self.assertFalse(promo_flight.check_user_permissions(user_2), 'promo flight nope')
def test_list_view(self):
self.account = AccountFactory()
self.user = UserFactory(accounts=[self.account])
self.login_member()
resp = self.client.get(reverse('accounts:boards'))
self.assertEqual(resp.status_code, 200)
self.assertContains(resp, 'data-account', 1)
def test_add_existed_member_with_invitation(self):
self.account = AccountFactory()
self.admin = AdminFactory(accounts=[self.account])
self.login_admin()
old_acc = list(self.user.accounts.all().values_list('id', flat=True))
old_acc.append(get_current_account(self).id)
url = reverse('member_create',
kwargs={'url': get_current_account(self).url})
data = {
'first_name': lorem_ipsum.words(1, False).capitalize()[:50],
'last_name': lorem_ipsum.words(1, False).capitalize()[:50],
'email': self.user.email,
'password': User.objects.make_random_password(),
'date_joined_board': '{:%b. %d, %Y}'.format(timezone.now()),
'timezone': us_timezones[0],
'account': get_current_account(self),
'role': Membership.ROLES.member,
'invitation': True
}
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 200)
self.assertContains(response, _('Member was added successfully.'))
self.assertItemsEqual(
list(self.user.accounts.all().values_list('id', flat=True)),
old_acc)
def test_session_set(self):
self.account = AccountFactory()
self.user = UserFactory(accounts=[self.account])
self.client.login(username=self.user.email, password='******')
url = reverse('accounts:boards')
data = {'account_id': self.account.id}
resp = self.ajax(url, data)
self.assertEqual(resp.status_code, 200)
self.assertEqual(get_current_account(self.client), self.account)
def test_delete_membership_forbidden(self):
self.login_admin()
new_acc = AccountFactory()
new_member = UserFactory(accounts=[new_acc])
url = reverse('profiles:delete',
kwargs={'pk': new_member.get_membership(new_acc).pk})
response = self.ajax(url)
self.assertEqual(
response.status_code, 404
) # Currently this would be 404 as it'll simply be not found in queryset
def test_stock_model():
account = AccountFactory()
stock = StockFactory(owner=account)
assert stock.owner == account
assert stock.name == 'ZOOM'
assert stock.symbol == 'ZOOM'
assert stock.unit_price == 50
assert stock.shares == 1000
assert stock.total_price == 50000
def test_wrong_data(self):
self.account = AccountFactory()
self.admin = AdminFactory(accounts=[self.account])
self.login_admin()
url = reverse('member_create',
kwargs={'url': get_current_account(self).url})
data = {'email': self.user.email, 'account': get_current_account(self)}
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 200)
self.assertContains(response, _('This field is required.'), 3)
def test_chairperson_permission(self):
self.account = AccountFactory()
user_chairperson = ChairpersonFactory(accounts=[self.account])
self.login_member(user_chairperson.email)
data = {
'role':
Membership.ROLES.chair,
'email':
u'{}_{}@example.com'.format(self.account.id,
lorem_ipsum.words(1, False)),
'first_name':
lorem_ipsum.words(1, False).capitalize()[:50],
'last_name':
lorem_ipsum.words(1, False).capitalize()[:50],
'password':
'******',
'date_joined_board':
'{:%b. %d, %Y}'.format(timezone.now()),
'timezone':
us_timezones[0],
'account':
get_current_account(self),
'invitation':
True
}
url = reverse('member_create',
kwargs={'url': get_current_account(self).url})
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 200)
self.assertContains(response, _('Member was added successfully.'))
url = reverse('profiles:edit', kwargs={'pk': self.membership.pk})
data['email'] = u'{}_{}@example.com'.format(
self.account.id, lorem_ipsum.words(1, False)),
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 200)
self.assertContains(response, _('Profile was changed successfully.'))
self.assertEqual(Membership.ROLES.chair,
Membership.objects.get(pk=self.membership.pk).role)
url = reverse(
'profiles:edit',
kwargs={'pk': user_chairperson.get_membership(self.account).pk})
data['role'] = Membership.ROLES.admin
data['email'] = u'{}_{}@example.com'.format(
self.account.id, lorem_ipsum.words(1, False)),
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 200)
self.assertContains(response, _('Profile was changed successfully.'))
self.assertEqual(
Membership.ROLES.chair,
Membership.objects.get(
pk=user_chairperson.get_membership(self.account).pk).role)
def test_stock_field_label():
account = AccountFactory()
stock = StockFactory(owner=account)
assert stock._meta.get_field('owner').verbose_name == 'owner'
assert stock._meta.get_field('name').verbose_name == 'name'
assert stock._meta.get_field('symbol').verbose_name == 'symbol'
assert stock._meta.get_field('unit_price').verbose_name == 'unit price'
assert stock._meta.get_field('shares').verbose_name == 'shares'
assert stock._meta.get_field('total_price').verbose_name == 'total price'
assert stock._meta.get_field('bought_date').verbose_name == 'bought date'
def test_delete_news_forbidden(self):
self.login_admin()
new_acc = AccountFactory()
AdminFactory(accounts=[new_acc])
news2 = NewsFactory(account=new_acc)
url = reverse('news:delete',
kwargs={
'pk': news2.pk,
'url': get_current_account(self).url
})
response = self.ajax(url)
self.assertEqual(response.status_code, 404)
def test_see_another_account_authenticated(self):
"""
GIVEN An authenticated account
WHEN tries to see another account account
THEN should not be able to see any details
"""
self.client.force_login(self.account)
account = AccountFactory()
response = self.client.get(
reverse('accounts-detail', kwargs={'pk': account.pk}), )
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN,
'response does not has 403 status')
def test_delete_committee_forbidden(self):
self.login_admin()
new_acc = AccountFactory()
committee2 = CommitteeFactory(chairman=self.membership_admin,
account=new_acc)
url = reverse('committees:delete',
kwargs={
'pk': committee2.pk,
'url': get_current_account(self).url
})
response = self.ajax(url)
self.assertEqual(response.status_code, 404)
def test_permission_denied(self):
self.login_admin()
new_acc = AccountFactory()
new_committee = CommitteeFactory(chairman=self.membership_admin,
account=new_acc)
url = reverse('committees:detail',
kwargs={
'pk': new_committee.pk,
'url': get_current_account(self).url
})
resp = self.client.get(url)
self.assertRedirects(resp, reverse('accounts:boards'))
def test_download_link_forbidden(self):
account = AccountFactory()
member = UserFactory(accounts=[account])
self.client.login(username=member.email, password='******')
session = self.client.session
session['current_account_id'] = account.id
session.save()
document = DocumentFactory(user=self.admin, folder=Folder.objects.get_account_root(self.account))
url = reverse('documents:download', kwargs={'document_id': document.pk})
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 404)
def test_account_list(self):
account = AccountFactory()
account2 = AccountFactory()
url = reverse('account-list')
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 2)
self.assertListEqual([
{
'id': account.id,
'owner': account.owner,
'balance': account.balance,
'currency': account.currency,
},
{
'id': account2.id,
'owner': account2.owner,
'balance': account2.balance,
'currency': account2.currency,
},
], response.data)
def init_second_account(self):
"""Smaller account to have one. Just Board and users, no data."""
from profiles.models import Membership
from accounts.factories import AccountFactory
from profiles.factories import AdminFactory, UserFactory
self.account2 = AccountFactory()
self.admin2 = AdminFactory(accounts=[self.account2])
UserFactory.create_batch(5, accounts=[self.account2])
self.membership2 = Membership.objects.filter(role=Membership.ROLES.member, account=self.account2)[0]
self.membership_admin2 = Membership.objects.filter(is_admin=True, account=self.account2)[0]
self.user2 = self.membership.user
def test_create_existing_account(self):
"""
GIVEN An unauthenticated account
WHEN sends credentials of an existent account on a POST to /api/accounts
THEN should not be created
"""
account = AccountFactory()
data = {'email': account.email, 'password': '******'}
response = self.client.post(reverse('accounts-list'),
json.dumps(data),
content_type='application/json')
errors_data = response.data
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST,
'response does not has 400 Error')
self.assertIn('Account already exists.', errors_data.get('email'),
'password field is not validated')
def test_can_get_transaction_list(self):
user = self.client.post('http://127.0.0.1:8000/auth/users/', data={"first_name": "iyanu",
"last_name": "ajao",
"email": "*****@*****.**",
"password": "******"})
response = self.client.post('http://127.0.0.1:8000/auth/token/login/', data={"password": "******",
"email": "*****@*****.**"})
auth_token = response.data['auth_token']
self.client.credentials(HTTP_AUTHORIZATION='Token ' + auth_token)
account = AccountFactory()
stock = StockFactory(owner=account)
url = reverse('transactions:transaction-list')
response = self.client.get(url)
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_account_restrictions(self):
corp_account = CorporateAccountFactory.create()
corp_user = UserFactory.create(account=corp_account)
account = AccountFactory.create()
user = UserFactory.create(account=account)
flight = FlightFactory()
self.assertTrue(flight.check_account_restriction(corp_user), 'no account restrictriction')
self.assertTrue(flight.check_account_restriction(user), 'no account restrictriction')
flight.account_restriction.add(corp_account)
self.assertTrue(flight.check_account_restriction(corp_user), 'corporate only flight')
self.assertFalse(flight.check_account_restriction(user), 'corporate only flight')
flight.account_restriction.add(account)
self.assertTrue(flight.check_account_restriction(corp_user), 'corp and individual account good')
self.assertTrue(flight.check_account_restriction(user), 'corp and individual account good')
def test_plan_seat_restrictions(self):
plan_1 = PlanFactory()
plan_2 = PlanFactory()
plan_3 = PlanFactory()
account_1 = AccountFactory(plan=plan_1)
account_2 = AccountFactory(plan=plan_2)
account_3 = AccountFactory(plan=plan_3)
user_1 = UserFactory(account=account_1)
user_2 = UserFactory(account=account_2)
user_3 = UserFactory(account=account_3)
flight = FlightFactory(departure=arrow.now().replace(days=+12).datetime, seats_total=8)
self.assertTrue(flight.check_plan_seat_restrictions(user_1, 1), 'no plan seat restrictions')
self.assertTrue(flight.check_plan_seat_restrictions(user_2, 1), 'no plan seat restrictions')
self.assertTrue(flight.check_plan_seat_restrictions(user_3, 1), 'no plan seat restrictions')
FlightPlanSeatRestrictionFactory(flight=flight, plan=plan_1, seats=1)
FlightPlanSeatRestrictionFactory(flight=flight, plan=plan_2, seats=2)
FlightPlanSeatRestrictionFactory(flight=flight, plan=plan_3, seats=3)
self.assertTrue(flight.check_plan_seat_restrictions(user_1, 1), 'seats still available for plan')
self.assertTrue(flight.check_plan_seat_restrictions(user_2, 1), 'seats still available for plan')
self.assertTrue(flight.check_plan_seat_restrictions(user_3, 1), 'seats still available for plan')
account_4 = AccountFactory(plan=plan_1)
account_5 = AccountFactory(plan=plan_2)
account_6 = AccountFactory(plan=plan_3)
reservation_4 = ReservationFactory(account=account_4)
FlightReservationFactory.create(reservation=reservation_4, flight=flight, passenger_count=1)
reservation_4.reserve()
self.assertFalse(flight.check_plan_seat_restrictions(user_1, 1), 'No seats still available for plan')
reservation_5 = ReservationFactory(account=account_5)
FlightReservationFactory.create(reservation=reservation_5, flight=flight, passenger_count=2)
reservation_5.reserve()
self.assertFalse(flight.check_plan_seat_restrictions(user_2, 1), 'No seats still available for plan')
reservation_6 = ReservationFactory(account=account_6)
FlightReservationFactory.create(reservation=reservation_6, flight=flight, passenger_count=3)
reservation_6.reserve()
self.assertFalse(flight.check_plan_seat_restrictions(user_3, 1), 'No seats still available for plan')
def test_create_payment(self):
account = AccountFactory(balance=150)
account2 = AccountFactory(balance=0)
url = reverse('payment')
response = self.client.post(
url,
data={
'from_account': account.id,
'to_account': account2.id,
'amount': 100,
},
format='json',
)
payment = Payment.objects.filter(
account__pk=account.id,
related_account__pk=account2.id,
).first()
self.assertEqual(response.status_code, 201)
self.assertIsNotNone(payment)
self.assertEqual(payment.amount, 100)
self.assertEqual(payment.direction, DIRECTION.outgoing)
payment2 = Payment.objects.filter(
account__pk=account2.id,
related_account__pk=account.id,
).first()
self.assertIsNotNone(payment2)
self.assertEqual(payment2.amount, 100)
self.assertEqual(payment2.direction, DIRECTION.incoming)
account.refresh_from_db()
self.assertEqual(account.balance, 50)
account2.refresh_from_db()
self.assertEqual(account2.balance, 100)
def test_wrong_email(self):
self.account = AccountFactory()
self.admin = AdminFactory(accounts=[self.account])
self.login_admin()
url = reverse('member_create',
kwargs={'url': get_current_account(self).url})
data = {
'first_name': lorem_ipsum.words(1, False).capitalize()[:50],
'last_name': lorem_ipsum.words(1, False).capitalize()[:50],
'email': u'{}_{}'.format(self.account.id,
lorem_ipsum.words(1, False)),
'password': User.objects.make_random_password(),
'date_joined_board': '{:%b. %d, %Y}'.format(timezone.now()),
'timezone': us_timezones[0],
'account': get_current_account(self),
'role': Membership.ROLES.member,
'invitation': True
}
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 200)
self.assertContains(response, _('Enter a valid email address.'))
def create_init_data(self):
from committees.models import Committee
from profiles.models import User, Membership
from accounts.factories import AccountFactory
from profiles.factories import AdminFactory, UserFactory
from meetings.factories import MeetingFactory
from committees.factories import CommitteeFactory
from django.contrib.contenttypes.models import ContentType
from dashboard.models import RecentActivity
from meetings.models import Meeting
self.create_manual_migrations_if_needed()
self.account = AccountFactory()
self.admin = AdminFactory(accounts=[self.account])
UserFactory.create_batch(5, accounts=[self.account])
CommitteeFactory.create_batch(5)
for membership in Membership.objects.filter(user__in=User.objects.select_related().exclude(is_superuser=True)):
membership.committees.add(*random.sample(set(Committee.objects.filter(account_id=membership.account_id)), 2))
# Set last membership as comittee chairman (comittee_set)
membership.committee_set.add(*random.sample(set(Committee.objects.filter(account_id=membership.account_id)), 1))
self.meetings = MeetingFactory.create_batch(2)
# Document creation is broken and needs fixing
# for meeting in self.meetings:
# DocumentFactory.create_batch(2, meeting=meeting)
self.membership = Membership.objects.filter(is_admin=False, account=self.account).order_by('pk')[0]
self.membership_admin = Membership.objects.filter(is_admin=True, account=self.account)[0]
self.user = self.membership.user
for meeting in self.meetings:
RecentActivity.objects.create(init_user=self.user,
account=self.account,
content_type=ContentType.objects.get_for_model(Meeting),
object_id=meeting.id,
action_flag=RecentActivity.ADDITION)
def test_member_create_with_invitation(self):
self.account = AccountFactory()
self.admin = AdminFactory(accounts=[self.account])
self.user = UserFactory(accounts=[self.account])
self.login_admin()
url = reverse('member_create',
kwargs={'url': get_current_account(self).url})
data = {
'first_name':
lorem_ipsum.words(1, False).capitalize()[:50],
'last_name':
lorem_ipsum.words(1, False).capitalize()[:50],
'email':
u'{}_{}@example.com'.format(
self.account.id,
lorem_ipsum.words(38, False)[:75 - len(str(self.account.id)) -
len('*****@*****.**')].replace(
' ', '_')),
'password':
User.objects.make_random_password(),
'date_joined_board':
'{:%b. %d, %Y}'.format(timezone.now()),
'timezone':
us_timezones[0],
'account':
get_current_account(self),
'role':
Membership.ROLES.member,
'invitation':
True
}
response = self.client.post(url, data, follow=True)
self.assertEqual(response.status_code, 200)
self.assertContains(response, _('Member was added successfully.'))
new_user = User.objects.all().order_by('-pk')[0]
self.assertEqual(new_user.email, data['email'])
self.assertEqual(len(mail.outbox), 0)
def setUp(self):
self.data = {
'email': '{}@gmail.ru'.format(lorem_ipsum.words(1, False)),
'password': lorem_ipsum.words(1, False),
'account': AccountFactory()
}
