def test_is_approver(self):
self._create_project_common(self.test_data)
view = ProjectViewSet.as_view({'get': 'list', 'post': 'create'})
for (fb, role) in FB_ROLE_MAP_REVERSE.items():
request_obj_qs = Request.objects.filter(
funding_scheme__funding_body__name=fb)
if request_obj_qs.exists():
req = request_obj_qs.first()
# Test Valid Role
self._set_roles([role])
bool = IsRequestApprover().has_object_permission(
self.http_request, view, req)
self.assertTrue(bool, '{}: not an approver for request {}'
.format(fb, req))
# Test Case insensitive role
self._set_roles([role.upper()])
bool = IsRequestApprover().has_object_permission(
self.http_request, view, req)
self.assertTrue(bool, '{}: not an approver for request {}'
.format(fb, req))
# Test invalid Role
new_roles = set(FB_ROLE_MAP_REVERSE.values())
new_roles.remove(role)
self._set_roles(list(new_roles))
bool = IsRequestApprover().has_object_permission(
self.http_request, view, req)
self.assertFalse(bool, '{}: should not be an approver for '
'request {}'.format(fb, req))
def test_request_get_by_request_id(self):
# get the request from the first project where request status is
# "Approved" for tests
view = ProjectViewSet.as_view({'get': 'list'})
for p in Project.objects.filter(requests__isnull=False,
parent_project__isnull=True):
for r in p.requests.filter(parent_request__isnull=True):
request = self.factory.get('api/project/' + str(p.id) +
'/?request_id=' + str(r.id))
request.user = self.user
response = view(request)
if response.status_code == status.HTTP_403_FORBIDDEN:
continue # Ignore rows for which user is not authorized
# else Expecting HTTP 200 response status
self.assertEqual(response.status_code, status.HTTP_200_OK,
response.data)
# Expecting project id
# List view return an array, even though the API is for a
# specific project request
if not response.data: # could be empty list
return
projectData = response.data[0]
self.assertEqual(projectData.get('id', None), p.id,
projectData)
# Expecting current request as first and only object in
# requestArray
requestArray = projectData.get('requests', [])
self.assertTrue(len(requestArray) == 1)
request = requestArray[0]
self.assertEqual(request.get('id', None), r.id, response.data)
def test_is_approver(self):
self._create_project_common(self.test_data)
view = ProjectViewSet.as_view({'get': 'list', 'post': 'create'})
for (fb, role) in FB_ROLE_MAP_REVERSE.items():
request_obj_qs = Request.objects.filter(
funding_scheme__funding_body__name=fb)
if request_obj_qs.exists():
req = request_obj_qs.first()
# Test Valid Role
self._set_roles([role])
bool = IsRequestApprover().has_object_permission(
self.http_request, view, req)
self.assertTrue(bool, '{}: not an approver for request {}'
.format(fb, req))
# Test Case insensitive role
self._set_roles([role.upper()])
bool = IsRequestApprover().has_object_permission(
self.http_request, view, req)
self.assertTrue(bool, '{}: not an approver for request {}'
.format(fb, req))
# Test invalid Role
new_roles = set(FB_ROLE_MAP_REVERSE.values())
new_roles.remove(role)
self._set_roles(list(new_roles))
bool = IsRequestApprover().has_object_permission(
self.http_request, view, req)
self.assertFalse(bool, '{}: should not be an approver for '
'request {}'.format(fb, req))
def test_request_get_by_request_id(self):
# get the request from the first project where request status is
# "Approved" for tests
view = ProjectViewSet.as_view({'get': 'list'})
for p in Project.objects.filter(
requests__isnull=False,
parent_project__isnull=True):
for r in p.requests.filter(parent_request__isnull=True):
request = self.factory.get(
'api/project/' + str(p.id) + '/?request_id=' + str(r.id))
request.user = self.user
response = view(request)
if response.status_code == status.HTTP_403_FORBIDDEN:
continue # Ignore rows for which user is not authorized
# else Expecting HTTP 200 response status
self.assertEqual(response.status_code,
status.HTTP_200_OK, response.data)
# Expecting project id
# List view return an array, even though the API is for a
# specific project request
if not response.data: # could be empty list
return
projectData = response.data[0]
self.assertEqual(projectData.get(
'id', None), p.id, projectData)
# Expecting current request as first and only object in
# requestArray
requestArray = projectData.get('requests', [])
self.assertTrue(len(requestArray) == 1)
request = requestArray[0]
self.assertEqual(request.get('id', None), r.id, response.data)
def fetch_project_by_request_param():
view = ProjectViewSet.as_view({'get': 'list',
'post': 'update'})
url_with_param = 'api/project?request_id=' + str(request_id)
request = self.factory.get(url_with_param,)
request.user = self.user
return view(request)
def fetch_project_by_request_param():
view = ProjectViewSet.as_view({'get': 'list',
'post': 'update'})
url_with_param = 'api/project?request_id=' + str(request_id)
request = self.factory.get(url_with_param,)
request.user = self.user
return view(request)
def update_fn(request_data, instances, cores, quota):
view = ProjectViewSet.as_view({'post': 'update'})
pk = request_data.get('id')
request = self.factory.post('api/project?request_id=' + str(pk),
request_data)
request.user = self.user
response = view(request)
return validate_update_fail_fn(response)
def update_fn(request_data, instances, cores, quota):
view = ProjectViewSet.as_view({'post': 'update'})
pk = request_data.get('id')
request = self.factory.post('api/project?request_id=' + str(pk),
request_data)
request.user = self.user
response = view(request)
return validate_update_fail_fn(response)
def test_request_get_validate_access(self):
def validate_national_percent(request_data):
np = float(request_data.get('national_percent'))
self.assertIsNotNone(np, 'API: National Percent value expected')
self.assertTrue(np <= 100,
'National percent must not be greater than 100')
self.assertTrue(np >= 0,
'National percent must not be smaller than 0')
# create atleast one project/request for testing get
self._create_project_common(self.test_data)
atleastOneProjectRequestExists = False
view = ProjectViewSet.as_view({'get': 'retrieve'})
request = self.factory.get('api/project')
request.user = self.user
for p in Project.objects.all():
response = view(request, pk=str(p.id))
c_fltr = p.project_contacts.filter(contact__email=self.user.email)
if response.status_code == status.HTTP_403_FORBIDDEN:
# Ensure user is not a current contact
err_msg = 'Project Contact should have access'
self.assertFalse(c_fltr.exists(), err_msg)
continue # Ignore rows for which user is not authorized
err_msg = 'user not current projectContact, should not have access'
self.assertTrue(c_fltr.exists(), err_msg)
# Expecting HTTP 200 response status
self.assertEqual(response.status_code,
status.HTTP_200_OK, response.data)
projectData = response.data
self.assertEqual(projectData.get('id', None), p.id, response.data)
self.assertEqual(projectData.get('title', None),
p.title, response.data)
requestIdList = set()
for request_data in projectData.get('requests', None):
requestIdList.add(request_data['id'])
validate_national_percent(request_data)
if len(requestIdList) > 0:
atleastOneProjectRequestExists = True
for r in p.requests.all():
if r.parent_request:
self.assertFalse(
r.id in requestIdList,
'Historic Request should not be returned by API - '
'project {} /request {}'.format(p.id, r.id))
else:
self.assertTrue(
r.id in requestIdList,
'Request not fetched for project {} / request {}'.
format(p.id, r.id))
self.assertTrue(atleastOneProjectRequestExists,
'Error, no project with request exists for testing')
def _get_project_data_by_id(self, project_id, validate_response=True):
view = ProjectViewSet.as_view({'get': 'retrieve'})
request = self.factory.get('api/project')
request.user = self.user
response = view(request, pk=str(project_id))
if validate_response:
# Expecting HTTP 200 response status
self.assertEqual(response.status_code, status.HTTP_200_OK,
response.data)
return response
def _create_project_common(self, test_data, validate_response=True):
view = ProjectViewSet.as_view({'get': 'list', 'post': 'create'})
request = self.factory.post('api/project', test_data)
request.user = self.user
response = view(request)
if validate_response:
self.assertEqual(response.status_code, status.HTTP_201_CREATED,
response.data)
self.assertIsNot(response.data.get("id"), 0, response.data)
self.assertEqual(response.data.get("title"), test_data["title"],
response.data)
return response
def test_project_fetch(self):
view = ProjectViewSet.as_view({'get': 'list', 'post': 'create'})
project_data = get_project_only_no_request_data(self.user.id,
self.contact)
request = self.factory.post('api/project', project_data)
request.user = self.user
response = view(request)
self.assertEqual(response.status_code,
status.HTTP_201_CREATED, response.data)
self.assertIsNot(response.data.get("id"), 0, response.data)
self.assertEqual(response.data.get("title"),
project_data.get("title"), response.data)
def test_project_sans_request_post(self):
view = ProjectViewSet.as_view({'get': 'list', 'post': 'create'})
project_data = sampleData.get_project_only_no_request_data(
self.user.id, self.user_contact)
request = self.factory.post('api/project', project_data)
request.user = self.user
response = view(request)
self.assertEqual(response.status_code,
status.HTTP_201_CREATED, response.data)
self.assertIsNot(response.data.get("id"), 0, response.data)
self.assertEqual(response.data.get("title"),
project_data.get("title"), response.data)
def _post_provision_static_fields(self, project_id):
self.add_project_contact_curr_user(project_id)
response = self._get_project_data_by_id(project_id)
test_data = response.data
# modify existing request
test_data["title"] = "New title"
test_data["description"] = "New title"
# update the existing request
view = ProjectViewSet.as_view({'get': 'retrieve', 'put': 'update'})
request = self.factory.put('api/project', test_data)
request.user = self.user
response = view(request, pk=str(project_id))
# should get error
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST,
response.data)
def _post_provision_static_fields(self, project_id):
self.add_project_contact_curr_user(project_id)
response = self._get_project_data_by_id(project_id)
test_data = response.data
# modify existing request
test_data["title"] = "New title"
test_data["description"] = "New title"
# update the existing request
view = ProjectViewSet.as_view({'get': 'retrieve', 'put': 'update'})
request = self.factory.put('api/project', test_data)
request.user = self.user
response = view(request, pk=str(project_id))
# should get error
self.assertEqual(response.status_code,
status.HTTP_400_BAD_REQUEST, response.data)
def _update_vicproject_common(self,
test_data,
request_id,
quota,
approved_quota,
updateValidateFn=None):
def _updateSuccessFn(response):
# get the new updated id's
new_project_id = response.data.get("id")
# check HTTP 200
self.assertEqual(
response.status_code, status.HTTP_200_OK,
'update project fail for project_id {} : {}'.format(
repr(test_data['id']), repr(response.data)))
# check new project and requests is created with new id
self.assertNotEqual(new_project_id, test_data['id'], response.data)
self.assertGreater(len(response.data.get("requests")), 0,
response.data)
new_request_id = response.data.get("requests")[0]["id"]
self.assertNotEqual(new_request_id, request_id, response.data)
# check requests has changed
self.assertEqual(
response.data.get("requests")[0]["storage_requests"][0]
["quota"], quota, response.data)
self.assertEqual(
response.data.get("requests")[0]["storage_requests"][0]
["approved_quota"], approved_quota, response.data)
return response
view = ProjectViewSet.as_view({'get': 'retrieve', 'put': 'update'})
request = self.factory.put('', test_data)
request.user = self.user
response = view(request, pk=test_data['id'])
if updateValidateFn:
return updateValidateFn(response)
else:
return _updateSuccessFn(response)
def test_request_get(self):
# create atleast one project/request for testing get
self._create_project_common(self.test_data)
atleastOneProjectRequestExists = False
view = ProjectViewSet.as_view({'get': 'retrieve'})
request = self.factory.get('api/project')
request.user = self.user
for p in Project.objects.filter(project_ids__system__system='VicNode',
requests__isnull=False,
parent_project__isnull=True):
response = view(request, pk=str(p.id))
if response.status_code == status.HTTP_404_NOT_FOUND:
continue # Ignore rows for which user is not authorized
# Expecting HTTP 200 response status
self.assertEqual(response.status_code, status.HTTP_200_OK,
response.data)
projectData = response.data
self.assertEqual(projectData.get('id', None), p.id, response.data)
self.assertEqual(projectData.get('title', None), p.title,
response.data)
requestIdList = set()
for requestData in projectData.get('requests', None):
requestIdList.add(requestData['id'])
if len(requestIdList) > 0:
atleastOneProjectRequestExists = True
for r in p.requests.all():
if r.parent_request:
self.assertFalse(
r.id in requestIdList,
'Archived Request should not be returned by API - '
'project {} /request {}'.format(p.id, r.id))
else:
self.assertTrue(
r.id in requestIdList,
'Request not fetched for project {} /request {}'.
format(p.id, r.id))
self.assertTrue(atleastOneProjectRequestExists,
'Error, no project with request exists for testing')
def test_is_project_contact(self):
self._create_project_common(self.test_data)
view = ProjectViewSet.as_view({'get': 'list', 'post': 'create'})
valid_user = self.user
invalid_user = self.get_new_user('randomUser',
'*****@*****.**')
for project in Project.objects.filter(
project_contacts__contact__email=self.user.email):
# Valid Contact Test
self.http_request.user = valid_user
bool = IsProjectContact().has_object_permission(
self.http_request, view, project)
self.assertTrue(bool, '{}: not a contact for project {}'
.format(self.user, project))
# inValid Contact Test
self.http_request.user = invalid_user
bool = IsProjectContact().has_object_permission(
self.http_request, view, project)
self.assertFalse(
bool,
'{}: should not be a contact for project {}'.format(
self.user, project)
)
def test_is_project_contact(self):
self._create_project_common(self.test_data)
view = ProjectViewSet.as_view({'get': 'list', 'post': 'create'})
valid_user = self.user
invalid_user = self.get_new_user('randomUser',
'*****@*****.**')
for project in Project.objects.filter(
project_contacts__contact__email=self.user.email):
# Valid Contact Test
self.http_request.user = valid_user
bool = IsProjectContact().has_object_permission(
self.http_request, view, project)
self.assertTrue(bool, '{}: not a contact for project {}'
.format(self.user, project))
# inValid Contact Test
self.http_request.user = invalid_user
bool = IsProjectContact().has_object_permission(
self.http_request, view, project)
self.assertFalse(
bool,
'{}: should not be a contact for project {}'.format(
self.user, project)
)
def _update_project_common(self,
test_data,
old_request_id,
instances,
cores,
quota,
updateValidateFn=None):
def _updateSuccessFn(response):
# check HTTP 200
self.assertEqual(response.status_code, status.HTTP_200_OK,
response.data)
# check new project and requests is created with new id
project = response.data
self.assertIsNotNone(project, 'Project Data is null after update')
new_project_id = project.get("id", None)
self.assertIsNotNone(new_project_id,
'Project Id is null after update')
self.assertNotEqual(new_project_id, test_data.get('id'),
response.data)
requests = []
for r in project.get('requests', None):
if not r.get('parent_request',
None): # ignore archived requests
requests.append(r)
self.assertIsNotNone(requests,
'No requests returned after project update')
self.assertEqual(
len(requests), 1,
'Expected one request returned, got ' + str(len(requests)))
for request in requests:
new_request_id = request.get('id', None)
self.assertIsNotNone(new_request_id,
'Request Id is none after update')
self.assertNotEqual(
new_request_id, old_request_id,
'New Request id is same as old after update')
# check requests has changed
for cr in request.get('compute_requests', []):
if instances:
self.assertEqual(cr["instances"], instances,
response.data)
if cores:
self.assertEqual(cr["cores"], cores, response.data)
for sr in request.get('storage_requests', []):
if quota:
self.assertEqual(sr["quota"], quota, response.data)
return response
view = ProjectViewSet.as_view({'get': 'retrieve', 'put': 'update'})
request = self.factory.put('api/project', test_data)
request.user = self.user
response = view(request, pk=test_data.get('id'))
if updateValidateFn:
return updateValidateFn(response)
else:
return _updateSuccessFn(response)