def test_success_page_returns_correct_html(self):
"""success page return correct html"""
setup_org()
response = self.client.get(f"/setup/success/")
self.assertContains(response, "Congratulations")
self.assertTemplateUsed(response, "setup/success.html")
def setUp(self):
self.org_with_docs = setup_org()
setup_admin(self.org_with_docs)
self.user = setup_user(self.org_with_docs)
self.doc = setup_document(self.org_with_docs, self.user)
self.doc_bis = setup_document(self.org_with_docs,
self.user,
title=tv.DOCUMENT2_TITLE)
self.first_level_folder = setup_folder(self.org_with_docs,
name="First level folder")
self.doc_in_folder = setup_document(
self.org_with_docs,
self.user,
title="Document in folder",
ftl_folder=self.first_level_folder,
)
self.org_with_folders = setup_org(name=tv.ORG_NAME_2,
slug=tv.ORG_SLUG_2)
setup_folder(self.org_with_folders)
self.org_without_docs_1 = setup_org(name=tv.ORG_NAME_3,
slug=tv.ORG_SLUG_3)
self.org_without_docs_2 = setup_org(name=tv.ORG_NAME_4,
slug=tv.ORG_SLUG_4)
def setUp(self):
self.org_1 = setup_org()
self.org_2 = setup_org(name=tv.ORG_NAME_2, slug=tv.ORG_SLUG_2)
self.user_1 = setup_user(org=self.org_1)
self.user_2 = setup_user(org=self.org_1,
email=tv.USER2_EMAIL,
password=tv.USER2_PASS)
self.user_3 = setup_user(org=self.org_2,
email=tv.USER3_EMAIL,
password=tv.USER3_PASS)
self.user_1_codes_1 = ["AA1222", "AA1223"]
self.user_1_codes_2 = ["BB1222", "BB1223"]
self.user_2_codes = ["CC1222", "CC1223"]
self.user_1_static_device_1 = setup_2fa_static_device(
self.user_1,
"user1 valid token set 1",
codes_list=self.user_1_codes_1)
self.user_1_static_device_2 = setup_2fa_static_device(
self.user_1,
"user1 valid token set 2",
codes_list=self.user_1_codes_2)
# invalid set with no codes left
self.user_1_static_device_3 = setup_2fa_static_device(
self.user_1, "user1 invalid token set 3")
self.user_2_static_device_1 = setup_2fa_static_device(
self.user_2, "user2 valid token set", codes_list=self.user_2_codes)
def test_create_first_org_and_admin_page_get_proper_context(self):
"""create-admin page get proper context"""
setup_org()
response = self.client.get("/setup/createadmin/")
self.assertIsInstance(
response.context["form"], CreateFirstOrgAndAdmin.form_class
)
def test_create_first_org_and_admin_page_returns_correct_html(self):
"""create_admin page return correct html"""
setup_org()
response = self.client.get("/setup/createadmin/")
self.assertContains(response, "Create first organization and administrator")
self.assertTemplateUsed(
response, "setup/first_org_and_admin_creation_form.html"
)
def setUp(self, **kwargs):
# first org, admin, user are already created, user is already logged on home page
super().setUp()
self.admin_org = setup_org(name="admin org 1", slug="admin-org-1")
setup_admin(self.admin_org)
self.user_org = setup_org()
self.user = setup_user(self.user_org)
self.visit(LoginPage.url)
def test_second_org_setup(self):
# first org, admin, first user are already created
org1 = setup_org()
setup_admin(org=org1)
setup_user(org=org1)
# Admin user login to admin portal and create a new org
self.visit(LoginPage.admin_url)
self.log_admin()
self.get_elem(self.create_org_link).click()
org2_slug = self.create_org(tv.ORG_NAME_2, tv.ORG_SLUG_2)
# Admin close its browser
self.browser.quit()
# Second user display the app for the first time to create its account
self.setUp()
self.visit_signup_page(org2_slug)
# Second user fulfill the user creation form
email = self.create_user(user_num=2, activate_user=True)
# Second user login to the second organization
self.log_user(user_num=2)
# Second user is properly logged
self.assertIn("home", self.head_title)
self.assertIn(email, self.get_elem(self.profile_name).text)
def test_new_user_add_document_inside_folder(self, mock_apply_processing):
# first org, admin, are already created
org = setup_org()
setup_admin(org=org)
# First user create its account and login
self.visit_signup_page(org.slug)
self.create_user(activate_user=True)
self.log_user()
# First user add a folder, a document inside it and display document
self.create_folder()
self.get_elem(self.folders_list_buttons).click()
self.upload_documents()
self.get_elem(self.first_document_title).click()
# User can see the uploaded document inside the viewer
# User can see the pdf inside the pdf viewer
self.wait_for_elem_to_show(self.pdf_viewer_iframe)
pdf_viewer_iframe = self.get_elem(self.pdf_viewer_iframe)
self.browser.switch_to_frame(pdf_viewer_iframe)
pdf_viewer_iframe_title = self.get_elem(
"title", False).get_attribute("innerHTML")
self.assertEqual(pdf_viewer_iframe_title, "PDF.js viewer")
def setUp(self, **kwargs):
# first org, admin, user are already created
super().setUp()
org = setup_org()
setup_admin(org=org)
# User have already created its account
self.user = setup_user(org=org)
def setUp(self):
self.org = setup_org()
self.admin = setup_admin(self.org)
self.client.login(
request=HttpRequest(), email=tv.ADMIN1_EMAIL, password=tv.ADMIN1_PASS
)
def test_delete_document(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
# Create a custom document and thumbnail specific to this test because we don't want to delete test files
binary_f = setup_temporary_file().name
thumbnail_f = setup_temporary_file().name
document_to_be_deleted = FTLDocument.objects.create(
org=self.org,
ftl_user=self.user,
title="Test document to be deleted",
binary=binary_f,
thumbnail_binary=thumbnail_f,
)
document_to_be_deleted.delete()
with self.assertRaises(core.models.FTLDocument.DoesNotExist):
FTLDocument.objects.get(pid=document_to_be_deleted.pid)
# File has been deleted.
self.assertTrue(not os.path.exists(binary_f))
self.assertTrue(not os.path.exists(thumbnail_f))
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.doc = setup_document(
self.org,
self.user,
title=tv.DOCUMENT_DOCX_TITLE,
note=tv.DOCUMENT_DOCX_NOTE,
text_content=tv.DOCUMENT_DOCX_CONTENT,
binary=tv.DOCUMENT_DOCX_BINARY_PATH,
file_type=
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
)
self.first_level_folder = setup_folder(self.org,
name="First level folder")
self.doc_in_folder = setup_document(
self.org,
self.user,
title="Document in folder",
ftl_folder=self.first_level_folder,
)
self.client.login(request=HttpRequest(),
email=tv.USER1_EMAIL,
password=tv.USER1_PASS)
def test_mark_delete_document(self, mocked_send_task):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
binary_f = setup_temporary_file().name
thumbnail_f = setup_temporary_file().name
document_to_be_deleted = FTLDocument.objects.create(
org=self.org,
ftl_user=self.user,
title="Test document to be deleted",
binary=binary_f,
thumbnail_binary=thumbnail_f,
)
document_to_be_deleted.mark_delete()
self.assertTrue(document_to_be_deleted.deleted)
self.assertIsNone(document_to_be_deleted.ftl_folder)
mocked_send_task.assert_called_with(
"core.tasks.delete_document",
args=[
document_to_be_deleted.pid,
document_to_be_deleted.org.pk,
document_to_be_deleted.ftl_user.pk,
],
)
def test_delete_folders(self, mock_send_task_delete_document):
org = setup_org()
setup_admin(org)
user = setup_user(org)
folder = setup_folder(org)
folder_sub = setup_folder(org, parent=folder)
document_1 = setup_document(org,
user,
binary=setup_temporary_file().name)
document_2 = setup_document(org,
user,
folder,
binary=setup_temporary_file().name)
document_3 = setup_document(org,
user,
folder_sub,
binary=setup_temporary_file().name)
self.assertEqual(FTLDocument.objects.filter(deleted=False).count(), 3)
self.assertEqual(FTLFolder.objects.count(), 2)
folder.delete()
self.assertEqual(FTLDocument.objects.filter(deleted=False).count(), 1)
self.assertEqual(FTLFolder.objects.count(), 0)
self.assertIsNotNone(FTLDocument.objects.get(pid=document_1.pid))
doc_marked_as_deleted_2 = FTLDocument.objects.get(pid=document_2.pid)
self.assertTrue(doc_marked_as_deleted_2.deleted)
doc_marked_as_deleted_3 = FTLDocument.objects.get(pid=document_3.pid)
self.assertTrue(doc_marked_as_deleted_3.deleted)
def setUp(self, **kwargs):
# first org, admin, user are already created, user is already logged on home page
super().setUp()
self.org = setup_org()
setup_admin(self.org)
self.visit(LoginPage.url)
self.log_user(email=tv.ADMIN1_EMAIL, password=tv.ADMIN1_PASS)
def setUp(self):
self.org_1 = setup_org()
self.user_1 = setup_user(org=self.org_1)
self.user_1_static_device_1 = setup_2fa_static_device(
self.user_1,
tv.STATIC_DEVICE_NAME,
codes_list=tv.STATIC_DEVICE_CODES_LIST)
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.client.login(
request=HttpRequest(), email=tv.USER1_EMAIL, password=tv.USER1_PASS
)
def test_create_first_org_and_admin_page_redirect_to_success_after_admin_creation(
self,
):
"""create_admin page redirect to success page once admin created"""
setup_admin(setup_org())
response = self.client.get(reverse_lazy("setup:create_admin"))
self.assertRedirects(response, reverse_lazy("login"))
def setUp(self):
# Setup org, admin, user and user is logged
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
setup_authenticated_session(self.client, self.org, self.user)
# reset mock
self.addCleanup(totp_time_setter.reset_mock, side_effect=True)
def setUp(self, **kwargs):
# first org, admin, user are already created, user is already logged on home page
super().setUp()
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.visit(LoginPage.url)
self.log_user()
def test_index_redirects(self):
"""Index redirect to correct page according to setup state"""
response = self.client.get("", follow=True)
self.assertRedirects(response, reverse_lazy("setup:create_admin"))
org = setup_org()
setup_admin(org)
response = self.client.get("", follow=True)
self.assertRedirects(
response, f"{reverse_lazy('login')}?next={reverse_lazy('home')}")
def test_logout_call_proper_signal(self, mocked_signal):
# Setup org, admin, user and log the user
org = setup_org()
setup_admin(org)
user = setup_user(org)
setup_authenticated_session(self.client, org, user)
self.client.get("/logout/")
mocked_signal.assert_called_once()
def test_cant_share_not_owned_doc(self):
org_bis = setup_org(name=tv.ORG_NAME_2, slug=tv.ORG_SLUG_2)
admin_bis = setup_admin(org_bis, tv.ADMIN2_EMAIL)
doc_bis = setup_document(org_bis, admin_bis)
client_post = self.client.post(
f"/app/api/v1/documents/{doc_bis.pid}/share", format="json"
)
self.assertEqual(client_post.status_code, status.HTTP_404_NOT_FOUND)
def test_success_page_get_proper_context(self):
"""success page get proper context"""
org = setup_org()
response = self.client.get(f"/setup/success/")
expected_context = {
"org_slug": org.slug,
"org_name": org.name,
}
self.assertEqual(response.context["org_slug"], expected_context["org_slug"])
self.assertEqual(response.context["org_name"], expected_context["org_name"])
def setUp(self):
self.org = setup_org()
self.admin = setup_admin(org=self.org)
self.application = Application.objects.create(
name="Test Application",
redirect_uris=("http://localhost:1123"),
user=self.admin,
client_type=Application.CLIENT_CONFIDENTIAL,
authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
skip_authorization=False,
)
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user = setup_user(self.org)
self.doc = setup_document(self.org, self.user)
self.doc_bis = setup_document(self.org, self.user, title=tv.DOCUMENT2_TITLE)
self.client.login(
request=HttpRequest(), email=tv.USER1_EMAIL, password=tv.USER1_PASS
)
def setUp(self):
self.org_1 = setup_org()
self.org_2 = setup_org(name=tv.ORG_NAME_2, slug=tv.ORG_SLUG_2)
self.user_1 = setup_user(org=self.org_1)
self.user_2 = setup_user(org=self.org_1,
email=tv.USER2_EMAIL,
password=tv.USER2_PASS)
self.user_1_codes_1 = ["AA1222", "AA1223"]
self.user_1_static_device_1 = setup_2fa_static_device(
self.user_1,
"user1 valid token set 1",
codes_list=self.user_1_codes_1)
self.user_1_fido2_device_1 = setup_2fa_fido2_device(
self.user_1, "user1 fido2 device 1")
self.user_1_totp_device_1 = setup_2fa_totp_device(
self.user_1, "user1 totp 1")
self.user_1_totp_device_2 = setup_2fa_totp_device(
self.user_1, "user1 totp 2")
self.user_2_totp_device_2 = setup_2fa_totp_device(
self.user_2, "user2 totp 1")
def test_document_download_only_work_for_users_in_the_doc_org(self):
# Add a document in first org with first user
doc = setup_document(self.org, self.user)
# Create a second org and user, log the second user
org_2 = setup_org(tv.ORG_NAME_2, tv.ORG_SLUG_2)
user_2 = setup_user(org_2, tv.USER2_EMAIL, tv.USER2_PASS)
setup_authenticated_session(self.client, org_2, user_2)
# Trying to download the document of first org with a user of second org returns a 404
response = self.client.get(f"/app/api/v1/documents/{doc.pid}/download")
self.assertEqual(response.status_code, 404)
def setUp(self):
self.org = setup_org()
self.admin = setup_admin(org=self.org)
self.application = Application.objects.create(
name="Test Application EXPORT CLI",
redirect_uris=
f"https://pm-instance.example.org{reverse('authorization_code')}",
user=self.admin,
client_type=Application.CLIENT_PUBLIC,
authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
skip_authorization=False,
)
def setUp(self):
# Setup org, user
self.org = setup_org()
self.user = setup_user(self.org)
setup_authenticated_session(self.client, self.org, self.user)
# mock OTPMiddleware._verify_user() to skip check page
self.middleware_patcher = patch.object(OTPMiddleware, "_verify_user",
mocked_verify_user)
self.middleware_patcher.start()
self.addCleanup(
patch.stopall
) # ensure mock is remove after each test, even if the test crash
self.addCleanup(totp_time_setter.reset_mock, side_effect=True)