def test_set_from_qs():
job1 = JobFactory(status="test")
job2 = JobFactory(status="success")
job3 = JobFactory(status="success")
# check using the default field of pk
output = set_from_qs(Job.objects.all())
assert output == {job1.pk, job2.pk, job3.pk}
# check using the field kwarg
output = set_from_qs(Job.objects.all(), field="status")
assert output == {"test", "success"}
def test_projectdetail_success(rf, core_developer):
project = ProjectFactory()
request = rf.get("/")
request.user = core_developer
response = ProjectDetail.as_view()(request, slug=project.slug)
assert response.status_code == 200
expected = set_from_qs(project.workspaces.all())
output = set_from_qs(response.context_data["workspaces"])
assert output == expected
def test_userdetail_post_success(rf, core_developer):
backend = BackendFactory()
org = OrgFactory()
project1 = ProjectFactory(org=org)
project2 = ProjectFactory(org=org)
user = UserFactory(roles=[OutputPublisher, TechnicalReviewer])
# link the user to some Backends
BackendMembershipFactory(user=user)
BackendMembershipFactory(user=user)
# link the user to the Org
OrgMembershipFactory(org=org, user=user)
# link the user to the Projects
ProjectMembershipFactory(project=project1, user=user)
ProjectMembershipFactory(project=project2, user=user)
data = {
"backends": [backend.slug],
"roles": ["jobserver.authorization.roles.OutputPublisher"],
}
request = rf.post("/", data)
request.user = core_developer
response = UserDetail.as_view()(request, username=user.username)
assert response.status_code == 302, response.context_data["form"].errors
assert response.url == user.get_staff_url()
user.refresh_from_db()
assert set_from_qs(user.backends.all()) == {backend.pk}
assert user.roles == [OutputPublisher]
def test_orgdetail_get_success(rf, core_developer):
org = OrgFactory()
UserFactory(username="******", fullname="Ben Goldacre")
request = rf.get("/")
request.user = core_developer
response = OrgDetail.as_view()(request, slug=org.slug)
assert response.status_code == 200
assert "beng (Ben Goldacre)" in response.rendered_content
expected = set_from_qs(org.members.all())
output = set_from_qs(response.context_data["members"])
assert output == expected
expected = set_from_qs(org.projects.all())
output = set_from_qs(response.context_data["projects"])
assert output == expected
def test_snapshotcreate_with_permission(api_rf, build_release_with_files):
workspace = WorkspaceFactory()
release = build_release_with_files(
[
"file1.txt",
"file2.txt",
"file3.txt",
"file4.txt",
"file5.txt",
],
workspace=workspace,
)
user = UserFactory()
ProjectMembershipFactory(
project=workspace.project, user=user, roles=[ProjectDeveloper]
)
data = {
"file_ids": [
release.files.get(name="file1.txt").pk,
release.files.get(name="file3.txt").pk,
release.files.get(name="file5.txt").pk,
],
}
request = api_rf.post("/", data)
request.user = user
response = SnapshotCreateAPI.as_view()(request, workspace_id=workspace.name)
assert response.status_code == 201
workspace.refresh_from_db()
assert workspace.snapshots.count() == 1
snapshot_file_ids = set_from_qs(workspace.snapshots.first().files.all())
current_file_ids = set_from_qs(workspace.files.all())
assert snapshot_file_ids <= current_file_ids
def test_orgdetail_post_success(rf, core_developer):
org = OrgFactory()
user1 = UserFactory()
user2 = UserFactory()
request = rf.post("/", {"users": [str(user1.pk), str(user2.pk)]})
request.user = core_developer
response = OrgDetail.as_view()(request, slug=org.slug)
assert response.status_code == 302
assert response.url == org.get_staff_url()
assert set_from_qs(org.members.all()) == {user1.pk, user2.pk}
def test_applicationlist_search(rf, core_developer):
app1 = ApplicationFactory(created_by=UserFactory(fullname="ben g"))
app2 = ApplicationFactory(created_by=UserFactory(username="******"))
ApplicationFactory(created_by=UserFactory(username="******"))
request = rf.get("/?q=ben")
request.user = core_developer
response = ApplicationList.as_view()(request)
assert response.status_code == 200
assert len(response.context_data["object_list"]) == 2
assert set_from_qs(
response.context_data["object_list"]) == {app1.pk, app2.pk}
class SnapshotCreateAPI(APIView):
authentication_classes = [SessionAuthentication]
class serializer_class(serializers.Serializer):
file_ids = serializers.ListField(child=serializers.CharField())
@transaction.atomic
def post(self, request, *args, **kwargs):
"""Create a Snapshot from the given list of files."""
workspace = get_object_or_404(Workspace,
name=self.kwargs["workspace_id"])
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.data
if not has_permission(
request.user, "snapshot_create", project=workspace.project):
raise NotAuthenticated
file_ids = set(data["file_ids"])
files = ReleaseFile.objects.filter(pk__in=file_ids)
# check all ReleaseFile IDs submitted are valid IDs
if missing := file_ids - set_from_qs(files):
raise ParseError(f"Unknown file IDs: {', '.join(missing)}")
# only look at files which haven't been deleted (redacted)
files = [f for f in files if not f.is_deleted]
rfile_ids = {f.pk for f in files}
snapshot_ids = [
set_from_qs(s.files.all()) for s in workspace.snapshots.all()
]
if rfile_ids in snapshot_ids:
msg = (
"A release with the current files already exists, please use that one."
)
raise ParseError(msg)
snapshot = Snapshot.objects.create(created_by=request.user,
workspace=workspace)
snapshot.files.set(files)
return Response({"url": snapshot.get_absolute_url()}, status=201)
def post(self, request, *args, **kwargs):
"""Create a Snapshot from the given list of files."""
workspace = get_object_or_404(Workspace,
name=self.kwargs["workspace_id"])
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.data
if not has_permission(
request.user, "snapshot_create", project=workspace.project):
raise NotAuthenticated
file_ids = set(data["file_ids"])
files = ReleaseFile.objects.filter(pk__in=file_ids)
# check all ReleaseFile IDs submitted are valid IDs
if missing := file_ids - set_from_qs(files):
raise ParseError(f"Unknown file IDs: {', '.join(missing)}")
def test_userform_success():
backend1 = BackendFactory()
backend2 = BackendFactory()
BackendFactory()
data = {
"backends": [backend1.slug, backend2.slug],
"roles": [],
}
form = UserForm(
available_backends=Backend.objects.all(),
available_roles=[],
data=data,
)
assert form.is_valid(), form.errors
assert set_from_qs(
form.cleaned_data["backends"]) == {backend1.pk, backend2.pk}
def test_usersetorgs_post_success(rf, core_developer):
existing_org = OrgFactory()
new_org1 = OrgFactory()
new_org2 = OrgFactory()
user = UserFactory()
OrgMembershipFactory(org=existing_org, user=user)
request = rf.post("/", {"orgs": [new_org1.pk, new_org2.pk]})
request.user = core_developer
response = UserSetOrgs.as_view()(request, username=user.username)
assert response.status_code == 302
assert response.url == user.get_staff_url()
user.refresh_from_db()
assert set_from_qs(user.orgs.all()) == {new_org1.pk, new_org2.pk}
def test_projectaddmember_post_success(rf, core_developer):
project = ProjectFactory()
user1 = UserFactory()
user2 = UserFactory()
data = {
"roles": ["jobserver.authorization.roles.ProjectDeveloper"],
"users": [user1.pk, user2.pk],
}
request = rf.post("/", data)
request.user = core_developer
response = ProjectAddMember.as_view()(request, slug=project.slug)
assert response.status_code == 302
assert response.url == project.get_staff_url()
assert set_from_qs(project.members.all()) == {user1.pk, user2.pk}
assert project.memberships.filter(roles=[ProjectDeveloper]).count() == 2