def test_regular_get(self):
"""Regular users should be denied access to the activation view."""
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = muckrock.factories.UserFactory()
response = self.view(request, slug=self.org.slug)
eq_(response.status_code, 302)
def test_staff_post(self, mock_update):
"""
When a staff member posts data, the org should update its own fields
before calling the update subscription method.
"""
starting_data = {
'max_users': self.org.max_users,
'monthly_cost': self.org.monthly_cost,
'monthly_requests': self.org.monthly_requests
}
data = {
'max_users': starting_data['max_users'] + 2,
'monthly_cost': starting_data['monthly_cost'] + 10000,
'monthly_requests': starting_data['monthly_requests'] + 40
}
request = self.request_factory.post(self.url, data)
request = mock_middleware(request)
request.user = muckrock.factories.UserFactory(is_staff=True)
response = self.view(request, slug=self.org.slug)
self.org.refresh_from_db()
eq_(self.org.max_users, data['max_users'])
eq_(self.org.monthly_cost, data['monthly_cost'])
eq_(self.org.monthly_requests, data['monthly_requests'])
ok_(mock_update.called)
eq_(response.status_code, 302)
def test_access_key_allowed(self):
"""
A POST request for a private share link should generate and return an access key.
Editors and staff should be allowed to do this.
"""
self.reset_access_key()
data = {'action': 'generate_key'}
request = self.factory.post(self.foia.get_absolute_url(), data)
request = mock_middleware(request)
# editors should be able to generate the key
request.user = self.editor
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_true(self.foia.access_key)
# staff should be able to generate the key
self.reset_access_key()
request.user = self.staff
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_true(self.foia.access_key)
def setUp(self):
self.org = muckrock.factories.OrganizationFactory()
self.request_factory = RequestFactory()
self.url = reverse('org-delete', kwargs={'slug': self.org.slug})
self.request = self.request_factory.post(self.url)
self.request = mock_middleware(self.request)
self.view = muckrock.organization.views.OrganizationDeleteView.as_view()
def post_request(self, data):
"""Helper to post data and get a response"""
request = self.request_factory.post(self.url, data)
request.user = self.user
request = mock_middleware(request)
response = self.view(request)
return response
def test_nonexistant_user(self):
"""Buying requests for nonexistant user should return a 404."""
post_request = self.factory.post(self.url, self.data)
post_request = mock_middleware(post_request)
# here is the cool part: the request user is the buyer and the URL user is the recipient
post_request.user = self.user
self.view(post_request, 'nonexistant_user')
def test_staff_get(self):
"""Staff should be allowed access to the activation view."""
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = muckrock.factories.UserFactory(is_staff=True)
response = self.view(request, slug=self.org.slug)
eq_(response.status_code, 200)
def test_access_key_not_allowed(self):
"""Visitors and normies should not be allowed to generate an access key."""
self.reset_access_key()
data = {'action': 'generate_key'}
request = self.factory.post(self.foia.get_absolute_url(), data)
request = mock_middleware(request)
# viewers should not be able to generate the key
request.user = self.viewer
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_false(self.foia.access_key)
# normies should not be able to generate the key
self.reset_access_key()
request.user = self.normie
response = Detail.as_view()(request,
jurisdiction=self.foia.jurisdiction.slug,
jidx=self.foia.jurisdiction.id,
slug=self.foia.slug,
idx=self.foia.id)
self.foia.refresh_from_db()
eq_(response.status_code, 302)
assert_false(self.foia.access_key)
def test_owner_get(self):
"""Organization owners should be allowed access to the activation view."""
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = self.org.owner
response = self.view(request, slug=self.org.slug)
eq_(response.status_code, 200)
def test_get_single(self):
"""Should be able to view a single task"""
_url = reverse('stale-agency-task', kwargs={'pk': self.task.pk})
request = self.request_factory.get(_url)
request.user = self.user
request = mock_middleware(request)
response = self.view(request)
eq_(response.status_code, 200)
def post_res(self, user, data):
"""Returns a POST response from the endpoint."""
if user is None:
user = AnonymousUser()
request = self.request_factory.post(self.url, data)
request.user = user
request = mock_middleware(request)
return self.view(request, self.foia.pk)
def setUp(self):
# create an org with a plan, so we can cancel it
self.org = muckrock.factories.OrganizationFactory(active=True)
self.request_factory = RequestFactory()
self.url = reverse('org-deactivate', kwargs={'slug': self.org.slug})
self.request = self.request_factory.post(self.url)
self.request = mock_middleware(self.request)
self.view = muckrock.organization.views.deactivate_organization
def test_owner_get_forbidden(self):
"""Users who already own an organization should be denied access."""
org = muckrock.factories.OrganizationFactory()
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = org.owner
response = self.create_view(request)
eq_(response.status_code, 302,
'Existing owners should not be allowed to create another organization.')
def test_inactive_get(self):
"""Inactive organizations cannot be updated."""
self.org.active = False
self.org.save()
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = self.org.owner
response = self.view(request, slug=self.org.slug)
eq_(response.status_code, 302)
def test_owner_get(self):
"""Organization owners should have access to the update view."""
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = self.org.owner
response = self.view(request, slug=self.org.slug)
eq_(response.status_code, 200)
ok_(isinstance(response.context_data['form'], muckrock.organization.forms.UpdateForm),
'Owners should be shown an organization update form.')
def test_member_get_forbidden(self):
"""Users who are already members of a different organization should be denied access."""
org = muckrock.factories.OrganizationFactory()
member = muckrock.factories.UserFactory(profile__organization=org)
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = member
response = self.create_view(request)
eq_(response.status_code, 302)
def test_active_get(self):
"""An active organization should deny all access to its activation view."""
self.org.active = True
self.org.save()
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = self.org.owner
response = self.view(request, slug=self.org.slug)
eq_(response.status_code, 302)
def test_get_single(self, mock_reply):
"""Should be able to view a single task"""
# pylint: disable=unused-argument
_url = reverse('projectreview-task', kwargs={'pk': self.task.pk})
request = self.request_factory.get(_url)
request.user = self.user
request = mock_middleware(request)
response = self.view(request)
eq_(response.status_code, 200)
def test_staff_get(self):
"""Staff users should have access to the update view."""
staff_user = muckrock.factories.UserFactory(is_staff=True)
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = staff_user
response = self.view(request, slug=self.org.slug)
eq_(response.status_code, 200)
ok_(isinstance(response.context_data['form'], muckrock.organization.forms.StaffUpdateForm),
'Staff should be shown a special staff-only organization update form.')
def test_bad_post_data(self):
"""Bad post data should cancel the transaction."""
existing_request_count = self.user.profile.num_requests
bad_data = {'tok': 'bad'}
post_request = self.factory.post(self.url, bad_data)
post_request = mock_middleware(post_request)
post_request.user = self.user
self.view(post_request, self.user.username)
self.user.profile.refresh_from_db()
eq_(self.user.profile.num_requests, existing_request_count)
def test_get_ok(self):
"""Regular users should be able to create a request."""
regular_user = muckrock.factories.UserFactory()
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = regular_user
response = self.create_view(request)
eq_(response.status_code, 200,
'Regular users should be able to create an organization.')
ok_(isinstance(response.context_data['form'], muckrock.organization.forms.CreateForm),
'Regular users should be shown the regular creation form.')
def test_gift_requests_anonymously(self):
"""Logged out users should also be able to buy someone else requests."""
other_user = UserFactory()
existing_request_count = other_user.profile.num_requests
post_request = self.factory.post(self.url, self.data)
post_request = mock_middleware(post_request)
post_request.user = AnonymousUser()
self.view(post_request, other_user.username)
other_user.profile.refresh_from_db()
requests_to_add = 4
eq_(other_user.profile.num_requests,
existing_request_count + requests_to_add)
def post_helper(self, data, user):
"""Returns a post response"""
request = self.request_factory.post(self.url, data)
request.user = user
request = mock_middleware(request)
return self.view(
request,
slug=self.article.slug,
year=self.article.pub_date.strftime('%Y'),
month=self.article.pub_date.strftime('%b').lower(),
day=self.article.pub_date.strftime('%d')
)
def test_buy_requests(self):
"""A user should be able to buy themselves requests."""
existing_request_count = self.user.profile.num_requests
post_request = self.factory.post(self.url, self.data)
post_request = mock_middleware(post_request)
post_request.user = self.user
self.view(post_request, self.user.username)
self.user.profile.refresh_from_db()
requests_to_add = settings.BUNDLED_REQUESTS[
self.user.profile.acct_type]
eq_(self.user.profile.num_requests,
existing_request_count + requests_to_add)
def test_staff_get(self):
"""Staff should be able to create an org even if they own a different one."""
staff_user = muckrock.factories.UserFactory(is_staff=True)
muckrock.factories.OrganizationFactory(owner=staff_user)
request = self.request_factory.get(self.url)
request = mock_middleware(request)
request.user = staff_user
response = self.create_view(request)
eq_(response.status_code, 200,
'Staff should be allowed to create an organization even if they already own one.')
ok_(isinstance(response.context_data['form'], muckrock.organization.forms.StaffCreateForm),
'Staff should be shown a special staff-only creation form.')
def test_remove_self(self):
"""However, a member may remove themself from an org."""
member = muckrock.factories.UserFactory(profile__organization=self.org)
data = {
'action': 'remove_member',
'member': member.pk
}
request = self.request_factory.post(self.url, data)
request = mock_middleware(request)
request.user = member
self.view(request, slug=self.org.slug)
ok_(not self.org.has_member(member))
def test_user_remove(self):
"""Regular user should not be able to remove members."""
member = muckrock.factories.UserFactory(profile__organization=self.org)
data = {
'action': 'remove_member',
'member': member.pk
}
request = self.request_factory.post(self.url, data)
request = mock_middleware(request)
request.user = muckrock.factories.UserFactory()
self.view(request, slug=self.org.slug)
ok_(self.org.has_member(member))
def test_post_ok(self, mock_activation):
"""Posting a valid Stripe token and the number of seats should activate the organization."""
logging.debug(self.org.max_users)
data = {'stripe_token': 'test', 'max_users': self.org.max_users}
request = self.request_factory.post(self.url, data)
request = mock_middleware(request)
request.user = self.org.owner
response = self.view(request, slug=self.org.slug)
self.org.refresh_from_db()
eq_(response.status_code, 302,
'The view should redirect to the org page on success.')
ok_(mock_activation.called,
'The organization should be activated! That\'s the whole point!')
def test_buy_requests_as_org(self):
"""An org member should get an extra request in each bundle."""
existing_request_count = self.user.profile.num_requests
self.user.profile.organization = OrganizationFactory(active=True)
self.user.profile.save()
post_request = self.factory.post(self.url, self.data)
post_request = mock_middleware(post_request)
post_request.user = self.user
self.view(post_request, self.user.username)
self.user.profile.refresh_from_db()
requests_to_add = 5
eq_(self.user.profile.num_requests,
existing_request_count + requests_to_add)
def test_owner_post(self, mock_update):
"""The org should update its subscription when valid data is posted."""
starting_max_users = self.org.max_users
data = {'max_users': starting_max_users + 1}
request = self.request_factory.post(self.url, data)
request = mock_middleware(request)
request.user = self.org.owner
response = self.view(request, slug=self.org.slug)
self.org.refresh_from_db()
eq_(self.org.max_users, starting_max_users,
'The update view shouldn\'t modify the org itself.')
ok_(mock_update.called)
eq_(response.status_code, 302)