def test_post_submission_require_auth_data_entry_role(self): self.user.profile.require_auth = True self.user.profile.save() alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) DataEntryRole.add(alice_profile.user, self.xform) count = Attachment.objects.count() s = self.surveys[0] media_file = "1335783522563.jpg" path = os.path.join(self.main_directory, 'fixtures', 'transportation', 'instances', s, media_file) with open(path) as f: f = InMemoryUploadedFile(f, 'media_file', media_file, 'image/jpg', os.path.getsize(path), None) submission_path = os.path.join(self.main_directory, 'fixtures', 'transportation', 'instances', s, s + '.xml') with open(submission_path) as sf: data = {'xml_submission_file': sf, 'media_file': f} request = self.factory.post('/submission', data) response = self.view(request) self.assertEqual(response.status_code, 401) response = self.view(request, username=self.user.username) self.assertEqual(response.status_code, 401) self.assertEqual(count, Attachment.objects.count()) auth = DigestAuth('alice', 'bobbob') request.META.update(auth(request.META, response)) response = self.view(request, username=self.user.username) self.assertContains(response, 'Successful submission', status_code=201)
def test_get_xform_list_other_user_with_dataentry_role(self): request = self.factory.get('/') response = self.view(request) alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) DataEntryRole.add(alice_profile.user, self.xform) self.assertTrue( DataEntryRole.user_has_role(alice_profile.user, self.xform) ) auth = DigestAuth('alice', 'bobbob') request.META.update(auth(request.META, response)) response = self.view(request) self.assertEqual(response.status_code, 200) path = os.path.join( os.path.dirname(__file__), '..', 'fixtures', 'formList.xml') with open(path) as f: form_list_xml = f.read().strip() data = {"hash": self.xform.hash, "pk": self.xform.pk} content = response.render().content self.assertEqual(content, form_list_xml % data) self.assertTrue(response.has_header('X-OpenRosa-Version')) self.assertTrue( response.has_header('X-OpenRosa-Accept-Content-Length')) self.assertTrue(response.has_header('Date')) self.assertEqual(response['Content-Type'], 'text/xml; charset=utf-8')
def test_get_xform_list_other_user_with_dataentry_role(self): request = self.factory.get('/') response = self.view(request) alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) DataEntryRole.add(alice_profile.user, self.xform) self.assertTrue( DataEntryRole.user_has_role(alice_profile.user, self.xform)) auth = DigestAuth('alice', 'bobbob') request.META.update(auth(request.META, response)) response = self.view(request) self.assertEqual(response.status_code, 200) path = os.path.join( os.path.dirname(__file__), '..', 'fixtures', 'formList.xml') with open(path, encoding='utf-8') as f: form_list_xml = f.read().strip() data = {"hash": self.xform.hash, "pk": self.xform.pk} content = response.render().content.decode('utf-8') self.assertEqual(content, form_list_xml % data) self.assertTrue(response.has_header('X-OpenRosa-Version')) self.assertTrue( response.has_header('X-OpenRosa-Accept-Content-Length')) self.assertTrue(response.has_header('Date')) self.assertEqual(response['Content-Type'], 'text/xml; charset=utf-8')
def test_post_submission_require_auth_data_entry_role(self): self.user.profile.require_auth = True self.user.profile.save() alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) DataEntryRole.add(alice_profile.user, self.xform) count = Attachment.objects.count() s = self.surveys[0] media_file = "1335783522563.jpg" path = os.path.join(self.main_directory, 'fixtures', 'transportation', 'instances', s, media_file) with open(path) as f: f = InMemoryUploadedFile(f, 'media_file', media_file, 'image/jpg', os.path.getsize(path), None) submission_path = os.path.join( self.main_directory, 'fixtures', 'transportation', 'instances', s, s + '.xml') with open(submission_path) as sf: data = {'xml_submission_file': sf, 'media_file': f} request = self.factory.post('/submission', data) response = self.view(request) self.assertEqual(response.status_code, 401) response = self.view(request, username=self.user.username) self.assertEqual(response.status_code, 401) self.assertEqual(count, Attachment.objects.count()) auth = DigestAuth('alice', 'bobbob') request.META.update(auth(request.META, response)) response = self.view(request, username=self.user.username) self.assertContains(response, 'Successful submission', status_code=201)
def test_set_project_perms_to_xform(self): """ Test set_project_perms_to_xform(xform, project) """ self._publish_transportation_form() # Alice has data entry role to default project alice = self._create_user('alice', 'alice', create_profile=True) DataEntryRole.add(alice, self.project) set_project_perms_to_xform(self.xform, self.project) self.assertTrue(DataEntryRole.user_has_role(alice, self.xform)) self.assertTrue(self.project.pk, self.xform.project_id) # Create other project and transfer xform to new project project_b = Project(name='Project B', created_by=self.user, organization=self.user) project_b.save() self.xform.project = project_b self.xform.save() self.xform.refresh_from_db() self.assertTrue(self.project.pk, self.xform.project_id) # set permissions for new project set_project_perms_to_xform(self.xform, project_b) # Alice should have no data entry role to transfered form self.assertFalse(DataEntryRole.user_has_role(alice, self.xform))
def test_set_project_perms_to_xform(self): """ Test set_project_perms_to_xform(xform, project) """ self._publish_transportation_form() # Alice has data entry role to default project alice = self._create_user('alice', 'alice', create_profile=True) DataEntryRole.add(alice, self.project) set_project_perms_to_xform(self.xform, self.project) self.assertTrue(DataEntryRole.user_has_role(alice, self.xform)) self.assertTrue(self.project.pk, self.xform.project_id) # Create other project and transfer xform to new project project_b = Project( name='Project B', created_by=self.user, organization=self.user) project_b.save() self.xform.project = project_b self.xform.save() self.xform.refresh_from_db() self.assertTrue(self.project.pk, self.xform.project_id) # set permissions for new project set_project_perms_to_xform(self.xform, project_b) # Alice should have no data entry role to transfered form self.assertFalse(DataEntryRole.user_has_role(alice, self.xform))
def test_add_project_perms_to_team(self): # create an org, user, team organization = self._create_organization("test org", self.user) user_deno = self._create_user('deno', 'deno') # add a member to the team team = tools.create_organization_team(organization, "test team") tools.add_user_to_team(team, user_deno) project = Project.objects.create(name="Test Project", organization=organization, created_by=user_deno, metadata='{}') # confirm that the team has no permissions self.assertFalse(team.groupobjectpermission_set.all()) # set DataEntryRole role of project on team DataEntryRole.add(team, project) content_type = ContentType.objects.get( model=project.__class__.__name__.lower(), app_label=project.__class__._meta.app_label) object_permissions = team.groupobjectpermission_set.filter( object_pk=project.pk, content_type=content_type) permission_names = sorted( [p.permission.codename for p in object_permissions]) self.assertEqual([ CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT ], permission_names) self.assertEqual(get_team_project_default_permissions(team, project), DataEntryRole.name) # Add a new user user_sam = self._create_user('Sam', 'sammy_') self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project)) # Add the user to the group tools.add_user_to_team(team, user_sam) # assert that team member has default perm set on team self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project)) # assert that removing team member revokes perms tools.remove_user_from_team(team, user_sam) self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def test_role_update_xform_meta_perms(self): alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) EditorRole.add(alice_profile.user, self.xform) view = MetaDataViewSet.as_view({ 'post': 'create', 'put': 'update' }) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor-minor|dataentry', 'xform': self.xform.pk } request = self.factory.post('/', data, **self.extra) response = view(request) self.assertEqual(response.status_code, 201) self.assertFalse( EditorRole.user_has_role(alice_profile.user, self.xform)) self.assertTrue( EditorMinorRole.user_has_role(alice_profile.user, self.xform)) meta = MetaData.xform_meta_permission(self.xform) DataEntryRole.add(alice_profile.user, self.xform) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor|dataentry-only', 'xform': self.xform.pk } request = self.factory.put('/', data, **self.extra) response = view(request, pk=meta.pk) self.assertEqual(response.status_code, 200) self.assertFalse( DataEntryRole.user_has_role(alice_profile.user, self.xform)) self.assertTrue( DataEntryOnlyRole.user_has_role(alice_profile.user, self.xform))
def test_add_project_perms_to_team(self): # create an org, user, team organization = self._create_organization("test org", self.user) user_deno = self._create_user("deno", "deno") # add a member to the team team = tools.create_organization_team(organization, "test team") tools.add_user_to_team(team, user_deno) project = Project.objects.create( name="Test Project", organization=organization, created_by=user_deno, metadata="{}" ) # confirm that the team has no permissions self.assertFalse(team.groupobjectpermission_set.all()) # set DataEntryRole role of project on team DataEntryRole.add(team, project) content_type = ContentType.objects.get( model=project.__class__.__name__.lower(), app_label=project.__class__._meta.app_label ) object_permissions = team.groupobjectpermission_set.filter(object_pk=project.pk, content_type=content_type) permission_names = sorted([p.permission.codename for p in object_permissions]) self.assertEqual([CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT], permission_names) self.assertEqual(get_team_project_default_permissions(team, project), DataEntryRole.name) # Add a new user user_sam = self._create_user("Sam", "sammy_") self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project)) # Add the user to the group tools.add_user_to_team(team, user_sam) # assert that team member has default perm set on team self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project)) # assert that removing team member revokes perms tools.remove_user_from_team(team, user_sam) self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def test_add_project_perms_to_team(self): # create an org, user, team organization = self._create_organization("test org", self.user) user_deno = self._create_user('deno', 'deno') # add a member to the team team = tools.create_organization_team(organization, "test team") tools.add_user_to_team(team, user_deno) project = Project.objects.create(name="Test Project", organization=organization, created_by=user_deno, metadata='{}') # confirm that the team has no permissions on project self.assertFalse(get_perms(team, project)) # set DataEntryRole role of project on team DataEntryRole.add(team, project) self.assertEqual([CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT, CAN_VIEW_PROJECT_ALL, CAN_VIEW_PROJECT_DATA], sorted(get_perms(team, project))) self.assertEqual(get_team_project_default_permissions(team, project), DataEntryRole.name) # Add a new user user_sam = self._create_user('Sam', 'sammy_') self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project)) # Add the user to the group tools.add_user_to_team(team, user_sam) # assert that team member has default perm set on team self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project)) # assert that removing team member revokes perms tools.remove_user_from_team(team, user_sam) self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def test_add_project_perms_to_team(self): # create an org, user, team organization = self._create_organization("test org", self.user) user_deno = self._create_user('deno', 'deno') # add a member to the team team = tools.create_organization_team(organization, "test team") tools.add_user_to_team(team, user_deno) project = Project.objects.create(name="Test Project", organization=organization, created_by=user_deno, metadata='{}') # confirm that the team has no permissions on project self.assertFalse(get_perms(team, project)) # set DataEntryRole role of project on team DataEntryRole.add(team, project) self.assertEqual([ CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT, CAN_VIEW_PROJECT_ALL, CAN_VIEW_PROJECT_DATA ], sorted(get_perms(team, project))) self.assertEqual(get_team_project_default_permissions(team, project), DataEntryRole.name) # Add a new user user_sam = self._create_user('Sam', 'sammy_') self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project)) # Add the user to the group tools.add_user_to_team(team, user_sam) # assert that team member has default perm set on team self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project)) # assert that removing team member revokes perms tools.remove_user_from_team(team, user_sam) self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project)) self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))