def test_init_config(self): response = self._testApiCallAdmin01('group-project-map-config', [ self.qdjango_project.group.slug, 'qdjango', self.qdjango_project.pk ]) resp = json.loads(response.content) fields = {} for f in [l for l in resp['layers'] if l['name'] == 'world'][0]['fields']: fields[f['label']] = f['show'] self.assertTrue(fields['AREA']) self.assertTrue(fields['SOURCETHM']) acl = ColumnAcl(layer=self.world, user=self.test_user1, restricted_fields=['AREA', 'SOURCETHM']) acl.save() response = self._testApiCallAdmin01('group-project-map-config', [ self.qdjango_project.group.slug, 'qdjango', self.qdjango_project.pk ]) resp = json.loads(response.content) fields = {} for f in [l for l in resp['layers'] if l['name'] == 'world'][0]['fields']: fields[f['label']] = f['show'] self.assertFalse(fields['AREA']) self.assertFalse(fields['SOURCETHM'])
def test_vector_api(self): response = self._testApiCallAdmin01('core-vector-api', [ 'data', 'qdjango', self.world.project.pk, self.world.qgis_layer.id() ]) resp = json.loads(response.content) record = resp['vector']['data']['features'][0]['properties'] self.assertEqual(list(record.keys()), ['APPROX', 'AREA', 'CAPITAL', 'NAME', 'SOURCETHM']) self.assertIsNotNone(record['AREA']) self.assertIsNotNone(record['SOURCETHM']) acl = ColumnAcl(layer=self.world, user=self.test_user1, restricted_fields=['AREA', 'SOURCETHM']) acl.save() response = self._testApiCallAdmin01('core-vector-api', [ 'data', 'qdjango', self.world.project.pk, self.world.qgis_layer.id() ]) resp = json.loads(response.content) # Check that excluded attributes are None record = resp['vector']['data']['features'][0]['properties'] self.assertIsNone(record['AREA']) self.assertIsNone(record['SOURCETHM'])
def test_model_constraints_nogroup(self): """Test model validation with no group and user""" acl = ColumnAcl(layer=self.cloned_layer, restricted_fields=['APPROX', 'AREA']) with self.assertRaises(IntegrityError): acl.save()
def test_user_column_acl_model(self): """Test model soft triggers""" self.assertFalse(self.cloned_layer.has_column_acl) self.assertFalse(self.world.has_column_acl) self.assertIn( 'APPROX', self.cloned_layer.visible_fields_for_user(self.test_user1)) self.assertIn( 'AREA', self.cloned_layer.visible_fields_for_user(self.test_user1)) acl = ColumnAcl(layer=self.cloned_layer, user=self.test_user1, restricted_fields=['APPROX', 'AREA']) acl.save() self.assertTrue(self.cloned_layer.has_column_acl) self.assertNotIn( 'APPROX', self.cloned_layer.visible_fields_for_user(self.test_user1)) self.assertNotIn( 'AREA', self.cloned_layer.visible_fields_for_user(self.test_user1)) acl.layer = self.world acl.save() self.assertTrue(self.world.has_column_acl) self.assertNotIn('APPROX', self.world.visible_fields_for_user(self.test_user1)) self.assertNotIn('AREA', self.world.visible_fields_for_user(self.test_user1)) self.cloned_layer = Layer.objects.get(pk=self.cloned_layer.pk) self.assertFalse(self.cloned_layer.has_column_acl) self.assertIn( 'APPROX', self.cloned_layer.visible_fields_for_user(self.test_user1)) self.assertIn( 'AREA', self.cloned_layer.visible_fields_for_user(self.test_user1)) acl2 = ColumnAcl(layer=self.cloned_layer, user=self.test_user1, restricted_fields=['SOURCETHM']) acl2.save() self.cloned_layer = Layer.objects.get(pk=self.cloned_layer.pk) self.assertTrue(self.cloned_layer.has_column_acl) acl.layer = self.cloned_layer acl.save() self.cloned_layer = Layer.objects.get(pk=self.cloned_layer.pk) self.assertTrue(self.cloned_layer.has_column_acl) acl.delete() self.cloned_layer = Layer.objects.get(pk=self.cloned_layer.pk) self.assertTrue(self.cloned_layer.has_column_acl) ColumnAcl.objects.all().delete() self.cloned_layer = Layer.objects.get(pk=self.cloned_layer.pk) self.assertFalse(self.cloned_layer.has_column_acl)
def test_user_column_acl_data(self): """Test data retrieval""" acl = ColumnAcl(layer=self.world, user=self.test_user1, restricted_fields=['APPROX', 'AREA']) acl.save() ows_url = reverse('OWS:ows', kwargs={ 'group_slug': self.qdjango_project.group.slug, 'project_type': 'qdjango', 'project_id': self.qdjango_project.id }) # Make a request to the server c = Client() self.assertTrue(c.login(username='******', password='******')) response = c.get( ows_url, { 'REQUEST': 'GetFeatureInfo', 'SERVICE': 'WMS', 'VERSION': '1.1.0', 'LAYERS': 'world', 'SRS': 'EPSG:4326', 'BBOX': '7,45,7.2,45.2', 'FORMAT': 'image/png', 'INFO_FORMAT': 'application/json', 'WIDTH': '100', 'HEIGHT': '100', 'QUERY_LAYERS': 'world', 'FEATURE_COUNT': 1, 'X': '50', 'Y': '50', }) jcontent = json.loads(response.content.decode('utf8')) self.assertFalse( 'APPROX' in jcontent['features'][0]['properties'].keys()) self.assertFalse( 'AREA' in jcontent['features'][0]['properties'].keys())
def test_api(self): """Test api""" response = self._testApiCallAdmin01('qdjango-column-acl-api-list', []) resp = json.loads(response.content) self.assertEqual(resp['count'], 0) acl = ColumnAcl(layer=self.world, user=self.test_user1, restricted_fields=['APPROX', 'AREA']) acl.save() response = self._testApiCallAdmin01('qdjango-column-acl-api-list', []) resp = json.loads(response.content) self.assertEqual(resp['count'], 1) self.assertEqual(resp['results'][0]['restricted_fields'], ['APPROX', 'AREA']) self.assertEqual(resp['results'][0]['user'], self.test_user1.pk) self.assertIsNone(resp['results'][0]['group']) # Second acl, for group viewer 2 viewer2_group = AuthGroup.objects.get(name='Viewer Level 2') acl2 = ColumnAcl(layer=self.cloned_layer, group=viewer2_group, restricted_fields=['AREA']) acl2.save() response = self._testApiCallAdmin01('qdjango-column-acl-api-list', []) resp = json.loads(response.content) self.assertEqual(resp['count'], 2) self.assertEqual(resp['results'][0]['restricted_fields'], ['AREA']) self.assertIsNone(resp['results'][0]['user']) self.assertEqual(resp['results'][0]['group'], viewer2_group.pk) # Test filter by layer id response = self._testApiCallAdmin01( 'qdjango-column-acl-api-filter-by-layer-id', [self.world.pk]) resp = json.loads(response.content) self.assertEqual(resp['count'], 1) self.assertEqual(resp['results'][0]['restricted_fields'], ['APPROX', 'AREA']) self.assertEqual(resp['results'][0]['user'], self.test_user1.pk) self.assertIsNone(resp['results'][0]['group']) # Test filter by user response = self._testApiCallAdmin01( 'qdjango-column-acl-api-filter-by-user', [self.test_user1.pk]) resp = json.loads(response.content) self.assertEqual(resp['count'], 1) self.assertEqual(resp['results'][0]['restricted_fields'], ['APPROX', 'AREA']) self.assertEqual(resp['results'][0]['user'], self.test_user1.pk) self.assertIsNone(resp['results'][0]['group']) # Test filter by group response = self._testApiCallAdmin01( 'qdjango-column-acl-api-filter-by-group', [viewer2_group.pk]) resp = json.loads(response.content) self.assertEqual(resp['count'], 1) self.assertEqual(resp['results'][0]['restricted_fields'], ['AREA']) self.assertIsNone(resp['results'][0]['user']) self.assertEqual(resp['results'][0]['group'], viewer2_group.pk) # Test detail response = self._testApiCallAdmin01('qdjango-column-acl-api-detail', [acl2.pk]) resp_detail = json.loads(response.content) self.assertEqual(resp_detail, resp['results'][0]) # Test POST payload = { 'layer': self.world.pk, 'group': viewer2_group.pk, 'user': '', 'restricted_fields': ['NAME'] } response = self._testApiCallAdmin01Post('qdjango-column-acl-api-list', payload, []) self.assertEqual(response.status_code, 201) resp = json.loads(response.content) acl_pk = resp['pk'] acl3 = ColumnAcl.objects.get(pk=acl_pk) self.assertEqual(acl3.group, viewer2_group) self.assertEqual(acl3.layer, self.world) self.assertEqual(acl3.restricted_fields, ['NAME']) self.assertIsNone(acl3.user) self.assertEqual(resp['groupname'], 'Viewer Level 2') # Test errors: field does not exist payload = { 'layer': self.world.pk, 'group': viewer2_group.pk, 'user': '', 'restricted_fields': ['I_DONT_EXIST'] } response = self._testApiCallAdmin01Post('qdjango-column-acl-api-list', payload, []) self.assertEqual(response.status_code, 400) resp = json.loads(response.content) self.assertFalse(resp['result']) # Test errors: raster layer payload = { 'layer': Layer.objects.filter(layer_type='gdal')[0].pk, 'group': viewer2_group.pk, 'user': '', 'restricted_fields': ['I_DONT_EXIST'] } response = self._testApiCallAdmin01Post('qdjango-column-acl-api-list', payload, []) self.assertEqual(response.status_code, 400) resp = json.loads(response.content) self.assertFalse(resp['result'])