def test_route_for_service_permissions(mocker, app_, api_user_active, service_one, mock_get_service, mock_get_user, mock_get_service_templates, mock_get_jobs, mock_get_template_statistics, mock_get_detailed_service, mock_get_usage): routes = [ 'main.service_dashboard'] with app_.test_request_context(): # Just test that the user is part of the service for route in routes: validate_route_permission( mocker, app_, "GET", 200, url_for( route, service_id=service_one['id']), ['view_activity'], api_user_active, service_one)
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, mock_get_service_template, mock_get_service_templates, mock_get_jobs, mock_get_notifications, mock_create_job, fake_uuid, route): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 403, url_for( route, service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['blah'], api_user_active, service_one)
def test_route_for_service_permissions( mocker, app_, api_user_active, service_one, mock_get_service, mock_get_user, mock_get_service_templates, mock_get_jobs, mock_get_template_statistics, mock_get_service_statistics, mock_get_usage, mock_get_inbound_sms_summary, ): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 200, url_for("main.service_dashboard", service_id=service_one["id"]), ["view_activity"], api_user_active, service_one, )
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, mock_get_service_template, mock_get_service_templates, mock_get_jobs, mock_get_notifications, mock_create_job, fake_uuid): routes = [ 'main.choose_template', 'main.send_messages', 'main.get_example_csv', 'main.send_test'] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 403, url_for( route, service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['blah'], api_user_active, service_one)
def test_route_permissions(mocker, app_, api_user_active, service_one, mock_get_service_template, mock_get_service_templates, mock_get_jobs, mock_get_notifications, mock_create_job, mock_s3_upload, fake_uuid, route, response_code): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", response_code, url_for( route, service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['send_texts', 'send_emails', 'send_letters'], api_user_active, service_one)
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, mock_get_api_keys): routes = ['main.api_keys', 'main.create_api_key', 'main.revoke_api_key'] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id'], key_id=123), ['view_activity'], api_user_active, service_one)
def test_route_for_platform_admin_update_service(mocker, app_, platform_admin_user, service_one): routes = ['main.service_switch_live', 'main.service_switch_research_mode'] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 302, url_for(route, service_id=service_one['id']), [], platform_admin_user, service_one)
def test_route_for_platform_admin(mocker, app_, platform_admin_user, service_one, route): with app_.test_request_context(): validate_route_permission(mocker, app_, "GET", 200, url_for(route, service_id=service_one['id']), [], platform_admin_user, service_one)
def test_should_403_if_user_does_not_have_send_permissions_for_tour_step( mocker, app_, client, api_user_active, mock_get_service_template_with_multiple_placeholders, service_one, fake_uuid, method): validate_route_permission( mocker, app_, method, 403, url_for('main.tour_step', service_id=SERVICE_ONE_ID, template_id=fake_uuid, step_index=1), ['view_activity'], api_user_active, service_one)
def test_route_permissions(mocker, app_, api_user_active, service_one, route): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 200, url_for(route, service_id=service_one['id']), ['manage_settings'], api_user_active, service_one)
def test_route_for_platform_admin_update_service(mocker, app_, platform_admin_user, service_one, route): mocker.patch('app.service_api_client.deactivate_service') with app_.test_request_context(): validate_route_permission(mocker, app_, "GET", 302, url_for(route, service_id=service_one['id']), [], platform_admin_user, service_one)
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, route): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id']), ['blah'], api_user_active, service_one)
def test_route_for_platform_admin(mocker, app_, platform_admin_user, service_one, mock_get_organisation): routes = [ 'main.service_settings', 'main.service_name_change', 'main.service_name_change_confirm', 'main.service_request_to_go_live', 'main.service_delete', 'main.service_delete_confirm' ] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 200, url_for(route, service_id=service_one['id']), [], platform_admin_user, service_one)
def test_route_invalid_permissions( mocker, app_, api_user_active, service_one, mock_get_api_keys, route, ): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id'], key_id=123), ['view_activity'], api_user_active, service_one)
def test_route_permissions( mocker, app_, fake_uuid, api_user_active, service_one, mock_get_api_keys, route, ): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 200, url_for(route, service_id=service_one['id'], key_id=fake_uuid), ['manage_api_keys'], api_user_active, service_one)
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, mock_get_organisation): routes = [ 'main.service_settings', 'main.service_name_change', 'main.service_name_change_confirm', 'main.service_request_to_go_live', 'main.service_switch_live', 'main.service_switch_research_mode', 'main.service_delete', 'main.service_delete_confirm' ] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id']), ['blah'], api_user_active, service_one)
def test_route_permissions_for_choose_template( mocker, app_, client, api_user_active, service_one, mock_get_service_templates, ): mocker.patch('app.job_api_client.get_job') validate_route_permission( mocker, app_, "GET", 200, url_for( 'main.choose_template', service_id=service_one['id'], ), ['view_activity'], api_user_active, service_one)
def test_route_for_platform_admin_update_service(mocker, app_, platform_admin_user, service_one): routes = [ 'main.service_switch_live', 'main.service_switch_research_mode' ] with app_.test_request_context(): for route in routes: validate_route_permission(mocker, app_, "GET", 302, url_for(route, service_id=service_one['id']), [], platform_admin_user, service_one)
def test_route_choose_template_send_messages_permissions(mocker, app_, active_user_with_permissions, service_one, mock_get_service, mock_check_verify_code, mock_get_service_templates, mock_get_jobs): with app_.test_request_context(): template_id = None for temp in mock_get_service_templates(service_one['id'])['data']: if temp['template_type'] == 'sms': template_id = temp['id'] assert template_id resp = validate_route_permission( mocker, app_, "GET", 200, url_for( 'main.choose_template', service_id=service_one['id'], template_type='sms'), ['send_texts', 'send_emails', 'send_letters'], active_user_with_permissions, service_one) page = resp.get_data(as_text=True) assert url_for( "main.send_messages", service_id=service_one['id'], template_id=template_id) in page assert url_for( "main.edit_service_template", service_id=service_one['id'], template_id=template_id) not in page
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, mock_get_api_keys, route): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id'], key_id=123), ['view_activity'], api_user_active, service_one)
def test_route_permissions(mocker, app_, api_user_active, service_one, mock_get_service_template, mock_get_service_templates, mock_get_jobs, mock_get_notifications, mock_create_job, mock_s3_upload, fake_uuid): routes = [ 'main.choose_template', 'main.send_messages', 'main.get_example_csv'] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 200, url_for( route, service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['send_texts', 'send_emails', 'send_letters'], api_user_active, service_one) with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 302, url_for( 'main.send_test', service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['send_texts', 'send_emails', 'send_letters'], api_user_active, service_one)
def test_route_invalid_permissions( route, mocker, app_, client, api_user_active, service_one, mock_get_service_template, mock_get_template_statistics_for_template, fake_uuid, ): validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['view_activity'], api_user_active, service_one)
def test_route_permissions_for_choose_template(mocker, app_, api_user_active, service_one, mock_get_service_templates): mocker.patch('app.job_api_client.get_job') with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 200, url_for( 'main.choose_template', service_id=service_one['id'], template_type='sms'), ['view_activity'], api_user_active, service_one)
def test_route_invalid_permissions( mocker, app_, fake_uuid, api_user_active, service_one, mock_get_api_keys, route, ): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one["id"], key_id=fake_uuid), ["view_activity"], api_user_active, service_one, )
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one, mock_get_api_keys): routes = [ 'main.api_keys', 'main.create_api_key', 'main.revoke_api_key'] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id'], key_id=123), ['view_activity'], api_user_active, service_one)
def test_route_for_platform_admin(mocker, app_, platform_admin_user, service_one): routes = [ 'main.service_settings', 'main.service_name_change', 'main.service_name_change_confirm', 'main.service_request_to_go_live', 'main.service_status_change', 'main.service_status_change_confirm', 'main.service_delete', 'main.service_delete_confirm' ] with app_.test_request_context(): for route in routes: validate_route_permission(mocker, app_, "GET", 200, url_for(route, service_id=service_one['id']), [], platform_admin_user, service_one)
def test_route_permissions(route, mocker, app_, api_user_active, service_one, mock_get_service_template, mock_get_template_statistics_for_template, fake_uuid): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 200, url_for( route, service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['manage_templates'], api_user_active, service_one)
def test_route_invalid_permissions(route, mocker, app_, api_user_active, service_one, mock_get_service_template, mock_get_template_statistics_for_template, fake_uuid): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 403, url_for( route, service_id=service_one['id'], template_type='sms', template_id=fake_uuid), ['view_activity'], api_user_active, service_one)
def test_route_invalid_permissions(mocker, app_, api_user_active, service_one): routes = [ 'main.service_settings', 'main.service_name_change', 'main.service_name_change_confirm', 'main.service_request_to_go_live', 'main.service_switch_live', 'main.service_switch_research_mode', 'main.service_status_change', 'main.service_status_change_confirm', 'main.service_delete', 'main.service_delete_confirm'] with app_.test_request_context(): for route in routes: validate_route_permission( mocker, app_, "GET", 403, url_for(route, service_id=service_one['id']), ['blah'], api_user_active, service_one)
def test_route_for_service_permissions( mocker, app_, api_user_active, service_one, mock_get_service, mock_get_user, mock_get_service_templates, mock_get_jobs, mock_get_template_statistics, mock_get_detailed_service, mock_get_usage, ): with app_.test_request_context(): validate_route_permission( mocker, app_, "GET", 200, url_for("main.service_dashboard", service_id=service_one["id"]), ["view_activity"], api_user_active, service_one, )
def test_route_choose_template_manage_api_keys_permissions(mocker, app_, api_user_active, service_one, mock_get_user, mock_get_service, mock_check_verify_code, mock_get_service_templates, mock_get_jobs): with app_.test_request_context(): template_id = None for temp in mock_get_service_templates(service_one['id'])['data']: if temp['template_type'] == 'sms': template_id = temp['id'] assert template_id resp = validate_route_permission( mocker, app_, "GET", 200, url_for( 'main.choose_template', service_id=service_one['id'], template_type='sms'), ['manage_api_keys'], api_user_active, service_one) page = resp.get_data(as_text=True) assert url_for( "main.send_test", service_id=service_one['id'], template_id=template_id) not in page assert url_for( "main.edit_service_template", service_id=service_one['id'], template_id=template_id) not in page page = BeautifulSoup(resp.data.decode('utf-8'), 'html.parser') links = page.findAll('a', href=re.compile('^' + url_for( "main.send_from_api", service_id=service_one['id'], template_id=template_id))) assert len(links) == 1
def test_route_choose_template_manage_service_permissions(mocker, app_, api_user_active, service_one, mock_login, mock_get_user, mock_get_service, mock_check_verify_code, mock_get_service_templates, mock_get_jobs): with app_.test_request_context(): template_id = mock_get_service_templates(service_one['id'])['data'][0]['id'] resp = validate_route_permission( mocker, app_, "GET", 200, url_for( 'main.choose_template', service_id=service_one['id'], template_type='sms'), ['manage_users', 'manage_templates', 'manage_settings'], api_user_active, service_one) page = resp.get_data(as_text=True) assert url_for( "main.send_messages", service_id=service_one['id'], template_id=template_id) not in page assert url_for( "main.send_test", service_id=service_one['id'], template_id=template_id) not in page assert url_for( "main.edit_service_template", service_id=service_one['id'], template_id=template_id) in page