def test_cache(client, user, django_assert_num_queries,
django_assert_no_duplicate_queries, settings):
settings.CACHES = {
'api': {
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache'
}
}
service = PartnerViewSet.get_service()
url = f"{service.endpoint}?country_name=bolivia"
client.force_authenticate(user)
with user_allow_country(user, 'bolivia'):
with user_allow_service(user, PartnerViewSet):
res = client.get(url)
assert res.status_code == 200, res.content
assert res['cache-version'] == str(service.cache_version)
assert res['cache-ttl'] == '1y'
key = res['cache-key']
etag = res['etag']
with django_assert_no_duplicate_queries(
ignored=['.*FROM "constance_config"']):
res = client.get(url)
assert res.status_code == 200, res.content
assert res['cache-version'] == str(service.cache_version)
assert res['cache-key'] == key
assert res['cache-ttl'] == '1y'
assert res['etag'] == etag
assert res['cache-hit'] == str(True)
def test_filter_country_invalid(viewset, user_type, op):
user = user_type()
client = APIClient()
client.force_authenticate(user)
service = viewset.get_service()
url = f"{service.endpoint}?country_name{op}aaa"
with user_allow_service(user, viewset):
res = client.get(url)
assert res.status_code == 400
def test_datamart_user_access_forbidden_countries(user, user_data):
client = APIClient()
client.force_authenticate(user)
base = UserStatsViewSet.get_service().endpoint
with user_allow_service(user, UserStatsViewSet):
res = client.get(f"{base}?country_name=lebanon,chad")
assert res.status_code == 403, res
assert res.json() == {
'error': "You are not allowed to access schema: 'chad'"
}
def test_access(db, user_type, op, query, code, allowed):
# etools user has access same countries as in eTools app
user = user_type()
client = APIClient()
client.force_authenticate(user)
url = HACTAggreagateViewSet.get_service().endpoint
with user_allow_service(user, HACTAggreagateViewSet):
with user_allow_country(user, allowed):
res = client.get(f"{url}?country_name{op}{query}")
assert res.status_code == code, res.content
def test_list_web(username, viewset):
user = User.objects.get(username=username)
client = APIClient()
client.force_authenticate(user)
with user_allow_country(user, "bolivia"):
with user_allow_service(user, viewset):
res = client.get(viewset.get_service().endpoint,
HTTP_ACCEPT="text/html")
assert res.status_code == 200, res.content
assert res["Content-Type"] == "text/html; charset=utf-8"
def test_datamart_user_access_wrong_countries(user, user_data):
client = APIClient()
client.force_authenticate(user)
base = UserStatsViewSet.get_service().endpoint
with user_allow_service(user, UserStatsViewSet):
res = client.get(f"{base}?country_name=lebanon,abc,xyz")
assert res.status_code == 400, res
assert res.json() == {
'error': "Invalid schemas: abc,xyz",
'hint': 'Removes wrong schema from selection',
'valid': ['bolivia', 'chad', 'lebanon']
}
def test_filter_cache_country_arg(db, client, flt, monkeypatch):
fake = MockCache()
monkeypatch.setattr('etools_datamart.api.filtering.cache', fake)
url = f"/api/latest/sources/etools/partners/assessment/?%s" % flt
with user_allow_service(client.handler._force_user,
EtoolsAssessmentViewSet):
with user_allow_country(client.handler._force_user,
["bolivia", "chad"]):
client.get(url)
res = client.get(url)
assert fake.data
assert res.status_code == 200, res.content
assert res.json()
def test_etools_user_access_allowed_countries(params):
# etools user has access same countries as in eTools app
user_type, viewset, code = params
user = user_type()
url = viewset.get_service().endpoint
client = APIClient()
client.force_authenticate(user)
# url = PartnerViewSet.get_service().endpoint
#
with user_allow_service(user, viewset):
with user_allow_country(user, "bolivia"):
res = client.get(f"{url}")
assert res.status_code == code, res.content
def test_local_user_access(local_user, user_data):
# etools user has access same countries as in eTools app
client = APIClient()
client.force_authenticate(local_user)
url = PartnerViewSet.get_service().endpoint
with user_allow_service(local_user, PartnerViewSet):
res = client.get(f"{url}")
assert res.status_code == 403, res
assert res.json() == {'error': "You don't have enabled schemas"}
res = client.get(f"{url}?country_name=lebanon,chad")
assert res.status_code == 403, res
assert res.json() == {
'error': "You are not allowed to access schema: 'chad,lebanon'"
}