def test_owner_can_view_other_users_in_project(self): self.client.force_authenticate(self.users['other']) project_permission = factories.ProjectPermissionFactory( user=self.users['owner']) project = project_permission.project factories.ProjectPermissionFactory(project=project, user=self.users['other']) response = self.client.get(factories.UserFactory.get_list_url()) self.assertEqual(len(response.data), 2)
def setUp(self): self.expert_user = structure_factories.UserFactory() self.request_user = structure_factories.UserFactory() self.expert_permission = structure_factories.ProjectPermissionFactory( user=self.expert_user) request_permission = structure_factories.ProjectPermissionFactory( user=self.request_user) self.request = factories.ExpertRequestFactory( project=request_permission.project, user=self.request_user) self.other_user = structure_factories.UserFactory() self.url = structure_factories.UserFactory.get_list_url()
def test_task_revokes_expired_permissions(self): expired_permission = factories.ProjectPermissionFactory( expiration_time=timezone.now() - datetime.timedelta(days=100)) not_expired_permission = factories.ProjectPermissionFactory( expiration_time=timezone.now() + datetime.timedelta(days=100)) tasks.check_expired_permissions() self.assertFalse( expired_permission.project.has_user(expired_permission.user, expired_permission.role)) self.assertTrue( not_expired_permission.project.has_user( not_expired_permission.user, not_expired_permission.role))
def test_project_permission_deleting_is_not_available_for_blocked_organization( self, ): project = factories.ProjectFactory(customer=self.customer) permission = factories.ProjectPermissionFactory(project=project) url = factories.ProjectPermissionFactory.get_url(permission) self.client.force_authenticate(user=self.user) response = self.client.delete(url) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_user_cannot_grant_permissions_with_greater_expiration_time(self): expiration_time = timezone.now() + datetime.timedelta(days=100) permission = factories.ProjectPermissionFactory( role=ProjectRole.MANAGER, expiration_time=expiration_time ) self.client.force_authenticate(user=permission.user) response = self.client.post( factories.ProjectPermissionFactory.get_list_url(), { 'project': factories.ProjectFactory.get_url(project=permission.project), 'user': factories.UserFactory.get_url(), 'role': factories.ProjectPermissionFactory.role, 'expiration_time': expiration_time + datetime.timedelta(days=1), }, ) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def setUp(self): permission = factories.ProjectPermissionFactory() self.user = permission.user self.project = permission.project self.url = reverse('project_permission-detail', kwargs={'pk': permission.pk})