def test_provides_only_subscriptions_associated_with_the_current_journal(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) other_journal = JournalFactory.create(collection=self.collection) subscription_1 = JournalAccessSubscriptionFactory.create(user=self.user, journal=self.journal) JournalAccessSubscriptionFactory.create(user=self.user, journal=other_journal) self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:list", kwargs={"journal_pk": self.journal.pk}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 200) self.assertEqual(list(response.context["subscriptions"]), [subscription_1])
def test_can_create_an_account_action_for_the_subscription(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) post_data = {"email": faker.email(), "first_name": faker.first_name(), "last_name": faker.last_name()} self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:create", kwargs={"journal_pk": self.journal.pk}) # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) tokens = AccountActionToken.objects.all() self.assertEqual(tokens.count(), 1) stoken = tokens.first() self.assertEqual(stoken.content_object, self.journal) self.assertEqual(stoken.email, post_data["email"]) self.assertEqual(stoken.first_name, post_data["first_name"]) self.assertEqual(stoken.last_name, post_data["last_name"])
def test_can_be_used_to_set_a_badge(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_subscription_information.codename) self.client.login(username=self.user.username, password='******') post_data = { 'badge': SimpleUploadedFile('test.jpg', self.images_dict['200x200'].read()), } url = reverse('userspace:library:subscription_information:update', kwargs={ 'organisation_pk': self.organisation.pk, }) # Run response = self.client.post(url, post_data, follow=False) # Check assert response.status_code == 302 self.organisation.refresh_from_db() assert self.organisation.badge is not None width, height = get_image_dimensions(self.organisation.badge) assert width == 140 assert height == 140
def test_can_create_an_account_action_for_the_member(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_members.codename) post_data = { 'email': faker.email(), 'first_name': faker.first_name(), 'last_name': faker.last_name(), } self.client.login(username='******', password='******') url = reverse('userspace:library:members:create', kwargs={ 'organisation_pk': self.organisation.pk}) # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) tokens = AccountActionToken.objects.all() self.assertEqual(tokens.count(), 1) stoken = tokens.first() self.assertEqual(stoken.content_object, self.organisation) self.assertEqual(stoken.email, post_data['email']) self.assertEqual(stoken.first_name, post_data['first_name']) self.assertEqual(stoken.last_name, post_data['last_name'])
def test_can_properly_delete_a_subscription(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) subscription = JournalAccessSubscriptionFactory.create(user=self.user, journal=self.journal) self.client.login(username="******", password="******") url = reverse( "userspace:journal:subscription:delete", kwargs={"journal_pk": self.journal.pk, "pk": subscription.pk} ) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) self.assertFalse(JournalAccessSubscription.objects.exists())
def test_can_create_an_ip_range(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_subscription_ips.codename) self.client.login(username='******', password='******') url = reverse('userspace:library:subscription_ips:create', kwargs={ 'organisation_pk': self.organisation.pk, }) post_data = { 'ip_start': '10.0.0.0', 'ip_end': '11.0.0.0', } # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) ip_range_qs = InstitutionIPAddressRange.objects.filter(subscription=self.subscription) self.assertEqual(ip_range_qs.count(), 1) self.assertEqual(ip_range_qs.first().ip_start, '10.0.0.0') self.assertEqual(ip_range_qs.first().ip_end, '11.0.0.0')
def test_knows_if_a_simple_user_can_edit_journal_information(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_edit_journal_information.codename) # Run & check self.assertTrue(self.user.has_perm('journal.edit_journal_information')) self.assertTrue(self.user.has_perm('journal.edit_journal_information', self.journal))
def test_can_check_if_a_user_has_an_authorization(self): # Setup AuthorizationFactory.create( user=self.user, authorization_codename=AC.can_manage_authorizations.codename) auth_check_1 = HasAuthorization(AC.can_manage_authorizations) auth_check_2 = HasAuthorization(AC.can_manage_individual_subscription) # Run & check self.assertTrue(auth_check_1(self.user)) self.assertFalse(auth_check_2(self.user))
def test_knows_if_a_simple_user_can_manage_individual_subscriptions(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) # Run & check self.assertTrue( self.user.has_perm('subscription.manage_individual_subscription', self.journal))
def test_can_check_if_a_user_has_an_authorization_using_its_group(self): # Setup group = GroupFactory.create() self.user.groups.add(group) AuthorizationFactory.create( group=group, authorization_codename=AC.can_manage_authorizations.codename) auth_check_1 = HasAnyAuthorization([AC.can_manage_authorizations, ]) auth_check_2 = HasAnyAuthorization([AC.can_manage_individual_subscription, ]) # Run & check self.assertTrue(auth_check_1(self.user)) self.assertFalse(auth_check_2(self.user))
def test_can_be_accessed_by_a_user_who_can_consult_royalty_reports(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_consult_royalty_reports.codename) self.client.login(username='******', password='******') url = reverse('userspace:journal:royalty_reports:list', args=(self.journal.pk, )) # Run response = self.client.get(url) # Check assert response.status_code == 200
def test_can_check_if_a_user_has_at_least_one_authorization(self): # Setup AuthorizationFactory.create( user=self.user, authorization_codename=AC.can_manage_authorizations.codename) auth_check_1 = HasAnyAuthorization( [AC.can_manage_authorizations, AC.can_manage_individual_subscription]) auth_check_2 = HasAnyAuthorization( [AC.can_manage_issuesubmission, AC.can_manage_individual_subscription]) # Run & check self.assertTrue(auth_check_1(self.user)) self.assertFalse(auth_check_2(self.user))
def test_can_check_if_a_user_has_an_authorization_on_a_specific_object(self): # Setup object_id = self.journal.id content_type = ContentType.objects.get_for_model(self.journal) AuthorizationFactory.create( user=self.user, authorization_codename=AC.can_manage_authorizations.codename, content_type=content_type, object_id=object_id) auth_check_1 = HasAnyAuthorization([AC.can_manage_authorizations, ]) auth_check_2 = HasAnyAuthorization([AC.can_manage_individual_subscription, ]) # Run & check self.assertTrue(auth_check_1(self.user, self.journal)) self.assertFalse(auth_check_2(self.user, self.journal))
def test_knows_that_a_user_with_the_journal_information_edit_authorization_can_access_the_userspace(self): # noqa # Setup user = User.objects.create_user( username='******', email='*****@*****.**', password='******') self.journal.members.add(user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=user, authorization_codename=AC.can_edit_journal_information.codename) # Run & check self.assertTrue(user.has_perm('userspace.access'))
def test_knows_that_a_user_with_the_issuesubmission_management_authorization_can_access_the_userspace(self): # noqa # Setup user = User.objects.create_user( username='******', email='*****@*****.**', password='******') self.journal.members.add(user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=user, authorization_codename=AC.can_manage_issuesubmission.codename) # Run & check self.assertTrue(user.has_perm('userspace.access'))
def test_can_insert_the_journal_information_into_the_context(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_edit_journal_information.codename) self.client.login(username='******', password='******') jinfo = JournalInformationFactory.create(journal=self.journal) url = reverse('userspace:journal:home', args=(self.journal.pk, )) # Run response = self.client.get(url) # Check assert response.status_code == 200 assert response.context['journal_info'] == jinfo
def test_knows_if_a_simple_user_can_manage_individual_subscriptions(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription. codename) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) # Run & check self.assertTrue( self.user.has_perm('subscription.manage_individual_subscription', self.journal))
def test_embed_the_selected_language_into_the_context(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_edit_journal_information.codename) self.client.login(username='******', password='******') url = reverse('userspace:journal:information:update', kwargs={'journal_pk': self.journal.pk}) # Run response_1 = self.client.get(url) response_2 = self.client.get(url, {'lang': 'en'}) # Check self.assertEqual(response_1.status_code, 200) self.assertEqual(response_2.status_code, 200) self.assertEqual(response_1.context['selected_language'], 'fr') self.assertEqual(response_2.context['selected_language'], 'en')
def test_can_be_used_to_update_journal_information_using_the_current_lang(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_edit_journal_information.codename, ) self.client.login(username="******", password="******") post_data = {"about_fr": "Ceci est un test"} url = reverse("userspace:journal:information:update", kwargs={"journal_pk": self.journal.pk}) # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) info = JournalInformation.objects.get(journal=self.journal) self.assertEqual(info.about_fr, post_data["about_fr"])
def test_can_be_used_to_update_journal_information_using_the_current_lang(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_edit_journal_information.codename) self.client.login(username='******', password='******') post_data = { 'about_fr': 'Ceci est un test', } url = reverse('userspace:journal:information:update', kwargs={'journal_pk': self.journal.pk}) # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) info = JournalInformation.objects.get(journal=self.journal) self.assertEqual(info.about_fr, post_data['about_fr'])
def test_can_properly_delete_an_ip_range(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_subscription_ips.codename) self.client.login(username='******', password='******') url = reverse('userspace:library:subscription_ips:delete', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': self.ip_range.pk, }) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) self.assertFalse( InstitutionIPAddressRange.objects.filter(subscription=self.subscription).exists())
def test_knows_if_a_simple_user_can_manage_organisation_subscription_ips(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_subscription_ips.codename) self.organisation.members.add(self.user) subscription = JournalAccessSubscriptionFactory.create( journal=self.journal, organisation=self.organisation) now_dt = dt.datetime.now() JournalAccessSubscriptionPeriodFactory.create( subscription=subscription, start=now_dt - dt.timedelta(days=8), end=now_dt + dt.timedelta(days=11)) # Run & check self.assertTrue( self.user.has_perm( 'subscription.manage_organisation_subscription_ips', self.organisation))
def test_embed_the_selected_language_into_the_context(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_edit_journal_information.codename, ) self.client.login(username="******", password="******") url = reverse("userspace:journal:information:update", kwargs={"journal_pk": self.journal.pk}) # Run response_1 = self.client.get(url) response_2 = self.client.get(url, {"lang": "en"}) # Check self.assertEqual(response_1.status_code, 200) self.assertEqual(response_2.status_code, 200) self.assertEqual(response_1.context["selected_language"], "fr") self.assertEqual(response_2.context["selected_language"], "en")
def test_can_cancel_an_action_token(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_members.codename) token = AccountActionTokenFactory.create(content_object=self.organisation) self.client.login(username='******', password='******') url = reverse('userspace:library:members:cancel', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': token.pk, }) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) token.refresh_from_db() self.assertFalse(token.active)
def test_provides_only_members_associated_with_the_current_organisation(self): # Setup User.objects.create_user( username='******', email='*****@*****.**', password='******') AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_members.codename) self.client.login(username='******', password='******') url = reverse('userspace:library:members:list', kwargs={ 'organisation_pk': self.organisation.pk, }) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 200) self.assertEqual(list(response.context['members']), [self.user, ])
def test_cannot_be_browsed_by_a_user_who_cannot_review_issue_submissions(self): # Setup user = User.objects.create_user( username='******', email='*****@*****.**', password='******') self.journal.members.add(user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=user, authorization_codename=AC.can_manage_issuesubmission.codename) self.client.login(username='******', password='******') url = reverse('userspace:journal:editor:transition_refuse', args=(self.journal.pk, self.issue_submission.pk, )) # Run response = self.client.post(url) # Check self.assertEqual(response.status_code, 403)
def test_can_be_browsed_by_users_who_can_review_issue_submissions(self): # Setup with open(os.path.join(FIXTURE_ROOT, 'pixel.png'), mode='rb') as f: rfile = ResumableFile.objects.create( path=os.path.join(FIXTURE_ROOT, 'pixel.png'), filesize=f.tell(), uploadsize=f.tell()) user = User.objects.create_user( username='******', email='*****@*****.**', password='******') AuthorizationFactory.create( user=user, authorization_codename=AC.can_review_issuesubmission.codename) self.journal.members.add(user) self.client.login(username='******', password='******') self.issue_submission.last_files_version.submissions.add(rfile) url = reverse('userspace:journal:editor:attachment_detail', kwargs={ 'journal_pk': self.journal.pk, 'pk': rfile.pk}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 200)
def test_can_properly_remove_a_member(self): # Setup user = User.objects.create_user( username='******', email='*****@*****.**', password='******') self.organisation.members.add(user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_members.codename) self.client.login(username='******', password='******') url = reverse('userspace:library:members:delete', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': user.pk, }) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) self.assertEqual(list(self.organisation.members.all()), [self.user, ])
def test_knows_if_a_simple_user_can_manage_organisation_subscription_ips( self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_subscription_ips. codename) self.organisation.members.add(self.user) subscription = JournalAccessSubscriptionFactory.create( journal=self.journal, organisation=self.organisation) now_dt = dt.datetime.now() JournalAccessSubscriptionPeriodFactory.create( subscription=subscription, start=now_dt - dt.timedelta(days=8), end=now_dt + dt.timedelta(days=11)) # Run & check self.assertTrue( self.user.has_perm( 'subscription.manage_organisation_subscription_ips', self.organisation))
def test_can_submit_an_issue_submission(self): # Setup user = User.objects.create_user( username='******', email='*****@*****.**', password='******') self.journal.members.add(user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=user, authorization_codename=AC.can_manage_issuesubmission.codename) self.client.login(username='******', password='******') url = reverse('userspace:journal:editor:transition_submit', args=( self.journal.pk, self.issue_submission.pk, )) # Run response = self.client.post(url) # Check self.assertEqual(response.status_code, 302) self.issue_submission.refresh_from_db() self.assertEqual(self.issue_submission.status, IssueSubmission.SUBMITTED)
def test_provides_all_the_ip_ranges_for_the_current_organisation(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_subscription_ips.codename) ip_range_1 = InstitutionIPAddressRangeFactory.create( subscription=self.subscription, ip_start='10.0.0.0', ip_end='11.0.0.0') ip_range_2 = InstitutionIPAddressRangeFactory.create( subscription=self.subscription, ip_start='20.0.0.0', ip_end='21.0.0.0') self.client.login(username='******', password='******') url = reverse('userspace:library:subscription_ips:list', kwargs={ 'organisation_pk': self.organisation.pk, }) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 200) self.assertEqual( list(response.context['subscription_ip_ranges']), [ip_range_1, ip_range_2, ])
def test_triggers_the_sending_of_a_notification_email(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) post_data = {"email": faker.email(), "first_name": faker.first_name(), "last_name": faker.last_name()} self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:create", kwargs={"journal_pk": self.journal.pk}) # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to[0], post_data["email"])
def test_can_cancel_an_action_token(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) token = AccountActionTokenFactory.create(content_object=self.journal) self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:cancel", kwargs={"journal_pk": self.journal.pk, "pk": token.pk}) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) token.refresh_from_db() self.assertFalse(token.active)
def test_can_properly_delete_an_ip_range(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_subscription_ips. codename) self.client.login(username='******', password='******') url = reverse('userspace:library:subscription_ips:delete', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': self.ip_range.pk, }) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) self.assertFalse( InstitutionIPAddressRange.objects.filter( subscription=self.subscription).exists())
def test_cannot_allow_the_creation_of_subscription_if_the_plan_limit_has_been_reached(self): # Setup plan = JournalManagementPlanFactory.create(code="test", max_accounts=3) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) JournalAccessSubscriptionFactory.create(user=self.user, journal=self.journal) token_1 = AccountActionTokenFactory.create(content_object=self.journal) token_2 = AccountActionTokenFactory.create(content_object=self.journal) # noqa token_1.consume(self.user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:create", kwargs={"journal_pk": self.journal.pk}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 302)
def test_triggers_the_sending_of_a_notification_email(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_members.codename) post_data = { 'email': faker.email(), 'first_name': faker.first_name(), 'last_name': faker.last_name(), } self.client.login(username='******', password='******') url = reverse('userspace:library:members:create', kwargs={ 'organisation_pk': self.organisation.pk}) # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to[0], post_data['email'])