def test_add_admin_permission_in_institution_hierarchy(
self, verify_token, enqueue_task):
"""Test add admin permissions in institution hierarchy."""
first_user = mocks.create_user()
second_user = mocks.create_user()
third_user = mocks.create_user()
first_inst = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
first_inst.admin = first_user.key
second_inst.admin = second_user.key
third_inst.admin = third_user.key
first_user.institutions_admin.append(first_inst.key)
second_user.institutions_admin.append(second_inst.key)
third_user.institutions_admin.append(third_inst.key)
second_inst.parent_institution = first_inst.key
third_inst.parent_institution = second_inst.key
first_inst.children_institutions.append(second_inst.key)
first_inst.put()
second_inst.put()
third_inst.put()
first_user.put()
second_user.put()
third_user.put()
second_user.add_permission('answer_link_inst_request',
second_inst.key.urlsafe())
request = RequestInstitutionParent()
request.admin_key = third_user.key
request.sender_key = third_user.key
request.institution_key = third_inst.key
request.institution_requested_key = second_inst.key
request.put()
verify_token._mock_return_value = {'email': second_user.email[0]}
second_user.add_institution(second_inst.key)
enqueue_task.side_effect = self.enqueue_task
self.assertFalse(
has_permissions(first_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.testapp.put(
"/api/requests/%s/institution_parent" % request.key.urlsafe(),
headers={'institution-authorization': second_inst.key.urlsafe()})
first_user = first_user.key.get()
second_user = second_user.key.get()
third_user = third_user.key.get()
self.assertTrue(
has_permissions(first_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_put_invite_with_not_confirmed_link(self, verify_token,
enqueue_task):
"""Test put invite with not confirmed children link."""
institution = mocks.create_institution()
other_institution = mocks.create_institution()
admin = mocks.create_user()
other_admin = mocks.create_user()
institution.add_member(admin)
other_institution.add_member(other_admin)
institution.set_admin(admin.key)
other_institution.set_admin(other_admin.key)
other_institution.add_child(institution.key)
other_institution.parent_institution = institution.key
admin.add_institution_admin(institution)
other_admin.add_institution_admin(other_institution)
admin.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
institution.key.urlsafe())
other_admin.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
other_institution.key.urlsafe())
institution.put()
other_institution.put()
admin.put()
other_admin.put()
request = RequestInstitutionParent()
request.sender_key = other_admin.key
request.admin_key = other_admin.key
request.institution_requested_key = institution.key
request.institution_key = other_institution.key
request.put()
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Admin must have administrator permissions for this institution")
self.assertFalse(
has_permissions(admin, other_institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Admin should not have administrator permissions for this institution"
)
self.assertFalse(
has_permissions(other_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Other_admin should not have administrator permissions for this institution"
)
self.assertTrue(
has_permissions(other_admin, other_institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Other_admin must have administrator permissions for this institution"
)
self.assertFalse(
other_institution.verify_connection(institution, 'PARENT'),
"other_institution should not have confirmed parent link with institution"
)
self.assertFalse(
other_institution.verify_connection(institution, 'CHILDREN'),
"other_institution should not have confirmed children link with institution"
)
verify_token._mock_return_value = {'email': admin.email[0]}
enqueue_task.side_effect = self.enqueue_task
self.testapp.put(
"/api/requests/%s/institution_parent" % request.key.urlsafe(),
headers={'institution-authorization': institution.key.urlsafe()})
admin = admin.key.get()
other_admin = other_admin.key.get()
institution = institution.key.get()
other_institution = other_institution.key.get()
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Admin must have administrator permissions for this institution")
self.assertTrue(
has_permissions(admin, other_institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Admin must have administrator permissions for this institution")
self.assertFalse(
has_permissions(other_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Other_admin should not have administrator permissions for this institution"
)
self.assertTrue(
has_permissions(other_admin, other_institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
"Other_admin must have administrator permissions for this institution"
)
self.assertTrue(
other_institution.verify_connection(institution, 'PARENT'),
"other_institution should have confirmed parent link with institution"
)
self.assertFalse(
other_institution.verify_connection(institution, 'CHILDREN'),
"other_institution should not have confirmed children link with institution"
)