def test_regular_get(self): """Regular users should be denied access to the activation view.""" request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = muckrock.factories.UserFactory() response = self.view(request, slug=self.org.slug) eq_(response.status_code, 302)
def test_staff_post(self, mock_update): """ When a staff member posts data, the org should update its own fields before calling the update subscription method. """ starting_data = { 'max_users': self.org.max_users, 'monthly_cost': self.org.monthly_cost, 'monthly_requests': self.org.monthly_requests } data = { 'max_users': starting_data['max_users'] + 2, 'monthly_cost': starting_data['monthly_cost'] + 10000, 'monthly_requests': starting_data['monthly_requests'] + 40 } request = self.request_factory.post(self.url, data) request = mock_middleware(request) request.user = muckrock.factories.UserFactory(is_staff=True) response = self.view(request, slug=self.org.slug) self.org.refresh_from_db() eq_(self.org.max_users, data['max_users']) eq_(self.org.monthly_cost, data['monthly_cost']) eq_(self.org.monthly_requests, data['monthly_requests']) ok_(mock_update.called) eq_(response.status_code, 302)
def test_access_key_allowed(self): """ A POST request for a private share link should generate and return an access key. Editors and staff should be allowed to do this. """ self.reset_access_key() data = {'action': 'generate_key'} request = self.factory.post(self.foia.get_absolute_url(), data) request = mock_middleware(request) # editors should be able to generate the key request.user = self.editor response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_true(self.foia.access_key) # staff should be able to generate the key self.reset_access_key() request.user = self.staff response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_true(self.foia.access_key)
def setUp(self): self.org = muckrock.factories.OrganizationFactory() self.request_factory = RequestFactory() self.url = reverse('org-delete', kwargs={'slug': self.org.slug}) self.request = self.request_factory.post(self.url) self.request = mock_middleware(self.request) self.view = muckrock.organization.views.OrganizationDeleteView.as_view()
def post_request(self, data): """Helper to post data and get a response""" request = self.request_factory.post(self.url, data) request.user = self.user request = mock_middleware(request) response = self.view(request) return response
def test_nonexistant_user(self): """Buying requests for nonexistant user should return a 404.""" post_request = self.factory.post(self.url, self.data) post_request = mock_middleware(post_request) # here is the cool part: the request user is the buyer and the URL user is the recipient post_request.user = self.user self.view(post_request, 'nonexistant_user')
def test_staff_get(self): """Staff should be allowed access to the activation view.""" request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = muckrock.factories.UserFactory(is_staff=True) response = self.view(request, slug=self.org.slug) eq_(response.status_code, 200)
def test_access_key_not_allowed(self): """Visitors and normies should not be allowed to generate an access key.""" self.reset_access_key() data = {'action': 'generate_key'} request = self.factory.post(self.foia.get_absolute_url(), data) request = mock_middleware(request) # viewers should not be able to generate the key request.user = self.viewer response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_false(self.foia.access_key) # normies should not be able to generate the key self.reset_access_key() request.user = self.normie response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_false(self.foia.access_key)
def test_owner_get(self): """Organization owners should be allowed access to the activation view.""" request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = self.org.owner response = self.view(request, slug=self.org.slug) eq_(response.status_code, 200)
def test_get_single(self): """Should be able to view a single task""" _url = reverse('stale-agency-task', kwargs={'pk': self.task.pk}) request = self.request_factory.get(_url) request.user = self.user request = mock_middleware(request) response = self.view(request) eq_(response.status_code, 200)
def post_res(self, user, data): """Returns a POST response from the endpoint.""" if user is None: user = AnonymousUser() request = self.request_factory.post(self.url, data) request.user = user request = mock_middleware(request) return self.view(request, self.foia.pk)
def setUp(self): # create an org with a plan, so we can cancel it self.org = muckrock.factories.OrganizationFactory(active=True) self.request_factory = RequestFactory() self.url = reverse('org-deactivate', kwargs={'slug': self.org.slug}) self.request = self.request_factory.post(self.url) self.request = mock_middleware(self.request) self.view = muckrock.organization.views.deactivate_organization
def test_owner_get_forbidden(self): """Users who already own an organization should be denied access.""" org = muckrock.factories.OrganizationFactory() request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = org.owner response = self.create_view(request) eq_(response.status_code, 302, 'Existing owners should not be allowed to create another organization.')
def test_inactive_get(self): """Inactive organizations cannot be updated.""" self.org.active = False self.org.save() request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = self.org.owner response = self.view(request, slug=self.org.slug) eq_(response.status_code, 302)
def test_owner_get(self): """Organization owners should have access to the update view.""" request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = self.org.owner response = self.view(request, slug=self.org.slug) eq_(response.status_code, 200) ok_(isinstance(response.context_data['form'], muckrock.organization.forms.UpdateForm), 'Owners should be shown an organization update form.')
def test_member_get_forbidden(self): """Users who are already members of a different organization should be denied access.""" org = muckrock.factories.OrganizationFactory() member = muckrock.factories.UserFactory(profile__organization=org) request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = member response = self.create_view(request) eq_(response.status_code, 302)
def test_active_get(self): """An active organization should deny all access to its activation view.""" self.org.active = True self.org.save() request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = self.org.owner response = self.view(request, slug=self.org.slug) eq_(response.status_code, 302)
def test_get_single(self, mock_reply): """Should be able to view a single task""" # pylint: disable=unused-argument _url = reverse('projectreview-task', kwargs={'pk': self.task.pk}) request = self.request_factory.get(_url) request.user = self.user request = mock_middleware(request) response = self.view(request) eq_(response.status_code, 200)
def test_staff_get(self): """Staff users should have access to the update view.""" staff_user = muckrock.factories.UserFactory(is_staff=True) request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = staff_user response = self.view(request, slug=self.org.slug) eq_(response.status_code, 200) ok_(isinstance(response.context_data['form'], muckrock.organization.forms.StaffUpdateForm), 'Staff should be shown a special staff-only organization update form.')
def test_bad_post_data(self): """Bad post data should cancel the transaction.""" existing_request_count = self.user.profile.num_requests bad_data = {'tok': 'bad'} post_request = self.factory.post(self.url, bad_data) post_request = mock_middleware(post_request) post_request.user = self.user self.view(post_request, self.user.username) self.user.profile.refresh_from_db() eq_(self.user.profile.num_requests, existing_request_count)
def test_get_ok(self): """Regular users should be able to create a request.""" regular_user = muckrock.factories.UserFactory() request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = regular_user response = self.create_view(request) eq_(response.status_code, 200, 'Regular users should be able to create an organization.') ok_(isinstance(response.context_data['form'], muckrock.organization.forms.CreateForm), 'Regular users should be shown the regular creation form.')
def test_gift_requests_anonymously(self): """Logged out users should also be able to buy someone else requests.""" other_user = UserFactory() existing_request_count = other_user.profile.num_requests post_request = self.factory.post(self.url, self.data) post_request = mock_middleware(post_request) post_request.user = AnonymousUser() self.view(post_request, other_user.username) other_user.profile.refresh_from_db() requests_to_add = 4 eq_(other_user.profile.num_requests, existing_request_count + requests_to_add)
def post_helper(self, data, user): """Returns a post response""" request = self.request_factory.post(self.url, data) request.user = user request = mock_middleware(request) return self.view( request, slug=self.article.slug, year=self.article.pub_date.strftime('%Y'), month=self.article.pub_date.strftime('%b').lower(), day=self.article.pub_date.strftime('%d') )
def test_buy_requests(self): """A user should be able to buy themselves requests.""" existing_request_count = self.user.profile.num_requests post_request = self.factory.post(self.url, self.data) post_request = mock_middleware(post_request) post_request.user = self.user self.view(post_request, self.user.username) self.user.profile.refresh_from_db() requests_to_add = settings.BUNDLED_REQUESTS[ self.user.profile.acct_type] eq_(self.user.profile.num_requests, existing_request_count + requests_to_add)
def test_staff_get(self): """Staff should be able to create an org even if they own a different one.""" staff_user = muckrock.factories.UserFactory(is_staff=True) muckrock.factories.OrganizationFactory(owner=staff_user) request = self.request_factory.get(self.url) request = mock_middleware(request) request.user = staff_user response = self.create_view(request) eq_(response.status_code, 200, 'Staff should be allowed to create an organization even if they already own one.') ok_(isinstance(response.context_data['form'], muckrock.organization.forms.StaffCreateForm), 'Staff should be shown a special staff-only creation form.')
def test_remove_self(self): """However, a member may remove themself from an org.""" member = muckrock.factories.UserFactory(profile__organization=self.org) data = { 'action': 'remove_member', 'member': member.pk } request = self.request_factory.post(self.url, data) request = mock_middleware(request) request.user = member self.view(request, slug=self.org.slug) ok_(not self.org.has_member(member))
def test_user_remove(self): """Regular user should not be able to remove members.""" member = muckrock.factories.UserFactory(profile__organization=self.org) data = { 'action': 'remove_member', 'member': member.pk } request = self.request_factory.post(self.url, data) request = mock_middleware(request) request.user = muckrock.factories.UserFactory() self.view(request, slug=self.org.slug) ok_(self.org.has_member(member))
def test_post_ok(self, mock_activation): """Posting a valid Stripe token and the number of seats should activate the organization.""" logging.debug(self.org.max_users) data = {'stripe_token': 'test', 'max_users': self.org.max_users} request = self.request_factory.post(self.url, data) request = mock_middleware(request) request.user = self.org.owner response = self.view(request, slug=self.org.slug) self.org.refresh_from_db() eq_(response.status_code, 302, 'The view should redirect to the org page on success.') ok_(mock_activation.called, 'The organization should be activated! That\'s the whole point!')
def test_buy_requests_as_org(self): """An org member should get an extra request in each bundle.""" existing_request_count = self.user.profile.num_requests self.user.profile.organization = OrganizationFactory(active=True) self.user.profile.save() post_request = self.factory.post(self.url, self.data) post_request = mock_middleware(post_request) post_request.user = self.user self.view(post_request, self.user.username) self.user.profile.refresh_from_db() requests_to_add = 5 eq_(self.user.profile.num_requests, existing_request_count + requests_to_add)
def test_owner_post(self, mock_update): """The org should update its subscription when valid data is posted.""" starting_max_users = self.org.max_users data = {'max_users': starting_max_users + 1} request = self.request_factory.post(self.url, data) request = mock_middleware(request) request.user = self.org.owner response = self.view(request, slug=self.org.slug) self.org.refresh_from_db() eq_(self.org.max_users, starting_max_users, 'The update view shouldn\'t modify the org itself.') ok_(mock_update.called) eq_(response.status_code, 302)