def import_editors_and_groups(request, app):
request.locale = locale
headers = {
'group': request.translate(_("Group")),
'name': request.translate(_("Name")),
'email': request.translate(_("E-Mail"))
}
session = app.session()
users = UserCollection(session)
groups = UserGroupCollection(session)
if clear:
click.secho("Deleting all editors", fg='yellow')
for user in users.query().filter(User.role == 'member'):
session.delete(user)
click.secho("Deleting all groups", fg='yellow')
for group in groups.query():
session.delete(group)
csvfile = convert_xls_to_csv(
file, sheet_name=request.translate(_("Editors"))
)
csv = CSVFile(csvfile, expected_headers=headers.values())
lines = list(csv.lines)
columns = {
key: csv.as_valid_identifier(value)
for key, value in headers.items()
}
added_groups = {}
for group in set([line.gruppe for line in lines]):
added_groups[group] = groups.add(name=group)
count = len(added_groups)
click.secho(f"{count} group(s) imported", fg='green')
count = 0
for line in lines:
count += 1
email = getattr(line, columns['email'])
realname = getattr(line, columns['name'])
group = getattr(line, columns['group'])
group = added_groups[group] if group else None
users.add(
username=email,
realname=realname,
group=group,
password=random_password(),
role='member',
)
click.secho(f"{count} editor(s) imported", fg='green')
if dry_run:
transaction.abort()
click.secho("Aborting transaction", fg='yellow')
def test_notice_collection_count_by_group(session):
collection = GazetteNoticeCollection(session)
assert collection.count_by_group() == []
groups = UserGroupCollection(session)
group_a = groups.add(name='A')
group_b = groups.add(name='B')
groups.add(name='C')
users = UserCollection(session)
user_a = users.add('*****@*****.**', 'pw', 'editor', group=group_a)
user_b = users.add('*****@*****.**', 'pw', 'editor', group=group_a)
user_c = users.add('*****@*****.**', 'pw', 'admin')
user_d = users.add('*****@*****.**', 'pw', 'publisher')
user_e = users.add('*****@*****.**', 'pw', 'publisher', group=group_b)
user_f = users.add('*****@*****.**', 'pw', 'publisher')
user_g = users.add('*****@*****.**', 'pw', 'publisher')
user_h = users.add('*****@*****.**', 'pw', 'publisher')
for user, count in (
(user_a, 2),
(user_b, 4),
(user_c, 1),
(user_d, 7),
(user_e, 2),
(user_f, 3),
(user_g, 6),
(user_h, 2),
):
for x in range(count):
collection.add(title='',
text='',
organization_id='',
category_id='',
issues=['2017-{}'.format(y) for y in range(x)],
user=user)
assert collection.count_by_group() == [('A', 7), ('B', 1)]
assert collection.count_by_group() == \
collection.for_state('drafted').count_by_group()
collection.issues = ['2017-2', '2017-4']
assert collection.count_by_group() == [('A', 1)]
def test_notice_ownership(session):
users = UserCollection(session)
groups = UserGroupCollection(session)
user = users.add('[email protected]', '1234', 'admin', realname='user')
group = groups.add(name='group')
notice = OfficialNotice(
title='title',
state='drafted',
text='Text',
)
notice.user = user
notice.group = group
session.add(notice)
session.flush()
notice = session.query(OfficialNotice).one()
notice.user == user
notice.user.realname == 'user'
notice.group == group
notice.group.name == 'group'
def test_user_form_on_request(session):
form = UserForm()
form.request = DummyRequest(session)
form.on_request()
assert form.group.choices == [('', '- none -')]
# Groups
groups = UserGroupCollection(session)
groups.add(name='Group A')
groups.add(name='Group B')
groups.add(name='Group C')
form.on_request()
assert sorted([choice[1] for choice in form.group.choices
]) == ['- none -', 'Group A', 'Group B', 'Group C']
# Roles
form.request = DummyRequest(session)
form.on_request()
assert form.role.choices == []
form.request = DummyRequest(session, private=True)
form.on_request()
assert form.role.choices == [('member', 'Editor')]
form.request = DummyRequest(session, private=True, secret=True)
form.on_request()
assert form.role.choices == [('member', 'Editor'), ('editor', 'Publisher')]
def delete_group(self, request, form):
""" Delete a user group.
This view is only visible by an admin.
"""
layout = Layout(self, request)
if self.official_notices:
request.message(_("There are official notices linked to this group!"),
'warning')
if self.users.count():
request.message(_('Only groups without users may be deleted.'),
'alert')
return {
'layout': layout,
'title': self.name,
'subtitle': _("Delete Group"),
'show_form': False
}
if form.submitted(request):
UserGroupCollection(request.session).delete(self)
request.message(_("Group deleted."), 'success')
return redirect(layout.manage_groups_link)
return {
'message':
_('Do you really want to delete "${item}"?',
mapping={'item': self.name}),
'layout':
layout,
'form':
form,
'title':
self.name,
'subtitle':
_("Delete Group"),
'button_text':
_("Delete Group"),
'button_class':
'alert',
'cancel':
layout.manage_groups_link
}
def test_permissions(wtfs_app, wtfs_password):
session = wtfs_app.session()
def permits(user, model, permission):
return permits_by_app(wtfs_app, user, model, permission)
# Remove existing users and group
session.query(User).filter_by(realname='Editor').one().group_id = None
session.query(User).filter_by(realname='Member').one().group_id = None
session.query(Municipality).delete()
# Add new
municipality_a_id = uuid4()
session.add(Municipality(
id=municipality_a_id,
name='Municipality A',
bfs_number=10,
))
session.add(PickupDate(
date=date.today(),
municipality_id=municipality_a_id,
))
session.add(ScanJob(
type='normal',
municipality_id=municipality_a_id,
delivery_number=1,
dispatch_date=date(2019, 1, 1))
)
session.add(User(
realname='Admin A',
username='******',
password_hash=wtfs_password,
role='admin',
group_id=municipality_a_id
))
session.add(User(
realname='Editor A',
username='******',
password_hash=wtfs_password,
role='editor',
group_id=municipality_a_id
))
session.add(User(
realname='Member A',
username='******',
password_hash=wtfs_password,
role='member',
group_id=municipality_a_id
))
municipality_b_id = uuid4()
session.add(Municipality(
id=municipality_b_id,
name='Municipality B',
bfs_number=20,
))
session.add(User(
realname='Admin B',
username='******',
password_hash=wtfs_password,
role='admin',
group_id=municipality_b_id
))
session.add(User(
realname='Editor B',
username='******',
password_hash=wtfs_password,
role='editor',
group_id=municipality_b_id
))
session.add(User(
realname='Member B',
username='******',
password_hash=wtfs_password,
role='member',
group_id=municipality_b_id
))
query = session.query
admin = query(User).filter_by(realname='Admin').one()
admin_a = query(User).filter_by(realname='Admin A').one()
admin_b = query(User).filter_by(realname='Admin B').one()
editor = query(User).filter_by(realname='Editor').one()
editor_a = query(User).filter_by(realname='Editor A').one()
editor_b = query(User).filter_by(realname='Editor B').one()
member = query(User).filter_by(realname='Member').one()
member_a = query(User).filter_by(realname='Member A').one()
member_b = query(User).filter_by(realname='Member B').one()
group = UserGroup()
group_a = query(UserGroup).filter_by(name='Municipality A').one()
group_b = query(UserGroup).filter_by(name='Municipality B').one()
municipality = Municipality()
municipality_a = query(Municipality).filter_by(name='Municipality A').one()
municipality_b = query(Municipality).filter_by(name='Municipality B').one()
scan_job = query(ScanJob).one()
# General
model = object()
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserGroupCollection / MunicipalityCollection
# MunicipalityCollection
for model in (
MunicipalityCollection(session),
UserGroupCollection(session)
):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserGroup / Municipality
for user in (admin, admin_a, admin_b):
for model in (group_a, group_b, municipality_a, municipality_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for model in (group, municipality):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
for model in (
group_a, group_b, group,
municipality_a, municipality_b, municipality
):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserCollection
model = UserCollection(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# User
for user in (admin, admin_a, admin_b):
for model in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
if user == model:
assert not permits(user, model, DeleteModel)
else:
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for model in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, ):
for model in (admin, admin_a, admin_b, editor_a, editor_b,
member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor, ):
for model in (editor, ):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor_a, ):
for model in (admin, admin_a, admin_b, editor, editor_b,
member, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (editor_a, ):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (member_a,):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor_b, ):
for model in (admin, admin_a, admin_b, editor, editor_a,
member, member_a):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (editor_b, ):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (member_b,):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (member, member_a, member_b):
for model in (admin, admin_a, admin_b, editor, editor_a, editor_b,
member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# ScanJobCollection
model = ScanJobCollection(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor_a, editor_b, member_a, member_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor, member):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# ScanJob
model = scan_job
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_b, member, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor_a, member_a):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# DailyList
for model in (DailyList(), DailyListBoxes(session)):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (member,):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (DailyListBoxesAndForms(session), ):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# Report
for model in (
Report(session),
ReportBoxes(session),
ReportBoxesAndForms(session),
ReportFormsByMunicipality(session)
):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# Notification
model = Notification()
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# Invoice
model = Invoice(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# PaymentType
model = PaymentType()
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# PaymentTypeCollection
model = PaymentTypeCollection(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserManual
model = UserManual(wtfs_app)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
def test_notice_collection_search(session):
groups = UserGroupCollection(session)
group_a = groups.add(name='GroupA')
group_b = groups.add(name='GroupB1')
users = UserCollection(session)
user_a = users.add('*****@*****.**', 'password', 'editor', realname='Hans')
user_b = users.add('*****@*****.**', 'password', 'editor')
notices = OfficialNoticeCollection(session)
notice = notices.add(title='First',
text='Lorem Ipsum',
category='Cat1',
group=group_a)
notice.state = 'drafted'
notice = notices.add(title='Second',
text='A text',
category='Cat1',
organization='Org1',
user=user_a,
group=group_b)
notice.state = 'submitted'
notice = notices.add(title='Third', text='Anöther text', category='Cat2')
notice.state = 'drafted'
notice = notices.add(title='Fourth',
text='A fourth text',
organization='Org2')
notice.state = 'published'
notice = notices.add(title='Fifth', text='Lorem Ipsum', user=user_a)
notice.state = 'rejected'
notice = notices.add(title='Sixt',
text='<p>Six</p>',
author_name='Cysat',
note='Papanikolaou',
user=user_b,
group=group_a)
notice.state = 'published'
notice = notices.add(title='Sübent',
text='Sübent',
author_place='Wynmärkt')
notice.state = 'drafted'
assert notices.query().count() == 7
assert notices.for_term('Third').query().count() == 1
assert notices.for_term('ourth').query().count() == 1
assert notices.for_term('ipsum').query().count() == 2
assert notices.for_term('ipsum').for_state('rejected').query().count() == 1
assert notices.for_term('six').query().count() == 1
assert notices.for_term('six').for_state('rejected').query().count() == 0
assert notices.for_term('üb').query().count() == 1
assert notices.for_term('Cat1').query().count() == 2
assert notices.for_term('Cat2').query().count() == 1
assert notices.for_term('Cat').query().count() == 3
assert notices.for_term('Org1').query().count() == 1
assert notices.for_term('Org').query().count() == 4
assert notices.for_term('@example.org').query().count() == 3
assert notices.for_term('ans').query().count() == 2
assert notices.for_term('group').query().count() == 3
assert notices.for_term('groupb').query().count() == 1
assert notices.for_term('Cysat').query().count() == 1
assert notices.for_term('Wynmärkt').query().count() == 1
assert notices.for_term('Papanikolaou').query().count() == 1
assert notices.for_term(str(notice.id).split('-')[0]).query().count() == 1
def test_notice_collection_order(session):
groups = UserGroupCollection(session)
group_c = groups.add(name='C').id
group_d = groups.add(name='D').id
users = UserCollection(session)
user_a = users.add('*****@*****.**', 'password', 'editor', realname='o').id
user_b = users.add('*****@*****.**', 'password', 'editor', realname='p').id
user_c = users.add('*****@*****.**', 'password', 'editor').id
date_1 = datetime(2007, 10, 10, tzinfo=timezone.utc)
date_2 = datetime(2007, 11, 11, tzinfo=timezone.utc)
date_3 = datetime(2007, 12, 12, tzinfo=timezone.utc)
notices = OfficialNoticeCollection(session)
for title, text, user, group, organization, category, first_issue in (
('A', 'g', user_a, group_c, 'p', 'X', date_1),
('B', 'g', user_b, group_d, 'q', 'X', date_1),
('B', 'h', None, None, 'p', 'X', date_2),
('C', 'h', user_a, None, 'q', 'X', date_1),
('D', 'i', user_b, group_d, 'p', 'Y', date_1),
('E', 'j', user_c, group_c, 'q', 'Y', date_3),
):
notices.add(
title=title,
text=text,
user_id=user,
group_id=group,
organization=organization,
category=category,
first_issue=first_issue,
)
# Default ordering by issue date
result = [n.first_issue for n in notices.query()]
assert result == [date_1, date_1, date_1, date_1, date_2, date_3]
# Explicit direction
result = [n.title for n in notices.for_order('title', 'asc').query()]
assert result == ['A', 'B', 'B', 'C', 'D', 'E']
result = [n.title for n in notices.for_order('title', 'desc').query()]
assert result == ['E', 'D', 'C', 'B', 'B', 'A']
result = [n.title for n in notices.for_order('title', '').query()]
assert result == ['A', 'B', 'B', 'C', 'D', 'E']
result = [n.title for n in notices.for_order('title', 'xxx').query()]
assert result == ['A', 'B', 'B', 'C', 'D', 'E']
# Default direction
# ... default
result = [
n.title
for n in notices.for_order('text', 'desc').for_order('title').query()
]
assert result == ['A', 'B', 'B', 'C', 'D', 'E']
# ... flip direction
result = [
n.title
for n in notices.for_order('title', 'asc').for_order('title').query()
]
assert result == ['E', 'D', 'C', 'B', 'B', 'A']
# Invalid
result = [n.first_issue for n in notices.for_order('result').query()]
assert result == [date_1, date_1, date_1, date_1, date_2, date_3]
result = [n.first_issue for n in notices.for_order('users').query()]
assert result == [date_1, date_1, date_1, date_1, date_2, date_3]
result = [n.first_issue for n in notices.for_order(None).query()]
assert result == [date_1, date_1, date_1, date_1, date_2, date_3]
# Valid
result = [n.text for n in notices.for_order('text').query()]
assert result == ['g', 'g', 'h', 'h', 'i', 'j']
# ... user_id
result = [n.user_id for n in notices.for_order('user_id').query()]
assert result == sorted(2 * [user_a] + 2 * [user_b] + [user_c]) + [None]
# ... organization
result = [
n.organization for n in notices.for_order('organization').query()
]
assert result == ['p', 'p', 'p', 'q', 'q', 'q']
# ... category
result = [n.category for n in notices.for_order('category').query()]
assert result == ['X', 'X', 'X', 'X', 'Y', 'Y']
# ... name
result = [n.name for n in notices.for_order('name').query()]
assert result == ['a', 'b', 'b-1', 'c', 'd', 'e']
# ... group.name
result = [
n.group.name if n.group else None
for n in notices.for_order('group.name').query()
]
assert result == [None, None, 'C', 'C', 'D', 'D']
# ... user.name(s)
result = [
n.user.realname if n.user else None
for n in notices.for_order('user.realname').query()
]
assert result == [None, None, 'o', 'o', 'p', 'p']
result = [
n.user.username if n.user else None
for n in notices.for_order('user.username').query()
]
assert result == [
None, '*****@*****.**', '*****@*****.**', '*****@*****.**',
'*****@*****.**', '*****@*****.**'
]
result = [
n.user.realname or n.user.username if n.user else None
for n in notices.for_order('user.name').query()
]
assert result == [None, '*****@*****.**', 'o', 'o', 'p', 'p']
def test_notice_collection_users_and_groups(session):
groups = UserGroupCollection(session)
group_ab = groups.add(name='AB')
group_c = groups.add(name='C')
group_d = groups.add(name='D')
users = UserCollection(session)
user_a = users.add('*****@*****.**', 'password', 'editor', group=group_ab)
user_b = users.add('*****@*****.**', 'password', 'editor', group=group_ab)
user_c = users.add('*****@*****.**', 'password', 'editor', group=group_c)
user_d = users.add('*****@*****.**', 'password', 'editor', group=group_d)
user_e = users.add('*****@*****.**', 'password', 'editor')
notices = OfficialNoticeCollection(session)
for title, user in (
('A1', user_a),
('A2', user_a),
('A3', user_a),
('B1', user_b),
('B2', user_b),
('C1', user_c),
('C2', user_c),
('D1', user_d),
('D2', user_d),
('D3', user_d),
):
notices.add(title=title,
text='text',
user_id=user.id,
group_id=user.group.id if user.group else None)
assert notices.query().count() == 10
# test users
notices.user_ids = [user_a.id]
assert sorted([n.title for n in notices.query()]) == ['A1', 'A2', 'A3']
notices.user_ids = [user_b.id]
assert sorted([n.title for n in notices.query()]) == ['B1', 'B2']
notices.user_ids = [user_c.id]
assert sorted([n.title for n in notices.query()]) == ['C1', 'C2']
notices.user_ids = [user_d.id]
assert sorted([n.title for n in notices.query()]) == ['D1', 'D2', 'D3']
notices.user_ids = [user_e.id]
assert sorted([n.title for n in notices.query()]) == []
notices.user_ids = [user_b.id, user_c.id]
assert sorted([n.title
for n in notices.query()]) == ['B1', 'B2', 'C1', 'C2']
# test groups
notices.user_ids = []
notices.group_ids = [group_ab.id]
assert sorted([n.title for n in notices.query()
]) == ['A1', 'A2', 'A3', 'B1', 'B2']
notices.group_ids = [group_c.id]
assert sorted([n.title for n in notices.query()]) == ['C1', 'C2']
notices.group_ids = [group_d.id]
assert sorted([n.title for n in notices.query()]) == ['D1', 'D2', 'D3']
notices.group_ids = [group_ab.id, group_d.id]
assert sorted([n.title for n in notices.query()
]) == ['A1', 'A2', 'A3', 'B1', 'B2', 'D1', 'D2', 'D3']
# test users and groups
notices.group_ids = [group_ab.id, group_d.id]
notices.user_ids = [user_b.id, user_d.id]
assert sorted([n.title for n in notices.query()
]) == ['B1', 'B2', 'D1', 'D2', 'D3']
def test_notice_user_and_group(session):
users = UserCollection(session)
groups = UserGroupCollection(session)
session.add(GazetteNotice(title='notice'))
session.flush()
notice = session.query(GazetteNotice).one()
assert notice.user is None
assert notice.user_id is None
assert notice.user_name is None
assert notice._user_name is None
assert notice.group is None
assert notice.group_id is None
assert notice.group_name is None
assert notice._group_name is None
# add user and group
user = users.add('[email protected]', 'p', 'editor', realname='user')
group = groups.add(name='group')
notice.user = user
notice.group = group
session.flush()
session.refresh(notice)
assert notice.user == user
assert notice.user_id == user.id
assert notice.user_name == 'user'
assert notice._user_name == 'user'
assert notice.group == group
assert notice.group_id == group.id
assert notice.group_name == 'group'
assert notice._group_name == 'group'
# rename user and group
user.realname = 'xxx'
group.name = 'yyy'
session.flush()
session.refresh(notice)
assert notice.user == user
assert notice.user_id == user.id
assert notice.user_name == 'xxx'
assert notice._user_name == 'xxx'
assert notice.group == group
assert notice.group_id == group.id
assert notice.group_name == 'yyy'
assert notice._group_name == 'yyy'
# delete user and group
users.delete(user.username)
groups.delete(group)
session.flush()
session.refresh(notice)
assert notice.user is None
assert notice.user_id is None
assert notice.user_name == '(xxx)'
assert notice._user_name == 'xxx'
assert notice.group is None
assert notice.group_id is None
assert notice.group_name == '(yyy)'
assert notice._group_name == 'yyy'
def get_group(app, id):
return UserGroupCollection(app.session()).by_id(id)
def get_groups(app):
return UserGroupCollection(app.session())
def test_notice_collection_query_deleted_user(session):
groups = UserGroupCollection(session)
group_a = groups.add(name="Group A")
group_b = groups.add(name="Group B")
users = UserCollection(session)
user_a = users.add(realname="User A",
username='******',
password='******',
role='admin',
group=group_a)
user_b = users.add(realname="User B",
username='******',
password='******',
role='admin',
group=group_b)
notices = GazetteNoticeCollection(session)
notice_a = notices.add(title='A',
text='Text',
organization_id='100',
category_id='11',
issues=['2017-46'],
user=user_a)
notice_b = notices.add(title='B',
text='Text',
organization_id='100',
category_id='11',
issues=['2017-46'],
user=user_b)
assert notices.query().count() == 2
assert notice_a.user is not None
assert notice_b.user is not None
assert notice_a.group is not None
assert notice_b.group is not None
assert notices.for_term("User A").query().one() == notice_a
assert notices.for_term("User B").query().one() == notice_b
assert notices.for_term("Group A").query().one() == notice_a
assert notices.for_term("Group B").query().one() == notice_b
users.delete(user_a.username)
users.delete(user_b.username)
groups.delete(group_a)
groups.delete(group_b)
commit()
assert users.query().count() == 0
assert groups.query().count() == 0
notice_a = notices.query().filter(GazetteNotice.title == 'A').one()
notice_b = notices.query().filter(GazetteNotice.title == 'B').one()
assert notice_a.user is None
assert notice_b.user is None
assert notice_a.group is None
assert notice_b.group is None
assert notices.query().count() == 2
assert notices.for_term("User A").query().one() == notice_a
assert notices.for_term("User B").query().one() == notice_b
assert notices.for_term("Group A").query().one() == notice_a
assert notices.for_term("Group B").query().one() == notice_b
def manage_groups_link(self):
return self.request.link(UserGroupCollection(self.session))
def groups(self):
return UserGroupCollection(self.session, type='wtfs')
def test_user_form(session):
# Test apply / update
users = UserCollection(session)
user = users.add(
username='******',
realname='User',
role='editor',
password='******',
)
user.phone_number = '+41415554433'
groups = UserGroupCollection(session)
group = groups.add(name='Group A')
form = UserForm()
form.apply_model(user)
assert form.username.data == '*****@*****.**'
assert form.role.data == 'editor'
assert form.name.data == 'User'
assert form.group.data == ''
assert form.phone_number.data == '+41415554433'
user.group = group
session.flush()
form.apply_model(user)
assert form.group.data == str(group.id)
form.username.data = '*****@*****.**'
form.role.data = 'publisher'
form.name.data = 'Publisher'
form.group.data = ''
form.phone_number.data = '0415554434'
form.update_model(user)
assert user.username == '*****@*****.**'
assert user.role == 'publisher'
assert user.realname == 'Publisher'
assert user.group_id is None
assert user.phone_number == '+41415554434'
session.flush()
session.refresh(user)
assert user.group is None
# Test validation
form = UserForm()
form.request = DummyRequest(session)
assert not form.validate()
# ... admins can not be created
for role, result in (('admin', False), ('editor', True), ('member', True)):
form = UserForm(
DummyPostData({
'role': role,
'name': 'User',
'username': '******',
'group': ''
}))
form.request = DummyRequest(session, private=True, secret=True)
form.on_request()
assert form.validate() == result
# ... existing email
form = UserForm(
DummyPostData({
'role': 'editor',
'name': 'User',
'username': '******',
'group': ''
}))
form.request = DummyRequest(session, private=True, secret=True)
form.on_request()
assert not form.validate()
assert 'This value already exists.' in form.errors['username']
form.model = user
form.validate()