def test_quicksight_link(self, mocker):
user = UserFactory.create()
vis = VisualisationCatalogueItemFactory.create(
user_access_type='REQUIRES_AUTHENTICATION'
)
link = VisualisationLinkFactory.create(
visualisation_type='QUICKSIGHT',
identifier='5d75e131-20f4-48f8-b0eb-f4ebf36434f4',
visualisation_catalogue_item=vis,
)
quicksight = mocker.patch(
'dataworkspace.apps.applications.views.get_quicksight_dashboard_name_url'
)
quicksight.return_value = (
'my-dashboard',
'https://my.dashboard.quicksight.amazonaws.com',
)
client = Client(**get_http_sso_data(user))
response = client.get(link.get_absolute_url())
assert response.status_code == 200
assert (
'https://my.dashboard.quicksight.amazonaws.com'
in response.content.decode(response.charset)
)
assert (
'frame-src https://eu-west-2.quicksight.aws.amazon.com'
in response['content-security-policy']
)
def test_metabase_link(self, mocker):
user = UserFactory.create()
vis = VisualisationCatalogueItemFactory.create(
user_access_type='REQUIRES_AUTHENTICATION'
)
link = VisualisationLinkFactory.create(
visualisation_type='METABASE',
identifier='123456789',
visualisation_catalogue_item=vis,
)
jwt_encode = mocker.patch('dataworkspace.apps.applications.views.jwt.encode')
jwt_encode.return_value = b'my-token'
client = Client(**get_http_sso_data(user))
response = client.get(link.get_absolute_url())
assert response.status_code == 200
assert (
'//metabase.dataworkspace.test:8000/embed/dashboard/my-token#bordered=false&titled=false'
in response.content.decode(response.charset)
)
assert (
'frame-src metabase.dataworkspace.test'
in response['content-security-policy']
)
def test_shows_links_to_visualisations(self, client):
vis = VisualisationCatalogueItemFactory.create(
visualisation_template__host_basename='visualisation'
)
link1 = VisualisationLinkFactory.create(
visualisation_type='DATASTUDIO',
visualisation_catalogue_item=vis,
name='Visualisation datastudio',
identifier='https://www.data.studio.test',
)
link2 = VisualisationLinkFactory.create(
visualisation_type='QUICKSIGHT',
visualisation_catalogue_item=vis,
name='Visualisation quicksight',
identifier='5d75e131-20f4-48f8-b0eb-f4ebf36434f4',
)
link3 = VisualisationLinkFactory.create(
visualisation_type='METABASE',
visualisation_catalogue_item=vis,
name='Visualisation metabase',
identifier='123456789',
)
response = client.get(vis.get_absolute_url())
body = response.content.decode(response.charset)
assert response.status_code == 200
assert '//visualisation.dataworkspace.test:8000/' in body
assert f'/visualisations/link/{link1.id}' in body
assert f'/visualisations/link/{link2.id}' in body
assert f'/visualisations/link/{link3.id}' in body
def test_user_needs_access_via_catalogue_item(self, mocker):
user = UserFactory.create()
vis = VisualisationCatalogueItemFactory.create(
user_access_type='REQUIRES_AUTHORIZATION')
link = VisualisationLinkFactory.create(
visualisation_type='QUICKSIGHT',
identifier=str(uuid4()),
visualisation_catalogue_item=vis,
)
quicksight = mocker.patch(
'dataworkspace.apps.applications.views.get_quicksight_dashboard_name_url'
)
quicksight.return_value = (
'my-dashboard',
'https://my.dashboard.quicksight.amazonaws.com',
)
client = Client(**get_http_sso_data(user))
response = client.get(link.get_absolute_url())
assert response.status_code == 403
VisualisationUserPermissionFactory.create(visualisation=vis, user=user)
response = client.get(link.get_absolute_url())
assert response.status_code == 200
def test_datastudio_link(self):
user = UserFactory.create()
vis = VisualisationCatalogueItemFactory.create(
user_access_type='REQUIRES_AUTHENTICATION')
link = VisualisationLinkFactory.create(
visualisation_type='DATASTUDIO',
identifier='https://www.data.studio',
visualisation_catalogue_item=vis,
)
client = Client(**get_http_sso_data(user))
response = client.get(link.get_absolute_url())
assert response.status_code == 302
assert response['location'] == 'https://www.data.studio'
def test_unauthorised_visualisation(self, has_access):
user = UserFactory.create()
vis = VisualisationCatalogueItemFactory.create(
visualisation_template__user_access_type='REQUIRES_AUTHORIZATION')
if has_access:
ApplicationTemplateUserPermissionFactory.create(
application_template=vis.visualisation_template, user=user)
client = Client(**get_http_sso_data(user))
response = client.get(vis.get_absolute_url())
assert response.status_code == 200
assert vis.name in response.content.decode(response.charset)
assert ("You do not have permission to access this data visualisation."
in response.content.decode(response.charset)) is not has_access
def test_user_needs_access_via_catalogue_item(self):
user = UserFactory.create()
vis = VisualisationCatalogueItemFactory.create(
user_access_type='REQUIRES_AUTHORIZATION')
link = VisualisationLinkFactory.create(
visualisation_type='METABASE',
identifier='123',
visualisation_catalogue_item=vis,
)
client = Client(**get_http_sso_data(user))
response = client.get(link.get_absolute_url())
assert response.status_code == 403
VisualisationUserPermissionFactory.create(visualisation=vis, user=user)
response = client.get(link.get_absolute_url())
assert response.status_code == 200