예제 #1
0
    def test_should_disallow_ip_editor_to_delete_consignee_that_is_vision_imported(self):
        user = User.objects.create_user(username='******', password='******')
        consignee = ConsigneeFactory(name="User Attached Consignee")
        profile = UserProfile(user=user, consignee=consignee)
        profile.save()
        user.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user.save()

        consignee = ConsigneeFactory(name='New Consignee', imported_from_vision=True)
        self.client.login(username='******', password='******')
        response = self.client.delete(ENDPOINT_URL + str(consignee.id) + '/')

        self.assertEqual(response.status_code, 403)
        self.assertEqual(Consignee.objects.filter(name='New Consignee').count(), 1)
예제 #2
0
    def test_should_allow_ip_editor_to_delete_consignee_that_are_not_created_by_them_but_same_consignee(
            self):
        user_consignee = ConsigneeFactory(name='Created Consignee')

        user_one = User.objects.create_user(username='******',
                                            password='******')
        user_profile = UserProfile(user=user_one, consignee=user_consignee)
        user_profile.save()
        user_one.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_one.save()

        user_two = User.objects.create_user(username='******',
                                            password='******')
        user_profile = UserProfile(user=user_two, consignee=user_consignee)
        user_profile.save()
        user_two.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_two.save()

        consignee = ConsigneeFactory(name='New Consignee',
                                     imported_from_vision=False,
                                     created_by_user=user_one)
        self.client.login(username='******', password='******')
        response = self.client.delete(ENDPOINT_URL + str(consignee.id) + '/')

        self.assertEqual(response.status_code, 204)
        self.assertEqual(
            Consignee.objects.filter(name='New Consignee').count(), 0)
예제 #3
0
    def test_should_allow_ip_editor_to_change_consignee_only_if_created_within_same_ip(
            self):
        user_consignee = ConsigneeFactory(name='Created Consignee')

        user_one = User.objects.create_user(username='******',
                                            password='******')
        user_profile = UserProfile(user=user_one, consignee=user_consignee)
        user_profile.save()
        user_one.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_one.save()

        user_two = User.objects.create_user(username='******',
                                            password='******')
        user_profile = UserProfile(user=user_two, consignee=user_consignee)
        user_profile.save()
        user_two.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_two.save()

        consignee = ConsigneeFactory(name='New Consignee',
                                     imported_from_vision=False,
                                     created_by_user=user_one)
        self.client.login(username='******', password='******')
        response = self.client.put(ENDPOINT_URL + str(consignee.id) + '/',
                                   {'name': 'Updated Consignee'})

        self.assertEqual(response.status_code, 200)
        self.assertEqual(
            Consignee.objects.filter(name='New Consignee').count(), 0)
        self.assertEqual(
            Consignee.objects.filter(name='Updated Consignee').count(), 1)
예제 #4
0
    def test_should_give_ip_user_permission_to_fully_edit_consignee_created_by_himself(
            self):
        profile_consignee_one = ConsigneeFactory(name='Consignee 1')

        user_one = User.objects.create_user(username='******',
                                            password='******')
        user_profile_one = UserProfile(user=user_one,
                                       consignee=profile_consignee_one)
        user_profile_one.save()
        user_one.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_one.save()

        user_two = User.objects.create_user(username='******',
                                            password='******')
        user_profile_two = UserProfile(user=user_two,
                                       consignee=profile_consignee_one)
        user_profile_two.save()
        user_two.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_two.save()

        consignee_to_check = ConsigneeFactory(name='Original Name',
                                              imported_from_vision=False,
                                              created_by_user=user_two)
        self.client.login(username='******', password='******')
        response = self.client.get(ENDPOINT_URL + str(consignee_to_check.id) +
                                   '/permission_to_edit/')

        self.assertEqual(response.data['permission'], 'can_edit_fully')
        self.assertEqual(response.status_code, 200)
예제 #5
0
    def test_should_disallow_ip_editor_from_deleting_consignee_created_by_another_role(self):
        user = User.objects.create_user(username='******', password='******')
        attached_consignee = ConsigneeFactory(name='User Attached Consignee', created_by_user=user, imported_from_vision=False)
        profile = UserProfile(user=user, consignee=attached_consignee)
        profile.save()
        user.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user.save()

        user_two = User.objects.create_user(username='******', password='******')
        user_two.groups = [Group.objects.get(name='UNICEF_admin')]
        user_two.save()

        consignee = ConsigneeFactory(name='New Consignee', created_by_user=user_two, imported_from_vision=False)
        self.client.login(username='******', password='******')
        response = self.client.delete(ENDPOINT_URL + str(consignee.id) + '/')

        self.assertEqual(response.status_code, 403)
예제 #6
0
    def test_should_disallow_ip_editor_to_delete_consignee_that_is_vision_imported(
            self):
        user = User.objects.create_user(username='******',
                                        password='******')
        consignee = ConsigneeFactory(name="User Attached Consignee")
        profile = UserProfile(user=user, consignee=consignee)
        profile.save()
        user.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user.save()

        consignee = ConsigneeFactory(name='New Consignee',
                                     imported_from_vision=True)
        self.client.login(username='******', password='******')
        response = self.client.delete(ENDPOINT_URL + str(consignee.id) + '/')

        self.assertEqual(response.status_code, 403)
        self.assertEqual(
            Consignee.objects.filter(name='New Consignee').count(), 1)
예제 #7
0
    def test_should_allow_ip_editor_to_change_consignee_if_created_by_them(self):
        consignee = ConsigneeFactory(name='New Consignee', imported_from_vision=False)

        user = User.objects.create_user(username='******', password='******')
        user_profile = UserProfile(user=user, consignee=consignee)
        user_profile.save()
        user.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user.save()

        consignee_to_update = ConsigneeFactory(
            name='Original Name', 
            imported_from_vision=False,
            created_by_user=user)
        self.client.login(username='******', password='******')
        response = self.client.put(ENDPOINT_URL + str(consignee_to_update.id) + '/', {'name': 'New Name'})

        self.assertEqual(response.status_code, 200)
        self.assertEqual(Consignee.objects.filter(name='Original Name').count(), 0)
        self.assertEqual(Consignee.objects.filter(name='New Name').count(), 1)
예제 #8
0
    def test_should_allow_ip_editor_to_change_consignee_remarks_even_if_created_by_another(self):
        profile_consignee_one = ConsigneeFactory(name='Consignee 1')
        profile_consignee_two = ConsigneeFactory(name='Consignee 2')

        user_one = User.objects.create_user(username='******', password='******')
        user_profile_one = UserProfile(user=user_one, consignee=profile_consignee_one)
        user_profile_one.save()
        user_one.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_one.save()

        user_two = User.objects.create_user(username='******', password='******')
        user_profile_two = UserProfile(user=user_two, consignee=profile_consignee_two)
        user_profile_two.save()
        user_two.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_two.save()

        user_two_created_consignee = ConsigneeFactory(
            name='Some Consignee',
            remarks='Original Remark',
            imported_from_vision=False, 
            created_by_user=user_two)
        self.client.login(username='******', password='******')
        response = self.client.put(
            ENDPOINT_URL + str(user_two_created_consignee.id) + '/', 
            {'name': 'Some Consignee', 'remarks': 'Updated Remark'})

        self.assertEqual(response.status_code, 200)
        self.assertEqual(Consignee.objects.get(name='Some Consignee').remarks, 'Updated Remark')
예제 #9
0
    def test_should_not_allow_ip_editor_to_change_consignee_only_if_consignee_created_by_another_ip(self):
        profile_consignee_one = ConsigneeFactory(name='Consignee 1')
        profile_consignee_two = ConsigneeFactory(name='Consignee 2')

        user_one = User.objects.create_user(username='******', password='******')
        user_profile_one = UserProfile(user=user_one, consignee=profile_consignee_one)
        user_profile_one.save()
        user_one.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_one.save()

        user_two = User.objects.create_user(username='******', password='******')
        user_profile_two = UserProfile(user=user_two, consignee=profile_consignee_two)
        user_profile_two.save()
        user_two.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_two.save()

        user_two_created_consignee = ConsigneeFactory(
            name='Another New Consignee', 
            imported_from_vision=False, 
            created_by_user=user_two)
        self.client.login(username='******', password='******')
        response = self.client.put(
            ENDPOINT_URL + str(user_two_created_consignee.id) + '/', 
            {'name': 'Updated New Consignee'})

        self.assertEqual(response.status_code, 403)
        self.assertEqual(Consignee.objects.filter(name='Another New Consignee').count(), 1)
        self.assertEqual(Consignee.objects.filter(name='Updated New Consignee').count(), 0)
예제 #10
0
    def test_should_disallow_ip_editor_from_deleting_consignee_created_by_another_role(
            self):
        user = User.objects.create_user(username='******', password='******')
        attached_consignee = ConsigneeFactory(name='User Attached Consignee',
                                              created_by_user=user,
                                              imported_from_vision=False)
        profile = UserProfile(user=user, consignee=attached_consignee)
        profile.save()
        user.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user.save()

        user_two = User.objects.create_user(username='******',
                                            password='******')
        user_two.groups = [Group.objects.get(name='UNICEF_admin')]
        user_two.save()

        consignee = ConsigneeFactory(name='New Consignee',
                                     created_by_user=user_two,
                                     imported_from_vision=False)
        self.client.login(username='******', password='******')
        response = self.client.delete(ENDPOINT_URL + str(consignee.id) + '/')

        self.assertEqual(response.status_code, 403)
예제 #11
0
    def test_should_allow_ip_editor_to_change_consignee_remarks_even_if_created_by_another(
            self):
        profile_consignee_one = ConsigneeFactory(name='Consignee 1')
        profile_consignee_two = ConsigneeFactory(name='Consignee 2')

        user_one = User.objects.create_user(username='******',
                                            password='******')
        user_profile_one = UserProfile(user=user_one,
                                       consignee=profile_consignee_one)
        user_profile_one.save()
        user_one.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_one.save()

        user_two = User.objects.create_user(username='******',
                                            password='******')
        user_profile_two = UserProfile(user=user_two,
                                       consignee=profile_consignee_two)
        user_profile_two.save()
        user_two.groups = [
            Group.objects.get(name='Implementing Partner_editor')
        ]
        user_two.save()

        user_two_created_consignee = ConsigneeFactory(
            name='Some Consignee',
            remarks='Original Remark',
            imported_from_vision=False,
            created_by_user=user_two)
        self.client.login(username='******', password='******')
        response = self.client.put(
            ENDPOINT_URL + str(user_two_created_consignee.id) + '/', {
                'name': 'Some Consignee',
                'remarks': 'Updated Remark'
            })

        self.assertEqual(response.status_code, 200)
        self.assertEqual(
            Consignee.objects.get(name='Some Consignee').remarks,
            'Updated Remark')
예제 #12
0
    def test_should_allow_ip_editor_to_delete_consignee_that_are_not_created_by_them_but_same_consignee(self):
        user_consignee = ConsigneeFactory(name='Created Consignee')

        user_one = User.objects.create_user(username='******', password='******')
        user_profile = UserProfile(user=user_one, consignee=user_consignee)
        user_profile.save()
        user_one.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_one.save()

        user_two = User.objects.create_user(username='******', password='******')
        user_profile = UserProfile(user=user_two, consignee=user_consignee)
        user_profile.save()
        user_two.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_two.save()

        consignee = ConsigneeFactory(name='New Consignee', imported_from_vision=False, created_by_user=user_one)
        self.client.login(username='******', password='******')
        response = self.client.delete(ENDPOINT_URL + str(consignee.id) + '/')

        self.assertEqual(response.status_code, 204)
        self.assertEqual(Consignee.objects.filter(name='New Consignee').count(), 0)
예제 #13
0
    def test_should_give_ip_user_permission_to_fully_edit_consignee_created_by_same_ip(self):
        profile_consignee_one = ConsigneeFactory(name='Consignee 1')

        user_one = User.objects.create_user(username='******', password='******')
        user_profile_one = UserProfile(user=user_one, consignee=profile_consignee_one)
        user_profile_one.save()
        user_one.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_one.save()

        user_two = User.objects.create_user(username='******', password='******')
        user_profile_two = UserProfile(user=user_two, consignee=profile_consignee_one)
        user_profile_two.save()
        user_two.groups = [Group.objects.get(name='Implementing Partner_editor')]
        user_two.save()

        consignee_to_check = ConsigneeFactory(
            name='Original Name', 
            imported_from_vision=False,
            created_by_user=user_two)
        self.client.login(username='******', password='******')
        response = self.client.get(ENDPOINT_URL + str(consignee_to_check.id) + '/permission_to_edit/')

        self.assertEqual(response.data['permission'], 'can_edit_fully')
        self.assertEqual(response.status_code, 200)