def test_file_download_fails_for_viewer(self, mock_create_form_csv):
viewer = UserFactory.create()
self.investigation.add_user(viewer, "V")
self.client.force_login(viewer)
form_instance = self.form_instance
response = self.client.get(
reverse("form_responses_csv",
kwargs={
"form_slug": form_instance.form.slug,
"investigation_slug":
form_instance.form.investigation.slug,
"bucket": "inbox"
}))
self.assertEquals(response.status_code, 403)
def test_file_download_fails_for_wrong_user(self):
other_owner = UserFactory.create()
other_investigation = InvestigationFactory.create()
other_investigation.add_user(other_owner, INVESTIGATION_ROLES.OWNER)
form_response = FormResponseFactory.create(
json={"file_field": ["data:image/png;base64,abc123"]},
form_instance=self.form_instance)
self.client.force_login(other_owner)
response = self.client.get(
"/forms/admin/investigations/{}/forms/{}/responses/{}/files/file_field/2"
.format(self.investigation.slug, self.form.slug, form_response.id))
self.assertEquals(response.status_code, 403)
def test_invite_validates_email_address(self):
admin = UserFactory.create()
investigation = InvestigationFactory.create()
investigation.add_user(admin, INVESTIGATION_ROLES.ADMIN)
self.client.force_login(admin)
# The two users are: `admin` form above
# and `AnonymousUser` from DRF
self.assertEqual(User.objects.count(), 2)
self.assertEqual(Invitation.objects.count(), 0)
response = self.client.post(reverse("invitations", kwargs={"investigation_slug": investigation.slug}),
data={"email": "invalid@@@"})
self.assertEqual(response.status_code, 400)
self.assertEqual(Invitation.objects.count(), 0)
self.assertEqual(User.objects.count(), 2)
def test_file_download_fails_for_wrong_investigation(
self, mock_create_form_csv):
other_owner = UserFactory.create()
other_investigation = InvestigationFactory.create()
other_investigation.add_user(other_owner, INVESTIGATION_ROLES.OWNER)
self.client.force_login(other_owner)
form_instance = self.form_instance
response = self.client.get(
reverse("form_responses_csv",
kwargs={
"form_slug": form_instance.form.slug,
"investigation_slug": other_investigation.slug,
"bucket": "inbox"
}))
self.assertEquals(response.status_code, 403)
def test_user_can_make_new_investigation(self):
user = UserFactory.create()
self.client.force_login(user)
response = self.client.post(reverse("investigations"), {
"name": "test",
"slug": "test"
})
self.assertEqual(response.status_code, 201)
new_investigation = Investigation.objects.get(slug="test")
self.assertTrue(new_investigation)
investigation_owners = UserGroup.objects.get(
investigation=new_investigation, role="O")
self.assertQuerysetEqual(investigation_owners.group.user_set.all(),
[repr(user)])
def test_edit_fails_for_viewer(self):
form_instance = self.make_singe_step_instance(
{"name": {
"type": "string"
}})
form_response = FormResponseFactory.create(json={"name": "Gödel"},
form_instance=form_instance)
viewer = UserFactory.create()
self.investigation.add_user(viewer, "V")
self.client.force_login(viewer)
response = self.client.post(url_for_response(form_response),
data={"json__name": "Escher"})
self.assertEqual(response.status_code, 403)
updated_response = FormResponse.objects.get(id=form_response.id)
self.assertEqual(updated_response.json["name"], "Gödel")
def test_assign_tags_for_editor(self):
editor = UserFactory.create()
self.investigation.add_user(editor, "E")
self.client.force_login(editor)
responses = self.responses[0]
form = responses[0].form_instance.form
tag = TagFactory.create(name='Pasta', investigation=self.investigation)
payload = {
"selected_responses": [responses[3].id, responses[4].id],
"tag": tag.id
}
response = self.client.post(make_url(form), data=payload)
self.assertEqual(response.status_code, 302)
def setUp(self):
form_instances = [FormInstanceFactory.create() for _ in range(2)]
investigations = [instance.form.investigation for instance in form_instances]
responses = [[], []]
for index, instance in enumerate(form_instances):
for _ in range(5):
response = FormResponseFactory.create(form_instance=instance)
responses[index].append(response)
user = UserFactory.create()
self.investigation = investigations[0]
self.investigation.add_user(user, INVESTIGATION_ROLES.EDITOR)
self.responses = responses
self.admin_user = user
self.client.force_login(self.admin_user)
def test_wrong_admin_cannot_add_form(self):
admin = UserFactory.create()
investigation = InvestigationFactory.create()
investigation.add_user(admin, INVESTIGATION_ROLES.ADMIN)
other_investigation = InvestigationFactory()
self.client.force_login(admin)
self.assertEqual(Form.objects.count(), 0)
response = self.client.post(reverse(
"interviewers",
kwargs={"investigation_slug": other_investigation.slug}),
data={
"name": "test",
"slug": "test"
})
self.assertEqual(response.status_code, 403)
self.assertEqual(Form.objects.count(), 0)
def test_admin_can_add_form(self):
admin = UserFactory.create()
investigation = InvestigationFactory.create()
investigation.add_user(admin, INVESTIGATION_ROLES.ADMIN)
self.client.force_login(admin)
self.assertEqual(Form.objects.count(), 0)
response = self.client.post(reverse(
"interviewers", kwargs={"investigation_slug": investigation.slug}),
data={
"name": "test",
"slug": "test"
})
self.assertEqual(response.status_code, 201)
self.assertEqual(Form.objects.count(), 1)
# make sure the right investigation was assigned
self.assertEqual(response.data["investigation"], investigation.id)
def test_admin_can_invite_new_users(self, mock_invite_user):
def create_user(*args):
user = User()
user.save()
return user
mock_invite_user.side_effect = create_user
admin = UserFactory.create()
investigation = InvestigationFactory.create()
investigation.add_user(admin, INVESTIGATION_ROLES.ADMIN)
self.client.force_login(admin)
# The two users are: `admin` form above
# and `AnonymousUser` from DRF
self.assertEqual(User.objects.count(), 2)
self.assertEqual(Invitation.objects.count(), 0)
response = self.client.post(reverse("invitations", kwargs={"investigation_slug": investigation.slug}),
data={"email": "*****@*****.**"})
self.assertTrue(mock_invite_user.called)
self.assertEqual(response.status_code, 201)
self.assertEqual(Invitation.objects.count(), 1)
self.assertEqual(User.objects.count(), 3)
def setUp(self):
self.investigation_owner = UserFactory.create()
self.investigation = InvestigationFactory.create()
self.investigation.add_user(self.investigation_owner, "O")
def test_user_role_for_investigation_for_non_member(self):
owner = UserFactory.create()
investigation = InvestigationFactory.create()
self.assertEqual(user_role_for_investigation(owner, investigation), None)
def test_user_role_for_investigation(self):
owner = UserFactory.create()
investigation = InvestigationFactory.create()
investigation.add_user(owner, INVESTIGATION_ROLES.OWNER)
self.assertEqual(user_role_for_investigation(owner, investigation), INVESTIGATION_ROLES.OWNER)
def setUp(self):
self.user = UserFactory.create()
def setUp(self):
self.form_instance = FormInstanceFactory.create()
self.owner = UserFactory.create()
self.investigation = self.form_instance.form.investigation
self.investigation.add_user(self.owner, INVESTIGATION_ROLES.OWNER)
def setUp(self):
self.investigation_owner = UserFactory.create()
self.investigation = InvestigationFactory.create()
self.form = FormFactory.create(investigation=self.investigation)
self.investigation.add_user(self.investigation_owner, INVESTIGATION_ROLES.OWNER)