예제 #1
0
    def test_remove_user_from_team(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({'post': 'members', 'delete': 'members'})

        data = {'username': self.user.username}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data, [self.user.username])
        self.assertIn(self.team.group_ptr, self.user.groups.all())

        request = self.factory.delete('/',
                                      data=json.dumps(data),
                                      content_type="application/json",
                                      **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data, [])
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())
예제 #2
0
    def _team_create(self):
        self._org_create()

        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'create'
        })

        data = {
            'name': u'dreamteam',
            'organization': self.company_data['org']
        }
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request)
        self.assertEqual(response.status_code, 201)
        self.owner_team = Team.objects.get(
            organization=self.organization.user,
            name='%s#Owners' % (self.organization.user.username))
        team = Team.objects.get(
            organization=self.organization.user,
            name='%s#%s' % (self.organization.user.username, data['name']))
        data['url'] = 'http://testserver/api/v1/teams/%s' % team.pk
        data['teamid'] = team.id
        self.assertDictContainsSubset(data, response.data)
        self.team_data = response.data
        self.team = team
예제 #3
0
 def test_teams_get(self):
     self._team_create()
     view = TeamViewSet.as_view({'get': 'retrieve'})
     request = self.factory.get('/', **self.extra)
     response = view(request, pk=self.team.pk)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.team_data)
예제 #4
0
    def test_team_share(self):
        self._team_create()
        self._publish_xls_form_to_project()
        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)
        user_chuck = chuck_profile.user

        tools.add_user_to_team(self.team, user_chuck)
        view = TeamViewSet.as_view({'post': 'share'})

        ROLES = [ReadOnlyRole, EditorRole]

        for role_class in ROLES:
            self.assertFalse(role_class.user_has_role(user_chuck,
                                                      self.project))
            data = {'role': role_class.name, 'project': self.project.pk}
            request = self.factory.post('/',
                                        data=json.dumps(data),
                                        content_type="application/json",
                                        **self.extra)
            response = view(request, pk=self.team.pk)

            self.assertEqual(response.status_code, 204)

            self.assertTrue(role_class.user_has_role(user_chuck, self.project))
            self.assertTrue(role_class.user_has_role(user_chuck, self.xform))
예제 #5
0
    def test_team_share(self):
        self._team_create()
        project = Project.objects.create(name="Test Project",
                                         organization=self.team.organization,
                                         created_by=self.user,
                                         metadata='{}')
        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)
        user_chuck = chuck_profile.user

        tools.add_user_to_team(self.team, user_chuck)
        view = TeamViewSet.as_view({
            'post': 'share'})

        ROLES = [ReadOnlyRole,
                 EditorRole]

        for role_class in ROLES:
            self.assertFalse(role_class.user_has_role(user_chuck,
                                                      project))
            data = {'role': role_class.name,
                    'project': project.pk}
            request = self.factory.post(
                '/', data=json.dumps(data),
                content_type="application/json", **self.extra)
            response = view(request, pk=self.team.pk)

            self.assertEqual(response.status_code, 204)
            self.assertTrue(role_class.user_has_role(user_chuck, project))
예제 #6
0
    def test_get_all_team(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'members'
        })

        data = {'username': self.user.username}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data,
                         [self.user.username])
        self.assertIn(self.team.group_ptr, self.user.groups.all())

        get_data = {'org': 'denoinc'}
        request = self.factory.get('/', data=get_data, **self.extra)
        response = view(request)
        self.assertNotEqual(response.get('Cache-Control'), None)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.data), 3)
예제 #7
0
    def _team_create(self):
        self._org_create()

        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'create'
        })

        data = {
            'name': u'dreamteam',
            'organization': self.company_data['org']
        }
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request)
        self.assertEqual(response.status_code, 201)
        self.owner_team = Team.objects.get(
            organization=self.organization.user,
            name='%s#Owners' % (self.organization.user.username))
        team = Team.objects.get(
            organization=self.organization.user,
            name='%s#%s' % (self.organization.user.username, data['name']))
        data['url'] = 'http://testserver/api/v1/teams/%s' % team.pk
        data['teamid'] = team.id
        self.assertDictContainsSubset(data, response.data)
        self.team_data = response.data
        self.team = team
예제 #8
0
    def test_remove_user_from_team(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({
            'post': 'members',
            'delete': 'members'
        })

        data = {'username': self.user.username}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data,
                         [self.user.username])
        self.assertIn(self.team.group_ptr, self.user.groups.all())

        request = self.factory.delete(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data,
                         [])
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())
예제 #9
0
    def test_remove_team_from_project(self):
        self._team_create()
        self._publish_xls_form_to_project()
        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)
        user_chuck = chuck_profile.user

        tools.add_user_to_team(self.team, user_chuck)
        view = TeamViewSet.as_view({
            'post': 'share'})

        self.assertFalse(EditorRole.user_has_role(user_chuck,
                                                  self.project))
        data = {'role': EditorRole.name,
                'project': self.project.pk}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 204)
        self.assertTrue(EditorRole.user_has_role(user_chuck, self.project))

        data = {'role': EditorRole.name,
                'project': self.project.pk,
                'remove': True}

        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 204)
        self.assertFalse(EditorRole.user_has_role(user_chuck, self.project))
        self.assertFalse(EditorRole.user_has_role(user_chuck, self.xform))
예제 #10
0
    def test_get_all_team(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'members'
        })

        data = {'username': self.user.username}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data,
                         [self.user.username])
        self.assertIn(self.team.group_ptr, self.user.groups.all())

        get_data = {'org': 'denoinc'}
        request = self.factory.get('/', data=get_data, **self.extra)
        response = view(request)
        self.assertNotEqual(response.get('Cache-Control'), None)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.data), 3)
예제 #11
0
 def test_teams_get(self):
     self._team_create()
     view = TeamViewSet.as_view({
         'get': 'retrieve'
     })
     request = self.factory.get('/', **self.extra)
     response = view(request, pk=self.team.pk)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.team_data)
예제 #12
0
    def test_team_members_meta_perms_restrictions(self):
        self._team_create()
        self._publish_xls_form_to_project()
        user_alice = self._create_user('alice', 'alice')

        members_team = Team.objects.get(
            name='%s#%s' % (self.organization.user.username, 'members'))

        # add alice to members team
        add_user_to_team(members_team, user_alice)

        # confirm that the team and members have no permissions on form
        self.assertFalse(get_perms(members_team, self.xform))
        self.assertFalse(get_perms(user_alice, self.xform))

        # share project to team
        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'share'})

        post_data = {
            'role': EditorRole.name,
            'project': self.project.pk,
            'remove': False
        }
        request = self.factory.post('/', data=post_data, **self.extra)
        response = view(request, pk=members_team.pk)
        self.assertEqual(response.status_code, 204)

        # team members should have editor permissions now
        alice_perms = get_perms(user_alice, self.xform)
        alice_role = get_role(alice_perms, self.xform)
        self.assertEqual(EditorRole.name, alice_role)
        self.assertTrue(EditorRole.user_has_role(user_alice, self.xform))

        # change meta permissions
        meta_view = MetaDataViewSet.as_view({
            'post': 'create',
            'put': 'update'
        })

        data = {
            'data_type': XFORM_META_PERMS,
            'data_value': 'editor-minor|dataentry',
            'xform': self.xform.pk
        }

        request = self.factory.post('/', data, **self.extra)
        response = meta_view(request)
        self.assertEqual(response.status_code, 201)

        # members should now have EditorMinor role
        self.assertTrue(EditorMinorRole.user_has_role(user_alice, self.xform))
예제 #13
0
    def test_team_members_meta_perms_restrictions(self):
        self._team_create()
        self._publish_xls_form_to_project()
        user_alice = self._create_user('alice', 'alice')

        members_team = Team.objects.get(
            name='%s#%s' % (self.organization.user.username, 'members'))

        # add alice to members team
        add_user_to_team(members_team, user_alice)

        # confirm that the team and members have no permissions on form
        self.assertFalse(get_perms(members_team, self.xform))
        self.assertFalse(get_perms(user_alice, self.xform))

        # share project to team
        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'share'})

        post_data = {
            'role': EditorRole.name,
            'project': self.project.pk,
            'remove': False
        }
        request = self.factory.post('/', data=post_data, **self.extra)
        response = view(request, pk=members_team.pk)
        self.assertEqual(response.status_code, 204)

        # team members should have editor permissions now
        alice_perms = get_perms(user_alice, self.xform)
        alice_role = get_role(alice_perms, self.xform)
        self.assertEqual(EditorRole.name, alice_role)
        self.assertTrue(EditorRole.user_has_role(user_alice, self.xform))

        # change meta permissions
        meta_view = MetaDataViewSet.as_view({
            'post': 'create',
            'put': 'update'
        })

        data = {
            'data_type': XFORM_META_PERMS,
            'data_value': 'editor-minor|dataentry',
            'xform': self.xform.pk
        }

        request = self.factory.post('/', data, **self.extra)
        response = meta_view(request)
        self.assertEqual(response.status_code, 201)

        # members should now have EditorMinor role
        self.assertTrue(EditorMinorRole.user_has_role(user_alice, self.xform))
예제 #14
0
 def test_teams_get(self):
     self._team_create()
     view = TeamViewSet.as_view({
         'get': 'retrieve'
     })
     request = self.factory.get('/', **self.extra)
     response = view(request)
     self.assertEqual(response.status_code, 400)
     self.assertEqual(response.data,
                      {'detail':
                       'Expected URL keyword argument `owner` and `pk`.'})
     request = self.factory.get('/', **self.extra)
     response = view(request, owner='denoinc', pk=self.team.pk)
     self.assertEqual(response.status_code, 200)
     self.assertEqual(response.data, self.team_data)
예제 #15
0
    def test_team_share_members(self):
        self._team_create()
        project = Project.objects.create(name="Test Project",
                                         organization=self.team.organization,
                                         created_by=self.user,
                                         metadata='{}')

        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'share'})

        get_data = {'org': 'denoinc'}
        request = self.factory.get('/', data=get_data, **self.extra)
        response = view(request)
        # get the members team
        self.assertEquals(response.data[1].get('name'), 'members')
        teamid = response.data[1].get('teamid')

        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)
        user_chuck = chuck_profile.user

        self.team = Team.objects.get(pk=teamid)
        tools.add_user_to_team(self.team, user_chuck)

        self.assertFalse(EditorRole.user_has_role(user_chuck,
                                                  project))
        post_data = {'role': EditorRole.name,
                     'project': project.pk,
                     'remove': False,
                     'org': 'denoinc'}
        request = self.factory.post(
            '/', data=post_data, **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 204)
        self.assertTrue(EditorRole.user_has_role(user_chuck, project))

        view = ProjectViewSet.as_view({
            'get': 'retrieve'
        })
        request = self.factory.get('/', **self.extra)
        response = view(request, pk=project.pk)
        self.assertNotEqual(response.get('Cache-Control'), None)
        self.assertEqual(response.status_code, 200)

        self.assertEqual(len(response.data.get('users')), 2)
예제 #16
0
    def test_team_share_members(self):
        self._team_create()
        project = Project.objects.create(name="Test Project",
                                         organization=self.team.organization,
                                         created_by=self.user,
                                         metadata='{}')

        view = TeamViewSet.as_view({
            'get': 'list',
            'post': 'share'})

        get_data = {'org': 'denoinc'}
        request = self.factory.get('/', data=get_data, **self.extra)
        response = view(request)
        # get the members team
        self.assertEquals(response.data[1].get('name'), 'members')
        teamid = response.data[1].get('teamid')

        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)
        user_chuck = chuck_profile.user

        self.team = Team.objects.get(pk=teamid)
        tools.add_user_to_team(self.team, user_chuck)

        self.assertFalse(EditorRole.user_has_role(user_chuck,
                                                  project))
        post_data = {'role': EditorRole.name,
                     'project': project.pk,
                     'remove': False,
                     'org': 'denoinc'}
        request = self.factory.post(
            '/', data=post_data, **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 204)
        self.assertTrue(EditorRole.user_has_role(user_chuck, project))

        view = ProjectViewSet.as_view({
            'get': 'retrieve'
        })
        request = self.factory.get('/', **self.extra)
        response = view(request, pk=project.pk)
        self.assertNotEqual(response.get('Cache-Control'), None)
        self.assertEqual(response.status_code, 200)

        self.assertEqual(len(response.data.get('users')), 2)
예제 #17
0
    def test_add_user_to_team_user_does_not_exist(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({'post': 'members'})

        data = {'username': '******'}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.data,
                         {'username': [u'User `aboy` does not exist.']})
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())
예제 #18
0
    def test_add_user_to_team_missing_username(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({'post': 'members'})

        data = {}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.data,
                         {'username': [u'This field is required.']})
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())
예제 #19
0
    def test_add_user_to_team_missing_username(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({
            'post': 'members'
        })

        data = {}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.data,
                         {'username': [u'This field is required.']})
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())
예제 #20
0
    def test_add_user_to_team_user_does_not_exist(self):
        self._team_create()
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())

        view = TeamViewSet.as_view({
            'post': 'members'
        })

        data = {'username': '******'}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.data,
                         {'username': [u'User `aboy` does not exist.']})
        self.assertNotIn(self.team.group_ptr, self.user.groups.all())
예제 #21
0
    def test_remove_team_from_project(self):
        self._team_create()
        project = Project.objects.create(name="Test Project",
                                         organization=self.team.organization,
                                         created_by=self.user,
                                         metadata='{}')
        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)
        user_chuck = chuck_profile.user

        tools.add_user_to_team(self.team, user_chuck)
        view = TeamViewSet.as_view({
            'post': 'share'})

        self.assertFalse(EditorRole.user_has_role(user_chuck,
                                                  project))
        data = {'role': EditorRole.name,
                'project': project.pk}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 204)
        self.assertTrue(EditorRole.user_has_role(user_chuck, project))

        data = {'role': EditorRole.name,
                'project': project.pk,
                'remove': True}

        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 204)
        self.assertFalse(EditorRole.user_has_role(user_chuck, project))
예제 #22
0
    def test_add_user_to_team_no_perms(self):
        self._team_create()

        view = TeamViewSet.as_view({
            'post': 'members',
            'get': 'retrieve',
            'delete': 'members'
        })

        # add bob
        data = {'username': self.user.username}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data, [self.user.username])

        # create user alice
        alice_data = {'username': '******', 'email': '*****@*****.**'}
        alice_profile = self._create_user_profile(alice_data)

        # add alice to the team
        data = {'username': alice_profile.user.username}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(
            sorted(response.data),
            sorted([self.user.username, alice_profile.user.username]))

        # check that alice is able to access the team
        alice_extra = {
            'HTTP_AUTHORIZATION': 'Token %s' % alice_profile.user.auth_token
        }
        request = self.factory.get('/',
                                   content_type="application/json",
                                   **alice_extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 200)

        # remove alice from the team
        data = {'username': alice_profile.user.username}
        request = self.factory.delete('/',
                                      data=json.dumps(data),
                                      content_type="application/json",
                                      **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data, [self.user.username])

        # check alice cant access the team
        request = self.factory.get('/',
                                   content_type="application/json",
                                   **alice_extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 404)
예제 #23
0
 def setUp(self):
     super(self.__class__, self).setUp()
     self.view = TeamViewSet.as_view({
         'get': 'list',
         'post': 'create'
     })
예제 #24
0
 def setUp(self):
     super(self.__class__, self).setUp()
     self.view = TeamViewSet.as_view({'get': 'list', 'post': 'create'})
예제 #25
0
    def test_add_user_to_team_no_perms(self):
        self._team_create()

        view = TeamViewSet.as_view({
            'post': 'members',
            'get': 'retrieve',
            'delete': 'members'
        })

        # add bob
        data = {'username': self.user.username}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data,
                         [self.user.username])

        # create user alice
        alice_data = {'username': '******', 'email': '*****@*****.**'}
        alice_profile = self._create_user_profile(alice_data)

        # add alice to the team
        data = {'username': alice_profile.user.username}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(sorted(response.data),
                         sorted([self.user.username,
                                 alice_profile.user.username]))

        # check that alice is able to access the team
        alice_extra = {
            'HTTP_AUTHORIZATION': 'Token %s' % alice_profile.user.auth_token}
        request = self.factory.get(
            '/', content_type="application/json", **alice_extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 200)

        # remove alice from the team
        data = {'username': alice_profile.user.username}
        request = self.factory.delete(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 201)
        self.assertEqual(response.data,
                         [self.user.username])

        # check alice cant access the team
        request = self.factory.get(
            '/', content_type="application/json", **alice_extra)
        response = view(request, pk=self.team.pk)

        self.assertEqual(response.status_code, 404)
예제 #26
0
    def test_non_owners_should_be_able_to_change_member_permissions(self):
        self._org_create()
        self._publish_xls_form_to_project()

        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)

        view = OrganizationProfileViewSet.as_view({'post': 'members'})

        data = {
            'username': chuck_profile.user.username,
            'role': OwnerRole.name
        }
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user=self.organization.user.username)

        self.assertEqual(response.status_code, 201)

        owners_team = get_organization_owners_team(self.organization)
        self.assertIn(chuck_profile.user, owners_team.user_set.all())

        alice_data = {'username': '******', 'email': '*****@*****.**'}
        alice_profile = self._create_user_profile(alice_data)

        data = {'username': alice_profile.user.username}
        request = self.factory.post('/',
                                    data=json.dumps(data),
                                    content_type="application/json",
                                    **self.extra)

        response = view(request, user=self.organization.user.username)

        self.assertEqual(response.status_code, 201)

        member_team = get_organization_members_team(self.organization)
        self.assertIn(alice_profile.user, member_team.user_set.all())

        view = TeamViewSet.as_view({'post': 'share'})

        post_data = {
            'role': EditorRole.name,
            'project': self.project.pk,
            'org': self.organization.user.username
        }
        request = self.factory.post('/', data=post_data, **self.extra)
        response = view(request, pk=member_team.pk)

        self.assertEqual(response.status_code, 204)

        post_data = {
            'role': ReadOnlyRole.name,
            'project': self.project.pk,
            'org': self.organization.user.username
        }

        extra = {
            'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token
        }
        request = self.factory.post('/', data=post_data, **extra)
        response = view(request, pk=member_team.pk)
        self.assertEqual(response.status_code, 204)
예제 #27
0
    def test_non_owners_should_be_able_to_change_member_permissions(self):
        self._org_create()
        self._publish_xls_form_to_project()

        chuck_data = {'username': '******', 'email': '*****@*****.**'}
        chuck_profile = self._create_user_profile(chuck_data)

        view = OrganizationProfileViewSet.as_view({
            'post': 'members'
        })

        data = {'username': chuck_profile.user.username,
                'role': OwnerRole.name}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user=self.organization.user.username)

        self.assertEqual(response.status_code, 201)

        owners_team = get_organization_owners_team(self.organization)
        self.assertIn(chuck_profile.user, owners_team.user_set.all())

        alice_data = {'username': '******', 'email': '*****@*****.**'}
        alice_profile = self._create_user_profile(alice_data)

        data = {'username': alice_profile.user.username}
        request = self.factory.post(
            '/', data=json.dumps(data),
            content_type="application/json", **self.extra)

        response = view(request, user=self.organization.user.username)

        self.assertEqual(response.status_code, 201)

        member_team = get_organization_members_team(self.organization)
        self.assertIn(alice_profile.user, member_team.user_set.all())

        view = TeamViewSet.as_view({
            'post': 'share'
        })

        post_data = {'role': EditorRole.name,
                     'project': self.project.pk,
                     'org': self.organization.user.username}
        request = self.factory.post(
            '/', data=post_data, **self.extra)
        response = view(request, pk=member_team.pk)

        self.assertEqual(response.status_code, 204)

        post_data = {'role': ReadOnlyRole.name,
                     'project': self.project.pk,
                     'org': self.organization.user.username}

        extra = {
            'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token}
        request = self.factory.post(
            '/', data=post_data, **extra)
        response = view(request, pk=member_team.pk)
        self.assertEqual(response.status_code, 204)