def create_wtfs_app(request, temporary_path):
app = create_app(
WtfsApp,
request,
use_smtp=True,
depot_backend='depot.io.local.LocalFileStorage',
depot_storage_path=str(temporary_path),
)
app.session_manager.set_locale('de_CH', 'de_CH')
session = app.session()
group_id = uuid4()
session.add(PaymentType(name='normal', _price_per_quantity=700))
session.add(PaymentType(name='spezial', _price_per_quantity=850))
session.add(Municipality(
id=group_id,
name='My Municipality',
bfs_number=1,
payment_type='normal'
))
session.add(User(
realname='Admin',
username='******',
password_hash=request.getfixturevalue('wtfs_password'),
role='admin'
))
session.add(User(
realname='Editor',
username='******',
password_hash=request.getfixturevalue('wtfs_password'),
role='editor',
group_id=group_id,
data={'contact': True}
))
session.add(User(
realname='Member',
username='******',
password_hash=request.getfixturevalue('wtfs_password'),
role='member',
group_id=group_id
))
session.add(User(
realname='Optimo',
username='******',
password_hash=request.getfixturevalue('wtfs_password'),
role='member'
))
commit()
return app
def add_municipality(self, request, form):
""" Create a new municipality. """
layout = AddMunicipalityLayout(self, request)
if form.submitted(request):
municipality = Municipality()
form.update_model(municipality)
request.session.add(municipality)
request.message(_("Municipality added."), 'success')
return redirect(layout.success_url)
return {
'layout': layout,
'form': form,
'button_text': _("Save"),
'cancel': layout.cancel_url
}
def test_editor_delete_day_before(wtfs_app, wtfs_password):
session = wtfs_app.session()
def permits(user, model, permission):
return permits_by_app(wtfs_app, user, model, permission)
# Remove existing users and group
session.query(User).delete()
session.query(Municipality).delete()
# Add two towns
foo = uuid4()
session.add(Municipality(
id=foo,
name='Foo',
bfs_number=1,
))
session.add(PickupDate(
date=date.today(),
municipality_id=foo,
))
bar = uuid4()
session.add(Municipality(
id=bar,
name='Bar',
bfs_number=1,
))
session.add(PickupDate(
date=date.today(),
municipality_id=bar,
))
# add a single scan job to foo
session.add(ScanJob(
type='normal',
municipality_id=foo,
delivery_number=1,
dispatch_date=date(2019, 1, 1))
)
# an admin with access to all of it
session.add(User(
username='******',
password_hash=wtfs_password,
role='admin'
))
# an editor with access to foo
session.add(User(
username='******',
password_hash=wtfs_password,
role='editor',
group_id=foo
))
# a member with access to foo
session.add(User(
username='******',
password_hash=wtfs_password,
role='member',
group_id=foo
))
# an editor with access to bar
session.add(User(
username='******',
password_hash=wtfs_password,
role='editor',
group_id=bar
))
# a member with access to bar
session.add(User(
username='******',
password_hash=wtfs_password,
role='member',
group_id=bar
))
session.flush()
def fetch_user(username):
return session.query(User).filter_by(username=username).one()
job = session.query(ScanJob).one()
admin = fetch_user('*****@*****.**')
foo_editor = fetch_user('*****@*****.**')
foo_member = fetch_user('*****@*****.**')
bar_editor = fetch_user('*****@*****.**')
bar_member = fetch_user('*****@*****.**')
dt = sedate.replace_timezone(datetime(2018, 12, 31), 'Europe/Zurich')
with freeze_time(dt.replace(hour=17, minute=0)):
assert permits(admin, job, DeleteModel)
assert permits(foo_editor, job, DeleteModel)
assert not permits(foo_member, job, DeleteModel)
assert not permits(bar_editor, job, DeleteModel)
assert not permits(bar_member, job, DeleteModel)
with freeze_time(dt.replace(hour=17, minute=1)):
assert permits(admin, job, DeleteModel)
assert not permits(foo_editor, job, DeleteModel)
assert not permits(foo_member, job, DeleteModel)
assert not permits(bar_editor, job, DeleteModel)
assert not permits(bar_member, job, DeleteModel)
def test_permissions(wtfs_app, wtfs_password):
session = wtfs_app.session()
def permits(user, model, permission):
return permits_by_app(wtfs_app, user, model, permission)
# Remove existing users and group
session.query(User).filter_by(realname='Editor').one().group_id = None
session.query(User).filter_by(realname='Member').one().group_id = None
session.query(Municipality).delete()
# Add new
municipality_a_id = uuid4()
session.add(Municipality(
id=municipality_a_id,
name='Municipality A',
bfs_number=10,
))
session.add(PickupDate(
date=date.today(),
municipality_id=municipality_a_id,
))
session.add(ScanJob(
type='normal',
municipality_id=municipality_a_id,
delivery_number=1,
dispatch_date=date(2019, 1, 1))
)
session.add(User(
realname='Admin A',
username='******',
password_hash=wtfs_password,
role='admin',
group_id=municipality_a_id
))
session.add(User(
realname='Editor A',
username='******',
password_hash=wtfs_password,
role='editor',
group_id=municipality_a_id
))
session.add(User(
realname='Member A',
username='******',
password_hash=wtfs_password,
role='member',
group_id=municipality_a_id
))
municipality_b_id = uuid4()
session.add(Municipality(
id=municipality_b_id,
name='Municipality B',
bfs_number=20,
))
session.add(User(
realname='Admin B',
username='******',
password_hash=wtfs_password,
role='admin',
group_id=municipality_b_id
))
session.add(User(
realname='Editor B',
username='******',
password_hash=wtfs_password,
role='editor',
group_id=municipality_b_id
))
session.add(User(
realname='Member B',
username='******',
password_hash=wtfs_password,
role='member',
group_id=municipality_b_id
))
query = session.query
admin = query(User).filter_by(realname='Admin').one()
admin_a = query(User).filter_by(realname='Admin A').one()
admin_b = query(User).filter_by(realname='Admin B').one()
editor = query(User).filter_by(realname='Editor').one()
editor_a = query(User).filter_by(realname='Editor A').one()
editor_b = query(User).filter_by(realname='Editor B').one()
member = query(User).filter_by(realname='Member').one()
member_a = query(User).filter_by(realname='Member A').one()
member_b = query(User).filter_by(realname='Member B').one()
group = UserGroup()
group_a = query(UserGroup).filter_by(name='Municipality A').one()
group_b = query(UserGroup).filter_by(name='Municipality B').one()
municipality = Municipality()
municipality_a = query(Municipality).filter_by(name='Municipality A').one()
municipality_b = query(Municipality).filter_by(name='Municipality B').one()
scan_job = query(ScanJob).one()
# General
model = object()
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserGroupCollection / MunicipalityCollection
# MunicipalityCollection
for model in (
MunicipalityCollection(session),
UserGroupCollection(session)
):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserGroup / Municipality
for user in (admin, admin_a, admin_b):
for model in (group_a, group_b, municipality_a, municipality_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for model in (group, municipality):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
for model in (
group_a, group_b, group,
municipality_a, municipality_b, municipality
):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserCollection
model = UserCollection(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# User
for user in (admin, admin_a, admin_b):
for model in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
if user == model:
assert not permits(user, model, DeleteModel)
else:
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for model in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, ):
for model in (admin, admin_a, admin_b, editor_a, editor_b,
member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor, ):
for model in (editor, ):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor_a, ):
for model in (admin, admin_a, admin_b, editor, editor_b,
member, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (editor_a, ):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (member_a,):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor_b, ):
for model in (admin, admin_a, admin_b, editor, editor_a,
member, member_a):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (editor_b, ):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (member_b,):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (member, member_a, member_b):
for model in (admin, admin_a, admin_b, editor, editor_a, editor_b,
member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# ScanJobCollection
model = ScanJobCollection(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor_a, editor_b, member_a, member_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor, member):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# ScanJob
model = scan_job
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_b, member, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (editor_a, member_a):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# DailyList
for model in (DailyList(), DailyListBoxes(session)):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for user in (member,):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
for model in (DailyListBoxesAndForms(session), ):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# Report
for model in (
Report(session),
ReportBoxes(session),
ReportBoxesAndForms(session),
ReportFormsByMunicipality(session)
):
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# Notification
model = Notification()
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# Invoice
model = Invoice(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# PaymentType
model = PaymentType()
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# PaymentTypeCollection
model = PaymentTypeCollection(session)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert not permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
# UserManual
model = UserManual(wtfs_app)
for user in (admin, admin_a, admin_b):
assert permits(user, model, Public)
assert permits(user, model, AddModel)
assert permits(user, model, AddModelUnrestricted)
assert permits(user, model, EditModel)
assert permits(user, model, EditModelUnrestricted)
assert permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert permits(user, model, ViewModelUnrestricted)
for user in (editor, editor_a, editor_b, member, member_a, member_b):
assert permits(user, model, Public)
assert not permits(user, model, AddModel)
assert not permits(user, model, AddModelUnrestricted)
assert not permits(user, model, EditModel)
assert not permits(user, model, EditModelUnrestricted)
assert not permits(user, model, DeleteModel)
assert permits(user, model, ViewModel)
assert not permits(user, model, ViewModelUnrestricted)
def test_municipality_layouts():
request = DummyRequest()
request_admin = DummyRequest(roles=['admin'])
# Municipality collection
model = MunicipalityCollection(None)
layout = MunicipalitiesLayout(model, request)
assert layout.title == 'Municipalities'
assert layout.editbar_links == []
assert path(layout.breadcrumbs) == 'DummyPrincipal/MunicipalityCollection'
assert layout.cancel_url == ''
assert layout.success_url == ''
layout = MunicipalitiesLayout(model, request_admin)
assert list(hrefs(layout.editbar_links)) == [
'MunicipalityCollection/import-data',
'MunicipalityCollection/add'
]
# ... add
layout = AddMunicipalityLayout(model, request)
assert layout.title == 'Add municipality'
assert layout.editbar_links == []
assert path(layout.breadcrumbs) == (
'DummyPrincipal/MunicipalityCollection/#'
)
assert layout.cancel_url == 'MunicipalityCollection/'
assert layout.success_url == 'MunicipalityCollection/'
layout = AddMunicipalityLayout(model, request_admin)
assert list(hrefs(layout.editbar_links)) == []
# ... import data
layout = ImportMunicipalityDataLayout(model, request)
assert layout.title == 'Import data'
assert layout.editbar_links == []
assert path(layout.breadcrumbs) == (
'DummyPrincipal/MunicipalityCollection/#'
)
assert layout.cancel_url == 'MunicipalityCollection/'
assert layout.success_url == 'MunicipalityCollection/'
layout = ImportMunicipalityDataLayout(model, request_admin)
assert list(hrefs(layout.editbar_links)) == []
# Municipality
model = Municipality(name='Boppelsen')
layout = MunicipalityLayout(model, request)
assert layout.title == 'Boppelsen'
assert layout.editbar_links == []
assert path(layout.breadcrumbs) == (
'DummyPrincipal/MunicipalityCollection/#'
)
assert layout.cancel_url == ''
assert layout.success_url == ''
layout = MunicipalityLayout(model, request_admin)
assert list(hrefs(layout.editbar_links)) == [
'Municipality/edit',
'Municipality/delete-dates',
'Municipality/?csrf-token=x'
]
# ... edit
layout = EditMunicipalityLayout(model, request)
assert layout.title == 'Edit municipality'
assert layout.editbar_links == []
assert path(layout.breadcrumbs) == (
'DummyPrincipal/MunicipalityCollection/Municipality/#'
)
assert layout.cancel_url == 'Municipality/'
assert layout.success_url == 'MunicipalityCollection/'
layout = EditMunicipalityLayout(model, request_admin)
assert list(hrefs(layout.editbar_links)) == []
# ... delete dates
layout = DeleteMunicipalityDatesLayout(model, request)
assert layout.title == 'Delete pick-up dates'
assert layout.editbar_links == []
assert path(layout.breadcrumbs) == (
'DummyPrincipal/MunicipalityCollection/Municipality/#'
)
assert layout.cancel_url == 'Municipality/'
assert layout.success_url == 'Municipality/'
layout = DeleteMunicipalityDatesLayout(model, request_admin)
assert list(hrefs(layout.editbar_links)) == []
def test_invoice(session):
session.add(PaymentType(name='normal', _price_per_quantity=700))
session.add(PaymentType(name='spezial', _price_per_quantity=850))
session.add(
Municipality(name='Adlikon',
address_supplement='Finkenweg',
gpn_number=8882255,
bfs_number=21,
payment_type='normal'))
session.add(
Municipality(name='Aesch',
address_supplement='Meisenweg',
gpn_number=9993344,
bfs_number=241,
payment_type='spezial'))
session.flush()
adlikon = session.query(Municipality).filter_by(name='Adlikon').one()
aesch = session.query(Municipality).filter_by(name='Aesch').one()
session.add(
ScanJob(
type='normal',
municipality_id=adlikon.id,
delivery_number=1,
dispatch_date=date(2018, 12, 10),
dispatch_boxes=1,
dispatch_tax_forms_current_year=10,
dispatch_tax_forms_last_year=20,
dispatch_tax_forms_older=30,
dispatch_single_documents=40,
dispatch_cantonal_tax_office=5,
dispatch_cantonal_scan_center=4,
return_date=date(2018, 12, 20),
return_boxes=1,
return_tax_forms_current_year=9,
return_tax_forms_last_year=18,
return_tax_forms_older=27,
return_single_documents=36,
return_unscanned_tax_forms_current_year=1,
return_unscanned_tax_forms_last_year=2,
return_unscanned_tax_forms_older=3,
return_unscanned_single_documents=4,
))
session.add(
ScanJob(
type='normal',
municipality_id=adlikon.id,
delivery_number=2,
dispatch_date=date(2019, 1, 10),
dispatch_boxes=2,
dispatch_tax_forms_current_year=5,
dispatch_tax_forms_last_year=5,
dispatch_tax_forms_older=0,
dispatch_single_documents=2,
dispatch_cantonal_tax_office=0,
dispatch_cantonal_scan_center=0,
return_date=date(2019, 2, 2),
return_boxes=2,
return_tax_forms_current_year=5,
return_tax_forms_last_year=5,
return_tax_forms_older=0,
return_single_documents=2,
return_unscanned_tax_forms_current_year=0,
return_unscanned_tax_forms_last_year=0,
return_unscanned_tax_forms_older=0,
return_unscanned_single_documents=0,
))
session.add(
ScanJob(
type='normal',
municipality_id=aesch.id,
delivery_number=3,
dispatch_date=date(2019, 1, 7),
dispatch_boxes=1,
dispatch_tax_forms_current_year=10,
dispatch_tax_forms_last_year=10,
dispatch_tax_forms_older=10,
dispatch_single_documents=10,
dispatch_cantonal_tax_office=1,
dispatch_cantonal_scan_center=1,
return_date=date(2019, 1, 10),
return_boxes=1,
return_tax_forms_current_year=7,
return_tax_forms_last_year=7,
return_tax_forms_older=7,
return_single_documents=7,
return_unscanned_tax_forms_current_year=3,
return_unscanned_tax_forms_last_year=3,
return_unscanned_tax_forms_older=3,
return_unscanned_single_documents=3,
))
session.flush()
with freeze_time("2019-12-31 08:07:06"):
invoice = Invoice(session)
def export():
file = StringIO()
invoice.export(file)
file.seek(0)
return file.read()
# All
invoice.municipality_id = None
invoice.from_date = None
invoice.to_date = None
invoice.cs2_user = '******'
invoice.subject = 'Rechnungen'
invoice.accounting_unit = '99999'
invoice.revenue_account = '987654321'
assert export() == (
'201912311;2019-12-31;08.07.06;'
'08882255;'
'00001;'
'08882255;'
'Rechnungen;'
'00001;001;'
'2019-12-31;2019-12-31;2019-12-31;'
'08882255;'
'+00000000000048000;'
'Lieferscheinnummer 1;'
'+00000000070000000;+00000000070000000;'
'1;'
'2019-12-31;'
'Finkenweg;'
'123456;'
'000;'
'99999;'
'987654321'
'\r\n') + ('201912311;2019-12-31;08.07.06;'
'08882255;'
'00002;'
'08882255;'
'Rechnungen;'
'00002;002;'
'2019-12-31;2019-12-31;2019-12-31;'
'08882255;'
'+00000000000010000;'
'Lieferscheinnummer 2;'
'+00000000070000000;+00000000070000000;'
'1;'
'2019-12-31;'
'Finkenweg;'
'123456;'
'000;'
'99999;'
'987654321'
'\r\n') + ('201912312;2019-12-31;08.07.06;'
'09993344;'
'00001;'
'09993344;'
'Rechnungen;'
'00001;001;'
'2019-12-31;2019-12-31;2019-12-31;'
'09993344;'
'+00000000000012000;'
'Lieferscheinnummer 3;'
'+00000000085000000;+00000000085000000;'
'1;'
'2019-12-31;'
'Meisenweg;'
'123456;'
'000;'
'99999;'
'987654321'
'\r\n')
# Filter
invoice.municipality_id = adlikon.id
invoice.from_date = date(2019, 1, 1)
invoice.to_date = date(2019, 1, 7)
invoice.cs2_user = '******'
invoice.subject = 'Rechnungen 1.1-7.1'
invoice.accounting_unit = '99999'
invoice.revenue_account = '987654321'
assert export() == ''
invoice.from_date = date(2019, 1, 7)
invoice.to_date = date(2019, 1, 14)
assert export() == ('201912311;2019-12-31;08.07.06;'
'08882255;'
'00001;'
'08882255;'
'Rechnungen 1.1-7.1;'
'00001;001;'
'2019-12-31;2019-12-31;2019-12-31;'
'08882255;'
'+00000000000010000;'
'Lieferscheinnummer 2;'
'+00000000070000000;+00000000070000000;'
'1;'
'2019-12-31;'
'Finkenweg;'
'123456;'
'000;'
'99999;'
'987654321'
'\r\n')
def test_municipality(session):
session.add(PaymentType(name='normal', _price_per_quantity=700))
session.add(PaymentType(name='spezial', _price_per_quantity=850))
session.add(
Municipality(name='Winterthur',
bfs_number=230,
address_supplement='Zusatz',
gpn_number=1120,
payment_type='normal'))
session.flush()
municipality = session.query(Municipality).one()
assert municipality.name == 'Winterthur'
assert municipality.bfs_number == 230
assert municipality.address_supplement == 'Zusatz'
assert municipality.gpn_number == 1120
assert municipality.price_per_quantity == 7.0
assert not municipality.has_data
municipality.payment_type = 'spezial'
assert municipality.price_per_quantity == 8.5
municipality.payment_type = 'invalid'
assert municipality.price_per_quantity == 0
# PickupDate
session.add(
PickupDate(municipality_id=municipality.id, date=date(2019, 1, 1)))
session.add(
PickupDate(municipality_id=municipality.id, date=date(2019, 1, 7)))
session.add(
PickupDate(municipality_id=municipality.id, date=date(2019, 1, 14)))
session.flush()
session.expire_all()
assert [d.date for d in municipality.pickup_dates
] == [date(2019, 1, 1),
date(2019, 1, 7),
date(2019, 1, 14)]
assert session.query(PickupDate).first().municipality == municipality
assert municipality.has_data
# Contacts
assert municipality.contacts == []
for name, group_id, data in (
('a', municipality.id, None),
('b', municipality.id, {}),
('c', municipality.id, {
'contact': None
}),
('d', municipality.id, {
'contact': False
}),
('e', municipality.id, {
'contact': True
}),
('f', municipality.id, {
'contact': True
}),
('g', None, {
'contact': True
}),
):
session.add(
User(realname=name,
username=f'{name}@example.org',
password_hash='abcd',
role='editor',
group_id=group_id,
data=data))
assert municipality.contacts == ['*****@*****.**', '*****@*****.**']
def add_report_data(session):
data = {
'Adlikon': {
'municipality_id':
uuid4(),
'bfs_number':
21,
'jobs': [
[date(2019, 1, 1), 1, 2, 3,
date(2019, 1, 2), 4],
[date(2019, 1, 2), 3, 2, 1,
date(2019, 1, 3), 1],
]
},
'Aesch': {
'municipality_id':
uuid4(),
'bfs_number':
241,
'jobs': [
[date(2019, 1, 1), 1, 2, 3,
date(2019, 1, 2), 4],
[date(2019, 1, 3), 0, 10, None,
date(2019, 1, 4), None],
]
},
'Altikon': {
'municipality_id': uuid4(),
'bfs_number': 211,
'jobs': [
[date(2019, 1, 2), 1, 2, 3,
date(2019, 1, 2), 4],
]
},
'Andelfingen': {
'municipality_id': uuid4(),
'bfs_number': 30,
'jobs': [
[date(2019, 1, 2), 1, 2, 3,
date(2019, 1, 4), 4],
]
},
}
delivery_number = 1
for name, values in data.items():
session.add(
Municipality(name=name,
id=values['municipality_id'],
bfs_number=values['bfs_number']))
for job in values['jobs']:
double = [2 * v if isinstance(v, int) else v for v in job]
session.add(
ScanJob(
type='normal',
municipality_id=values['municipality_id'],
delivery_number=delivery_number,
dispatch_date=job[0],
dispatch_boxes=job[1],
dispatch_cantonal_tax_office=job[2],
dispatch_cantonal_scan_center=job[3],
dispatch_tax_forms_older=job[1],
dispatch_tax_forms_last_year=job[2],
dispatch_tax_forms_current_year=job[3],
dispatch_single_documents=job[5],
return_tax_forms_older=double[1],
return_tax_forms_last_year=double[2],
return_tax_forms_current_year=double[3],
return_single_documents=double[5],
return_unscanned_tax_forms_older=job[1],
return_unscanned_tax_forms_last_year=job[2],
return_unscanned_tax_forms_current_year=job[3],
return_unscanned_single_documents=job[5],
return_date=job[4],
return_boxes=job[5],
))
delivery_number += 1
session.flush()
session.flush()
def test_scan_job(session):
session.add(Municipality(name='Winterthur', bfs_number=230))
session.flush()
municipality = session.query(Municipality).one()
session.add(
ScanJob(
type='normal',
municipality_id=municipality.id,
delivery_number=1,
dispatch_date=date(2019, 1, 1),
dispatch_note='Dispatch note',
dispatch_boxes=1,
dispatch_tax_forms_current_year=2,
dispatch_tax_forms_last_year=3,
dispatch_tax_forms_older=4,
dispatch_single_documents=5,
dispatch_cantonal_tax_office=6,
dispatch_cantonal_scan_center=7,
return_date=date(2019, 2, 2),
return_note='Return note',
return_boxes=8,
return_tax_forms_current_year=9,
return_tax_forms_last_year=10,
return_tax_forms_older=11,
return_single_documents=12,
return_unscanned_tax_forms_current_year=16,
return_unscanned_tax_forms_last_year=15,
return_unscanned_tax_forms_older=14,
return_unscanned_single_documents=13,
))
session.flush()
scan_job = session.query(ScanJob).one()
assert scan_job.municipality == municipality
assert scan_job.delivery_number == 1
assert scan_job.title.interpolate() == 'Scan job no. 1'
assert scan_job.type == 'normal'
assert scan_job.municipality_id == municipality.id
assert scan_job.dispatch_date == date(2019, 1, 1)
assert scan_job.dispatch_note == 'Dispatch note'
assert scan_job.dispatch_boxes == 1
assert scan_job.dispatch_tax_forms_current_year == 2
assert scan_job.dispatch_tax_forms_last_year == 3
assert scan_job.dispatch_tax_forms_older == 4
assert scan_job.dispatch_tax_forms == 2 + 3 + 4
assert scan_job.dispatch_single_documents == 5
assert scan_job.dispatch_cantonal_tax_office == 6
assert scan_job.dispatch_cantonal_scan_center == 7
assert scan_job.return_date == date(2019, 2, 2)
assert scan_job.return_note == 'Return note'
assert scan_job.return_boxes == 8
assert scan_job.return_tax_forms_current_year == 9
assert scan_job.return_tax_forms_last_year == 10
assert scan_job.return_tax_forms_older == 11
assert scan_job.return_tax_forms == 9 + 10 + 11
assert scan_job.return_single_documents == 12
assert scan_job.return_unscanned_tax_forms_current_year == 16
assert scan_job.return_unscanned_tax_forms_last_year == 15
assert scan_job.return_unscanned_tax_forms_older == 14
assert scan_job.return_unscanned_tax_forms == 16 + 15 + 14
assert scan_job.return_unscanned_single_documents == 13
assert scan_job.return_scanned_tax_forms_current_year == 9 - 16
assert scan_job.return_scanned_tax_forms_last_year == 10 - 15
assert scan_job.return_scanned_tax_forms_older == 11 - 14
assert scan_job.return_scanned_tax_forms == 9 + 10 + 11 - 16 - 15 - 14
assert scan_job.return_scanned_single_documents == 12 - 13
assert session.query(
ScanJob.dispatch_boxes,
ScanJob.dispatch_tax_forms_current_year,
ScanJob.dispatch_tax_forms_last_year,
ScanJob.dispatch_tax_forms_older,
ScanJob.dispatch_tax_forms,
ScanJob.dispatch_single_documents,
ScanJob.dispatch_cantonal_tax_office,
ScanJob.dispatch_cantonal_scan_center,
ScanJob.return_boxes,
ScanJob.return_tax_forms_current_year,
ScanJob.return_tax_forms_last_year,
ScanJob.return_tax_forms_older,
ScanJob.return_tax_forms,
ScanJob.return_single_documents,
ScanJob.return_unscanned_tax_forms_current_year,
ScanJob.return_unscanned_tax_forms_last_year,
ScanJob.return_unscanned_tax_forms_older,
ScanJob.return_unscanned_tax_forms,
ScanJob.return_unscanned_single_documents,
ScanJob.return_scanned_tax_forms_current_year,
ScanJob.return_scanned_tax_forms_last_year,
ScanJob.return_scanned_tax_forms_older,
ScanJob.return_scanned_tax_forms,
ScanJob.return_scanned_single_documents,
).one() == (
1,
2,
3,
4,
2 + 3 + 4,
5,
6,
7,
8,
9,
10,
11,
9 + 10 + 11,
12,
16,
15,
14,
16 + 15 + 14,
13,
9 - 16,
10 - 15,
11 - 14,
9 + 10 + 11 - 16 - 15 - 14,
12 - 13,
)
assert municipality.scan_jobs.one() == scan_job
assert municipality.has_data