def test_post_request_public_empty_party_data(self): self.app.authorization = ("Basic", (self.public_name, self.public_pass)) response = self.app.post_json( "/requests", { "data": { "tenderId": "f" * 32, "description": "Yo-ho-ho", "violationType": VIOLATION_TYPE_CHOICES, "parties": [{}], "documents": [ { "title": "doc.txt", "url": self.generate_docservice_url(), "hash": "md5:" + "0" * 32, "format": "plain/text", }, ], } }, status=422, ) self.assertEqual( { ("body", "parties", "name"), ("body", "parties", "address"), ("body", "parties", "contactPoint"), }, set(get_errors_field_names(response, "This field is required.")), )
def test_post_inspection_sas_empty_body(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/inspections', {}, status=422) self.assertEqual({('body', 'data')}, set( get_errors_field_names(response, "Data not available")))
def test_monitoring_owner_answer_post_by_tender_owner_multiple( self, mock_api_client): mock_api_client.return_value.extract_credentials.return_value = { 'data': { 'tender_token': sha512('tender_token').hexdigest() } } response = self.app.post_json( '/monitorings/{}/posts'.format(self.monitoring_id), { 'data': { 'title': 'Lorem ipsum', 'description': 'Lorem ipsum dolor sit amet', 'documents': [{ 'title': 'lorem.doc', 'url': self.generate_docservice_url(), 'hash': 'md5:' + '0' * 32, 'format': 'application/msword', }] } }) post_id = response.json['data']['id'] self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.patch_json( '/monitorings/{}/credentials?acc_token={}'.format( self.monitoring_id, 'tender_token')) tender_owner_token = response.json['access']['token'] response = self.app.post_json( '/monitorings/{}/posts?acc_token={}'.format( self.monitoring_id, tender_owner_token), { 'data': { 'title': 'Lorem ipsum', 'description': 'Gotcha', 'relatedPost': post_id } }) self.assertEqual(response.status_code, 201) self.assertEqual(response.content_type, 'application/json') response = self.app.post_json( '/monitorings/{}/posts?acc_token={}'.format( self.monitoring_id, tender_owner_token), { 'data': { 'title': 'Lorem ipsum', 'description': 'Gotcha', 'relatedPost': post_id } }, status=422) self.assertEqual( ('body', 'posts', 'relatedPost'), next( get_errors_field_names(response, 'relatedPost must be unique.')))
def test_tender_owner_answer_post_by_tender_owner(self, mock_api_client): mock_api_client.return_value.extract_credentials.return_value = { 'data': {'tender_token': sha512(b'tender_token').hexdigest()} } self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.patch_json( '/monitorings/{}/credentials?acc_token={}'.format(self.monitoring_id, 'tender_token') ) tender_owner_token = response.json['access']['token'] response = self.app.post_json( '/monitorings/{}/posts?acc_token={}'.format(self.monitoring_id, tender_owner_token), {'data': { 'title': 'Lorem ipsum', 'description': 'Lorem ipsum dolor sit amet' }}) post_id = response.json['data']['id'] response = self.app.post_json( '/monitorings/{}/posts?acc_token={}'.format(self.monitoring_id, tender_owner_token), {'data': { 'title': 'It’s a trap!', 'description': 'The Force will be with you. Always.', 'relatedPost': post_id }}, status=422) self.assertEqual(response.content_type, 'application/json') self.assertEqual( ('body', 'posts', 'relatedPost'), next(get_errors_field_names(response, 'relatedPost can\'t have the same author.')))
def test_monitoring_owner_answer_post_by_monitoring_owner(self): response = self.app.post_json( '/monitorings/{}/posts'.format(self.monitoring_id), { 'data': { 'title': 'Lorem ipsum', 'description': 'Lorem ipsum dolor sit amet' } }) post_id = response.json['data']['id'] self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/monitorings/{}/posts'.format( self.monitoring_id), { 'data': { 'title': 'It’s a trap!', 'description': 'Enemy Ships in Sector 47!', 'relatedPost': post_id } }, status=422) self.assertEqual(response.content_type, 'application/json') self.assertEqual(('body', 'posts', 'relatedPost'), next( get_errors_field_names( response, 'relatedPost can\'t have the same author.')))
def test_success_update_party_resolution_party_id_not_exists(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) request_data = { "result": "partly", "resultByType": { "corruptionProcurementMethodType": "eliminated", "corruptionAwarded": "not_eliminated", }, "description": "Do you have spare crutches?", "relatedParty": "Party with the devil" } response = self.app.patch_json( '/monitorings/{}'.format(self.monitoring_id), {"data": { "eliminationResolution": request_data, }}, status=422) self.assertEqual(response.status_code, 422) self.assertEqual(response.content_type, 'application/json') self.assertEqual(('body', 'eliminationResolution', 'relatedParty'), next( get_errors_field_names( response, 'relatedParty should be one of parties.')))
def test_post_create_in_non_allowed_status(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.patch_json( '/monitorings/{}'.format(self.monitoring_id), {'data': { 'status': 'closed', }}) self.assertEqual(response.status_code, 200) self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/monitorings/{}/posts'.format( self.monitoring_id), { 'data': { 'title': 'Lorem ipsum', 'description': 'Lorem ipsum dolor sit amet' } }, status=403) self.assertEqual(response.status_code, 403) self.assertEqual( ('body', 'data'), next( get_errors_field_names( response, 'Can\'t add post in current closed monitoring status.')))
def test_post_monitoring_sas_empty_data(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/monitorings', {"data": {}}, status=422) self.assertEqual( {('body', "reasons"), ('body', "tender_id"), ('body', "procuringStages")}, set(get_errors_field_names(response, 'This field is required.')))
def test_post_request_public_empty_body(self): self.app.authorization = ("Basic", (self.public_name, self.public_pass)) response = self.app.post_json("/requests", {}, status=422) self.assertEqual( {("body", "data")}, set(get_errors_field_names(response, "Data not available")), )
def test_patch_without_decision(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.patch_json( '/monitorings/{}'.format(self.monitoring_id), {"data": {"status": "active"}}, status=422 ) self.assertEqual(('body', 'decision'), next(get_errors_field_names(response, 'This field is required.')))
def test_patch_to_stopped_with_no_report(self): response = self.app.patch_json( '/monitorings/{}'.format(self.monitoring_id), {"data": { "status": "stopped" }}, status=422 ) self.assertEqual(('body', 'cancellation'), next(get_errors_field_names(response, 'This field is required.')))
def test_two_answers_in_a_row(self, mock_api_client): mock_api_client.return_value.extract_credentials.return_value = { 'data': { 'tender_token': sha512('tender_token').hexdigest() } } self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.patch_json( '/monitorings/{}/credentials?acc_token={}'.format( self.monitoring_id, 'tender_token')) tender_owner_token = response.json['access']['token'] response = self.app.post_json( '/monitorings/{}/posts?acc_token={}'.format( self.monitoring_id, tender_owner_token), { 'data': { 'title': 'It\'s a trap!', 'description': 'Enemy Ships in Sector 47!', } }) post_id = response.json['data']['id'] self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/monitorings/{}/posts'.format( self.monitoring_id, post_id), { 'data': { 'title': 'It\'s a trap!', 'description': 'The Force will be with you. Always.', 'relatedPost': post_id } }, status=201) self.assertEqual(response.content_type, 'application/json') answer_id = response.json['data']['id'] self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.post_json( '/monitorings/{}/posts?acc_token={}'.format( self.monitoring_id, tender_owner_token), { 'data': { 'title': 'It\'s a trap!', 'description': 'Enemy Ships in Sector 47!', 'relatedPost': answer_id } }, status=422) self.assertEqual(response.content_type, 'application/json') self.assertEqual( ('body', 'relatedPost'), next( get_errors_field_names( response, 'relatedPost can\'t be have relatedPost defined.')))
def test_patch_to_addressed_with_no_conclusion(self): response = self.app.patch_json( '/monitorings/{}'.format(self.monitoring_id), {"data": { "status": "addressed", }}, status=422 ) self.assertEqual(('body', 'conclusion'), next(get_errors_field_names(response, 'This field is required.')))
def test_credentials_no_access_token(self): self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.patch_json( '/monitorings/{}/credentials'.format(self.monitoring_id), status=403 ) self.assertEqual(response.status_code, 403) self.assertEqual(response.content_type, 'application/json') self.assertEqual(('body', 'data'), next(get_errors_field_names(response, 'No access token was provided.')))
def test_post_create_required_fields(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/monitorings/{}/posts'.format( self.monitoring_id), {'data': {}}, status=422) self.assertEqual(response.status_code, 422) self.assertEqual(response.content_type, 'application/json') self.assertEqual( {('body', 'title'), ('body', 'description')}, set(get_errors_field_names(response, 'This field is required.')))
def test_answer_to_non_existent_question(self): response = self.app.post_json( '/monitorings/{}/posts'.format(self.monitoring_id), {'data': { 'title': 'Lorem ipsum', 'description': 'Gotcha', 'relatedPost': 'some_non_existent_id' }}, status=422) self.assertEqual(response.content_type, 'application/json') self.assertEqual( ('body', 'relatedPost'), next(get_errors_field_names(response, 'relatedPost should be one of posts of current monitoring.')))
def test_credentials_no_tender(self, client_class_mock): client_class_mock.return_value.extract_credentials.side_effect = ResourceError(mock.Mock(status_code=404)) self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.patch_json( '/monitorings/{}/credentials?acc_token={}'.format(self.monitoring_id, 'tender_token'), status=403 ) self.assertEqual(response.content_type, 'application/json') self.assertEqual( ('body', 'data'), next(get_errors_field_names(response, 'Tender {} not found'.format("f" * 32))))
def test_post_request_public_empty_data(self): self.app.authorization = ("Basic", (self.public_name, self.public_pass)) response = self.app.post_json("/requests", {"data": {}}, status=422) self.assertEqual( { ("body", "description"), ("body", "violationType"), ("body", "parties"), ("body", "tenderId"), ("body", "documents"), }, set(get_errors_field_names(response, "This field is required.")), )
def test_monitoring_owner_answer_post_for_not_unique_id(self, mock_api_client): mock_api_client.return_value.extract_credentials.return_value = { 'data': {'tender_token': sha512(b'tender_token').hexdigest()} } with mock.patch('openprocurement.audit.monitoring.models.uuid4', mock.Mock(return_value=mock.Mock(hex='f'*32))): self.app.post_json( '/monitorings/{}/posts'.format(self.monitoring_id), {'data': { 'title': 'Lorem ipsum', 'description': 'Lorem ipsum dolor sit amet', 'documents': [{ 'title': 'lorem.doc', 'url': self.generate_docservice_url(), 'hash': 'md5:' + '0' * 32, 'format': 'application/msword', }] }}) response = self.app.post_json( '/monitorings/{}/posts'.format(self.monitoring_id), {'data': { 'title': 'Lorem ipsum', 'description': 'Lorem ipsum dolor sit amet', 'documents': [{ 'title': 'lorem.doc', 'url': self.generate_docservice_url(), 'hash': 'md5:' + '0' * 32, 'format': 'application/msword', }] }}) post_id = response.json['data']['id'] self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.patch_json( '/monitorings/{}/credentials?acc_token={}'.format(self.monitoring_id, 'tender_token') ) tender_owner_token = response.json['access']['token'] response = self.app.post_json( '/monitorings/{}/posts?acc_token={}'.format(self.monitoring_id, tender_owner_token), {'data': { 'title': 'Lorem ipsum', 'description': 'Gotcha', 'relatedPost': post_id }}, status=422) self.assertEqual( ('body', 'relatedPost'), next(get_errors_field_names(response, 'relatedPost can\'t be a link to more than one post.')))
def test_dialogue_party_create_party_id_not_exists(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json( '/monitorings/{}/parties'.format(self.monitoring_id), {'data': self.initial_party}) self.assertEqual(response.status_code, 201) self.assertEqual(response.content_type, 'application/json') party_id = response.json['data']['id'] response = self.app.get('/monitorings/{}/parties/{}'.format( self.monitoring_id, party_id)) self.assertEqual(response.status_code, 200) self.assertEqual(response.content_type, 'application/json') self.assertEqual( response.json['data']['name'], "The State Audit Service of Ukraine", ) self.assertEqual(response.json['data']['roles'], ['sas']) response = self.app.post_json('/monitorings/{}/posts'.format( self.monitoring_id), { "data": { "title": "Lorem ipsum", "description": "Lorem ipsum dolor sit amet.", "documents": [{ 'title': 'ipsum.doc', 'url': self.generate_docservice_url(), 'hash': 'md5:' + '0' * 32, 'format': 'application/msword', }], "relatedParty": "Party with the devil" } }, status=422) self.assertEqual(response.status_code, 422) self.assertEqual(response.content_type, 'application/json') self.assertEqual(('body', 'relatedParty'), next( get_errors_field_names( response, 'relatedParty should be one of parties.')))
def test_party_create_required_fields(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/monitorings/{}/parties'.format( self.monitoring_id), {'data': {}}, status=422) self.assertEqual(response.status_code, 422) self.assertEqual(response.content_type, 'application/json') self.assertEqual( { ('body', 'contactPoint'), ('body', 'identifier'), ('body', 'name'), ('body', 'address'), }, set(get_errors_field_names(response, 'This field is required.')))
def test_credentials_no_tender(self, mock_request): mock_request.return_value = mock.MagicMock(status_int=404) self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) response = self.app.patch_json( '/monitorings/{}/credentials?acc_token={}'.format( self.monitoring_id, 'tender_token'), status=403) self.assertEqual(response.status_code, 403) self.assertEqual(response.content_type, 'application/json') self.assertEqual(('body', 'data'), next( get_errors_field_names( response, 'Tender {} not found'.format("f" * 32))))
def test_fail_post_elimination_report_when_not_in_addressed_state(self): self.app.authorization = ('Basic', (self.broker_name, self.broker_pass)) request_data = { "description": "Five pint, six pint, seven pint, flour." } response = self.app.put_json( '/monitorings/{}/eliminationReport?acc_token={}'.format( self.monitoring_id, self.tender_owner_token), {"data": request_data}, status=422) self.assertEqual( ('body', 'eliminationReport'), next( get_errors_field_names( response, 'Can\'t update in current active monitoring status.')))
def test_conclusion_party_create_party_id_not_exists(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.patch_json( '/monitorings/{}'.format(self.monitoring_id), {"data": { "conclusion": { "violationOccurred": False, "relatedParty": "Party with the devil" } }}, status=422 ) self.assertEqual(response.status_code, 422) self.assertEqual(response.content_type, 'application/json') self.assertEqual( ('body', 'conclusion', 'relatedParty'), next(get_errors_field_names(response, 'relatedParty should be one of parties.')))
def test_document_upload_forbidden(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.patch_json( '/monitorings/{}'.format(self.monitoring_id), {'data': self.test_monitoring_activation_data}) self.assertEqual(response.status_code, 200) self.assertEqual(response.content_type, 'application/json') response = self.app.post_json( '/monitorings/{}/decision/documents'.format(self.monitoring_id), {'data': self.test_docservice_document_data}, status=403) self.assertEqual(response.status_code, 403) self.assertEqual(response.content_type, 'application/json') self.assertEqual( ('body', 'data'), next( get_errors_field_names( response, 'Can\'t add document in current active monitoring status.') ))
def test_dialogue_party_create_party_id_not_exists(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) decision_date = (datetime.now(TZ) - timedelta(days=2)) response = self.app.patch_json('/monitorings/{}'.format( self.monitoring_id), { "data": { "decision": { "description": "text", "date": decision_date.isoformat(), "relatedParty": "Party with the devil" } } }, status=422) self.assertEqual(response.status_code, 422) self.assertEqual(response.content_type, 'application/json') self.assertEqual(('body', 'decision', 'relatedParty'), next( get_errors_field_names( response, 'relatedParty should be one of parties.')))
def test_post_inspection_sas_empty_data(self): self.app.authorization = ('Basic', (self.sas_name, self.sas_pass)) response = self.app.post_json('/inspections', {"data": {}}, status=422) self.assertEqual( {('body', "monitoring_ids"), ('body', "description")}, set(get_errors_field_names(response, 'This field is required.')))