class RetrieveMotion(TestCase): """ Tests retrieving a motion (with poll results). """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion(title='test_title_uj5eeSiedohSh3ohyaaj', text='test_text_ithohchaeThohmae5aug') self.motion.save() self.motion.create_poll() def test_number_of_queries(self): with self.assertNumQueries(17): self.client.get(reverse('motion-detail', args=[self.motion.pk]))
class CreateMotionPoll(TestCase): """ Tests creating polls of motions. """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion(title='test_title_Aiqueigh2dae9phabiqu', text='test_text_Neekoh3zou6li5rue8iL') self.motion.save() def test_create_first_poll_with_values_then_second_poll_without(self): self.poll = self.motion.create_poll() self.poll.set_vote_objects_with_values(self.poll.get_options().get(), { 'Yes': 42, 'No': 43, 'Abstain': 44 }) response = self.client.post( reverse('motion-create-poll', args=[self.motion.pk])) self.assertEqual(self.motion.polls.count(), 2) response = self.client.get( reverse('motion-detail', args=[self.motion.pk])) for key in ('yes', 'no', 'abstain'): self.assertTrue(response.data['polls'][1][key] is None, 'Vote value "{}" should be None.'.format(key))
class RetrieveMotion(TestCase): """ Tests retrieving a motion (with poll results). """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion( title='test_title_uj5eeSiedohSh3ohyaaj', text='test_text_ithohchaeThohmae5aug') self.motion.save() self.motion.create_poll() def test_number_of_queries(self): with self.assertNumQueries(16): self.client.get(reverse('motion-detail', args=[self.motion.pk]))
class RetrieveMotion(TestCase): """ Tests retrieving a motion (with poll results). """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion( title='test_title_uj5eeSiedohSh3ohyaaj', text='test_text_ithohchaeThohmae5aug') self.motion.save() self.motion.create_poll() def test_number_of_queries(self): with self.assertNumQueries(16): self.client.get(reverse('motion-detail', args=[self.motion.pk])) def test__guest_state_with_required_permission_to_see(self): config['general_system_enable_anonymous'] = True guest_client = APIClient() state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_leeceiz9hi7iuta4ahY2' state.save() response = guest_client.get(reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_admin_state_with_required_permission_to_see(self): state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_coo1Iewu8Eing2xahfoo' state.save() response = self.client.get(reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_submitter_state_with_required_permission_to_see(self): state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_eiW8af9caizoh1thaece' state.save() user = get_user_model().objects.create_user( username='******', password='******') self.motion.submitters.add(user) submitter_client = APIClient() submitter_client.login( username='******', password='******') response = submitter_client.get(reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK)
class UpdateMotionPoll(TestCase): """ Tests updating polls of motions. """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion(title='test_title_Aiqueigh2dae9phabiqu', text='test_text_Neekoh3zou6li5rue8iL') self.motion.save() self.poll = self.motion.create_poll() def test_invalid_votesvalid_value(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), { 'motion_id': self.motion.pk, 'votesvalid': '-3' }) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_invalid_votesinvalid_value(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), { 'motion_id': self.motion.pk, 'votesinvalid': '-3' }) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_invalid_votescast_value(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), { 'motion_id': self.motion.pk, 'votescast': '-3' }) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_empty_value_for_votesvalid(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), { 'motion_id': self.motion.pk, 'votesvalid': '' }) self.assertEqual(response.status_code, status.HTTP_200_OK)
class CreateMotionPoll(TestCase): """ Tests creating polls of motions. """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion( title='test_title_Aiqueigh2dae9phabiqu', text='test_text_Neekoh3zou6li5rue8iL') self.motion.save() def test_create_first_poll_with_values_then_second_poll_without(self): self.poll = self.motion.create_poll() self.poll.set_vote_objects_with_values(self.poll.get_options().get(), {'Yes': 42, 'No': 43, 'Abstain': 44}) response = self.client.post( reverse('motion-create-poll', args=[self.motion.pk])) self.assertEqual(self.motion.polls.count(), 2) response = self.client.get(reverse('motion-detail', args=[self.motion.pk])) for key in ('yes', 'no', 'abstain'): self.assertTrue(response.data['polls'][1][key] is None, 'Vote value "{}" should be None.'.format(key))
class UpdateMotionPoll(TestCase): """ Tests updating polls of motions. """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion( title='test_title_Aiqueigh2dae9phabiqu', text='test_text_Neekoh3zou6li5rue8iL') self.motion.save() self.poll = self.motion.create_poll() def test_invalid_votesvalid_value(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), {'motion_id': self.motion.pk, 'votesvalid': '-3'}) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_invalid_votesinvalid_value(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), {'motion_id': self.motion.pk, 'votesinvalid': '-3'}) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_invalid_votescast_value(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), {'motion_id': self.motion.pk, 'votescast': '-3'}) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) def test_empty_value_for_votesvalid(self): response = self.client.put( reverse('motionpoll-detail', args=[self.poll.pk]), {'motion_id': self.motion.pk, 'votesvalid': ''}) self.assertEqual(response.status_code, status.HTTP_200_OK)
class RetrieveMotion(TestCase): """ Tests retrieving a motion (with poll results). """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion(title='test_title_uj5eeSiedohSh3ohyaaj', text='test_text_ithohchaeThohmae5aug') self.motion.save() self.motion.create_poll() for index in range(10): get_user_model().objects.create_user( username='******'.format(index), password='******') def test_number_of_queries(self): """ Tests that only the following db queries are done: * 7 requests to get the session and the request user with its permissions (3 of them are possibly a bug) * 1 request to get the motion, * 1 request to get the version, * 1 request to get the agenda item, * 1 request to get the log, * 3 request to get the polls (1 of them is possibly a bug), * 1 request to get the attachments, * 1 request to get the tags, * 2 requests to get the submitters and supporters. TODO: Fix all bugs. """ get_redis_connection('default').flushall() with self.assertNumQueries(18): self.client.get(reverse('motion-detail', args=[self.motion.pk])) def test_guest_state_with_required_permission_to_see(self): config['general_system_enable_anonymous'] = True guest_client = APIClient() state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_leeceiz9hi7iuta4ahY2' state.save() # The cache has to be cleared, see: # https://github.com/OpenSlides/OpenSlides/issues/3396 get_redis_connection('default').flushall() response = guest_client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_admin_state_with_required_permission_to_see(self): state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_coo1Iewu8Eing2xahfoo' state.save() response = self.client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_submitter_state_with_required_permission_to_see(self): state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_eiW8af9caizoh1thaece' state.save() user = get_user_model().objects.create_user( username='******', password='******') self.motion.submitters.add(user) submitter_client = APIClient() submitter_client.force_login(user) response = submitter_client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_user_without_can_see_user_permission_to_see_motion_and_submitter_data( self): self.motion.submitters.add( get_user_model().objects.get(username='******')) group = Group.objects.get( pk=1) # Group with pk 1 is for anonymous and default users. permission_string = 'users.can_see_name' app_label, codename = permission_string.split('.') permission = group.permissions.get(content_type__app_label=app_label, codename=codename) group.permissions.remove(permission) config['general_system_enable_anonymous'] = True guest_client = APIClient() get_redis_connection('default').flushall() response_1 = guest_client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response_1.status_code, status.HTTP_200_OK) response_2 = guest_client.get( reverse('user-detail', args=[response_1.data['submitters_id'][0]])) self.assertEqual(response_2.status_code, status.HTTP_200_OK) extra_user = get_user_model().objects.create_user( username='******', password='******') get_redis_connection('default').flushall() response_3 = guest_client.get( reverse('user-detail', args=[extra_user.pk])) self.assertEqual(response_3.status_code, status.HTTP_403_FORBIDDEN)
class RetrieveMotion(TestCase): """ Tests retrieving a motion (with poll results). """ def setUp(self): self.client = APIClient() self.client.login(username='******', password='******') self.motion = Motion(title='test_title_uj5eeSiedohSh3ohyaaj', text='test_text_ithohchaeThohmae5aug') self.motion.save() self.motion.create_poll() @use_cache() def test_number_of_queries(self): with self.assertNumQueries(18): self.client.get(reverse('motion-detail', args=[self.motion.pk])) def test_guest_state_with_required_permission_to_see(self): config['general_system_enable_anonymous'] = True guest_client = APIClient() state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_leeceiz9hi7iuta4ahY2' state.save() response = guest_client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) def test_admin_state_with_required_permission_to_see(self): state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_coo1Iewu8Eing2xahfoo' state.save() response = self.client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_submitter_state_with_required_permission_to_see(self): state = self.motion.state state.required_permission_to_see = 'permission_that_the_user_does_not_have_eiW8af9caizoh1thaece' state.save() user = get_user_model().objects.create_user( username='******', password='******') self.motion.submitters.add(user) submitter_client = APIClient() submitter_client.force_login(user) response = submitter_client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response.status_code, status.HTTP_200_OK) def test_user_without_can_see_user_permission_to_see_motion_and_submitter_data( self): self.motion.submitters.add( get_user_model().objects.get(username='******')) group = get_user_model().groups.field.related_model.objects.get( pk=1) # Group with pk 1 is for anonymous and default users. permission_string = 'users.can_see_name' app_label, codename = permission_string.split('.') permission = group.permissions.get(content_type__app_label=app_label, codename=codename) group.permissions.remove(permission) config['general_system_enable_anonymous'] = True guest_client = APIClient() response_1 = guest_client.get( reverse('motion-detail', args=[self.motion.pk])) self.assertEqual(response_1.status_code, status.HTTP_200_OK) response_2 = guest_client.get( reverse('user-detail', args=[response_1.data['submitters_id'][0]])) self.assertEqual(response_2.status_code, status.HTTP_200_OK) extra_user = get_user_model().objects.create_user( username='******', password='******') response_3 = guest_client.get( reverse('user-detail', args=[extra_user.pk])) self.assertEqual(response_3.status_code, status.HTTP_403_FORBIDDEN)