def test_manage_user_update(self):
"""
Test the result of org_admin_views.manage_user_update
"""
# make sure that user a is currently member and not admin
self.assertEqual(self.user_a.is_org_member(self.org), True)
self.assertEqual(self.user_a.is_org_admin(self.org), False)
# test #1 - move user a to admin group
request = self.factory.post(
"/org-admin/manage_user/update",
{
"org_id": self.org.id,
"user_id": self.user_a.id,
"group": "admin"
},
)
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_a.is_org_member(self.org), False)
self.assertEqual(self.user_a.is_org_admin(self.org), True)
# test #2 move back to member group
request = self.factory.post(
"/org-admin/manage_user/update",
{
"org_id": self.org.id,
"user_id": self.user_a.id,
"group": "member"
},
)
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_a.is_org_member(self.org), True)
self.assertEqual(self.user_a.is_org_admin(self.org), False)
# test #3 - fail on user that is not currently in org
request = self.factory.post(
"/org-admin/manage_user/update",
{
"org_id": self.org.id,
"user_id": self.user_d.id,
"group": "member"
},
)
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(resp.status_code, 403)
# test #3 - fail on org that you are not an admin of
request = self.factory.post(
"/org-admin/manage_user/update",
{
"org_id": self.org_other.id,
"user_id": self.user_d.id,
"group": "admin"
},
)
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(resp.status_code, 403)
def test_manage_user_update(self):
"""
Test the result of org_admin_views.manage_user_update
"""
# make sure that user a is currently member and not admin
self.assertEqual(self.user_a.is_org_member(self.org), True)
self.assertEqual(self.user_a.is_org_admin(self.org), False)
# test #1 - move user a to admin group
request = self.factory.post("/org-admin/manage_user/update", {
"org_id": self.org.id,
"user_id": self.user_a.id,
"group": "admin"
})
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_a.is_org_member(self.org), False)
self.assertEqual(self.user_a.is_org_admin(self.org), True)
# test #2 move back to member group
request = self.factory.post("/org-admin/manage_user/update", {
"org_id": self.org.id,
"user_id": self.user_a.id,
"group": "member"
})
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_a.is_org_member(self.org), True)
self.assertEqual(self.user_a.is_org_admin(self.org), False)
# test #3 - fail on user that is not currently in org
request = self.factory.post("/org-admin/manage_user/update", {
"org_id": self.org.id,
"user_id": self.user_d.id,
"group": "member"
})
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(resp.status_code, 403)
# test #3 - fail on org that you are not an admin of
request = self.factory.post(
"/org-admin/manage_user/update", {
"org_id": self.org_other.id,
"user_id": self.user_d.id,
"group": "admin"
})
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(resp.status_code, 403)