def test_staff_html(self):
"""Interventions can customize the staff text """
client = self.add_client()
intervention = INTERVENTION.sexual_recovery
client.intervention = intervention
ui = UserIntervention(
user_id=TEST_USER_ID,
intervention_id=intervention.id)
ui.staff_html = "Custom text for <i>staff</i>"
with SessionScope(db):
db.session.add(ui)
db.session.commit()
self.bless_with_basics()
self.login()
self.promote_user(role_name=ROLE.INTERVENTION_STAFF.value)
# This test requires PATIENT_LIST_ADDL_FIELDS includes the
# 'reports' field
self.app.config['PATIENT_LIST_ADDL_FIELDS'] = ['reports']
response = self.client.get('/patients/')
ui = db.session.merge(ui)
results = response.get_data(as_text=True)
assert ui.staff_html in results
def test_staff_html(self):
"""Interventions can customize the staff text """
client = self.add_client()
intervention = INTERVENTION.sexual_recovery
client.intervention = intervention
ui = UserIntervention(user_id=TEST_USER_ID,
intervention_id=intervention.id)
ui.staff_html = "Custom text for <i>staff</i>"
with SessionScope(db):
db.session.add(ui)
db.session.commit()
self.bless_with_basics()
self.login()
self.promote_user(role_name=ROLE.STAFF.value)
self.promote_user(role_name=ROLE.PATIENT.value)
# This test requires PATIENT_LIST_ADDL_FIELDS includes the
# 'reports' field
self.app.config['PATIENT_LIST_ADDL_FIELDS'] = [
'reports']
rv = self.client.get('/patients/')
ui = db.session.merge(ui)
results = unicode(rv.data, 'utf-8')
self.assertIn(ui.staff_html, results)
def test_user_card_html(self):
"""Interventions can further customize per user"""
client = self.add_client()
intervention = INTERVENTION.DECISION_SUPPORT_P3P
intervention.public_access = True # make the card avail for the test
client.intervention = intervention
ui = UserIntervention(
user_id=TEST_USER_ID, intervention_id=intervention.id)
ui.card_html = "<b>Bold Card Text</b>"
ui.link_label = "Custom User Label"
ui.link_url = 'http://example.com/?test=param1'
with SessionScope(db):
db.session.add(ui)
db.session.commit()
self.login()
self.add_required_clinical_data()
self.bless_with_basics(make_patient=False)
user = db.session.merge(self.test_user)
response = self.client.get('/home')
assert response.status_code == 200
ui = db.session.merge(ui)
assert ui.card_html in response.get_data(as_text=True)
assert ui.link_label in response.get_data(as_text=True)
assert ui.link_url in response.get_data(as_text=True)
intervention = db.session.merge(intervention)
assert (
intervention.display_for_user(user).link_label
in response.get_data(as_text=True))
def test_user_card_html(self):
"""Interventions can further customize per user"""
client = self.add_client()
intervention = INTERVENTION.DECISION_SUPPORT_P3P
intervention.public_access = True # make the card avail for the test
client.intervention = intervention
ui = UserIntervention(user_id=TEST_USER_ID,
intervention_id=intervention.id)
ui.card_html = "<b>Bold Card Text</b>"
ui.link_label = "Custom User Label"
ui.link_url = 'http://example.com/?test=param1'
with SessionScope(db):
db.session.add(ui)
db.session.commit()
self.login()
self.add_required_clinical_data()
self.bless_with_basics(make_patient=False)
user = db.session.merge(self.test_user)
response = self.client.get('/home')
assert response.status_code == 200
ui = db.session.merge(ui)
assert ui.card_html in response.get_data(as_text=True)
assert ui.link_label in response.get_data(as_text=True)
assert ui.link_url in response.get_data(as_text=True)
intervention = db.session.merge(intervention)
assert (intervention.display_for_user(user).link_label
in response.get_data(as_text=True))
def test_user_card_html(self):
"""Interventions can further customize per user"""
client = self.add_client()
intervention = INTERVENTION.DECISION_SUPPORT_P3P
intervention.public_access = True # make the card avail for the test
client.intervention = intervention
ui = UserIntervention(user_id=TEST_USER_ID,
intervention_id=intervention.id)
ui.card_html = "<b>Bold Card Text</b>"
ui.link_label = "Custom User Label"
ui.link_url = 'http://example.com/?test=param1'
with SessionScope(db):
db.session.add(ui)
db.session.commit()
self.login()
self.add_required_clinical_data()
self.bless_with_basics()
user = db.session.merge(self.test_user)
rv = self.client.get('/home')
self.assert200(rv)
ui = db.session.merge(ui)
self.assertIn(ui.card_html, rv.data.decode('utf-8'))
self.assertIn(ui.link_label, rv.data.decode('utf-8'))
self.assertIn(ui.link_url, rv.data.decode('utf-8'))
intervention = db.session.merge(intervention)
self.assertIn(intervention.display_for_user(user).link_label, rv.data.decode('utf-8'))
def test_public_access(self):
"""Interventions w/o public access should be hidden"""
client = self.add_client()
intervention = INTERVENTION.sexual_recovery
client.intervention = intervention
intervention.public_access = False
self.login()
self.add_required_clinical_data()
self.bless_with_basics()
rv = self.client.get('/home')
self.assertNotIn('Sexual Recovery', rv.data)
# now give just the test user access
intervention = db.session.merge(intervention)
ui = UserIntervention(user_id=TEST_USER_ID,
intervention_id=intervention.id,
access="granted")
with SessionScope(db):
db.session.add(ui)
db.session.commit()
rv = self.client.get('/home')
self.assertIn('Sexual Recovery', rv.data)
def test_get_user_intervention(self):
intervention_id = INTERVENTION.SEXUAL_RECOVERY.id
ui = UserIntervention(intervention_id=intervention_id,
user_id=TEST_USER_ID,
access='granted',
card_html='custom ch',
link_label='link magic',
link_url='http://example.com',
status_text='status example',
staff_html='custom ph')
with SessionScope(db):
db.session.add(ui)
db.session.commit()
self.login()
rv = self.client.get('/api/intervention/{i}/user/{u}'.format(
i=INTERVENTION.SEXUAL_RECOVERY.name, u=TEST_USER_ID))
self.assert200(rv)
self.assertEquals(len(rv.json.keys()), 7)
self.assertEquals(rv.json['user_id'], TEST_USER_ID)
self.assertEquals(rv.json['access'], 'granted')
self.assertEquals(rv.json['card_html'], "custom ch")
self.assertEquals(rv.json['link_label'], "link magic")
self.assertEquals(rv.json['link_url'], "http://example.com")
self.assertEquals(rv.json['status_text'], "status example")
self.assertEquals(rv.json['staff_html'], "custom ph")
def test_SR_timeout(self):
# SR users get 1 hour
ui = UserIntervention(user_id=TEST_USER_ID,
intervention_id=INTERVENTION.SEXUAL_RECOVERY.id)
with SessionScope(db):
db.session.add(ui)
db.session.commit()
self.login()
response = self.client.get('/next-after-login', follow_redirects=False)
cookies = SimpleCookie()
[
cookies.load(item[1]) for item in response.headers
if item[0] == 'Set-Cookie'
]
assert int(cookies['SS_INACTIVITY_TIMEOUT'].value) == 60 * 60
def test_exclusive_stategy(self):
"""Test exclusive intervention strategy"""
user = self.test_user
ds_p3p = INTERVENTION.DECISION_SUPPORT_P3P
ds_wc = INTERVENTION.DECISION_SUPPORT_WISERCARE
ds_p3p.public_access = False
ds_wc.public_access = False
with SessionScope(db):
d = {
'function': 'allow_if_not_in_intervention',
'kwargs': [{
'name': 'intervention_name',
'value': ds_wc.name
}]
}
strat = AccessStrategy(name="exclusive decision support strategy",
intervention_id=ds_p3p.id,
function_details=json.dumps(d))
db.session.add(strat)
db.session.commit()
user, ds_p3p, ds_wc = map(db.session.merge, (user, ds_p3p, ds_wc))
# Prior to associating user w/ decision support, the strategy
# should give access to p3p
self.assertTrue(ds_p3p.display_for_user(user).access)
self.assertFalse(ds_wc.display_for_user(user).access)
# Add user to wisercare, confirm it's the only w/ access
ui = UserIntervention(user_id=user.id,
intervention_id=ds_wc.id,
access='granted')
with SessionScope(db):
db.session.add(ui)
db.session.commit()
user, ds_p3p, ds_wc = map(db.session.merge, (user, ds_p3p, ds_wc))
self.assertFalse(ds_p3p.display_for_user(user).access)
self.assertTrue(ds_wc.display_for_user(user).access)
def test_and_strats(self):
# Create a logical 'and' with multiple strategies
ds_p3p = INTERVENTION.DECISION_SUPPORT_P3P
ds_p3p.public_access = False
user = self.test_user
identifier = Identifier(value='decision_support_p3p',
system=DECISION_SUPPORT_GROUP)
uw = Organization(name='UW Medicine (University of Washington)')
uw.identifiers.append(identifier)
INTERVENTION.SEXUAL_RECOVERY.public_access = False
with SessionScope(db):
db.session.add(uw)
db.session.commit()
user, uw = map(db.session.merge, (user, uw))
uw_child = Organization(name='UW clinic', partOf_id=uw.id)
with SessionScope(db):
db.session.add(uw_child)
db.session.commit()
user, uw, uw_child = map(db.session.merge, (user, uw, uw_child))
d = {
'name':
'not in SR _and_ in clinc UW',
'function':
'combine_strategies',
'kwargs': [{
'name': 'strategy_1',
'value': 'allow_if_not_in_intervention'
}, {
'name':
'strategy_1_kwargs',
'value': [{
'name': 'intervention_name',
'value': INTERVENTION.SEXUAL_RECOVERY.name
}]
}, {
'name': 'strategy_2',
'value': 'limit_by_clinic_w_id'
}, {
'name':
'strategy_2_kwargs',
'value': [{
'name': 'identifier_value',
'value': 'decision_support_p3p'
}]
}]
}
with SessionScope(db):
strat = AccessStrategy(
name=d['name'],
intervention_id=INTERVENTION.DECISION_SUPPORT_P3P.id,
function_details=json.dumps(d))
db.session.add(strat)
db.session.commit()
user, ds_p3p = map(db.session.merge, (user, ds_p3p))
# first strat true, second false. therfore, should be False
self.assertFalse(ds_p3p.display_for_user(user).access)
# Add the child organization to the user, which should be included
# due to default behavior of limit_by_clinic_w_id
user.organizations.append(uw_child)
with SessionScope(db):
db.session.commit()
user, ds_p3p = map(db.session.merge, (user, ds_p3p))
# first strat true, second true. therfore, should be True
self.assertTrue(ds_p3p.display_for_user(user).access)
ui = UserIntervention(user_id=user.id,
intervention_id=INTERVENTION.SEXUAL_RECOVERY.id,
access='granted')
with SessionScope(db):
db.session.add(ui)
db.session.commit()
user, ds_p3p = map(db.session.merge, (user, ds_p3p))
# first strat true, second false. AND should be false
self.assertFalse(ds_p3p.display_for_user(user).access)
def test_not_in_role_or_sr(self):
user = self.test_user
sm = INTERVENTION.SELF_MANAGEMENT
sr = INTERVENTION.SEXUAL_RECOVERY
sm.public_access = False
sr.public_access = False
d = {
'function':
'combine_strategies',
'kwargs': [{
'name': 'strategy_1',
'value': 'allow_if_not_in_intervention'
}, {
'name':
'strategy_1_kwargs',
'value': [{
'name': 'intervention_name',
'value': INTERVENTION.SEXUAL_RECOVERY.name
}]
}, {
'name': 'strategy_2',
'value': 'not_in_role_list'
}, {
'name':
'strategy_2_kwargs',
'value': [{
'name': 'role_list',
'value': [ROLE.WRITE_ONLY]
}]
}]
}
with SessionScope(db):
strat = AccessStrategy(
name="SELF_MANAGEMENT if not SR and not in WRITE_ONLY",
intervention_id=sm.id,
function_details=json.dumps(d))
# print json.dumps(strat.as_json(), indent=2)
db.session.add(strat)
db.session.commit()
user, sm, sr = map(db.session.merge, (user, sm, sr))
# Prior to granting user WRITE_ONLY role, the strategy
# should give access to p3p
self.assertTrue(sm.display_for_user(user).access)
# Add WRITE_ONLY to user's roles
add_role(user, ROLE.WRITE_ONLY)
with SessionScope(db):
db.session.commit()
user, sm, sr = map(db.session.merge, (user, sm, sr))
self.assertFalse(sm.display_for_user(user).access)
# Revert role change for next condition
user.roles = []
with SessionScope(db):
db.session.commit()
user, sm, sr = map(db.session.merge, (user, sm, sr))
self.assertTrue(sm.display_for_user(user).access)
# Grant user sr access, they should lose sm visibility
ui = UserIntervention(user_id=user.id,
intervention_id=INTERVENTION.SEXUAL_RECOVERY.id,
access='granted')
with SessionScope(db):
db.session.add(ui)
db.session.commit()
user, sm, sr = map(db.session.merge, (user, sm, sr))
self.assertFalse(sm.display_for_user(user).access)