def test_for_user(): user = UserFactory.create() portfolio = PortfolioFactory.create() for _x in range(4): ApplicationFactory.create(portfolio=portfolio) ApplicationRoleFactory.create( application=portfolio.applications[0], user=user, status=ApplicationRoleStatus.ACTIVE, ) ApplicationRoleFactory.create( application=portfolio.applications[1], user=user, status=ApplicationRoleStatus.ACTIVE, ) ApplicationRoleFactory.create( application=portfolio.applications[2], user=user, status=ApplicationRoleStatus.PENDING, ) assert len(portfolio.applications) == 4 user_applications = Applications.for_user(user, portfolio) assert len(user_applications) == 2
def test_update_does_not_duplicate_names_within_portfolio(): portfolio = PortfolioFactory.create() name = "An Awesome Application" application = ApplicationFactory.create(portfolio=portfolio, name=name) dupe_application = ApplicationFactory.create(portfolio=portfolio) with pytest.raises(AlreadyExistsError): Applications.update(dupe_application, {"name": name})
def test_portfolio_audit_log_only_includes_current_portfolio_events(): owner = UserFactory.create() portfolio = PortfolioFactory.create(owner=owner) other_portfolio = PortfolioFactory.create(owner=owner) # Add some audit events application_1 = ApplicationFactory.create(portfolio=portfolio) application_2 = ApplicationFactory.create(portfolio=other_portfolio) events = AuditLog.get_portfolio_events(portfolio) for event in events: assert event.portfolio_id == portfolio.id assert (not event.portfolio_id == other_portfolio.id or event.resource_id == other_portfolio.id)
def test_invite(): application = ApplicationFactory.create() env1 = EnvironmentFactory.create(application=application) env2 = EnvironmentFactory.create(application=application) user_data = UserFactory.dictionary() permission_sets_names = [PermissionSets.EDIT_APPLICATION_TEAM] invitation = Applications.invite( application=application, inviter=application.portfolio.owner, user_data=user_data, permission_sets_names=permission_sets_names, environment_roles_data=[ { "environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value }, { "environment_id": env2.id, "role": None }, ], ) member_role = invitation.role assert invitation.dod_id == user_data["dod_id"] # view application AND edit application team assert len(member_role.permission_sets) == 2 env_roles = member_role.environment_roles assert len(env_roles) == 1 assert env_roles[0].environment == env1
def test_get_portfolio_events_includes_app_and_env_events(): owner = UserFactory.create() # add portfolio level events portfolio = PortfolioFactory.create(owner=owner) portfolio_events = AuditLog.get_portfolio_events(portfolio) # add application level events application = ApplicationFactory.create(portfolio=portfolio) Applications.update(application, {"name": "Star Cruiser"}) app_role = ApplicationRoleFactory.create(application=application) app_invite = ApplicationInvitationFactory.create(role=app_role) portfolio_and_app_events = AuditLog.get_portfolio_events(portfolio) assert len(portfolio_events) < len(portfolio_and_app_events) # add environment level events env = EnvironmentFactory.create(application=application) env_role = EnvironmentRoleFactory.create(environment=env, application_role=app_role) portfolio_app_and_env_events = AuditLog.get_portfolio_events(portfolio) assert len(portfolio_and_app_events) < len(portfolio_app_and_env_events) resource_types = [event.resource_type for event in portfolio_app_and_env_events] assert "application" in resource_types assert "application_role" in resource_types assert "application_invitation" in resource_types assert "environment" in resource_types assert "environment_role" in resource_types
def test_create_environments(): application = ApplicationFactory.create() environments = Environments.create_many(application.portfolio.owner, application, ["Staging", "Production"]) for env in environments: assert env.cloud_id is None
def test_get_members(client, session, user_session): application = ApplicationFactory.create() user_session(application.portfolio.owner) response = client.get( url_for("applications.view_new_application_step_3", application_id=application.id)) assert response.status_code == 200
def test_create_application_succeeds(mock_azure: AzureCloudProvider): application = ApplicationFactory.create() mock_management_group_create(mock_azure, {"id": "Test Id"}) result = mock_azure._create_application(AUTH_CREDENTIALS, application) assert result.id == "Test Id"
def test_get_application(): app = ApplicationFactory.create() assert Applications.get(app.id) == app assert Applications.get(app.id, portfolio_id=app.portfolio_id) == app with pytest.raises(NotFoundError): # make the uuid a string like you'd get from a route rando_id = str(uuid4()) Applications.get(app.id, portfolio_id=rando_id)
def test_for_user_returns_portfolios_for_applications_user_invited_to(): bob = UserFactory.create() portfolio = PortfolioFactory.create() application = ApplicationFactory.create(portfolio=portfolio) ApplicationRoleFactory.create(application=application, user=bob, status=ApplicationRoleStatus.ACTIVE) assert portfolio in Portfolios.for_user(user=bob)
def test_delete_failure_with_applications(): portfolio = PortfolioFactory.create() application = ApplicationFactory.create(portfolio=portfolio) assert not portfolio.deleted with pytest.raises(PortfolioDeletionApplicationsExistError): Portfolios.delete(portfolio=portfolio) assert not portfolio.deleted
def test_audit_event_for_application_deletion(session): app = ApplicationFactory.create() app.deleted = True session.add(app) session.commit() update_event = (session.query(AuditEvent).filter( AuditEvent.resource_id == app.id, AuditEvent.action == "update").one()) assert update_event.changed_state.get("deleted") assert update_event.changed_state["deleted"] == [False, True]
def test_get_environments(client, user_session): application = ApplicationFactory.create() user_session(application.portfolio.owner) response = client.get( url_for( "applications.view_new_application_step_2", portfolio_id=application.portfolio.id, application_id=application.id, )) assert response.status_code == 200
def test_deleted_application_roles_are_ignored(session): user = UserFactory.create() app = ApplicationFactory.create() app_role = ApplicationRoleFactory.create(user=user, application=app) assert len(user.application_roles) == 1 app_role.deleted = True session.add(app_role) session.commit() assert len(user.application_roles) == 0
def test_get_application_events(): # add in some portfolio level events portfolio = PortfolioFactory.create() Portfolios.update(portfolio, {"name": "New Name"}) # add app level events application = ApplicationFactory.create(portfolio=portfolio) Applications.update(application, {"name": "Star Cruiser"}) app_role = ApplicationRoleFactory.create(application=application) app_invite = ApplicationInvitationFactory.create(role=app_role) env = EnvironmentFactory.create(application=application) env_role = EnvironmentRoleFactory.create(environment=env, application_role=app_role) # add rando app rando_app = ApplicationFactory.create(portfolio=portfolio) events = AuditLog.get_application_events(application) for event in events: assert event.application_id == application.id assert not event.application_id == rando_app.id resource_types = [event.resource_type for event in events] assert "portfolio" not in resource_types
def test_application_members_excludes_deleted(session): app = ApplicationFactory.create() member_role = ApplicationRoleFactory.create( application=app, status=ApplicationRoleStatus.ACTIVE) disabled_role = ApplicationRoleFactory.create( application=app, status=ApplicationRoleStatus.DISABLED) disabled_role.deleted = True session.add(disabled_role) session.commit() assert len(app.members) == 1 assert app.members[0].id == member_role.id
def test_paginate_ws_audit_log(): portfolio = PortfolioFactory.create() application = ApplicationFactory.create(portfolio=portfolio) for _ in range(100): AuditLog.log_system_event( resource=application, action="create", portfolio=portfolio ) events = AuditLog.get_portfolio_events( portfolio, pagination_opts={"per_page": 25, "page": 2} ) assert len(events) == 25
def test_delete_portfolio_failure(no_debug_client, user_session): portfolio = PortfolioFactory.create() application = ApplicationFactory.create(portfolio=portfolio) owner = portfolio.owner user_session(owner) assert len(Portfolios.for_user(user=owner)) == 1 response = no_debug_client.post( url_for("portfolios.delete_portfolio", portfolio_id=portfolio.id)) assert response.status_code == 500 assert len(Portfolios.for_user(user=owner)) == 1
def test_post_member(monkeypatch, client, user_session, session): job_mock = Mock() monkeypatch.setattr("atst.jobs.send_mail.delay", job_mock) user = UserFactory.create() application = ApplicationFactory.create(environments=[{ "name": "Naboo" }, { "name": "Endor" }]) (env, env_1) = application.environments user_session(application.portfolio.owner) response = client.post( url_for("applications.create_member", application_id=application.id), data={ "user_data-first_name": user.first_name, "user_data-last_name": user.last_name, "user_data-dod_id": user.dod_id, "user_data-email": user.email, "environment_roles-0-environment_id": env.id, "environment_roles-0-role": "Basic Access", "environment_roles-0-environment_name": env.name, "environment_roles-1-environment_id": env_1.id, "environment_roles-1-role": NO_ACCESS, "environment_roles-1-environment_name": env_1.name, "perms_env_mgmt": True, "perms_team_mgmt": True, "perms_del_env": True, }, ) assert response.status_code == 302 expected_url = url_for( "applications.settings", application_id=application.id, fragment="application-members", _anchor="application-members", _external=True, ) assert response.location == expected_url assert len(application.roles) == 1 environment_roles = application.roles[0].environment_roles assert len(environment_roles) == 1 assert environment_roles[0].environment == env invitation = (session.query(ApplicationInvitation).filter_by( dod_id=user.dod_id).one()) assert invitation.role.application == application assert job_mock.called
def test_get_name_and_description_form_for_update(client, user_session): name = "My Test Application" description = "This is the description of the test application." application = ApplicationFactory.create(name=name, description=description) user_session(application.portfolio.owner) response = client.get( url_for( "applications.view_new_application_step_1", portfolio_id=application.portfolio.id, application_id=application.id, )) assert response.status_code == 200 assert name in response.data.decode() assert description in response.data.decode()
def test_for_user_does_not_include_deleted_application_roles(): user1 = UserFactory.create() user2 = UserFactory.create() portfolio = PortfolioFactory.create() app = ApplicationFactory.create(portfolio=portfolio) ApplicationRoleFactory.create(status=ApplicationRoleStatus.ACTIVE, user=user1, application=app) assert len(Portfolios.for_user(user1)) == 1 ApplicationRoleFactory.create(status=ApplicationRoleStatus.ACTIVE, user=user2, application=app, deleted=True) assert len(Portfolios.for_user(user2)) == 0
def test_post_name_and_description_for_update(client, session, user_session): application = ApplicationFactory.create() user_session(application.portfolio.owner) response = client.post( url_for( "applications.update_new_application_step_1", portfolio_id=application.portfolio.id, application_id=application.id, ), data={"name": "Test Application", "description": "This is only a test"}, ) assert response.status_code == 302 session.refresh(application) assert application.name == "Test Application" assert application.description == "This is only a test"
def test_post_environments(client, session, user_session): application = ApplicationFactory.create(environments=[]) user_session(application.portfolio.owner) response = client.post( url_for( "applications.update_new_application_step_2", portfolio_id=application.portfolio.id, application_id=application.id, ), data={ "environment_names-0": "development", "environment_names-1": "staging", "environment_names-2": "production", }, ) assert response.status_code == 302 session.refresh(application) assert len(application.environments) == 3
def test_post_name_and_description_enforces_unique_name( client, user_session, session): portfolio = PortfolioFactory.create() name = "Test Application" application = ApplicationFactory.create(portfolio=portfolio, name=name) user_session(portfolio.owner) session.begin_nested() response = client.post( url_for("applications.create_new_application_step_1", portfolio_id=portfolio.id), data={ "name": name, "description": "This is only a test" }, ) session.rollback() assert response.status_code == 400
def test_delete_application(session): app = ApplicationFactory.create() app_role = ApplicationRoleFactory.create(user=UserFactory.create(), application=app) env1 = EnvironmentFactory.create(application=app) env2 = EnvironmentFactory.create(application=app) assert not app.deleted assert not env1.deleted assert not env2.deleted assert not app_role.deleted Applications.delete(app) assert app.deleted assert env1.deleted assert env2.deleted assert app_role.deleted # changes are flushed assert not session.dirty
def test_delete_environment(session): env = EnvironmentFactory.create(application=ApplicationFactory.create()) env_role = EnvironmentRoleFactory.create( application_role=ApplicationRoleFactory.create( application=env.application), environment=env, ) assert not env.deleted assert not env_role.deleted Environments.delete(env) assert env.deleted assert env_role.deleted # did not flush assert session.dirty Environments.delete(env, commit=True) assert env.deleted assert env_role.deleted # flushed the change assert not session.dirty
def test_invite_to_nonexistent_environment(): application = ApplicationFactory.create() env1 = EnvironmentFactory.create(application=application) user_data = UserFactory.dictionary() with pytest.raises(NotFoundError): Applications.invite( application=application, inviter=application.portfolio.owner, user_data=user_data, environment_roles_data=[ { "environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value }, { "environment_id": uuid4(), "role": CSPRole.BASIC_ACCESS.value }, ], )
def test_post_update_member(client, user_session): user = UserFactory.create() application = ApplicationFactory.create(environments=[{ "name": "Naboo" }, { "name": "Endor" }]) (env, env_1) = application.environments app_role = ApplicationRoleFactory(application=application) user_session(application.portfolio.owner) response = client.post( url_for( "applications.update_new_application_step_3", application_id=application.id, application_role_id=app_role.id, ), data={ "environment_roles-0-environment_id": env.id, "environment_roles-0-role": "Basic Access", "environment_roles-0-environment_name": env.name, "environment_roles-1-environment_id": env_1.id, "environment_roles-1-role": NO_ACCESS, "environment_roles-1-environment_name": env_1.name, "perms_env_mgmt": True, "perms_team_mgmt": True, "perms_del_env": True, }, ) assert response.status_code == 302 expected_url = url_for( "applications.view_new_application_step_3", application_id=application.id, _external=True, ) assert response.location == expected_url assert len(application.roles) == 1 assert len(app_role.environment_roles) == 1 assert app_role.environment_roles[0].environment == env
def test_get_excludes_deleted(): app = ApplicationFactory.create(deleted=True) with pytest.raises(NotFoundError): Applications.get(app.id)
def test_get_excludes_deleted(): env = EnvironmentFactory.create(deleted=True, application=ApplicationFactory.create()) with pytest.raises(NotFoundError): Environments.get(env.id)