def test_list_status_limited_to_authorized_zaken(self):
url = reverse('resultaat-list')
# must show up
resultaat = ResultaatFactory.create(
zaak__zaaktype='https://zaaktype.nl/ok',
zaak__vertrouwelijkheidaanduiding=VertrouwelijkheidsAanduiding.
openbaar)
# must not show up
ResultaatFactory.create(
zaak__zaaktype='https://zaaktype.nl/ok',
zaak__vertrouwelijkheidaanduiding=VertrouwelijkheidsAanduiding.
vertrouwelijk)
# must not show up
ResultaatFactory.create(
zaak__zaaktype='https://zaaktype.nl/not_ok',
zaak__vertrouwelijkheidaanduiding=VertrouwelijkheidsAanduiding.
openbaar)
response = self.client.get(url)
self.assertEqual(response.status_code, status.HTTP_200_OK)
response_data = response.json()
self.assertEqual(len(response_data), 1)
self.assertEqual(response_data[0]['url'],
f"http://testserver{reverse(resultaat)}")
def test_delete_zaak_cascades_properly(self):
"""
Deleting a zaak causes all related objects to be deleted as well.
"""
zaak = ZaakFactory.create(zaaktype=ZAAKTYPE)
ZaakFactory.create(hoofdzaak=zaak, zaaktype=ZAAKTYPE)
ZaakEigenschapFactory.create(zaak=zaak)
StatusFactory.create(zaak=zaak)
RolFactory.create(zaak=zaak)
ResultaatFactory.create(zaak=zaak)
ZaakObjectFactory.create(zaak=zaak)
ZaakInformatieObjectFactory.create(zaak=zaak)
KlantContactFactory.create(zaak=zaak)
zaak_delete_url = get_operation_url('zaak_delete', uuid=zaak.uuid)
response = self.client.delete(zaak_delete_url, **ZAAK_WRITE_KWARGS)
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT,
response.data)
self.assertEqual(Zaak.objects.all().count(), 0)
self.assertEqual(ZaakEigenschap.objects.all().count(), 0)
self.assertEqual(Status.objects.all().count(), 0)
self.assertEqual(Rol.objects.all().count(), 0)
self.assertEqual(Resultaat.objects.all().count(), 0)
self.assertEqual(ZaakObject.objects.all().count(), 0)
self.assertEqual(ZaakInformatieObject.objects.all().count(), 0)
self.assertEqual(KlantContact.objects.all().count(), 0)
def test_send_notif_delete_resultaat(self, mock_client):
"""
Check if notifications will be send when resultaat is deleted
"""
client = mock_client.return_value
zaak = ZaakFactory.create(zaaktype=ZAAKTYPE)
zaak_url = get_operation_url('zaak_read', uuid=zaak.uuid)
resultaat = ResultaatFactory.create(zaak=zaak)
resultaat_url = get_operation_url('resultaat_update',
uuid=resultaat.uuid)
response = self.client.delete(resultaat_url)
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT,
response.data)
client.create.assert_called_once_with(
'notificaties', {
'kanaal': 'zaken',
'hoofdObject': f'http://testserver{zaak_url}',
'resource': 'resultaat',
'resourceUrl': f'http://testserver{resultaat_url}',
'actie': 'destroy',
'aanmaakdatum': '2012-01-14T00:00:00Z',
'kenmerken': {
'bronorganisatie':
zaak.bronorganisatie,
'zaaktype':
zaak.zaaktype,
'vertrouwelijkheidaanduiding':
zaak.vertrouwelijkheidaanduiding,
}
})
def test_conditional_get_stale(self):
resultaat = ResultaatFactory.create(with_etag=True)
response = self.client.get(reverse(resultaat),
HTTP_IF_NONE_MATCH='"old"')
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_conditional_get_304(self):
resultaat = ResultaatFactory.create(with_etag=True)
response = self.client.get(reverse(resultaat),
HTTP_IF_NONE_MATCH=f'"{resultaat._etag}"')
self.assertEqual(response.status_code, status.HTTP_304_NOT_MODIFIED)
def test_not_allowed_to_change_resultaattype(self):
resultaat = ResultaatFactory.create()
url = reverse(resultaat)
response = self.client.patch(
url, {"resultaattype": "https://ander.resultaattype.nl/foo/bar"}
)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
validation_error = get_validation_errors(response, "resultaattype")
self.assertEqual(validation_error["code"], IsImmutableValidator.code)
def test_write_operations_forbidden(self):
# scope not provided for writes, so this should 403 (not 404!)
resultaat = ResultaatFactory.create(
zaak__zaaktype='https://zaaktype.nl/ok',
zaak__vertrouwelijkheidaanduiding=VertrouwelijkheidsAanduiding.
vertrouwelijk)
url = reverse(resultaat)
for method in ['put', 'patch', 'delete']:
with self.subTest(method=method):
response = getattr(self.client, method)(url)
self.assertEqual(response.status_code,
status.HTTP_403_FORBIDDEN)
def test_resultaten(self):
resultaat = ResultaatFactory.create(zaak=self.zaak,
resultaattype=RESULTAATTYPE)
resultaat_url = reverse(resultaat)
self.assertUpdateAllowed(resultaat_url)
self.assertPartialUpdateAllowed(resultaat_url)
self.assertDestroyAllowed(resultaat_url)
resultaat.delete()
data = {
"zaak": reverse(self.zaak),
"resultaattype": resultaat.resultaattype,
}
self.assertCreateAllowed(reverse(Resultaat), data)
def test_zaak_with_result(self):
"""
Test that the zaak-detail correctly contains the URL to the result.
"""
zaak = ZaakFactory.create(zaaktype=ZAAKTYPE)
resultaat = ResultaatFactory.create(zaak=zaak)
zaak_url = "http://testserver{path}".format(path=reverse(zaak))
resultaat_url = "http://testserver{path}".format(path=reverse(resultaat))
self.autorisatie.scopes = [SCOPE_ZAKEN_ALLES_LEZEN]
self.autorisatie.save()
response = self.client.get(zaak_url, **ZAAK_READ_KWARGS)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.json()["resultaat"], resultaat_url)
def test_zaak_with_result(self):
"""
Test that the zaak-detail correctly contains the URL to the result.
"""
zaak = ZaakFactory.create()
resultaat = ResultaatFactory.create(zaak=zaak)
zaak_url = 'http://testserver{path}'.format(path=reverse(zaak))
resultaat_url = 'http://testserver{path}'.format(path=reverse(resultaat))
token = generate_jwt(scopes=[SCOPE_ZAKEN_ALLES_LEZEN], zaaktypes=[zaak.zaaktype])
self.client.credentials(HTTP_AUTHORIZATION=token)
response = self.client.get(zaak_url, **ZAAK_READ_KWARGS)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.json()['resultaat'], resultaat_url)
def test_cannot_read_without_correct_scope(self):
zaak = ZaakFactory.create()
status = StatusFactory.create()
zaak_object = ZaakObjectFactory.create()
resultaat = ResultaatFactory.create()
urls = [
reverse('zaak-list'),
reverse(zaak),
reverse('status-list'),
reverse(status),
reverse('status-list'),
reverse(resultaat),
reverse('zaakobject-list'),
reverse(zaak_object),
]
for url in urls:
with self.subTest(url=url):
self.assertForbidden(url,
method='get',
request_kwargs=ZAAK_READ_KWARGS)
def test_send_notif_delete_resultaat(self, mock_client):
"""
Check if notifications will be send when resultaat is deleted
"""
client = mock_client.return_value
zaak = ZaakFactory.create(zaaktype=ZAAKTYPE)
zaak_url = get_operation_url("zaak_read", uuid=zaak.uuid)
resultaat = ResultaatFactory.create(zaak=zaak)
resultaat_url = get_operation_url("resultaat_update",
uuid=resultaat.uuid)
with capture_on_commit_callbacks(execute=True):
response = self.client.delete(resultaat_url)
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT,
response.data)
client.create.assert_called_once_with(
"notificaties",
{
"kanaal": "zaken",
"hoofdObject": f"http://testserver{zaak_url}",
"resource": "resultaat",
"resourceUrl": f"http://testserver{resultaat_url}",
"actie": "destroy",
"aanmaakdatum": "2012-01-14T00:00:00Z",
"kenmerken": {
"bronorganisatie":
zaak.bronorganisatie,
"zaaktype":
zaak.zaaktype,
"vertrouwelijkheidaanduiding":
zaak.vertrouwelijkheidaanduiding,
},
},
)
def test_resultaat_head_cache_header(self):
resultaat = ResultaatFactory.create()
self.assertHeadHasETag(reverse(resultaat))
def test_resultaat_get_cache_header(self):
resultaat = ResultaatFactory.create()
response = self.client.get(reverse(resultaat))
self.assertHasETag(response)