def test_gov_department_domains_lower_case():
"""
Test that email_domains are set as lowercase before entering the database.
"""
new_dep = GovDepartmentFactory(email_domains=["Domain.gov.uk", "EMAIL.GOV.UK"])
lower_domains = ["domain.gov.uk", "email.gov.uk"]
assert new_dep.email_domains == lower_domains
def test_two_departments_with_same_email_domain_prevents_login():
preferred_department_name = "Good"
disavowed_department_name = "Bad"
shared_email_domain = "email.gov.uk" # /PS-IGNORE
GovDepartmentFactory(name=preferred_department_name,
email_domains=[shared_email_domain])
GovDepartmentFactory(name=disavowed_department_name,
email_domains=[shared_email_domain])
mock_profile = {
"email": "*****@*****.**", # /PS-IGNORE
"email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
}
auth_backend = CustomAuthbrokerBackend()
with pytest.raises(GovDepartment.MultipleObjectsReturned):
new_profile = auth_backend.create_user(mock_profile)
def logged_in_ogd():
dept = GovDepartmentFactory(name="OGD")
user = UserFactory(first_name="joe", gov_department=dept)
client = Client()
client.force_login(user)
yield client
def test_get_gov_department_id_from_user_email():
"""
Test that the correct department id is returned according to
the email passed in.
"""
gov_department = GovDepartmentFactory(email_domains=["email.gov.uk"])
email = "*****@*****.**" # /PS-IGNORE
gov_department_id = get_gov_department_id_from_user_email(email).id
assert gov_department_id == gov_department.id
def test_sap_init_form(self):
# Arrange
dept = GovDepartmentFactory()
d = {"department": str(dept.id)}
# Act
form = SAPForm(data=d)
# Assert
assert form.is_valid()
def test_SC_with_inv_umbrella(self, test_user):
# Arrange
dept = GovDepartmentFactory.create()
umbrella = SupplyChainUmbrellaFactory.create(gov_department=dept)
# Act
sc = SupplyChainFactory.build(gov_department=test_user.gov_department,
supply_chain_umbrella=umbrella)
# Assert
self.validate(sc, {SCUmbrella: ERROR_MSGS[SCUmbrella]},
objects_saved=0)
def test_manager_create_user_adds_department_using_email_address():
"""
Test that UserModel.objects.create_user sets the department.
"""
expected_department = GovDepartmentFactory(email_domains=["email.gov.uk"])
mock_profile = {
"sso_email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
}
email = "*****@*****.**" # /PS-IGNORE
new_profile = UserModel.objects.create_user(email=email, **mock_profile)
assert new_profile.gov_department == expected_department
def test_strat_action_summary_page_unauthorised(logged_in_client, test_user,
test_supply_chain):
"""Test unauthorised request.
A user not linked to the same gov department as a
supply chain cannot access the strategic action summary
page for that supply chain.
"""
dep = GovDepartmentFactory()
sc = SupplyChainFactory(gov_department=dep)
response = logged_in_client.get(
reverse("strategic-action-summary", args=[test_supply_chain.slug]))
assert response.status_code == 403
def test_manager_create_user_for_unknown_email_domain_returns_none():
"""
Test that UserModel.objects.create_user returns None for an unknown email domain.
"""
expected_department = GovDepartmentFactory(email_domains=["email.gov.uk"])
mock_profile = {
"sso_email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
}
email = "*****@*****.**" # /PS-IGNORE
new_profile = UserModel.objects.create_user(email=email, **mock_profile)
assert new_profile is None
def test_auth_on_dept(self):
# Arrange
dept_name = "other_dep"
dept = GovDepartmentFactory(name=dept_name)
# Act
resp = Client().get(
reverse(
"chain-details-list",
kwargs={"dept": dept_name},
))
# Assert
assert resp.status_code == 302
def test_backend_create_user_does_not_create_user_for_unknown_department():
"""
Test that no user is created if the email domain is not from a known department.
"""
gov_department = GovDepartmentFactory(email_domains=["email.gov.uk"])
mock_profile = {
"email": "*****@*****.**", # /PS-IGNORE
"email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
}
auth_backend = CustomAuthbrokerBackend()
new_profile = auth_backend.create_user(mock_profile)
assert new_profile is None
def test_ogd_other_dept(self, logged_in_client):
# Arrange
dept_name = "other_dep"
dept = GovDepartmentFactory(name=dept_name)
u = UserFactory(gov_department=dept)
# Act
resp = logged_in_client.get(
reverse(
"chain-details-list",
kwargs={"dept": dept_name},
))
# Assert
assert resp.status_code == 200
def test_ogd_other_dept_error(self, logged_in_client):
# Arrange
dept_name = "other_dep"
dept = GovDepartmentFactory(name=dept_name)
u = UserFactory(gov_department=dept)
# Act
resp = logged_in_client.get(
reverse(
"action-progress-department",
kwargs={"dept": dept_name},
))
# Assert
assert resp.status_code == 403
def test_new_user_calls_user_manager_create_user_method():
"""
Test that when create_user is called, object creation is achieved
by calling the create_user method of models.UserManager.
"""
gov_department = GovDepartmentFactory(email_domains=["email.gov.uk"])
mock_profile = {
"email": "*****@*****.**", # /PS-IGNORE
"email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
}
auth_backend = CustomAuthbrokerBackend()
with mock.patch(
"accounts.models.UserManager.create_user") as mocked_method:
new_profile = auth_backend.create_user(mock_profile)
assert mocked_method.called
def test_manager_create_user_does_not_create_superuser():
"""
Test that a normal user isn't created as a superuser.
"""
new_dep = GovDepartmentFactory(
email_domains=[
"email.gov.uk",
]
)
mock_profile = {
"sso_email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
"gov_department": new_dep,
}
email = "*****@*****.**" # /PS-IGNORE
new_profile = UserModel.objects.create_user(email=email, **mock_profile)
assert not new_profile.is_superuser
def test_auth_on_dept(self, logged_in_client):
# Arrange
dept_name = "other_dep"
dept = GovDepartmentFactory(name=dept_name)
sc = SupplyChainFactory.create(gov_department=dept)
# Act
resp = logged_in_client.get(
reverse(
"chain-details-info",
kwargs={
"dept": dept_name,
"supply_chain_slug": sc.slug
},
))
# Assert
assert resp.status_code == 200
def test_backend_create_user_creates_user_with_valid_data():
"""
Test that the newly-created user has all the bits we intended them to have.
"""
gov_department = GovDepartmentFactory(email_domains=["email.gov.uk"])
mock_profile = {
"email": "*****@*****.**", # /PS-IGNORE
"email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
}
auth_backend = CustomAuthbrokerBackend()
new_profile = auth_backend.create_user(mock_profile)
assert new_profile is not None
assert new_profile.email == mock_profile["email"]
assert new_profile.sso_email_user_id == mock_profile["email_user_id"]
assert new_profile.first_name == mock_profile["first_name"]
assert new_profile.last_name == mock_profile["last_name"]
def test_manager_create_user_calls_set_unusable_password():
"""
Test that UserModel.objects.create_user correctly prevents password login.
"""
new_dep = GovDepartmentFactory(
email_domains=[
"email.gov.uk",
]
)
mock_profile = {
"sso_email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
"gov_department": new_dep,
}
email = "*****@*****.**" # /PS-IGNORE
with mock.patch.object(UserModel, "set_unusable_password") as mocked_method:
new_profile = UserModel.objects.create_user(email=email, **mock_profile)
assert mocked_method.called
def test_auth_no_perm(self, logged_in_client):
# Arrange
dept_name = "mod"
dept = GovDepartmentFactory(name=dept_name)
sc_name = "ceramics"
SupplyChainFactory(gov_department=dept, name=sc_name)
# Act
resp = logged_in_client.get(
reverse(
"action-progress-list",
kwargs={
"dept": dept_name,
"supply_chain_slug": sc_name
},
))
# Assert
assert resp.status_code == 403
def test_ogd_other_dept_error(self, logged_in_client):
# Arrange
dept_name = "other_dep"
dept = GovDepartmentFactory(name=dept_name)
sc_name = "ceramics"
sc = SupplyChainFactory(gov_department=dept, name=sc_name)
sa = StrategicActionFactory(supply_chain=sc)
# Act
resp = logged_in_client.get(
reverse(
"action-progress-detail",
kwargs={
"dept": dept_name,
"supply_chain_slug": sc_name,
"action_slug": sa.slug,
},
))
# Assert
assert resp.status_code == 403
def test_manager_create_user_creates_user():
"""
Test that UserModel.objects.create_user does that.
"""
new_dep = GovDepartmentFactory(
email_domains=[
"email.gov.uk",
]
)
mock_profile = {
"sso_email_user_id": "*****@*****.**", # /PS-IGNORE
"first_name": "Mr",
"last_name": "Test",
"gov_department": new_dep,
}
email = "*****@*****.**" # /PS-IGNORE
new_profile = UserModel.objects.create_user(email=email, **mock_profile)
assert new_profile is not None
assert new_profile.email == email
assert new_profile.sso_email_user_id == mock_profile["sso_email_user_id"]
assert new_profile.first_name == mock_profile["first_name"]
assert new_profile.last_name == mock_profile["last_name"]
def test_check_matching_gov_department_success():
"""Test True is returned if supply chain and user have same gov department."""
g = GovDepartmentFactory()
user = UserFactory(gov_department=g)
supply_chain = SupplyChainFactory(gov_department=g)
assert check_matching_gov_department(user, supply_chain)
