def test_permissions(self, users_with_all_roles, login_role, can_view,
can_edit, selenium): # pylint: disable=too-many-arguments
"""Test that users have permissions to objects created by other users
according to their global role.
"""
objs = []
other_roles = [role for role in self.ALL_ROLES if role != login_role]
for role in other_roles:
users.set_current_user(users_with_all_roles[role])
program = rest_facade.create_program()
control = rest_facade.create_control_mapped_to_program(program)
objs.extend([program, control])
users.set_current_user(users_with_all_roles[login_role])
for obj in objs:
if can_view:
webui_facade.assert_can_view(selenium, obj)
if obj.type == "Control":
webui_facade.assert_can_edit_control(
selenium, obj, can_edit)
webui_facade.assert_cannot_delete_control(selenium, obj)
else:
webui_facade.assert_can_edit(selenium,
obj,
can_edit=can_edit)
webui_facade.assert_can_delete(selenium,
obj,
can_delete=can_edit)
else:
webui_facade.assert_cannot_view(obj)
def test_auditor_cannot_edit_audit(self, selenium, test_data):
"""Test that Auditor cannot edit audit"""
creator = test_data["creator"]
users.set_current_user(creator)
audit = test_data["audit"]
webui_facade.assert_can_view(selenium, audit)
webui_facade.assert_can_edit(selenium, audit, can_edit=False)
def test_permissions(
self, users_with_all_roles, login_role, can_view, can_edit, selenium
): # pylint: disable=too-many-arguments
"""Test that users have permissions to objects created by other users
according to their global role.
"""
objs = []
other_roles = [role for role in self.ALL_ROLES if role != login_role]
for role in other_roles:
users.set_current_user(users_with_all_roles[role])
program = rest_facade.create_program()
control = rest_facade.create_control_mapped_to_program(program)
objs.extend([program, control])
users.set_current_user(users_with_all_roles[login_role])
for obj in objs:
if can_view:
webui_facade.assert_can_view(selenium, obj)
if obj.type == "Control":
webui_facade.assert_can_edit_control(selenium, obj, can_edit)
webui_facade.assert_cannot_delete_control(selenium, obj)
else:
webui_facade.assert_can_edit(selenium, obj, can_edit=can_edit)
webui_facade.assert_can_delete(selenium, obj, can_delete=can_edit)
else:
webui_facade.assert_cannot_view(obj)
def test_auditor_cannot_edit_audit(
self, selenium, test_data
):
"""Test that Auditor cannot edit audit"""
creator = test_data["creator"]
users.set_current_user(creator)
audit = test_data["audit"]
webui_facade.assert_can_view(selenium, audit)
webui_facade.assert_can_edit(selenium, audit, can_edit=False)
def test_object_creation(self, role, selenium):
"""Test that users with all global roles can create, then edit and delete
objects.
"""
user = rest_facade.create_user_with_role(role_name=role)
users.set_current_user(user)
objs = [rest_facade.create_program(), rest_facade.create_control()]
for obj in objs:
webui_facade.assert_can_edit(selenium, obj, can_edit=True)
webui_facade.assert_can_delete(selenium, obj, can_delete=True)
def test_object_creation(self, role, selenium):
"""Test that users with all global roles can create, then edit and delete
objects.
"""
user = rest_facade.create_user_with_role(role_name=role)
users.set_current_user(user)
objs = [rest_facade.create_program(), rest_facade.create_control()]
for obj in objs:
webui_facade.assert_can_edit(selenium, obj, can_edit=True)
webui_facade.assert_can_delete(selenium, obj, can_delete=True)
