def test_permissions(self, users_with_all_roles, login_role, can_view, can_edit, selenium): # pylint: disable=too-many-arguments """Test that users have permissions to objects created by other users according to their global role. """ objs = [] other_roles = [role for role in self.ALL_ROLES if role != login_role] for role in other_roles: users.set_current_user(users_with_all_roles[role]) program = rest_facade.create_program() control = rest_facade.create_control_mapped_to_program(program) objs.extend([program, control]) users.set_current_user(users_with_all_roles[login_role]) for obj in objs: if can_view: webui_facade.assert_can_view(selenium, obj) if obj.type == "Control": webui_facade.assert_can_edit_control( selenium, obj, can_edit) webui_facade.assert_cannot_delete_control(selenium, obj) else: webui_facade.assert_can_edit(selenium, obj, can_edit=can_edit) webui_facade.assert_can_delete(selenium, obj, can_delete=can_edit) else: webui_facade.assert_cannot_view(obj)
def test_auditor_cannot_edit_audit(self, selenium, test_data): """Test that Auditor cannot edit audit""" creator = test_data["creator"] users.set_current_user(creator) audit = test_data["audit"] webui_facade.assert_can_view(selenium, audit) webui_facade.assert_can_edit(selenium, audit, can_edit=False)
def test_permissions( self, users_with_all_roles, login_role, can_view, can_edit, selenium ): # pylint: disable=too-many-arguments """Test that users have permissions to objects created by other users according to their global role. """ objs = [] other_roles = [role for role in self.ALL_ROLES if role != login_role] for role in other_roles: users.set_current_user(users_with_all_roles[role]) program = rest_facade.create_program() control = rest_facade.create_control_mapped_to_program(program) objs.extend([program, control]) users.set_current_user(users_with_all_roles[login_role]) for obj in objs: if can_view: webui_facade.assert_can_view(selenium, obj) if obj.type == "Control": webui_facade.assert_can_edit_control(selenium, obj, can_edit) webui_facade.assert_cannot_delete_control(selenium, obj) else: webui_facade.assert_can_edit(selenium, obj, can_edit=can_edit) webui_facade.assert_can_delete(selenium, obj, can_delete=can_edit) else: webui_facade.assert_cannot_view(obj)
def test_auditor_cannot_edit_audit( self, selenium, test_data ): """Test that Auditor cannot edit audit""" creator = test_data["creator"] users.set_current_user(creator) audit = test_data["audit"] webui_facade.assert_can_view(selenium, audit) webui_facade.assert_can_edit(selenium, audit, can_edit=False)
def test_auditor_can_create_asmt(self, selenium, test_data): """Preconditions: Global editor creates program with mapped control. Global editor creates audit and assigns Global Creator user as an auditor - log in as GC - navigate to audit page => Assessments tab Test that GC can create new asmt in audit.""" creator = test_data["creator"] users.set_current_user(creator) audit = test_data["audit"] expected_asmt = webui_facade.create_asmt(selenium, audit) webui_facade.assert_can_view(selenium, expected_asmt)
def test_auditor_can_create_asmt( self, selenium, test_data ): """Preconditions: Global editor creates program with mapped control. Global editor creates audit and assigns Global Creator user as an auditor - log in as GC - navigate to audit page => Assessments tab Test that GC can create new asmt in audit.""" creator = test_data["creator"] users.set_current_user(creator) audit = test_data["audit"] expected_asmt = webui_facade.create_asmt(selenium, audit) webui_facade.assert_can_view(selenium, expected_asmt)
def test_auditor_can_assign_user_to_asmt(self, selenium, test_data): """Preconditions: Global editor creates program with mapped control. Global editor creates audit and assigns Global Creator user as an auditor - log in as GC - navigate to audit page => Assessments tab Test that GC can assign user to new asmt in audit.""" # pylint: disable=invalid-name creator = test_data["creator"] users.set_current_user(creator) audit = test_data["audit"] expected_asmt = rest_facade.create_asmt(audit) asmt_service = webui_service.AssessmentsService(selenium) asmt_service.add_asignee(expected_asmt, test_data["editor"]) expected_asmt.update_attrs( updated_at=rest_facade.get_obj(expected_asmt).updated_at, assignees=[creator.email, test_data["editor"].email], modified_by=users.current_user().email) webui_facade.assert_can_view(selenium, expected_asmt)
def test_auditor_can_assign_user_to_asmt( self, selenium, test_data ): """Preconditions: Global editor creates program with mapped control. Global editor creates audit and assigns Global Creator user as an auditor - log in as GC - navigate to audit page => Assessments tab Test that GC can assign user to new asmt in audit.""" # pylint: disable=invalid-name creator = test_data["creator"] users.set_current_user(creator) audit = test_data["audit"] expected_asmt = rest_facade.create_assessment(audit) asmt_service = webui_service.AssessmentsService(selenium) asmt_service.add_asignee(expected_asmt, test_data["editor"]) expected_asmt.update_attrs( updated_at=rest_facade.get_obj(expected_asmt).updated_at, assignees=[creator.email, test_data["editor"].email], modified_by=users.current_user().email) webui_facade.assert_can_view(selenium, expected_asmt)