def test_update_project_with_non_admin_non_org_contact_fails(self): '''Tests that a project cannot be updated by non-admin and non-org-contact''' org = create_organization('Org 1', self.johndoe_user) project = create_project('Org 1 Project 1', 'A new project for exercising awesomeness', self.johndoe_user, org) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) payload = { 'name': 'Org 1 Project 1 Update', 'description': 'An updated description' } url = reverse(self.project_detail_view_name, kwargs={ 'org_slug': org.slug, 'project_slug': project.slug }) response = janedoe_client.put(url, payload, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('slug', data) self.assertNotIn('description', data) self.assertNotIn('created_at', data) self.assertNotIn('updated_at', data) self.assertNotIn('creator', data) self.assertNotIn('organization', data)
def test_view_organization_with_admin_user_succeeds(self): '''Tests that admin user (is_staff = True) can view orgnaization details''' client = APIClient() authenticate_jwt(admin_creds, client) payload = {'name': 'Org1', 'contact': self.johndoe_user.id} create_response = client.post(reverse(self.create_list_view_name), payload, format='json') slug = create_response.data['slug'] url = reverse(self.detail_view_name, kwargs={'org_slug': slug}) response = client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('slug', data) self.assertIn('created_at', data) self.assertIn('updated_at', data) self.assertIn('contact', data) self.assertEqual(payload['name'], data['name']) self.assertEqual(payload['contact'], data['contact'])
def test_create_existing_user_but_non_org_member_by_non_admin_fails(self): '''Tests that a existing user cannot be added to as a Project Contributor by a regular non-admin user''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'email': self.janedoe_user.email, 'project': project1.id, 'project_admin': False, 'activity_viewer': False, 'activity_editor': True } response = janedoe_client.post(url, payload, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code) data = response.data self.assertNotIn('user', data) self.assertNotIn('project', data) self.assertNotIn('project_admin', data) self.assertNotIn('activity_viewer', data) self.assertNotIn('activity_editor', data)
def test_list_projects_admin_succeed(self): '''Tests listing projects by admin returns all projects''' org1 = create_organization('Org 1', self.johndoe_user) org2 = create_organization('Org 2', self.janedoe_user) p1 = create_project('Org 1 Project 1', description='p1', creator=self.johndoe_user, organization=org1) p2 = create_project('Org 1 Project 2', description='p2', creator=self.johndoe_user, organization=org1) p3 = create_project('Org 2 Project 1', description='p3', creator=self.janedoe_user, organization=org2) url = reverse(self.project_list_view_name) admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) response = admin_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(3, len(response.data))
def test_listing_projects_by_non_project_contributor_returns_empty_list_succeeds( self): '''Tests that listing projects by non contributor returns empty list''' org1 = create_organization('Org 1', self.johndoe_user) org2 = create_organization('Org 2', self.janedoe_user) p1 = create_project('Org 1 Project 1', description='p1', creator=self.johndoe_user, organization=org1) p2 = create_project('Org 1 Project 2', description='p2', creator=self.johndoe_user, organization=org1) p3 = create_project('Org 2 Project 1', description='p3', creator=self.janedoe_user, organization=org2) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = url = reverse(self.project_list_view_name) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(0, len(response.data))
def test_view_organization_with_non_admin_user_fails(self): '''Tests that non admin user (is_staff = False) cannot view organization details''' admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) payload = {'name': 'Org1', 'contact': self.johndoe_user.id} create_response = admin_client.post(reverse( self.create_list_view_name), payload, format='json') slug = create_response.data['slug'] url = reverse(self.detail_view_name, kwargs={'org_slug': slug}) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) response = janedoe_client.get(url, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('slug', data) self.assertNotIn('created_at', data) self.assertNotIn('updated_at', data) self.assertNotIn('contact', data)
def test_update_organization_with_non_admin_non_contact_fails(self): '''Tests that a user who is not an admin (is_staff = False) and also not organization contact cannot update an organization''' admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) payload = {'name': 'Org1', 'contact': self.janedoe_user.id} create_response = admin_client.post(reverse( self.create_list_view_name), payload, format='json') slug = create_response.data['slug'] url = reverse(self.detail_view_name, kwargs={'org_slug': slug}) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) updated_payload = deepcopy(payload) updated_payload['name'] = 'Updated Org' updated_payload['contact'] = self.janedoe_user.id response = johndoe_client.put(url, updated_payload, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('slug', data) self.assertNotIn('created_at', data) self.assertNotIn('updated_at', data) self.assertNotIn('contact', data)
def test_view_project_with_org_contact_succeeds(self): '''Tests that the organization contact can view project''' org = create_organization('Org 1', self.johndoe_user) project = create_project('Org 1 Project 1', 'A new project for exercising awesomeness', self.admin_user, org) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) url = reverse(self.project_detail_view_name, kwargs={ 'org_slug': org.slug, 'project_slug': project.slug }) response = johndoe_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('slug', data) self.assertIn('description', data) self.assertIn('created_at', data) self.assertIn('updated_at', data) self.assertIn('creator', data) self.assertIn('organization', data) self.assertEqual(project.name, data['name']) self.assertEqual(project.description, data['description']) self.assertEqual(project.slug, data['slug']) self.assertEqual(project.creator.id, data['creator']) self.assertEqual(project.organization.id, data['organization'])
def test_view_contributor_by_same_contributor_succeeds(self): '''Tests that a project contributor can view their own project contributor details''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) response = janedoe_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('project', data) self.assertIn('user', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) self.assertEqual(pc.user.id, data['user']) self.assertEqual(pc.project.id, data['project']) self.assertEqual(pc.project_admin, data['project_admin']) self.assertEqual(pc.activity_viewer, data['activity_viewer']) self.assertEqual(pc.activity_editor, data['activity_editor'])
def test_update_organization_with_organization_contact_succeeds(self): '''Tests that an org contact can update their organization''' admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) payload = {'name': 'Org1', 'contact': self.johndoe_user.id} create_response = admin_client.post(reverse( self.create_list_view_name), payload, format='json') slug = create_response.data['slug'] url = reverse(self.detail_view_name, kwargs={'org_slug': slug}) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) updated_payload = deepcopy(payload) updated_payload['name'] = 'Updated Org' response = johndoe_client.put(url, updated_payload, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('slug', data) self.assertIn('created_at', data) self.assertIn('updated_at', data) self.assertIn('contact', data) self.assertEqual(updated_payload['name'], data['name']) self.assertEqual(updated_payload['contact'], data['contact'])
def test_listing_projects_by_project_contributor_limits_to_theirs_succeed( self): '''Tests listing projects by non-admin, project contributor is limited to only those that they are a contributor to''' org1 = create_organization('Org 1', self.johndoe_user) org2 = create_organization('Org 2', self.janedoe_user) p1 = create_project('Org 1 Project 1', description='p1', creator=self.johndoe_user, organization=org1) p2 = create_project('Org 1 Project 2', description='p2', creator=self.johndoe_user, organization=org1) p3 = create_project('Org 2 Project 1', description='p3', creator=self.janedoe_user, organization=org2) url = reverse(self.project_list_view_name) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) response = johndoe_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(2, len(response.data)) # make sure project p3 is not in list returned self.assertEquals(0, len([p for p in response.data if p['id'] == p3.id]))
def test_update_activity_entry_by_activity_editor_succeeds(self): '''Tests that a activity entry can be updated by a user who is a activity_editor for that activity entry''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create( name='An Activity', description='An activity description', project=project1, contributor=janedoe_contrib, minutes=60) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) payload = { 'name': 'An Activity Update', 'description': 'Activity description updated', 'project': project1.id, 'contributor': janedoe_contrib.id, 'minutes': 120 } response = janedoe_client.put(url, payload, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('description', data) self.assertIn('contributor', data) self.assertIn('project', data) self.assertIn('start', data) self.assertIn('end', data) self.assertIn('minutes', data) self.assertEqual(payload['name'], data['name']) self.assertEqual(payload['description'], data['description']) self.assertEqual(payload['contributor'], data['contributor']) self.assertEqual(payload['project'], data['project']) self.assertEqual(payload['minutes'], data['minutes']) self.assertIsNone(data['start']) self.assertIsNone(data['end'])
def test_list_activity_entries_by_project_contributor_activity_editor_succeeds( self): '''Tests that a project contributor with activity_editor but, activity_viewer = False and project_admin = False can only view their activity entries for that project''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) robin_contrib = ProjectContributor.objects.create(user=robin_user, project=project1, activity_viewer=True) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ActivityEntry.objects.create( name='Test Contributors API', description='Write tests to test project contributors API', contributor=janedoe_contrib, project=project1, minutes=180) ActivityEntry.objects.create( name='Test Activities API', description='Write tests to test activities API', contributor=janedoe_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj1_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj2_contrib, project=project2, minutes=300) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(1, len(response.data))
def test_list_activity_entries_by_non_project_contributor_fails(self): '''Tests that a project's activity entries cannot be viewed by a user who is not a project contributor''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ActivityEntry.objects.create( name='Test Contributors API', description='Write tests to test project contributors API', contributor=janedoe_contrib, project=project1, minutes=180) ActivityEntry.objects.create( name='Test Activities API', description='Write tests to test activities API', contributor=janedoe_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj1_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj2_contrib, project=project2, minutes=300) robin_client = APIClient() authenticate_jwt(robin_creds, robin_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) response = robin_client.get(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)
def test_create_activity_entry_by_activity_editor_succeeds(self): '''Tests that a project contributor with activity_editor = True can create a activity entry for the project''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) johndoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_viewer=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'name': 'An Activity', 'description': 'Activity description', 'contributor': batman_proj1_contrib.id, 'project': project1.id, 'minutes': 60 } response = batman_client.post(url, payload, format='json') self.assertEqual(status.HTTP_201_CREATED, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('description', data) self.assertIn('contributor', data) self.assertIn('project', data) self.assertIn('start', data) self.assertIn('end', data) self.assertIn('minutes', data) self.assertEquals(payload['name'], data['name']) self.assertEquals(payload['description'], data['description']) self.assertEquals(payload['contributor'], data['contributor']) self.assertEquals(payload['project'], data['project']) self.assertIsNone(data['start']) self.assertIsNone(data['end']) self.assertEquals(payload['minutes'], data['minutes'])
def test_create_organization_with_non_admin_user_fails(self): '''Tests that non admin user (is_staff = False) cannot create organization''' client = APIClient() authenticate_jwt(johndoe_creds, client) url = reverse(self.create_list_view_name) payload = {'name': 'Org1', 'contact': self.johndoe_user.id} response = client.post(url, payload, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('slug', data) self.assertNotIn('created_at', data) self.assertNotIn('updated_at', data) self.assertNotIn('contact', data)
def test_create_with_non_admin_non_org_contact_fails(self): '''Tests that a non-admin / non-org-contact cannot add member to organization''' johndoe_org = create_organization('Org 1', self.johndoe_user) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.create_list_view_name, kwargs={'org_slug': johndoe_org.slug}) payload = {'user_id': self.batman_user.id} response = janedoe_client.post(url, payload, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertNotIn('members', data)
def test_create_activity_entry_by_non_contributor_fails(self): '''Tests that a activity entry cannot be created by a non project contributor''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) ProjectContributor.objects.create(user=self.janedoe_user, project=project1, activity_viewer=True) ProjectContributor.objects.create(user=self.batman_user, project=project1, activity_editor=True) ProjectContributor.objects.create(user=self.batman_user, project=project2, activity_editor=True) robin_client = APIClient() authenticate_jwt(robin_creds, robin_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'name': 'An Activity', 'description': 'Activity description', 'project': project1.id, 'minutes': 60 } response = robin_client.post(url, payload, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('description', data) self.assertNotIn('contributor', data) self.assertNotIn('project', data) self.assertNotIn('start', data) self.assertNotIn('end', data) self.assertNotIn('minutes', data)
def test_delete_organization_with_admin_succeeds(self): '''Tests that a admin (is_staff = True) can delete an organization''' admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) payload = {'name': 'Org1', 'contact': self.janedoe_user.id} create_response = admin_client.post(reverse( self.create_list_view_name), payload, format='json') slug = create_response.data['slug'] url = reverse(self.detail_view_name, kwargs={'org_slug': slug}) response = admin_client.delete(url, format='json') self.assertEqual(status.HTTP_204_NO_CONTENT, response.status_code) with self.assertRaises(ObjectDoesNotExist): Organization.objects.get(slug=slug)
def test_list_contributors_by_non_project_admin_non_fails(self): '''Tests that a non-admin / non-project-admin cannot list project contributors''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) batman_user = batman_creds.create_user(is_active=True) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)
def test_login_user_not_exists_fail(self): creds = admin_creds.to_dict() creds['email'] = '*****@*****.**' response = authenticate_jwt(creds, self.client) self.assertEqual(status.HTTP_400_BAD_REQUEST, response.status_code) data = response.data self.assertNotIn('access_token', data) self.assertNotIn('refresh_token', data)
def test_view_activity_entry_by_project_admin_succeeds(self): '''Tests that a project admin (ProjectContributor.project_admin = True) can view an activity entry''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, project_admin=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create(name='An Activity', description='A new activity entry', contributor=janedoe_contrib, project=project1, minutes=60) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('description', data) self.assertIn('contributor', data) self.assertIn('project', data) self.assertIn('start', data) self.assertIn('end', data) self.assertIn('minutes', data)
def test_view_activity_entry_by_non_contributor_fails(self): '''Tests that a activity entry cannot be viewed by a user who is not a project contributor for that entry's project''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_viewer=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create(name='An Activity', description='A new activity entry', contributor=janedoe_contrib, project=project1, minutes=60) robin_client = APIClient() authenticate_jwt(robin_creds, robin_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) response = robin_client.get(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('description', data) self.assertNotIn('contributor', data) self.assertNotIn('project', data) self.assertNotIn('start', data) self.assertNotIn('end', data) self.assertNotIn('minutes', data)
def test_login_incorrect_password_fail(self): creds = admin_creds.to_dict() creds['password'] = '******' response = authenticate_jwt(creds, self.client) self.assertEqual(status.HTTP_400_BAD_REQUEST, response.status_code) data = response.data self.assertNotIn('access_token', data) self.assertNotIn('refresh_token', data)
def test_list_organization_with_admin_user_succeeds(self): '''Tests that admin user (is_staff = True) can view organization listing''' client = APIClient() authenticate_jwt(admin_creds, client) url = reverse(self.create_list_view_name) payload = {'name': 'Org1', 'contact': self.johndoe_user.id} client.post(url, payload, format='json') payload2 = {'name': 'Org2', 'contact': self.janedoe_user.id} client.post(url, payload2, format='json') response = client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIsInstance(data, list) self.assertEqual(2, len(data))
def test_login_success(self): response = authenticate_jwt(admin_creds, self.client) self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('access_token', data) self.assertIn('refresh_token', data) self.assertIn('user', data) self.assertEqual(admin_creds.email, data['user']['email'])
def test_delete_by_admin_succeeds(self): '''Tests that an admin can delete / remove a member from a organization''' johndoe_org = create_organization('Org 1', self.johndoe_user) johndoe_org.members.add(self.batman_user) project1 = Project.objects.create(name='Org 1 Project 1', description='ABC ...', creator=self.johndoe_user, organization=johndoe_org) project2 = Project.objects.create(name='Org 1 Project 2', description='ABC ...', creator=self.johndoe_user, organization=johndoe_org) ProjectContributor.objects.create(user=self.batman_user, project=project1) ProjectContributor.objects.create(user=self.batman_user, project=project2) admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) url = reverse(self.delete_view_name, kwargs={ 'org_slug': johndoe_org.slug, 'pk': self.batman_user.id }) response = admin_client.delete(url, format='json') self.assertEqual(status.HTTP_204_NO_CONTENT, response.status_code) johndoe_org.refresh_from_db() with self.assertRaises(ObjectDoesNotExist): johndoe_org.members.get(id=self.batman_user.id) with self.assertRaises(ObjectDoesNotExist): ProjectContributor.objects.get(user=self.batman_user, project=project1) with self.assertRaises(ObjectDoesNotExist): ProjectContributor.objects.get(user=self.batman_user, project=project2)
def test_create_non_existant_user_contributor_by_project_admin_succeeds(self): '''Tests that a project admin (ProjectContributor.project_admin = True) can add a project contributor which does not match to an existing, user, to a project. - a new user should be created, - user added as a member to the project's organization, - user added as a project contributor and, - an email sent to them notfiying them they are now a project contributor along with their permissions''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'email': batman_creds.email, 'project': project1.id, 'project_admin': False, 'activity_viewer': False, 'activity_editor': True } response = johndoe_client.post(url, payload, format='json') self.assertEqual(status.HTTP_201_CREATED, response.status_code) data = response.data self.assertIn('user', data) self.assertIn('project', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) batman_user = UserModel.objects.get(email=batman_creds.email) self.assertEqual(batman_user.id, data['user']) self.assertEqual(payload['project'], data['project']) self.assertEqual(payload['project_admin'], data['project_admin']) self.assertEqual(payload['activity_viewer'], data['activity_viewer']) self.assertEqual(payload['activity_editor'], data['activity_editor'])
def test_update_contributor_by_same_contributor_fails(self): '''Tests that a project contributor can not delete their own project contributor instance''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, activity_editor=True) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) response = janedoe_client.delete(url, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) self.assertIsNotNone(ProjectContributor.objects.get(pk=pc.pk))
def test_list_organization_with_non_admin_user_fails(self): '''Tests that non admin user (is_staff = False) cannot view organization listing''' admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) url = reverse(self.create_list_view_name) payload = {'name': 'Org1', 'contact': self.johndoe_user.id} admin_client.post(url, payload, format='json') payload2 = {'name': 'Org2', 'contact': self.johndoe_user.id} admin_client.post(url, payload2, format='json') janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) response = janedoe_client.get(url, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertFalse(isinstance(data, list))