def test_listing_projects_by_project_contributor_limits_to_theirs_succeed( self): '''Tests listing projects by non-admin, project contributor is limited to only those that they are a contributor to''' org1 = create_organization('Org 1', self.johndoe_user) org2 = create_organization('Org 2', self.janedoe_user) p1 = create_project('Org 1 Project 1', description='p1', creator=self.johndoe_user, organization=org1) p2 = create_project('Org 1 Project 2', description='p2', creator=self.johndoe_user, organization=org1) p3 = create_project('Org 2 Project 1', description='p3', creator=self.janedoe_user, organization=org2) url = reverse(self.project_list_view_name) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) response = johndoe_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(2, len(response.data)) # make sure project p3 is not in list returned self.assertEquals(0, len([p for p in response.data if p['id'] == p3.id]))
def test_list_projects_admin_succeed(self): '''Tests listing projects by admin returns all projects''' org1 = create_organization('Org 1', self.johndoe_user) org2 = create_organization('Org 2', self.janedoe_user) p1 = create_project('Org 1 Project 1', description='p1', creator=self.johndoe_user, organization=org1) p2 = create_project('Org 1 Project 2', description='p2', creator=self.johndoe_user, organization=org1) p3 = create_project('Org 2 Project 1', description='p3', creator=self.janedoe_user, organization=org2) url = reverse(self.project_list_view_name) admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) response = admin_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(3, len(response.data))
def test_listing_projects_by_non_project_contributor_returns_empty_list_succeeds( self): '''Tests that listing projects by non contributor returns empty list''' org1 = create_organization('Org 1', self.johndoe_user) org2 = create_organization('Org 2', self.janedoe_user) p1 = create_project('Org 1 Project 1', description='p1', creator=self.johndoe_user, organization=org1) p2 = create_project('Org 1 Project 2', description='p2', creator=self.johndoe_user, organization=org1) p3 = create_project('Org 2 Project 1', description='p3', creator=self.janedoe_user, organization=org2) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = url = reverse(self.project_list_view_name) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(0, len(response.data))
def test_view_contributor_by_same_contributor_succeeds(self): '''Tests that a project contributor can view their own project contributor details''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) response = janedoe_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('project', data) self.assertIn('user', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) self.assertEqual(pc.user.id, data['user']) self.assertEqual(pc.project.id, data['project']) self.assertEqual(pc.project_admin, data['project_admin']) self.assertEqual(pc.activity_viewer, data['activity_viewer']) self.assertEqual(pc.activity_editor, data['activity_editor'])
def test_update_activity_entry_by_activity_editor_succeeds(self): '''Tests that a activity entry can be updated by a user who is a activity_editor for that activity entry''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create( name='An Activity', description='An activity description', project=project1, contributor=janedoe_contrib, minutes=60) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) payload = { 'name': 'An Activity Update', 'description': 'Activity description updated', 'project': project1.id, 'contributor': janedoe_contrib.id, 'minutes': 120 } response = janedoe_client.put(url, payload, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('description', data) self.assertIn('contributor', data) self.assertIn('project', data) self.assertIn('start', data) self.assertIn('end', data) self.assertIn('minutes', data) self.assertEqual(payload['name'], data['name']) self.assertEqual(payload['description'], data['description']) self.assertEqual(payload['contributor'], data['contributor']) self.assertEqual(payload['project'], data['project']) self.assertEqual(payload['minutes'], data['minutes']) self.assertIsNone(data['start']) self.assertIsNone(data['end'])
def test_list_activity_entries_by_project_contributor_activity_editor_succeeds( self): '''Tests that a project contributor with activity_editor but, activity_viewer = False and project_admin = False can only view their activity entries for that project''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) robin_contrib = ProjectContributor.objects.create(user=robin_user, project=project1, activity_viewer=True) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ActivityEntry.objects.create( name='Test Contributors API', description='Write tests to test project contributors API', contributor=janedoe_contrib, project=project1, minutes=180) ActivityEntry.objects.create( name='Test Activities API', description='Write tests to test activities API', contributor=janedoe_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj1_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj2_contrib, project=project2, minutes=300) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) self.assertEqual(1, len(response.data))
def test_list_activity_entries_by_non_project_contributor_fails(self): '''Tests that a project's activity entries cannot be viewed by a user who is not a project contributor''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ActivityEntry.objects.create( name='Test Contributors API', description='Write tests to test project contributors API', contributor=janedoe_contrib, project=project1, minutes=180) ActivityEntry.objects.create( name='Test Activities API', description='Write tests to test activities API', contributor=janedoe_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj1_contrib, project=project1, minutes=300) ActivityEntry.objects.create( name='Test Projects API', description='Write tests to test projects API', contributor=batman_proj2_contrib, project=project2, minutes=300) robin_client = APIClient() authenticate_jwt(robin_creds, robin_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) response = robin_client.get(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)
def test_create_activity_entry_by_activity_editor_succeeds(self): '''Tests that a project contributor with activity_editor = True can create a activity entry for the project''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) johndoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_viewer=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'name': 'An Activity', 'description': 'Activity description', 'contributor': batman_proj1_contrib.id, 'project': project1.id, 'minutes': 60 } response = batman_client.post(url, payload, format='json') self.assertEqual(status.HTTP_201_CREATED, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('description', data) self.assertIn('contributor', data) self.assertIn('project', data) self.assertIn('start', data) self.assertIn('end', data) self.assertIn('minutes', data) self.assertEquals(payload['name'], data['name']) self.assertEquals(payload['description'], data['description']) self.assertEquals(payload['contributor'], data['contributor']) self.assertEquals(payload['project'], data['project']) self.assertIsNone(data['start']) self.assertIsNone(data['end']) self.assertEquals(payload['minutes'], data['minutes'])
def test_create_existing_user_but_non_org_member_by_non_admin_fails(self): '''Tests that a existing user cannot be added to as a Project Contributor by a regular non-admin user''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'email': self.janedoe_user.email, 'project': project1.id, 'project_admin': False, 'activity_viewer': False, 'activity_editor': True } response = janedoe_client.post(url, payload, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code) data = response.data self.assertNotIn('user', data) self.assertNotIn('project', data) self.assertNotIn('project_admin', data) self.assertNotIn('activity_viewer', data) self.assertNotIn('activity_editor', data)
def test_update_project_with_non_admin_non_org_contact_fails(self): '''Tests that a project cannot be updated by non-admin and non-org-contact''' org = create_organization('Org 1', self.johndoe_user) project = create_project('Org 1 Project 1', 'A new project for exercising awesomeness', self.johndoe_user, org) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) payload = { 'name': 'Org 1 Project 1 Update', 'description': 'An updated description' } url = reverse(self.project_detail_view_name, kwargs={ 'org_slug': org.slug, 'project_slug': project.slug }) response = janedoe_client.put(url, payload, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('slug', data) self.assertNotIn('description', data) self.assertNotIn('created_at', data) self.assertNotIn('updated_at', data) self.assertNotIn('creator', data) self.assertNotIn('organization', data)
def test_view_project_with_org_contact_succeeds(self): '''Tests that the organization contact can view project''' org = create_organization('Org 1', self.johndoe_user) project = create_project('Org 1 Project 1', 'A new project for exercising awesomeness', self.admin_user, org) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) url = reverse(self.project_detail_view_name, kwargs={ 'org_slug': org.slug, 'project_slug': project.slug }) response = johndoe_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('slug', data) self.assertIn('description', data) self.assertIn('created_at', data) self.assertIn('updated_at', data) self.assertIn('creator', data) self.assertIn('organization', data) self.assertEqual(project.name, data['name']) self.assertEqual(project.description, data['description']) self.assertEqual(project.slug, data['slug']) self.assertEqual(project.creator.id, data['creator']) self.assertEqual(project.organization.id, data['organization'])
def test_create_activity_entry_by_non_contributor_fails(self): '''Tests that a activity entry cannot be created by a non project contributor''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) ProjectContributor.objects.create(user=self.janedoe_user, project=project1, activity_viewer=True) ProjectContributor.objects.create(user=self.batman_user, project=project1, activity_editor=True) ProjectContributor.objects.create(user=self.batman_user, project=project2, activity_editor=True) robin_client = APIClient() authenticate_jwt(robin_creds, robin_client) url = reverse(self.create_list_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'name': 'An Activity', 'description': 'Activity description', 'project': project1.id, 'minutes': 60 } response = robin_client.post(url, payload, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('description', data) self.assertNotIn('contributor', data) self.assertNotIn('project', data) self.assertNotIn('start', data) self.assertNotIn('end', data) self.assertNotIn('minutes', data)
def test_list_contributors_by_non_project_admin_non_fails(self): '''Tests that a non-admin / non-project-admin cannot list project contributors''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) batman_user = batman_creds.create_user(is_active=True) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)
def test_view_activity_entry_by_project_admin_succeeds(self): '''Tests that a project admin (ProjectContributor.project_admin = True) can view an activity entry''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, project_admin=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create(name='An Activity', description='A new activity entry', contributor=janedoe_contrib, project=project1, minutes=60) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('description', data) self.assertIn('contributor', data) self.assertIn('project', data) self.assertIn('start', data) self.assertIn('end', data) self.assertIn('minutes', data)
def test_view_activity_entry_by_non_contributor_fails(self): '''Tests that a activity entry cannot be viewed by a user who is not a project contributor for that entry's project''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_viewer=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create(name='An Activity', description='A new activity entry', contributor=janedoe_contrib, project=project1, minutes=60) robin_client = APIClient() authenticate_jwt(robin_creds, robin_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) response = robin_client.get(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code) data = response.data self.assertNotIn('name', data) self.assertNotIn('description', data) self.assertNotIn('contributor', data) self.assertNotIn('project', data) self.assertNotIn('start', data) self.assertNotIn('end', data) self.assertNotIn('minutes', data)
def test_update_contributor_by_same_contributor_fails(self): '''Tests that a project contributor can not delete their own project contributor instance''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, activity_editor=True) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) response = janedoe_client.delete(url, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) self.assertIsNotNone(ProjectContributor.objects.get(pk=pc.pk))
def test_update_contributor_nonexisting_by_project_admin_succeeds(self): '''Tests that a project admin (ProjectContributor.project_admin = True) can update contributor details''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) payload = { 'email': batman_creds.email, 'project': project1.id, 'project_admin': True, 'activity_viewer': False, 'activity_editor': False } response = janedoe_client.put(url, payload, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('project', data) self.assertIn('user', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) batman_user = UserModel.objects.get(email=batman_creds.email) self.assertEqual(batman_user.id, data['user']) self.assertEqual(payload['project'], data['project']) self.assertEqual(payload['project_admin'], data['project_admin']) self.assertEqual(payload['activity_viewer'], data['activity_viewer']) self.assertEqual(payload['activity_viewer'], data['activity_editor'])
def test_update_contributor_by_non_admin_diff_user_fails(self): '''Tests that a project contributor's details are not updatable by non-admin / non-project-admin user who is different from the contributor being requested''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, activity_editor=True) batman_user = batman_creds.create_user(is_active=True) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) payload = { 'email': self.janedoe_user.email, 'project': project1.id, 'project_admin': True, 'activity_viewer': False, 'activity_editor': False } response = janedoe_client.put(url, payload, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertIn('project', data) self.assertIn('user', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) self.assertEqual(pc.user.id, data['user']) self.assertEqual(pc.project.id, data['project']) self.assertEqual(pc.project_admin, data['project_admin']) self.assertEqual(pc.activity_viewer, data['activity_viewer']) self.assertEqual(pc.activity_editor, data['activity_editor'])
def test_list_contributors_by_admin_succeeds(self): '''Tests that an admin (User.is_staff) can list all contributors to a project''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) response = admin_client.get(url, format='json') self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIsInstance(data, list) self.assertEqual(2, len(data))
def test_view_contributor_by_non_admin_diff_user_fails(self): '''Tests that a project contributor's details are not viewable by non-admin / non-project-admin user who is different from the contributor being requested''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) batman_user = batman_creds.create_user(is_active=True) batman_client = APIClient() authenticate_jwt(batman_creds, batman_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) response = batman_client.get(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code)
def test_delete_contributor_by_admin_succeeds(self): '''Tests that a admin (User.is_staff = True) can delete a contributor''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, project_admin=True) admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) response = admin_client.delete(url, format='json') self.assertEqual(status.HTTP_204_NO_CONTENT, response.status_code) with self.assertRaises(ProjectContributor.DoesNotExist): ProjectContributor.objects.get(pk=pc.pk)
def test_update_contributor_by_same_contributor_fails(self): '''Tests that a project contributor can not update their own project contributor details''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) pc = ProjectContributor.objects.create(user=self.janedoe_user, project=project1, activity_editor=True) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'pk': pc.pk }) payload = { 'email': self.janedoe_user.email, 'project': project1.id, 'project_admin': True, 'activity_viewer': False, 'activity_editor': False } response = janedoe_client.put(url, payload, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) data = response.data self.assertIn('project', data) self.assertIn('user', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) self.assertEqual(pc.user.id, data['user']) self.assertEqual(pc.project.id, data['project']) self.assertEqual(pc.project_admin, data['project_admin']) self.assertEqual(pc.activity_viewer, data['activity_viewer']) self.assertEqual(pc.activity_editor, data['activity_editor'])
def test_delete_activity_entry_by_activity_editor_succeeds(self): '''Tests that a activity entry can be deleted by a project contributor who is an activity editor for that activity entry''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_editor=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create( name='An Activity', description='An activity description', project=project1, contributor=janedoe_contrib, minutes=60) janedoe_client = APIClient() authenticate_jwt(janedoe_creds, janedoe_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) response = janedoe_client.delete(url, format='json') self.assertEqual(status.HTTP_204_NO_CONTENT, response.status_code) with self.assertRaises(ActivityEntry.DoesNotExist): ActivityEntry.objects.get(pk=ae.pk)
def test_delete_activity_entry_by_non_contributor_fails(self): '''Tests that a activity entry cannot be deleted by a non-project-contributor''' robin_user = robin_creds.create_user(is_active=True) org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) project2 = create_project('Org 1 Project 2', 'abc', self.johndoe_user, org1) janedoe_contrib = ProjectContributor.objects.create( user=self.janedoe_user, project=project1, activity_editor=True) batman_proj1_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project1, activity_viewer=True) batman_proj2_contrib = ProjectContributor.objects.create( user=self.batman_user, project=project2, activity_editor=True) ae = ActivityEntry.objects.create( name='An Activity', description='An activity description', project=project1, contributor=janedoe_contrib, minutes=60) robin_client = APIClient() authenticate_jwt(robin_creds, robin_client) url = reverse(self.detail_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug, 'activity_slug': ae.slug }) response = robin_client.delete(url, format='json') self.assertEqual(status.HTTP_404_NOT_FOUND, response.status_code) self.assertIsNotNone(ActivityEntry.objects.get(pk=ae.pk))
def test_create_non_existant_user_contributor_by_project_admin_succeeds(self): '''Tests that a project admin (ProjectContributor.project_admin = True) can add a project contributor which does not match to an existing, user, to a project. - a new user should be created, - user added as a member to the project's organization, - user added as a project contributor and, - an email sent to them notfiying them they are now a project contributor along with their permissions''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'email': batman_creds.email, 'project': project1.id, 'project_admin': False, 'activity_viewer': False, 'activity_editor': True } response = johndoe_client.post(url, payload, format='json') self.assertEqual(status.HTTP_201_CREATED, response.status_code) data = response.data self.assertIn('user', data) self.assertIn('project', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) batman_user = UserModel.objects.get(email=batman_creds.email) self.assertEqual(batman_user.id, data['user']) self.assertEqual(payload['project'], data['project']) self.assertEqual(payload['project_admin'], data['project_admin']) self.assertEqual(payload['activity_viewer'], data['activity_viewer']) self.assertEqual(payload['activity_editor'], data['activity_editor'])
def test_create_existing_user_and_org_member_by_project_admin_succeeds(self): '''Tests that an existing user who is a member or the Project's organization can be added as a project contributor by project admin (ProjectContributor.project_admin = True) - user added as member to the project's organization - user added as a project contributor - email send to user notifying them they are now a project contributor along with their permissions''' org1 = create_organization('Org 1', self.johndoe_user) project1 = create_project('Org 1 Project 1', 'abc', self.johndoe_user, org1) org1.members.add(self.janedoe_user) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) url = reverse(self.list_create_view_name, kwargs={ 'org_slug': org1.slug, 'project_slug': project1.slug }) payload = { 'email': self.janedoe_user.email, 'project': project1.id, 'project_admin': False, 'activity_viewer': False, 'activity_editor': True } response = johndoe_client.post(url, payload, format='json') self.assertEqual(status.HTTP_201_CREATED, response.status_code) data = response.data self.assertIn('user', data) self.assertIn('project', data) self.assertIn('project_admin', data) self.assertIn('activity_viewer', data) self.assertIn('activity_editor', data) self.assertEqual(self.janedoe_user.id, data['user']) self.assertEqual(payload['project'], data['project']) self.assertEqual(payload['project_admin'], data['project_admin']) self.assertEqual(payload['activity_viewer'], data['activity_viewer']) self.assertEqual(payload['activity_editor'], data['activity_editor'])
def test_delete_project_with_non_admin_fails(self): '''Tests that a project can only be deleted by an admin''' org = create_organization('Org 1', self.johndoe_user) project = create_project('Org 1 Project 1', 'A new project for exercising awesomeness', self.johndoe_user, org) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) slug = project.slug url = reverse(self.project_detail_view_name, kwargs={ 'org_slug': org.slug, 'project_slug': project.slug }) response = johndoe_client.delete(url, format='json') self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code) self.assertIsNotNone(Project.objects.get(slug=slug))
def test_delete_project_with_admin_succeeds(self): '''Tests that an admin can delete a project''' org = create_organization('Org 1', self.johndoe_user) project = create_project('Org 1 Project 1', 'A new project for exercising awesomeness', self.johndoe_user, org) admin_client = APIClient() authenticate_jwt(admin_creds, admin_client) slug = project.slug url = reverse(self.project_detail_view_name, kwargs={ 'org_slug': org.slug, 'project_slug': project.slug }) response = admin_client.delete(url, format='json') self.assertEqual(status.HTTP_204_NO_CONTENT, response.status_code) with self.assertRaises(ObjectDoesNotExist): Project.objects.get(slug=slug)
def test_update_project_with_org_contact_succeeds(self): '''Tests that an org contact can update an project belonging to their org''' org = create_organization('Org 1', self.johndoe_user) project = create_project('Org 1 Project 1', 'A new project for exercising awesomeness', self.admin_user, org) johndoe_client = APIClient() authenticate_jwt(johndoe_creds, johndoe_client) payload = { 'name': 'Org 1 Project 1 Update', 'description': 'An updated description' } url = reverse(self.project_detail_view_name, kwargs={ 'org_slug': org.slug, 'project_slug': project.slug }) response = johndoe_client.put(url, payload, format='json') project.refresh_from_db() self.assertEqual(status.HTTP_200_OK, response.status_code) data = response.data self.assertIn('name', data) self.assertIn('slug', data) self.assertIn('description', data) self.assertIn('created_at', data) self.assertIn('updated_at', data) self.assertIn('creator', data) self.assertIn('organization', data) self.assertEqual(project.name, data['name']) self.assertEqual(project.description, data['description']) self.assertEqual(project.slug, data['slug']) self.assertEqual(project.creator.id, data['creator']) self.assertEqual(project.organization.id, data['organization'])