Пример #1
0
    def setUp(self):
        super().setUp()

        self.report_summary = self.create_picklist_item(
            "Report Summary", self.team, PicklistType.REPORT_SUMMARY,
            PickListStatus.ACTIVE)

        self.good_1 = GoodFactory(
            organisation=self.organisation,
            flags=[FlagFactory(level=FlagLevels.GOOD, team=self.team)])
        self.good_2 = GoodFactory(organisation=self.organisation)

        role = Role(name="review_goods")
        role.permissions.set([constants.GovPermissions.REVIEW_GOODS.name])
        role.save()
        self.gov_user.role = role
        self.gov_user.save()

        self.application = self.create_draft_standard_application(
            organisation=self.organisation)
        self.good_on_application_1 = GoodOnApplication.objects.create(
            good=self.good_1,
            application=self.application,
            quantity=10,
            unit=Units.NAR,
            value=500)
        self.good_on_application_2 = GoodOnApplication.objects.create(
            good=self.good_2,
            application=self.application,
            quantity=10,
            unit=Units.NAR,
            value=500)
        self.case = self.submit_application(self.application)
        self.url = reverse_lazy("goods:control_list_entries",
                                kwargs={"case_pk": self.case.id})
Пример #2
0
    def test_change_role_of_a_gov_user(self):
        self.gov_user.role = self.default_role
        self.gov_user.save()

        # create a second user to adopt the super user role as it will overwrite the save during the edit of the first user
        valid_user = GovUserFactory(
            baseuser_ptr__email="*****@*****.**",
            baseuser_ptr__first_name="John",
            baseuser_ptr__last_name="Smith",
            team=self.team,
        )
        valid_user.save()

        role = Role(name="some role")
        role.permissions.set(
            [constants.GovPermissions.MANAGE_LICENCE_FINAL_ADVICE.name])
        role.save()
        data = {"role": role.id}
        url = reverse("gov_users:gov_user", kwargs={"pk": self.gov_user.pk})

        response = self.client.put(url, data, **self.gov_headers)
        response_data = response.json()

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response_data["gov_user"]["role"], str(role.id))
    def setUp(self):
        super().setUp()
        self.standard_application = self.create_draft_standard_application(
            self.organisation)
        self.good = self.standard_application.goods.first().good
        self.standard_case = self.submit_application(self.standard_application)

        team_2 = Team(name="2")
        team_3 = Team(name="3")

        team_2.save()
        team_3.save()

        role = Role(name="team_level")
        role.permissions.set([
            constants.GovPermissions.MANAGE_LICENCE_FINAL_ADVICE.name,
            constants.GovPermissions.MANAGE_TEAM_ADVICE.name,
            constants.GovPermissions.MANAGE_TEAM_CONFIRM_OWN_ADVICE.name,
            constants.GovPermissions.MANAGE_LICENCE_FINAL_ADVICE.name,
            constants.GovPermissions.MANAGE_TEAM_ADVICE.name,
        ])
        role.save()

        self.gov_user.role = role
        self.gov_user.save()

        self.gov_user_2 = GovUserFactory(baseuser_ptr__email="*****@*****.**",
                                         team=team_2,
                                         role=role)
        self.gov_user_3 = GovUserFactory(baseuser_ptr__email="*****@*****.**",
                                         team=team_3,
                                         role=role)

        self.standard_case_url = reverse("cases:case_final_advice",
                                         kwargs={"pk": self.standard_case.id})
Пример #4
0
    def test_get_list_of_all_roles_as_super_user(self):
        self.gov_user.role = self.super_user_role
        self.gov_user.save()
        role = Role(name="some")
        role.permissions.set([constants.GovPermissions.MANAGE_LICENCE_FINAL_ADVICE.name])
        role.save()
        initial_roles_count = Role.objects.filter(type=UserType.INTERNAL).count()

        response = self.client.get(self.url, **self.gov_headers)
        response_data = response.json()

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response_data["roles"]), initial_roles_count)
    def setUp(self):
        super().setUp()

        self.standard_application = self.create_draft_standard_application(self.organisation)
        self.standard_case = self.submit_application(self.standard_application)

        role = Role(name="team_level")
        role.permissions.set([constants.GovPermissions.MANAGE_TEAM_CONFIRM_OWN_ADVICE.name])
        role.save()

        self.gov_user.role = role
        self.gov_user.save()

        self.url = reverse("cases:team_advice", kwargs={"pk": self.standard_case.id})
Пример #6
0
    def test_cannot_change_another_users_role_to_one_the_request_user_does_not_have_access_to(
            self):
        user_role = Role(name="new role", organisation=self.organisation)
        user_role.permissions.set(
            [constants.ExporterPermissions.ADMINISTER_USERS.name])
        user_role.save()
        second_user_role = Role(name="new role",
                                organisation=self.organisation)
        second_user_role.permissions.set([
            constants.ExporterPermissions.ADMINISTER_USERS.name,
            constants.ExporterPermissions.ADMINISTER_SITES.name
        ])
        second_user_role.save()
        self.exporter_user.set_role(self.organisation, user_role)
        second_user = self.create_exporter_user(self.organisation)

        response = self.client.put(
            reverse(
                "organisations:user",
                kwargs={
                    "org_pk": self.organisation.id,
                    "user_pk": second_user.pk
                },
            ),
            data={"role": str(second_user_role.id)},
            **self.exporter_headers,
        )

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
        self.assertNotEqual(second_user.get_role(self.organisation),
                            second_user_role)
Пример #7
0
    def test_user_can_only_see_permissions_user_already_has_in_current_role(self, permissions):
        user_role = Role(name="new role")
        user_role.permissions.set(permissions)
        user_role.save()
        self.gov_user.role = user_role
        self.gov_user.save()
        url = reverse("gov_users:permissions")

        response = self.client.get(url, **self.gov_headers)
        response_data = response.json()["permissions"]

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response_data), len(permissions))
        for permission in permissions:
            self.assertIn(permission, [p["id"] for p in response_data])
Пример #8
0
    def test_only_see_permissions_user_already_has(self, permissions):
        user_role = Role(name="new role", organisation=self.organisation)
        user_role.permissions.set(permissions)
        user_role.save()
        self.exporter_user.set_role(self.organisation, user_role)

        url = reverse("organisations:permissions")

        response = self.client.get(url, **self.exporter_headers)
        response_data = response.json()["permissions"]

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response_data), len(permissions))
        for permission in permissions:
            self.assertIn(permission, [p["id"] for p in response_data])
Пример #9
0
    def test_cannot_edit_role_without_permission(self):
        role = Role(name="some",
                    organisation=self.organisation,
                    type=UserType.EXPORTER)
        role.save()
        url = reverse("organisations:role",
                      kwargs={
                          "org_pk": self.organisation.id,
                          "pk": role.id
                      })

        data = {"permissions": [ExporterPermissions.ADMINISTER_USERS.name]}

        response = self.client.put(url, data, **self.exporter_headers)

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
        self.assertEqual(
            Role.objects.get(id=role.id).permissions.values().count(), 0)
Пример #10
0
    def test_role_name_must_be_unique(self, data):
        self.gov_user.role = self.super_user_role
        self.gov_user.save()
        Role(name="this is a name").save()
        initial_roles_count = Role.objects.count()

        response = self.client.post(self.url, data, **self.gov_headers)

        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
        self.assertEqual(Role.objects.all().count(), initial_roles_count)
Пример #11
0
    def test_goods_flag_before_and_after_reviewing_good(self):
        """Tests applying of flagging rule with a matching group and excluding entry.
        Reviews the good and updates the entry to match with excluding entry and ensures that
        the flag is now cleared after review.
        """
        flag = self.create_flag(name="good flag", level=FlagLevels.GOOD, team=self.team)
        case = self.create_mod_clearance_application(self.organisation, CaseTypeEnum.EXHIBITION)
        self.submit_application(case)
        good = GoodOnApplication.objects.filter(application_id=case.id).first().good

        good.control_list_entries.set(ControlListEntry.objects.filter(rating="ML8a"))
        good.save()
        self.create_flagging_rule(
            level=FlagLevels.GOOD,
            team=self.team,
            flag=flag,
            matching_values=[],
            matching_groups=["ML8"],
            excluded_values=["ML8b"],
        )

        apply_flagging_rules_to_case(case)
        self.assertEqual(good.flags.count(), 1)

        role = Role(name="review_goods")
        role.permissions.set([constants.GovPermissions.REVIEW_GOODS.name])
        role.save()
        self.gov_user.role = role
        self.gov_user.save()

        self.url = reverse_lazy("goods:control_list_entries", kwargs={"case_pk": case.id})
        data = {
            "objects": [good.id],
            "comment": "Update rating to match with flag excluded value",
            "report_summary": "test report summary",
            "control_list_entries": ["ML8b"],
            "is_good_controlled": True,
        }

        response = self.client.post(self.url, data, **self.gov_headers)
        self.assertEquals(response.status_code, status.HTTP_200_OK)
        self.assertEqual(good.flags.count(), 0)
Пример #12
0
    def test_get_list_of_all_roles_as_exporter_super_user(self):
        self.exporter_user.set_role(self.organisation,
                                    self.exporter_super_user_role)
        initial_roles_count = Role.objects.filter(
            type=UserType.EXPORTER).count()

        url = reverse("organisations:roles_views",
                      kwargs={"org_pk": self.organisation.id})

        role = Role(name="some",
                    organisation=self.organisation,
                    type=UserType.EXPORTER)
        role.save()

        response = self.client.get(url, **self.exporter_headers)
        response_data = response.json()

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response_data["results"]),
                         initial_roles_count + 1)
Пример #13
0
    def test_role_name_must_be_unique(self, data):
        self.exporter_user.set_role(self.organisation,
                                    self.exporter_super_user_role)
        Role(name="this is a name", organisation=self.organisation).save()
        initial_roles_count = Role.objects.count()

        url = reverse("organisations:roles_views",
                      kwargs={"org_pk": self.organisation.id})
        response = self.client.post(url, data, **self.exporter_headers)

        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
        self.assertEqual(Role.objects.all().count(), initial_roles_count)
Пример #14
0
    def test_edit_a_role(self):
        self.exporter_user.set_role(self.organisation,
                                    self.exporter_super_user_role)
        role = Role(name="some",
                    organisation=self.organisation,
                    type=UserType.EXPORTER)
        role.save()
        url = reverse("organisations:role",
                      kwargs={
                          "org_pk": self.organisation.id,
                          "pk": role.id
                      })

        data = {"permissions": [ExporterPermissions.ADMINISTER_USERS.name]}

        response = self.client.put(url, data, **self.exporter_headers)

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(
            ExporterPermissions.ADMINISTER_USERS.name in Role.objects.get(
                id=role.id).permissions.values_list("id", flat=True))
Пример #15
0
    def setUp(self):
        super().setUp()

        self.query = self.create_pv_grading_query("This is a widget",
                                                  self.organisation)

        role = Role(name="review_goods")
        role.permissions.set(
            [constants.GovPermissions.RESPOND_PV_GRADING.name])
        role.save()
        self.gov_user.role = role
        self.gov_user.save()

        self.url = reverse("queries:goods_queries:pv_grading_query_response",
                           kwargs={"pk": self.query.pk})

        self.data = {
            "prefix": "abc",
            "grading": PvGrading.UK_SECRET,
            "suffix": "123",
            "comment": "the good is graded",
        }
Пример #16
0
    def setUp(self):
        super().setUp()

        self.report_summary = self.create_picklist_item(
            "Report Summary", self.team, PicklistType.REPORT_SUMMARY,
            PickListStatus.ACTIVE)

        role = Role(name="review_goods")
        role.permissions.set([constants.GovPermissions.REVIEW_GOODS.name])
        role.save()
        self.gov_user.role = role
        self.gov_user.save()

        self.application = self.create_draft_open_application(
            organisation=self.organisation)

        self.good_1 = GoodsTypeFactory(application=self.application)
        self.good_1.flags.add(self.create_flag("New Flag", "Good", self.team))
        self.good_2 = GoodsTypeFactory(application=self.application)

        self.case = self.submit_application(self.application)
        self.url = reverse_lazy("goods:control_list_entries",
                                kwargs={"case_pk": self.case.id})
Пример #17
0
    def setUp(self):
        super().setUp()
        self.report_summary = self.create_picklist_item(
            "Report Summary", self.team, PicklistType.REPORT_SUMMARY,
            PickListStatus.ACTIVE)

        self.query = self.create_clc_query("This is a widget",
                                           self.organisation)

        role = Role(name="review_goods")
        role.permissions.set([constants.GovPermissions.REVIEW_GOODS.name])
        role.save()
        self.gov_user.role = role
        self.gov_user.save()

        self.url = reverse("queries:goods_queries:clc_query_response",
                           kwargs={"pk": self.query.pk})

        self.data = {
            "comment": "I Am Easy to Find",
            "report_summary": self.report_summary.pk,
            "control_list_entries": ["ML1a"],
            "is_good_controlled": "yes",
        }
Пример #18
0
    def setUp(self):
        super().setUp()

        role = Role(name="review_goods")
        role.permissions.set([
            constants.GovPermissions.REVIEW_GOODS.name,
            constants.GovPermissions.RESPOND_PV_GRADING.name
        ])
        role.save()
        self.gov_user.role = role
        self.gov_user.save()

        self.report_summary = self.create_picklist_item(
            "Report Summary", self.team, PicklistType.REPORT_SUMMARY,
            PickListStatus.ACTIVE)

        self.pv_graded_and_controlled_good = self.create_good(
            description="This is a good",
            organisation=self.organisation,
            is_good_controlled=None,
            is_pv_graded=GoodPvGraded.GRADING_REQUIRED,
        )

        self.clc_and_pv_query = GoodsQuery.objects.create(
            clc_raised_reasons="some clc reasons",
            pv_grading_raised_reasons="some pv reasons",
            good=self.pv_graded_and_controlled_good,
            organisation=self.organisation,
            case_type_id=CaseTypeEnum.GOODS.id,
            status=get_starting_status(is_clc_required=True),
        )
        self.clc_and_pv_query.flags.set([
            Flag.objects.get(id=SystemFlags.GOOD_CLC_QUERY_ID),
            Flag.objects.get(id=SystemFlags.GOOD_PV_GRADING_QUERY_ID),
        ])
        self.clc_and_pv_query.save()
Пример #19
0
    def test_cannot_change_own_role(self):
        user_role = Role(name="new role", organisation=self.organisation)
        user_role.permissions.set(
            [constants.ExporterPermissions.ADMINISTER_USERS.name])
        user_role.save()
        self.exporter_user.set_role(self.organisation, user_role)

        response = self.client.put(
            reverse(
                "organisations:user",
                kwargs={
                    "org_pk": self.organisation.id,
                    "user_pk": self.exporter_user.pk
                },
            ),
            data={"role": str(constants.Roles.EXPORTER_DEFAULT_ROLE_ID)},
            **self.exporter_headers,
        )

        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
        self.assertNotEqual(
            self.exporter_user.get_role(self.organisation),
            Role.objects.get(id=constants.Roles.EXPORTER_DEFAULT_ROLE_ID),
        )
Пример #20
0
    def test_role_name_not_have_to_be_unique_different_organisations(self):
        self.exporter_user.set_role(self.organisation,
                                    self.exporter_super_user_role)
        org, _ = self.create_organisation_with_exporter_user()
        role_name = "duplicate name"
        Role(name=role_name, organisation=org, type=UserType.EXPORTER).save()

        data = {"name": role_name, "permissions": []}

        url = reverse("organisations:roles_views",
                      kwargs={"org_pk": self.organisation.id})
        response = self.client.post(url, data, **self.exporter_headers)

        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
        self.assertEqual(Role.objects.filter(name=role_name).count(), 2)
Пример #21
0
    def test_can_change_another_users_role_to_newly_created_role(self):
        user_role = Role(name="new role one",
                         organisation=self.organisation,
                         type=UserType.EXPORTER)
        user_role.permissions.set(
            [constants.ExporterPermissions.ADMINISTER_USERS.name])
        user_role.save()

        second_user_role = Role(name="new role two",
                                organisation=self.organisation,
                                type=UserType.EXPORTER)
        second_user_role.save()

        self.exporter_user.set_role(self.organisation, user_role)
        second_user = self.create_exporter_user(self.organisation)

        response = self.client.put(
            reverse(
                "organisations:user",
                kwargs={
                    "org_pk": self.organisation.id,
                    "user_pk": second_user.pk
                },
            ),
            data={"role": second_user_role.id},
            **self.exporter_headers,
        )

        response_body = response.json()
        second_user.refresh_from_db()

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertNotEqual(second_user.get_role(self.organisation), user_role)
        self.assertEqual(response_body["user_relationship"]["role"],
                         str(second_user_role.id))
        self.assertEqual(response_body["user_relationship"]["status"]["key"],
                         "Active")
        self.assertEqual(response_body["user_relationship"]["status"]["value"],
                         "Active")
Пример #22
0
              paid=False,
              date=date(2019, 10, 15),
              amount=10000)
bill3 = Bills(bill_number="102",
              client=client2,
              cashier="Cashier 1",
              paid=False,
              date=date(2019, 10, 15),
              amount=10000)

db_session.add(bill1)
db_session.add(bill2)
db_session.add(bill3)
db_session.commit()

role1 = Role(name="admin", description="Administration Privileges")
role2 = Role(name="user", description="User Privileges")

db_session.add(role1)
db_session.add(role2)
db_session.commit()

user1 = User(
    email="*****@*****.**",
    username="******",
    password="******")
user2 = User(
    email="*****@*****.**",
    username="******",
    password="******")
Пример #23
0
    def test_only_see_roles_user_has_all_permissions_for_1_permission(self):
        permissions = [constants.ExporterPermissions.ADMINISTER_USERS.name]
        user_role = Role(name="new role", organisation=self.organisation)
        user_role.permissions.set(permissions)
        user_role.save()
        self.exporter_user.set_role(self.organisation, user_role)
        url = reverse("organisations:roles_views",
                      kwargs={"org_pk": self.organisation.id})

        # Create a new role, each with a singular different permission
        for permission in Permission.exporter.all():
            role = Role(name=str(permission.id),
                        organisation=self.organisation)
            role.permissions.set([permission.id])
            role.save()

        second_role = Role(name="multi permission role",
                           organisation=self.organisation)
        second_role.permissions.set([
            constants.ExporterPermissions.ADMINISTER_USERS.name,
            constants.ExporterPermissions.ADMINISTER_SITES.name,
            constants.ExporterPermissions.EXPORTER_ADMINISTER_ROLES.name,
        ])
        second_role.save()

        response = self.client.get(url, **self.exporter_headers)
        response_data = response.json()["results"]

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response_data), 3)
        self.assertIn(
            str(
                Role.objects.get(name=constants.ExporterPermissions.
                                 ADMINISTER_USERS.name).id),
            str(response_data))
Пример #24
0
    def test_only_roles_that_a_user_sees_are_roles_with_a_subset_of_the_permissions_of_the_users_own_role_min(self):
        permissions = [constants.GovPermissions.MANAGE_TEAM_ADVICE.name]
        user_role = Role(name="new role")
        user_role.permissions.set(permissions)
        user_role.save()
        self.gov_user.role = user_role
        self.gov_user.save()

        # Create a new role, each with a singular different permission
        for permission in Permission.internal.all():
            role = Role(name=str(permission.id))
            role.permissions.set([permission.id])
            role.save()
        second_role = Role(name="multi permission role")
        second_role.permissions.set(
            [
                constants.GovPermissions.MANAGE_TEAM_ADVICE.name,
                constants.GovPermissions.MANAGE_LICENCE_FINAL_ADVICE.name,
                constants.GovPermissions.REVIEW_GOODS.name,
            ]
        )
        second_role.save()

        response = self.client.get(self.url, **self.gov_headers)
        response_data = response.json()["roles"]

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response_data), 3)
        self.assertIn(
            str(Role.objects.get(name=constants.GovPermissions.MANAGE_TEAM_ADVICE.name).id), str(response_data)
        )
Пример #25
0
class CreateCaseTeamAdviceTests(DataTestClient):
    def setUp(self):
        super().setUp()

        self.standard_application = self.create_draft_standard_application(self.organisation)
        self.good = self.standard_application.goods.first().good
        self.standard_case = self.submit_application(self.standard_application)

        self.role = Role(name="team_level")
        self.role.permissions.set(
            [
                constants.GovPermissions.MANAGE_TEAM_ADVICE.name,
                constants.GovPermissions.MANAGE_TEAM_CONFIRM_OWN_ADVICE.name,
            ]
        )
        self.role.save()

        self.gov_user.role = self.role
        self.gov_user.save()

        self.gov_user_2 = GovUserFactory(baseuser_ptr__email="*****@*****.**", team=self.team, role=self.role)
        self.gov_user_3 = GovUserFactory(baseuser_ptr__email="*****@*****.**", team=self.team, role=self.role)

        self.open_application = self.create_draft_open_application(self.organisation)
        self.open_case = self.submit_application(self.open_application)

        self.standard_case_url = reverse("cases:team_advice", kwargs={"pk": self.standard_case.id})
        self.open_case_url = reverse("cases:team_advice", kwargs={"pk": self.open_case.id})

    def test_advice_is_concatenated_when_team_advice_first_created(self):
        """
        Team advice is created on first call
        """
        self.create_advice(self.gov_user, self.standard_case, "end_user", AdviceType.PROVISO, AdviceLevel.TEAM)
        self.create_advice(self.gov_user_2, self.standard_case, "end_user", AdviceType.PROVISO, AdviceLevel.TEAM)
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.NO_LICENCE_REQUIRED, AdviceLevel.TEAM)
        self.create_advice(
            self.gov_user_2, self.standard_case, "good", AdviceType.NO_LICENCE_REQUIRED, AdviceLevel.TEAM
        )

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"]

        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(len(response_data), 2)

        end_user, good = None, None
        for data in response_data:
            if data.get("end_user"):
                end_user = data.get("type").get("key")
            elif data.get("good"):
                good = data.get("type").get("key")

        self.assertEqual(end_user, AdviceType.PROVISO)
        self.assertEqual(good, AdviceType.NO_LICENCE_REQUIRED)

    def test_create_conflicting_team_advice_shows_all_fields(self):
        """
        The type should show conflicting if there are conflicting types in the advice on a single object
        """
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.NO_LICENCE_REQUIRED, AdviceLevel.USER)
        self.create_advice(self.gov_user_2, self.standard_case, "good", AdviceType.REFUSE, AdviceLevel.USER)
        self.create_advice(self.gov_user_3, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"][0]

        self.assertEqual(response_data.get("type").get("key"), "conflicting")
        self.assertEqual(response_data.get("proviso"), "I am easy to proviso")
        self.assertCountEqual(["1a", "1b", "1c"], response_data["denial_reasons"])

    # Normal restrictions on team advice items
    @parameterized.expand(
        [
            [AdviceType.APPROVE],
            [AdviceType.PROVISO],
            [AdviceType.REFUSE],
            [AdviceType.NO_LICENCE_REQUIRED],
            [AdviceType.NOT_APPLICABLE],
        ]
    )
    def test_create_end_user_case_team_advice(self, advice_type):
        """
        Tests that a gov user can create an approval/proviso/refuse/nlr/not_applicable
        piece of team level advice for an end user
        """
        data = {
            "text": "I Am Easy to Find",
            "note": "I Am Easy to Find",
            "type": advice_type,
            "end_user": str(self.standard_application.end_user.party.id),
        }

        if advice_type == AdviceType.PROVISO:
            data["proviso"] = "I am easy to proviso"

        if advice_type == AdviceType.REFUSE:
            data["denial_reasons"] = ["1a", "1b", "1c"]

        response = self.client.post(self.standard_case_url, **self.gov_headers, data=[data])
        response_data = response.json()["advice"][0]

        self.assertEqual(response.status_code, status.HTTP_201_CREATED)

        self.assertEqual(response_data["text"], data["text"])
        self.assertEqual(response_data["note"], data["note"])
        self.assertEqual(response_data["type"]["key"], data["type"])
        self.assertEqual(response_data["end_user"], data["end_user"])

        advice_object = Advice.objects.get()

        # Ensure that proviso details aren't added unless the type sent is PROVISO
        if advice_type != AdviceType.PROVISO:
            self.assertEqual(response_data["proviso"], None)
            self.assertEqual(advice_object.proviso, None)
        else:
            self.assertEqual(response_data["proviso"], data["proviso"])
            self.assertEqual(advice_object.proviso, data["proviso"])

        # Ensure that refusal details aren't added unless the type sent is REFUSE
        if advice_type != AdviceType.REFUSE:
            self.assertEqual(response_data["denial_reasons"], [])
            self.assertEqual(advice_object.denial_reasons.count(), 0)
        else:
            self.assertCountEqual(response_data["denial_reasons"], data["denial_reasons"])
            self.assertCountEqual(
                convert_queryset_to_str(advice_object.denial_reasons.values_list("id", flat=True)),
                data["denial_reasons"],
            )

    # User must have permission to create team advice
    def test_user_cannot_create_team_level_advice_without_permissions(self):
        """
        Tests that the right level of permissions are required
        """
        self.gov_user.role.permissions.set([])
        self.gov_user.save()
        response = self.client.get(self.standard_case_url, **self.gov_headers)

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

        response = self.client.post(self.standard_case_url, **self.gov_headers)

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

        response = self.client.delete(self.standard_case_url, **self.gov_headers)

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_advice_from_another_team_not_collated(self):
        """
        When collating advice, only the user's team's advice should be collated
        """
        TeamAdviceFactory(user=self.gov_user, team=self.team, case=self.standard_case, good=self.good)
        team_2 = TeamFactory()
        self.gov_user_2.team = team_2
        self.gov_user_2.save()
        TeamAdviceFactory(user=self.gov_user_2, team=team_2, case=self.standard_case, good=self.good)

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"]

        # Team 2's advice would conflict with team 1's if both were brought in
        self.assertEqual(response.status_code, status.HTTP_200_OK)

    def test_cannot_submit_user_level_advice_if_team_advice_exists_for_that_team_on_that_case(self,):
        """
        Logically blocks the submission of lower tier advice if higher tier advice exists
        """
        TeamAdviceFactory(user=self.gov_user_2, team=self.team, case=self.standard_case, good=self.good)

        data = {
            "text": "I Am Easy to Find",
            "note": "I Am Easy to Find",
            "type": AdviceType.APPROVE,
            "end_user": str(self.standard_application.end_user.party.id),
        }

        response = self.client.post(
            reverse("cases:user_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers, data=[data]
        )

        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

    def test_can_submit_user_level_advice_if_team_advice_has_been_cleared_for_that_team_on_that_case(self,):
        """
        No residual data is left to block lower tier advice being submitted after a clear
        """
        self.create_advice(self.gov_user_2, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)

        self.client.delete(self.standard_case_url, **self.gov_headers)

        data = {
            "text": "I Am Easy to Find",
            "note": "I Am Easy to Find",
            "type": AdviceType.APPROVE,
            "end_user": str(self.standard_application.end_user.party.id),
        }

        response = self.client.post(
            reverse("cases:user_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers, data=[data]
        )

        self.assertEqual(response.status_code, status.HTTP_201_CREATED)

    def test_create_and_delete_audit_trail_is_created_when_the_appropriate_actions_take_place(self,):
        """
        Audit trail is created when clearing or combining advice
        """
        self.create_advice(
            self.gov_user, self.standard_case, "end_user", AdviceType.NO_LICENCE_REQUIRED, AdviceLevel.USER
        )
        self.create_advice(self.gov_user_2, self.standard_case, "good", AdviceType.REFUSE, AdviceLevel.USER)
        self.create_advice(self.gov_user_3, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)

        self.client.get(self.standard_case_url, **self.gov_headers)
        self.client.delete(self.standard_case_url, **self.gov_headers)

        response = self.client.get(reverse("cases:activity", kwargs={"pk": self.standard_case.id}), **self.gov_headers)

        self.assertEqual(len(response.json()["activity"]), 3)

    # def test_creating_team_advice_does_not_overwrite_user_level_advice(self):
    #     """
    #     Because of the shared parent class, make sure the parent class "save" method is overridden by the child class
    #     """
    #     self.create_advice(self.gov_user, self.standard_case, "end_user", AdviceType.NO_LICENCE_REQUIRED, AdviceLevel.USER)
    #     self.create_advice(self.gov_user, self.standard_case, "end_user", AdviceType.NO_LICENCE_REQUIRED, AdviceLevel.TEAM)
    #
    #     self.client.get(self.standard_case_url, **self.gov_headers)
    #
    #     self.assertEqual(Advice.objects.count(), 2)

    @parameterized.expand(
        [
            [AdviceType.APPROVE],
            [AdviceType.PROVISO],
            [AdviceType.REFUSE],
            [AdviceType.NO_LICENCE_REQUIRED],
            [AdviceType.NOT_APPLICABLE],
        ]
    )
    def test_coalesce_merges_duplicate_advice_instead_of_appending_it_simple(self, advice_type):
        """
        Makes sure we strip out duplicates of advice on the same object
        """
        self.create_advice(self.gov_user_2, self.standard_case, "good", advice_type, AdviceLevel.USER)
        self.create_advice(self.gov_user_3, self.standard_case, "good", advice_type, AdviceLevel.USER)

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"]

        self.assertNotIn("\n-------\n", response_data[0]["text"])

    def test_merge_user_advice_same_advice_type_same_pv_gradings(self):
        """
        Same advice type, same pv grading
        """
        pv_grading = PvGrading.UK_OFFICIAL
        self.create_advice(
            self.gov_user_2, self.standard_case, "good", AdviceType.APPROVE, AdviceLevel.USER, pv_grading
        )
        self.create_advice(
            self.gov_user_3, self.standard_case, "good", AdviceType.APPROVE, AdviceLevel.USER, pv_grading
        )

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"]

        self.assertNotIn("\n-------\n", response_data[0]["text"])
        self.assertEquals(
            PvGrading.to_str(pv_grading), Advice.objects.get(id=response_data[0]["id"]).collated_pv_grading
        )

    def test_merge_user_advice_same_advice_type_different_pv_gradings(self):
        """
        Same advice types, different pv gradings
        """
        pv_grading = PvGrading.UK_OFFICIAL
        pv_grading_2 = PvGrading.UK_OFFICIAL_SENSITIVE
        self.create_advice(
            self.gov_user_2, self.standard_case, "good", AdviceType.APPROVE, AdviceLevel.USER, pv_grading
        )
        self.create_advice(
            self.gov_user_3, self.standard_case, "good", AdviceType.APPROVE, AdviceLevel.USER, pv_grading_2
        )

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"]

        self.assertNotIn("\n-------\n", response_data[0]["text"])
        self.assertIn("\n-------\n", Advice.objects.get(id=response_data[0]["id"]).collated_pv_grading)

    def test_merge_user_advice_different_advice_type_different_pv_gradings(self):
        """
        Different advice type, different pv gradings
        """
        pv_grading = PvGrading.UK_OFFICIAL
        pv_grading_2 = PvGrading.UK_OFFICIAL_SENSITIVE
        self.create_advice(
            self.gov_user_2, self.standard_case, "good", AdviceType.APPROVE, AdviceLevel.USER, pv_grading
        )
        self.create_advice(
            self.gov_user_3, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER, pv_grading_2
        )

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"]

        self.assertNotIn("\n-------\n", response_data[0]["text"])
        self.assertIn("\n-------\n", Advice.objects.get(id=response_data[0]["id"]).collated_pv_grading)

    def test_merge_user_advice_different_advice_type_same_pv_gradings(self):
        """
        Different advice type, same pv gradings
        """
        pv_grading = PvGrading.UK_OFFICIAL
        self.create_advice(
            self.gov_user_2, self.standard_case, "good", AdviceType.APPROVE, AdviceLevel.USER, pv_grading
        )
        self.create_advice(
            self.gov_user_3, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER, pv_grading
        )

        response = self.client.get(self.standard_case_url, **self.gov_headers)
        response_data = response.json()["advice"]

        self.assertNotIn("\n-------\n", response_data[0]["text"])
        self.assertEquals(
            PvGrading.to_str(pv_grading), Advice.objects.get(id=response_data[0]["id"]).collated_pv_grading
        )

    def test_when_user_advice_exists_combine_team_advice_with_confirm_own_advice_success(self,):
        self.role.permissions.set([constants.GovPermissions.MANAGE_TEAM_CONFIRM_OWN_ADVICE.name])
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)

        response = self.client.get(
            reverse("cases:team_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers
        )

        self.assertEqual(response.status_code, status.HTTP_200_OK)

    def test_when_user_advice_exists_combine_team_advice_without_confirm_own_advice_failure(self,):
        self.role.permissions.set([constants.GovPermissions.MANAGE_TEAM_ADVICE.name])
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)

        response = self.client.get(
            reverse("cases:team_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers
        )

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_when_user_advice_exists_clear_team_advice_with_confirm_own_advice_success(self,):
        self.role.permissions.set([constants.GovPermissions.MANAGE_TEAM_CONFIRM_OWN_ADVICE.name])
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)

        response = self.client.delete(
            reverse("cases:team_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers
        )

        self.assertEqual(response.status_code, status.HTTP_200_OK)

    def test_when_user_advice_exists_clear_team_advice_without_confirm_own_advice_failure(self,):
        self.role.permissions.set([constants.GovPermissions.MANAGE_TEAM_ADVICE.name])
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)

        response = self.client.delete(
            reverse("cases:team_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers
        )

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    def test_when_user_advice_exists_create_team_advice_with_confirm_own_advice_success(self,):
        self.role.permissions.set([constants.GovPermissions.MANAGE_TEAM_CONFIRM_OWN_ADVICE.name])
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)
        data = {
            "text": "I Am Easy to Find",
            "note": "I Am Easy to Find",
            "type": AdviceType.APPROVE,
            "end_user": str(self.standard_application.end_user.party.id),
        }

        response = self.client.post(
            reverse("cases:team_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers, data=[data]
        )

        self.assertEqual(response.status_code, status.HTTP_201_CREATED)

    def test_when_user_advice_exists_create_team_advice_without_confirm_own_advice_failure(self,):
        self.role.permissions.set([constants.GovPermissions.MANAGE_TEAM_ADVICE.name])
        self.create_advice(self.gov_user, self.standard_case, "good", AdviceType.PROVISO, AdviceLevel.USER)
        data = {
            "text": "I Am Easy to Find",
            "note": "I Am Easy to Find",
            "type": AdviceType.APPROVE,
            "end_user": str(self.standard_application.end_user.party.id),
        }

        response = self.client.post(
            reverse("cases:team_advice", kwargs={"pk": self.standard_case.id}), **self.gov_headers, data=[data]
        )

        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

    @parameterized.expand(CaseStatusEnum.terminal_statuses())
    def test_cannot_create_team_advice_when_case_in_terminal_state(self, terminal_status):
        data = {
            "text": "I Am Easy to Find",
            "note": "I Am Easy to Find",
            "type": AdviceType.APPROVE,
            "end_user": str(self.standard_application.end_user.party.id),
        }

        self.standard_application.status = get_case_status_by_status(terminal_status)
        self.standard_application.save()

        response = self.client.post(self.standard_case_url, **self.gov_headers, data=[data])

        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)