def test_list_organization_superuser(self): self.request.user = factories.CoreUser(is_superuser=True, is_staff=True) view = OrganizationViewSet.as_view({'get': 'list'}) response = view(self.request) self.assertEqual(response.status_code, 200) self.assertEqual(len(response.data), 2)
def test_validate_core_user_access(self): request = self.get_mock_request('/a-jedis-path/', APIGatewayView, self.core_user) request.resolver_match = Mock(url_name='obi-wan-kenobi') core_user = factories.CoreUser() ret = validate_object_access(request, core_user) self.assertIsNone(ret)
def test_delete_logic_module_models_no_access(self, request_factory, document_logic_module_model): pk = str(document_logic_module_model.pk) request = request_factory.delete(reverse('logicmodulemodel-detail', args=(pk,))) user = factories.CoreUser() request.user = user response = views.LogicModuleModelViewSet.as_view({"delete": "destroy"})(request, pk=pk) assert response.status_code == 403
def setUp(self): self.client = APIClient() self.core_user = factories.CoreUser() self.lm = factories.LogicModule(name='documents') # bypass authentication self.client.force_authenticate(user=self.core_user)
def test_invalid_delete_partner(self): request = self.factory.delete( reverse('partner-detail', args=(self.partner.pk, ))) request.user = factories.CoreUser(is_superuser=True, is_staff=True) response = PartnerViewSet.as_view({'delete': 'destroy'})(request, pk=12) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_delete_relationship_no_access(self, request_factory, relationship): pk = str(relationship.pk) request = request_factory.delete(reverse('relationship-detail', args=(pk,))) user = factories.CoreUser() request.user = user response = views.RelationshiplViewSet.as_view({"delete": "destroy"})(request, pk=pk) assert response.status_code == 403
def test_detail_relationship(self, request_factory, relationship): pk = str(relationship.pk) request = request_factory.get(reverse('relationship-detail', args=(pk,))) user = factories.CoreUser() request.user = user response = views.RelationshiplViewSet.as_view({"get": "retrieve"})(request, pk=pk) assert response.status_code == 200 assert self.expected_keys == set(response.data.keys())
def test_detail_logic_module_models(self, request_factory, document_logic_module_model): pk = str(document_logic_module_model.pk) request = request_factory.get(reverse('logicmodulemodel-detail', args=(pk,))) user = factories.CoreUser() request.user = user response = views.LogicModuleModelViewSet.as_view({"get": "retrieve"})(request, pk=pk) assert response.status_code == 200 assert self.expected_keys == set(response.data.keys())
def test_json_dump_w_core_user(): core_user = factories.CoreUser(pk=5) obj = { "model_instance": core_user, } result = json.dumps(obj, cls=GatewayJSONEncoder) expected_result = '{"model_instance": 5}' assert result == expected_result
def setUp(self): self.not_default_org = factories.Organization.create(name='Some Org') wfl1_not_default_org = factories.WorkflowLevel1.create( organization=self.not_default_org) factories.WorkflowLevel2.create_batch( 2, workflowlevel1=wfl1_not_default_org) self.factory = APIRequestFactory() self.core_user = factories.CoreUser()
def test_list_relationships(self, request_factory, relationship, relationship2): request = request_factory.get(reverse('relationship-list')) user = factories.CoreUser() request.user = user response = views.RelationshiplViewSet.as_view({"get": "list"})(request) assert response.status_code == 200 assert len(response.data) == 2 assert set(response.data[0].keys()) == self.expected_keys assert set(response.data[0]['origin_model'].keys()) == TestLogicModuleModelView.expected_keys assert set(response.data[0]['related_model'].keys()) == TestLogicModuleModelView.expected_keys
def test_admin_user_auth_page_with_superuser(self): """Super user should see superuser status field on django admin""" admin = CoreUser.objects.create_superuser('admin', '*****@*****.**', 'Password123') another_user = factories.CoreUser(username='******') self.client.login(username='******', password='******') url = '/admin/core/coreuser/{}/change/'.format(another_user.pk) response = self.client.get(url) self.assertContains(response, 'Superuser status')
def test_list_logic_module_models(self, request_factory, document_logic_module_model, appointment_logic_module_model): request = request_factory.get(reverse('logicmodulemodel-list')) user = factories.CoreUser() request.user = user response = views.LogicModuleModelViewSet.as_view({"get": "list"})(request) assert response.status_code == 200 assert len(response.data) == 2 assert self.expected_keys == set(response.data[0].keys())
def test_create_valid_partner(self): data = { 'name': 'partner name', } request = self.factory.post(reverse('partner-list'), data, format='json') request.user = factories.CoreUser(is_superuser=True, is_staff=True) response = PartnerViewSet.as_view({'post': 'create'})(request) self.assertEqual(response.status_code, status.HTTP_201_CREATED)
def test_patch_logic_module_model(self, request_factory, document_logic_module_model): pk = str(document_logic_module_model.pk) data = { "lookup_field_name": "another_lookup_field" } request = request_factory.patch(reverse('logicmodulemodel-detail', args=(pk,)), data) user = factories.CoreUser(is_superuser=True) request.user = user response = views.LogicModuleModelViewSet.as_view({"patch": "partial_update"})(request, pk=pk) assert response.status_code == 200 assert self.expected_keys == set(response.data.keys()) assert response.data['lookup_field_name'] == 'another_lookup_field'
def test_valid_update_partner(self): self.partner = Partner.objects.create(name='partner name') data = { 'name': 'partner name', } request = self.factory.put( reverse('partner-detail', args=(self.partner.pk, )), data) request.user = factories.CoreUser(is_superuser=True, is_staff=True) response = PartnerViewSet.as_view({'put': 'update'})(request, pk=self.partner.pk) self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_update_relationship_no_access(self, request_factory, relationship): pk = str(relationship.pk) data = { "origin_model_id": relationship.origin_model.pk, "related_model_id": relationship.related_model.pk, "key": "another_key_for_this_rel" } request = request_factory.put(reverse('relationship-detail', args=(pk,)), data) user = factories.CoreUser() request.user = user response = views.RelationshiplViewSet.as_view({"put": "update"})(request, pk=pk) assert response.status_code == 403
def setUp(self): self.client = APIClient() self.core_user = factories.CoreUser() # bypass authentication self.client.force_authenticate(user=self.core_user) self.response_data = { 'id': 1, 'workflowlevel2_uuid': 1, 'name': 'test', 'contact_uuid': 1 }
def test_admin_user_permissions_section_with_superuser(self): """Super user should see user permissions section on django admin""" User = get_user_model() User.objects.create_superuser('admin', '*****@*****.**', 'Password123') another_user = factories.CoreUser(username='******') self.client.login(username='******', password='******') url = '/admin/workflow/coreuser/{}/change/'.format(another_user.pk) response = self.client.get(url) self.assertContains(response, 'User permissions')
def test_patch_relationship(self, request_factory, relationship): pk = str(relationship.pk) data = {"key": "another_key_for_this_rel"} request = request_factory.patch( reverse('relationship-detail', args=(pk, )), data) user = factories.CoreUser(is_superuser=True) request.user = user response = views.RelationshiplViewSet.as_view( {"patch": "partial_update"})(request, pk=pk) assert response.status_code == 200 assert self.expected_keys == set(response.data.keys()) assert response.data['key'] == 'another_key_for_this_rel'
def test_create_organization_new_username_org(self): coreuser = factories.CoreUser(first_name='John', last_name='Lennon') response = auth_pipeline.create_organization(core_user=coreuser, is_new_core_user=True) self.assertIn('is_new_org', response) self.assertTrue(response['is_new_org']) self.assertIn('organization', response) self.assertTrue(isinstance(response['organization'], Organization)) self.assertEqual(response['organization'].name, coreuser.username) coreuser.refresh_from_db() self.assertEqual(coreuser.organization, response['organization'])
def test_create_logic_module_model(self, request_factory): data = { "logic_module_endpoint_name": "location", "model": "siteprofile", "endpoint": "/siteprofiles/", "lookup_field_name": "uuid" } request = request_factory.post(reverse('logicmodulemodel-list'), data) user = factories.CoreUser(is_superuser=True) request.user = user response = views.LogicModuleModelViewSet.as_view({"post": "create"})(request) assert response.status_code == 201 assert self.expected_keys == set(response.data.keys())
def test_create_logic_module_model_no_access(self, request_factory): data = { "logic_module_endpoint_name": "location", "model": "siteprofile", "endpoint": "/siteprofiles/", "lookup_field_name": "uuid" } request = request_factory.post(reverse('logicmodulemodel-list'), data) user = factories.CoreUser() request.user = user response = views.LogicModuleModelViewSet.as_view({"post": "create"})(request) assert response.status_code == 403
def test_update_logic_module_model_no_access(self, request_factory, document_logic_module_model): pk = str(document_logic_module_model.pk) data = { "logic_module_endpoint_name": "document", "model": "document", "endpoint": "/documents/", "lookup_field_name": "another_lookup_field" } request = request_factory.put(reverse('logicmodulemodel-detail', args=(pk,)), data) user = factories.CoreUser() request.user = user response = views.LogicModuleModelViewSet.as_view({"put": "update"})(request, pk=pk) assert response.status_code == 403
def test_create_organization_new_default_org(self): Organization.objects.get(name=settings.DEFAULT_ORG).delete() coreuser = factories.CoreUser(first_name='John', last_name='Lennon', organization=None) response = auth_pipeline.create_organization(core_user=coreuser, is_new_core_user=True) self.assertIn('is_new_org', response) self.assertTrue(response['is_new_org']) self.assertIn('organization', response) self.assertTrue(isinstance(response['organization'], Organization)) self.assertEqual(response['organization'].name, settings.DEFAULT_ORG) coreuser.refresh_from_db() self.assertEqual(coreuser.organization, response['organization'])
def test_create_relationship_no_access(self, request_factory, document_logic_module_model, appointment_logic_module_model): data = { "origin_model_id": document_logic_module_model.pk, "related_model_id": appointment_logic_module_model.pk, "key": "document_appointment_rel" } request = request_factory.post(reverse('relationship-list'), data) user = factories.CoreUser() request.user = user response = views.RelationshiplViewSet.as_view({"post": "create"})(request) assert response.status_code == 403
def setUp(self): self.client = APIClient() self.core_user = factories.CoreUser() self.lm = factories.LogicModule(name='Products Service', endpoint_name='products') # bypass authentication self.client.force_authenticate(user=self.core_user) self.response_data = { 'id': 1, 'workflowlevel2_uuid': str(uuid.uuid4()), 'name': 'test', 'contact_uuid': 1 }
def test_admin_user_permissions_section_with_staff_user(self): """Staff user shouldn't see user permissions section field on django admin""" staff_user = CoreUser.objects.create_user('staff_user', '*****@*****.**', 'Password123') permission = Permission.objects.get(name='Can change core user') staff_user.user_permissions.add(permission) staff_user.is_staff = True staff_user.save() another_user = factories.CoreUser(username='******') self.client.login(username='******', password='******') url = '/admin/core/coreuser/{}/change/'.format(another_user.pk) response = self.client.get(url) self.assertNotContains(response, 'User permissions')
def test_create_relationship(self, request_factory, document_logic_module_model, appointment_logic_module_model): data = { "origin_model_id": document_logic_module_model.pk, "related_model_id": appointment_logic_module_model.pk, "key": "document_appointment_rel" } request = request_factory.post(reverse('relationship-list'), data) user = factories.CoreUser(is_superuser=True) request.user = user response = views.RelationshiplViewSet.as_view({"post": "create"})(request) assert response.status_code == 201 assert self.expected_keys == set(response.data.keys())
def setUp(self) -> None: self.rf = RequestFactory() self.core_user = factories.CoreUser() # for testing refresh token application = Application( name="Test JWT Application", user=self.core_user, client_type=Application.CLIENT_PUBLIC, authorization_grant_type=Application.GRANT_PASSWORD, ) application.save() access_token = AccessToken.objects.create(user=self.core_user, token="1234567890", application=application, expires=timezone.now() + datetime.timedelta(days=1), scope="read write") RefreshToken.objects.create(access_token=access_token, user=self.core_user, application=application, token="007")