def test_post_submission_require_auth_data_entry_role(self):
self.user.profile.require_auth = True
self.user.profile.save()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
DataEntryRole.add(alice_profile.user, self.xform)
count = Attachment.objects.count()
s = self.surveys[0]
media_file = "1335783522563.jpg"
path = os.path.join(self.main_directory, 'fixtures', 'transportation',
'instances', s, media_file)
with open(path) as f:
f = InMemoryUploadedFile(f, 'media_file', media_file, 'image/jpg',
os.path.getsize(path), None)
submission_path = os.path.join(self.main_directory, 'fixtures',
'transportation', 'instances', s,
s + '.xml')
with open(submission_path) as sf:
data = {'xml_submission_file': sf, 'media_file': f}
request = self.factory.post('/submission', data)
response = self.view(request)
self.assertEqual(response.status_code, 401)
response = self.view(request, username=self.user.username)
self.assertEqual(response.status_code, 401)
self.assertEqual(count, Attachment.objects.count())
auth = DigestAuth('alice', 'bobbob')
request.META.update(auth(request.META, response))
response = self.view(request, username=self.user.username)
self.assertContains(response,
'Successful submission',
status_code=201)
def test_get_xform_list_other_user_with_dataentry_role(self):
request = self.factory.get('/')
response = self.view(request)
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
DataEntryRole.add(alice_profile.user, self.xform)
self.assertTrue(
DataEntryRole.user_has_role(alice_profile.user, self.xform)
)
auth = DigestAuth('alice', 'bobbob')
request.META.update(auth(request.META, response))
response = self.view(request)
self.assertEqual(response.status_code, 200)
path = os.path.join(
os.path.dirname(__file__),
'..', 'fixtures', 'formList.xml')
with open(path) as f:
form_list_xml = f.read().strip()
data = {"hash": self.xform.hash, "pk": self.xform.pk}
content = response.render().content
self.assertEqual(content, form_list_xml % data)
self.assertTrue(response.has_header('X-OpenRosa-Version'))
self.assertTrue(
response.has_header('X-OpenRosa-Accept-Content-Length'))
self.assertTrue(response.has_header('Date'))
self.assertEqual(response['Content-Type'],
'text/xml; charset=utf-8')
def test_get_xform_list_other_user_with_dataentry_role(self):
request = self.factory.get('/')
response = self.view(request)
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
DataEntryRole.add(alice_profile.user, self.xform)
self.assertTrue(
DataEntryRole.user_has_role(alice_profile.user, self.xform))
auth = DigestAuth('alice', 'bobbob')
request.META.update(auth(request.META, response))
response = self.view(request)
self.assertEqual(response.status_code, 200)
path = os.path.join(
os.path.dirname(__file__), '..', 'fixtures', 'formList.xml')
with open(path, encoding='utf-8') as f:
form_list_xml = f.read().strip()
data = {"hash": self.xform.hash, "pk": self.xform.pk}
content = response.render().content.decode('utf-8')
self.assertEqual(content, form_list_xml % data)
self.assertTrue(response.has_header('X-OpenRosa-Version'))
self.assertTrue(
response.has_header('X-OpenRosa-Accept-Content-Length'))
self.assertTrue(response.has_header('Date'))
self.assertEqual(response['Content-Type'],
'text/xml; charset=utf-8')
def test_post_submission_require_auth_data_entry_role(self):
self.user.profile.require_auth = True
self.user.profile.save()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
DataEntryRole.add(alice_profile.user, self.xform)
count = Attachment.objects.count()
s = self.surveys[0]
media_file = "1335783522563.jpg"
path = os.path.join(self.main_directory, 'fixtures',
'transportation', 'instances', s, media_file)
with open(path) as f:
f = InMemoryUploadedFile(f, 'media_file', media_file, 'image/jpg',
os.path.getsize(path), None)
submission_path = os.path.join(
self.main_directory, 'fixtures',
'transportation', 'instances', s, s + '.xml')
with open(submission_path) as sf:
data = {'xml_submission_file': sf, 'media_file': f}
request = self.factory.post('/submission', data)
response = self.view(request)
self.assertEqual(response.status_code, 401)
response = self.view(request, username=self.user.username)
self.assertEqual(response.status_code, 401)
self.assertEqual(count, Attachment.objects.count())
auth = DigestAuth('alice', 'bobbob')
request.META.update(auth(request.META, response))
response = self.view(request, username=self.user.username)
self.assertContains(response, 'Successful submission',
status_code=201)
def test_set_project_perms_to_xform(self):
"""
Test set_project_perms_to_xform(xform, project)
"""
self._publish_transportation_form()
# Alice has data entry role to default project
alice = self._create_user('alice', 'alice', create_profile=True)
DataEntryRole.add(alice, self.project)
set_project_perms_to_xform(self.xform, self.project)
self.assertTrue(DataEntryRole.user_has_role(alice, self.xform))
self.assertTrue(self.project.pk, self.xform.project_id)
# Create other project and transfer xform to new project
project_b = Project(name='Project B',
created_by=self.user,
organization=self.user)
project_b.save()
self.xform.project = project_b
self.xform.save()
self.xform.refresh_from_db()
self.assertTrue(self.project.pk, self.xform.project_id)
# set permissions for new project
set_project_perms_to_xform(self.xform, project_b)
# Alice should have no data entry role to transfered form
self.assertFalse(DataEntryRole.user_has_role(alice, self.xform))
def test_set_project_perms_to_xform(self):
"""
Test set_project_perms_to_xform(xform, project)
"""
self._publish_transportation_form()
# Alice has data entry role to default project
alice = self._create_user('alice', 'alice', create_profile=True)
DataEntryRole.add(alice, self.project)
set_project_perms_to_xform(self.xform, self.project)
self.assertTrue(DataEntryRole.user_has_role(alice, self.xform))
self.assertTrue(self.project.pk, self.xform.project_id)
# Create other project and transfer xform to new project
project_b = Project(
name='Project B', created_by=self.user, organization=self.user)
project_b.save()
self.xform.project = project_b
self.xform.save()
self.xform.refresh_from_db()
self.assertTrue(self.project.pk, self.xform.project_id)
# set permissions for new project
set_project_perms_to_xform(self.xform, project_b)
# Alice should have no data entry role to transfered form
self.assertFalse(DataEntryRole.user_has_role(alice, self.xform))
def test_add_project_perms_to_team(self):
# create an org, user, team
organization = self._create_organization("test org", self.user)
user_deno = self._create_user('deno', 'deno')
# add a member to the team
team = tools.create_organization_team(organization, "test team")
tools.add_user_to_team(team, user_deno)
project = Project.objects.create(name="Test Project",
organization=organization,
created_by=user_deno,
metadata='{}')
# confirm that the team has no permissions
self.assertFalse(team.groupobjectpermission_set.all())
# set DataEntryRole role of project on team
DataEntryRole.add(team, project)
content_type = ContentType.objects.get(
model=project.__class__.__name__.lower(),
app_label=project.__class__._meta.app_label)
object_permissions = team.groupobjectpermission_set.filter(
object_pk=project.pk, content_type=content_type)
permission_names = sorted(
[p.permission.codename for p in object_permissions])
self.assertEqual([
CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT
], permission_names)
self.assertEqual(get_team_project_default_permissions(team, project),
DataEntryRole.name)
# Add a new user
user_sam = self._create_user('Sam', 'sammy_')
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
# Add the user to the group
tools.add_user_to_team(team, user_sam)
# assert that team member has default perm set on team
self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))
# assert that removing team member revokes perms
tools.remove_user_from_team(team, user_sam)
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def test_role_update_xform_meta_perms(self):
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
EditorRole.add(alice_profile.user, self.xform)
view = MetaDataViewSet.as_view({
'post': 'create',
'put': 'update'
})
data = {
'data_type': XFORM_META_PERMS,
'data_value': 'editor-minor|dataentry',
'xform': self.xform.pk
}
request = self.factory.post('/', data, **self.extra)
response = view(request)
self.assertEqual(response.status_code, 201)
self.assertFalse(
EditorRole.user_has_role(alice_profile.user, self.xform))
self.assertTrue(
EditorMinorRole.user_has_role(alice_profile.user, self.xform))
meta = MetaData.xform_meta_permission(self.xform)
DataEntryRole.add(alice_profile.user, self.xform)
data = {
'data_type': XFORM_META_PERMS,
'data_value': 'editor|dataentry-only',
'xform': self.xform.pk
}
request = self.factory.put('/', data, **self.extra)
response = view(request, pk=meta.pk)
self.assertEqual(response.status_code, 200)
self.assertFalse(
DataEntryRole.user_has_role(alice_profile.user, self.xform))
self.assertTrue(
DataEntryOnlyRole.user_has_role(alice_profile.user, self.xform))
def test_role_update_xform_meta_perms(self):
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
EditorRole.add(alice_profile.user, self.xform)
view = MetaDataViewSet.as_view({
'post': 'create',
'put': 'update'
})
data = {
'data_type': XFORM_META_PERMS,
'data_value': 'editor-minor|dataentry',
'xform': self.xform.pk
}
request = self.factory.post('/', data, **self.extra)
response = view(request)
self.assertEqual(response.status_code, 201)
self.assertFalse(
EditorRole.user_has_role(alice_profile.user, self.xform))
self.assertTrue(
EditorMinorRole.user_has_role(alice_profile.user, self.xform))
meta = MetaData.xform_meta_permission(self.xform)
DataEntryRole.add(alice_profile.user, self.xform)
data = {
'data_type': XFORM_META_PERMS,
'data_value': 'editor|dataentry-only',
'xform': self.xform.pk
}
request = self.factory.put('/', data, **self.extra)
response = view(request, pk=meta.pk)
self.assertEqual(response.status_code, 200)
self.assertFalse(
DataEntryRole.user_has_role(alice_profile.user, self.xform))
self.assertTrue(
DataEntryOnlyRole.user_has_role(alice_profile.user, self.xform))
def test_add_project_perms_to_team(self):
# create an org, user, team
organization = self._create_organization("test org", self.user)
user_deno = self._create_user("deno", "deno")
# add a member to the team
team = tools.create_organization_team(organization, "test team")
tools.add_user_to_team(team, user_deno)
project = Project.objects.create(
name="Test Project", organization=organization, created_by=user_deno, metadata="{}"
)
# confirm that the team has no permissions
self.assertFalse(team.groupobjectpermission_set.all())
# set DataEntryRole role of project on team
DataEntryRole.add(team, project)
content_type = ContentType.objects.get(
model=project.__class__.__name__.lower(), app_label=project.__class__._meta.app_label
)
object_permissions = team.groupobjectpermission_set.filter(object_pk=project.pk, content_type=content_type)
permission_names = sorted([p.permission.codename for p in object_permissions])
self.assertEqual([CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT], permission_names)
self.assertEqual(get_team_project_default_permissions(team, project), DataEntryRole.name)
# Add a new user
user_sam = self._create_user("Sam", "sammy_")
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
# Add the user to the group
tools.add_user_to_team(team, user_sam)
# assert that team member has default perm set on team
self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))
# assert that removing team member revokes perms
tools.remove_user_from_team(team, user_sam)
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def test_add_project_perms_to_team(self):
# create an org, user, team
organization = self._create_organization("test org", self.user)
user_deno = self._create_user('deno', 'deno')
# add a member to the team
team = tools.create_organization_team(organization, "test team")
tools.add_user_to_team(team, user_deno)
project = Project.objects.create(name="Test Project",
organization=organization,
created_by=user_deno,
metadata='{}')
# confirm that the team has no permissions on project
self.assertFalse(get_perms(team, project))
# set DataEntryRole role of project on team
DataEntryRole.add(team, project)
self.assertEqual([CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT,
CAN_VIEW_PROJECT, CAN_VIEW_PROJECT_ALL,
CAN_VIEW_PROJECT_DATA],
sorted(get_perms(team, project)))
self.assertEqual(get_team_project_default_permissions(team, project),
DataEntryRole.name)
# Add a new user
user_sam = self._create_user('Sam', 'sammy_')
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
# Add the user to the group
tools.add_user_to_team(team, user_sam)
# assert that team member has default perm set on team
self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))
# assert that removing team member revokes perms
tools.remove_user_from_team(team, user_sam)
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def test_add_project_perms_to_team(self):
# create an org, user, team
organization = self._create_organization("test org", self.user)
user_deno = self._create_user('deno', 'deno')
# add a member to the team
team = tools.create_organization_team(organization, "test team")
tools.add_user_to_team(team, user_deno)
project = Project.objects.create(name="Test Project",
organization=organization,
created_by=user_deno,
metadata='{}')
# confirm that the team has no permissions on project
self.assertFalse(get_perms(team, project))
# set DataEntryRole role of project on team
DataEntryRole.add(team, project)
self.assertEqual([
CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT,
CAN_VIEW_PROJECT_ALL, CAN_VIEW_PROJECT_DATA
], sorted(get_perms(team, project)))
self.assertEqual(get_team_project_default_permissions(team, project),
DataEntryRole.name)
# Add a new user
user_sam = self._create_user('Sam', 'sammy_')
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
# Add the user to the group
tools.add_user_to_team(team, user_sam)
# assert that team member has default perm set on team
self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))
# assert that removing team member revokes perms
tools.remove_user_from_team(team, user_sam)
self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
