def test_post(self):
"""Test the post method."""
# Verify the members
admin = mocks.create_user()
common_user = mocks.create_user()
institution = mocks.create_institution()
child_institution = mocks.create_institution()
institution.address = mocks.create_address()
admin.institutions_admin = [institution.key]
admin.add_institution(institution.key)
admin.follows = [institution.key]
institution.members = [admin.key, common_user.key]
institution.set_admin(admin.key)
child_institution.parent_institution = institution.key
child_institution.admin = common_user.key
common_user.institutions_admin = [child_institution.key]
institution.children_institutions.append(child_institution.key)
institution.put()
child_institution.put()
common_user.add_institution(institution.key)
common_user.follows = [institution.key]
admin.put()
common_user.put()
self.assertTrue(institution.key in admin.institutions)
self.assertTrue(institution.key in common_user.institutions)
admin.add_permissions(DEFAULT_ADMIN_PERMISSIONS,
institution.key.urlsafe())
admin.add_permissions(DEFAULT_ADMIN_PERMISSIONS,
child_institution.key.urlsafe())
# Call the post method
self.testapp.post(
'/api/queue/remove-inst?institution_key=%s&remove_hierarchy=true&user_key=%s'
% (institution.key.urlsafe(), admin.key.urlsafe()))
# Retrieving the entities
admin = admin.key.get()
common_user = common_user.key.get()
child_institution = child_institution.key.get()
# Check if the method worked as expected
self.assertFalse(
has_permissions(admin, institution.key.urlsafe(),
DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(admin, child_institution.key.urlsafe(),
DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(child_institution.state == 'inactive')
def test_remove_admin_permission_in_institution_hierarchy(self, verify_token, enqueue_task):
"""Test remove admin permissions in institution hierarchy."""
second_user = mocks.create_user()
third_user = mocks.create_user()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
second_inst.admin = second_user.key
third_inst.admin = third_user.key
second_user.institutions_admin.append(second_inst.key)
third_user.institutions_admin.append(third_inst.key)
third_inst.parent_institution = second_inst.key
second_inst.children_institutions.append(third_inst.key)
third_user.add_permission('remove_link', third_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe())
second_inst.put()
third_inst.put()
second_user.put()
third_user.put()
self.assertTrue(has_permissions(
second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))
enqueue_task.side_effect = self.enqueue_task
verify_token._mock_return_value = {'email': third_user.email[0]}
self.testapp.delete("/api/institutions/%s/hierarchy/%s?isParent=true" %
(third_inst.key.urlsafe(), second_inst.key.urlsafe()))
second_user = second_user.key.get()
self.assertFalse(has_permissions(
second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_to_keep_permissions_information(self):
"""apokdpos."""
first_user = mocks.create_user()
second_user = mocks.create_user()
third_user = mocks.create_user()
first_inst = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
fourth_inst = mocks.create_institution()
first_inst.add_member(first_user)
first_inst.set_admin(first_user.key)
third_inst.add_member(second_user)
third_inst.set_admin(second_user.key)
second_inst.add_member(third_user)
second_inst.set_admin(third_user.key)
fourth_inst.add_member(third_user)
fourth_inst.set_admin(third_user.key)
first_user.institutions_admin = [first_inst.key]
third_user.institutions_admin.append(second_inst.key)
second_user.institutions_admin.append(third_inst.key)
third_user.institutions_admin.append(fourth_inst.key)
# Hierarchy
# first_inst -> second_inst -> third_inst -> fourth_inst
# (first_user) (third_user) (second_user) (third_user)
second_inst.parent_institution = first_inst.key
fourth_inst.parent_institution = third_inst.key
first_inst.children_institutions.append(second_inst.key)
second_inst.children_institutions.append(third_inst.key)
third_inst.children_institutions.append(fourth_inst.key)
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
first_inst.key.urlsafe())
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
second_inst.key.urlsafe())
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
third_inst.key.urlsafe())
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
fourth_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
third_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
fourth_inst.key.urlsafe())
third_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
second_inst.key.urlsafe())
third_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
third_inst.key.urlsafe())
third_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
fourth_inst.key.urlsafe())
first_inst.put()
second_inst.put()
third_inst.put()
fourth_inst.put()
first_user.put()
second_user.put()
third_user.put()
params = '?institution_key=%s&&parent_key=%s' % (
third_inst.key.urlsafe(), second_inst.key.urlsafe())
self.testapp.post(REMOVE_ADMIN_PERMISSIONS_URI + params)
first_user = first_user.key.get()
second_user = second_user.key.get()
third_user = third_user.key.get()
self.assertTrue(
has_permissions(first_user, first_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(first_user, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(first_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(first_user, fourth_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, fourth_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(third_user, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(third_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(third_user, fourth_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
def test(self):
"""Test the post method."""
# Verify the members
"""Test remove admin permissions in institution hierarchy."""
first_user = mocks.create_user()
second_user = mocks.create_user()
first_inst = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
fourth_inst = mocks.create_institution()
first_inst.add_member(first_user)
first_inst.set_admin(first_user.key)
third_inst.add_member(second_user)
third_inst.set_admin(second_user.key)
second_inst.add_member(second_user)
second_inst.set_admin(second_user.key)
fourth_inst.add_member(first_user)
fourth_inst.set_admin(first_user.key)
first_user.institutions_admin.append(first_inst.key)
second_user.institutions_admin.append(second_inst.key)
second_user.institutions_admin.append(third_inst.key)
first_user.institutions_admin.append(fourth_inst.key)
# Hierarchy
# first_inst -> second_inst -> third_inst -> fourth_inst
# (first_user) (second_user) (second_user) (first_user)
second_inst.parent_institution = first_inst.key
fourth_inst.parent_institution = third_inst.key
first_inst.children_institutions.append(second_inst.key)
second_inst.children_institutions.append(third_inst.key)
third_inst.children_institutions.append(fourth_inst.key)
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
first_inst.key.urlsafe())
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
second_inst.key.urlsafe())
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
third_inst.key.urlsafe())
first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
fourth_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
second_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
third_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
fourth_inst.key.urlsafe())
first_inst.put()
second_inst.put()
third_inst.put()
fourth_inst.put()
first_user.put()
second_user.put()
params = '?institution_key=%s&&parent_key=%s' % (
third_inst.key.urlsafe(), second_inst.key.urlsafe())
self.testapp.post(REMOVE_ADMIN_PERMISSIONS_URI + params)
first_user = first_user.key.get()
second_user = second_user.key.get()
self.assertTrue(
has_permissions(first_user, first_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(first_user, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(first_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(first_user, fourth_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, fourth_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_add_admin_permission_in_institution_hierarchy(
self, verify_token, enqueue_task):
"""Test add admin permissions in institution hierarchy."""
first_user = mocks.create_user()
second_user = mocks.create_user()
third_user = mocks.create_user()
first_inst = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
first_inst.admin = first_user.key
second_inst.admin = second_user.key
third_inst.admin = third_user.key
first_user.institutions_admin.append(first_inst.key)
second_user.institutions_admin.append(second_inst.key)
third_user.institutions_admin.append(third_inst.key)
second_inst.parent_institution = first_inst.key
third_inst.parent_institution = second_inst.key
first_inst.children_institutions.append(second_inst.key)
first_inst.put()
second_inst.put()
third_inst.put()
first_user.put()
second_user.put()
third_user.put()
second_user.add_permission('answer_link_inst_request',
second_inst.key.urlsafe())
request = RequestInstitutionParent()
request.admin_key = third_user.key
request.sender_key = third_user.key
request.institution_key = third_inst.key
request.institution_requested_key = second_inst.key
request.put()
verify_token._mock_return_value = {'email': second_user.email[0]}
second_user.add_institution(second_inst.key)
enqueue_task.side_effect = self.enqueue_task
self.assertFalse(
has_permissions(first_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.testapp.put(
"/api/requests/%s/institution_parent" % request.key.urlsafe(),
headers={'institution-authorization': second_inst.key.urlsafe()})
first_user = first_user.key.get()
second_user = second_user.key.get()
third_user = third_user.key.get()
self.assertTrue(
has_permissions(first_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_put_invite_not_allowed(self, verify_token):
"""Test put invite not allowed."""
admin = mocks.create_user()
new_admin = mocks.create_user()
institution = mocks.create_institution()
institution.add_member(admin)
institution.set_admin(admin.key)
institution.add_member(new_admin)
admin.institutions.append(institution.key)
admin.add_institution_admin(institution.key)
add_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
institution.put()
admin.put()
new_admin.put()
invite = mocks.create_invite(admin, institution.key, 'USER')
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'New_admin should not have admin permissions for this institution!'
)
self.assertEquals(
admin.key,
institution.admin,
'Admin must be the administrator of the institution!'
)
with self.assertRaises(Exception) as raises_context:
self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe()))
institution = institution.key.get()
admin = admin.key.get()
new_admin = new_admin.key.get()
invite = invite.key.get()
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'New_admin should not have admin permissions for this institution!'
)
self.assertEquals(
admin.key,
institution.admin,
'Admin must be the administrator of the institution!'
)
self.assertEquals(
invite.status,
'sent',
'Invitation status must be equal to sent!'
)
message_exception = self.get_message_exception(str(raises_context.exception))
self.assertEqual(
message_exception,
'Error! Invitation type not allowed',
'Expected message of exception must be equal to Error! Invitation type not allowed'
)
def test_delete(self, verify_token, send_notification):
"""Test reject invite."""
admin = mocks.create_user()
new_admin = mocks.create_user()
institution = mocks.create_institution()
institution.add_member(admin)
institution.set_admin(admin.key)
institution.add_member(new_admin)
admin.institutions.append(institution.key)
admin.add_institution_admin(institution.key)
add_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
institution.put()
admin.put()
new_admin.put()
invite = mocks.create_invite(admin, institution.key, 'USER_ADM', new_admin.key.urlsafe())
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'New_admin should not have admin permissions for this institution!'
)
self.assertEquals(
admin.key,
institution.admin,
'Admin must be the administrator of the institution!'
)
self.testapp.delete('/api/invites/%s/institution_adm' %(invite.key.urlsafe()))
institution = institution.key.get()
admin = admin.key.get()
new_admin = new_admin.key.get()
invite = invite.key.get()
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'New_admin should not have admin permissions for this institution!'
)
self.assertEquals(
admin.key,
institution.admin,
'Admin must be the administrator of the institution!'
)
self.assertEquals(
invite.status,
'rejected',
'Invitation status must be equal to rejected!'
)
def test_put_invite_with_super_user_admin_of_parent_inst(self, verify_token, enqueue_task, send_notification):
"""Test put invite with user super user and is admin of parent institution."""
enqueue_task.side_effect = self.enqueue_task
admin = mocks.create_user()
new_admin = mocks.create_user()
institution = mocks.create_institution()
second_inst = mocks.create_institution()
second_inst.name = "Departamento do Complexo Industrial e Inovacao em Saude"
second_inst.trusted = True
third_inst = mocks.create_institution()
institution.add_member(admin)
institution.set_admin(admin.key)
institution.children_institutions = [second_inst.key]
# Departamento do Complexo Industrial e Inovacao em Saude
# Admin of this institution is Super User
second_inst.add_member(admin)
second_inst.set_admin(admin.key)
second_inst.add_member(new_admin)
second_inst.parent_institution = institution.key
second_inst.children_institutions = [third_inst.key]
third_inst.add_member(admin)
third_inst.set_admin(admin.key)
third_inst.add_member(new_admin)
third_inst.parent_institution = second_inst.key
admin.institutions.append(institution.key)
admin.institutions.append(second_inst.key)
admin.institutions.append(third_inst.key)
admin.add_institution_admin(institution.key)
admin.add_institution_admin(second_inst.key)
admin.add_institution_admin(third_inst.key)
add_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
add_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
add_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS)
add_permissions(admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
institution.put()
second_inst.put()
third_inst.put()
admin.put()
new_admin.put()
verify_token._mock_return_value = {'email': new_admin.email[0]}
invite = mocks.create_invite(admin, second_inst.key, 'USER_ADM', new_admin.key.urlsafe())
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for this institution!'
)
self.assertTrue(
has_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin user permissions for second_inst institution!'
)
self.assertTrue(
has_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
'Admin must have super user permissions for second_inst institution!'
)
self.assertTrue(
has_permissions(admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin user permissions for third_inst institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have not admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have not admin user permissions for second_inst institution!'
)
self.assertFalse(
has_permissions(new_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
'Admin must have not super user permissions for second_inst institution!'
)
self.assertFalse(
has_permissions(new_admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have not admin user permissions for third_inst institution!'
)
self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe()))
institution = institution.key.get()
second_inst = second_inst.key.get()
third_inst = third_inst.key.get()
admin = admin.key.get()
new_admin = new_admin.key.get()
invite = invite.key.get()
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'admin must have admin permissions for this institution!'
)
self.assertTrue(
has_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for second_inst institution!'
)
self.assertFalse(
has_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
"Admin shouldn't have admin permissions for second_inst institution!"
)
self.assertTrue(
has_permissions(admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for third_inst institution!'
)
self.assertTrue(
has_permissions(new_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin must have admin user permissions for second_inst institution!'
)
self.assertTrue(
has_permissions(new_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
'new_admin must have super user permissions for second_inst institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have admin permissions for this institution!'
)
self.assertTrue(
has_permissions(new_admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'New_admin must have admin user permissions for third_inst institution!'
)
def test_put_invite_super_user(self, verify_token, enqueue_task, send_notification):
"""Test put invite with user is super admin."""
enqueue_task.side_effect = self.enqueue_task
admin = mocks.create_user()
new_admin = mocks.create_user()
institution = mocks.create_institution()
institution.name = "Departamento do Complexo Industrial e Inovacao em Saude"
institution.trusted = True
institution.add_member(admin)
institution.set_admin(admin.key)
institution.add_member(new_admin)
new_admin.institutions.append(institution.key)
admin.institutions.append(institution.key)
admin.add_institution_admin(institution.key)
add_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
add_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS)
institution.put()
admin.put()
new_admin.put()
verify_token._mock_return_value = {'email': new_admin.email[0]}
invite = mocks.create_invite(admin, institution.key, 'USER_ADM', new_admin.key.urlsafe())
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have administrative permissions!'
)
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
'Admin must have super user permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have administrative permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
'new_admin should not have super user permissions for this institution!'
)
self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe()))
institution = institution.key.get()
admin = admin.key.get()
new_admin = new_admin.key.get()
invite = invite.key.get()
self.assertFalse(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'admin must have super not user permissions for this institution!'
)
self.assertFalse(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
'admin must have not super user permissions for this institution!'
)
self.assertTrue(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin must have admin permissions for second_inst institution!'
)
self.assertTrue(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_SUPER_USER_PERMISSIONS),
'new_admin must have super user permissions for second_inst institution!'
)
def test_put(self, verify_token, enqueue_task, send_notification):
"""Test put method in inviteUserAdmHandler."""
enqueue_task.side_effect = self.enqueue_task
admin = mocks.create_user()
new_admin = mocks.create_user()
institution = mocks.create_institution()
institution.add_member(admin)
institution.set_admin(admin.key)
institution.add_member(new_admin)
admin.institutions.append(institution.key)
admin.add_institution_admin(institution.key)
add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)
institution.put()
admin.put()
new_admin.put()
verify_token._mock_return_value = {'email': new_admin.email[0]}
invite = mocks.create_invite(admin, institution.key, 'USER_ADM', new_admin.key.urlsafe())
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have admin permissions for this institution!'
)
self.assertEquals(
admin.key,
institution.admin,
'Admin must be the administrator of the institution!'
)
self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe()))
institution = institution.key.get()
admin = admin.key.get()
new_admin = new_admin.key.get()
invite = invite.key.get()
self.assertFalse(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin should not have admin permissions for this institution!'
)
self.assertTrue(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'New_admin must have admin permissions for this institution!'
)
self.assertEquals(
new_admin.key,
institution.admin,
'New_admin must be the administrator of the institution!'
)
self.assertEquals(
invite.status,
'accepted',
'Invitation status must be equal to accepted!'
)
def test_put_invite_with_user_admin_of_parent_inst(self, verify_token, enqueue_task, send_notification):
"""Test put invite with user is admin of parent institution."""
enqueue_task.side_effect = self.enqueue_task
admin = mocks.create_user()
new_admin = mocks.create_user()
other_admin = mocks.create_user()
institution = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
institution.add_member(admin)
institution.set_admin(admin.key)
institution.children_institutions = [second_inst.key]
second_inst.add_member(other_admin)
second_inst.set_admin(other_admin.key)
second_inst.parent_institution = institution.key
second_inst.children_institutions = [third_inst.key]
third_inst.add_member(admin)
third_inst.set_admin(admin.key)
third_inst.add_member(new_admin)
third_inst.parent_institution = second_inst.key
admin.institutions.append(institution.key)
admin.institutions.append(third_inst.key)
admin.add_institution_admin(institution.key)
admin.add_institution_admin(third_inst.key)
other_admin.institutions.append(second_inst.key)
other_admin.add_institution_admin(second_inst.key)
add_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
add_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
add_permissions(admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
add_permissions(other_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS)
institution.put()
second_inst.put()
third_inst.put()
admin.put()
new_admin.put()
other_admin.put()
verify_token._mock_return_value = {'email': new_admin.email[0]}
invite = mocks.create_invite(admin, third_inst.key, 'USER_ADM', new_admin.key.urlsafe())
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for this institution!'
)
self.assertTrue(
has_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for second_inst institution!'
)
self.assertTrue(
has_permissions(admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for third_inst institution!'
)
self.assertTrue(
has_permissions(other_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'other_admin must have admin permissions for second_inst institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have admin permissions for the second_inst institution!'
)
self.assertFalse(
has_permissions(new_admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have admin permissions for the third_inst institution!'
)
self.assertEquals(
admin.key,
third_inst.admin,
'Admin must be the administrator of the institution!'
)
self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe()))
institution = institution.key.get()
second_inst = second_inst.key.get()
third_inst = third_inst.key.get()
admin = admin.key.get()
new_admin = new_admin.key.get()
other_admin.key.get()
invite = invite.key.get()
self.assertTrue(
has_permissions(admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'admin must have admin permissions for this institution!'
)
self.assertTrue(
has_permissions(admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for second_inst institution!'
)
self.assertTrue(
has_permissions(admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'Admin must have admin permissions for third_inst institution!'
)
self.assertTrue(
has_permissions(other_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'other_admin must have admin permissions for second_inst institution!'
)
self.assertFalse(
has_permissions(new_admin, institution.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have admin permissions for this institution!'
)
self.assertFalse(
has_permissions(new_admin, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'new_admin should not have admin permissions for the second_inst institution!'
)
self.assertTrue(
has_permissions(new_admin, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS),
'New_admin must have admin permissions for third_inst institution!'
)
self.assertEquals(
new_admin.key,
third_inst.admin,
'New_admin must be the administrator of the institution!'
)
def test_remove_admin_permission_in_a_middle_institution_with_two_administered_institutions(
self, verify_token, enqueue_task):
"""Test remove admin permissions in institution hierarchy."""
first_user = mocks.create_user()
second_user = mocks.create_user()
first_inst = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
first_inst.add_member(first_user)
first_inst.set_admin(first_user.key)
second_inst.admin = second_user.key
third_inst.admin = second_user.key
first_user.institutions_admin.append(first_inst.key)
second_user.institutions_admin.append(second_inst.key)
second_user.institutions_admin.append(third_inst.key)
second_inst.parent_institution = first_inst.key
third_inst.parent_institution = second_inst.key
first_inst.children_institutions.append(second_inst.key)
second_inst.children_institutions.append(third_inst.key)
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
second_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
third_inst.key.urlsafe())
first_inst.put()
second_inst.put()
third_inst.put()
first_user.put()
second_user.put()
# Hierarchy
# first_inst -> second_inst -> third_inst
# (first_user) (second_user) (second_user)
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
verify_token._mock_return_value = {'email': second_user.email[0]}
enqueue_task.side_effect = self.enqueue_task
second_user.institutions.append(second_inst.key)
second_user.follows.append(second_inst.key)
second_user.put()
# update headers
self.headers['Institution-Authorization'] = second_inst.key.urlsafe()
self.testapp.delete("/api/institutions/%s?removeHierarchy=false" %
second_inst.key.urlsafe(),
headers=self.headers)
second_user = second_user.key.get()
second_inst = second_inst.key.get()
third_inst = third_inst.key.get()
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(second_inst.state == 'inactive')
self.assertFalse(third_inst.state == 'inactive')
def test_remove_admin_permission_in_institution_hierarchy(
self, verify_token, enqueue_task):
"""Test remove admin permissions in institution hierarchy."""
first_user = mocks.create_user()
second_user = mocks.create_user()
third_user = mocks.create_user()
first_inst = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
first_inst.admin = first_user.key
second_inst.admin = second_user.key
third_inst.admin = third_user.key
first_user.institutions_admin.append(first_inst.key)
second_user.institutions_admin.append(second_inst.key)
third_user.institutions_admin.append(third_inst.key)
second_inst.parent_institution = first_inst.key
third_inst.parent_institution = second_inst.key
first_inst.children_institutions.append(second_inst.key)
second_inst.children_institutions.append(third_inst.key)
second_user.add_permission('remove_inst', second_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
second_inst.key.urlsafe())
second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS,
third_inst.key.urlsafe())
first_inst.put()
second_inst.put()
third_inst.put()
first_user.put()
second_user.put()
third_user.put()
self.assertTrue(
has_permissions(second_user, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
verify_token._mock_return_value = {'email': second_user.email[0]}
enqueue_task.side_effect = self.enqueue_task
first_user = first_user.key.get()
second_user = second_user.key.get()
third_user = third_user.key.get()
# add second_int to second user institutions
second_user.institutions.append(second_inst.key)
second_user.follows.append(second_inst.key)
second_user.put()
# update headers
self.headers['Institution-Authorization'] = second_inst.key.urlsafe()
self.testapp.delete("/api/institutions/%s?removeHierarchy=true" %
second_inst.key.urlsafe(),
headers=self.headers)
second_user = second_user.key.get()
third_user = third_user.key.get()
self.assertFalse(
has_permissions(second_user, second_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertFalse(
has_permissions(third_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_add_admin_permission_in_institution_hierarchy(
self, verify_token, enqueue_task):
"""Test add admin permissions in institution hierarchy."""
first_user = mocks.create_user()
second_user = mocks.create_user()
third_user = mocks.create_user()
first_inst = mocks.create_institution()
second_inst = mocks.create_institution()
third_inst = mocks.create_institution()
first_inst.admin = first_user.key
second_inst.admin = second_user.key
third_inst.admin = third_user.key
first_user.institutions_admin.append(first_inst.key)
second_user.institutions_admin.append(second_inst.key)
third_user.institutions_admin.append(third_inst.key)
second_inst.parent_institution = first_inst.key
third_inst.parent_institution = second_inst.key
first_inst.children_institutions.append(second_inst.key)
second_inst.children_institutions.append(third_inst.key)
first_inst.put()
second_inst.put()
third_inst.put()
first_user.put()
second_user.put()
third_user.put()
invite = InviteInstitution()
invite.invitee = third_user.email[0]
invite.institution_key = third_inst.key
invite.admin_key = second_user.key
invite.stub_institution_key = third_inst.key
invite.put()
verify_token._mock_return_value = {'email': third_user.email[0]}
enqueue_task.side_effect = self.enqueue_task
self.assertEqual(first_user.permissions, {})
self.assertEqual(second_user.permissions, {})
self.assertEqual(third_user.permissions, {})
self.body['data'] = {'sender_name': 'user name updated'}
self.testapp.put_json(
"/api/institutions/%s/invites/%s" %
(third_inst.key.urlsafe(), invite.key.urlsafe()), self.body)
first_user = first_user.key.get()
second_user = second_user.key.get()
third_user = third_user.key.get()
self.assertTrue(
has_permissions(third_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
self.assertTrue(
has_permissions(second_user, third_inst.key.urlsafe(),
permissions.DEFAULT_ADMIN_PERMISSIONS))
