def test_post(self): """Test the post method.""" # Verify the members admin = mocks.create_user() common_user = mocks.create_user() institution = mocks.create_institution() child_institution = mocks.create_institution() institution.address = mocks.create_address() admin.institutions_admin = [institution.key] admin.add_institution(institution.key) admin.follows = [institution.key] institution.members = [admin.key, common_user.key] institution.set_admin(admin.key) child_institution.parent_institution = institution.key child_institution.admin = common_user.key common_user.institutions_admin = [child_institution.key] institution.children_institutions.append(child_institution.key) institution.put() child_institution.put() common_user.add_institution(institution.key) common_user.follows = [institution.key] admin.put() common_user.put() self.assertTrue(institution.key in admin.institutions) self.assertTrue(institution.key in common_user.institutions) admin.add_permissions(DEFAULT_ADMIN_PERMISSIONS, institution.key.urlsafe()) admin.add_permissions(DEFAULT_ADMIN_PERMISSIONS, child_institution.key.urlsafe()) # Call the post method self.testapp.post( '/api/queue/remove-inst?institution_key=%s&remove_hierarchy=true&user_key=%s' % (institution.key.urlsafe(), admin.key.urlsafe())) # Retrieving the entities admin = admin.key.get() common_user = common_user.key.get() child_institution = child_institution.key.get() # Check if the method worked as expected self.assertFalse( has_permissions(admin, institution.key.urlsafe(), DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(admin, child_institution.key.urlsafe(), DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue(child_institution.state == 'inactive')
def test_remove_admin_permission_in_institution_hierarchy(self, verify_token, enqueue_task): """Test remove admin permissions in institution hierarchy.""" second_user = mocks.create_user() third_user = mocks.create_user() second_inst = mocks.create_institution() third_inst = mocks.create_institution() second_inst.admin = second_user.key third_inst.admin = third_user.key second_user.institutions_admin.append(second_inst.key) third_user.institutions_admin.append(third_inst.key) third_inst.parent_institution = second_inst.key second_inst.children_institutions.append(third_inst.key) third_user.add_permission('remove_link', third_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) second_inst.put() third_inst.put() second_user.put() third_user.put() self.assertTrue(has_permissions( second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) enqueue_task.side_effect = self.enqueue_task verify_token._mock_return_value = {'email': third_user.email[0]} self.testapp.delete("/api/institutions/%s/hierarchy/%s?isParent=true" % (third_inst.key.urlsafe(), second_inst.key.urlsafe())) second_user = second_user.key.get() self.assertFalse(has_permissions( second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_to_keep_permissions_information(self): """apokdpos.""" first_user = mocks.create_user() second_user = mocks.create_user() third_user = mocks.create_user() first_inst = mocks.create_institution() second_inst = mocks.create_institution() third_inst = mocks.create_institution() fourth_inst = mocks.create_institution() first_inst.add_member(first_user) first_inst.set_admin(first_user.key) third_inst.add_member(second_user) third_inst.set_admin(second_user.key) second_inst.add_member(third_user) second_inst.set_admin(third_user.key) fourth_inst.add_member(third_user) fourth_inst.set_admin(third_user.key) first_user.institutions_admin = [first_inst.key] third_user.institutions_admin.append(second_inst.key) second_user.institutions_admin.append(third_inst.key) third_user.institutions_admin.append(fourth_inst.key) # Hierarchy # first_inst -> second_inst -> third_inst -> fourth_inst # (first_user) (third_user) (second_user) (third_user) second_inst.parent_institution = first_inst.key fourth_inst.parent_institution = third_inst.key first_inst.children_institutions.append(second_inst.key) second_inst.children_institutions.append(third_inst.key) third_inst.children_institutions.append(fourth_inst.key) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, first_inst.key.urlsafe()) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, second_inst.key.urlsafe()) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, fourth_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, fourth_inst.key.urlsafe()) third_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, second_inst.key.urlsafe()) third_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) third_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, fourth_inst.key.urlsafe()) first_inst.put() second_inst.put() third_inst.put() fourth_inst.put() first_user.put() second_user.put() third_user.put() params = '?institution_key=%s&&parent_key=%s' % ( third_inst.key.urlsafe(), second_inst.key.urlsafe()) self.testapp.post(REMOVE_ADMIN_PERMISSIONS_URI + params) first_user = first_user.key.get() second_user = second_user.key.get() third_user = third_user.key.get() self.assertTrue( has_permissions(first_user, first_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(first_user, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(first_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(first_user, fourth_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, fourth_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(third_user, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(third_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(third_user, fourth_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))
def test(self): """Test the post method.""" # Verify the members """Test remove admin permissions in institution hierarchy.""" first_user = mocks.create_user() second_user = mocks.create_user() first_inst = mocks.create_institution() second_inst = mocks.create_institution() third_inst = mocks.create_institution() fourth_inst = mocks.create_institution() first_inst.add_member(first_user) first_inst.set_admin(first_user.key) third_inst.add_member(second_user) third_inst.set_admin(second_user.key) second_inst.add_member(second_user) second_inst.set_admin(second_user.key) fourth_inst.add_member(first_user) fourth_inst.set_admin(first_user.key) first_user.institutions_admin.append(first_inst.key) second_user.institutions_admin.append(second_inst.key) second_user.institutions_admin.append(third_inst.key) first_user.institutions_admin.append(fourth_inst.key) # Hierarchy # first_inst -> second_inst -> third_inst -> fourth_inst # (first_user) (second_user) (second_user) (first_user) second_inst.parent_institution = first_inst.key fourth_inst.parent_institution = third_inst.key first_inst.children_institutions.append(second_inst.key) second_inst.children_institutions.append(third_inst.key) third_inst.children_institutions.append(fourth_inst.key) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, first_inst.key.urlsafe()) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, second_inst.key.urlsafe()) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) first_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, fourth_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, second_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, fourth_inst.key.urlsafe()) first_inst.put() second_inst.put() third_inst.put() fourth_inst.put() first_user.put() second_user.put() params = '?institution_key=%s&&parent_key=%s' % ( third_inst.key.urlsafe(), second_inst.key.urlsafe()) self.testapp.post(REMOVE_ADMIN_PERMISSIONS_URI + params) first_user = first_user.key.get() second_user = second_user.key.get() self.assertTrue( has_permissions(first_user, first_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(first_user, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(first_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(first_user, fourth_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, fourth_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_add_admin_permission_in_institution_hierarchy( self, verify_token, enqueue_task): """Test add admin permissions in institution hierarchy.""" first_user = mocks.create_user() second_user = mocks.create_user() third_user = mocks.create_user() first_inst = mocks.create_institution() second_inst = mocks.create_institution() third_inst = mocks.create_institution() first_inst.admin = first_user.key second_inst.admin = second_user.key third_inst.admin = third_user.key first_user.institutions_admin.append(first_inst.key) second_user.institutions_admin.append(second_inst.key) third_user.institutions_admin.append(third_inst.key) second_inst.parent_institution = first_inst.key third_inst.parent_institution = second_inst.key first_inst.children_institutions.append(second_inst.key) first_inst.put() second_inst.put() third_inst.put() first_user.put() second_user.put() third_user.put() second_user.add_permission('answer_link_inst_request', second_inst.key.urlsafe()) request = RequestInstitutionParent() request.admin_key = third_user.key request.sender_key = third_user.key request.institution_key = third_inst.key request.institution_requested_key = second_inst.key request.put() verify_token._mock_return_value = {'email': second_user.email[0]} second_user.add_institution(second_inst.key) enqueue_task.side_effect = self.enqueue_task self.assertFalse( has_permissions(first_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.testapp.put( "/api/requests/%s/institution_parent" % request.key.urlsafe(), headers={'institution-authorization': second_inst.key.urlsafe()}) first_user = first_user.key.get() second_user = second_user.key.get() third_user = third_user.key.get() self.assertTrue( has_permissions(first_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_put_invite_not_allowed(self, verify_token): """Test put invite not allowed.""" admin = mocks.create_user() new_admin = mocks.create_user() institution = mocks.create_institution() institution.add_member(admin) institution.set_admin(admin.key) institution.add_member(new_admin) admin.institutions.append(institution.key) admin.add_institution_admin(institution.key) add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) institution.put() admin.put() new_admin.put() invite = mocks.create_invite(admin, institution.key, 'USER') self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'New_admin should not have admin permissions for this institution!' ) self.assertEquals( admin.key, institution.admin, 'Admin must be the administrator of the institution!' ) with self.assertRaises(Exception) as raises_context: self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe())) institution = institution.key.get() admin = admin.key.get() new_admin = new_admin.key.get() invite = invite.key.get() self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'New_admin should not have admin permissions for this institution!' ) self.assertEquals( admin.key, institution.admin, 'Admin must be the administrator of the institution!' ) self.assertEquals( invite.status, 'sent', 'Invitation status must be equal to sent!' ) message_exception = self.get_message_exception(str(raises_context.exception)) self.assertEqual( message_exception, 'Error! Invitation type not allowed', 'Expected message of exception must be equal to Error! Invitation type not allowed' )
def test_delete(self, verify_token, send_notification): """Test reject invite.""" admin = mocks.create_user() new_admin = mocks.create_user() institution = mocks.create_institution() institution.add_member(admin) institution.set_admin(admin.key) institution.add_member(new_admin) admin.institutions.append(institution.key) admin.add_institution_admin(institution.key) add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) institution.put() admin.put() new_admin.put() invite = mocks.create_invite(admin, institution.key, 'USER_ADM', new_admin.key.urlsafe()) self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'New_admin should not have admin permissions for this institution!' ) self.assertEquals( admin.key, institution.admin, 'Admin must be the administrator of the institution!' ) self.testapp.delete('/api/invites/%s/institution_adm' %(invite.key.urlsafe())) institution = institution.key.get() admin = admin.key.get() new_admin = new_admin.key.get() invite = invite.key.get() self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'New_admin should not have admin permissions for this institution!' ) self.assertEquals( admin.key, institution.admin, 'Admin must be the administrator of the institution!' ) self.assertEquals( invite.status, 'rejected', 'Invitation status must be equal to rejected!' )
def test_put_invite_with_super_user_admin_of_parent_inst(self, verify_token, enqueue_task, send_notification): """Test put invite with user super user and is admin of parent institution.""" enqueue_task.side_effect = self.enqueue_task admin = mocks.create_user() new_admin = mocks.create_user() institution = mocks.create_institution() second_inst = mocks.create_institution() second_inst.name = "Departamento do Complexo Industrial e Inovacao em Saude" second_inst.trusted = True third_inst = mocks.create_institution() institution.add_member(admin) institution.set_admin(admin.key) institution.children_institutions = [second_inst.key] # Departamento do Complexo Industrial e Inovacao em Saude # Admin of this institution is Super User second_inst.add_member(admin) second_inst.set_admin(admin.key) second_inst.add_member(new_admin) second_inst.parent_institution = institution.key second_inst.children_institutions = [third_inst.key] third_inst.add_member(admin) third_inst.set_admin(admin.key) third_inst.add_member(new_admin) third_inst.parent_institution = second_inst.key admin.institutions.append(institution.key) admin.institutions.append(second_inst.key) admin.institutions.append(third_inst.key) admin.add_institution_admin(institution.key) admin.add_institution_admin(second_inst.key) admin.add_institution_admin(third_inst.key) add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) add_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) add_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS) add_permissions(admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) institution.put() second_inst.put() third_inst.put() admin.put() new_admin.put() verify_token._mock_return_value = {'email': new_admin.email[0]} invite = mocks.create_invite(admin, second_inst.key, 'USER_ADM', new_admin.key.urlsafe()) self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for this institution!' ) self.assertTrue( has_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin user permissions for second_inst institution!' ) self.assertTrue( has_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), 'Admin must have super user permissions for second_inst institution!' ) self.assertTrue( has_permissions(admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin user permissions for third_inst institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have not admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have not admin user permissions for second_inst institution!' ) self.assertFalse( has_permissions(new_admin, second_inst.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), 'Admin must have not super user permissions for second_inst institution!' ) self.assertFalse( has_permissions(new_admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have not admin user permissions for third_inst institution!' ) self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe())) institution = institution.key.get() second_inst = second_inst.key.get() third_inst = third_inst.key.get() admin = admin.key.get() new_admin = new_admin.key.get() invite = invite.key.get() self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'admin must have admin permissions for this institution!' ) self.assertTrue( has_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for second_inst institution!' ) self.assertFalse( has_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), "Admin shouldn't have admin permissions for second_inst institution!" ) self.assertTrue( has_permissions(admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for third_inst institution!' ) self.assertTrue( has_permissions(new_admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin must have admin user permissions for second_inst institution!' ) self.assertTrue( has_permissions(new_admin, second_inst.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), 'new_admin must have super user permissions for second_inst institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have admin permissions for this institution!' ) self.assertTrue( has_permissions(new_admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'New_admin must have admin user permissions for third_inst institution!' )
def test_put_invite_super_user(self, verify_token, enqueue_task, send_notification): """Test put invite with user is super admin.""" enqueue_task.side_effect = self.enqueue_task admin = mocks.create_user() new_admin = mocks.create_user() institution = mocks.create_institution() institution.name = "Departamento do Complexo Industrial e Inovacao em Saude" institution.trusted = True institution.add_member(admin) institution.set_admin(admin.key) institution.add_member(new_admin) new_admin.institutions.append(institution.key) admin.institutions.append(institution.key) admin.add_institution_admin(institution.key) add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS) institution.put() admin.put() new_admin.put() verify_token._mock_return_value = {'email': new_admin.email[0]} invite = mocks.create_invite(admin, institution.key, 'USER_ADM', new_admin.key.urlsafe()) self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have administrative permissions!' ) self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), 'Admin must have super user permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have administrative permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), 'new_admin should not have super user permissions for this institution!' ) self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe())) institution = institution.key.get() admin = admin.key.get() new_admin = new_admin.key.get() invite = invite.key.get() self.assertFalse( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'admin must have super not user permissions for this institution!' ) self.assertFalse( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), 'admin must have not super user permissions for this institution!' ) self.assertTrue( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin must have admin permissions for second_inst institution!' ) self.assertTrue( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_SUPER_USER_PERMISSIONS), 'new_admin must have super user permissions for second_inst institution!' )
def test_put(self, verify_token, enqueue_task, send_notification): """Test put method in inviteUserAdmHandler.""" enqueue_task.side_effect = self.enqueue_task admin = mocks.create_user() new_admin = mocks.create_user() institution = mocks.create_institution() institution.add_member(admin) institution.set_admin(admin.key) institution.add_member(new_admin) admin.institutions.append(institution.key) admin.add_institution_admin(institution.key) add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) institution.put() admin.put() new_admin.put() verify_token._mock_return_value = {'email': new_admin.email[0]} invite = mocks.create_invite(admin, institution.key, 'USER_ADM', new_admin.key.urlsafe()) self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have admin permissions for this institution!' ) self.assertEquals( admin.key, institution.admin, 'Admin must be the administrator of the institution!' ) self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe())) institution = institution.key.get() admin = admin.key.get() new_admin = new_admin.key.get() invite = invite.key.get() self.assertFalse( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin should not have admin permissions for this institution!' ) self.assertTrue( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'New_admin must have admin permissions for this institution!' ) self.assertEquals( new_admin.key, institution.admin, 'New_admin must be the administrator of the institution!' ) self.assertEquals( invite.status, 'accepted', 'Invitation status must be equal to accepted!' )
def test_put_invite_with_user_admin_of_parent_inst(self, verify_token, enqueue_task, send_notification): """Test put invite with user is admin of parent institution.""" enqueue_task.side_effect = self.enqueue_task admin = mocks.create_user() new_admin = mocks.create_user() other_admin = mocks.create_user() institution = mocks.create_institution() second_inst = mocks.create_institution() third_inst = mocks.create_institution() institution.add_member(admin) institution.set_admin(admin.key) institution.children_institutions = [second_inst.key] second_inst.add_member(other_admin) second_inst.set_admin(other_admin.key) second_inst.parent_institution = institution.key second_inst.children_institutions = [third_inst.key] third_inst.add_member(admin) third_inst.set_admin(admin.key) third_inst.add_member(new_admin) third_inst.parent_institution = second_inst.key admin.institutions.append(institution.key) admin.institutions.append(third_inst.key) admin.add_institution_admin(institution.key) admin.add_institution_admin(third_inst.key) other_admin.institutions.append(second_inst.key) other_admin.add_institution_admin(second_inst.key) add_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) add_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) add_permissions(admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) add_permissions(other_admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS) institution.put() second_inst.put() third_inst.put() admin.put() new_admin.put() other_admin.put() verify_token._mock_return_value = {'email': new_admin.email[0]} invite = mocks.create_invite(admin, third_inst.key, 'USER_ADM', new_admin.key.urlsafe()) self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for this institution!' ) self.assertTrue( has_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for second_inst institution!' ) self.assertTrue( has_permissions(admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for third_inst institution!' ) self.assertTrue( has_permissions(other_admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'other_admin must have admin permissions for second_inst institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have admin permissions for the second_inst institution!' ) self.assertFalse( has_permissions(new_admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have admin permissions for the third_inst institution!' ) self.assertEquals( admin.key, third_inst.admin, 'Admin must be the administrator of the institution!' ) self.testapp.put('/api/invites/%s/institution_adm' %(invite.key.urlsafe())) institution = institution.key.get() second_inst = second_inst.key.get() third_inst = third_inst.key.get() admin = admin.key.get() new_admin = new_admin.key.get() other_admin.key.get() invite = invite.key.get() self.assertTrue( has_permissions(admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'admin must have admin permissions for this institution!' ) self.assertTrue( has_permissions(admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for second_inst institution!' ) self.assertTrue( has_permissions(admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'Admin must have admin permissions for third_inst institution!' ) self.assertTrue( has_permissions(other_admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'other_admin must have admin permissions for second_inst institution!' ) self.assertFalse( has_permissions(new_admin, institution.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have admin permissions for this institution!' ) self.assertFalse( has_permissions(new_admin, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'new_admin should not have admin permissions for the second_inst institution!' ) self.assertTrue( has_permissions(new_admin, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS), 'New_admin must have admin permissions for third_inst institution!' ) self.assertEquals( new_admin.key, third_inst.admin, 'New_admin must be the administrator of the institution!' )
def test_remove_admin_permission_in_a_middle_institution_with_two_administered_institutions( self, verify_token, enqueue_task): """Test remove admin permissions in institution hierarchy.""" first_user = mocks.create_user() second_user = mocks.create_user() first_inst = mocks.create_institution() second_inst = mocks.create_institution() third_inst = mocks.create_institution() first_inst.add_member(first_user) first_inst.set_admin(first_user.key) second_inst.admin = second_user.key third_inst.admin = second_user.key first_user.institutions_admin.append(first_inst.key) second_user.institutions_admin.append(second_inst.key) second_user.institutions_admin.append(third_inst.key) second_inst.parent_institution = first_inst.key third_inst.parent_institution = second_inst.key first_inst.children_institutions.append(second_inst.key) second_inst.children_institutions.append(third_inst.key) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, second_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) first_inst.put() second_inst.put() third_inst.put() first_user.put() second_user.put() # Hierarchy # first_inst -> second_inst -> third_inst # (first_user) (second_user) (second_user) self.assertTrue( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) verify_token._mock_return_value = {'email': second_user.email[0]} enqueue_task.side_effect = self.enqueue_task second_user.institutions.append(second_inst.key) second_user.follows.append(second_inst.key) second_user.put() # update headers self.headers['Institution-Authorization'] = second_inst.key.urlsafe() self.testapp.delete("/api/institutions/%s?removeHierarchy=false" % second_inst.key.urlsafe(), headers=self.headers) second_user = second_user.key.get() second_inst = second_inst.key.get() third_inst = third_inst.key.get() self.assertTrue( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue(second_inst.state == 'inactive') self.assertFalse(third_inst.state == 'inactive')
def test_remove_admin_permission_in_institution_hierarchy( self, verify_token, enqueue_task): """Test remove admin permissions in institution hierarchy.""" first_user = mocks.create_user() second_user = mocks.create_user() third_user = mocks.create_user() first_inst = mocks.create_institution() second_inst = mocks.create_institution() third_inst = mocks.create_institution() first_inst.admin = first_user.key second_inst.admin = second_user.key third_inst.admin = third_user.key first_user.institutions_admin.append(first_inst.key) second_user.institutions_admin.append(second_inst.key) third_user.institutions_admin.append(third_inst.key) second_inst.parent_institution = first_inst.key third_inst.parent_institution = second_inst.key first_inst.children_institutions.append(second_inst.key) second_inst.children_institutions.append(third_inst.key) second_user.add_permission('remove_inst', second_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, second_inst.key.urlsafe()) second_user.add_permissions(permissions.DEFAULT_ADMIN_PERMISSIONS, third_inst.key.urlsafe()) first_inst.put() second_inst.put() third_inst.put() first_user.put() second_user.put() third_user.put() self.assertTrue( has_permissions(second_user, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) verify_token._mock_return_value = {'email': second_user.email[0]} enqueue_task.side_effect = self.enqueue_task first_user = first_user.key.get() second_user = second_user.key.get() third_user = third_user.key.get() # add second_int to second user institutions second_user.institutions.append(second_inst.key) second_user.follows.append(second_inst.key) second_user.put() # update headers self.headers['Institution-Authorization'] = second_inst.key.urlsafe() self.testapp.delete("/api/institutions/%s?removeHierarchy=true" % second_inst.key.urlsafe(), headers=self.headers) second_user = second_user.key.get() third_user = third_user.key.get() self.assertFalse( has_permissions(second_user, second_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertFalse( has_permissions(third_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))
def test_add_admin_permission_in_institution_hierarchy( self, verify_token, enqueue_task): """Test add admin permissions in institution hierarchy.""" first_user = mocks.create_user() second_user = mocks.create_user() third_user = mocks.create_user() first_inst = mocks.create_institution() second_inst = mocks.create_institution() third_inst = mocks.create_institution() first_inst.admin = first_user.key second_inst.admin = second_user.key third_inst.admin = third_user.key first_user.institutions_admin.append(first_inst.key) second_user.institutions_admin.append(second_inst.key) third_user.institutions_admin.append(third_inst.key) second_inst.parent_institution = first_inst.key third_inst.parent_institution = second_inst.key first_inst.children_institutions.append(second_inst.key) second_inst.children_institutions.append(third_inst.key) first_inst.put() second_inst.put() third_inst.put() first_user.put() second_user.put() third_user.put() invite = InviteInstitution() invite.invitee = third_user.email[0] invite.institution_key = third_inst.key invite.admin_key = second_user.key invite.stub_institution_key = third_inst.key invite.put() verify_token._mock_return_value = {'email': third_user.email[0]} enqueue_task.side_effect = self.enqueue_task self.assertEqual(first_user.permissions, {}) self.assertEqual(second_user.permissions, {}) self.assertEqual(third_user.permissions, {}) self.body['data'] = {'sender_name': 'user name updated'} self.testapp.put_json( "/api/institutions/%s/invites/%s" % (third_inst.key.urlsafe(), invite.key.urlsafe()), self.body) first_user = first_user.key.get() second_user = second_user.key.get() third_user = third_user.key.get() self.assertTrue( has_permissions(third_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS)) self.assertTrue( has_permissions(second_user, third_inst.key.urlsafe(), permissions.DEFAULT_ADMIN_PERMISSIONS))