def setUp(self): super().setUp() self.project = ProjectFactory.create() self.super_user = UserFactory.create() OrganizationRole.objects.create(user=self.super_user, organization=self.project.organization, admin=False) su_role = Role.objects.get(name='superuser') self.super_user.assign_policies(su_role) self.org_admin = UserFactory.create() OrganizationRole.objects.create(user=self.org_admin, organization=self.project.organization, admin=True) self.project_user_1 = UserFactory.create() OrganizationRole.objects.create(user=self.project_user_1, organization=self.project.organization, admin=False) ProjectRole.objects.create(user=self.project_user_1, project=self.project, role='DC') self.project_user_2 = UserFactory.create() OrganizationRole.objects.create(user=self.project_user_2, organization=self.project.organization, admin=False)
def setUp(self): super().setUp() PolicyFactory.load_policies() load_test_data(get_test_data()) UserFactory.create( username='******', password='******')
def add_test_users(self): users = [] # the first two named users will have superuser access named_users = [ {'username': '******', 'email': '*****@*****.**', 'full_name': 'Ian Ross'}, {'username': '******', 'email': '*****@*****.**', 'full_name': 'Oliver Roick'}] # add user's with names in languages that need to be tested. languages = ['el_GR', 'ja_JP', 'hi_IN', 'hr_HR', 'lt_LT'] named_users.append({ 'full_name': 'עזרא ברש' }) for lang in languages: fake = Factory.create(lang) named_users.append({ 'full_name': fake.name() }) for n in range(20): if n < len(named_users): users.append(UserFactory.create( password='******', email_verified=True, last_login=datetime.now(tz=timezone.utc), is_active=True, **named_users[n] )) else: users.append(UserFactory.create( password='******', is_active=(n < 8), full_name=fake.name(), )) print('\nSuccessfully added test users.') return users
def setup_models(self): self.u1 = UserFactory.create() self.u2 = UserFactory.create() self.u3 = UserFactory.create() self.org1 = OrganizationFactory.create(name='A', add_users=[self.u1]) self.org2 = OrganizationFactory.create( name='B', add_users=[self.u1, self.u2] ) self.user = UserFactory.create()
def test_PUT_user_with_unauthorized_user(self): user = UserFactory.create() self.test_user = UserFactory.create() self.project = ProjectFactory.create(add_users=[self.test_user]) response = self.request(method='PUT', user=user) assert response.status_code == 403 assert response.content['detail'] == PermissionDenied.default_detail role = ProjectRole.objects.get(project=self.project, user=self.test_user) assert role.role == 'PU'
def test_post_with_unauthorized_user(self): user = UserFactory.create() user_to_add = UserFactory.create(username='******') response = self.request(method='POST', user=user) assert response.status_code == 302 assert ("You don't have permission to add members to this organization" in response.messages) assert OrganizationRole.objects.filter( organization=self.org, user=user_to_add).exists() is False
def test_update_profile_duplicate_email(self): user1 = UserFactory.create(username='******', full_name='John Lennon') user2 = UserFactory.create(username='******') post_data = { 'username': '******', 'email': user1.email, 'full_name': 'Bill Bloggs', } response = self.request(method='POST', user=user2, post_data=post_data) assert 'Failed to update profile information' in response.messages
def setUp(self): super().setUp() self.user = UserFactory.create() self.org_member = UserFactory.create() self.org = OrganizationFactory.create() self.org_role_user = OrganizationRole.objects.create(organization=self.org, user=self.user) self.org_role_member = OrganizationRole.objects.create(organization=self.org, user=self.org_member) self.prj_1 = ProjectFactory.create(organization=self.org) self.prj_2 = ProjectFactory.create(organization=self.org) self.prj_3 = ProjectFactory.create(organization=self.org) self.prj_4 = ProjectFactory.create(organization=self.org) self.prjs = [self.prj_1, self.prj_2, self.prj_3, self.prj_4]
def setup_models(self): clauses = { 'clause': [ clause('allow', ['user.*']), clause('allow', ['user.*'], ['user/*']) ] } policy = Policy.objects.create( name='default', body=json.dumps(clauses)) self.user = UserFactory.create() assign_user_policies(self.user, policy) self.test_user = UserFactory.create(username='******')
def test_post_with_authorized_user(self): user = UserFactory.create() user_to_add = UserFactory.create(username='******') assign_policies(user) response = self.request(method='POST', user=user) assert response.status_code == 302 assert ('/organizations/{}/members/{}'.format( self.org.slug, user_to_add.username) in response.location ) assert OrganizationRole.objects.filter( organization=self.org, user=user_to_add).exists() is True
def test_set_roles_for_duplicate_username(self): org = OrganizationFactory.create() user1 = UserFactory.create(email='*****@*****.**') UserFactory.create(email='*****@*****.**') data = {'username': user1.email, 'admin': 'true'} serializer = serializers.OrganizationUserSerializer( data=data, context={'organization': org} ) with pytest.raises(ValidationError): serializer.is_valid(raise_exception=True) assert (_('More than one user found for username or email ' '{email}').format(email='*****@*****.**') in serializer.errors['username'])
def setup_models(self): clauses = { 'clause': [ clause('allow', ['org.*']), clause('allow', ['org.*', 'org.*.*'], ['organization/*']) ] } policy = Policy.objects.create( name='test-policy', body=json.dumps(clauses)) self.user = UserFactory.create() assign_user_policies(self.user, policy) self.org_user = UserFactory.create() self.org = OrganizationFactory.create(add_users=[self.org_user])
def setUp(self): super().setUp() PolicyFactory.load_policies() test_objs = load_test_data(get_test_data()) OrganizationRole.objects.create( organization=test_objs['organizations'][0], user=UserFactory.create( username='******', password='******'), admin=True) UserFactory.create( username='******', email='*****@*****.**', full_name="Han Solo", password='******')
def test_post_with_unauthorized_user(self): user = UserFactory.create() response = self.request(method='POST', user=user) assert response.status_code == 302 assert ("You don't have permission to " "add resources to this location." in response.messages) assert self.location.resources.count() == 0
def setup_models(self): clauses = { 'clause': [ { 'effect': 'allow', 'object': ['project/*/*', 'spatial/*/*/*', 'spatial_rel/*/*/*', 'party/*/*/*', 'party_rel/*/*/*', 'tenure_rel/*/*/*'], 'action': ['project.*', 'project.*.*', 'spatial.*', 'spatial_rel.*', 'party.*', 'party_rel.*', 'tenure_rel.*'] } ] } policy = Policy.objects.create( name='basic-test', body=json.dumps(clauses)) self.user = UserFactory.create() self.user.assign_policies(policy) self.prj = ProjectFactory.create(slug='test-project', access='public') self.SR = spatial_factories.SpatialRelationshipFactory self.PR = party_factories.PartyRelationshipFactory self.TR = party_factories.TenureRelationshipFactory
def _test_serialize(self, https=False): form = self._get_form('xls-form') self.url = '/collect/' user = UserFactory.create() request = APIRequestFactory().get(self.url) force_authenticate(request, user=user) if https: request.META['SERVER_PROTOCOL'] = 'HTTPS/1.1' project = ProjectFactory.create() questionnaire = QuestionnaireSerializer( data={'xls_form': form}, context={'project': project} ) assert questionnaire.is_valid(raise_exception=True) is True questionnaire.save() form = Questionnaire.objects.get(filename__contains='xls-form') serializer = serializers.XFormListSerializer( form, context={'request': request}) url_refix = 'https' if https else 'http' assert serializer.data['formID'] == questionnaire.data['id_string'] assert serializer.data['name'] == questionnaire.data['title'] assert serializer.data['version'] == questionnaire.data['version'] assert (serializer.data['downloadUrl'] == url_refix + '://testserver' + reverse('form-download', args=[form.id])) assert serializer.data['hash'] == questionnaire.data['md5_hash']
def test_delete_user(self): self.test_user = UserFactory.create() self.project = ProjectFactory.create(add_users=[self.test_user]) response = self.request(method='DELETE', user=self.user) assert response.status_code == 204 assert self.project.users.count() == 0 assert User.objects.filter(username=self.test_user.username).exists()
def test_create_private_record_based_on_org_membership(self): user = UserFactory.create() OrganizationRole.objects.create(organization=self.org, user=user) response = self.request(user=user, method='POST') assert response.status_code == 403 assert PartyRelationship.objects.count() == 0 assert response.content['detail'] == PermissionDenied.default_detail
def test_update_with_archived_project(self): self.project.archived = True self.project.save() response = self.request(method='PATCH', user=UserFactory.create()) assert response.status_code == 403 self.resource.refresh_from_db() assert self.resource.name != self.post_data['name']
def test_user_fields_are_set(self): user = UserFactory.create(last_login=datetime.now()) serializer = serializers.UserAdminSerializer(user) assert 'username' in serializer.data assert 'last_login' in serializer.data assert 'is_active' in serializer.data
def test_post_with_unauthorized_user(self): user = UserFactory.create() response = self.request(method='POST', user=user) assert SpatialUnit.objects.count() == 0 assert response.status_code == 302 assert ("You don't have permission to add " "locations to this project." in response.messages)
def test_organizations_are_serialized(self): user = UserFactory.create() OrganizationFactory.create(add_users=[user]) OrganizationFactory.create(add_users=[user]) serializer = serializers.UserAdminSerializer(user) assert 'organizations' in serializer.data
def test_PUT_with_unauthorized_user(self): user = UserFactory.create() data = {'name': 'Org Name'} response = self.request(method='PUT', post_data=data, user=user) assert response.status_code == 403 self.org.refresh_from_db() assert self.org.name == 'Org'
def test_get_users(self): other_user = UserFactory.create() response = self.request(user=self.user) assert response.status_code == 200 assert len(response.content) == 2 assert (other_user.username not in [u['username'] for u in response.content])
def setup_models(self): self.user = UserFactory.create() self.org = OrganizationFactory.create() self.prj = ProjectFactory.create(organization=self.org) OrganizationRole.objects.create( organization=self.org, user=self.user, admin=True)
def setup_models(self): self.project = ProjectFactory.create() self.resources = ResourceFactory.create_batch( 2, content_object=self.project, project=self.project) self.denied = ResourceFactory.create(content_object=self.project, project=self.project) ResourceFactory.create() self.user = UserFactory.create() assign_policies(self.user, add_clauses=[ { 'effect': 'deny', 'object': ['resource/*/*/' + self.denied.id], 'action': ['resource.*'], }, { 'effect': 'deny', 'object': ['resource/*/*/*'], 'action': ['resource.unarchive'], }, ]) self.storage = self.get_storage() self.file = self.get_file( '/resources/tests/files/image.jpg', 'rb') self.file_name = self.storage.save('resources/image.jpg', self.file)
def test_get_with_authorized_user_with_same_referrer_with_session(self): user = UserFactory.create() assign_policies(user) # Manually construct our request to enable session reuse request = HttpRequest() self._request = request setattr(request, 'method', 'GET') setattr(request, 'user', user) request.META['SERVER_NAME'] = 'testserver' request.META['SERVER_PORT'] = '80' setattr(request, 'session', SessionStore()) url_params = self._get_url_kwargs() view = self.setup_view() expected_content = self.render_content(cancel_url='/info/') # First request that should set the session request.META['HTTP_REFERER'] = '/info/' response = view(request, **url_params) content = response.render().content.decode('utf-8') assert response.status_code == 200 assert remove_csrf(content) == expected_content assert request.session['cancel_add_location_url'] == '/info/' # Second request to check that the session is being used request.META['HTTP_REFERER'] = reverse( 'locations:add', kwargs=self.setup_url_kwargs()) response = view(request, **url_params) content = response.render().content.decode('utf-8') assert response.status_code == 200 assert remove_csrf(content) == expected_content assert request.session['cancel_add_location_url'] == '/info/'
def test_post_with_authorized_user(self): user = UserFactory.create() assign_policies(user) response = self.request(method='POST', user=user) assert response.status_code == 302 assert response.location == self.expected_success_url + '#resources' assert self.location.resources.count() == 1
def test_add_user_to_organization_that_does_not_exist(self): new_user = UserFactory.create() response = self.request(method='POST', user=self.user, url_kwargs={'organization': 'some-org'}, post_data={'username': new_user.username}) assert response.status_code == 404 assert response.content['detail'] == "Organization not found."
def test_add_user_with_unauthorized_user(self): new_user = UserFactory.create() response = self.request(method='POST', post_data={'username': new_user.username}) assert response.status_code == 403 assert self.org.users.count() == 2 assert response.content['detail'] == PermissionDenied.default_detail
def test_get_user(self): self.test_user = UserFactory.create() self.project = ProjectFactory.create(add_users=[self.test_user]) response = self.request(user=self.user) assert response.status_code == 200 assert response.content['username'] == self.test_user.username
def setUp(self): self.user = UserFactory.create() self.client.login(username='******', password='******') self.url = reverse('contact_list') activate('en')
def test_get_from_non_existend_project(self): user = UserFactory.create() assign_policies(user) with pytest.raises(Http404): self.request(user=user, url_kwargs={'project': 'abc123'})
def setUp(self): super().setUp() self.oa_policy = Policy.objects.get(name='org-admin') self.user = UserFactory.create() self.org = OrganizationFactory.create(add_users=[self.user]) self.no_user_org = OrganizationFactory.create()
def setup_models(self): self.user = UserFactory.create() assign_policies(self.user) self.project = ProjectFactory.create(slug='test-project') QuestionnaireFactory.create(project=self.project) content_type = ContentType.objects.get(app_label='party', model='party') create_attrs_schema( project=self.project, dict=attr_schemas.individual_party_xform_group, content_type=content_type, ) create_attrs_schema( project=self.project, dict=attr_schemas.default_party_xform_group, content_type=content_type, ) content_type = ContentType.objects.get(app_label='party', model='tenurerelationship') create_attrs_schema( project=self.project, dict=attr_schemas.tenure_relationship_xform_group, content_type=content_type, ) self.su = SpatialUnitFactory.create(project=self.project, type='CB') self.party = PartyFactory.create(project=self.project, type='IN', attributes={ 'gender': 'm', 'homeowner': 'yes', 'dob': '1951-05-05' }) self.tenure_rel = TenureRelationshipFactory.create( spatial_unit=self.su, party=self.party, project=self.project, attributes={'notes': 'PBS is the best.'}) self.resource = ResourceFactory.create(project=self.project) self.results = get_fake_es_api_results(self.project, self.su, self.party, self.tenure_rel, self.resource) self.proj_result = self.results['hits']['hits'][0] self.su_result = self.results['hits']['hits'][1] self.party_result = self.results['hits']['hits'][2] self.tenure_rel_result = self.results['hits']['hits'][3] self.resource_result = self.results['hits']['hits'][4] self.query = 'searching' self.query_body = { 'query': parse_query(self.query), 'from': 10, 'size': 20, 'sort': { '_score': { 'order': 'desc' } }, } url = '{}/project-{}/spatial,party,resource/_search/' self.es_endpoint = url.format(api_url, self.project.id) self.es_body = json.dumps(self.query_body, sort_keys=True)
def test_add_resource_with_unauthorized_user(self): response = self.request(method='POST', user=UserFactory.create()) assert response.status_code == 403 assert self.su.resources.count() == 2
def setup_models(self): self.user = UserFactory.create() assign_policies(self.user) self.prj = ProjectFactory.create(slug='test-project', access='public')
def test_update_resource_with_unauthorized_user(self): response = self.request(method='PATCH', user=UserFactory.create()) assert response.status_code == 403 self.resource.refresh_from_db() assert self.resource.name != self.post_data['name']
def setup_models(self): self.member = UserFactory.create() self.org = OrganizationFactory.create(add_users=[self.member])
def test_add_user_when_role_exists(self): new_user = UserFactory.create() OrganizationRole.objects.create(user=new_user, organization=self.org) response = self.request(user=self.user, method='POST', post_data={'username': new_user.username}) assert response.status_code == 400
def test_get_profile(self): self.user = UserFactory.create() response = self.request(user=self.user) assert response.status_code == 200 assert response.content == self.expected_content
def test_get_user_with_unauthorized_user(self): self.test_user = UserFactory.create() self.project = ProjectFactory.create(add_users=[self.test_user]) response = self.request() assert response.status_code == 403
def test_delete_resource_with_unauthorized_user(self): response = self.request(method='DELETE', user=UserFactory.create()) assert response.status_code == 403 assert self.resource in self.su.resources assert Resource.objects.filter(id=self.resource.id, project=self.prj).exists()
def test_delete_user_with_unauthorized_user(self): self.test_user = UserFactory.create() self.project = ProjectFactory.create(add_users=[self.test_user]) response = self.request(method='DELETE') assert response.status_code == 403 assert self.project.users.count() == 1
def setup_models(self): self.user = UserFactory.create() assign_policies(self.user) self.prj = ProjectFactory.create(slug='test-project', access='public') self.su = SpatialUnitFactory(project=self.prj, type='PA')
def setup_models(self): self.org = OrganizationFactory.create(slug='habitat') self.user = UserFactory.create() assign_policies(self.user)
def test_get_resource_with_unauthorized_user(self): response = self.request(user=UserFactory.create()) assert response.status_code == 403 assert 'id' not in response.content
def test_get_non_existent_location(self): user = UserFactory.create() assign_policies(user) with pytest.raises(Http404): self.request(user=user, url_kwargs={'location': 'abc123'})
def test_PUT_with_unauthorized_user(self): response = self.request(method='PUT', user=UserFactory.create()) assert response.status_code == 403 self.project.refresh_from_db() assert self.project.name == 'Test Project'
def setup_models(self): clauses = {'clause': [clause('allow', ['org.create'])]} self.policy = Policy.objects.create(name='allow', body=json.dumps(clauses)) self.user = UserFactory.create() assign_user_policies(self.user, self.policy)
def test_get_with_unauthorized_user(self): user = UserFactory.create() response = self.request(user=user) assert response.status_code == 302 assert ("You don't have permission to " "add resources to this location." in response.messages)
def test_redirects_when_user_is_signed_in(self): user = UserFactory.create() response = self.request(user=user) assert response.status_code == 302 assert '/dashboard/' in response.location
def test_get_with_unauthorized_user(self): user = UserFactory.create() response = self.request(user=user) assert response.status_code == 302 assert ("You don't have permission to add tenure relationships to " "this project." in response.messages)
def test_page_is_rendered_when_user_is_signed_in(self): user = UserFactory.create() response = self.request(user=user) assert response.status_code == 200
def test_get_with_unauthorized_user(self): user = UserFactory.create() response = self.request(user=user) assert response.status_code == 200 assert response.content == self.expected_content
def setup_models(self): self.user = UserFactory.create(username='******', email='*****@*****.**', password='******')
def setup_models(self): self.user = UserFactory.create() assign_policies(self.user)
def setup_models(self): self.user = UserFactory.create(email='*****@*****.**')
def test_valid_visibility_patching(self): # Create users with default list and view permissions for # organizations and projects. clauses = { 'clause': [ clause('allow', ['org.list']), clause('allow', ['org.view', 'project.list'], ['organization/*']), clause('allow', ['project.view'], ['project/*/*']) ] } policy = Policy.objects.create(name='test-policy', body=json.dumps(clauses)) org_user = UserFactory.create() assign_user_policies(org_user, policy) non_org_user = UserFactory.create() assign_user_policies(non_org_user, policy) # Create organization, adding just one user. org = OrganizationFactory.create(add_users=[org_user]) # Create public project in organization. prj = ProjectFactory.create(organization=org, access='public') # User in org SHOULD be able to see project. response = self.request(user=org_user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }) assert response.status_code == 200 # User NOT in org SHOULD be able to see project. response = self.request(user=non_org_user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }) assert response.status_code == 200 # Patch visibility to private. response = self.request(user=self.user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }, post_data={'access': 'private'}, method='PATCH') assert response.status_code == 200 # User in org SHOULD be able to see project. response = self.request(user=org_user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }) assert response.status_code == 200 # User not in org SHOULD NOT be able to see project. response = self.request(user=non_org_user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }) assert response.status_code == 403 # Patch visibility to public. response = self.request(user=self.user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }, post_data={'access': 'public'}, method='PATCH') # User in org SHOULD be able to see project. response = self.request(user=org_user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }) assert response.status_code == 200 # User NOT in org SHOULD be able to see project. response = self.request(user=non_org_user, url_kwargs={ 'organization': org.slug, 'project': prj.slug }) assert response.status_code == 200
def test_get_with_unauthorized_user(self): user = UserFactory.create() response = self.request(user=user) assert response.status_code == 302 assert ("You don't have permission to add members to this organization" in response.messages)