def _(self, obj_class, data=None, add_fields=True, with_background_tasks=False): """Handle generation of `Control` objects.""" data = data if data is not None else {} # pylint: disable=protected-access obj_name = models.Control._inflector.table_singular # pylint: enable=protected-access obj_dict = self.obj_to_dict(models.Control(), obj_name) defaults = { obj_name: { "title": factories.random_str(), "context": None, "recipients": "Admin,Control Operators,Control Owners", "send_by_default": 0, "assertions": [{ "id": factories.ControlAssertionFactory().id }] } } obj_dict[obj_name].update(defaults[obj_name]) obj_dict[obj_name].update(data[obj_name] if obj_name in data else data) return self.generate(models.Control, obj_name=obj_name, data=obj_dict, with_background_tasks=with_background_tasks)
def setUp(self): super(TestAccessControlList, self).setUp() self.person = factories.PersonFactory(name="My Person") self.acr = factories.AccessControlRoleFactory(object_type="Control", read=True) self.second_acr = factories.AccessControlRoleFactory( object_type="Control", read=True) self.control = factories.ControlFactory() self.assertion = factories.ControlAssertionFactory() factories.AccessControlPersonFactory( ac_list=self.control.acr_acl_map[self.acr], person=self.person, )
def test_post_modifier(self, model): """Test modifier of models when working as external user.""" model_plural = model._inflector.table_plural model_singular = model._inflector.table_singular model_data = { "title": "{}1".format(model_singular), "context": 0, } if model_plural == "risks": model_data["risk_type"] = "some text" if model_plural == "controls": assertion = factories.ControlAssertionFactory() model_data["assertions"] = [{"id": assertion.id}] response = self._post("api/{}".format(model_plural), data=json.dumps({model_singular: model_data}), headers=self.headers) self.assertEqual(response.status_code, 201) ext_person = all_models.Person.query.filter_by( email="*****@*****.**").first() ext_person_id = ext_person.id # check model modifier model_json = response.json[model_singular] self.assertEqual(model_json['modified_by']['id'], ext_person_id) # check model revision modifier model_revision = all_models.Revision.query.filter( all_models.Revision.resource_type == model.__name__).order_by( all_models.Revision.id.desc()).first() self.assertEqual(model_revision.modified_by_id, ext_person_id) # check model event modifier event = all_models.Event.query.filter( all_models.Event.resource_type == model.__name__).order_by( all_models.Event.id.desc()).first() self.assertEqual(event.modified_by_id, ext_person_id)
def test_create_with_assertions(self): """Check control creation with assertions pass""" with factories.single_commit(): assertion = factories.ControlAssertionFactory() response = self.api.post( all_models.Control, { "control": { "title": "Control title", "context": None, "recipients": "Admin,Control Operators,Control Owners", "send_by_default": 0, "assertions": [{ "id": assertion.id }] } }) self.assertEqual(response.status_code, 201) control = all_models.Control.query.first() self.assertIsNotNone(control) self.assertEqual(assertion.id, control.assertions[0].id)
def test_create_commentable(self): """Test if commentable fields are set on creation""" with factories.single_commit(): assertion = factories.ControlAssertionFactory() recipients = "Admin,Control Operators,Control Owners" send_by_default = 0 response = self.api.post( all_models.Control, { "control": { "title": "Control title", "context": None, "recipients": recipients, "send_by_default": send_by_default, "assertions": [{ "id": assertion.id }] }, }) self.assertEqual(response.status_code, 201) control_id = response.json.get("control").get("id") control = db.session.query(all_models.Control).get(control_id) self.assertEqual(control.recipients, recipients) self.assertEqual(control.send_by_default, send_by_default)