def test_program_read_as_creator(self, program_role):
"""Test access to proposal for program reader/editor as Creator role"""
with factories.single_commit():
program = factories.ProgramFactory()
program_manager = factories.PersonFactory()
factories.AccessControlPersonFactory(
ac_list=program.acr_name_acl_map["Program Managers"],
person=program_manager,
)
program_id = program.id
# make query to create proposal by program_manager
self.api.set_user(program_manager)
self.client.get("/login")
acr_class = all_models.AccessControlRole
acr = acr_class.query.filter(
acr_class.name == 'ProposalEditor',
acr_class.object_type == 'Proposal').one()
create_data = self._get_create_proposal_request(
program_id, acr.id, program_manager.id)
self.api.post(all_models.Proposal, create_data)
query_data = _get_query_proposal_request(program_id)
headers = {
"Content-Type": "application/json",
}
resp = self.api.client.post("/query",
data=json.dumps(query_data),
headers=headers).json
self.assertEqual(1, len(resp))
self.assertEqual(resp[0]["Proposal"]["count"], 1)
role_creator = all_models.Role.query.filter(
all_models.Role.name == "Creator").one()
# make query to check proposals by Creator role person
with factories.single_commit():
person = factories.PersonFactory()
rbac_factories.UserRoleFactory(role=role_creator, person=person)
factories.AccessControlPersonFactory(
ac_list=program.acr_name_acl_map[program_role],
person=person,
)
self.api.set_user(person)
self.client.get("/login")
query_data = _get_query_proposal_request(program_id)
headers = {
"Content-Type": "application/json",
}
resp = self.api.client.post("/query",
data=json.dumps(query_data),
headers=headers).json
self.assertEqual(1, len(resp))
self.assertEqual(resp[0]["Proposal"]["count"], 1)
def test_nonadmin_has_no_access(self):
"""Test access to proposal for non creator of proposal"""
role_creator = all_models.Role.query.filter(
all_models.Role.name == "Creator").one()
# prepare - create program, assign roles
factories.AccessControlRoleFactory(name="ACL_Reader",
update=0,
object_type="Program")
with factories.single_commit():
program = factories.ProgramFactory()
person1 = factories.PersonFactory()
person2 = factories.PersonFactory()
for person in (person1, person2):
rbac_factories.UserRoleFactory(role=role_creator,
person=person)
factories.AccessControlPersonFactory(
ac_list=program.acr_name_acl_map["ACL_Reader"],
person=person,
)
program_id = program.id
person2_id = person2.id
# make query to create proposal by person1
self.api.set_user(person1)
self.client.get("/login")
acr_class = all_models.AccessControlRole
acr = acr_class.query.filter(
acr_class.name == 'ProposalEditor',
acr_class.object_type == 'Proposal').one()
create_data = self._get_create_proposal_request(
program_id, acr.id, person1.id)
self.api.post(all_models.Proposal, create_data)
# login as person2 and make request
self.api.set_user(all_models.Person.query.get(person2_id))
self.client.get("/login")
query_data = _get_query_proposal_request(program_id)
headers = {
"Content-Type": "application/json",
}
resp = self.api.client.post("/query",
data=json.dumps(query_data),
headers=headers).json
self.assertEqual(1, len(resp))
self.assertEqual(resp[0]["Proposal"]["count"], 0)
def test_query_filter(self, role_name, expected_count):
"""Test query proposals for {0}.
Args:
role_name: string, unique key,
shows the position of user in generated infrustructure
expected_count: int, number of proposals,
that should be filtered by query
"""
program_id = self.program.id
data = _get_query_proposal_request(program_id)
self.api.set_user(self.people[role_name])
self.client.get("/login")
headers = {
"Content-Type": "application/json",
}
resp = self.api.client.post("/query",
data=json.dumps(data),
headers=headers).json
self.assertEqual(1, len(resp))
self.assertEqual(expected_count, resp[0]["Proposal"]["count"])