def test_access_key_not_allowed(self): """Visitors and normies should not be allowed to generate an access key.""" self.reset_access_key() data = {'action': 'generate_key'} request = self.factory.post(self.foia.get_absolute_url(), data) request = mock_middleware(request) # viewers should not be able to generate the key request.user = self.viewer response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_false(self.foia.access_key) # normies should not be able to generate the key self.reset_access_key() request.user = self.normie response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_false(self.foia.access_key)
def test_access_key_allowed(self): """ A POST request for a private share link should generate and return an access key. Editors and staff should be allowed to do this. """ self.reset_access_key() data = {'action': 'generate_key'} request = self.factory.post(self.foia.get_absolute_url(), data) request = mock_middleware(request) # editors should be able to generate the key request.user = self.editor response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_true(self.foia.access_key) # staff should be able to generate the key self.reset_access_key() request.user = self.staff response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) self.foia.refresh_from_db() eq_(response.status_code, 302) assert_true(self.foia.access_key)
def setUp(self): agency = AgencyFactory(appeal_agency=AppealAgencyFactory()) self.foia = FOIARequestFactory(agency=agency) self.view = Detail.as_view() self.url = self.foia.get_absolute_url() self.kwargs = { 'jurisdiction': self.foia.jurisdiction.slug, 'jidx': self.foia.jurisdiction.id, 'slug': self.foia.slug, 'idx': self.foia.id }
def setUp(self): agency = AgencyFactory(appeal_agency=AppealAgencyFactory()) self.foia = FOIARequestFactory(agency=agency) self.view = Detail.as_view() self.url = self.foia.get_absolute_url() self.kwargs = { "jurisdiction": self.foia.jurisdiction.slug, "jidx": self.foia.jurisdiction.id, "slug": self.foia.slug, "idx": self.foia.id, } UserFactory(username="******")
def test_revoke_view_access(self): """Editors should be able to revoke access from a viewer.""" a_viewer = UserFactory() self.foia.add_viewer(a_viewer) data = {'action': 'revoke_access', 'user': a_viewer.pk} request = self.factory.post(self.foia.get_absolute_url(), data) request = mock_middleware(request) request.user = self.editor response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) eq_(response.status_code, 302) assert_false(self.foia.has_viewer(a_viewer))
def test_promote_viewer(self): """Editors should be able to promote viewers to editors.""" user = UserFactory() self.foia.add_viewer(user) assert_true(self.foia.has_viewer(user)) data = {'action': 'promote', 'user': user.pk} request = self.factory.post(self.foia.get_absolute_url(), data) request = mock_middleware(request) request.user = self.editor response = Detail.as_view()(request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id) eq_(response.status_code, 302) assert_false(self.foia.has_viewer(user)) assert_true(self.foia.has_editor(user))
def test_revoke_edit_access(self): """Editors should be able to revoke access from an editor.""" an_editor = UserFactory() self.foia.add_editor(an_editor) data = {"action": "revoke_access", "user": an_editor.pk} request = self.factory.post(self.foia.get_absolute_url(), data) request = mock_middleware(request) request.user = self.editor response = Detail.as_view()( request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id, ) eq_(response.status_code, 302) assert_false(self.foia.has_editor(an_editor))
def setUp(self): self.foia = FOIARequestFactory() self.editor = UserFactory() self.viewer = UserFactory() self.foia.add_editor(self.editor) self.foia.add_viewer(self.viewer) self.data = { 'action': 'add_note', 'note': u'Lorem ipsum dolor su ament.' } self.url = self.foia.get_absolute_url() self.view = Detail.as_view() self.kwargs = { 'jurisdiction': self.foia.jurisdiction.slug, 'jidx': self.foia.jurisdiction.id, 'slug': self.foia.slug, 'idx': self.foia.id }
def setUp(self): self.foia = FOIARequestFactory() self.editor = UserFactory() self.viewer = UserFactory() self.foia.add_editor(self.editor) self.foia.add_viewer(self.viewer) self.data = { "action": "add_note", "note": "Lorem ipsum dolor su ament." } self.url = self.foia.get_absolute_url() self.view = Detail.as_view() self.kwargs = { "jurisdiction": self.foia.jurisdiction.slug, "jidx": self.foia.jurisdiction.id, "slug": self.foia.slug, "idx": self.foia.id, } UserFactory(username="******")
def test_grant_view_access(self): """Editors should be able to add viewers.""" user1 = UserFactory() user2 = UserFactory() view_data = { 'action': 'grant_access', 'users': [user1.pk, user2.pk], 'access': 'view' } view_request = self.factory.post(self.foia.get_absolute_url(), view_data) view_request = mock_middleware(view_request) view_request.user = self.editor view_response = Detail.as_view()( view_request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id ) eq_(view_response.status_code, 302) assert_true(self.foia.has_viewer(user1) and self.foia.has_viewer(user2))
def test_get_foia(self): """Try getting the detail page for a FOIA Request with an unread notification.""" agency = AgencyFactory() foia = FOIARequestFactory(agency=agency) view = FOIARequestDetail.as_view() # Create a notification for the request action = new_action(agency, 'completed', target=foia) notification = notify(self.user, action)[0] ok_(not notification.read, 'The notification should be unread.') # Try getting the view as the user response = http_get_response(foia.get_absolute_url(), view, self.user, idx=foia.pk, slug=foia.slug, jidx=foia.jurisdiction.pk, jurisdiction=foia.jurisdiction.slug) eq_(response.status_code, 200, 'The view should response 200 OK.') # Check that the notification has been read. notification.refresh_from_db() ok_(notification.read, 'The notification should be marked as read.')
def test_grant_edit_access(self): """Editors should be able to add editors.""" user1 = UserFactory() user2 = UserFactory() edit_data = { "action": "grant_access", "users": [user1.pk, user2.pk], "access": "edit", } edit_request = self.factory.post(self.foia.get_absolute_url(), edit_data) edit_request = mock_middleware(edit_request) edit_request.user = self.editor edit_response = Detail.as_view()( edit_request, jurisdiction=self.foia.jurisdiction.slug, jidx=self.foia.jurisdiction.id, slug=self.foia.slug, idx=self.foia.id, ) eq_(edit_response.status_code, 302) assert_true( self.foia.has_editor(user1) and self.foia.has_editor(user2))