示例#1
0
 def test_access_key_not_allowed(self):
     """Visitors and normies should not be allowed to generate an access key."""
     self.reset_access_key()
     data = {'action': 'generate_key'}
     request = self.factory.post(self.foia.get_absolute_url(), data)
     request = mock_middleware(request)
     # viewers should not be able to generate the key
     request.user = self.viewer
     response = Detail.as_view()(request,
                                 jurisdiction=self.foia.jurisdiction.slug,
                                 jidx=self.foia.jurisdiction.id,
                                 slug=self.foia.slug,
                                 idx=self.foia.id)
     self.foia.refresh_from_db()
     eq_(response.status_code, 302)
     assert_false(self.foia.access_key)
     # normies should not be able to generate the key
     self.reset_access_key()
     request.user = self.normie
     response = Detail.as_view()(request,
                                 jurisdiction=self.foia.jurisdiction.slug,
                                 jidx=self.foia.jurisdiction.id,
                                 slug=self.foia.slug,
                                 idx=self.foia.id)
     self.foia.refresh_from_db()
     eq_(response.status_code, 302)
     assert_false(self.foia.access_key)
示例#2
0
 def test_access_key_allowed(self):
     """
     A POST request for a private share link should generate and return an access key.
     Editors and staff should be allowed to do this.
     """
     self.reset_access_key()
     data = {'action': 'generate_key'}
     request = self.factory.post(self.foia.get_absolute_url(), data)
     request = mock_middleware(request)
     # editors should be able to generate the key
     request.user = self.editor
     response = Detail.as_view()(request,
                                 jurisdiction=self.foia.jurisdiction.slug,
                                 jidx=self.foia.jurisdiction.id,
                                 slug=self.foia.slug,
                                 idx=self.foia.id)
     self.foia.refresh_from_db()
     eq_(response.status_code, 302)
     assert_true(self.foia.access_key)
     # staff should be able to generate the key
     self.reset_access_key()
     request.user = self.staff
     response = Detail.as_view()(request,
                                 jurisdiction=self.foia.jurisdiction.slug,
                                 jidx=self.foia.jurisdiction.id,
                                 slug=self.foia.slug,
                                 idx=self.foia.id)
     self.foia.refresh_from_db()
     eq_(response.status_code, 302)
     assert_true(self.foia.access_key)
示例#3
0
 def setUp(self):
     agency = AgencyFactory(appeal_agency=AppealAgencyFactory())
     self.foia = FOIARequestFactory(agency=agency)
     self.view = Detail.as_view()
     self.url = self.foia.get_absolute_url()
     self.kwargs = {
         'jurisdiction': self.foia.jurisdiction.slug,
         'jidx': self.foia.jurisdiction.id,
         'slug': self.foia.slug,
         'idx': self.foia.id
     }
示例#4
0
 def setUp(self):
     agency = AgencyFactory(appeal_agency=AppealAgencyFactory())
     self.foia = FOIARequestFactory(agency=agency)
     self.view = Detail.as_view()
     self.url = self.foia.get_absolute_url()
     self.kwargs = {
         "jurisdiction": self.foia.jurisdiction.slug,
         "jidx": self.foia.jurisdiction.id,
         "slug": self.foia.slug,
         "idx": self.foia.id,
     }
     UserFactory(username="******")
示例#5
0
 def test_revoke_view_access(self):
     """Editors should be able to revoke access from a viewer."""
     a_viewer = UserFactory()
     self.foia.add_viewer(a_viewer)
     data = {'action': 'revoke_access', 'user': a_viewer.pk}
     request = self.factory.post(self.foia.get_absolute_url(), data)
     request = mock_middleware(request)
     request.user = self.editor
     response = Detail.as_view()(request,
                                 jurisdiction=self.foia.jurisdiction.slug,
                                 jidx=self.foia.jurisdiction.id,
                                 slug=self.foia.slug,
                                 idx=self.foia.id)
     eq_(response.status_code, 302)
     assert_false(self.foia.has_viewer(a_viewer))
示例#6
0
 def test_promote_viewer(self):
     """Editors should be able to promote viewers to editors."""
     user = UserFactory()
     self.foia.add_viewer(user)
     assert_true(self.foia.has_viewer(user))
     data = {'action': 'promote', 'user': user.pk}
     request = self.factory.post(self.foia.get_absolute_url(), data)
     request = mock_middleware(request)
     request.user = self.editor
     response = Detail.as_view()(request,
                                 jurisdiction=self.foia.jurisdiction.slug,
                                 jidx=self.foia.jurisdiction.id,
                                 slug=self.foia.slug,
                                 idx=self.foia.id)
     eq_(response.status_code, 302)
     assert_false(self.foia.has_viewer(user))
     assert_true(self.foia.has_editor(user))
示例#7
0
 def test_revoke_edit_access(self):
     """Editors should be able to revoke access from an editor."""
     an_editor = UserFactory()
     self.foia.add_editor(an_editor)
     data = {"action": "revoke_access", "user": an_editor.pk}
     request = self.factory.post(self.foia.get_absolute_url(), data)
     request = mock_middleware(request)
     request.user = self.editor
     response = Detail.as_view()(
         request,
         jurisdiction=self.foia.jurisdiction.slug,
         jidx=self.foia.jurisdiction.id,
         slug=self.foia.slug,
         idx=self.foia.id,
     )
     eq_(response.status_code, 302)
     assert_false(self.foia.has_editor(an_editor))
示例#8
0
 def setUp(self):
     self.foia = FOIARequestFactory()
     self.editor = UserFactory()
     self.viewer = UserFactory()
     self.foia.add_editor(self.editor)
     self.foia.add_viewer(self.viewer)
     self.data = {
         'action': 'add_note',
         'note': u'Lorem ipsum dolor su ament.'
     }
     self.url = self.foia.get_absolute_url()
     self.view = Detail.as_view()
     self.kwargs = {
         'jurisdiction': self.foia.jurisdiction.slug,
         'jidx': self.foia.jurisdiction.id,
         'slug': self.foia.slug,
         'idx': self.foia.id
     }
示例#9
0
 def setUp(self):
     self.foia = FOIARequestFactory()
     self.editor = UserFactory()
     self.viewer = UserFactory()
     self.foia.add_editor(self.editor)
     self.foia.add_viewer(self.viewer)
     self.data = {
         "action": "add_note",
         "note": "Lorem ipsum dolor su ament."
     }
     self.url = self.foia.get_absolute_url()
     self.view = Detail.as_view()
     self.kwargs = {
         "jurisdiction": self.foia.jurisdiction.slug,
         "jidx": self.foia.jurisdiction.id,
         "slug": self.foia.slug,
         "idx": self.foia.id,
     }
     UserFactory(username="******")
示例#10
0
 def test_grant_view_access(self):
     """Editors should be able to add viewers."""
     user1 = UserFactory()
     user2 = UserFactory()
     view_data = {
         'action': 'grant_access',
         'users': [user1.pk, user2.pk],
         'access': 'view'
     }
     view_request = self.factory.post(self.foia.get_absolute_url(), view_data)
     view_request = mock_middleware(view_request)
     view_request.user = self.editor
     view_response = Detail.as_view()(
         view_request,
         jurisdiction=self.foia.jurisdiction.slug,
         jidx=self.foia.jurisdiction.id,
         slug=self.foia.slug,
         idx=self.foia.id
     )
     eq_(view_response.status_code, 302)
     assert_true(self.foia.has_viewer(user1) and self.foia.has_viewer(user2))
示例#11
0
 def test_get_foia(self):
     """Try getting the detail page for a FOIA Request with an unread notification."""
     agency = AgencyFactory()
     foia = FOIARequestFactory(agency=agency)
     view = FOIARequestDetail.as_view()
     # Create a notification for the request
     action = new_action(agency, 'completed', target=foia)
     notification = notify(self.user, action)[0]
     ok_(not notification.read, 'The notification should be unread.')
     # Try getting the view as the user
     response = http_get_response(foia.get_absolute_url(),
                                  view,
                                  self.user,
                                  idx=foia.pk,
                                  slug=foia.slug,
                                  jidx=foia.jurisdiction.pk,
                                  jurisdiction=foia.jurisdiction.slug)
     eq_(response.status_code, 200, 'The view should response 200 OK.')
     # Check that the notification has been read.
     notification.refresh_from_db()
     ok_(notification.read, 'The notification should be marked as read.')
示例#12
0
 def test_grant_edit_access(self):
     """Editors should be able to add editors."""
     user1 = UserFactory()
     user2 = UserFactory()
     edit_data = {
         "action": "grant_access",
         "users": [user1.pk, user2.pk],
         "access": "edit",
     }
     edit_request = self.factory.post(self.foia.get_absolute_url(),
                                      edit_data)
     edit_request = mock_middleware(edit_request)
     edit_request.user = self.editor
     edit_response = Detail.as_view()(
         edit_request,
         jurisdiction=self.foia.jurisdiction.slug,
         jidx=self.foia.jurisdiction.id,
         slug=self.foia.slug,
         idx=self.foia.id,
     )
     eq_(edit_response.status_code, 302)
     assert_true(
         self.foia.has_editor(user1) and self.foia.has_editor(user2))