def setUp(self):
# project, customer and project_group
self.customer = structure_factories.CustomerFactory()
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.project_group = structure_factories.ProjectGroupFactory()
self.project_group.projects.add(self.project)
# cloud and template
self.cloud = factories.CloudFactory()
factories.CloudProjectMembershipFactory(cloud=self.cloud,
project=self.project)
template = factories.TemplateFactory()
factories.ImageFactory(cloud=self.cloud, template=template)
# license
self.license = factories.TemplateLicenseFactory()
self.license.templates.add(template)
# users
self.staff = structure_factories.UserFactory(username='******',
is_superuser=True,
is_staff=True)
self.manager = structure_factories.UserFactory(username='******')
self.project.add_user(self.manager,
structure_models.ProjectRole.MANAGER)
self.administrator = structure_factories.UserFactory(
username='******')
self.project.add_user(self.administrator,
structure_models.ProjectRole.ADMINISTRATOR)
self.owner = structure_factories.UserFactory(username='******')
self.customer.add_user(self.owner, structure_models.CustomerRole.OWNER)
self.group_manager = structure_factories.UserFactory()
self.project_group = structure_factories.ProjectGroupFactory()
self.project_group.projects.add(self.project)
self.project_group.add_user(self.group_manager,
structure_models.ProjectGroupRole.MANAGER)
def test_user_cannot_see_project_groups_from_different_customer(self):
# setUp
project_group_1_1 = self.project_groups['admin']
project_group_1_2 = factories.ProjectGroupFactory(customer=self.customers['admin'])
project_group_2_1 = self.project_groups['manager']
project_group_2_2 = factories.ProjectGroupFactory(customer=self.customers['manager'])
self.projects['manager'].add_user(self.users['admin'], ProjectRole.MANAGER)
# test body
self.client.force_authenticate(user=self.users['admin'])
response = self.client.get(self._get_customer_url(self.customers['admin']))
self.assertEqual(response.status_code, status.HTTP_200_OK)
project_group_urls = set([project_group['url'] for project_group in response.data['project_groups']])
self.assertIn(
self._get_project_group_url(project_group_1_1), project_group_urls,
'User should see project group {0}'.format(project_group_1_1),
)
for project_group in (
project_group_1_2,
project_group_2_1,
project_group_2_2,
):
self.assertNotIn(
self._get_project_group_url(project_group), project_group_urls,
'User should not see project group {0}'.format(project_group),
)
def setUp(self):
self.users = {
'staff': factories.UserFactory(is_staff=True),
'owner': factories.UserFactory(),
'not_owner': factories.UserFactory(),
'admin': factories.UserFactory(),
'admin_other': factories.UserFactory(),
'manager': factories.UserFactory(),
'group_manager': factories.UserFactory(),
}
self.customers = {
'owned': factories.CustomerFactory.create_batch(2),
'inaccessible': factories.CustomerFactory.create_batch(2),
'admin': factories.CustomerFactory(),
'manager': factories.CustomerFactory(),
'group_manager': factories.CustomerFactory(),
}
for customer in self.customers['owned']:
customer.add_user(self.users['owner'], CustomerRole.OWNER)
self.projects = {
'admin':
factories.ProjectFactory(customer=self.customers['admin']),
'manager':
factories.ProjectFactory(customer=self.customers['manager']),
'group_manager':
factories.ProjectFactory(customer=self.customers['group_manager']),
}
self.projects['admin'].add_user(self.users['admin'],
ProjectRole.ADMINISTRATOR)
self.projects['manager'].add_user(self.users['manager'],
ProjectRole.MANAGER)
self.project_groups = {
'admin':
factories.ProjectGroupFactory(customer=self.customers['admin']),
'manager':
factories.ProjectGroupFactory(customer=self.customers['manager']),
'group_manager':
factories.ProjectGroupFactory(
customer=self.customers['group_manager']),
}
self.project_groups['admin'].projects.add(self.projects['admin'])
self.project_groups['manager'].projects.add(self.projects['manager'])
self.project_groups['group_manager'].projects.add(
self.projects['group_manager'])
self.project_groups['group_manager'].add_user(
self.users['group_manager'], ProjectGroupRole.MANAGER)
def setUp(self):
self.user = structure_factories.UserFactory()
self.customer = structure_factories.CustomerFactory()
self.owner = structure_factories.UserFactory()
self.customer.add_user(self.owner, structure_models.CustomerRole.OWNER)
self.project_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
self.group_manager = structure_factories.UserFactory()
self.project_group.add_user(self.group_manager,
structure_models.ProjectGroupRole.MANAGER)
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.admin = structure_factories.UserFactory()
self.project.add_user(self.admin,
structure_models.ProjectRole.ADMINISTRATOR)
self.events = {
'customer_event':
factories.EventFactory(customer_uuid=self.customer.uuid.hex),
'project_group_event':
factories.EventFactory(
project_group_uuid=self.project_group.uuid.hex),
'project_event':
factories.EventFactory(project_uuid=self.project.uuid.hex),
}
def setUp(self):
self.staff = structure_factories.UserFactory(is_staff=True)
self.customer = structure_factories.CustomerFactory()
self.owner = structure_factories.UserFactory()
self.customer.add_user(self.owner, structure_models.CustomerRole.OWNER)
self.manager = structure_factories.UserFactory(username='******')
self.admin = structure_factories.UserFactory(username='******')
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.project.add_user(self.manager,
structure_models.ProjectRole.MANAGER)
self.project.add_user(self.admin,
structure_models.ProjectRole.ADMINISTRATOR)
project_group = structure_factories.ProjectGroupFactory()
self.project.project_groups.add(project_group)
self.group_manager = structure_factories.UserFactory(
username='******')
project_group.add_user(self.group_manager,
structure_models.ProjectGroupRole.MANAGER)
models.Instance.objects.all().delete()
self.instance = factories.InstanceFactory(
cloud_project_membership__project=self.project)
factories.InstanceSlaHistoryFactory(instance=self.instance,
period='2015')
self.other_instance = factories.InstanceFactory()
factories.InstanceSlaHistoryFactory(instance=self.other_instance,
period='2015')
def setUp(self):
self.users = {
'staff': factories.UserFactory(is_staff=True),
'first': factories.UserFactory(),
'first_manager': factories.UserFactory(),
'first_admin': factories.UserFactory(),
'second': factories.UserFactory(),
'no_role': factories.UserFactory(),
}
self.customers = {
'first': factories.CustomerFactory(),
'second': factories.CustomerFactory(),
}
customer = self.customers['first']
project = factories.ProjectFactory(customer=customer)
project_group = factories.ProjectGroupFactory(customer=customer)
project_group.projects.add(project)
for user, customer, role in self.all_roles:
self.customers[customer].add_user(self.users[user],
self.role_map[role])
project_group.add_user(self.users['first_manager'],
ProjectGroupRole.MANAGER)
project.add_user(self.users['first_admin'], ProjectRole.ADMINISTRATOR)
def setUp(self):
self.customer = structure_factories.CustomerFactory()
self.project_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
self.project1 = structure_factories.ProjectFactory(
customer=self.customer)
self.project2 = structure_factories.ProjectFactory(
customer=self.customer)
self.membership1 = factories.CloudProjectMembershipFactory(
project=self.project1)
self.membership2 = factories.CloudProjectMembershipFactory(
project=self.project2)
self.project_group.projects.add(self.project1)
# users
self.staff = structure_factories.UserFactory(is_staff=True)
self.customer_owner = structure_factories.UserFactory()
self.customer.add_user(self.customer_owner,
structure_models.CustomerRole.OWNER)
self.project_group_manager = structure_factories.UserFactory()
self.project_group.add_user(self.project_group_manager,
structure_models.ProjectGroupRole.MANAGER)
self.project1_admin = structure_factories.UserFactory()
self.project1.add_user(self.project1_admin,
structure_models.ProjectRole.ADMINISTRATOR)
quota_names = ['vcpu', 'ram', 'storage', 'max_instances']
self.expected_quotas_for_project1 = models.CloudProjectMembership.get_sum_of_quotas_as_dict(
[self.membership1], quota_names)
self.expected_quotas_for_both_projects = models.CloudProjectMembership.get_sum_of_quotas_as_dict(
[self.membership1, self.membership2], quota_names)
def setUp(self):
self.users = {
'owner': structure_factories.UserFactory(),
'admin': structure_factories.UserFactory(),
'manager': structure_factories.UserFactory(),
'group_manager': structure_factories.UserFactory(),
'no_role': structure_factories.UserFactory(),
'not_connected': structure_factories.UserFactory(),
}
# a single customer
self.customer = structure_factories.CustomerFactory()
self.customer.add_user(self.users['owner'], CustomerRole.OWNER)
# that has 3 users connected: admin, manager, group_manager
self.connected_project = structure_factories.ProjectFactory(customer=self.customer)
self.connected_project.add_user(self.users['admin'], ProjectRole.ADMINISTRATOR)
self.connected_project.add_user(self.users['manager'], ProjectRole.MANAGER)
project_group = structure_factories.ProjectGroupFactory()
project_group.projects.add(self.connected_project)
project_group.add_user(self.users['group_manager'], ProjectGroupRole.MANAGER)
# has defined a cloud and connected cloud to a project
self.cloud = factories.CloudFactory(customer=self.customer)
factories.CloudProjectMembershipFactory(project=self.connected_project, cloud=self.cloud)
# the customer also has another project with users but without a permission link
self.not_connected_project = structure_factories.ProjectFactory(customer=self.customer)
self.not_connected_project.add_user(self.users['not_connected'], ProjectRole.ADMINISTRATOR)
self.not_connected_project.save()
def setUp(self):
self.users = {
'staff':
structure_factories.UserFactory(username='******', is_staff=True),
'owner':
structure_factories.UserFactory(username='******'),
'administrator':
structure_factories.UserFactory(username='******'),
'manager':
structure_factories.UserFactory(username='******'),
'regular_user':
structure_factories.UserFactory(username='******'),
}
self.customer = structure_factories.CustomerFactory()
self.customer.add_user(self.users['owner'],
structure_models.CustomerRole.OWNER)
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.project.add_user(self.users['administrator'],
structure_models.ProjectRole.ADMINISTRATOR)
self.project_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
self.project_group.add_user(self.users['manager'],
structure_models.ProjectGroupRole.MANAGER)
self.project_group.projects.add(self.project)
self.default_price_list_item = factories.DefaultPriceListItemFactory()
def setUp(self):
self.users = {
'admin': structure_factories.UserFactory(),
'manager': structure_factories.UserFactory(),
'group_manager': structure_factories.UserFactory(),
'no_role': structure_factories.UserFactory(),
}
self.flavors = {
'admin': factories.FlavorFactory(),
'manager': factories.FlavorFactory(),
'group_manager': factories.FlavorFactory(),
'inaccessible': factories.FlavorFactory(),
}
admined_project = structure_factories.ProjectFactory()
managed_project = structure_factories.ProjectFactory()
group_managed_project = structure_factories.ProjectFactory()
project_group = structure_factories.ProjectGroupFactory()
project_group.projects.add(group_managed_project)
project_group.add_user(self.users['group_manager'],
ProjectGroupRole.MANAGER)
admined_project.add_user(self.users['admin'],
ProjectRole.ADMINISTRATOR)
managed_project.add_user(self.users['manager'], ProjectRole.MANAGER)
factories.CloudProjectMembershipFactory(
cloud=self.flavors['group_manager'].cloud,
project=group_managed_project)
factories.CloudProjectMembershipFactory(
cloud=self.flavors['admin'].cloud, project=admined_project)
factories.CloudProjectMembershipFactory(
cloud=self.flavors['manager'].cloud, project=managed_project)
def setUp(self):
# project, customer and project_group
self.customer = structure_factories.CustomerFactory()
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.project_group = structure_factories.ProjectGroupFactory()
self.project_group.projects.add(self.project)
# cloud and template
self.cloud = factories.CloudFactory(customer=self.customer)
factories.CloudProjectMembershipFactory(cloud=self.cloud,
project=self.project)
self.template = factories.TemplateFactory(os='OS')
factories.ImageFactory(cloud=self.cloud, template=self.template)
# license
self.license = factories.TemplateLicenseFactory()
self.license.templates.add(self.template)
# users
self.staff = structure_factories.UserFactory(is_superuser=True,
is_staff=True)
self.manager = structure_factories.UserFactory()
self.project.add_user(self.manager,
structure_models.ProjectRole.MANAGER)
self.group_manager = structure_factories.UserFactory()
self.project_group.add_user(self.group_manager,
structure_models.ProjectGroupRole.MANAGER)
def setUp(self):
self.users = {
'owner': factories.UserFactory(),
'admin': factories.UserFactory(),
'manager': factories.UserFactory(),
'group_manager': factories.UserFactory(),
'no_role': factories.UserFactory(),
}
self.customer = factories.CustomerFactory()
self.customer.add_user(self.users['owner'], CustomerRole.OWNER)
project_groups = factories.ProjectGroupFactory.create_batch(
3, customer=self.customer)
project_groups.append(factories.ProjectGroupFactory())
self.project_groups = {
'owner': project_groups[:-1],
'admin': project_groups[0:2],
'manager': project_groups[1:3],
'group_manager': project_groups[2:3],
'inaccessible': project_groups[-1:],
}
project_groups[2].add_user(self.users['group_manager'],
ProjectGroupRole.MANAGER)
admined_project = factories.ProjectFactory(customer=self.customer)
admined_project.add_user(self.users['admin'], ProjectGroupRole.MANAGER)
admined_project.project_groups.add(*self.project_groups['admin'])
managed_project = factories.ProjectFactory(customer=self.customer)
managed_project.add_user(self.users['manager'], ProjectRole.MANAGER)
managed_project.project_groups.add(*self.project_groups['manager'])
def setUp(self):
super(BackupSchedulePermissionsTest, self).setUp()
# objects
self.customer = structure_factories.CustomerFactory()
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.project_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
self.project_group.projects.add(self.project)
self.cloud = iaas_factories.CloudFactory(customer=self.customer)
self.cpm = iaas_factories.CloudProjectMembershipFactory(
cloud=self.cloud, project=self.project)
self.instance = iaas_factories.InstanceFactory(
cloud_project_membership=self.cpm)
self.schedule = factories.BackupScheduleFactory(
backup_source=self.instance)
# users
self.staff = structure_factories.UserFactory(username='******',
is_staff=True)
self.regular_user = structure_factories.UserFactory(
username='******')
self.project_admin = structure_factories.UserFactory(username='******')
self.project.add_user(self.project_admin,
structure_models.ProjectRole.ADMINISTRATOR)
self.customer_owner = structure_factories.UserFactory(username='******')
self.customer.add_user(self.customer_owner,
structure_models.CustomerRole.OWNER)
self.project_group_manager = structure_factories.UserFactory(
username='******')
self.project_group.add_user(self.project_group_manager,
structure_models.ProjectGroupRole.MANAGER)
def setUp(self):
super(BackupSchedulePermissionsTest, self).setUp()
# objects
self.customer = structure_factories.CustomerFactory()
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.project_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
self.project_group.projects.add(self.project)
self.service = factories.OpenStackServiceFactory(
customer=self.customer)
self.spl = factories.OpenStackServiceProjectLinkFactory(
service=self.service, project=self.project)
self.instance = factories.InstanceFactory(
service_project_link=self.spl)
self.schedule = factories.BackupScheduleFactory(instance=self.instance)
# users
self.staff = structure_factories.UserFactory(username='******',
is_staff=True)
self.regular_user = structure_factories.UserFactory(
username='******')
self.project_admin = structure_factories.UserFactory(username='******')
self.project.add_user(self.project_admin,
structure_models.ProjectRole.ADMINISTRATOR)
self.customer_owner = structure_factories.UserFactory(username='******')
self.customer.add_user(self.customer_owner,
structure_models.CustomerRole.OWNER)
self.project_group_manager = structure_factories.UserFactory(
username='******')
self.project_group.add_user(self.project_group_manager,
structure_models.ProjectGroupRole.MANAGER)
def setUp(self):
self.users = {
'owner': factories.UserFactory(),
'admin': factories.UserFactory(),
'manager': factories.UserFactory(),
'group_manager': factories.UserFactory(),
'no_role': factories.UserFactory(),
'multirole': factories.UserFactory(),
}
self.projects = {
'owner': factories.ProjectFactory(),
'admin': factories.ProjectFactory(),
'manager': factories.ProjectFactory(),
'group_manager': factories.ProjectFactory(),
'inaccessible': factories.ProjectFactory(),
}
self.projects['admin'].add_user(self.users['admin'],
ProjectRole.ADMINISTRATOR)
self.projects['manager'].add_user(self.users['manager'],
ProjectRole.MANAGER)
self.projects['admin'].add_user(self.users['multirole'],
ProjectRole.ADMINISTRATOR)
self.projects['manager'].add_user(self.users['multirole'],
ProjectRole.MANAGER)
self.project_group = factories.ProjectGroupFactory()
self.project_group.add_user(self.users['group_manager'],
ProjectGroupRole.MANAGER)
self.project_group.projects.add(self.projects['group_manager'])
self.projects['owner'].customer.add_user(self.users['owner'],
CustomerRole.OWNER)
def setUp(self):
self.customer = structure_factories.CustomerFactory()
self.owner = structure_factories.UserFactory()
self.customer.add_user(self.owner, structure_models.CustomerRole.OWNER)
self.admin = structure_factories.UserFactory()
self.manager = structure_factories.UserFactory()
self.group_manager = structure_factories.UserFactory()
self.project = structure_factories.ProjectFactory(
customer=self.customer)
self.project.add_user(self.admin,
structure_models.ProjectRole.ADMINISTRATOR)
self.project.add_user(self.manager,
structure_models.ProjectRole.MANAGER)
project_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
project_group.projects.add(self.project)
project_group.add_user(self.group_manager,
structure_models.ProjectGroupRole.MANAGER)
self.cloud = factories.CloudFactory(customer=self.customer)
factories.CloudProjectMembershipFactory(cloud=self.cloud,
project=self.project)
self.expected_public_fields = ('auth_url', 'uuid', 'url', 'name',
'customer', 'customer_name',
'customer_native_name', 'flavors',
'projects', 'dummy', 'resources_count',
'service_type')
def setUp(self):
self.users = {
'owner': structure_factories.UserFactory(),
'admin': structure_factories.UserFactory(),
'manager': structure_factories.UserFactory(),
'group_manager': structure_factories.UserFactory(),
'no_role': structure_factories.UserFactory(),
'not_connected': structure_factories.UserFactory(),
}
# a single customer
self.customer = structure_factories.CustomerFactory()
self.customer.add_user(self.users['owner'], CustomerRole.OWNER)
# that has 3 users connected: admin, manager, group_manager
self.connected_project = structure_factories.ProjectFactory(customer=self.customer)
self.connected_project.add_user(self.users['admin'], ProjectRole.ADMINISTRATOR)
self.connected_project.add_user(self.users['manager'], ProjectRole.MANAGER)
project_group = structure_factories.ProjectGroupFactory()
project_group.projects.add(self.connected_project)
project_group.add_user(self.users['group_manager'], ProjectGroupRole.MANAGER)
# has defined a service and connected service to a project
self.service = factories.OpenStackServiceFactory(customer=self.customer)
self.service_project_link = factories.OpenStackServiceProjectLinkFactory(
project=self.connected_project,
service=self.service,
state=SynchronizationStates.IN_SYNC)
# the customer also has another project with users but without a permission link
self.not_connected_project = structure_factories.ProjectFactory(customer=self.customer)
self.not_connected_project.add_user(self.users['not_connected'], ProjectRole.ADMINISTRATOR)
self.not_connected_project.save()
self.url = factories.OpenStackServiceProjectLinkFactory.get_list_url()
def _get_valid_payload(self, resource=None):
resource = resource or factories.ProjectGroupFactory()
return {
'name': resource.name,
'customer': self._get_customer_url(resource.customer),
}
def test_group_manager_cannot_create_project_belonging_to_project_group_he_doesnt_manage(
self):
self.client.force_authenticate(self.group_manager)
data = _get_valid_project_payload(
factories.ProjectFactory.build(customer=self.customer))
accessible_project_group = factories.ProjectGroupFactory(
customer=self.customer)
admined_project = factories.ProjectFactory(customer=self.customer)
admined_project.add_user(self.group_manager, ProjectRole.ADMINISTRATOR)
accessible_project_group.projects.add(admined_project)
# group_manager now can see accessible_project_group because he admins
# a project that is within accessible_project_group;
# though he doesn't manage accessible_project_group
data['project_groups'] = [{
"url":
factories.ProjectGroupFactory.get_url(accessible_project_group)
}]
response = self.client.post(factories.ProjectFactory.get_list_url(),
data)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertDictContainsSubset(
{'detail': 'You do not have permission to perform this action.'},
response.data)
self.assertFalse(Project.objects.filter(name=data['name']).exists())
def test_user_can_create_project_group_belonging_to_customer_he_owns(self):
self.client.force_authenticate(user=self.users['owner'])
payload = self._get_valid_payload(
factories.ProjectGroupFactory(customer=self.customer))
response = self.client.post(reverse('projectgroup-list'), payload)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
def setUp(self):
self.url = _template_license_stats_url()
self.customer = structure_factories.CustomerFactory()
# we have 2 projects groups:
self.first_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
self.second_group = structure_factories.ProjectGroupFactory(
customer=self.customer)
# and 2 template licenses:
self.first_template_license = factories.TemplateLicenseFactory(
name='first_template_license', license_type='first license type')
self.second_template_license = factories.TemplateLicenseFactory(
name='second_template_license', license_type='second license type')
self.cloud = factories.CloudFactory(customer=self.customer)
self.template = factories.TemplateFactory()
factories.ImageFactory(cloud=self.cloud, template=self.template)
self.template.template_licenses.add(self.first_template_license)
self.template.template_licenses.add(self.second_template_license)
# every group has 1 projects:
self.first_project = structure_factories.ProjectFactory(
customer=self.customer, name='first_project')
self.first_project.project_groups.add(self.first_group)
self.second_project = structure_factories.ProjectFactory(
customer=self.customer, name='second_project')
self.second_project.project_groups.add(self.second_group)
# every project has 1 instance with first and second template licenses:
self.first_instance = factories.InstanceFactory(
template=self.template,
cloud_project_membership__project=self.first_project,
)
self.second_instance = factories.InstanceFactory(
template=self.template,
cloud_project_membership__project=self.second_project,
)
# also first group has manger:
self.admin = structure_factories.UserFactory()
self.first_project.add_user(self.admin,
structure_models.ProjectRole.ADMINISTRATOR)
self.group_manager = structure_factories.UserFactory()
self.first_group.add_user(self.group_manager,
structure_models.ProjectGroupRole.MANAGER)
self.staff = structure_factories.UserFactory(is_staff=True)
self.owner = structure_factories.UserFactory()
self.customer.add_user(self.owner, structure_models.CustomerRole.OWNER)
def test_user_can_delete_project_group_belonging_to_customer_he_owns(self):
owner = factories.UserFactory()
customer = factories.CustomerFactory()
customer.add_user(owner, CustomerRole.OWNER)
project_group = factories.ProjectGroupFactory(customer=customer)
self.client.force_authenticate(user=owner)
response = self.client.delete(
self._get_project_group_url(project_group))
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
def setUp(self):
# customers
self.old_customer = factories.CustomerFactory(created=timezone.now() -
timedelta(days=10))
self.new_customer = factories.CustomerFactory(created=timezone.now() -
timedelta(days=1))
# groups
self.old_project_group = factories.ProjectGroupFactory(
customer=self.old_customer,
created=timezone.now() - timedelta(days=10))
self.new_project_group = factories.ProjectGroupFactory(
customer=self.new_customer,
created=timezone.now() - timedelta(days=1))
# projects
self.old_projects = factories.ProjectFactory.create_batch(
3,
created=timezone.now() - timedelta(days=10),
customer=self.old_customer)
self.new_projects = factories.ProjectFactory.create_batch(
3,
created=timezone.now() - timedelta(days=1),
customer=self.new_customer)
# users
self.staff = factories.UserFactory(is_staff=True)
self.old_customer_owner = factories.UserFactory()
self.old_customer.add_user(self.old_customer_owner,
models.CustomerRole.OWNER)
self.new_project_group_manager = factories.UserFactory()
self.new_project_group.add_user(self.new_project_group_manager,
models.ProjectGroupRole.MANAGER)
self.all_projects_admin = factories.UserFactory()
for p in self.old_projects + self.new_projects:
p.add_user(self.all_projects_admin,
models.ProjectRole.ADMINISTRATOR)
self.url = reverse('stats_creation_time')
self.default_data = {
'from':
core_utils.datetime_to_timestamp(timezone.now() -
timedelta(days=12)),
'datapoints':
2,
}
def test_user_cannot_delete_customer_with_associated_project_groups_if_he_is_staff(self):
self.client.force_authenticate(user=self.users['staff'])
for customer in self.customers.values():
factories.ProjectGroupFactory(customer=customer)
response = self.client.delete(self._get_customer_url(customer))
self.assertEqual(response.status_code, status.HTTP_409_CONFLICT)
self.assertDictContainsSubset({'detail': 'Cannot delete customer with existing project groups'},
response.data)
def setUp(self):
user = factories.UserFactory(is_staff=True)
self.client.force_authenticate(user=user)
customer = factories.CustomerFactory()
self.projects = {
'group1': factories.ProjectFactory.create_batch(2,
customer=customer),
'group2': factories.ProjectFactory.create_batch(2,
customer=customer),
}
self.project_groups = {
'group1': factories.ProjectGroupFactory(customer=customer),
'group2': factories.ProjectGroupFactory(customer=customer),
}
for group_name in self.project_groups:
for project in self.projects[group_name]:
self.project_groups[group_name].projects.add(project)
def test_user_can_change_name_of_project_group_he_is_project_group_manager_of(
self):
self.client.force_authenticate(user=self.users['group_manager'])
for project_group in self.project_groups['group_manager']:
payload = self._get_valid_payload(project_group)
payload['name'] = (factories.ProjectGroupFactory()).name
response = self.client.put(
self._get_project_group_url(project_group), payload)
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_user_cannot_change_name_of_project_group_belonging_to_customer_he_doesnt_own(
self):
self.client.force_authenticate(user=self.users['owner'])
for project_group in self.project_groups['inaccessible']:
payload = self._get_valid_payload(project_group)
payload['name'] = (factories.ProjectGroupFactory()).name
response = self.client.put(
self._get_project_group_url(project_group), payload)
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_user_cannot_change_customer_of_project_group_belonging_to_customer_he_owns(
self):
user = self.users['owner']
self.client.force_authenticate(user=user)
new_not_owned_customer = (factories.ProjectGroupFactory()).customer
new_owned_customer = (factories.ProjectGroupFactory()).customer
new_owned_customer.add_user(user, CustomerRole.OWNER)
for project_group in self.project_groups['owner']:
payload = self._get_valid_payload(project_group)
# Testing owner that can be accessed
payload['customer'] = self._get_customer_url(new_owned_customer)
# TODO: Instead of just ignoring the field, we should have forbidden the update
# see NC-73 for explanation of similar issue
response = self.client.put(
self._get_project_group_url(project_group), payload)
self.assertEqual(response.status_code, status.HTTP_200_OK)
updated_project_group = ProjectGroup.objects.get(
pk=project_group.pk)
self.assertEqual(updated_project_group.customer,
project_group.customer,
'Customer should have stayed intact')
# Testing owner that cannot be accessed
payload['customer'] = self._get_customer_url(
new_not_owned_customer)
response = self.client.put(
self._get_project_group_url(project_group), payload)
self.assertEqual(response.status_code, status.HTTP_200_OK)
updated_project_group = ProjectGroup.objects.get(
pk=project_group.pk)
self.assertEqual(updated_project_group.customer,
project_group.customer,
'Customer should have stayed intact')
def setUp(self):
customers = {
'customer1': factories.CustomerFactory(),
'customer2': factories.CustomerFactory(),
}
self.project_groups = {
'group11':
factories.ProjectGroupFactory(customer=customers['customer1']),
'group12':
factories.ProjectGroupFactory(customer=customers['customer1']),
'group21':
factories.ProjectGroupFactory(customer=customers['customer2']),
}
self.users = {
'owner1': factories.UserFactory(),
'owner2': factories.UserFactory(),
'manager1': factories.UserFactory(),
'manager2': factories.UserFactory(),
'manager3': factories.UserFactory(),
'admin1': factories.UserFactory(),
'no_role': factories.UserFactory(),
'staff': factories.UserFactory(is_staff=True),
}
customers['customer1'].add_user(self.users['owner1'],
CustomerRole.OWNER)
customers['customer2'].add_user(self.users['owner2'],
CustomerRole.OWNER)
project = factories.ProjectFactory(customer=customers['customer1'])
project.add_user(self.users['admin1'], ProjectRole.ADMINISTRATOR)
self.project_groups['group11'].projects.add(project)
for user, project_group, role in self.all_roles:
self.project_groups[project_group].add_user(
self.users[user], ProjectGroupRole.MANAGER)
def test_user_can_change_name_of_project_group_belonging_to_customer_he_owns(
self):
self.client.force_authenticate(user=self.users['owner'])
for project_group in self.project_groups['owner']:
payload = self._get_valid_payload(project_group)
payload['name'] = (factories.ProjectGroupFactory()).name
response = self.client.put(
self._get_project_group_url(project_group), payload)
self.assertEqual(response.status_code, status.HTTP_200_OK)
updated_project_group = ProjectGroup.objects.get(
pk=project_group.pk)
self.assertEqual(updated_project_group.name, payload['name'])