def test_owner_can_view_other_users_in_organization(self): self.client.force_authenticate(self.users['owner']) customer_permission = factories.CustomerPermissionFactory( user=self.users['owner']) customer = customer_permission.customer factories.CustomerPermissionFactory(customer=customer, user=self.users['other'], role=CustomerRole.SUPPORT) response = self.client.get(factories.UserFactory.get_list_url()) self.assertEqual(len(response.data), 2)
def test_task_revokes_expired_permissions(self): expired_permission = factories.CustomerPermissionFactory( expiration_time=timezone.now() - datetime.timedelta(days=100)) not_expired_permission = factories.CustomerPermissionFactory( expiration_time=timezone.now() + datetime.timedelta(days=100)) tasks.check_expired_permissions() self.assertFalse(expired_permission.customer.has_user( expired_permission.user, expired_permission.role)) self.assertTrue(not_expired_permission.customer.has_user( not_expired_permission.user, not_expired_permission.role))
def test_customer_permission_deleting_is_not_available_for_blocked_organization( self, ): permission = factories.CustomerPermissionFactory( customer=self.customer) url = factories.CustomerPermissionFactory.get_url(permission) self.client.force_authenticate(user=self.user) response = self.client.delete(url) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_dont_sent_notification_if_change_owner_other_field( self, mock_event_logger): factories.CustomerPermissionFactory(user=self.user, role=CustomerRole.OWNER) token_lifetime = 100 + self.user.token_lifetime self.user.token_lifetime = token_lifetime self.user.save() self.assertEqual(mock_event_logger.user.info.call_count, 0)
def test_sent_notification_if_change_owner_email(self, mock_event_logger): factories.CustomerPermissionFactory(user=self.user, role=CustomerRole.OWNER) old_email = self.user.email new_email = 'new_email_' + old_email self.user.email = new_email self.user.save() self.assertEqual(mock_event_logger.user.info.call_count, 1)
def setUp(self): self.users = { 'staff': factories.UserFactory(is_staff=True, agreement_date=timezone.now()), 'owner': factories.UserFactory(agreement_date=timezone.now()), 'not_owner': factories.UserFactory(agreement_date=timezone.now()), 'other': factories.UserFactory(agreement_date=timezone.now()), } self.customer_permission = factories.CustomerPermissionFactory( user=self.users['owner']) self.customer = self.customer_permission.customer factories.CustomerPermissionFactory(customer=self.customer, user=self.users['not_owner'], role=CustomerRole.SUPPORT)
def test_customer_permission_updating_is_not_available_for_blocked_organization( self): permission = factories.CustomerPermissionFactory( customer=self.customer) url = factories.CustomerPermissionFactory.get_url(permission) data = { 'is_active': False, } self.client.force_authenticate(user=self.user) response = self.client.put(url, data) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_user_cannot_grant_permissions_with_greater_expiration_time(self): expiration_time = timezone.now() + datetime.timedelta(days=100) permission = factories.CustomerPermissionFactory(expiration_time=expiration_time) self.client.force_authenticate(user=permission.user) response = self.client.post(factories.CustomerPermissionFactory.get_list_url(), { 'customer': factories.CustomerFactory.get_url(customer=permission.customer), 'user': factories.UserFactory.get_url(), 'role': CustomerRole.OWNER, 'expiration_time': expiration_time + datetime.timedelta(days=1), }) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_notification_message(self, mock_event_logger): customer = factories.CustomerFactory(name='Customer', abbreviation='ABC') factories.CustomerPermissionFactory(user=self.user, role=CustomerRole.OWNER, customer=customer) old_email = self.user.email new_email = 'new_email_' + old_email self.user.email = new_email self.user.save() msg = mock_event_logger.user.info.call_args[0][0] test_msg = u'Owner of Customer (ABC) John (id={id}) ' \ u'has changed email from [email protected] to [email protected].'\ .format(id=self.user.id) self.assertEqual(test_msg, msg)
def setUp(self): permission = factories.CustomerPermissionFactory() self.user = permission.user self.customer = permission.customer self.url = factories.CustomerPermissionFactory.get_url(permission)